1db2353a4ad46febcc25d8ce53f8ed471f7da8b5e99efc582a27afabdbc17c0cfa4f859752473cbc95e2f73b98a3a435491f88484a1dd21570c75a9c7b3708089d79d31ec57a1b4010", 0xfffffdef}], 0x1}, 0x0) recvmsg(r1, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001480)=[{0x0}, {&(0x7f00000001c0)=""/93, 0x7ffff000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000001ac0)=""/4096, 0x1000}, {0x0}], 0x9, &(0x7f0000001540)=""/54, 0x36}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001a00)=@base={0x12, 0x1, 0x4, 0x3ef, 0x110, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5}, 0x48) perf_event_open$cgroup(&(0x7f0000002c00)={0x3, 0x80, 0x4, 0x32, 0x81, 0x4, 0x0, 0x1, 0x4000, 0xf, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x9, 0x10000}, 0x50270, 0x6, 0x0, 0x7, 0x1c000000000000, 0x0, 0x2, 0x0, 0xffffffff}, 0xffffffffffffffff, 0xa, r0, 0x5) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000000e40)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000ffffffff2e640500000000007502faff07cd02020404000000247d60b7030000000a00006a0a00fe000000008500000026000000b70000000000002995000000000000001da5ad3548ebb63d18db6a1c72821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5ca080000000000000071f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a37f3b6907b38b40ac1e538865d486575a9e180b5a18ed786b783ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75bb32935f542127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45577c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3087301643baab1c95bb22cedd913b22dcaa1d7ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90acbba0ef73097ee12d3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea12b1e03951ed32810c823e0a5ea102baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b2ccabbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b775152786118384eebd5fc19928ceb713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe9396fca7dd99c0a0125ff8c18119a6926083f4a2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa387a8077927a1ad367c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7699452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67cbb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153088ba3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600000033125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82dc568ca30aea9a1d097f06f11d6fffe7abfa3312d87686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7d3c4a76a5be180bb830cf06827c3f38a9c9c580c732cd49b0c65b4f37243e5aea3be0be330aaceda78b0297de35a922b1375b129655beb31899e26052cc216f86514b0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39a25458520a9ca9876771005c9f81846459ae6d5baa4f028a6939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0cabc3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000000000000000000000000000022b37a8fa5538040379d70b5a3f0528d62e374874bc7a3e915093dc858db68dae4fd8238075480db53f4f2ecb10eadc99e2e4ad8c7241dc583470396b816710e01149081e17cf004e1d60dbc4dcf07bbf39c3645d4b4defe2182aefed027545153fab46c680d2a324d884e7562752a58b6275e0aa8e13fec43d4d3294a4a156f6f66a79f7f93c1962806e44e69cd4177940127f5bdca3da76b9b3aa2582dcd6c05f358ba0a940e22af0d775b79d4f4021fd21c6578866c99db631fe978ab7c82194e24301194dee85dade49a0faa70b989945657e680ffd5e2c2a6a82d84c512d864a20d9d5981ab0cee20b16f0efa9a854fe518349a08fc8b6b199e0b080f11aad876ce66abfdb90e0fb01cc2ad890038f328a06e0fc1a58c955bafa70d0000000000000000bdbd12e1d8b708b6c0ef8d7f3f0dcfb62132b1ee9fe61f4d9afd3aef1a0fa811bf01494857c893ef3b9e184790262178b238343776c12b1c46cccaec0da75fef39e61490eda15d0c7ea4db67b3659d7ce87ab49242a2634195328121ea216f8c179d5756d79f209b0f6b4a6d24d5acf9819b5f9bcdb84e35e5b6817ea2c8b7752fae87d4f4ff0b90b8e86a8af610922e97e4360ac23bed0764d4eda6e9ed591f9a83ff3506947de7361b4f7b0e38144f6f69ff73"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000)={0x0, 0xc00}, 0x143}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0x5, 0x4}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r3, &(0x7f0000000300), 0x0}, 0x20) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000002c80)=ANY=[@ANYRESHEX, @ANYBLOB="0ca764e1168c78303f75dc6e942cae9f05b8d29698635a6374a2c24911cb794b8e480279422d821bf0e7dc0528b0e330e6a27aebcc12df20babd81ee4000", @ANYRESDEC, @ANYRES16, @ANYRESDEC, @ANYRES16], 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000002f00)=@bloom_filter={0x1e, 0x7fffffff, 0x0, 0xfffffff9, 0x2, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x5, 0x3}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002b40)={0x0, 0x5, &(0x7f0000002bc0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x34, &(0x7f0000000100)=""/52, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x1, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xa, 0x7fffffff, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0xffffffffffffffff]}, 0x80) 14:48:17 executing program 5: perf_event_open(&(0x7f0000000700)={0x0, 0x80, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(r1, &(0x7f0000001a80)={0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000000300)="20acdf653847c266a5edf92aeec9a47b954df1ad8c87e4fd401051e41bb3ccaafd4445e4719e95c9818169d815b0a01b278b4b99b6fd8880fbb030aca9d657bc6e6c94fe574bfe908bc2dbf1e585d85e704c670106907cefdd1a52243f0c3ad8589d319892f70db6f7c97a27a535b91196976330a5947027c18894a0f75ac8148f1178728cd71bf0d84bcb963a8353cf1c21965f0bb2ee0e0c33d4e7cdbafd4a7579794747c893ff5fd6143c23b022a04cc51cd04aea6e20eec5b9ecc9ca3824b761e95bb00765beea9d77cb51995a8d90883a76c9e0506d647857dac090f085777b965d645e1972732c4259fec036293851d32c02a2e547d7ca75390683b420618e528c46d6385116dffe97ad03f5b9524b5854464ae543061499e379cd123064af957272515888c88efca19f95c799e1f872de9fde96df8c3d2c8022873f3fd04a4f9f69b3de0f6e3d49edaea86e6232fb3eab48de02dc59220c7b51ca142bb894cbfb9f6c25700502dce2173497b6e8d7e636be934fda4ab8fa8ab73fc069dce0692e941097eb2497ace679715e2dd97fd0e8a0f1d373180964fb2eb18cd518db9f6e6922d1b5ee067be9564632aeee5bf988a08c76d4a982b052e537d95c35e562d2d8f268a94b0e66fc93c54585c4b15c94be62649e5e03775ab53c9def178bff8542d0b8b75290a3804a61777a59fec9e3223b5827e628ef7c07c30a20fd7de8d928c67f1f0435763285dbd61c6eb43ab9cd85276551089ba2e7196b13251b6eab22ecbce72012ecf439b9078f12d2e01051e6c7d8191a3b9cdfb82df20729c353f27751180e0c70331b01137c1c1a127e405cf64f530f06fade25948e0f126076f30a44a8c9534dfa45f645a978aa4158838469658057e7f796e3df94fa2ebb57d5545cd15cb491103b585ae7f427791f2b1d91939c544456bcd12ecd996e7d28339f825f35f4fb4980070ffd2280dca6fee512aed0412abaf5901f8a4b1ff48c7fad436d9d24aa56889e4970f39915086749192931dfae5d565cdad5963d23e86bd9533ce92a99b1dd090cba11aeea0a3831dec5eb2677703b47acecf4d24611abb53ab7fefb64122c2a6357e61a4d33c396e76de4be223ffcbeff8e7d570feac033431203c8d4ed3b41a7fc9c6092378b7259216077ecac85293e7e0aa830456f6a593a045b74395d16e26643db56c6f6d7be29e2844576b7cf22750a6fa7585478ad0c2f52a6b4fed3dee7da6766a7c1d84e4bbd6336c6c85827aa580d1cb3a9db0d31f47df8878d5d7cc08d6d0c5b366c33e90f8835b4977a972b3244c7e2d30a2d00d1e642f2fe2a3460c9d719c606367bdb82416f4c139432c791ed7c7c12245617b1ac2442ef8d4708613155b320cf878e2698af6195480825505cc7aa18ff353dc1ddc528ceb589b3546725c4da3f4d6c464e25c8626adf2496b11c542c09e7cdcb6610cdb76df69a48ed5ae69e2189e43aae4e4a4a0686983d48ec26252b40327b4abab6054243c43fdaebce4d25d1a2167a238a29d931be879be5d5084429abb103f8370efca4977dd48c5280c7923f63f3d87bfc6736dfe42cb57e8c75f6c35f58b7cb518eeb9029442974de7cdefe14cbf48dcd69e60403481288937ec06e5da958707fd0e7397d391d6d9a70b4264b2f1ad840ba5084e951c0ffd3888442f57fbb50b6aaf6b44644c2073ec95a810fd7e1201793b94372294e0cd14adf452fcf3cb443593eab72d345ff017b8ad76e99a4ba25ce2242361d882b077ca1e443b7a8eabaf030fc4dc97cf3c8a993d192063381fafc832322d28f58635d9f82604197a5cf726801a572581b3a3fb7b70ff621065ed6f841b93c7ada94e28f2709e404d6e994767a315351546f3e5571112aa71112df17da0162c357a8a162bbccaf2c01943693426c71a51d06e70915d22974337fbae89869c4e63808bb7f903bc80605a55fbf1cfa325f781574e2db828198b489511c69e8392feaa8218fe1c7e9b830cf75658364957f9efaec9f20e64956dd99bd4ef2e2ad7e8cd8f3abb882bf6977ee222194604017b7d692b166c73bf67220d8200123ed9d1780ecd58ad3b58bdff3f67b93aad8d10fe51f959ca86596050c6a0497b88e87efdb0ead7f5567203118a28eb0af4278be973a65b06c786c3f64511c624015ac4ffef6a964b8d5f832ac2e5d4cfb3b98958fdf3921c4cf8eaa3a023af9ef21ef6b3f9057696433381094a5de59730fef9aaa1c70b5bfb8469a1ef1b9c7d7f9fd6954a47b174ed65376c79c936b4126279e97f50da809f1788f6b735b29f489c6d226edb5d57be3f72ba075553086c4aa855a929fb93f8912510b2cf8fc65e65884a455a75e263c389df7cc155b44d4077d0f7ac3a55ceb74e2090033ed1e4a6a88e224985124de8164d93e55ccc76e00ff536b330eac5b3b66df240205c015bea42ccd5510bf7e0647000c694a464c627b935eebea55c7435949dafa7edbbd61648da68ef34601d615d5f4a381d0d6fc22608f35f9af6f3f60ec6926780170414b461b7c5b2f27c922ea5b0662a6021deb185877b93b99f510c56571cf7649486adf6e2468f10184d10479adaccd3520f1e7c968c60208ee5ddeb6e71477fc3af6174b00b36d68a2008b4eee079153edc613e7760e1d82584d734abfb53dd07f8afb36776deaa0974701d374009c4ca40012dea4c4cb9dea550198b70f6c009e3e67e9b9a89e4460fce582a7294fb63bc7c2fac6b889ce4e4b7c0ea716be072baf1e71358f5588ec08189d43a05fc467716fec396b7a9811001fc1d6be90ada608bad2fc6fd7b260e1c69f41fc371f8ed3180fa9d89257338f991d76518375360a9c2340b3d30df812ceae5d5e145b5c5b512cc7753d9cde70d324e6852e4f63d4160c48b8b918e72d830efd86b8192718def8824496259aeafa0a5c2a4f431a9dd7eee24b6fc679e90640f81ca847582e8a750bcdce8707913b0810663b5524fc009449bd2d233a07006d679757efbad2317cfb6c2cd9a70752a7b12e1c3da2ebbdbd4b2ee316b4047bd097bbf1d6650f6934573c3d794bd14a3bcd63218cb7e491694708f803ad7efae0f22b1f5c9b495bd79e7961e5df7eee9f497e234d208f6b3e11158fdd4415e70f7ae83de5a5c2a52b1a3e81cd17587b73c7372925978e5e24c1b54f71c4b27675f25c833b32019a5a8c3bf8e9036c0ebe9ba7e38fa33329bf6ecf14caf42a5cae78ba258bf3468460c89d9e48ef0112029b7ca87ee33f7fea7eeb53be01b8ae28f0aef42e4fb73f4a1bf413f47fc6528614bd9c77bd53e6330941c29c6d9bf66354a277b1beaefcc2d83713b220c2c401bfd3da09ace5d4186952cea49cdc85df89e13c3777848b358df82d6c84277026e66807993b01eeaed82b94f5fb9262590957313a28bb43357687c7d8267a69eda00d043940457e8e9d493dc24a504af7e89b99417e9eaef9304a11e7618c35e2f569275a53b2945b8b0be103e66acddca6dbd110143377e24c2e98e82ab75fa7c4b8b8bd70a1f91d9905df1815192cef736484ce25aa6d03e98c5239c6c64b2d845e5d227a9aea54032b7f59e6e8efb5e8ea5d1f57652df078f79d6215713903c536c2503a11b8b9f01d258a50079e55a3fa4110ef522bb955f88465be217a84e7815c9b3709893bb9f2a673d6456594824cdd2a4bd662900c9b98f52c07b86cb5d818aebb5bd13d75ac450bc5ee702260d32e3665fd129b8da6eeac1470016c64b8319f0b8d90d4ed4610149a07366ead9e812eb219fa70f26f512edff69cbf83589b4cd7ffa92680e54e40c22dbb620948555c68cabb895b6bd0455386585b5d23f0bd3d7e33f7b65d6d4cee61fa9c794c59e22c852f90c7b8e5890a39117e0bc31874fcd1f0c3102f444deda688f762b68f1eccd9d65159d77e2ae95f55fa5394f03bb2b614b50ce28f00b8c1a63d59a3bbf86bd57188ce64105ed7d48839330b387dafc3a43e0508d4e278fd80b4eb031c6813df3dd2f871ea3de2cb7a668dcc1fd99f4e77ed6ea56a481835966ce16abc8e9cd1641677b2dcaae0e404013b66db805d7496d15f20668d2088b53127da630bf440bc99da13f4350cd8f10c9f08521175e4e79087e164f065c398f21a59e780564bd7acc8013b90dbed8d4a2b49163f81994d03b2b50bbfcad65af161fa0959fad4c1825e94976e03862f7a35e45201423ce324dc290f6d21d966e23d9a5a6742c9b4c0efe3caf1745f87e00580e695e31a3308bc5caee01c6c921ad63dfd41304006664ad8086bc75793280467efd0634b67739a9799c97b34563d95edd66fda61af44ff1ec9f08deda49ca780fd0fab0030fd94b068f7c9a5b12e14051c4cb126a5f06d9ef0ff99d7a5456ca4c08c090cfcd6d7d789ff560fbbeeca119b45830c516079c1de310f63631bcb3e8c362886266841f70bc293cf99ecec988533e68b640ec8fd837bfe598b7b68e92b9d1cacf9adb7009e443dab2e9407e0194164a19e3d890c472311df477f7376f41e8ae087909e6f7511d54181109609746115e429599e4bab38c682430fc97aa8c5b5cb11372ea49f5d5c73a88f4d641ab7fe55d871cacad624dd2345cb9a6e3966f4d39da10700f865f8aacd357f87af98aedd8b26770e8a8dd7b82c15737189d540da66874c9919cb9882b99d715ac4579b1ed5c3de6bdcec50d390b46085aa14ed0d5866a16c6ab851878a1ee800622a94db90f8b579397230da24bcf22c79181da1e9b520b2ebdea622cf08fbfcc28d66df5e56ad5502735fab090f82bb4d4efc97c25e4209c297f3b6a0bcbf8637f70b9a0ff4cd5256e3961b08cdf8241634f68ac96a179ddffb797f0d777f84513f7d5a7ff21ea23d8110b812bb6127bab990db8e0de2f3555f58a84b29ea2f0590f0eef7ff427a1955f6d942bc767289d1d5abb5887a04d8cbc07cb46aea2c859d057165ec4a22d9ac354d8047989f75909ce6e560532ebb3be87615602482ee90b2cc7f66a34390d35286f4f97e95c73131fce13edb83cd556431aa8d107dcb83aa025cc51be4071c51c8fdee81c35b07947e42b1eceed8fec5b6b6cd4ebbeceddda1ce484a6c5ddf17d968909fcf954645c7e34d54635a55dfc2f5fbfaf06eaa592408348e281db2353a4ad46febcc25d8ce53f8ed471f7da8b5e99efc582a27afabdbc17c0cfa4f859752473cbc95e2f73b98a3a435491f88484a1dd21570c75a9c7b3708089d79d31ec57a1b4010", 0xfffffdef}], 0x1}, 0x0) recvmsg(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001480)=[{0x0}, {&(0x7f00000001c0)=""/93, 0x7ffff000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000001ac0)=""/4096, 0x1000}, {0x0}], 0x9, &(0x7f0000001540)=""/54, 0x36}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000000e40)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000ffffffff2e640500000000007502faff07cd02020404000000247d60b7030000000a00006a0a00fe000000008500000026000000b70000000000002995000000000000001da5ad3548ebb63d18db6a1c72821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5ca080000000000000071f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a37f3b6907b38b40ac1e538865d486575a9e180b5a18ed786b783ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75bb32935f542127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45577c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3087301643baab1c95bb22cedd913b22dcaa1d7ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90acbba0ef73097ee12d3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea12b1e03951ed32810c823e0a5ea102baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b2ccabbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b775152786118384eebd5fc19928ceb713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe9396fca7dd99c0a0125ff8c18119a6926083f4a2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa387a8077927a1ad367c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7699452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67cbb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153088ba3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600000033125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82dc568ca30aea9a1d097f06f11d6fffe7abfa3312d87686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7d3c4a76a5be180bb830cf06827c3f38a9c9c580c732cd49b0c65b4f37243e5aea3be0be330aaceda78b0297de35a922b1375b129655beb31899e26052cc216f86514b0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39a25458520a9ca9876771005c9f81846459ae6d5baa4f028a6939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0cabc3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000000000000000000000000000022b37a8fa5538040379d70b5a3f0528d62e374874bc7a3e915093dc858db68dae4fd8238075480db53f4f2ecb10eadc99e2e4ad8c7241dc583470396b816710e01149081e17cf004e1d60dbc4dcf07bbf39c3645d4b4defe2182aefed027545153fab46c680d2a324d884e7562752a58b6275e0aa8e13fec43d4d3294a4a156f6f66a79f7f93c1962806e44e69cd4177940127f5bdca3da76b9b3aa2582dcd6c05f358ba0a940e22af0d775b79d4f4021fd21c6578866c99db631fe978ab7c82194e24301194dee85dade49a0faa70b989945657e680ffd5e2c2a6a82d84c512d864a20d9d5981ab0cee20b16f0efa9a854fe518349a08fc8b6b199e0b080f11aad876ce66abfdb90e0fb01cc2ad890038f328a06e0fc1a58c955bafa70d0000000000000000bdbd12e1d8b708b6c0ef8d7f3f0dcfb62132b1ee9fe61f4d9afd3aef1a0fa811bf01494857c893ef3b9e184790262178b238343776c12b1c46cccaec0da75fef39e61490eda15d0c7ea4db67b3659d7ce87ab49242a2634195328121ea216f8c179d5756d79f209b0f6b4a6d24d5acf9819b5f9bcdb84e35e5b6817ea2c8b7752fae87d4f4ff0b90b8e86a8af610922e97e4360ac23bed0764d4eda6e9ed591f9a83ff3506947de7361b4f7b0e38144f6f69ff73"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000)={0x0, 0xc00}, 0x143}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x0, 0x0, 0xbf22, 0x0, 0x1}, 0x48) recvmsg$unix(0xffffffffffffffff, &(0x7f0000003040)={&(0x7f0000002ac0), 0x6e, 0x0}, 0x0) 14:48:17 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x3, 0x2d, 0x5, 0x109}, 0x48) 14:48:17 executing program 3: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000280)="e7", 0x1}], 0x1}, 0x0) recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/110, 0x6e}], 0x1, 0x0, 0x2}, 0x0) 14:48:17 executing program 4: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x1, &(0x7f0000000000)=@raw=[@kfunc], &(0x7f0000000400)='syzkaller\x00', 0x3, 0xd7, &(0x7f0000000440)=""/215, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 14:48:17 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x3, 0x2d, 0x5}, 0x48) bpf$BPF_GET_MAP_INFO(0x4, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x10) 14:48:17 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x3, 0x2d, 0x5}, 0x48) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000000)=r0, 0x4) 14:48:17 executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000b40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@enum={0x3}]}, {0x0, [0x0, 0x0, 0x61]}}, &(0x7f00000001c0)=""/176, 0x29, 0xb0, 0x1}, 0x20) 14:48:17 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x8, 0x1, 0x1}, 0x48) 14:48:17 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000ec0)={&(0x7f0000000d40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x1}]}, {0x0, [0x2e, 0x61]}}, &(0x7f0000000e00)=""/185, 0x2c, 0xb9, 0x1}, 0x20) 14:48:17 executing program 1: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000280)="e7", 0x1}], 0x1}, 0x0) recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/110, 0x6e}], 0x1, 0x0, 0x18000000}, 0x0) 14:48:17 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x3, 0x2d, 0x5}, 0x48) bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x10) 14:48:17 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x3, 0x2d, 0x5}, 0x48) bpf$BPF_GET_MAP_INFO(0x15, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x10) 14:48:18 executing program 0: perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open$cgroup(&(0x7f0000000000)={0x2, 0x80, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) close(r0) 14:48:18 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x8, 0x1, 0x5}, 0x48) bpf$MAP_DELETE_ELEM(0xc, &(0x7f0000000280)={r0, 0x0}, 0x20) 14:48:18 executing program 5: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) 14:48:18 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x7, 0x2001, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x80ffff}, 0x48) 14:48:18 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x3, 0x2d, 0x5}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000280)={r0, &(0x7f00000000c0)}, 0x20) 14:48:18 executing program 2: perf_event_open$cgroup(&(0x7f0000000000)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x70000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 14:48:18 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x8, 0x1, 0x5, 0x8}, 0x48) bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000280)={r0, 0x0}, 0x20) 14:48:18 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x3, 0x2d, 0x5}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={r0, 0x0, 0x0}, 0x20) 14:48:18 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x3, 0x2d, 0x5}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000040)={r0, &(0x7f0000000000), 0x0}, 0x20) 14:48:18 executing program 2: r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) fstat(r0, &(0x7f0000000180)) 14:48:18 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvfrom$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000001c00)=@file={0x0, './file1\x00'}, 0x6e) 14:48:18 executing program 4: syz_mount_image$fuse(0x0, &(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000005c0)='./file0\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000600)=""/79, 0x4f) 14:48:18 executing program 3: syz_clone(0x5c06200, 0x0, 0x0, 0x0, 0x0, 0x0) 14:48:18 executing program 1: clock_gettime(0x0, &(0x7f0000000540)={0x0, 0x0}) pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x0, r0+60000000}, 0x0) 14:48:18 executing program 0: shmget(0x3, 0x2000, 0x756b7ff8520f2e18, &(0x7f0000001000/0x2000)=nil) 14:48:18 executing program 2: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000000c0), 0x84440, 0x0) 14:48:18 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000006b00)=[{{0x0, 0x0, &(0x7f0000002540)=[{0x0}, {&(0x7f0000000100)="1b", 0x1}], 0x2}}], 0x1, 0x0) 14:48:18 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvfrom$unix(r0, &(0x7f0000000580)=""/129, 0x81, 0x40, &(0x7f0000001c00)=@file={0x0, './file1\x00'}, 0x6e) 14:48:18 executing program 2: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvfrom$unix(r0, 0x0, 0x0, 0x60, 0x0, 0x0) 14:48:18 executing program 4: r0 = epoll_create1(0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)) 14:48:18 executing program 0: rt_sigaction(0x1c, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f00000001c0)) 14:48:18 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) connect$unix(r0, 0x0, 0x7) 14:48:19 executing program 4: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvmmsg$unix(r0, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x120, &(0x7f0000001f40)={0x0, 0x3938700}) 14:48:19 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvmmsg$unix(r0, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 14:48:19 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0xc82, 0x0) mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x400) 14:48:19 executing program 0: clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000040)={0x4}, &(0x7f00000000c0)={0x6}, &(0x7f0000000100)={0x3}, &(0x7f0000000200)={0x0, r0+10000000}, 0x0) 14:48:19 executing program 5: r0 = epoll_create(0x7) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)) 14:48:19 executing program 2: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000040), &(0x7f0000000080)=0x10) 14:48:19 executing program 0: mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x0) 14:48:19 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) 14:48:19 executing program 2: shmget(0x2, 0x1000, 0x1, &(0x7f0000ffe000/0x1000)=nil) 14:48:19 executing program 5: r0 = epoll_create(0x7) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, 0x0) 14:48:19 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x10) 14:48:19 executing program 3: r0 = msgget$private(0x0, 0x0) msgrcv(r0, &(0x7f0000000040)=ANY=[], 0x47, 0x0, 0x0) msgsnd(r0, &(0x7f0000000000)={0x3}, 0x8, 0x0) 14:48:20 executing program 4: timer_create(0x0, 0x0, &(0x7f0000000100)=0x0) timer_getoverrun(r0) 14:48:20 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0xff11) 14:48:20 executing program 5: get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ff2000/0x3000)=nil, 0x3) mprotect(&(0x7f0000ff3000/0x4000)=nil, 0x4000, 0x0) 14:48:20 executing program 0: mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil) 14:48:20 executing program 3: get_mempolicy(0x0, &(0x7f0000000040), 0xfffffffffffffffa, &(0x7f0000ff2000/0x3000)=nil, 0x3) 14:48:20 executing program 1: mremap(&(0x7f0000ff3000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000ffe000/0x1000)=nil) 14:48:20 executing program 2: creat(&(0x7f0000000000)='./file0\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x129380, 0x1e0) 14:48:20 executing program 3: creat(&(0x7f0000000000)='./file0\x00', 0x0) open(&(0x7f0000001140)='./file0\x00', 0x40000, 0x19a) 14:48:20 executing program 1: timer_create(0x5, &(0x7f0000000140)={0x0, 0x34, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000180)) 14:48:20 executing program 4: removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=ANY=[]) 14:48:20 executing program 0: open(&(0x7f0000000000)='./file0\x00', 0x80840, 0xc) 14:48:20 executing program 2: creat(&(0x7f0000000000)='./file0\x00', 0x0) setresuid(0x0, 0xee01, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300), 0x0, 0x0, 0x0) 14:48:20 executing program 4: mknodat$null(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xd07156342b5ae038, 0x103) 14:48:20 executing program 5: mknodat$null(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1000, 0x103) creat(&(0x7f0000000000)='./file0\x00', 0x0) open(&(0x7f0000002580)='./file0\x00', 0x0, 0x0) [ 292.348997] audit: type=1804 audit(1658587700.297:51): pid=20922 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2194405460/syzkaller.88frAB/313/file0" dev="sda1" ino=14922 res=1 14:48:20 executing program 1: clock_getres(0x6, &(0x7f0000000040)) 14:48:20 executing program 3: setrlimit(0x0, &(0x7f0000002100)={0x100000001}) 14:48:20 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x149140, 0x0) 14:48:20 executing program 2: creat(&(0x7f0000000000)='./file0\x00', 0x0) fchownat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xee00, 0xffffffffffffffff, 0x0) 14:48:20 executing program 0: creat(&(0x7f0000000040)='./file0\x00', 0x0) setxattr$trusted_overlay_origin(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x1) 14:48:20 executing program 2: creat(&(0x7f0000000040)='./file0\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20b00, 0x0) 14:48:20 executing program 3: creat(&(0x7f0000000000)='./file0\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x800c0, 0x0) 14:48:20 executing program 5: timer_create(0x4, 0x0, &(0x7f0000000180)) 14:48:20 executing program 4: creat(&(0x7f0000000000)='./file0\x00', 0x0) lsetxattr$trusted_overlay_redirect(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x0) setxattr$trusted_overlay_redirect(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200), &(0x7f00000001c0)='\x00', 0x1, 0x2) [ 292.497072] audit: type=1804 audit(1658587700.357:52): pid=20928 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1367050951/syzkaller.0LHFUO/377/file0" dev="sda1" ino=14890 res=1 14:48:20 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000440)={0x1, &(0x7f0000000040)=[{0x6}]}) openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000080)) 14:48:20 executing program 4: io_setup(0x9137, &(0x7f0000000100)) openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) 14:48:20 executing program 1: openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2640, 0x14d) 14:48:20 executing program 0: creat(&(0x7f0000000000)='./file0\x00', 0x0) newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0/file0\x00', 0x0, 0x0) 14:48:20 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) recvfrom$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 14:48:20 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 292.660715] audit: type=1804 audit(1658587700.607:53): pid=20959 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2194405460/syzkaller.88frAB/316/file0" dev="sda1" ino=14918 res=1 14:48:20 executing program 2: mkdir(0x0, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) writev(r1, &(0x7f0000000440), 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) unshare(0x6c060000) 14:48:20 executing program 1: mq_notify(0xffffffffffffffff, 0x0) io_setup(0x9137, &(0x7f0000000100)) 14:48:20 executing program 3: syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000700), 0x0, &(0x7f0000000800)={[{}]}) 14:48:20 executing program 0: mkdir(0x0, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) unshare(0x6c060000) 14:48:20 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r1, 0x10}}, 0x90) write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000200)={0x1, 0x10, 0xfa00, {&(0x7f0000000100), r1}}, 0x18) 14:48:20 executing program 1: r0 = syz_open_dev$mouse(&(0x7f0000005500), 0x1, 0x40040) syz_fuse_handle_req(r0, &(0x7f0000005540)="5ee145aca704a61192b0e7bdfca70d35ee759ae788686ff2f9ecccccaa7da8e614aafbbf5909558b95039294152f72323b6aa5cec34ca719302d159c2679b5782636efa83ff7c96ea95cfe6b06f466cc9a4d4b8f1ad34687b52ee6836a24d262acb097aaef79b8f972e0c0ace27ffadbfbf1fd8f194b24bbf43b119937dc17ddfaf6eb90a280ccb1a104b99463caf42350a17a1ab6208bfe1febf0a8b72f8ba693d980094340f09eb870c8b34bde9ddb17afedea767ebcc5ef47d6c002f8243b6d0ee4f5b0f00b675ff1065df8b1f9da9c1a7e1576c11c9aa217c0f28fa710b6815aa653d6e4b56adb453f91757556bcdd663f403855f3316f49a97d208e0a17367aed1795dc2c37d93209ce5bc5db909350164e75f11c850c6212727f1093ad84b0e6229b6e980e039fe8fad17aba427e859076283ee4e1611c031433d56e20b79f92c6080928dc937035690952389dd3a835c1fbc42fe78148afef7529450fcd3f5df4a73c161a3e76fef4347d4e4e4f760e7ddab46e37f10c749d5104f20388a2b8118b018034314e08fc8abc9e5932989ed98d0dedd09ef8b5cde406914179f4c71ff2ffd72762b3fa590057279b27045541d90596ce971ef3f3656dc8fc9bac5e79767467e59e263605400ed610b8bed660a99d29815771b6a1adaeab00883d693e1038a5894de9871cca052542b68c6d453070898078c24c00b67ad797e017614ac87e5d6bc888187c1a211ebd11e66168f7aac7f19bd7eda05fceebf085795c8904075568aab025d539b4f38055543db1fc4741611ea4e6178e10567a9639fa5c57619384d9ea50aa6c27821b2c25bddcb5bdc7bb88ee8a485daaa9977f1954ddc6a1d6c2986805ac96835f33856826e65c172e0f070b43a871dd6463f84a3668862f3f043a84a089cdc3372e6d2d717c5d321ab16146ea2f753f34c4902240ddd1577b962c9d63bbc24bd32c8fc484e1f238868c554936657dd3bad44cbeae44bb91fe09af57cad6735f48c3ed983c77c59a2f5b20b0bf6de257ecd106a44e78e0764eca8610061a6ba1d2fba20257205f9b36c4743d923f4b55abb81c3695b085200f41f0407598de5355ee46cd01d7c985444cb39e491a743f5d8ccbf6db1158021227e3a135e55258a8880a048fd34a20a1f8806aa3b57d4a6b75dbfca81495b2b21da65e365b8de4cc33e1d57932b24a9203cd82687138763fb895193c52b8e1f5a1ee91bde50e383a3ce79668cacee327e324aada84bc2a30e3e46b8ac254f52531aeef0514222b1fe3e889c15ea66a11a1213e98d45e3be3eecdfff47985850ead2197aff382addd086cc6e33ca2003ffcdedc8cd9e5075aa16bedb92c1d0853c502533d6be3cc21094b5b3c89f82ac8f01523f51cdb6662d066a6aac77845ce61aa29ad4a2a80b01f6aa57edc85cd46ecc23bdeea21fde34bf06922491f36c299776f97929673f1d3bd71786eb61cefa75fe434da06a750f09ba447774c306ae372e9a389284b50164aa25685ae81836a999a42e294fd5931c574429f0befa9eee108876ebba28c21014841d8841f332adff35eedd5647bac4a422042b10fb65a8be5ff82925734519ff68234fc80d39079db311cb4fa29c0b6441f6cd1244cd1934a801439b0ab8638221d870a955644d59507932478a6b61ce2e619bf39efea8b72e804fbe05610148adba9364d41969cabe00c9e2b445c21c1a3aade79c2d764e488225c443be00992d315434b175ad045fcae48472f1a5481c3c3b8382e0374b5adc3e01294d0fed72207f993f630a79558238a5e444141ab834f330164738926f7a135f429720f744a1482a6c218e2aed5146550483e926cb53300b5259fff2abba83a4f6b3d89d71c0c117c8b8b94315785e0141c57ba981a37fbfd4b0a7b9fb4ae8466f9fc341c94a13b41b41e2c7347d2c3665ba85797f9c7f99461246b558b3d402b53c27a4c1ae9c7f55b69f9d50073c2efe300477b08da360ea7b732aec184755d8233c44517698c731ccc3b37fffd5ea4268682e036b33abcb2fda30cf19578f0ac878b96159863523dbd6df4e3217b3b99ec2a51dc948a2cee2f275991ee45d9682cf2898b718d055ce7823f69454d8d281f4c9454280b687dc649d6591eda682a17a415df6a2ecad94f410d890cfec40161cff250a78d084018c75689dbd06766b00725e7254f73fe434f1600dca890959560c8a1671dd66cc46c1f1ab8e087599399cef5ad5dc9a53ac3f447960e9c1fd1e3339e9551e0dd36b4417c8105913486fc3874a00442e90e465989d5ab67b2e9655666b4d7fddb2b8dc306de46b53a191ad006afe3e83bc008a03091e5911bee67c1c3671932d9ce539c5e28be12062da29e00b65bba79405175905582cf8f47a706e522593661fed4c2a5bba0ebc628cfc4b8bbd26de792f002f9c6faf49df7c9acd8c6a81aacc9a36c777579b08c38e3ac85d9145ebc670a597645e96e991e7111f55d96d9d7f0310354a2f6f8136041691c5ebe62ad535b516a7e97801e47fa8a2e9fa31db465c12a1285ec55d415ecab9b86f4ce9fddc3a763270615c48872aad0c59e124a6327d8385d21e4719f2733dee4b335303d0a68ce63ff10a1ae145d92aee58bcd1af070b827a9a26d1ea8063b9828481084cb0d6406e049d275317f87a8a269b573353dfabfc9d5dac15eb06be85b9a16beda63d86c2e8ff3cc85cf03066408873aebc3486ae050cfa5c684cdd5e3a5bd6d00aa223f3ddb69c0c6bdd5fbb4a7c4f4df052314bc7bcbc3633ca820640d548e721c956921fc941ebfc88bb24f339152e77b3f3af24db71843e495a0bc0483a59ea3e039655cb0d4b3eb86bbe8bc15ef15cbddeca36ba25d63887b82d0b2a613273100b2471c7e9640781c561b715f505f4ce6e26f4407aadd0f2292f1e1da2159a44c8ec18542ff67c94026b3e3fec7375496a8006e42b711fd1c5dcbfbf9cda2911e86ea4904bd337c5ce94d30fb7a136487a8cb2a2745c3f4c7c078bfdb0f277a7cb6ecaa043c10f8adc9a16960d8db54e9356e47fad99b19a5d71ba0ac0589351aa34f5f6a3a8a001789bec75f83def51bb8f388228c9b7b7d61d00a434a2f325a57060021b2d865191fb5c1db72ae7c2c28d0716166f93a5eda3d9eb60a4d69dacf7c6e65311ac9f1801e3f39e25178fadc1e5c15aeeec5786e9a8af49af3170d24cb0d3c1ed9074bafd395d2d642fccb9e4c6b8a5372b3a2e27561fd6664a62160bb32b24a6448abd5b831b07bd5cdeca19e0d444d5af933efc3020450525813e0d60c3bd157b6d6cbac9eaa7d8ed01ac53e4ebe25aceca25585704a0821ad9a7f179a8cb3c8075ab237a2eb2bd0f633147efeaa452750db1a4cfa8357cb7de21f28ea7122d0f2946bdd2d249c393a00690cc0c0f0e8ac7fa297404624803f7cef4b32cf6d846bde44e96603d4dec2923c87c1fe926e68e4cabeef0469ebac581ac8943637e92d2a62ed9d2433bbe75a03fa731ecab914fd4268c646a78012830d71a2e793e580e30143f311eb484828a4a55730c4e186b24c1a34fd144529e4296b12299b7df1ccdc7722c4e05e3c81ed759ab302a3a7dd2e559002d381653b0979b52c501148af568a3a55dc6b87bbdedb87f616860d690fe30dbf22986b360e9d322b0416e5ab82235555ebcb9292052e8d247eb5ed5692cf304448206e0a8022ef22711032a88b119a5f60d4ff993debb9f8f03c44892b65deb5125cd1a97b31fc94eabe43a6f68cab4ae2a3b260526330954e32f285854cb74f7d4186c9c1ef4ec027b928d3328595077d7916e87c5e8de9e16ba1c9a93fe234a665fc487c868b7e320eca5231fbba6917ce72542445f0dafa2bb1eda321c8ac4cad389e46adfeb02fc367dd9eabc99e21fb6948f1546c7c82ad8b58fea1f0f89b2062eb78041091bbc4f80f711379b7db0961e2d7b28e9ec416fb539ce7ba6df413b89388ed964d8c67bcc793f03103b150ae8d0c7bdb1b258b6f22edf44045a3464657384d40b810df778d874f1df0119b9248556bb3e119ca8e54460c17ef4903d8b75d136aacfe86009c2928a1068745ec0d56ecac439525b2151dec0e00c307f65f556f9d035d39e71a425c15598bdf49734888754aefe4f1336af890fb9d3ab793365f9e01ec0508be3224f635dd4e5b4c070fad736c145c7e58a2d09e282b1396ff17eb41b2e9c554004b2a0e049d9911c77b30d1a582e9e59e2b7e113595b1917d0eb613aaedc01ccbd04665e687ada1ab076eef99db420975dff2ed1e617759932424d900ed8ccf4165a5c5d65eb39e733903a2ff24a8c3ce6017e3a388617cab6ce9c588f2415d40390bed29db6ebb8dfc0c6106a065ff2f5936d884c4d3bbffaf626f01a66e7066e0062c8deb6eebfc8f7e05999792c4a8bb4d31363b7fbcb467944e5f0b966bcb69d1f84d8585c62cf7c66d4fa6632ff2ba2b7588ec81f6870c18fc54ddd4099f5842eb6c4bc2d43adc65b48a6aa2f7fd501c38f1f71658107bb47a60d58f7356bf4e7cc72fcdbdc2c4841cb6d95b9a8d62693e554c59dc6ef7311f849fbce78ff201317327c55181b80fdc7df773f0b9df013d6ad6471442c3101a8fe929df714a7661b5e8f503f4ada405459d724568821fc4a76c506f90f9c896a9c2ae758f0be770673549f4b7210d0644a2b7350f24994c2bd3a72f24ffb836b1ca76dabf88c92fb116dd86c19c46e4f139e0e47f08e6589b6179b4698cad3b246d7d04aaf9f758d4ee0cc5106b2be51c8cfe6d1257d8a24cf0d7e7f00c2039c992a603d72173293b981e576f420659655a5e335285d6c50b05180eb4c34453d50c6df61f23bedcc536798d7162283d87c4ffc1fee09de532b3a2fa227b94769402f729471a412ed3843f6bc3c35cce44ef29d5806daf977fa0e72ad02c7082a3b67685c32f69f083425ab0c81a3ac74437b4dad49ef3c5396a861ac11fbc6c156511b64dcf388c1db4498f9db80effff811c93d80146139c6c7b2c6293af910a4d5ba56a5eb7fd1303b8587e3e6d34aa0640061860aa109b7bcc490ca362c0ef0af6b7813a329ee9c4e56eaa55d05db99aaf15053e99ffc563a75b9578aff1d1b155abb4c66eccdf490225bcd77c46166777f2e39de716ba4c479fe935452cd3a85c40d2b71caf00ff8e4b21f3af205d72557564ef0516b29d14cac458088f4ca6b89e6d5e7300a179c1a60ac0244bf33a0b9d4f56fc43a198f2783cd3d229e4f63466a1040c2bd1a09f9f8aa0802e0d26c69fe5944c78695341f3d25712bbd9db5af43e5265fc1c05661322979ac02906e56840eea4f1dc0438e1bce0178ea419405432168a5f10fb3fc1f727d346d7b85d0e066a072a83330c5a0a51326ed58ef47252277e0e4369293df0e6b0656b66e8e807d39c0d496cdf274fb05df2d366edd0f81a921d3861cc4e021c7fe0b862fbb09783779d7431d92832bb6f6047e27a21607c9f4fe7bb669c09397df58e44f7be2ed48a15382fb8931e846e2508c5dc06fdcb0d4e4b0341ffc1f73b8ace8ade6c646c044782a82fb34ad92960ead44c15fd2e1fb72c8f23d5660b3cf9c82c8a38a753b60f611b2e2a33b7fc48b8713fb69647afd031ad5d02e468b9efb6e26347bd7aa7591ba8888facaad94ac0b42a9dc159be881088aab036d9b17816380ead7a1518710235131ad767ea70cd96fd058cffca69285692a944e41e9f52a4da3f34d0fbbc13b3f6613c8c9d6848cfe2a4294898dbafc39fd01e6720775dfe6475e002befdae2a94fa6a6169531ce2ecab1771c3204fa31ca7428a77a1298840c16fecdfcb88bf7b8e6dbe889546c918497fd00f9452bec177e140ba6fe163755323a78f3cbc63e7c930b8cb8843e9e9611ce6d19d18f18837d18cb9182c49cbf567a7dba9c9174c4da323b72a95c54260a6970aed0c6816da081b37e2fb9aea5153972de41ad4eab84d16fc0eab1ed83ffe161f96596440ea02affe13af2f6323537d5e691d794d47372a948c97132236ffda29a759aaf4a9835cca37bc162a8e8cc66f702524526f093e68fd1eced77b0bee16b9eac4dc1ddbfbb2deabd8344d5b88426b021bcfce7d160e0295870a7c4340fbcd5db2528001bdbaab8e0e6ec83875c1022ef1b771283023f952b8f3a3c746fedb03153eb69205229259024b2d9abc63a0258885d88859191cbb6add73d7fa4befc7c78073b54105604da3d81fb387fa92c75e18ccc913ae8ffdd6d5c87ba1b5d3a6e5a0d8afe01d36ef2cd2f135b9f31b0af818d7e82e7e8c7f191ac40ff9c5130a96664e6922046f8d9175d9e31d347e1fe6904895787b7ec576bc4acef2e6149f8071f3f2cb0b8b52a2dc0713882c58c612f75f6f70d506d88c3661ee61ccaa6c5e790e3e73b56317767f87a20321ac50885d3e83acbcb50b082b27bcac7d9cff49fab87a4638312aa9067fcfc2fd77d418ef0fd5d7446a4fea8ecb940a5973195f1db4363605c4e5f9cec7f6ea9a1676e642ff2bdb077a60b8ac3021f7fdd28ad9a2ed4bd9a8393160656eb9e0b701111630151d7d75ef295607d72c64258bf7b731c9bda6f86cc095a91243d3b75fa2be29bdff53a94d2f2f4701684c62aa55672f3633e98b0c8e624cb6ca399f63fd3ae00b3a19333a18dcd7ea62f9da43bf269f5a625fd0a815c0db89b0efc54dd28625d30df2b74a39a6daf5a9f2b2863de05d718950e75de13ac9dff15d2fa2778749a1abbd534e753b04f9ede526454a4e49c9ec28890150a4819e09c90a96c2b9ac1c32f69d4a2859d6251eadf12e1466636659ba8fb850f55a7ebee9919771ea0147cf7754e45003e90495ef5856db1503f1bfd3ebf49ab20de249f37476ed67a755dfcbc39dd70730cea12092f3c06a90c55bf612c4908a4739f7916723f6dc48ac2cb3d7c70709dc705ccf99a2c6ee340b11d05b20c75ea363606ed027a6c786afdfcba98df3cb12ec533ea11512f53e2b7ab9ff385c9ef880772a4e919c0cd8576756e2ddc4820514fcc915a2783cf172105cac8d3c630972a6c599ffcc44ff28b47b7b8c12f333b384fcdf8c1553f9da15125205ee11c68e7ca4857ae555ac268538e0e534b7034481a731d5881860f982c9f4437a472d39b2e100303d622631f76ab5081b6a699197cfdd152d2808163f36662bdc9e32ba43532b1015a5aff9dfd439542e0c402871a5fe3018e3def412da02a7862c0afc8dc1471e68d374726295dac380d114fb43159de0d56676e5c8942eda13568ed2d1c3cde27c1ea8137217ac1eccbbb203e5752e676cf195c3f265e401710d88ac3359476ebbb5fd0ae3553baa0b5629386eb9e2ea87c47bbde6e5908e87c29309d7ed5417fb54f46a0682345ff108ce197775fcd86a3efa2431108f143e29f0bff4b4cb27b9a8510ff0854bd5e4443b35d6cc5191b7fe0ebdcface73c21bb0576873b5c824a3e10f92ebf60813535132edadf4edbe1148be01010446e47806ece7e200a2f1069239a13b5030d1f52328f328c25bf57ddbd8891c812cbc9f6f41a805c1db09b52fb1508f6819fd2b694dcadf5d968f07217394ac7321a8ff8ec3286a04776b8628489b2662977e38b26f7e1b307916db29c609aec972a68026f1ec54dac5f9a8183a8db66df5733ea7cac7fc2f2e149e08501cd02d0fc14273a70ed760c9f516e38643a474934055a121d9b8bb02383bea7bdddce49d55d1939722be230cf522e1a5b89a9826895b79035296ae015818b1a4f601946c5ea3841c5aadf98f3b5b2ea27d708d7971e1a9a4c8e8e569115eeb462df4ba6133388a79ba4a7f4f8583daded88783adb0734a858b528506e7789698bb32df8bc1f2db68a592870ebe8ba6cf336f3ee09f04d946a9894c3836b02dc34f6bf43407129c4d855cc8cf104560572030d5425befca978165fe93203952d11285bfb6fb098451080326fbfbe9d999c712aac66d2933d6dd9b776cf8f185c0753a6aaa4bf10c5d9d8e2e444f493e494cb50f5b295d19307eda262d987a398c2df4192bbf666a4bfffabd20787f9d964d60656fe09544fab15eba725822f624b3f3deed0610f579fdfe2aa18f6f8310a52b892caa771147c88c8c30536c814e2f0b88495bf248a61f8f64d5c332a9e8d670c3813819c3b273bd84605e44b76dd8cbc0a49a5a6c6cda6d6fc124713f998b71bf5b26a5dc0165486927cbdd4fb94d31907c19e9a3d80450a3f4bc36cf3700ee78de9c4ee462dff5501db29e2de9d03c6082c33e10c891f63bb7d2cbc11ccba42952784ac5e9ba4a65e43ef1213d51eeb4976e0c37330b373e13370138e5bd188dd31a5c3c720f0cf0e50d44a7daaadb599f4e64061bc8ee4e68638b3b26fbc57b3c9f6f19ff866fea23b22b21b755dde1bbea889eb14630a52fe2c83b9a0b961e064728a4251b4d914c37a9e32242c0821e6f6f587d64c5d625f8807b914b169b5d15b88063953e77417cb9359ccf6e9e3facc168fdaca34285e87ba71ef49cf0fb8803bd10924ebd8963cb92c6c8f37094c3bbb0d299d487898741cb0b124d5f10fa3b7c4625956f980d0eed0d66701f152cba3cfecf88456e4abd72f843d55819d792ecf67ea261fc1d7debc548a55ac772206b4f10c9848b78e140ab6a6da5d2647cd2d9b1775f5d16ce01ff1176055c8af2b470243999fb6819d009c4d59c651ab891c285903e159bcda9f4188c944fd5e5b4e204961baf60a403db39d9bbe8a427babf9505267528914e7a92e009725f2bbcaf4c5f2f0a69228241f83b204d9bb520202744d3c56945994e1fcb5d191fcb89bc3842499d260143ba34fd96ff47a3362618ec22df178e40e0dbb5b0d74e12161df1b372b68abaf27251ceb9c79cb601d7c7d2d0daf011f7c5031db8b061f24fbd1b5f6f36090161d0273e63612a18b662314456dfac8d668efee13a5521efb56a444046ff07902f8238ff9cb98c4e02058b5bc8a8dacbfba1f3cc2eb40c10390c85e378353eb756b2461c2682d145e2defc9539e2c0204f19672b02402cc0e9bd47113873ce46578d60d0c13bf2670429c89d5155c8b7c31d3b5551b64ebe8096133994fa5c5af4bad2915b209eba5894e754a3ce4d9e9de407aa5c8f26b4e04ca5d0cd0930e9be1a1ebc3281bd151576e9b2336dfb9a5fd430acd29e49d2e83b5755580ad6a22b46569d9e67755c4d88c9292746d1dddbee859e8cd5535dbeff145754966a42b53cb656f2504668119c7debe724e1bc625850437aa4402b7748187d02c3a32bac035b21240fe906276afaacab96dfec23a490b94cd2d072961b28177a4f50282eb1a58a4e400db2535a98bb91c3b84d3ceee0d72f398ae53baeb8cdd1a12471daf04ef4c7a6b7b930db4b336cec00c18e2fb5b6a0ea3e92287cb3741eb1249b2b5156b63c0c8ba9170f52b6b94582ab53cdfd8fe5fde63f65d3a21e0bac034bb016f2936f29493bb50f488525a26838204d502d58dd50fa09696e6be01caf8e39f841bd8cb0fbf99ea1b4052dd3c742d8cf802418cd84719549a083adab77db9424b9cd11ed46eb957dcb956af3c8809643d2faed644d3a4e421ed4c897fae5a915b8418730fd1e1d54043adc7d27b8bd482cbfc9418bf3075dfbace65047640e6a8370811659705b9e8cec326c093c79cbcea83a43cb62c25fbd3449d198139668a227b8947616a8aef75ae681dda108fa7766518c6223c0550e1b722c7eaacf8ebdaa9ebbff9ccd037189a8d1b31c36ee0df7a529a907664c2aba6965ed62a1a55e1927db02e4f469c10a53cb3e9b1a2a42910b6dfc31035b5fa9b5c0e5b23d8cbd9a49623be844e13f6ac6d677fefdb3d321477b3972483ae2b0ba6469ceea665976b03a1333d9060ea85ea04cee97911353fdb981d5b6e5c2fc88fc2a1ed0499041501b24889b6dd701d976534af8df7a0b7350abd781b8a7509fb75ecd3b68d52e2b7c2e95cf25a6c293063688c9a0b004c0adf5ed5ab324d1341d66d5c2dbf46f318666a179f1102f0ad1eaa7383f07560edae931bbb2e3e4e7190e3482d0596d0faf9018eb8b78e48b1baf73f22c072f0d0be23515bd064be140d482ddcf4169b6a7e473b04e30f54053d8e0f31fc2384eeee766d4d570844d4bfd6f2f921f22079e3fc07260f8d64149521117426eaaebf84d99002c713b59b3e36d5cbfb480d119104f8bac16e16d6e0e12911e63ecd3d4477796fdaf111beb5852ef3ca8aad80f346a4d937e5facbb35e7ee902cfa60fecc4ba09c7a2d59734b784ffe575f50795298e5199c7c421b977decddd9863f464a8a6c4d8be2bddcc21351eb62e924cc9c50d6ca3ddd02f7ff7f0a8b963dfb7c7637ff3d9186ef429470810b5e4cc5cca7948f1ec852b4fb503fa542f00d2cc6080beb1a74cdca82bd8ecbf20c193345b68ebf77485ee8bf99a47855cb46c15cd9de5b0a50417c85f14889ba7d8e600a29ff8919f7d2c9190991cb0a7f1aab429aebd1bbeb174597c7d74b7680435e986f32f561b1b2e05688772aee4a5965c2f0f2102fa532a7e96cf889b97a173f620ef638078767cd2754fc67c416161d433ce09499c7890dec08dd915ec8f2a8c361047b087747e2def78f40ed345dd471069ab6784de7c58a2dd79d4cb944c563e3c0a56196dde8980e6592828f52cd5cba55f434b3524d27cdd50a9a6812e87b2e8f7b9bb842b925dbbfc7350caa546e3ed49bc98af8316cc6d9e5540246681ea05f3e0dd5e0372c312c11945f5bf657a26e7a420b514edf1a308945945028515ea369c22c4e442dcda65e45fd8f79ef1d383756d7e816378cd51d5d83e6c2fff2a90401ccf357b31ebaf949cf4e3c55f774b2bdeb2be02feecc6dcf69b0a111e404dcf1daf5f9203f001652dc9f2e37da1ae5e946a8dbfe8b0b47845b49f905ebec7d9904304e475d6f1480e88723219714a33e5378b891aa32bba92ddcbdf1c6fd2ed58f07ece6dd0bed639707e1803a45e9fb9cc493e04e1721501f3bec0431890baf4e9f2117ab452a0be7a53d130ce3fd26ace081dbf55b254713606bdd9c46020b1620b05b3a6ee36e874bf73fe2b57d1abcc42e0178baec7fefe4b988d88c780a1927a36754b57a025e7345345a50ebb82b3f537294712a68f3bfd548e0877816ce4d6ce65d070e62cbd39662ebbaf0e5a4ea2b06412f91c12f124c063ff3f27523ead005b69760a39b8f533927f1e69588ac35ec239fc64786950ae3ea86838b10a027406f940f6ddc8686a91ddf2f51bfa578a6bf0af2126c1fd4d4c689923e383f686593036112db1ca6d2e436e6ddda80b64f8fe719821f48814d21203e9b111c81b233753d3ac3d92f48ed98a919ecc49fa4ce18727db6e5a040c33fa7abbe7d1b1c5779056ba9850eed0651a8b0d1e6888e00250e942327174c0934eb748e6a17e6c85d2f4b5d20a3a8ce30dfc994241cc928dbbdbc61200f58446dcdf4629fa32590c9a820ddb455c0238f04c5f1eea1d14ef1f2334723d728f50fc2728603d761e83703b9bbb11c8faee4bc2b691b752abb57a17675a44ec4f25756a9386e0ff6c60864ae7b83808aeadbbd7d6d6547a6df9bfb62fa039e03986", 0x2000, &(0x7f000000c340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 293.037052] IPVS: ftp: loaded support on port[0] = 21 [ 293.057525] IPVS: ftp: loaded support on port[0] = 21 14:48:21 executing program 4: syz_mount_image$btrfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, &(0x7f00000005c0), 0x0, &(0x7f0000000680)) lsetxattr$security_evm(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140), &(0x7f0000000440)=@v2={0x5, 0x0, 0x8, 0x0, 0x3c, "a9f511758ffd070dd8c6454ee392894ea913aeb9497b8ca158e98e6421f715c8d91f783eb8647729b83cd3c425ecc6aa39e80a8e0100d4d075a62360"}, 0x45, 0x1) socket$inet6(0xa, 0x0, 0x20) ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, 0x0) 14:48:21 executing program 1: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) getsockopt$inet_mreq(r0, 0x0, 0x0, 0x0, 0x0) [ 293.232927] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 293.371891] UDF-fs: Scanning with blocksize 512 failed [ 293.493070] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found 14:48:21 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @any, 0x8e9}, 0xe) r1 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r3 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r3, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r3, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r2, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7fe68ca0000000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r1, @ANYBLOB="3bf81bb9f1"], 0x20000600}}, 0x0) socket$unix(0x1, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xfd}, 0xe) sendmmsg(r0, &(0x7f0000001000)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 14:48:21 executing program 1: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x0, 0x141101) dup(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) [ 293.652048] UDF-fs: Scanning with blocksize 1024 failed 14:48:21 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @any, 0x8e9}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xfd}, 0xe) sendmmsg(r0, &(0x7f0000001000)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000006c0)='T', 0x7502}], 0x1}}], 0x2, 0x0) 14:48:21 executing program 0: sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) dup(r0) write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) sendmsg(r1, &(0x7f0000000a40)={0x0, 0x21, &(0x7f0000000380)=[{&(0x7f00000003c0)="2f9a", 0x2d2c}], 0x1, 0x0, 0x0, 0xc12}, 0x4) [ 293.697153] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 293.725802] UDF-fs: Scanning with blocksize 2048 failed [ 293.767845] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 293.789816] UDF-fs: Scanning with blocksize 4096 failed [ 293.808255] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1) 14:48:22 executing program 2: r0 = add_key$keyring(&(0x7f0000001a40), &(0x7f0000001a80)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) add_key$fscrypt_v1(&(0x7f0000001ac0), 0x0, 0x0, 0x0, r0) 14:48:22 executing program 5: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000dc0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r1, 0x1c, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}}, 0x90) 14:48:22 executing program 4: shmat(0x0, &(0x7f0000ff7000/0x2000)=nil, 0x4000) r0 = shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x5000) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5000) shmdt(r0) shmat(0x0, &(0x7f0000ff9000/0x2000)=nil, 0x7000) 14:48:22 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000dc0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r1, 0x10}}, 0x90) write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000200)={0x1, 0x10, 0xfa00, {&(0x7f0000000340), r1}}, 0x18) 14:48:22 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000040)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r1}) 14:48:22 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x8914, &(0x7f0000000080)={'ip6gre0\x00', 0x0}) 14:48:22 executing program 3: io_setup(0x0, 0x0) io_submit(0x0, 0x0, 0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) pipe2$watch_queue(0x0, 0x80) syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_GET_ADDR(0xffffffffffffffff, 0x0, 0x2800) sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x5c, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'pimreg1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'vlan0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) io_setup(0x3, &(0x7f00000006c0)) openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000700)='/proc/asound/card0/oss_mixer\x00', 0x4c300, 0x0) 14:48:23 executing program 5: sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0xfffffffffffffffc) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = socket$inet6(0xa, 0x3, 0x3c) socket(0x5, 0x0, 0x0) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) sendmsg(r2, &(0x7f0000000a40)={0x0, 0x21, &(0x7f0000000380)=[{&(0x7f00000003c0)="2f9a", 0x2d2c}], 0x1, 0x0, 0x0, 0xc12}, 0x4) rseq(0x0, 0x0, 0x0, 0x0) rseq(0x0, 0x0, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000080)={0x0, &(0x7f0000000040)}) 14:48:23 executing program 4: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) syz_open_dev$sndmidi(0x0, 0x2, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000140)={@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2}, 0xc) r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x29}}}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878354}, 0x9c) 14:48:23 executing program 2: syz_mount_image$btrfs(&(0x7f0000006c00), &(0x7f0000006c40)='./file0\x00', 0x0, 0x0, &(0x7f0000006d80), 0x0, &(0x7f0000006dc0)) write$FUSE_CREATE_OPEN(0xffffffffffffffff, 0x0, 0x0) [ 295.101318] audit: type=1326 audit(1658587703.047:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=21088 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f63e5c4a209 code=0x0 14:48:23 executing program 2: r0 = fanotify_init(0x0, 0x0) fanotify_mark(r0, 0x1, 0x20, 0xffffffffffffffff, 0x0) 14:48:23 executing program 4: sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = socket$inet6(0xa, 0x3, 0x3c) socket(0x5, 0x0, 0x0) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) sendmsg(r2, &(0x7f0000000a40)={0x0, 0x21, &(0x7f0000000380)=[{&(0x7f00000003c0)="2f9a", 0x2d2c}], 0x1, 0x0, 0x0, 0xc12}, 0x4) 14:48:23 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x6) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) 14:48:23 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000001940)=@base={0x5, 0x0, 0x0, 0x0, 0x4}, 0x48) 14:48:24 executing program 5: getcwd(&(0x7f0000000000)=""/230, 0xe6) 14:48:24 executing program 5: clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) select(0x40, &(0x7f0000000000)={0x5}, 0x0, 0x0, &(0x7f00000000c0)={0x0, r0/1000+10000}) 14:48:24 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380), 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) 14:48:24 executing program 1: r0 = syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x421, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_mmap}, {@mmap}, {@access_user}, {@fscache}]}}) 14:48:24 executing program 3: add_key$user(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffe) r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000300)="bd", 0x1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000200)={0x0, r0}, 0x0, 0x0, 0x0) 14:48:24 executing program 2: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) 14:48:24 executing program 4: r0 = syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x421, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_mmap}, {@mmap}, {@access_user}, {@fscache}]}}) 14:48:24 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'vxcan0\x00'}) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x10) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 296.446979] misc userio: No port type given on /dev/userio [ 296.475768] misc userio: No port type given on /dev/userio 14:48:24 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f00000008c0)={0x150, 0x0, 0x4, 0x70bd29, 0x70000, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x80000001}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x2}, @ETHTOOL_A_RINGS_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x8}, @ETHTOOL_A_RINGS_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x5}]}, 0x150}}, 0x4001) sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20}, 0x4008004) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x10) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) 14:48:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f00000008c0)={0x150, 0x0, 0x4, 0x70bd29, 0x70000, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x80000001}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x2}, @ETHTOOL_A_RINGS_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x8}, @ETHTOOL_A_RINGS_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x5}]}, 0x150}}, 0x4001) sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20}, 0x4008004) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x38, 0x0, 0x800, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xff}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x1}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x200}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x85}, 0x0) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x10) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) [ 296.527340] erofs: read_super, device -> /dev/loop1 [ 296.571718] erofs: options -> [ 296.591996] erofs: root inode @ nid 36 [ 296.612416] erofs: mounted on /dev/loop1 with opts: . [ 296.632521] erofs: read_super, device -> /dev/loop4 14:48:24 executing program 1: r0 = syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x421, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_mmap}, {@mmap}, {@access_user}, {@fscache}]}}) [ 296.653285] erofs: options -> [ 296.659908] erofs: root inode @ nid 36 [ 296.663967] erofs: unmounted for /dev/loop1 [ 296.671287] erofs: mounted on /dev/loop4 with opts: . 14:48:24 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f00000008c0)={0x150, 0x0, 0x4, 0x70bd29, 0x70000, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x80000001}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x2}, @ETHTOOL_A_RINGS_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x8}, @ETHTOOL_A_RINGS_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x5}]}, 0x150}}, 0x4001) sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20}, 0x4008004) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x38, 0x0, 0x800, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xff}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x1}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x200}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x85}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) 14:48:24 executing program 4: r0 = syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x421, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_mmap}, {@mmap}, {@access_user}, {@fscache}]}}) [ 296.775912] erofs: unmounted for /dev/loop4 [ 296.787480] erofs: read_super, device -> /dev/loop1 [ 296.795257] erofs: options -> [ 296.798822] erofs: root inode @ nid 36 [ 296.804131] erofs: mounted on /dev/loop1 with opts: . 14:48:24 executing program 1: r0 = syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x421, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_mmap}, {@mmap}, {@access_user}, {@fscache}]}}) [ 296.876582] erofs: unmounted for /dev/loop1 [ 296.919068] erofs: read_super, device -> /dev/loop4 [ 296.938114] erofs: options -> [ 296.951472] erofs: root inode @ nid 36 [ 296.970988] erofs: mounted on /dev/loop4 with opts: . 14:48:25 executing program 4: r0 = syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x421, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_mmap}, {@mmap}, {@access_user}, {@fscache}]}}) 14:48:25 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 297.001144] erofs: read_super, device -> /dev/loop1 [ 297.014625] erofs: options -> [ 297.019153] erofs: root inode @ nid 36 [ 297.029904] erofs: mounted on /dev/loop1 with opts: . [ 297.082004] erofs: unmounted for /dev/loop4 [ 297.089937] erofs: unmounted for /dev/loop1 14:48:25 executing program 1: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 297.174361] erofs: read_super, device -> /dev/loop1 [ 297.186732] erofs: options -> [ 297.190151] erofs: root inode @ nid 36 [ 297.195676] erofs: mounted on /dev/loop1 with opts: . [ 297.217930] erofs: unmounted for /dev/loop1 14:48:25 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 297.274529] erofs: read_super, device -> /dev/loop4 [ 297.279570] erofs: options -> [ 297.290930] erofs: root inode @ nid 36 [ 297.297333] erofs: mounted on /dev/loop4 with opts: . 14:48:25 executing program 1: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 297.335071] erofs: unmounted for /dev/loop4 [ 297.462766] erofs: read_super, device -> /dev/loop4 [ 297.478335] erofs: options -> [ 297.486733] erofs: root inode @ nid 36 [ 297.501490] erofs: mounted on /dev/loop4 with opts: . [ 297.531900] erofs: unmounted for /dev/loop4 14:48:26 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:26 executing program 4: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:26 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f00000008c0)={0x150, 0x0, 0x4, 0x70bd29, 0x70000, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x80000001}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x2}, @ETHTOOL_A_RINGS_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x8}, @ETHTOOL_A_RINGS_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x5}]}, 0x150}}, 0x4001) sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20}, 0x4008004) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x38, 0x0, 0x800, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xff}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x1}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x200}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x85}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x10) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) 14:48:26 executing program 1: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:26 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:26 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 298.395461] erofs: read_super, device -> /dev/loop2 14:48:26 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 298.417866] erofs: options -> [ 298.421670] erofs: root inode @ nid 36 [ 298.427378] erofs: bogus i_mode (0) @ nid 36 [ 298.448556] erofs: read_super, device -> /dev/loop3 [ 298.455392] erofs: options -> [ 298.458872] erofs: root inode @ nid 36 14:48:26 executing program 4: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 298.464403] erofs: mounted on /dev/loop3 with opts: . [ 298.522835] erofs: read_super, device -> /dev/loop5 14:48:26 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:26 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 298.548834] erofs: options -> [ 298.557064] erofs: blksize 1 isn't supported on this platform [ 298.573019] erofs: unmounted for /dev/loop3 14:48:26 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:26 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:26 executing program 0: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f00", 0x7e, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 298.748486] erofs: read_super, device -> /dev/loop2 [ 298.754212] erofs: options -> [ 298.771112] erofs: root inode @ nid 36 [ 298.777271] erofs: bogus i_mode (0) @ nid 36 14:48:26 executing program 4: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 298.868745] erofs: read_super, device -> /dev/loop3 [ 298.878614] erofs: options -> [ 298.887642] erofs: root inode @ nid 36 [ 298.891910] erofs: mounted on /dev/loop3 with opts: . [ 298.903104] erofs: read_super, device -> /dev/loop5 [ 298.908200] erofs: options -> [ 298.911680] erofs: blksize 1 isn't supported on this platform 14:48:26 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:26 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:27 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:27 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 299.022339] erofs: read_super, device -> /dev/loop0 [ 299.028806] erofs: options -> [ 299.060667] erofs: unmounted for /dev/loop3 [ 299.073357] erofs: root inode @ nid 36 [ 299.102412] erofs: mounted on /dev/loop0 with opts: . 14:48:27 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f00000008c0)={0x150, 0x0, 0x4, 0x70bd29, 0x70000, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x80000001}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x2}, @ETHTOOL_A_RINGS_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x8}, @ETHTOOL_A_RINGS_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x5}]}, 0x150}}, 0x4001) sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20}, 0x4008004) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x38, 0x0, 0x800, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xff}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x1}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x200}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x85}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x10) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) [ 299.172304] erofs: unmounted for /dev/loop0 [ 299.182309] erofs: read_super, device -> /dev/loop5 [ 299.187349] erofs: options -> [ 299.190631] erofs: blksize 1 isn't supported on this platform [ 299.265732] erofs: read_super, device -> /dev/loop2 [ 299.274501] erofs: options -> [ 299.281484] erofs: root inode @ nid 36 [ 299.285998] erofs: bogus i_mode (0) @ nid 36 14:48:27 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 299.310940] erofs: read_super, device -> /dev/loop3 [ 299.326999] erofs: options -> [ 299.331848] erofs: root inode @ nid 36 [ 299.338191] erofs: mounted on /dev/loop3 with opts: . 14:48:27 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) 14:48:27 executing program 5: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:27 executing program 3: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:27 executing program 2: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:27 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:27 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) [ 299.487881] erofs: unmounted for /dev/loop3 14:48:27 executing program 5: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:27 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) 14:48:27 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}], 0x0, &(0x7f0000010a00)) 14:48:27 executing program 3: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:27 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f00000008c0)={0x150, 0x0, 0x4, 0x70bd29, 0x70000, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x80000001}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x2}, @ETHTOOL_A_RINGS_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x8}, @ETHTOOL_A_RINGS_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x5}]}, 0x150}}, 0x4001) sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20}, 0x4008004) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x38, 0x0, 0x800, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xff}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x1}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x200}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x85}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x10) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() perf_event_open(&(0x7f0000000140)={0x1d64c1d2d0c8e6a8, 0x80, 0x3, 0xf9, 0x8, 0xc1, 0x0, 0x3, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000080), 0x2}, 0x101, 0x5, 0x2, 0x2, 0x0, 0x0, 0x9}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r3, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r3, &(0x7f0000000040), 0x2) 14:48:27 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {&(0x7f0000010900), 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:27 executing program 2: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:27 executing program 5: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 299.801529] erofs: read_super, device -> /dev/loop1 [ 299.816653] erofs: options -> [ 299.819978] erofs: cannot read erofs superblock 14:48:28 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 3: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 2: syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) 14:48:28 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f00000008c0)={0x150, 0x0, 0x4, 0x70bd29, 0x70000, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x80000001}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x2}, @ETHTOOL_A_RINGS_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x8}, @ETHTOOL_A_RINGS_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x5}]}, 0x150}}, 0x4001) sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20}, 0x4008004) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x38, 0x0, 0x800, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xff}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x1}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x200}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x85}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x10) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() perf_event_open(&(0x7f0000000140)={0x1d64c1d2d0c8e6a8, 0x80, 0x3, 0xf9, 0x8, 0xc1, 0x0, 0x3, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000080), 0x2}, 0x101, 0x5, 0x2, 0x2, 0x0, 0x0, 0x9}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0x3, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e24, 0x773, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x24}}, 0x8}}, 0xfffffffc, 0x6, 0x0, 0x0, 0x1}, &(0x7f0000000440)=0x98) r4 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r4, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r4, &(0x7f0000000040), 0x2) 14:48:28 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 300.222841] erofs: read_super, device -> /dev/loop1 [ 300.238145] erofs: options -> [ 300.243136] erofs: cannot read erofs superblock 14:48:28 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) 14:48:28 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) 14:48:28 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 300.498167] erofs: read_super, device -> /dev/loop1 [ 300.515140] erofs: options -> [ 300.520663] erofs: cannot read erofs superblock 14:48:28 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 300.653546] erofs: read_super, device -> /dev/loop4 [ 300.669136] erofs: options -> [ 300.675060] erofs: cannot read erofs superblock 14:48:28 executing program 0: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}], 0x0, &(0x7f0000010a00)) [ 300.759726] erofs: read_super, device -> /dev/loop1 [ 300.770038] erofs: options -> [ 300.776597] erofs: root inode @ nid 36 [ 300.780868] erofs: mounted on /dev/loop1 with opts: . 14:48:28 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) [ 300.835000] erofs: read_super, device -> /dev/loop0 [ 300.840045] erofs: options -> [ 300.853716] erofs: read_super, device -> /dev/loop4 [ 300.858851] erofs: options -> [ 300.868913] erofs: cannot read erofs superblock 14:48:28 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) 14:48:28 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0}], 0x0, &(0x7f0000010a00)) 14:48:28 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) 14:48:28 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) [ 300.883996] erofs: root inode @ nid 36 [ 300.888261] erofs: bogus i_mode (0) @ nid 36 [ 300.908181] erofs: unmounted for /dev/loop1 14:48:29 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'vxcan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f00000008c0)={0x150, 0x0, 0x4, 0x70bd29, 0x70000, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x80000001}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x2}, @ETHTOOL_A_RINGS_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x8}, @ETHTOOL_A_RINGS_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x5}]}, 0x150}}, 0x4001) sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20}, 0x4008004) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x38, 0x0, 0x800, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xff}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x1}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x200}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x85}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x10) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() perf_event_open(&(0x7f0000000140)={0x1d64c1d2d0c8e6a8, 0x80, 0x3, 0xf9, 0x8, 0xc1, 0x0, 0x3, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000080), 0x2}, 0x101, 0x5, 0x2, 0x2, 0x0, 0x0, 0x9}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0x3, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e24, 0x773, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x24}}, 0x8}}, 0xfffffffc, 0x6, 0x0, 0x0, 0x1}, &(0x7f0000000440)=0x98) ioctl$VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045613, &(0x7f00000000c0)=0x1) r4 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_REGISTER(r4, &(0x7f0000000040), 0x2) [ 301.016166] erofs: read_super, device -> /dev/loop4 [ 301.021207] erofs: options -> [ 301.054299] erofs: cannot read erofs superblock 14:48:29 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) 14:48:29 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) 14:48:29 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:29 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) [ 301.136689] misc userio: No port type given on /dev/userio [ 301.142818] erofs: read_super, device -> /dev/loop1 [ 301.142826] erofs: options -> [ 301.142883] erofs: cannot read erofs superblock 14:48:29 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0}], 0x0, &(0x7f0000010a00)) 14:48:29 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (fail_nth: 1) 14:48:29 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}], 0x0, &(0x7f0000010a00)) 14:48:29 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) [ 301.272019] FAULT_INJECTION: forcing a failure. [ 301.272019] name failslab, interval 1, probability 0, space 0, times 1 [ 301.286625] CPU: 1 PID: 21566 Comm: syz-executor.0 Not tainted 4.19.211-syzkaller #0 [ 301.290090] erofs: read_super, device -> /dev/loop1 [ 301.294520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 301.294526] Call Trace: [ 301.294550] dump_stack+0x1fc/0x2ef [ 301.294570] should_fail.cold+0xa/0xf [ 301.294588] ? setup_fault_attr+0x200/0x200 [ 301.294604] ? lock_acquire+0x170/0x3c0 [ 301.294623] __should_failslab+0x115/0x180 [ 301.294638] should_failslab+0x5/0x10 [ 301.294652] __kmalloc_track_caller+0x2a6/0x3c0 [ 301.294665] ? kvasprintf_const+0x60/0x190 [ 301.294683] kvasprintf+0xb5/0x150 [ 301.294698] ? bust_spinlocks+0xe0/0xe0 [ 301.294716] ? mark_held_locks+0xa6/0xf0 [ 301.294730] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 301.294748] kvasprintf_const+0x60/0x190 [ 301.294766] kobject_set_name_vargs+0x56/0x150 [ 301.294786] dev_set_name+0xbd/0xf0 [ 301.304493] erofs: read_super, device -> /dev/loop4 [ 301.309147] ? device_initialize+0x450/0x450 [ 301.309171] ? __serio_register_port+0x168/0x410 [ 301.309190] ? check_memory_region+0xcb/0x170 [ 301.315201] erofs: options -> [ 301.315380] ? __serio_register_port+0x168/0x410 [ 301.330616] erofs: options -> [ 301.331712] __serio_register_port+0x18a/0x410 [ 301.331731] userio_char_write+0x245/0x4d0 [ 301.331750] ? proc_fail_nth_write+0x95/0x1d0 [ 301.351988] erofs: cannot read erofs superblock 14:48:29 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00)) [ 301.355941] ? userio_char_open+0x1f0/0x1f0 [ 301.355962] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 301.355979] __vfs_write+0xf7/0x770 [ 301.355993] ? userio_char_open+0x1f0/0x1f0 [ 301.381919] erofs: root inode @ nid 36 [ 301.382412] ? common_file_perm+0x4e5/0x850 [ 301.388564] erofs: mounted on /dev/loop4 with opts: . [ 301.391639] ? kernel_read+0x110/0x110 [ 301.391655] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 301.391670] ? apparmor_getprocattr+0x11e0/0x11e0 [ 301.391687] ? rcu_nmi_exit+0xb3/0x180 [ 301.468141] ? retint_kernel+0x2d/0x2d [ 301.472031] ? security_file_permission+0x1c0/0x220 [ 301.477057] vfs_write+0x1f3/0x540 [ 301.480602] ksys_write+0x12b/0x2a0 [ 301.484236] ? __ia32_sys_read+0xb0/0xb0 [ 301.488283] ? trace_hardirqs_off_caller+0x6e/0x210 [ 301.493293] ? do_syscall_64+0x21/0x620 [ 301.497264] do_syscall_64+0xf9/0x620 [ 301.501050] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 301.506220] RIP: 0033:0x7fa60069e209 14:48:29 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}], 0x0, &(0x7f0000010a00)) [ 301.509939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 301.528824] RSP: 002b:00007fa5ff013168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 301.536529] RAX: ffffffffffffffda RBX: 00007fa6007b0f60 RCX: 00007fa60069e209 [ 301.543790] RDX: 0000000000000002 RSI: 0000000020000040 RDI: 0000000000000005 [ 301.551051] RBP: 00007fa5ff0131d0 R08: 0000000000000000 R09: 0000000000000000 [ 301.558313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 301.565565] R13: 00007ffcccb1771f R14: 00007fa5ff013300 R15: 0000000000022000 14:48:29 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:29 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0}], 0x0, &(0x7f0000010a00)) [ 301.581864] serio (null): device_add() failed for (), error: -22 [ 301.597303] erofs: read_super, device -> /dev/loop3 [ 301.615316] erofs: options -> 14:48:29 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (fail_nth: 2) [ 301.630747] erofs: unmounted for /dev/loop4 [ 301.630843] erofs: cannot read erofs superblock 14:48:29 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}], 0x0, &(0x7f0000010a00)) [ 301.711499] erofs: read_super, device -> /dev/loop5 [ 301.739123] erofs: read_super, device -> /dev/loop1 [ 301.748130] erofs: options -> [ 301.748754] FAULT_INJECTION: forcing a failure. [ 301.748754] name failslab, interval 1, probability 0, space 0, times 0 [ 301.760720] erofs: cannot read erofs superblock [ 301.762712] CPU: 1 PID: 21598 Comm: syz-executor.0 Not tainted 4.19.211-syzkaller #0 [ 301.762721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 301.762726] Call Trace: [ 301.762746] dump_stack+0x1fc/0x2ef [ 301.762766] should_fail.cold+0xa/0xf [ 301.762785] ? setup_fault_attr+0x200/0x200 [ 301.762797] ? dev_set_name+0xbd/0xf0 [ 301.762817] __should_failslab+0x115/0x180 [ 301.762837] should_failslab+0x5/0x10 [ 301.772123] erofs: options -> [ 301.775371] kmem_cache_alloc_trace+0x46/0x380 [ 301.775395] serio_queue_event+0x10b/0x330 [ 301.790717] erofs: cannot read erofs superblock [ 301.790919] userio_char_write+0x245/0x4d0 [ 301.790935] ? userio_char_open+0x1f0/0x1f0 14:48:29 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}], 0x0, &(0x7f0000010a00)) [ 301.798913] erofs: read_super, device -> /dev/loop4 [ 301.799022] ? retint_kernel+0x2d/0x2d [ 301.799043] __vfs_write+0xf7/0x770 [ 301.818147] erofs: options -> [ 301.818577] ? userio_char_open+0x1f0/0x1f0 [ 301.818594] ? common_file_perm+0x4e5/0x850 [ 301.818612] ? kernel_read+0x110/0x110 [ 301.834720] erofs: root inode @ nid 36 [ 301.836012] ? apparmor_getprocattr+0x11e0/0x11e0 [ 301.836043] ? security_file_permission+0x1c0/0x220 [ 301.841314] erofs: mounted on /dev/loop4 with opts: . [ 301.844916] vfs_write+0x1f3/0x540 [ 301.844934] ksys_write+0x12b/0x2a0 [ 301.844950] ? __ia32_sys_read+0xb0/0xb0 [ 301.844968] ? trace_hardirqs_off_caller+0x6e/0x210 [ 301.844983] ? do_syscall_64+0x21/0x620 [ 301.844999] do_syscall_64+0xf9/0x620 [ 301.845018] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 301.845029] RIP: 0033:0x7fa60069e209 [ 301.845042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:48:29 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (fail_nth: 3) [ 301.845049] RSP: 002b:00007fa5ff013168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 301.845061] RAX: ffffffffffffffda RBX: 00007fa6007b0f60 RCX: 00007fa60069e209 [ 301.845072] RDX: 0000000000000002 RSI: 0000000020000040 RDI: 0000000000000005 [ 301.957007] RBP: 00007fa5ff0131d0 R08: 0000000000000000 R09: 0000000000000000 [ 301.964272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 301.971531] R13: 00007ffcccb1771f R14: 00007fa5ff013300 R15: 0000000000022000 [ 301.978878] serio: Not enough memory to queue event 3 14:48:30 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0}], 0x0, &(0x7f0000010a00)) 14:48:30 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}], 0x0, &(0x7f0000010a00)) [ 302.065536] erofs: read_super, device -> /dev/loop3 [ 302.073381] erofs: unmounted for /dev/loop4 [ 302.074156] erofs: read_super, device -> /dev/loop2 [ 302.086138] erofs: options -> 14:48:30 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 302.106299] erofs: cannot read erofs superblock [ 302.111520] erofs: options -> [ 302.116940] erofs: cannot read erofs superblock 14:48:30 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}], 0x0, &(0x7f0000010a00)) 14:48:30 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}], 0x0, &(0x7f0000010a00)) [ 302.223762] erofs: read_super, device -> /dev/loop1 [ 302.239458] erofs: read_super, device -> /dev/loop5 [ 302.240176] erofs: options -> [ 302.256219] erofs: root inode @ nid 36 [ 302.261483] erofs: bogus i_mode (0) @ nid 36 14:48:30 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 302.269501] erofs: read_super, device -> /dev/loop4 [ 302.276830] erofs: options -> [ 302.289222] erofs: cannot read erofs superblock [ 302.298251] erofs: options -> [ 302.306919] erofs: cannot read erofs superblock 14:48:30 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}], 0x0, &(0x7f0000010a00)) 14:48:30 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0}], 0x0, &(0x7f0000010a00)) [ 302.421904] erofs: read_super, device -> /dev/loop2 [ 302.427243] erofs: read_super, device -> /dev/loop3 [ 302.433539] erofs: options -> [ 302.450639] erofs: options -> [ 302.455245] erofs: cannot read erofs superblock [ 302.467374] erofs: cannot read erofs superblock 14:48:30 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) 14:48:30 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0}], 0x0, &(0x7f0000010a00)) 14:48:30 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}], 0x0, &(0x7f0000010a00)) [ 302.565694] erofs: read_super, device -> /dev/loop4 [ 302.572759] erofs: read_super, device -> /dev/loop1 [ 302.575749] erofs: read_super, device -> /dev/loop5 [ 302.591485] erofs: options -> [ 302.597923] erofs: options -> [ 302.619106] erofs: cannot read erofs superblock [ 302.622463] erofs: options -> [ 302.627251] erofs: root inode @ nid 36 [ 302.631476] erofs: bogus i_mode (0) @ nid 36 [ 302.642768] erofs: cannot read erofs superblock 14:48:30 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0}], 0x0, &(0x7f0000010a00)) 14:48:30 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:30 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {0x0}], 0x0, &(0x7f0000010a00)) [ 302.749502] erofs: read_super, device -> /dev/loop3 [ 302.765374] erofs: read_super, device -> /dev/loop2 [ 302.783541] erofs: options -> [ 302.794655] erofs: options -> [ 302.796794] erofs: cannot read erofs superblock [ 302.809493] erofs: cannot read erofs superblock 14:48:30 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0}], 0x0, &(0x7f0000010a00)) 14:48:30 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0}], 0x0, &(0x7f0000010a00)) [ 302.904287] erofs: read_super, device -> /dev/loop4 [ 302.909366] erofs: options -> [ 302.925993] erofs: read_super, device -> /dev/loop1 [ 302.931346] erofs: read_super, device -> /dev/loop5 [ 302.934066] erofs: cannot read erofs superblock 14:48:30 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 302.958747] erofs: options -> [ 302.964314] erofs: options -> [ 302.968001] erofs: root inode @ nid 36 [ 302.978653] erofs: cannot read erofs superblock [ 302.985739] erofs: bogus i_mode (0) @ nid 36 14:48:31 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) 14:48:31 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:31 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {0x0}], 0x0, &(0x7f0000010a00)) [ 303.086209] erofs: read_super, device -> /dev/loop3 [ 303.088908] erofs: read_super, device -> /dev/loop2 [ 303.096453] erofs: options -> [ 303.099829] erofs: cannot read erofs superblock [ 303.110728] erofs: options -> [ 303.126061] erofs: cannot read erofs superblock 14:48:31 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0}], 0x0, &(0x7f0000010a00)) 14:48:31 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0}], 0x0, &(0x7f0000010a00)) [ 303.153094] erofs: read_super, device -> /dev/loop4 [ 303.160763] erofs: options -> [ 303.208212] erofs: root inode @ nid 36 14:48:31 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 303.251225] erofs: bogus i_mode (0) @ nid 36 [ 303.270760] erofs: read_super, device -> /dev/loop5 [ 303.280429] erofs: options -> [ 303.294734] erofs: cannot read erofs superblock 14:48:31 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {0x0}], 0x0, &(0x7f0000010a00)) [ 303.347653] erofs: read_super, device -> /dev/loop1 [ 303.355992] erofs: read_super, device -> /dev/loop3 [ 303.361027] erofs: options -> [ 303.378631] erofs: read_super, device -> /dev/loop2 [ 303.382082] erofs: options -> [ 303.386968] erofs: root inode @ nid 36 [ 303.390755] erofs: options -> [ 303.397725] erofs: cannot read erofs superblock [ 303.408895] erofs: cannot read erofs superblock [ 303.413946] erofs: bogus i_mode (0) @ nid 36 14:48:31 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:31 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0}], 0x0, &(0x7f0000010a00)) 14:48:31 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 303.522361] erofs: read_super, device -> /dev/loop4 [ 303.527304] erofs: read_super, device -> /dev/loop5 [ 303.537359] erofs: options -> [ 303.540698] erofs: cannot read erofs superblock 14:48:31 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x2}, 0x2) [ 303.563515] erofs: options -> [ 303.569702] erofs: root inode @ nid 36 [ 303.580101] erofs: bogus i_mode (0) @ nid 36 [ 303.598537] erofs: read_super, device -> /dev/loop2 [ 303.604601] erofs: options -> [ 303.608436] erofs: cannot read erofs superblock 14:48:31 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:31 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 303.646294] erofs: read_super, device -> /dev/loop1 [ 303.653414] erofs: options -> [ 303.670137] erofs: root inode @ nid 36 [ 303.678222] erofs: bogus i_mode (0) @ nid 36 14:48:31 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 303.695165] erofs: read_super, device -> /dev/loop3 [ 303.720319] erofs: options -> [ 303.724225] misc userio: The device must be registered before sending interrupts [ 303.736484] erofs: root inode @ nid 36 14:48:31 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x3}, 0x2) [ 303.760588] erofs: bogus i_mode (0) @ nid 36 [ 303.779767] erofs: read_super, device -> /dev/loop4 [ 303.791211] erofs: options -> [ 303.797544] erofs: root inode @ nid 36 [ 303.801766] erofs: read_super, device -> /dev/loop5 [ 303.806784] erofs: options -> 14:48:31 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:31 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 303.810018] erofs: cannot find valid erofs superblock [ 303.825609] erofs: bogus i_mode (0) @ nid 36 14:48:31 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x4}, 0x2) [ 303.883035] erofs: read_super, device -> /dev/loop2 [ 303.888080] erofs: options -> [ 303.891317] erofs: root inode @ nid 36 [ 303.895979] erofs: bogus i_mode (0) @ nid 36 14:48:31 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:31 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:31 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:31 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x5}, 0x2) [ 303.983194] erofs: read_super, device -> /dev/loop1 [ 303.988238] erofs: options -> [ 303.991478] erofs: root inode @ nid 36 [ 303.991813] erofs: read_super, device -> /dev/loop3 [ 304.001132] erofs: options -> [ 304.016306] erofs: root inode @ nid 36 14:48:32 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x6}, 0x2) [ 304.037852] erofs: bogus i_mode (0) @ nid 36 [ 304.042260] erofs: bogus i_mode (0) @ nid 36 14:48:32 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:32 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 304.136642] erofs: read_super, device -> /dev/loop5 [ 304.148819] erofs: options -> [ 304.156483] erofs: cannot find valid erofs superblock [ 304.169041] erofs: read_super, device -> /dev/loop4 [ 304.172246] erofs: read_super, device -> /dev/loop2 [ 304.177691] erofs: options -> 14:48:32 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 304.188336] erofs: root inode @ nid 36 [ 304.197811] erofs: options -> [ 304.198444] erofs: bogus i_mode (0) @ nid 36 [ 304.219798] erofs: read_super, device -> /dev/loop3 [ 304.223906] erofs: root inode @ nid 36 [ 304.233887] erofs: bogus i_mode (0) @ nid 36 14:48:32 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:32 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x7}, 0x2) [ 304.238042] erofs: options -> [ 304.243520] erofs: root inode @ nid 36 [ 304.248379] erofs: bogus i_mode (0) @ nid 36 14:48:32 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 304.342196] erofs: read_super, device -> /dev/loop1 [ 304.350225] erofs: options -> [ 304.360866] erofs: root inode @ nid 36 [ 304.361000] erofs: read_super, device -> /dev/loop5 [ 304.374648] erofs: bogus i_mode (0) @ nid 36 14:48:32 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:32 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 304.396280] erofs: options -> [ 304.411396] erofs: cannot find valid erofs superblock [ 304.436143] erofs: read_super, device -> /dev/loop2 [ 304.441184] erofs: options -> 14:48:32 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 304.449180] erofs: read_super, device -> /dev/loop4 [ 304.474666] erofs: options -> [ 304.487672] erofs: root inode @ nid 36 [ 304.495404] erofs: root inode @ nid 36 [ 304.509177] erofs: bogus i_mode (0) @ nid 36 14:48:32 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:32 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 304.531289] erofs: bogus i_mode (0) @ nid 36 [ 304.537033] erofs: read_super, device -> /dev/loop1 [ 304.549593] erofs: options -> [ 304.558042] erofs: root inode @ nid 36 [ 304.577778] erofs: bogus i_mode (0) @ nid 36 [ 304.622860] erofs: read_super, device -> /dev/loop3 [ 304.628153] erofs: options -> [ 304.633108] erofs: root inode @ nid 36 [ 304.637363] erofs: bogus i_mode (0) @ nid 36 [ 304.662741] erofs: read_super, device -> /dev/loop5 [ 304.669757] erofs: options -> 14:48:32 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:32 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 304.685976] erofs: cannot find valid erofs superblock 14:48:32 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:32 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 304.723386] erofs: read_super, device -> /dev/loop2 [ 304.729486] erofs: options -> [ 304.737268] erofs: root inode @ nid 36 [ 304.741448] erofs: bogus i_mode (0) @ nid 36 14:48:32 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 304.839212] erofs: read_super, device -> /dev/loop1 [ 304.845916] erofs: options -> [ 304.849681] erofs: root inode @ nid 36 [ 304.869858] erofs: bogus i_mode (0) @ nid 36 [ 304.879308] erofs: read_super, device -> /dev/loop3 [ 304.890480] erofs: options -> [ 304.899270] erofs: root inode @ nid 36 [ 304.911038] erofs: bogus i_mode (0) @ nid 36 [ 304.923003] erofs: read_super, device -> /dev/loop5 [ 304.927499] erofs: read_super, device -> /dev/loop4 14:48:32 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x0, 0x2}, 0x2) 14:48:32 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 304.941428] erofs: options -> [ 304.943832] erofs: options -> [ 304.948579] erofs: cannot find valid erofs superblock [ 304.970290] erofs: root inode @ nid 36 14:48:32 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 304.988895] erofs: bogus i_mode (0) @ nid 36 14:48:33 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:33 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 305.073221] erofs: read_super, device -> /dev/loop2 [ 305.078370] erofs: options -> [ 305.092437] erofs: read_super, device -> /dev/loop1 [ 305.096447] erofs: read_super, device -> /dev/loop5 [ 305.102663] erofs: options -> [ 305.106918] erofs: cannot find valid erofs superblock [ 305.112604] erofs: root inode @ nid 36 [ 305.116547] erofs: bogus i_mode (0) @ nid 36 14:48:33 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 305.123368] erofs: options -> [ 305.133905] erofs: root inode @ nid 36 [ 305.141098] erofs: bogus i_mode (0) @ nid 36 14:48:33 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:33 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 305.236946] erofs: read_super, device -> /dev/loop4 [ 305.242346] erofs: read_super, device -> /dev/loop3 [ 305.247369] erofs: options -> [ 305.266349] erofs: options -> [ 305.280229] erofs: root inode @ nid 36 14:48:33 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 305.285304] erofs: root inode @ nid 36 [ 305.289396] erofs: bogus i_mode (0) @ nid 36 [ 305.299884] erofs: read_super, device -> /dev/loop2 [ 305.305849] erofs: bogus i_mode (0) @ nid 36 [ 305.310913] erofs: options -> [ 305.316308] erofs: root inode @ nid 36 [ 305.320589] erofs: bogus i_mode (0) @ nid 36 [ 305.376478] erofs: read_super, device -> /dev/loop5 [ 305.381715] erofs: options -> [ 305.385141] erofs: cannot find valid erofs superblock 14:48:33 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:33 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x0, 0x3}, 0x2) 14:48:33 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 305.419270] erofs: read_super, device -> /dev/loop1 [ 305.434810] erofs: options -> [ 305.443548] erofs: root inode @ nid 36 [ 305.450703] erofs: bogus i_mode (0) @ nid 36 14:48:33 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:33 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 305.524951] erofs: read_super, device -> /dev/loop3 [ 305.529999] erofs: options -> [ 305.541541] erofs: read_super, device -> /dev/loop4 [ 305.547730] erofs: root inode @ nid 36 [ 305.557201] erofs: options -> [ 305.567907] erofs: bogus i_mode (0) @ nid 36 14:48:33 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 305.573779] erofs: root inode @ nid 36 [ 305.591203] erofs: bogus i_mode (0) @ nid 36 14:48:33 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 305.661882] erofs: read_super, device -> /dev/loop5 [ 305.666922] erofs: options -> [ 305.670752] erofs: read_super, device -> /dev/loop2 [ 305.683963] erofs: read_super, device -> /dev/loop1 [ 305.688990] erofs: options -> [ 305.692109] erofs: options -> [ 305.695710] erofs: root inode @ nid 36 [ 305.705928] erofs: bogus i_mode (0) @ nid 36 [ 305.713663] erofs: cannot find valid erofs superblock [ 305.720483] erofs: root inode @ nid 36 [ 305.732358] erofs: bogus i_mode (0) @ nid 36 [ 305.745611] erofs: read_super, device -> /dev/loop3 [ 305.753731] erofs: options -> 14:48:33 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:33 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:33 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 305.770366] erofs: root inode @ nid 36 [ 305.781400] erofs: bogus i_mode (0) @ nid 36 [ 305.804375] erofs: read_super, device -> /dev/loop4 [ 305.809414] erofs: options -> [ 305.814186] erofs: root inode @ nid 36 [ 305.818293] erofs: bogus i_mode (0) @ nid 36 14:48:33 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x0, 0x4}, 0x2) 14:48:33 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:33 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 305.979931] erofs: read_super, device -> /dev/loop1 [ 306.012107] erofs: read_super, device -> /dev/loop2 [ 306.020897] erofs: options -> [ 306.035899] erofs: root inode @ nid 36 [ 306.045016] erofs: options -> [ 306.047523] erofs: read_super, device -> /dev/loop4 [ 306.053321] erofs: bogus i_mode (300) @ nid 36 [ 306.054687] erofs: root inode @ nid 36 [ 306.062745] erofs: options -> [ 306.066340] erofs: root inode @ nid 36 [ 306.068525] erofs: read_super, device -> /dev/loop5 [ 306.070577] erofs: bogus i_mode (0) @ nid 36 [ 306.080111] erofs: bogus i_mode (0) @ nid 36 [ 306.084899] erofs: options -> [ 306.089775] erofs: cannot find valid erofs superblock 14:48:34 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:34 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 306.172828] erofs: read_super, device -> /dev/loop3 [ 306.178109] erofs: options -> [ 306.190036] erofs: root inode @ nid 36 [ 306.196195] erofs: bogus i_mode (0) @ nid 36 14:48:34 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:34 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:34 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000", 0x10, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 306.311111] erofs: read_super, device -> /dev/loop4 [ 306.316447] erofs: options -> [ 306.320048] erofs: read_super, device -> /dev/loop1 [ 306.325800] erofs: options -> [ 306.329747] erofs: root inode @ nid 36 [ 306.337611] erofs: read_super, device -> /dev/loop5 [ 306.343792] erofs: root inode @ nid 36 [ 306.347780] erofs: bogus i_mode (300) @ nid 36 14:48:34 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 306.370825] erofs: options -> [ 306.373387] erofs: bogus i_mode (0) @ nid 36 [ 306.379657] erofs: blksize 1 isn't supported on this platform 14:48:34 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x0, 0x5}, 0x2) 14:48:34 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 306.462659] erofs: read_super, device -> /dev/loop2 14:48:34 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 306.484383] erofs: options -> [ 306.488256] erofs: read_super, device -> /dev/loop3 [ 306.495755] erofs: root inode @ nid 36 [ 306.505260] erofs: read_super, device -> /dev/loop1 [ 306.516654] erofs: bogus i_mode (0) @ nid 36 [ 306.522139] erofs: options -> [ 306.528610] erofs: options -> 14:48:34 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 306.541200] erofs: root inode @ nid 36 [ 306.545808] erofs: root inode @ nid 36 [ 306.555631] erofs: bogus i_mode (300) @ nid 36 [ 306.568840] erofs: mounted on /dev/loop3 with opts: . 14:48:34 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:34 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 306.630216] erofs: unmounted for /dev/loop3 [ 306.646349] erofs: read_super, device -> /dev/loop5 [ 306.651383] erofs: options -> [ 306.657182] erofs: cannot find valid erofs superblock [ 306.675020] erofs: read_super, device -> /dev/loop4 [ 306.680340] erofs: options -> [ 306.685191] erofs: root inode @ nid 36 [ 306.689424] erofs: bogus i_mode (0) @ nid 36 [ 306.719098] erofs: read_super, device -> /dev/loop2 [ 306.724889] erofs: options -> 14:48:34 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 306.728539] erofs: root inode @ nid 36 [ 306.734575] erofs: bogus i_mode (0) @ nid 36 [ 306.775189] erofs: read_super, device -> /dev/loop1 [ 306.780315] erofs: options -> [ 306.784223] erofs: root inode @ nid 36 [ 306.789126] erofs: bogus i_mode (0) @ nid 36 [ 306.809100] erofs: read_super, device -> /dev/loop3 14:48:34 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:34 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 306.825396] erofs: options -> [ 306.828721] erofs: root inode @ nid 36 [ 306.834025] erofs: bogus i_mode (0) @ nid 36 14:48:34 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 306.901730] erofs: read_super, device -> /dev/loop5 14:48:34 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 306.925007] erofs: options -> [ 306.938569] erofs: cannot find valid erofs superblock [ 306.960402] erofs: read_super, device -> /dev/loop4 [ 306.966199] erofs: options -> [ 306.969842] erofs: root inode @ nid 36 14:48:34 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:34 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x0, 0x6}, 0x2) [ 306.976553] erofs: bogus i_mode (300) @ nid 36 [ 306.992244] erofs: read_super, device -> /dev/loop1 [ 307.013748] erofs: options -> [ 307.018500] erofs: read_super, device -> /dev/loop3 14:48:35 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 307.022797] erofs: read_super, device -> /dev/loop2 [ 307.024220] erofs: options -> [ 307.039891] erofs: root inode @ nid 36 [ 307.046581] erofs: options -> [ 307.052129] erofs: root inode @ nid 36 [ 307.054015] erofs: bogus i_mode (0) @ nid 36 [ 307.063077] erofs: root inode @ nid 36 14:48:35 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 307.098216] erofs: bogus i_mode (0) @ nid 36 [ 307.100122] erofs: bogus i_mode (0) @ nid 36 14:48:35 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:35 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 307.189696] erofs: read_super, device -> /dev/loop5 [ 307.200444] erofs: read_super, device -> /dev/loop1 [ 307.202561] erofs: read_super, device -> /dev/loop4 [ 307.208222] erofs: options -> [ 307.221881] erofs: options -> [ 307.226384] erofs: options -> [ 307.233213] erofs: cannot find valid erofs superblock 14:48:35 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1", 0x2, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 307.243716] erofs: root inode @ nid 36 [ 307.247858] erofs: root inode @ nid 36 [ 307.252748] erofs: bogus i_mode (0) @ nid 36 [ 307.259707] erofs: bogus i_mode (300) @ nid 36 14:48:35 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:35 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 307.341629] erofs: read_super, device -> /dev/loop2 [ 307.347603] erofs: read_super, device -> /dev/loop3 [ 307.359972] erofs: options -> [ 307.363557] erofs: options -> [ 307.368817] erofs: read_super, device -> /dev/loop5 [ 307.370836] erofs: root inode @ nid 36 [ 307.376258] erofs: options -> [ 307.385899] erofs: root inode @ nid 36 [ 307.388923] erofs: cannot find valid erofs superblock [ 307.394598] erofs: bogus i_mode (0) @ nid 36 [ 307.404246] erofs: bogus i_mode (0) @ nid 36 14:48:35 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1", 0x2, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:35 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:35 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0410000", 0x8, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:35 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x0, 0x7}, 0x2) [ 307.512084] erofs: read_super, device -> /dev/loop4 [ 307.529708] erofs: options -> [ 307.535316] erofs: root inode @ nid 36 [ 307.540913] erofs: read_super, device -> /dev/loop1 [ 307.543974] erofs: bogus i_mode (300) @ nid 36 [ 307.579559] erofs: options -> 14:48:35 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 307.604570] erofs: cannot find valid erofs superblock [ 307.627287] erofs: read_super, device -> /dev/loop5 14:48:35 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 307.649488] erofs: options -> [ 307.657644] erofs: cannot find valid erofs superblock [ 307.675078] erofs: read_super, device -> /dev/loop2 [ 307.686079] erofs: options -> [ 307.707008] erofs: cannot find valid erofs superblock 14:48:35 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1", 0x2, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:35 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 307.744064] erofs: read_super, device -> /dev/loop4 [ 307.749223] erofs: options -> [ 307.767228] erofs: read_super, device -> /dev/loop1 [ 307.773853] erofs: read_super, device -> /dev/loop3 [ 307.778889] erofs: options -> [ 307.780338] erofs: root inode @ nid 36 [ 307.792739] erofs: options -> [ 307.796537] erofs: cannot find valid erofs superblock [ 307.806462] erofs: bogus i_mode (0) @ nid 36 [ 307.834541] erofs: root inode @ nid 36 [ 307.847786] erofs: mounted on /dev/loop3 with opts: . 14:48:35 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:35 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 307.873407] erofs: read_super, device -> /dev/loop2 [ 307.885382] erofs: options -> [ 307.892469] erofs: cannot find valid erofs superblock [ 307.899169] erofs: unmounted for /dev/loop3 [ 307.955238] erofs: read_super, device -> /dev/loop5 14:48:35 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 307.977173] erofs: options -> [ 307.983549] erofs: cannot find valid erofs superblock 14:48:36 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:36 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5", 0x3, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 308.054735] erofs: read_super, device -> /dev/loop4 [ 308.059787] erofs: options -> [ 308.088807] erofs: read_super, device -> /dev/loop3 14:48:36 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x20000042) [ 308.117220] erofs: root inode @ nid 36 [ 308.141912] erofs: options -> [ 308.145160] erofs: bogus i_mode (0) @ nid 36 [ 308.145179] erofs: root inode @ nid 36 [ 308.182831] erofs: bogus i_mode (0) @ nid 36 14:48:36 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:36 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x3c, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f00000003c0)={&(0x7f0000000200), 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0xcc, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x20}, {0x6, 0x11, 0x8001}, {0x8, 0x13, 0x7}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x40}, {0x8}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x1}, {0x8, 0x13, 0x40}, {0x5, 0x14, 0x1}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x4004004}, 0x4000000) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x44, 0x0, 0x800, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_BASIC_RATES={0x1a, 0x24, [{0x6c, 0x1}, {0x1}, {0x24}, {0x1, 0x1}, {0x12}, {}, {0x1, 0x1}, {0x12}, {0x2, 0x1}, {0x6}, {0x1b, 0x1}, {0xcf}, {0x9, 0x1}, {0x48, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x6c}, {0x62, 0x1}, {0x1b, 0x1}, {0x16}, {0x4}, {0x6d}]}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x5) getsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000400), &(0x7f0000000440)=0x4) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) [ 308.207248] misc userio: Invalid payload size [ 308.221707] erofs: read_super, device -> /dev/loop1 [ 308.226767] erofs: options -> [ 308.246781] erofs: cannot find valid erofs superblock 14:48:36 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 308.264193] erofs: read_super, device -> /dev/loop5 [ 308.271675] erofs: read_super, device -> /dev/loop2 14:48:36 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 308.307757] erofs: options -> [ 308.311170] erofs: options -> [ 308.319175] erofs: cannot find valid erofs superblock [ 308.327699] erofs: cannot find valid erofs superblock 14:48:36 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5", 0x3, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:36 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 308.403283] erofs: read_super, device -> /dev/loop4 [ 308.408483] erofs: options -> [ 308.412529] erofs: root inode @ nid 36 [ 308.423698] erofs: read_super, device -> /dev/loop3 [ 308.424829] erofs: bogus i_mode (0) @ nid 36 [ 308.428724] erofs: options -> [ 308.437225] erofs: root inode @ nid 36 [ 308.444058] erofs: read_super, device -> /dev/loop1 [ 308.445685] erofs: bogus i_mode (0) @ nid 36 [ 308.449081] erofs: options -> [ 308.450015] erofs: cannot find valid erofs superblock 14:48:36 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:36 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:36 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 308.575370] erofs: read_super, device -> /dev/loop2 [ 308.578226] erofs: read_super, device -> /dev/loop5 [ 308.585791] erofs: options -> [ 308.599576] erofs: cannot find valid erofs superblock [ 308.616752] erofs: options -> [ 308.627893] erofs: cannot find valid erofs superblock 14:48:36 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 308.674759] erofs: read_super, device -> /dev/loop4 [ 308.679890] erofs: options -> [ 308.684514] erofs: read_super, device -> /dev/loop3 [ 308.694734] erofs: cannot find valid erofs superblock [ 308.698444] erofs: options -> [ 308.706256] erofs: root inode @ nid 36 [ 308.712814] erofs: bogus i_mode (0) @ nid 36 14:48:36 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x3c, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f00000003c0)={&(0x7f0000000200), 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0xcc, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x20}, {0x6, 0x11, 0x8001}, {0x8, 0x13, 0x7}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x40}, {0x8}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x1}, {0x8, 0x13, 0x40}, {0x5, 0x14, 0x1}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x4004004}, 0x4000000) (async) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x44, 0x0, 0x800, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_BASIC_RATES={0x1a, 0x24, [{0x6c, 0x1}, {0x1}, {0x24}, {0x1, 0x1}, {0x12}, {}, {0x1, 0x1}, {0x12}, {0x2, 0x1}, {0x6}, {0x1b, 0x1}, {0xcf}, {0x9, 0x1}, {0x48, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x6c}, {0x62, 0x1}, {0x1b, 0x1}, {0x16}, {0x4}, {0x6d}]}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x5) (async) getsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000400), &(0x7f0000000440)=0x4) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) 14:48:36 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5", 0x3, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:36 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:36 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 308.794979] erofs: read_super, device -> /dev/loop1 [ 308.810591] erofs: options -> [ 308.823002] erofs: cannot find valid erofs superblock 14:48:36 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 308.886385] erofs: read_super, device -> /dev/loop2 [ 308.944187] erofs: read_super, device -> /dev/loop5 [ 308.951784] erofs: options -> [ 308.960761] erofs: read_super, device -> /dev/loop4 [ 308.967304] erofs: cannot find valid erofs superblock [ 308.972918] erofs: options -> [ 308.979679] erofs: cannot find valid erofs superblock [ 308.987317] erofs: options -> 14:48:37 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 308.995452] erofs: read_super, device -> /dev/loop1 [ 309.014584] erofs: cannot find valid erofs superblock [ 309.023738] erofs: options -> [ 309.027263] erofs: cannot find valid erofs superblock 14:48:37 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:37 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 309.060755] erofs: read_super, device -> /dev/loop3 [ 309.077133] erofs: options -> [ 309.087159] erofs: root inode @ nid 36 [ 309.100847] erofs: bogus i_mode (0) @ nid 36 14:48:37 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 309.196254] erofs: read_super, device -> /dev/loop5 [ 309.201574] erofs: options -> [ 309.205304] erofs: cannot find valid erofs superblock [ 309.254739] erofs: read_super, device -> /dev/loop4 [ 309.277688] erofs: options -> 14:48:37 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:37 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:37 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x3c, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f00000003c0)={&(0x7f0000000200), 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0xcc, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x20}, {0x6, 0x11, 0x8001}, {0x8, 0x13, 0x7}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x40}, {0x8}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x1}, {0x8, 0x13, 0x40}, {0x5, 0x14, 0x1}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x4004004}, 0x4000000) (async) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x44, 0x0, 0x800, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_BASIC_RATES={0x1a, 0x24, [{0x6c, 0x1}, {0x1}, {0x24}, {0x1, 0x1}, {0x12}, {}, {0x1, 0x1}, {0x12}, {0x2, 0x1}, {0x6}, {0x1b, 0x1}, {0xcf}, {0x9, 0x1}, {0x48, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x6c}, {0x62, 0x1}, {0x1b, 0x1}, {0x16}, {0x4}, {0x6d}]}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x5) getsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000400), &(0x7f0000000440)=0x4) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) 14:48:37 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 309.307212] erofs: cannot find valid erofs superblock [ 309.324774] erofs: read_super, device -> /dev/loop2 [ 309.329991] erofs: options -> [ 309.344053] erofs: cannot find valid erofs superblock 14:48:37 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 309.430831] erofs: read_super, device -> /dev/loop5 [ 309.431456] erofs: read_super, device -> /dev/loop1 [ 309.441457] erofs: read_super, device -> /dev/loop3 [ 309.450859] erofs: options -> [ 309.459102] erofs: options -> [ 309.471494] erofs: root inode @ nid 36 [ 309.473172] erofs: options -> [ 309.482943] erofs: cannot find valid erofs superblock [ 309.486703] erofs: cannot find valid erofs superblock [ 309.498103] erofs: bogus i_mode (0) @ nid 36 14:48:37 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:37 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:37 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 309.633680] erofs: read_super, device -> /dev/loop4 [ 309.636692] erofs: read_super, device -> /dev/loop2 [ 309.666301] erofs: options -> [ 309.677432] erofs: options -> [ 309.694475] erofs: cannot find valid erofs superblock [ 309.695213] erofs: cannot find valid erofs superblock [ 309.726901] erofs: read_super, device -> /dev/loop5 14:48:37 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 309.749709] erofs: options -> [ 309.759838] erofs: cannot find valid erofs superblock 14:48:37 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:37 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, 0x0) [ 309.875084] erofs: read_super, device -> /dev/loop1 [ 309.881909] erofs: read_super, device -> /dev/loop3 [ 309.887391] erofs: options -> [ 309.902489] erofs: options -> [ 309.907038] erofs: cannot find valid erofs superblock [ 309.920560] erofs: root inode @ nid 36 [ 309.931531] erofs: bogus i_mode (0) @ nid 36 14:48:37 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:37 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:38 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x858}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) sendmsg$NL80211_CMD_SET_PMK(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0xa0, 0x0, 0x8, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x40000, 0x6a}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "dfdcca6279f652e288ab365db0bf4fc0"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_PMK={0x14, 0xfe, "0dffb7678944f1c7ad5c4f15d3e3a32c"}, @NL80211_ATTR_PMK={0x14, 0xfe, "627101006ebf721df01c3333344f142b"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "4d93ea8db7518412bdcd6bfeec986689"}]}, 0xa0}}, 0x20000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b00), 0xffffffffffffffff) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000900f9010000040f000000080098d4ec32", @ANYRES32=r6, @ANYBLOB="24007a8014000100657d80ac82ddf3fbff6dac563e4e370c0c000300647d027bca665fda"], 0x40}}, 0x0) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="f8000000", @ANYRES16=r5, @ANYBLOB="00022cbd7000fedbdf25120000000600ed002501000006001201eac00000ba00ac00853043aea7550af2a30cf603f16b35614ea943a8e559335c5a1c7c33ffc44f99f1e5ce9b2885c511ca96c286abbd9a7f7c6c0ddb3cdbd6fbf1d46f37d6a7aa0f0b835d57434bb14eab70eaea645a1c850bc818cb9bc689e46f9f96f46bbf8b6bb119b781f9c774305295675fde4551f49280672c24000000000000372695c71c8475545c3bfe8c0c8127f26f0000dd633c4a360edf5fff39c44c319107e69218e46cab4810219d03d49feee385d0babe6f48ed62edab2c608a89000005001900000000000800bd0000040300", @ANYRES32=0x0, @ANYBLOB="ed895d99723577542d714875f5ec43d80b08cb55429f7496e652a85a1aadc3648c14f7cbf6331ec3915a0a425fb9709b697bbf3855ac421d7164"], 0xf8}, 0x1, 0x0, 0x0, 0x84}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="44000000d9cf93f5694bfc750d436daaf45a14ebec3798e97bf150be4286678c97e3eea161cc0ac95b44586a8e481e8c6454eed9e41cbaa058efdfdc2696629290f7daf80fdec7bec54309089bd50020d82fecd3a81072dad7898f6e31ef4fda597ab26a7daacd", @ANYRES16=r4, @ANYBLOB="010000000000000000004f00000008000300", @ANYRES32=r7, @ANYBLOB="24007a8014000100657d80ac82ddf3fbff6dac563e4e370c0c000300647d027bca665fda"], 0x40}}, 0x0) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r4, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7ff, 0x78}}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x40010) [ 310.035600] erofs: read_super, device -> /dev/loop2 [ 310.041153] erofs: read_super, device -> /dev/loop4 [ 310.056928] erofs: options -> 14:48:38 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, 0x0) [ 310.077842] erofs: options -> [ 310.090562] erofs: cannot find valid erofs superblock [ 310.104288] erofs: cannot find valid erofs superblock [ 310.209301] erofs: read_super, device -> /dev/loop3 [ 310.218056] erofs: options -> [ 310.228183] erofs: root inode @ nid 36 [ 310.243252] erofs: mounted on /dev/loop3 with opts: . 14:48:38 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:38 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:38 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 310.260112] erofs: read_super, device -> /dev/loop1 [ 310.272654] erofs: options -> [ 310.283911] erofs: cannot find valid erofs superblock 14:48:38 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 310.369279] erofs: unmounted for /dev/loop3 [ 310.432811] erofs: read_super, device -> /dev/loop2 [ 310.450842] erofs: read_super, device -> /dev/loop4 [ 310.456476] erofs: options -> 14:48:38 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, 0x0) [ 310.478937] erofs: cannot find valid erofs superblock [ 310.490047] erofs: options -> [ 310.505618] erofs: cannot find valid erofs superblock [ 310.524521] erofs: read_super, device -> /dev/loop1 [ 310.529571] erofs: options -> 14:48:38 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x858}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) sendmsg$NL80211_CMD_SET_PMK(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0xa0, 0x0, 0x8, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x40000, 0x6a}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "dfdcca6279f652e288ab365db0bf4fc0"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_PMK={0x14, 0xfe, "0dffb7678944f1c7ad5c4f15d3e3a32c"}, @NL80211_ATTR_PMK={0x14, 0xfe, "627101006ebf721df01c3333344f142b"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "4d93ea8db7518412bdcd6bfeec986689"}]}, 0xa0}}, 0x20000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b00), 0xffffffffffffffff) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000900f9010000040f000000080098d4ec32", @ANYRES32=r6, @ANYBLOB="24007a8014000100657d80ac82ddf3fbff6dac563e4e370c0c000300647d027bca665fda"], 0x40}}, 0x0) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="f8000000", @ANYRES16=r5, @ANYBLOB="00022cbd7000fedbdf25120000000600ed002501000006001201eac00000ba00ac00853043aea7550af2a30cf603f16b35614ea943a8e559335c5a1c7c33ffc44f99f1e5ce9b2885c511ca96c286abbd9a7f7c6c0ddb3cdbd6fbf1d46f37d6a7aa0f0b835d57434bb14eab70eaea645a1c850bc818cb9bc689e46f9f96f46bbf8b6bb119b781f9c774305295675fde4551f49280672c24000000000000372695c71c8475545c3bfe8c0c8127f26f0000dd633c4a360edf5fff39c44c319107e69218e46cab4810219d03d49feee385d0babe6f48ed62edab2c608a89000005001900000000000800bd0000040300", @ANYRES32=0x0, @ANYBLOB="ed895d99723577542d714875f5ec43d80b08cb55429f7496e652a85a1aadc3648c14f7cbf6331ec3915a0a425fb9709b697bbf3855ac421d7164"], 0xf8}, 0x1, 0x0, 0x0, 0x84}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="44000000d9cf93f5694bfc750d436daaf45a14ebec3798e97bf150be4286678c97e3eea161cc0ac95b44586a8e481e8c6454eed9e41cbaa058efdfdc2696629290f7daf80fdec7bec54309089bd50020d82fecd3a81072dad7898f6e31ef4fda597ab26a7daacd", @ANYRES16=r4, @ANYBLOB="010000000000000000004f00000008000300", @ANYRES32=r7, @ANYBLOB="24007a8014000100657d80ac82ddf3fbff6dac563e4e370c0c000300647d027bca665fda"], 0x40}}, 0x0) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r4, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7ff, 0x78}}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x40010) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x858}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) (async) sendmsg$NL80211_CMD_SET_PMK(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0xa0, 0x0, 0x8, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x40000, 0x6a}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "dfdcca6279f652e288ab365db0bf4fc0"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_PMK={0x14, 0xfe, "0dffb7678944f1c7ad5c4f15d3e3a32c"}, @NL80211_ATTR_PMK={0x14, 0xfe, "627101006ebf721df01c3333344f142b"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "4d93ea8db7518412bdcd6bfeec986689"}]}, 0xa0}}, 0x20000000) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000001b00), 0xffffffffffffffff) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000001b00), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) (async) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000900f9010000040f000000080098d4ec32", @ANYRES32=r6, @ANYBLOB="24007a8014000100657d80ac82ddf3fbff6dac563e4e370c0c000300647d027bca665fda"], 0x40}}, 0x0) (async) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="f8000000", @ANYRES16=r5, @ANYBLOB="00022cbd7000fedbdf25120000000600ed002501000006001201eac00000ba00ac00853043aea7550af2a30cf603f16b35614ea943a8e559335c5a1c7c33ffc44f99f1e5ce9b2885c511ca96c286abbd9a7f7c6c0ddb3cdbd6fbf1d46f37d6a7aa0f0b835d57434bb14eab70eaea645a1c850bc818cb9bc689e46f9f96f46bbf8b6bb119b781f9c774305295675fde4551f49280672c24000000000000372695c71c8475545c3bfe8c0c8127f26f0000dd633c4a360edf5fff39c44c319107e69218e46cab4810219d03d49feee385d0babe6f48ed62edab2c608a89000005001900000000000800bd0000040300", @ANYRES32=0x0, @ANYBLOB="ed895d99723577542d714875f5ec43d80b08cb55429f7496e652a85a1aadc3648c14f7cbf6331ec3915a0a425fb9709b697bbf3855ac421d7164"], 0xf8}, 0x1, 0x0, 0x0, 0x84}, 0x0) (async) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) (async) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="44000000d9cf93f5694bfc750d436daaf45a14ebec3798e97bf150be4286678c97e3eea161cc0ac95b44586a8e481e8c6454eed9e41cbaa058efdfdc2696629290f7daf80fdec7bec54309089bd50020d82fecd3a81072dad7898f6e31ef4fda597ab26a7daacd", @ANYRES16=r4, @ANYBLOB="010000000000000000004f00000008000300", @ANYRES32=r7, @ANYBLOB="24007a8014000100657d80ac82ddf3fbff6dac563e4e370c0c000300647d027bca665fda"], 0x40}}, 0x0) (async) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r4, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7ff, 0x78}}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x40010) (async) [ 310.557001] erofs: blksize 1 isn't supported on this platform 14:48:38 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:38 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:38 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e803000000000000", 0x20, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 310.732196] erofs: read_super, device -> /dev/loop3 [ 310.746498] erofs: options -> [ 310.759474] erofs: root inode @ nid 36 [ 310.782216] erofs: bogus i_mode (0) @ nid 36 [ 310.809138] misc userio: Can't change port type on an already running userio instance 14:48:38 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:38 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 310.873193] erofs: read_super, device -> /dev/loop4 [ 310.875105] erofs: read_super, device -> /dev/loop1 [ 310.878475] erofs: options -> [ 310.887022] erofs: cannot find valid erofs superblock [ 310.889533] erofs: options -> [ 310.896866] erofs: blksize 1 isn't supported on this platform [ 310.947991] erofs: read_super, device -> /dev/loop2 [ 310.953225] erofs: options -> [ 310.957015] erofs: root inode @ nid 36 [ 310.963260] erofs: bogus i_mode (0) @ nid 36 14:48:38 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:39 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 311.049384] erofs: read_super, device -> /dev/loop5 14:48:39 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 311.078089] erofs: read_super, device -> /dev/loop3 [ 311.085689] erofs: options -> [ 311.093555] erofs: root inode @ nid 36 [ 311.097808] erofs: options -> [ 311.103401] erofs: bogus i_mode (0) @ nid 36 [ 311.113137] erofs: root inode @ nid 36 14:48:39 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 1) [ 311.125602] erofs: bogus i_mode (0) @ nid 36 14:48:39 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x858}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64) gettid() (async, rerun: 64) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) (async) sendmsg$NL80211_CMD_SET_PMK(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0xa0, 0x0, 0x8, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x40000, 0x6a}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "dfdcca6279f652e288ab365db0bf4fc0"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_PMK={0x14, 0xfe, "0dffb7678944f1c7ad5c4f15d3e3a32c"}, @NL80211_ATTR_PMK={0x14, 0xfe, "627101006ebf721df01c3333344f142b"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "4d93ea8db7518412bdcd6bfeec986689"}]}, 0xa0}}, 0x20000000) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b00), 0xffffffffffffffff) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b00), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000900f9010000040f000000080098d4ec32", @ANYRES32=r6, @ANYBLOB="24007a8014000100657d80ac82ddf3fbff6dac563e4e370c0c000300647d027bca665fda"], 0x40}}, 0x0) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="f8000000", @ANYRES16=r5, @ANYBLOB="00022cbd7000fedbdf25120000000600ed002501000006001201eac00000ba00ac00853043aea7550af2a30cf603f16b35614ea943a8e559335c5a1c7c33ffc44f99f1e5ce9b2885c511ca96c286abbd9a7f7c6c0ddb3cdbd6fbf1d46f37d6a7aa0f0b835d57434bb14eab70eaea645a1c850bc818cb9bc689e46f9f96f46bbf8b6bb119b781f9c774305295675fde4551f49280672c24000000000000372695c71c8475545c3bfe8c0c8127f26f0000dd633c4a360edf5fff39c44c319107e69218e46cab4810219d03d49feee385d0babe6f48ed62edab2c608a89000005001900000000000800bd0000040300", @ANYRES32=0x0, @ANYBLOB="ed895d99723577542d714875f5ec43d80b08cb55429f7496e652a85a1aadc3648c14f7cbf6331ec3915a0a425fb9709b697bbf3855ac421d7164"], 0xf8}, 0x1, 0x0, 0x0, 0x84}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="44000000d9cf93f5694bfc750d436daaf45a14ebec3798e97bf150be4286678c97e3eea161cc0ac95b44586a8e481e8c6454eed9e41cbaa058efdfdc2696629290f7daf80fdec7bec54309089bd50020d82fecd3a81072dad7898f6e31ef4fda597ab26a7daacd", @ANYRES16=r4, @ANYBLOB="010000000000000000004f00000008000300", @ANYRES32=r7, @ANYBLOB="24007a8014000100657d80ac82ddf3fbff6dac563e4e370c0c000300647d027bca665fda"], 0x40}}, 0x0) (async) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r4, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7ff, 0x78}}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x40010) [ 311.191820] erofs: read_super, device -> /dev/loop4 [ 311.192002] erofs: read_super, device -> /dev/loop1 [ 311.196876] erofs: options -> [ 311.212219] erofs: cannot find valid erofs superblock [ 311.219604] erofs: options -> [ 311.222097] erofs: read_super, device -> /dev/loop2 [ 311.228981] erofs: blksize 1 isn't supported on this platform [ 311.233826] erofs: options -> 14:48:39 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:39 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 311.259176] erofs: cannot find valid erofs superblock [ 311.285081] FAULT_INJECTION: forcing a failure. [ 311.285081] name failslab, interval 1, probability 0, space 0, times 0 [ 311.299793] CPU: 0 PID: 22556 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 311.307684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 311.317024] Call Trace: [ 311.319597] dump_stack+0x1fc/0x2ef [ 311.323221] should_fail.cold+0xa/0xf [ 311.327018] ? setup_fault_attr+0x200/0x200 [ 311.331326] ? lock_acquire+0x170/0x3c0 [ 311.335287] __should_failslab+0x115/0x180 [ 311.339506] should_failslab+0x5/0x10 [ 311.343300] __kmalloc+0x2ab/0x3c0 [ 311.346836] ? __se_sys_memfd_create+0xf8/0x440 [ 311.351490] __se_sys_memfd_create+0xf8/0x440 [ 311.355968] ? memfd_file_seals_ptr+0x150/0x150 [ 311.360639] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 311.365986] ? trace_hardirqs_off_caller+0x6e/0x210 [ 311.371028] ? do_syscall_64+0x21/0x620 [ 311.374987] do_syscall_64+0xf9/0x620 [ 311.378774] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.383944] RIP: 0033:0x7f9bcb2fa209 [ 311.387640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 311.406524] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 311.414217] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9bcb2fa209 [ 311.421472] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f9bcb35329c [ 311.428725] RBP: 0000000000000002 R08: 0000000000001000 R09: 00007f9bc9c6f1d0 14:48:39 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:39 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 2) [ 311.435976] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 311.443228] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 14:48:39 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 311.565012] FAULT_INJECTION: forcing a failure. [ 311.565012] name failslab, interval 1, probability 0, space 0, times 0 [ 311.582486] CPU: 0 PID: 22563 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 311.590391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 311.599748] Call Trace: [ 311.602379] dump_stack+0x1fc/0x2ef [ 311.606107] should_fail.cold+0xa/0xf [ 311.609927] ? setup_fault_attr+0x200/0x200 [ 311.614261] ? lock_acquire+0x170/0x3c0 [ 311.618268] __should_failslab+0x115/0x180 [ 311.622507] should_failslab+0x5/0x10 [ 311.624288] erofs: read_super, device -> /dev/loop3 [ 311.626311] kmem_cache_alloc+0x277/0x370 [ 311.626330] ? shmem_destroy_callback+0xb0/0xb0 [ 311.626346] shmem_alloc_inode+0x18/0x40 [ 311.626360] ? shmem_destroy_callback+0xb0/0xb0 [ 311.626378] alloc_inode+0x5d/0x180 [ 311.644136] erofs: options -> [ 311.644220] new_inode+0x1d/0xf0 [ 311.659023] shmem_get_inode+0x96/0x8d0 [ 311.663015] __shmem_file_setup.part.0+0x7a/0x2b0 [ 311.663247] erofs: root inode @ nid 36 [ 311.667864] shmem_file_setup+0x61/0x90 [ 311.667883] __se_sys_memfd_create+0x26b/0x440 [ 311.667898] ? memfd_file_seals_ptr+0x150/0x150 [ 311.667913] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 311.667931] ? trace_hardirqs_off_caller+0x6e/0x210 [ 311.690273] erofs: bogus i_mode (0) @ nid 36 [ 311.690335] ? do_syscall_64+0x21/0x620 [ 311.703694] do_syscall_64+0xf9/0x620 [ 311.707511] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.712699] RIP: 0033:0x7f9bcb2fa209 [ 311.716405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 311.735293] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 311.742994] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9bcb2fa209 [ 311.750249] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f9bcb35329c [ 311.757506] RBP: 0000000000000002 R08: 0000000000001000 R09: 00007f9bc9c6f1d0 14:48:39 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:39 executing program 0: sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000c40)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000180)=ANY=[@ANYBLOB="d80080821819294b51ab4396febba9086efd53696495674ce2e60b677afcee0fad03a6f47256cc1cae45", @ANYRES16=r4, @ANYBLOB="28032cbd7000ffdbdf25110000001c00038008000200190000000800020003000000080003000200000054000980080002002a060000080001005e0000000800020001000000080002000000000008000200e300000008000100030000000800020005000000080001000400000008000100050000000800010002000000340003800800030084f5000008000100ff010000080003000800000008000300d07e0000080003000100000008000300f4090000140009800800020000000070080001004c0000000c0007800800010000000000"], 0xd8}, 0x1, 0x0, 0x0, 0x8000}, 0x24002000) sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r4, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffa}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x20000080) 14:48:39 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 3) [ 311.764759] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 311.772014] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 311.836167] erofs: read_super, device -> /dev/loop4 [ 311.841864] erofs: options -> [ 311.845121] erofs: cannot find valid erofs superblock [ 311.858800] erofs: read_super, device -> /dev/loop2 [ 311.865576] erofs: read_super, device -> /dev/loop1 [ 311.880576] erofs: options -> 14:48:39 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:39 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 311.885384] erofs: options -> [ 311.888710] erofs: cannot find valid erofs superblock [ 311.895155] erofs: blksize 1 isn't supported on this platform [ 311.962965] FAULT_INJECTION: forcing a failure. [ 311.962965] name failslab, interval 1, probability 0, space 0, times 0 [ 311.974911] CPU: 1 PID: 22593 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 311.982804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 311.992163] Call Trace: [ 311.994760] dump_stack+0x1fc/0x2ef [ 311.998393] should_fail.cold+0xa/0xf [ 312.002179] ? setup_fault_attr+0x200/0x200 [ 312.006487] ? lock_acquire+0x170/0x3c0 [ 312.010456] __should_failslab+0x115/0x180 [ 312.014699] should_failslab+0x5/0x10 [ 312.018514] kmem_cache_alloc+0x277/0x370 [ 312.022648] __d_alloc+0x2b/0xa10 [ 312.026085] d_alloc_pseudo+0x19/0x70 [ 312.029867] alloc_file_pseudo+0xc6/0x250 [ 312.034019] ? alloc_file+0x4d0/0x4d0 [ 312.037820] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 312.043528] ? shmem_get_inode+0x44c/0x8d0 [ 312.047764] __shmem_file_setup.part.0+0x102/0x2b0 [ 312.052698] shmem_file_setup+0x61/0x90 [ 312.056668] __se_sys_memfd_create+0x26b/0x440 [ 312.061245] ? memfd_file_seals_ptr+0x150/0x150 [ 312.065912] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 312.071271] ? trace_hardirqs_off_caller+0x6e/0x210 [ 312.076293] ? do_syscall_64+0x21/0x620 [ 312.080286] do_syscall_64+0xf9/0x620 [ 312.084082] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 312.089261] RIP: 0033:0x7f9bcb2fa209 [ 312.092976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 312.111878] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 312.119582] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9bcb2fa209 [ 312.126838] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f9bcb35329c [ 312.134098] RBP: 0000000000000002 R08: 0000000000001000 R09: 00007f9bc9c6f1d0 [ 312.141369] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 312.148628] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 14:48:40 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:40 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 4) [ 312.215481] erofs: read_super, device -> /dev/loop1 [ 312.222937] erofs: read_super, device -> /dev/loop3 [ 312.230202] erofs: options -> [ 312.244163] erofs: options -> [ 312.253683] erofs: root inode @ nid 36 [ 312.259737] erofs: blksize 1 isn't supported on this platform [ 312.270550] erofs: bogus i_mode (300) @ nid 36 [ 312.294618] FAULT_INJECTION: forcing a failure. [ 312.294618] name failslab, interval 1, probability 0, space 0, times 0 [ 312.306092] CPU: 0 PID: 22607 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 312.313973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 312.323307] Call Trace: [ 312.325879] dump_stack+0x1fc/0x2ef [ 312.329497] should_fail.cold+0xa/0xf [ 312.333281] ? setup_fault_attr+0x200/0x200 [ 312.337594] ? lock_acquire+0x170/0x3c0 [ 312.341557] __should_failslab+0x115/0x180 [ 312.345784] should_failslab+0x5/0x10 [ 312.349567] kmem_cache_alloc+0x277/0x370 [ 312.353703] __alloc_file+0x21/0x340 [ 312.357400] alloc_empty_file+0x6d/0x170 [ 312.361445] alloc_file+0x5e/0x4d0 [ 312.364971] alloc_file_pseudo+0x165/0x250 [ 312.369191] ? alloc_file+0x4d0/0x4d0 [ 312.372974] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 312.378584] ? shmem_get_inode+0x44c/0x8d0 [ 312.382807] __shmem_file_setup.part.0+0x102/0x2b0 [ 312.387725] shmem_file_setup+0x61/0x90 [ 312.391686] __se_sys_memfd_create+0x26b/0x440 [ 312.396253] ? memfd_file_seals_ptr+0x150/0x150 [ 312.400908] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 312.406375] ? trace_hardirqs_off_caller+0x6e/0x210 [ 312.411385] ? do_syscall_64+0x21/0x620 [ 312.415343] do_syscall_64+0xf9/0x620 [ 312.419131] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 312.424322] RIP: 0033:0x7f9bcb2fa209 14:48:40 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 5) 14:48:40 executing program 0: sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (async) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000c40)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000180)=ANY=[@ANYBLOB="d80080821819294b51ab4396febba9086efd53696495674ce2e60b677afcee0fad03a6f47256cc1cae45", @ANYRES16=r4, @ANYBLOB="28032cbd7000ffdbdf25110000001c00038008000200190000000800020003000000080003000200000054000980080002002a060000080001005e0000000800020001000000080002000000000008000200e300000008000100030000000800020005000000080001000400000008000100050000000800010002000000340003800800030084f5000008000100ff010000080003000800000008000300d07e0000080003000100000008000300f4090000140009800800020000000070080001004c0000000c0007800800010000000000"], 0xd8}, 0x1, 0x0, 0x0, 0x8000}, 0x24002000) (async) sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r4, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffa}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x20000080) [ 312.428055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 312.446956] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 312.454676] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9bcb2fa209 [ 312.461960] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f9bcb35329c [ 312.469215] RBP: 0000000000000002 R08: 0000000000001000 R09: 00007f9bc9c6f1d0 [ 312.476471] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 312.483731] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 14:48:40 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:40 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 312.559190] erofs: read_super, device -> /dev/loop2 [ 312.587200] erofs: options -> [ 312.591011] FAULT_INJECTION: forcing a failure. [ 312.591011] name failslab, interval 1, probability 0, space 0, times 0 [ 312.603728] erofs: read_super, device -> /dev/loop4 [ 312.608759] erofs: options -> [ 312.611554] CPU: 1 PID: 22620 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 312.619825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 312.629181] Call Trace: [ 312.629996] erofs: cannot find valid erofs superblock [ 312.631773] dump_stack+0x1fc/0x2ef [ 312.631793] should_fail.cold+0xa/0xf [ 312.631810] ? setup_fault_attr+0x200/0x200 [ 312.631823] ? lock_acquire+0x170/0x3c0 [ 312.631842] __should_failslab+0x115/0x180 [ 312.631860] should_failslab+0x5/0x10 [ 312.639574] erofs: blksize 1 isn't supported on this platform [ 312.640662] kmem_cache_alloc_trace+0x284/0x380 [ 312.640683] apparmor_file_alloc_security+0x394/0xad0 [ 312.676486] ? apparmor_file_receive+0x160/0x160 [ 312.681245] ? __alloc_file+0x21/0x340 [ 312.685121] security_file_alloc+0x40/0x90 [ 312.689344] __alloc_file+0xd8/0x340 [ 312.693041] alloc_empty_file+0x6d/0x170 [ 312.697083] alloc_file+0x5e/0x4d0 [ 312.700620] alloc_file_pseudo+0x165/0x250 [ 312.704839] ? alloc_file+0x4d0/0x4d0 [ 312.708670] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 312.714301] ? shmem_get_inode+0x44c/0x8d0 [ 312.718540] __shmem_file_setup.part.0+0x102/0x2b0 [ 312.723469] shmem_file_setup+0x61/0x90 [ 312.727529] __se_sys_memfd_create+0x26b/0x440 [ 312.732097] ? memfd_file_seals_ptr+0x150/0x150 [ 312.736757] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 312.742109] ? trace_hardirqs_off_caller+0x6e/0x210 [ 312.747124] ? do_syscall_64+0x21/0x620 [ 312.751098] do_syscall_64+0xf9/0x620 [ 312.754893] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 312.760065] RIP: 0033:0x7f9bcb2fa209 [ 312.763767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:48:40 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 6) [ 312.782656] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 312.790349] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f9bcb2fa209 [ 312.797607] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f9bcb35329c [ 312.804906] RBP: 0000000000000002 R08: 0000000000001000 R09: 00007f9bc9c6f1d0 [ 312.812254] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 312.819506] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 14:48:40 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:40 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c002400", 0x10, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 312.910805] FAULT_INJECTION: forcing a failure. [ 312.910805] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 312.926955] erofs: read_super, device -> /dev/loop3 [ 312.927520] erofs: read_super, device -> /dev/loop1 [ 312.938102] erofs: options -> [ 312.943151] erofs: options -> [ 312.946554] erofs: blksize 1 isn't supported on this platform [ 312.957664] erofs: root inode @ nid 36 [ 312.965581] CPU: 1 PID: 22633 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 312.973660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 312.983052] Call Trace: [ 312.985651] dump_stack+0x1fc/0x2ef [ 312.989300] should_fail.cold+0xa/0xf [ 312.993114] ? lock_acquire+0x170/0x3c0 [ 312.997094] ? setup_fault_attr+0x200/0x200 [ 313.001435] __alloc_pages_nodemask+0x239/0x2890 [ 313.006201] ? __lock_acquire+0x6de/0x3ff0 [ 313.010446] ? static_obj+0x50/0x50 [ 313.011277] erofs: read_super, device -> /dev/loop4 [ 313.014079] ? __lock_acquire+0x6de/0x3ff0 [ 313.014104] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 313.014121] ? __lock_acquire+0x6de/0x3ff0 [ 313.021545] erofs: options -> [ 313.023462] ? mark_held_locks+0xf0/0xf0 [ 313.023480] ? unwind_next_frame+0xeee/0x1400 [ 313.023493] ? mark_held_locks+0xf0/0xf0 [ 313.023509] ? deref_stack_reg+0x134/0x1d0 [ 313.030899] erofs: blksize 1 isn't supported on this platform 14:48:41 executing program 0: sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() (async) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (async) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000c40)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000180)=ANY=[@ANYBLOB="d80080821819294b51ab4396febba9086efd53696495674ce2e60b677afcee0fad03a6f47256cc1cae45", @ANYRES16=r4, @ANYBLOB="28032cbd7000ffdbdf25110000001c00038008000200190000000800020003000000080003000200000054000980080002002a060000080001005e0000000800020001000000080002000000000008000200e300000008000100030000000800020005000000080001000400000008000100050000000800010002000000340003800800030084f5000008000100ff010000080003000800000008000300d07e0000080003000100000008000300f4090000140009800800020000000070080001004c0000000c0007800800010000000000"], 0xd8}, 0x1, 0x0, 0x0, 0x8000}, 0x24002000) (async) sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r4, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffa}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x20000080) [ 313.032551] ? get_reg+0x176/0x1f0 [ 313.032568] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 313.032584] alloc_pages_vma+0xf2/0x780 [ 313.032607] shmem_alloc_page+0x11c/0x1f0 [ 313.032623] ? shmem_swapin+0x220/0x220 [ 313.032655] ? percpu_counter_add_batch+0x126/0x180 [ 313.032670] ? __vm_enough_memory+0x316/0x650 [ 313.032688] shmem_alloc_and_acct_page+0x15a/0x850 [ 313.032708] shmem_getpage_gfp+0x4e9/0x37f0 [ 313.032737] ? shmem_alloc_and_acct_page+0x850/0x850 [ 313.074237] erofs: bogus i_mode (300) @ nid 36 [ 313.076173] ? mark_held_locks+0xa6/0xf0 [ 313.076190] ? ktime_get_coarse_real_ts64+0x1c7/0x290 [ 313.076204] ? iov_iter_fault_in_readable+0x1fc/0x3f0 [ 313.076228] shmem_write_begin+0xff/0x1e0 [ 313.127053] generic_perform_write+0x1f8/0x4d0 [ 313.131635] ? filemap_page_mkwrite+0x2f0/0x2f0 [ 313.136290] ? current_time+0x1c0/0x1c0 [ 313.140257] ? lock_acquire+0x170/0x3c0 [ 313.144224] __generic_file_write_iter+0x24b/0x610 [ 313.149150] generic_file_write_iter+0x3f8/0x730 [ 313.153897] __vfs_write+0x51b/0x770 [ 313.157615] ? kernel_read+0x110/0x110 [ 313.161498] ? check_preemption_disabled+0x41/0x280 [ 313.166507] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 313.171511] vfs_write+0x1f3/0x540 [ 313.175046] __x64_sys_pwrite64+0x1f7/0x250 [ 313.179355] ? ksys_pwrite64+0x1a0/0x1a0 [ 313.183402] ? trace_hardirqs_off_caller+0x6e/0x210 [ 313.188403] ? do_syscall_64+0x21/0x620 [ 313.192364] do_syscall_64+0xf9/0x620 [ 313.196153] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 313.201325] RIP: 0033:0x7f9bcb2ad1d7 [ 313.205026] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 313.223909] RSP: 002b:00007f9bc9c6ef00 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 313.231598] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2ad1d7 [ 313.238855] RDX: 0000000000000004 RSI: 0000000020010000 RDI: 0000000000000004 [ 313.246108] RBP: 0000000000000002 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 [ 313.253363] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 14:48:41 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 313.260620] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 14:48:41 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:41 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 313.393715] erofs: read_super, device -> /dev/loop5 [ 313.400488] erofs: read_super, device -> /dev/loop2 [ 313.407115] erofs: options -> [ 313.415053] erofs: cannot find valid erofs superblock [ 313.420455] erofs: options -> [ 313.428965] erofs: root inode @ nid 36 [ 313.434450] erofs: bogus i_mode (0) @ nid 36 14:48:41 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:41 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 7) [ 313.529382] erofs: read_super, device -> /dev/loop4 [ 313.544019] erofs: options -> [ 313.549058] erofs: read_super, device -> /dev/loop3 [ 313.556287] erofs: read_super, device -> /dev/loop1 [ 313.566770] erofs: options -> [ 313.572768] erofs: options -> [ 313.576215] erofs: blksize 1 isn't supported on this platform [ 313.587889] erofs: root inode @ nid 0 [ 313.593035] erofs: root inode @ nid 36 [ 313.607275] erofs: bogus i_mode (0) @ nid 0 [ 313.613661] erofs: bogus i_mode (300) @ nid 36 [ 313.627262] FAULT_INJECTION: forcing a failure. [ 313.627262] name failslab, interval 1, probability 0, space 0, times 0 [ 313.638906] CPU: 1 PID: 22680 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 313.646773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 313.656113] Call Trace: [ 313.658691] dump_stack+0x1fc/0x2ef [ 313.662309] should_fail.cold+0xa/0xf [ 313.666104] ? setup_fault_attr+0x200/0x200 [ 313.670413] ? lock_acquire+0x170/0x3c0 [ 313.674379] __should_failslab+0x115/0x180 [ 313.678605] should_failslab+0x5/0x10 [ 313.682393] kmem_cache_alloc+0x277/0x370 [ 313.686533] getname_flags+0xce/0x590 [ 313.690323] do_sys_open+0x26c/0x520 [ 313.694034] ? filp_open+0x70/0x70 [ 313.697565] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 313.702934] ? trace_hardirqs_off_caller+0x6e/0x210 [ 313.707938] ? do_syscall_64+0x21/0x620 [ 313.711912] do_syscall_64+0xf9/0x620 [ 313.715701] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 313.720873] RIP: 0033:0x7f9bcb2ad124 [ 313.724571] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 313.743458] RSP: 002b:00007f9bc9c6eeb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 313.751150] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2ad124 [ 313.758404] RDX: 0000000000000002 RSI: 00007f9bc9c6efe0 RDI: 00000000ffffff9c [ 313.765745] RBP: 00007f9bc9c6efe0 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 [ 313.772998] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 14:48:41 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000780)=ANY=[@ANYBLOB='T\x00', @ANYRES16=0x0, @ANYBLOB="00082dbd7000fbdbdf25134cb4fa33d324d40fd4966800000014000380080002009000000008000200b0611c10cc00068004000500c40003000adb061fd9bae0fca1e1739b3799f7975fb5f9e415ae2b6fc2b17f796c6d4e6539a7b7ca90d6593a356baac96bfc6ff491518829df80e52aa6efa870b88f727d9e9fe352f112749e4264778adf2168e53a5289a41314c4a2a0e1efa75eda0b80ce4bccaec983be488468e22ee8c7c86e956f06313754ce4e12725cd6dce794c9b30eadb71994f065a5149de76b82d124084f923883ab20ba342c6b5f609caaf7103858853e0292b028445782b4172c6320abcc8a7ccb2c21f8bb89d64e538a6361b9837182051166cad2cb3b280007800c000300ba36e878000000000c000300e0000000000000000c000400030000000000000024000380080003000200000008000200010000000800020000000000080003000200000034000380080001000000010008000200010000800800010002000000080002004a000000080003000000010008000100020000000c0002800800020081000000680004800900010073797a310000000024000780080001000600000008000100170000000800030002e3e89be9d71b394d030000340007800800010006000000080001000c0000000800020009000000080001000f000000080004000100000008000300f42600002c00048014000780080004007f00000008162265a130a2d58600010062726f6164636173742d6c696e6b000040000280080001000400000008000200770000000800020006000000040004001c00038008000200080000000800020004000000"], 0x254}, 0x1, 0x0, 0x0, 0x41}, 0x20080000) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040706, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) 14:48:41 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 8) [ 313.780251] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 313.813010] erofs: read_super, device -> /dev/loop2 [ 313.818320] erofs: options -> [ 313.822867] erofs: cannot find valid erofs superblock [ 313.880078] FAULT_INJECTION: forcing a failure. [ 313.880078] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 313.891907] CPU: 1 PID: 22691 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 313.899795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 313.909148] Call Trace: [ 313.911736] dump_stack+0x1fc/0x2ef [ 313.915375] should_fail.cold+0xa/0xf [ 313.919172] ? setup_fault_attr+0x200/0x200 [ 313.923486] ? do_writepages+0x290/0x290 [ 313.927546] ? unlock_page+0x13d/0x230 [ 313.931431] __alloc_pages_nodemask+0x239/0x2890 [ 313.936179] ? lock_downgrade+0x720/0x720 [ 313.940315] ? check_preemption_disabled+0x41/0x280 [ 313.945331] ? __lock_acquire+0x6de/0x3ff0 [ 313.949565] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 313.954484] ? lock_downgrade+0x720/0x720 [ 313.958620] ? lock_acquire+0x170/0x3c0 [ 313.962587] ? up_write+0x18/0x150 [ 313.966114] ? generic_file_write_iter+0x381/0x730 [ 313.971036] ? iov_iter_init+0xb8/0x1d0 [ 313.975011] cache_grow_begin+0xa4/0x8a0 [ 313.979066] ? setup_fault_attr+0x200/0x200 [ 313.983375] ? lock_acquire+0x170/0x3c0 [ 313.987340] cache_alloc_refill+0x273/0x340 [ 313.991656] kmem_cache_alloc+0x346/0x370 [ 313.995795] getname_flags+0xce/0x590 [ 313.999587] do_sys_open+0x26c/0x520 [ 314.003287] ? filp_open+0x70/0x70 [ 314.006832] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 314.012197] ? trace_hardirqs_off_caller+0x6e/0x210 [ 314.017202] ? do_syscall_64+0x21/0x620 [ 314.021168] do_syscall_64+0xf9/0x620 [ 314.024966] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 314.030150] RIP: 0033:0x7f9bcb2ad124 [ 314.033858] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 314.052747] RSP: 002b:00007f9bc9c6eeb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 314.060441] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2ad124 [ 314.067693] RDX: 0000000000000002 RSI: 00007f9bc9c6efe0 RDI: 00000000ffffff9c 14:48:42 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:42 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 314.074958] RBP: 00007f9bc9c6efe0 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 [ 314.082213] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 314.089584] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 14:48:42 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 314.156157] erofs: read_super, device -> /dev/loop5 14:48:42 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 314.179368] erofs: options -> [ 314.223821] erofs: blksize 1 isn't supported on this platform 14:48:42 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 9) [ 314.291268] erofs: read_super, device -> /dev/loop4 [ 314.296308] erofs: options -> [ 314.299546] erofs: blksize 1 isn't supported on this platform [ 314.314655] erofs: read_super, device -> /dev/loop1 [ 314.321706] erofs: read_super, device -> /dev/loop3 14:48:42 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async, rerun: 32) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (rerun: 64) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000780)=ANY=[@ANYBLOB='T\x00', @ANYRES16=0x0, @ANYBLOB="00082dbd7000fbdbdf25134cb4fa33d324d40fd4966800000014000380080002009000000008000200b0611c10cc00068004000500c40003000adb061fd9bae0fca1e1739b3799f7975fb5f9e415ae2b6fc2b17f796c6d4e6539a7b7ca90d6593a356baac96bfc6ff491518829df80e52aa6efa870b88f727d9e9fe352f112749e4264778adf2168e53a5289a41314c4a2a0e1efa75eda0b80ce4bccaec983be488468e22ee8c7c86e956f06313754ce4e12725cd6dce794c9b30eadb71994f065a5149de76b82d124084f923883ab20ba342c6b5f609caaf7103858853e0292b028445782b4172c6320abcc8a7ccb2c21f8bb89d64e538a6361b9837182051166cad2cb3b280007800c000300ba36e878000000000c000300e0000000000000000c000400030000000000000024000380080003000200000008000200010000000800020000000000080003000200000034000380080001000000010008000200010000800800010002000000080002004a000000080003000000010008000100020000000c0002800800020081000000680004800900010073797a310000000024000780080001000600000008000100170000000800030002e3e89be9d71b394d030000340007800800010006000000080001000c0000000800020009000000080001000f000000080004000100000008000300f42600002c00048014000780080004007f00000008162265a130a2d58600010062726f6164636173742d6c696e6b000040000280080001000400000008000200770000000800020006000000040004001c00038008000200080000000800020004000000"], 0x254}, 0x1, 0x0, 0x0, 0x41}, 0x20080000) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() (async) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040706, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) [ 314.337661] erofs: read_super, device -> /dev/loop2 [ 314.343245] erofs: options -> [ 314.351365] erofs: options -> [ 314.358605] erofs: root inode @ nid 0 [ 314.364194] erofs: root inode @ nid 36 [ 314.386457] erofs: bogus i_mode (0) @ nid 0 14:48:42 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 314.387921] erofs: options -> [ 314.400139] erofs: bogus i_mode (0) @ nid 36 [ 314.413674] FAULT_INJECTION: forcing a failure. [ 314.413674] name failslab, interval 1, probability 0, space 0, times 0 [ 314.414107] erofs: cannot find valid erofs superblock 14:48:42 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000780)=ANY=[@ANYBLOB='T\x00', @ANYRES16=0x0, @ANYBLOB="00082dbd7000fbdbdf25134cb4fa33d324d40fd4966800000014000380080002009000000008000200b0611c10cc00068004000500c40003000adb061fd9bae0fca1e1739b3799f7975fb5f9e415ae2b6fc2b17f796c6d4e6539a7b7ca90d6593a356baac96bfc6ff491518829df80e52aa6efa870b88f727d9e9fe352f112749e4264778adf2168e53a5289a41314c4a2a0e1efa75eda0b80ce4bccaec983be488468e22ee8c7c86e956f06313754ce4e12725cd6dce794c9b30eadb71994f065a5149de76b82d124084f923883ab20ba342c6b5f609caaf7103858853e0292b028445782b4172c6320abcc8a7ccb2c21f8bb89d64e538a6361b9837182051166cad2cb3b280007800c000300ba36e878000000000c000300e0000000000000000c000400030000000000000024000380080003000200000008000200010000000800020000000000080003000200000034000380080001000000010008000200010000800800010002000000080002004a000000080003000000010008000100020000000c0002800800020081000000680004800900010073797a310000000024000780080001000600000008000100170000000800030002e3e89be9d71b394d030000340007800800010006000000080001000c0000000800020009000000080001000f000000080004000100000008000300f42600002c00048014000780080004007f00000008162265a130a2d58600010062726f6164636173742d6c696e6b000040000280080001000400000008000200770000000800020006000000040004001c00038008000200080000000800020004000000"], 0x254}, 0x1, 0x0, 0x0, 0x41}, 0x20080000) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040706, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) [ 314.447885] misc userio: No port type given on /dev/userio [ 314.449317] CPU: 1 PID: 22720 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 314.461413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 314.470762] Call Trace: [ 314.473357] dump_stack+0x1fc/0x2ef [ 314.476983] should_fail.cold+0xa/0xf [ 314.480769] ? setup_fault_attr+0x200/0x200 [ 314.485070] ? lock_acquire+0x170/0x3c0 [ 314.489031] __should_failslab+0x115/0x180 [ 314.493248] should_failslab+0x5/0x10 [ 314.497036] kmem_cache_alloc+0x277/0x370 [ 314.501178] __alloc_file+0x21/0x340 [ 314.504882] alloc_empty_file+0x6d/0x170 [ 314.508936] path_openat+0xe9/0x2df0 [ 314.512642] ? __lock_acquire+0x6de/0x3ff0 [ 314.516871] ? path_lookupat+0x8d0/0x8d0 [ 314.520912] ? mark_held_locks+0xf0/0xf0 [ 314.524959] do_filp_open+0x18c/0x3f0 [ 314.528739] ? may_open_dev+0xf0/0xf0 [ 314.532521] ? __alloc_fd+0x28d/0x570 [ 314.536306] ? lock_downgrade+0x720/0x720 [ 314.540441] ? lock_acquire+0x170/0x3c0 [ 314.544404] ? __alloc_fd+0x34/0x570 [ 314.548098] ? do_raw_spin_unlock+0x171/0x230 [ 314.552580] ? _raw_spin_unlock+0x29/0x40 [ 314.556710] ? __alloc_fd+0x28d/0x570 [ 314.560496] do_sys_open+0x3b3/0x520 [ 314.564203] ? filp_open+0x70/0x70 [ 314.567734] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 314.573093] ? trace_hardirqs_off_caller+0x6e/0x210 [ 314.578101] ? do_syscall_64+0x21/0x620 [ 314.582114] do_syscall_64+0xf9/0x620 [ 314.585899] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 314.591073] RIP: 0033:0x7f9bcb2ad124 [ 314.594772] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 314.613665] RSP: 002b:00007f9bc9c6eeb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 314.621351] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2ad124 [ 314.628608] RDX: 0000000000000002 RSI: 00007f9bc9c6efe0 RDI: 00000000ffffff9c [ 314.635862] RBP: 00007f9bc9c6efe0 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 14:48:42 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 10) [ 314.643114] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 314.650362] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 14:48:42 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 314.730128] erofs: read_super, device -> /dev/loop4 [ 314.735489] erofs: options -> [ 314.739293] erofs: blksize 1 isn't supported on this platform 14:48:42 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:42 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 314.780509] FAULT_INJECTION: forcing a failure. [ 314.780509] name failslab, interval 1, probability 0, space 0, times 0 [ 314.807483] CPU: 0 PID: 22735 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 314.815389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 314.824738] Call Trace: [ 314.827312] dump_stack+0x1fc/0x2ef [ 314.830931] should_fail.cold+0xa/0xf [ 314.834718] ? setup_fault_attr+0x200/0x200 [ 314.839020] ? lock_acquire+0x170/0x3c0 [ 314.843029] __should_failslab+0x115/0x180 [ 314.847278] should_failslab+0x5/0x10 [ 314.851067] kmem_cache_alloc_trace+0x284/0x380 [ 314.855734] apparmor_file_alloc_security+0x394/0xad0 [ 314.860919] ? apparmor_file_receive+0x160/0x160 [ 314.865662] ? __alloc_file+0x21/0x340 [ 314.869538] security_file_alloc+0x40/0x90 [ 314.873758] __alloc_file+0xd8/0x340 [ 314.877457] alloc_empty_file+0x6d/0x170 [ 314.881505] path_openat+0xe9/0x2df0 [ 314.885214] ? __lock_acquire+0x6de/0x3ff0 [ 314.889442] ? path_lookupat+0x8d0/0x8d0 [ 314.893490] ? mark_held_locks+0xf0/0xf0 [ 314.897559] do_filp_open+0x18c/0x3f0 [ 314.901352] ? may_open_dev+0xf0/0xf0 [ 314.905135] ? __alloc_fd+0x28d/0x570 [ 314.908927] ? lock_downgrade+0x720/0x720 [ 314.913064] ? lock_acquire+0x170/0x3c0 [ 314.917030] ? __alloc_fd+0x34/0x570 [ 314.920731] ? do_raw_spin_unlock+0x171/0x230 [ 314.925209] ? _raw_spin_unlock+0x29/0x40 [ 314.929341] ? __alloc_fd+0x28d/0x570 [ 314.933129] do_sys_open+0x3b3/0x520 [ 314.936831] ? filp_open+0x70/0x70 [ 314.940355] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 314.945702] ? trace_hardirqs_off_caller+0x6e/0x210 [ 314.950702] ? do_syscall_64+0x21/0x620 [ 314.954656] do_syscall_64+0xf9/0x620 [ 314.958444] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 314.963611] RIP: 0033:0x7f9bcb2ad124 14:48:43 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 11) [ 314.967312] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 314.986213] RSP: 002b:00007f9bc9c6eeb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 314.994004] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2ad124 [ 315.001270] RDX: 0000000000000002 RSI: 00007f9bc9c6efe0 RDI: 00000000ffffff9c [ 315.008529] RBP: 00007f9bc9c6efe0 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 [ 315.015788] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 315.023057] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 14:48:43 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 315.078752] erofs: read_super, device -> /dev/loop2 [ 315.097044] erofs: options -> [ 315.120262] FAULT_INJECTION: forcing a failure. [ 315.120262] name failslab, interval 1, probability 0, space 0, times 0 [ 315.121692] erofs: cannot find valid erofs superblock [ 315.137962] CPU: 0 PID: 22753 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 315.146008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 315.155354] Call Trace: [ 315.158018] dump_stack+0x1fc/0x2ef [ 315.161633] should_fail.cold+0xa/0xf [ 315.165419] ? setup_fault_attr+0x200/0x200 [ 315.169725] ? lock_acquire+0x170/0x3c0 [ 315.173684] __should_failslab+0x115/0x180 [ 315.177905] should_failslab+0x5/0x10 [ 315.181713] kmem_cache_alloc_trace+0x284/0x380 [ 315.186380] ? loop_info64_to_compat+0x5e0/0x5e0 [ 315.191130] __kthread_create_on_node+0xd2/0x410 [ 315.195872] ? kthread_parkme+0xa0/0xa0 [ 315.199830] ? lock_acquire+0x170/0x3c0 [ 315.203812] ? lo_ioctl+0x1bb/0x20e0 [ 315.207524] ? __mutex_lock+0x368/0x1190 [ 315.211572] ? lock_downgrade+0x720/0x720 [ 315.215706] ? check_preemption_disabled+0x41/0x280 [ 315.220715] ? loop_info64_to_compat+0x5e0/0x5e0 [ 315.225456] kthread_create_on_node+0xbb/0xf0 [ 315.229951] ? __kthread_create_on_node+0x410/0x410 [ 315.234966] ? __fget+0x356/0x510 [ 315.238410] ? do_dup2+0x450/0x450 [ 315.241931] ? __lockdep_init_map+0x100/0x5a0 [ 315.246429] ? __lockdep_init_map+0x100/0x5a0 [ 315.250910] lo_ioctl+0xae5/0x20e0 [ 315.254442] ? loop_set_status64+0x110/0x110 [ 315.258834] blkdev_ioctl+0x5cb/0x1a80 [ 315.262703] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.268050] ? blkpg_ioctl+0x9d0/0x9d0 [ 315.271921] ? mark_held_locks+0xf0/0xf0 [ 315.275960] ? mark_held_locks+0xf0/0xf0 [ 315.280011] ? debug_check_no_obj_freed+0x201/0x490 [ 315.285023] ? lock_downgrade+0x720/0x720 [ 315.289161] block_ioctl+0xe9/0x130 [ 315.292767] ? blkdev_fallocate+0x3f0/0x3f0 [ 315.297082] do_vfs_ioctl+0xcdb/0x12e0 [ 315.300962] ? lock_downgrade+0x720/0x720 [ 315.305105] ? check_preemption_disabled+0x41/0x280 [ 315.310105] ? ioctl_preallocate+0x200/0x200 [ 315.314499] ? __fget+0x356/0x510 [ 315.317948] ? do_dup2+0x450/0x450 [ 315.321484] ? do_sys_open+0x2bf/0x520 [ 315.325357] ksys_ioctl+0x9b/0xc0 [ 315.328800] __x64_sys_ioctl+0x6f/0xb0 [ 315.332671] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 315.337235] do_syscall_64+0xf9/0x620 [ 315.341029] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.346201] RIP: 0033:0x7f9bcb2f9fc7 [ 315.349896] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:48:43 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={r0}) sendmsg$SOCK_DESTROY(r2, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f00000000c0)={&(0x7f0000001b40)=ANY=[@ANYBLOB="841300001500100027bd7000fcdbdf250b80041001008f4435894df62e9937f6d98bcabf35ef2f6518c22112c5d13decdf039c5a9b85c30514dcd906dc1939f16ec45b778a373b124636866101871bf8f6fe2cdb728159ff99273c653850f01babe729bd2ddc2b261ff6a5c51fd8c4226d8d5d18edbe83651cbaa0cbaba6e8cb0396582ca396f0b7e5d4343f6d7ab5cf017595b0621874495157f901577baadc92da6dd37d09abb63fa57afe94565b9ce9125f831e8a6c62fc410c10c9b1d7d2c604e62b1e5d2e8241ef6815262e89f047f82c2e114280331ac97f24169f63bd84dc39ff9fc914ef4420e86f01910fee4c8b845d33fb13396cf9de7f52bad2dff90e087888eda94c1f2af911eb683b9d5c748d924c5f14d23fe6e992987201638534efec560a1e06939d5944fd3eba06cd7d0855c4090cf40127e595cd0d36ed8e4f6d834106127a3f07677d73abef58d7d68242fd46d3f3e87346145f0d3bcc20ff4613eeeb8ac154d5cdff4edb9f1885b199a76a8de3877d5fef3bddd945b1414554bf709cc6e00230c5d2f666b0963566bbbfcc8ef6773cc1faedf557f7bac7d4818bf542bc8af9a0e6924c1c4ee79c118c9ce99b8ab279d0fde61bab5bf9f85de492472c06f0a3ed280b038e8931cbc249e8becf8572d9c3a48041894eb91446a2b87ac53db3063e9e8ff9ac08a2a89648c730ca86048196ac9a9d64dd406af96fefd8149bf7cc490893034b5e4ca38e1d1fd54ee47d95a04dbc649cc63769ae94875f26c37690f4a0c76e357648678ede67bb7f67afaccacdf1ab9abce105db75542edc508591791e9bd23b6448534854c8cfce853b18e47dc445e8c957b03fea61e4b82fdc0a1f3d009a6c52490387b25c837d30c04aa1ccfb9886d278a45070ce9799f2fc4a9f72b40c1bc624b4de9fef4533a2dabddc36a1ec2f571e5b90dd45f608a13daec223fb75104feeb9f4b0f30d4e4156b236051fe33d38facfc5ceb97815c1a9a81f951dbfdfcdc9875675d150cb9122ab44b8d4b2ec598dc823eeec7faf876a460d0211fbf658502faaf705d0ef0f8f0b0040f60aa4899a7c166ac6d1db81c5a9fb9440f1f901c653c97d8e7a45769838d859d145da1e245089ba3b7d04d0266cfeb573eaed8c0e3096dda6cae05add401019b667d2f3fb24a18e7e30cf6faccf953acf83ba89096d8a39a84f4116bc7e70f87156a51a5d575cc1dcb5781aa56512f5692d808526cb3dd237c0f88a6ec2f4b1d6729bd0d77df2740966a284c35ea3e5ca39538da0f6ada534d7a38ef4232f343fc2430854742261e0f557aee1e22559a94cdb882ef5ded3db8ccafb8ab1f4d68209b1dc6fed00079edf970f952b7f3554fa8256beac686d39475c9d3f09985a72f604900f0edc16e66e16ac94527017ae3a63828ef483e3bb7b7526c32c41fbf768f2b11f25b136ec478d7a092ff1938d12598b25ac08b254615b8efb96a7e1afeb4cf3f923375cc5ba80351a8560e45d5fce0ce9e69a71780b0376a9e9107ef6fd39a7a055d34e576c0793611cdf9f12626f759c926d68bf49b6d4f0427b2fd73360fbf303dc7a11bceb38e2068604fbbcb5f1bdec747c972a9af5af45b3ce5a05f3b8efd45fc4325d846f1b6363bb200ce9e338665c592f88ce52308d2b959165f634927b6b01d31128291f6d42cb077b268b5c9dc8ea31ae7b92c7c65fe99f921532386edf3fb893bba606a9eff471ef5bfadff79f5c8b1c0f575a36f87bcedbcdfbfb0e1c3605d33a58e7df7b4d678dbd2945edadcc5b1910f16970891103de9281de1fd1c9dac41cb2d5854f3d7008b8e06b13d5a5433b88e32c3f341076cb4b535beb7bc22b6a2204371a2bc4a08fb9157b509909ac914ba3e05f3d359749b95cd50dd587f027926ebdb7ec2279ed5689d74b4cd81e477b969f615cd5aab6eb0af2b2fc33399acb7c7eebd7bc20d134264ebd816af456338371bb5f5849d6dbda4147a6b0fa9bfbc062adfa26b8479201e885b1058e12b861af2b7c1922f300e408d9f5da8afff77a21c6c7fb184cee00a21db413511527e4a78f65b321ac9584e3b85ea49fa9c820f8d9bbc9161f173cfd754116ffb11e2a69fa5bc5670cbf3377d26ba9c32da0d3b5fe1cc2b521686df1a8b4510ea9622e7c1713bb10ab96119d674f8ec2b2c8f2d48eca325ede67c177bcf2ac55a5c0a664c95cd14621e428ce6b1a7384db4b1d0fac74890bf82109ffc459b4098807620dd0759ebba520c82357667f77c33de0f55076ec70facb475059f19102664e559affb2e48b6c9f75ae8881391facc184c690f5eae8034211b6fb6550949529c61225cd87a86dc42e4a86194625758c4e08d29fbdb818e3c5c1dcb91fbbfd11a5aa732cf124f1ef3357bcd3097196a6197e8ecb8f7b92689c767541b42340d3e8bc9df59f2f7847e2037e97c6d03c4e0aeb2e946170d79d53705735f5cf3a9f7765aba716ce0ad806105d3a73748420398dccb67bd250f0f79ad32c9a31917fd161e193ad27ac56fbe85da9876236d2829bbfe21b363637f2af6651803d3d458fb8347869c474109f2f56fbab40114bc65053becdc1a21cc41f6ec8a5909433a55407274364d9f41c171cfa5e8843e0ef41891edd2c78cf66b6d123c29988b5a6517f6279cb027ca9662222cb551f1923dae93c23ec434d0a89832ec474a88feec3faa16bb533579dfc31bd91bab79960e13ee96e1661823f7fe48fc6d771186cad460736067174b9d29763a9474d6bcf5c9795a6df7a7ac67ea394f250ed2d457bda637646669c5b4f72a87b4feebd52d394591670639f969f84e98c1c04c0bfc54b86dd384cb2df9a17083090cbfb022560d25f5d600cc18cc263c9852ce5cf650ae5d96fd235f8d090aeb699290ba19728dcacf916acf8199d71fa9d8a1b7912017204c7ccbb1aab0d0bf12a065d3e6874fd8f89dcb00e15706cfb5c5f3bb5c0ab1925da80d693968a178bd33068e9a470cadd64cd46e5c5cb6d0907ea725d0755442e89c28a6dcd0560e575617a89351cb1c05832c4f36659cf787015c67ded37bb8345d16b1b75a4f7b2a0bfc59e9a3884ac64d63c576155e6c719c219a73157dca413372aa697e663078a15510ebd24337831d1b9c412c428651095a306ce0f7b20127ef0294fffdcb49e1271f3d570c54b7988785356b4c33d1079b5cf77a11b01833592ea1cb9cb0f01a953c89164083ff51c1173bb5336c42da270a5755152f6504d93637d5fcbd55f2b45635e319a616bd86eab6e1245d1f76d11c83e8dc80b2541f8b077b0634137eb9406a7a663e3dc641f2b71e003db2cca7ec3ea0f8acb9961e3c06b50e4e07f7c99c9827627eb76cb787167c224491c5302c9cb381ef189bbc92f426e53d040da6c0d1ce9707b65c0b439d31f869d23baf032bdad85763569d2f34961040f89bcdb16d0ab047c2661958a893d4a8747d36519a6c27be98558f354735cb46e0bfab15b314f35081de39de078bba9fc8f3fbca38d209efe7aad7b1fe6358f7d8429b97eef0a336864608879ad7dc4515c2e0035ee77dc7a7fd126748414467ef4aada970e610f3163067512ceac80a3801915010f989b0eb16ad5e40a1efd7d119971cd3d0bf73170cb14110712521cc28d70c03ec1a7e0c80833be1e168e94c0b4bfe55c98a4396fc4d79834613c8046f7aa59512e839b2f8e43ba427a1094a627cca323bc6ee82ca5226f83cf19690d644cfed4684f96beabc349011578be7227f499f2a8e4170736b3e2cdb369f05a5b537e0f8fee374720da6046de11b0a380f958a7bb3d0f52e577e864b65c616ec5719cc2ead1dffdfcf52b14a1c81eb8afbc098a70a0e0b7cc3eb820e166bc587d57b8b0767dbecba7506ae6d9a01e5d0ac9f1bf3fe1f6303fa0e279b5ad00934aa6a7b5ab8e7839cf7bfe1ea430641122cd9b6d72234051bc2888ca6bdc60400e520beeea0623688dad0cf931b30ab8d228d3254211cce06a2fe7a833830d13b59f40dcb82c09af61f46411e4c6f12f34804631040d2169405b8972e1539e0d76843786779a286e02aff45100703e299ac03cbe596d79b74101ff0e783e3e3616cd42f475b3bf35c009a0cf4ea4799552c8aa306ec9bb6e2d56325b46e7702b84f03327bab4095900e62b9330f5a0dcee62fb257272ca9c674b4c414ab93d7a2143e3673187d67135a6e3384897dbdd078ef313e9d548aa766e5cee39eae571ba788841a862299b80fb812774b2a696c58b73a221f1e27e7fe0248a6c76c3d94e3c879f45b5165f0333ea437dc537bc6e617752ba28b4dace59053b682c7737763c735ee95ba99945109ce57fd9e75af269835a23f32307066e25c7a22e434a7475b5f3c3418c7a5c89161c38b00837cc338f4a0f20906938daa2e1d535231f2f696ebe0d7e8cf28fb4e09eb9604849e80d929896a9fd2ee3157da1d1a3f1573f9bcfd55a671ee48c250c1d0cf650d8a8e30a4eeba7248a49d210b2216b67060613076cd84f91c4a1eb7548e9dba824eb694ccbcbf324ce31981b8cd0b13c988748b429a80ea258e0228ec652de606547c567a0d619b37c93a429b252b2a4402a06625b637f93f36ebf6f7267f75d0d65536a3026c0695f4f63c93591640c02ea449b029058390258e027039b1c1a44d2a6e442dc5407fbd7eb97a1a0de34fc2e0b2361249925b1cffa6ea70487e427f480c6e3fec91276d8fe317e4b3b3265b2ab1af9d8e1beca577054fe68c18c4d136634f4d4b972cb1b3e02ccca384453dd73e83ad8885a5fe536f94612394645eccbd6e0e24dd0491a187f4c7a19a1569bf3fb7d9eba128adcf00faf54dc5cc48012c012e62648881374ce3fa11a090578e8c0c37af556857fade3f478129a9b874c440b79f9b8d11f2b5d579c88e91ea822f0c465f362277e26e91bfd0edad658c3060e9722c6e45adf300705901576338ab9dd53954f748634737857cc47f709d437d1251eeec04aa01bb659d723e1fd987b25e430196a467af6fa2b3241fb65e5690d755bf5a14ea42172bcd9973c88b50e15c9b3c53da1ba24e0397bbc3c8a221e0c376c439b1f2ce8a791e9f89fa07cc16f46286593725925a530f2d2f7f0264e3bebbb603eab7bfbc0752c9ada8a9a0579aaeb1975fe0581809101f4b3b455c6a3628d6228b9eb7162738a71bd826029c03c8be71559b7fdfe25627493c01e4e1f70c2c118f902b7b1de9727d1393506845472a1a412299006f0aa51d5390833d0e40b5f8e60218fb92a9c32ca04f50b518a06eb488600ca17b7e5d1d12c3bba876e6222463cfcc7bbbfef661a7228986076b507530a66fd3dfd5569be5a3dd8a5847820984797e695e3bed34d0a11410f20b6e290abbfe8059201fc0f4b4a64461908ff4b026107c6ab68cac844190e121c18b4d5c3dc6b73501d3ede01ef56e42f7d3059e2cb6d7793debce742ed7e818ccb60b15b8f9e509feef65ef20bade830b087b4f63b8fb60a3df5bc3b8b29df9425bdb81ed37e97dc90706c806edde2ceb2e6f06196a7215fc6fe22bec5868c9b5aff1ae493cd9792d7b7eb3c883e3223289276e958b1663d4943278a4f01bf138b35493a57c7263fda1826012f8d18894d011f726ae53a376e2adb3ec63dbce215f65b3e34fd2f4922430c583e6b45c45968a1f271e21e95dbd5ed9f5a4f0660064c4430583b6cc527b8594180edfe364bab1c981cb3e62d333b7e87be3e1ac7d8a69e57065be2a71b01539bdbfd9f462a8c5fa87e595a9a4e1dba09d98802bc0916858d7c20a4313c0ec93a7b2f7d71ec7d04d4863f238c4a28a534e2fc0eb4f4e3700366937268bbba0001008d5643c543dad5c6bc7abea3a07b8cab517646f827c3d0f4f76d3091184a1ace2fec35bae94b395aa1a4999f3a89c60c5d3f453b7073cdf8228f84a69594ef88ab8577e09d1c028945dde4ef5880245d5e0ccf245fe1f751e3ffb98a4fefe274193930663b0c4eb74d8e1603e1616e3994840d764c0d446fd53de8d4c6573b3bc26495875d33e7b28410c5a599bb67253036bbdb2c642e647fbe9b1279866fa9be5d0472a6a4ecfc8b1347281b0399e600edfd89b3bf000093000100f02962504458de9648a8dc94eadbebe55efb6a5dc0d5e4b6fbda485e4fa59fa7c1f4210f038620ce6a5f4e4cdfecc37c2c5cc16c7938a73df33aa0b14c24ab9e5b3b360675b231e1c66d24eeaf416151229a17384d74eb27831728dfd7fd89df5a830b386a3a7bd8fa23d21b3e5bb44a9a18951c2f37b3e022b3147d74b0b6b6b7ef5e8ae8c8b29658af52cee87874005700010019fd0abf5a0cb3d22249f48bfa62c7158c3d525087034576c35f71bab8317fedfd5c6e125640ea5c90e7e93ad7a4d9afa9f03ba330c88943766daa289f1a8c0c131be907bc79c5ddb31fb787ad489dd26986f44d5b56a58a3cfb012ed8ed8b4dc3aca400c7000100e625617a468334f3a63fc96dcb2cd7a33a4858a81b2333010d70f399fa255b460ff5562de545663ab31dca46d725b62de74424ca402fb72977d628def9de3925923e0211fb811650ca5126a6cc1374984505fd1a5bf8b825544059a720cde487a2335c9a56fddf1b5088e7214fcb09b194fc2d1f3a5d63d9d393a5dd71c22ef4b892b8e386c74281c009551ac803574c24eec6ca950608ad3c876661d7a0c89c56eb99b4fd137ecc38b6fcec21ba8ab522ee32157c7c2896de40e49420bfbf3566ffec00f90001008432e34a37588d22003354a5d4c5e463d987dd8b6a2edd16a833efab77cc524f8c5dd4b59c546159b54b7735f323494a23114fe49b826e2b538153354c971ce70c862b2fad6a674d351444ef60bc655ae24b182519baeda71baac6e1b0a84178597d3808d062431bd64d9269a7a9fbc21050b2f85c357cd381ff8cef71667204a43b5643789dd4370bc572bab9df1bc271f613a35727bcc0610896015ce5b5ae08ff47933c019c17935cbfeb9b56bdb29931c4b639a6f597f3f8977dfb334790cf6eee3bc168ce9c7987daf3894e63502a68a367a8ef1bc9514b88360e3fb0ea2fc2061323c4733ab127cfbb73c5b0aefe2420dbd10000000000e8a83cafa39d15c9157d7b3a49890d2053097e14955a"], 0x1384}, 0x1, 0x0, 0x0, 0x8800}, 0x8810) [ 315.368782] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 315.376468] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2f9fc7 [ 315.383754] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 315.391018] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 [ 315.398268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 315.405519] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 14:48:43 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 315.454942] erofs: read_super, device -> /dev/loop3 [ 315.460281] erofs: read_super, device -> /dev/loop1 [ 315.465850] erofs: read_super, device -> /dev/loop4 [ 315.470880] erofs: options -> [ 315.486531] erofs: options -> [ 315.489963] erofs: root inode @ nid 36 [ 315.494709] erofs: options -> 14:48:43 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 12) [ 315.506909] erofs: blksize 1 isn't supported on this platform [ 315.515212] erofs: root inode @ nid 0 [ 315.524845] erofs: bogus i_mode (0) @ nid 36 [ 315.531726] erofs: bogus i_mode (0) @ nid 0 14:48:43 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:43 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:43 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e80300000000000000000000020000000000000000000000e831acc8d29f4b20bbe8359d20ed4b3f", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 315.657412] erofs: read_super, device -> /dev/loop2 [ 315.671331] erofs: options -> [ 315.678381] FAULT_INJECTION: forcing a failure. [ 315.678381] name failslab, interval 1, probability 0, space 0, times 0 [ 315.696710] erofs: blksize 1 isn't supported on this platform [ 315.698337] CPU: 1 PID: 22773 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 315.710556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 315.720003] Call Trace: [ 315.722598] dump_stack+0x1fc/0x2ef [ 315.726219] should_fail.cold+0xa/0xf [ 315.730004] ? setup_fault_attr+0x200/0x200 [ 315.734325] ? lock_acquire+0x170/0x3c0 [ 315.738285] __should_failslab+0x115/0x180 [ 315.742514] should_failslab+0x5/0x10 [ 315.746304] kmem_cache_alloc+0x277/0x370 [ 315.750448] __kernfs_new_node+0xd2/0x680 [ 315.754584] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 315.759320] ? kernfs_activate+0x2c/0x1d0 [ 315.763459] ? lock_downgrade+0x720/0x720 [ 315.767598] ? kernfs_add_one+0x51/0x4c0 [ 315.771652] ? mutex_trylock+0x1a0/0x1a0 [ 315.775706] ? __mutex_unlock_slowpath+0xea/0x610 [ 315.780532] kernfs_new_node+0x92/0x120 [ 315.784506] __kernfs_create_file+0x51/0x340 [ 315.788909] sysfs_add_file_mode_ns+0x226/0x540 [ 315.793562] internal_create_group+0x355/0xb20 [ 315.798130] ? sysfs_remove_link_from_group+0x70/0x70 [ 315.803318] ? lock_downgrade+0x720/0x720 [ 315.807482] lo_ioctl+0xf7c/0x20e0 [ 315.811027] ? loop_set_status64+0x110/0x110 [ 315.815436] blkdev_ioctl+0x5cb/0x1a80 [ 315.819318] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.824674] ? blkpg_ioctl+0x9d0/0x9d0 [ 315.828559] ? mark_held_locks+0xf0/0xf0 [ 315.832603] ? mark_held_locks+0xf0/0xf0 [ 315.836649] ? debug_check_no_obj_freed+0x201/0x490 [ 315.841663] ? lock_downgrade+0x720/0x720 [ 315.845802] block_ioctl+0xe9/0x130 [ 315.849408] ? blkdev_fallocate+0x3f0/0x3f0 [ 315.853722] do_vfs_ioctl+0xcdb/0x12e0 [ 315.857602] ? lock_downgrade+0x720/0x720 [ 315.861742] ? check_preemption_disabled+0x41/0x280 [ 315.866747] ? ioctl_preallocate+0x200/0x200 [ 315.871152] ? __fget+0x356/0x510 [ 315.874605] ? do_dup2+0x450/0x450 [ 315.878136] ? do_sys_open+0x2bf/0x520 [ 315.882065] ksys_ioctl+0x9b/0xc0 [ 315.885517] __x64_sys_ioctl+0x6f/0xb0 [ 315.889395] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 315.894138] do_syscall_64+0xf9/0x620 [ 315.897943] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.903134] RIP: 0033:0x7f9bcb2f9fc7 [ 315.906841] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 315.925727] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 315.933421] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2f9fc7 [ 315.940671] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 315.947931] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 14:48:43 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) (async) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={r0}) sendmsg$SOCK_DESTROY(r2, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f00000000c0)={&(0x7f0000001b40)=ANY=[@ANYBLOB="841300001500100027bd7000fcdbdf250b80041001008f4435894df62e9937f6d98bcabf35ef2f6518c22112c5d13decdf039c5a9b85c30514dcd906dc1939f16ec45b778a373b124636866101871bf8f6fe2cdb728159ff99273c653850f01babe729bd2ddc2b261ff6a5c51fd8c4226d8d5d18edbe83651cbaa0cbaba6e8cb0396582ca396f0b7e5d4343f6d7ab5cf017595b0621874495157f901577baadc92da6dd37d09abb63fa57afe94565b9ce9125f831e8a6c62fc410c10c9b1d7d2c604e62b1e5d2e8241ef6815262e89f047f82c2e114280331ac97f24169f63bd84dc39ff9fc914ef4420e86f01910fee4c8b845d33fb13396cf9de7f52bad2dff90e087888eda94c1f2af911eb683b9d5c748d924c5f14d23fe6e992987201638534efec560a1e06939d5944fd3eba06cd7d0855c4090cf40127e595cd0d36ed8e4f6d834106127a3f07677d73abef58d7d68242fd46d3f3e87346145f0d3bcc20ff4613eeeb8ac154d5cdff4edb9f1885b199a76a8de3877d5fef3bddd945b1414554bf709cc6e00230c5d2f666b0963566bbbfcc8ef6773cc1faedf557f7bac7d4818bf542bc8af9a0e6924c1c4ee79c118c9ce99b8ab279d0fde61bab5bf9f85de492472c06f0a3ed280b038e8931cbc249e8becf8572d9c3a48041894eb91446a2b87ac53db3063e9e8ff9ac08a2a89648c730ca86048196ac9a9d64dd406af96fefd8149bf7cc490893034b5e4ca38e1d1fd54ee47d95a04dbc649cc63769ae94875f26c37690f4a0c76e357648678ede67bb7f67afaccacdf1ab9abce105db75542edc508591791e9bd23b6448534854c8cfce853b18e47dc445e8c957b03fea61e4b82fdc0a1f3d009a6c52490387b25c837d30c04aa1ccfb9886d278a45070ce9799f2fc4a9f72b40c1bc624b4de9fef4533a2dabddc36a1ec2f571e5b90dd45f608a13daec223fb75104feeb9f4b0f30d4e4156b236051fe33d38facfc5ceb97815c1a9a81f951dbfdfcdc9875675d150cb9122ab44b8d4b2ec598dc823eeec7faf876a460d0211fbf658502faaf705d0ef0f8f0b0040f60aa4899a7c166ac6d1db81c5a9fb9440f1f901c653c97d8e7a45769838d859d145da1e245089ba3b7d04d0266cfeb573eaed8c0e3096dda6cae05add401019b667d2f3fb24a18e7e30cf6faccf953acf83ba89096d8a39a84f4116bc7e70f87156a51a5d575cc1dcb5781aa56512f5692d808526cb3dd237c0f88a6ec2f4b1d6729bd0d77df2740966a284c35ea3e5ca39538da0f6ada534d7a38ef4232f343fc2430854742261e0f557aee1e22559a94cdb882ef5ded3db8ccafb8ab1f4d68209b1dc6fed00079edf970f952b7f3554fa8256beac686d39475c9d3f09985a72f604900f0edc16e66e16ac94527017ae3a63828ef483e3bb7b7526c32c41fbf768f2b11f25b136ec478d7a092ff1938d12598b25ac08b254615b8efb96a7e1afeb4cf3f923375cc5ba80351a8560e45d5fce0ce9e69a71780b0376a9e9107ef6fd39a7a055d34e576c0793611cdf9f12626f759c926d68bf49b6d4f0427b2fd73360fbf303dc7a11bceb38e2068604fbbcb5f1bdec747c972a9af5af45b3ce5a05f3b8efd45fc4325d846f1b6363bb200ce9e338665c592f88ce52308d2b959165f634927b6b01d31128291f6d42cb077b268b5c9dc8ea31ae7b92c7c65fe99f921532386edf3fb893bba606a9eff471ef5bfadff79f5c8b1c0f575a36f87bcedbcdfbfb0e1c3605d33a58e7df7b4d678dbd2945edadcc5b1910f16970891103de9281de1fd1c9dac41cb2d5854f3d7008b8e06b13d5a5433b88e32c3f341076cb4b535beb7bc22b6a2204371a2bc4a08fb9157b509909ac914ba3e05f3d359749b95cd50dd587f027926ebdb7ec2279ed5689d74b4cd81e477b969f615cd5aab6eb0af2b2fc33399acb7c7eebd7bc20d134264ebd816af456338371bb5f5849d6dbda4147a6b0fa9bfbc062adfa26b8479201e885b1058e12b861af2b7c1922f300e408d9f5da8afff77a21c6c7fb184cee00a21db413511527e4a78f65b321ac9584e3b85ea49fa9c820f8d9bbc9161f173cfd754116ffb11e2a69fa5bc5670cbf3377d26ba9c32da0d3b5fe1cc2b521686df1a8b4510ea9622e7c1713bb10ab96119d674f8ec2b2c8f2d48eca325ede67c177bcf2ac55a5c0a664c95cd14621e428ce6b1a7384db4b1d0fac74890bf82109ffc459b4098807620dd0759ebba520c82357667f77c33de0f55076ec70facb475059f19102664e559affb2e48b6c9f75ae8881391facc184c690f5eae8034211b6fb6550949529c61225cd87a86dc42e4a86194625758c4e08d29fbdb818e3c5c1dcb91fbbfd11a5aa732cf124f1ef3357bcd3097196a6197e8ecb8f7b92689c767541b42340d3e8bc9df59f2f7847e2037e97c6d03c4e0aeb2e946170d79d53705735f5cf3a9f7765aba716ce0ad806105d3a73748420398dccb67bd250f0f79ad32c9a31917fd161e193ad27ac56fbe85da9876236d2829bbfe21b363637f2af6651803d3d458fb8347869c474109f2f56fbab40114bc65053becdc1a21cc41f6ec8a5909433a55407274364d9f41c171cfa5e8843e0ef41891edd2c78cf66b6d123c29988b5a6517f6279cb027ca9662222cb551f1923dae93c23ec434d0a89832ec474a88feec3faa16bb533579dfc31bd91bab79960e13ee96e1661823f7fe48fc6d771186cad460736067174b9d29763a9474d6bcf5c9795a6df7a7ac67ea394f250ed2d457bda637646669c5b4f72a87b4feebd52d394591670639f969f84e98c1c04c0bfc54b86dd384cb2df9a17083090cbfb022560d25f5d600cc18cc263c9852ce5cf650ae5d96fd235f8d090aeb699290ba19728dcacf916acf8199d71fa9d8a1b7912017204c7ccbb1aab0d0bf12a065d3e6874fd8f89dcb00e15706cfb5c5f3bb5c0ab1925da80d693968a178bd33068e9a470cadd64cd46e5c5cb6d0907ea725d0755442e89c28a6dcd0560e575617a89351cb1c05832c4f36659cf787015c67ded37bb8345d16b1b75a4f7b2a0bfc59e9a3884ac64d63c576155e6c719c219a73157dca413372aa697e663078a15510ebd24337831d1b9c412c428651095a306ce0f7b20127ef0294fffdcb49e1271f3d570c54b7988785356b4c33d1079b5cf77a11b01833592ea1cb9cb0f01a953c89164083ff51c1173bb5336c42da270a5755152f6504d93637d5fcbd55f2b45635e319a616bd86eab6e1245d1f76d11c83e8dc80b2541f8b077b0634137eb9406a7a663e3dc641f2b71e003db2cca7ec3ea0f8acb9961e3c06b50e4e07f7c99c9827627eb76cb787167c224491c5302c9cb381ef189bbc92f426e53d040da6c0d1ce9707b65c0b439d31f869d23baf032bdad85763569d2f34961040f89bcdb16d0ab047c2661958a893d4a8747d36519a6c27be98558f354735cb46e0bfab15b314f35081de39de078bba9fc8f3fbca38d209efe7aad7b1fe6358f7d8429b97eef0a336864608879ad7dc4515c2e0035ee77dc7a7fd126748414467ef4aada970e610f3163067512ceac80a3801915010f989b0eb16ad5e40a1efd7d119971cd3d0bf73170cb14110712521cc28d70c03ec1a7e0c80833be1e168e94c0b4bfe55c98a4396fc4d79834613c8046f7aa59512e839b2f8e43ba427a1094a627cca323bc6ee82ca5226f83cf19690d644cfed4684f96beabc349011578be7227f499f2a8e4170736b3e2cdb369f05a5b537e0f8fee374720da6046de11b0a380f958a7bb3d0f52e577e864b65c616ec5719cc2ead1dffdfcf52b14a1c81eb8afbc098a70a0e0b7cc3eb820e166bc587d57b8b0767dbecba7506ae6d9a01e5d0ac9f1bf3fe1f6303fa0e279b5ad00934aa6a7b5ab8e7839cf7bfe1ea430641122cd9b6d72234051bc2888ca6bdc60400e520beeea0623688dad0cf931b30ab8d228d3254211cce06a2fe7a833830d13b59f40dcb82c09af61f46411e4c6f12f34804631040d2169405b8972e1539e0d76843786779a286e02aff45100703e299ac03cbe596d79b74101ff0e783e3e3616cd42f475b3bf35c009a0cf4ea4799552c8aa306ec9bb6e2d56325b46e7702b84f03327bab4095900e62b9330f5a0dcee62fb257272ca9c674b4c414ab93d7a2143e3673187d67135a6e3384897dbdd078ef313e9d548aa766e5cee39eae571ba788841a862299b80fb812774b2a696c58b73a221f1e27e7fe0248a6c76c3d94e3c879f45b5165f0333ea437dc537bc6e617752ba28b4dace59053b682c7737763c735ee95ba99945109ce57fd9e75af269835a23f32307066e25c7a22e434a7475b5f3c3418c7a5c89161c38b00837cc338f4a0f20906938daa2e1d535231f2f696ebe0d7e8cf28fb4e09eb9604849e80d929896a9fd2ee3157da1d1a3f1573f9bcfd55a671ee48c250c1d0cf650d8a8e30a4eeba7248a49d210b2216b67060613076cd84f91c4a1eb7548e9dba824eb694ccbcbf324ce31981b8cd0b13c988748b429a80ea258e0228ec652de606547c567a0d619b37c93a429b252b2a4402a06625b637f93f36ebf6f7267f75d0d65536a3026c0695f4f63c93591640c02ea449b029058390258e027039b1c1a44d2a6e442dc5407fbd7eb97a1a0de34fc2e0b2361249925b1cffa6ea70487e427f480c6e3fec91276d8fe317e4b3b3265b2ab1af9d8e1beca577054fe68c18c4d136634f4d4b972cb1b3e02ccca384453dd73e83ad8885a5fe536f94612394645eccbd6e0e24dd0491a187f4c7a19a1569bf3fb7d9eba128adcf00faf54dc5cc48012c012e62648881374ce3fa11a090578e8c0c37af556857fade3f478129a9b874c440b79f9b8d11f2b5d579c88e91ea822f0c465f362277e26e91bfd0edad658c3060e9722c6e45adf300705901576338ab9dd53954f748634737857cc47f709d437d1251eeec04aa01bb659d723e1fd987b25e430196a467af6fa2b3241fb65e5690d755bf5a14ea42172bcd9973c88b50e15c9b3c53da1ba24e0397bbc3c8a221e0c376c439b1f2ce8a791e9f89fa07cc16f46286593725925a530f2d2f7f0264e3bebbb603eab7bfbc0752c9ada8a9a0579aaeb1975fe0581809101f4b3b455c6a3628d6228b9eb7162738a71bd826029c03c8be71559b7fdfe25627493c01e4e1f70c2c118f902b7b1de9727d1393506845472a1a412299006f0aa51d5390833d0e40b5f8e60218fb92a9c32ca04f50b518a06eb488600ca17b7e5d1d12c3bba876e6222463cfcc7bbbfef661a7228986076b507530a66fd3dfd5569be5a3dd8a5847820984797e695e3bed34d0a11410f20b6e290abbfe8059201fc0f4b4a64461908ff4b026107c6ab68cac844190e121c18b4d5c3dc6b73501d3ede01ef56e42f7d3059e2cb6d7793debce742ed7e818ccb60b15b8f9e509feef65ef20bade830b087b4f63b8fb60a3df5bc3b8b29df9425bdb81ed37e97dc90706c806edde2ceb2e6f06196a7215fc6fe22bec5868c9b5aff1ae493cd9792d7b7eb3c883e3223289276e958b1663d4943278a4f01bf138b35493a57c7263fda1826012f8d18894d011f726ae53a376e2adb3ec63dbce215f65b3e34fd2f4922430c583e6b45c45968a1f271e21e95dbd5ed9f5a4f0660064c4430583b6cc527b8594180edfe364bab1c981cb3e62d333b7e87be3e1ac7d8a69e57065be2a71b01539bdbfd9f462a8c5fa87e595a9a4e1dba09d98802bc0916858d7c20a4313c0ec93a7b2f7d71ec7d04d4863f238c4a28a534e2fc0eb4f4e3700366937268bbba0001008d5643c543dad5c6bc7abea3a07b8cab517646f827c3d0f4f76d3091184a1ace2fec35bae94b395aa1a4999f3a89c60c5d3f453b7073cdf8228f84a69594ef88ab8577e09d1c028945dde4ef5880245d5e0ccf245fe1f751e3ffb98a4fefe274193930663b0c4eb74d8e1603e1616e3994840d764c0d446fd53de8d4c6573b3bc26495875d33e7b28410c5a599bb67253036bbdb2c642e647fbe9b1279866fa9be5d0472a6a4ecfc8b1347281b0399e600edfd89b3bf000093000100f02962504458de9648a8dc94eadbebe55efb6a5dc0d5e4b6fbda485e4fa59fa7c1f4210f038620ce6a5f4e4cdfecc37c2c5cc16c7938a73df33aa0b14c24ab9e5b3b360675b231e1c66d24eeaf416151229a17384d74eb27831728dfd7fd89df5a830b386a3a7bd8fa23d21b3e5bb44a9a18951c2f37b3e022b3147d74b0b6b6b7ef5e8ae8c8b29658af52cee87874005700010019fd0abf5a0cb3d22249f48bfa62c7158c3d525087034576c35f71bab8317fedfd5c6e125640ea5c90e7e93ad7a4d9afa9f03ba330c88943766daa289f1a8c0c131be907bc79c5ddb31fb787ad489dd26986f44d5b56a58a3cfb012ed8ed8b4dc3aca400c7000100e625617a468334f3a63fc96dcb2cd7a33a4858a81b2333010d70f399fa255b460ff5562de545663ab31dca46d725b62de74424ca402fb72977d628def9de3925923e0211fb811650ca5126a6cc1374984505fd1a5bf8b825544059a720cde487a2335c9a56fddf1b5088e7214fcb09b194fc2d1f3a5d63d9d393a5dd71c22ef4b892b8e386c74281c009551ac803574c24eec6ca950608ad3c876661d7a0c89c56eb99b4fd137ecc38b6fcec21ba8ab522ee32157c7c2896de40e49420bfbf3566ffec00f90001008432e34a37588d22003354a5d4c5e463d987dd8b6a2edd16a833efab77cc524f8c5dd4b59c546159b54b7735f323494a23114fe49b826e2b538153354c971ce70c862b2fad6a674d351444ef60bc655ae24b182519baeda71baac6e1b0a84178597d3808d062431bd64d9269a7a9fbc21050b2f85c357cd381ff8cef71667204a43b5643789dd4370bc572bab9df1bc271f613a35727bcc0610896015ce5b5ae08ff47933c019c17935cbfeb9b56bdb29931c4b639a6f597f3f8977dfb334790cf6eee3bc168ce9c7987daf3894e63502a68a367a8ef1bc9514b88360e3fb0ea2fc2061323c4733ab127cfbb73c5b0aefe2420dbd10000000000e8a83cafa39d15c9157d7b3a49890d2053097e14955a"], 0x1384}, 0x1, 0x0, 0x0, 0x8800}, 0x8810) 14:48:43 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 315.955182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 315.962440] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 316.018455] erofs: read_super, device -> /dev/loop5 [ 316.030073] erofs: options -> [ 316.037828] erofs: read_super, device -> /dev/loop1 [ 316.043689] erofs: blksize 1 isn't supported on this platform [ 316.052110] erofs: options -> [ 316.064200] erofs: cannot find valid erofs superblock [ 316.065248] erofs: read_super, device -> /dev/loop2 [ 316.074114] erofs: read_super, device -> /dev/loop3 [ 316.087421] erofs: read_super, device -> /dev/loop4 [ 316.093610] erofs: options -> [ 316.095974] erofs: options -> [ 316.100414] erofs: options -> [ 316.106527] erofs: root inode @ nid 0 [ 316.108274] erofs: root inode @ nid 36 14:48:44 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 316.110845] erofs: blksize 1 isn't supported on this platform [ 316.127499] erofs: bogus i_mode (0) @ nid 0 [ 316.127738] erofs: bogus i_mode (0) @ nid 36 14:48:44 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:44 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 13) 14:48:44 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 316.271877] erofs: read_super, device -> /dev/loop1 [ 316.281301] erofs: options -> [ 316.284866] erofs: cannot find valid erofs superblock [ 316.336394] FAULT_INJECTION: forcing a failure. [ 316.336394] name failslab, interval 1, probability 0, space 0, times 0 [ 316.347693] CPU: 0 PID: 22822 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 316.355559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 316.364904] Call Trace: [ 316.367488] dump_stack+0x1fc/0x2ef [ 316.371102] should_fail.cold+0xa/0xf [ 316.374894] ? setup_fault_attr+0x200/0x200 [ 316.379209] ? lock_acquire+0x170/0x3c0 [ 316.383177] __should_failslab+0x115/0x180 [ 316.387396] should_failslab+0x5/0x10 [ 316.391179] kmem_cache_alloc+0x277/0x370 [ 316.395311] __kernfs_new_node+0xd2/0x680 [ 316.399443] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 316.404182] ? kernfs_activate+0x2c/0x1d0 [ 316.408314] ? lock_downgrade+0x720/0x720 [ 316.412455] ? kernfs_add_one+0x51/0x4c0 [ 316.416508] ? mutex_trylock+0x1a0/0x1a0 [ 316.420621] ? __mutex_unlock_slowpath+0xea/0x610 [ 316.425458] kernfs_new_node+0x92/0x120 [ 316.429417] __kernfs_create_file+0x51/0x340 [ 316.433811] sysfs_add_file_mode_ns+0x226/0x540 [ 316.438466] internal_create_group+0x355/0xb20 [ 316.443033] ? sysfs_remove_link_from_group+0x70/0x70 [ 316.448204] ? lock_downgrade+0x720/0x720 [ 316.452355] lo_ioctl+0xf7c/0x20e0 [ 316.455881] ? loop_set_status64+0x110/0x110 [ 316.460271] blkdev_ioctl+0x5cb/0x1a80 [ 316.464143] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 316.469489] ? blkpg_ioctl+0x9d0/0x9d0 [ 316.473360] ? mark_held_locks+0xf0/0xf0 [ 316.477413] ? mark_held_locks+0xf0/0xf0 [ 316.481468] ? debug_check_no_obj_freed+0x201/0x490 [ 316.486467] ? lock_downgrade+0x720/0x720 [ 316.490604] block_ioctl+0xe9/0x130 [ 316.494227] ? blkdev_fallocate+0x3f0/0x3f0 [ 316.498540] do_vfs_ioctl+0xcdb/0x12e0 [ 316.502419] ? lock_downgrade+0x720/0x720 [ 316.506550] ? check_preemption_disabled+0x41/0x280 [ 316.511555] ? ioctl_preallocate+0x200/0x200 [ 316.515957] ? __fget+0x356/0x510 [ 316.519409] ? do_dup2+0x450/0x450 [ 316.522944] ? do_sys_open+0x2bf/0x520 [ 316.526818] ksys_ioctl+0x9b/0xc0 [ 316.530259] __x64_sys_ioctl+0x6f/0xb0 [ 316.534137] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 316.538702] do_syscall_64+0xf9/0x620 [ 316.542489] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 316.547661] RIP: 0033:0x7f9bcb2f9fc7 [ 316.551358] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 316.570256] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 316.577983] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2f9fc7 14:48:44 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:44 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={r0}) sendmsg$SOCK_DESTROY(r2, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f00000000c0)={&(0x7f0000001b40)=ANY=[@ANYBLOB="841300001500100027bd7000fcdbdf250b80041001008f4435894df62e9937f6d98bcabf35ef2f6518c22112c5d13decdf039c5a9b85c30514dcd906dc1939f16ec45b778a373b124636866101871bf8f6fe2cdb728159ff99273c653850f01babe729bd2ddc2b261ff6a5c51fd8c4226d8d5d18edbe83651cbaa0cbaba6e8cb0396582ca396f0b7e5d4343f6d7ab5cf017595b0621874495157f901577baadc92da6dd37d09abb63fa57afe94565b9ce9125f831e8a6c62fc410c10c9b1d7d2c604e62b1e5d2e8241ef6815262e89f047f82c2e114280331ac97f24169f63bd84dc39ff9fc914ef4420e86f01910fee4c8b845d33fb13396cf9de7f52bad2dff90e087888eda94c1f2af911eb683b9d5c748d924c5f14d23fe6e992987201638534efec560a1e06939d5944fd3eba06cd7d0855c4090cf40127e595cd0d36ed8e4f6d834106127a3f07677d73abef58d7d68242fd46d3f3e87346145f0d3bcc20ff4613eeeb8ac154d5cdff4edb9f1885b199a76a8de3877d5fef3bddd945b1414554bf709cc6e00230c5d2f666b0963566bbbfcc8ef6773cc1faedf557f7bac7d4818bf542bc8af9a0e6924c1c4ee79c118c9ce99b8ab279d0fde61bab5bf9f85de492472c06f0a3ed280b038e8931cbc249e8becf8572d9c3a48041894eb91446a2b87ac53db3063e9e8ff9ac08a2a89648c730ca86048196ac9a9d64dd406af96fefd8149bf7cc490893034b5e4ca38e1d1fd54ee47d95a04dbc649cc63769ae94875f26c37690f4a0c76e357648678ede67bb7f67afaccacdf1ab9abce105db75542edc508591791e9bd23b6448534854c8cfce853b18e47dc445e8c957b03fea61e4b82fdc0a1f3d009a6c52490387b25c837d30c04aa1ccfb9886d278a45070ce9799f2fc4a9f72b40c1bc624b4de9fef4533a2dabddc36a1ec2f571e5b90dd45f608a13daec223fb75104feeb9f4b0f30d4e4156b236051fe33d38facfc5ceb97815c1a9a81f951dbfdfcdc9875675d150cb9122ab44b8d4b2ec598dc823eeec7faf876a460d0211fbf658502faaf705d0ef0f8f0b0040f60aa4899a7c166ac6d1db81c5a9fb9440f1f901c653c97d8e7a45769838d859d145da1e245089ba3b7d04d0266cfeb573eaed8c0e3096dda6cae05add401019b667d2f3fb24a18e7e30cf6faccf953acf83ba89096d8a39a84f4116bc7e70f87156a51a5d575cc1dcb5781aa56512f5692d808526cb3dd237c0f88a6ec2f4b1d6729bd0d77df2740966a284c35ea3e5ca39538da0f6ada534d7a38ef4232f343fc2430854742261e0f557aee1e22559a94cdb882ef5ded3db8ccafb8ab1f4d68209b1dc6fed00079edf970f952b7f3554fa8256beac686d39475c9d3f09985a72f604900f0edc16e66e16ac94527017ae3a63828ef483e3bb7b7526c32c41fbf768f2b11f25b136ec478d7a092ff1938d12598b25ac08b254615b8efb96a7e1afeb4cf3f923375cc5ba80351a8560e45d5fce0ce9e69a71780b0376a9e9107ef6fd39a7a055d34e576c0793611cdf9f12626f759c926d68bf49b6d4f0427b2fd73360fbf303dc7a11bceb38e2068604fbbcb5f1bdec747c972a9af5af45b3ce5a05f3b8efd45fc4325d846f1b6363bb200ce9e338665c592f88ce52308d2b959165f634927b6b01d31128291f6d42cb077b268b5c9dc8ea31ae7b92c7c65fe99f921532386edf3fb893bba606a9eff471ef5bfadff79f5c8b1c0f575a36f87bcedbcdfbfb0e1c3605d33a58e7df7b4d678dbd2945edadcc5b1910f16970891103de9281de1fd1c9dac41cb2d5854f3d7008b8e06b13d5a5433b88e32c3f341076cb4b535beb7bc22b6a2204371a2bc4a08fb9157b509909ac914ba3e05f3d359749b95cd50dd587f027926ebdb7ec2279ed5689d74b4cd81e477b969f615cd5aab6eb0af2b2fc33399acb7c7eebd7bc20d134264ebd816af456338371bb5f5849d6dbda4147a6b0fa9bfbc062adfa26b8479201e885b1058e12b861af2b7c1922f300e408d9f5da8afff77a21c6c7fb184cee00a21db413511527e4a78f65b321ac9584e3b85ea49fa9c820f8d9bbc9161f173cfd754116ffb11e2a69fa5bc5670cbf3377d26ba9c32da0d3b5fe1cc2b521686df1a8b4510ea9622e7c1713bb10ab96119d674f8ec2b2c8f2d48eca325ede67c177bcf2ac55a5c0a664c95cd14621e428ce6b1a7384db4b1d0fac74890bf82109ffc459b4098807620dd0759ebba520c82357667f77c33de0f55076ec70facb475059f19102664e559affb2e48b6c9f75ae8881391facc184c690f5eae8034211b6fb6550949529c61225cd87a86dc42e4a86194625758c4e08d29fbdb818e3c5c1dcb91fbbfd11a5aa732cf124f1ef3357bcd3097196a6197e8ecb8f7b92689c767541b42340d3e8bc9df59f2f7847e2037e97c6d03c4e0aeb2e946170d79d53705735f5cf3a9f7765aba716ce0ad806105d3a73748420398dccb67bd250f0f79ad32c9a31917fd161e193ad27ac56fbe85da9876236d2829bbfe21b363637f2af6651803d3d458fb8347869c474109f2f56fbab40114bc65053becdc1a21cc41f6ec8a5909433a55407274364d9f41c171cfa5e8843e0ef41891edd2c78cf66b6d123c29988b5a6517f6279cb027ca9662222cb551f1923dae93c23ec434d0a89832ec474a88feec3faa16bb533579dfc31bd91bab79960e13ee96e1661823f7fe48fc6d771186cad460736067174b9d29763a9474d6bcf5c9795a6df7a7ac67ea394f250ed2d457bda637646669c5b4f72a87b4feebd52d394591670639f969f84e98c1c04c0bfc54b86dd384cb2df9a17083090cbfb022560d25f5d600cc18cc263c9852ce5cf650ae5d96fd235f8d090aeb699290ba19728dcacf916acf8199d71fa9d8a1b7912017204c7ccbb1aab0d0bf12a065d3e6874fd8f89dcb00e15706cfb5c5f3bb5c0ab1925da80d693968a178bd33068e9a470cadd64cd46e5c5cb6d0907ea725d0755442e89c28a6dcd0560e575617a89351cb1c05832c4f36659cf787015c67ded37bb8345d16b1b75a4f7b2a0bfc59e9a3884ac64d63c576155e6c719c219a73157dca413372aa697e663078a15510ebd24337831d1b9c412c428651095a306ce0f7b20127ef0294fffdcb49e1271f3d570c54b7988785356b4c33d1079b5cf77a11b01833592ea1cb9cb0f01a953c89164083ff51c1173bb5336c42da270a5755152f6504d93637d5fcbd55f2b45635e319a616bd86eab6e1245d1f76d11c83e8dc80b2541f8b077b0634137eb9406a7a663e3dc641f2b71e003db2cca7ec3ea0f8acb9961e3c06b50e4e07f7c99c9827627eb76cb787167c224491c5302c9cb381ef189bbc92f426e53d040da6c0d1ce9707b65c0b439d31f869d23baf032bdad85763569d2f34961040f89bcdb16d0ab047c2661958a893d4a8747d36519a6c27be98558f354735cb46e0bfab15b314f35081de39de078bba9fc8f3fbca38d209efe7aad7b1fe6358f7d8429b97eef0a336864608879ad7dc4515c2e0035ee77dc7a7fd126748414467ef4aada970e610f3163067512ceac80a3801915010f989b0eb16ad5e40a1efd7d119971cd3d0bf73170cb14110712521cc28d70c03ec1a7e0c80833be1e168e94c0b4bfe55c98a4396fc4d79834613c8046f7aa59512e839b2f8e43ba427a1094a627cca323bc6ee82ca5226f83cf19690d644cfed4684f96beabc349011578be7227f499f2a8e4170736b3e2cdb369f05a5b537e0f8fee374720da6046de11b0a380f958a7bb3d0f52e577e864b65c616ec5719cc2ead1dffdfcf52b14a1c81eb8afbc098a70a0e0b7cc3eb820e166bc587d57b8b0767dbecba7506ae6d9a01e5d0ac9f1bf3fe1f6303fa0e279b5ad00934aa6a7b5ab8e7839cf7bfe1ea430641122cd9b6d72234051bc2888ca6bdc60400e520beeea0623688dad0cf931b30ab8d228d3254211cce06a2fe7a833830d13b59f40dcb82c09af61f46411e4c6f12f34804631040d2169405b8972e1539e0d76843786779a286e02aff45100703e299ac03cbe596d79b74101ff0e783e3e3616cd42f475b3bf35c009a0cf4ea4799552c8aa306ec9bb6e2d56325b46e7702b84f03327bab4095900e62b9330f5a0dcee62fb257272ca9c674b4c414ab93d7a2143e3673187d67135a6e3384897dbdd078ef313e9d548aa766e5cee39eae571ba788841a862299b80fb812774b2a696c58b73a221f1e27e7fe0248a6c76c3d94e3c879f45b5165f0333ea437dc537bc6e617752ba28b4dace59053b682c7737763c735ee95ba99945109ce57fd9e75af269835a23f32307066e25c7a22e434a7475b5f3c3418c7a5c89161c38b00837cc338f4a0f20906938daa2e1d535231f2f696ebe0d7e8cf28fb4e09eb9604849e80d929896a9fd2ee3157da1d1a3f1573f9bcfd55a671ee48c250c1d0cf650d8a8e30a4eeba7248a49d210b2216b67060613076cd84f91c4a1eb7548e9dba824eb694ccbcbf324ce31981b8cd0b13c988748b429a80ea258e0228ec652de606547c567a0d619b37c93a429b252b2a4402a06625b637f93f36ebf6f7267f75d0d65536a3026c0695f4f63c93591640c02ea449b029058390258e027039b1c1a44d2a6e442dc5407fbd7eb97a1a0de34fc2e0b2361249925b1cffa6ea70487e427f480c6e3fec91276d8fe317e4b3b3265b2ab1af9d8e1beca577054fe68c18c4d136634f4d4b972cb1b3e02ccca384453dd73e83ad8885a5fe536f94612394645eccbd6e0e24dd0491a187f4c7a19a1569bf3fb7d9eba128adcf00faf54dc5cc48012c012e62648881374ce3fa11a090578e8c0c37af556857fade3f478129a9b874c440b79f9b8d11f2b5d579c88e91ea822f0c465f362277e26e91bfd0edad658c3060e9722c6e45adf300705901576338ab9dd53954f748634737857cc47f709d437d1251eeec04aa01bb659d723e1fd987b25e430196a467af6fa2b3241fb65e5690d755bf5a14ea42172bcd9973c88b50e15c9b3c53da1ba24e0397bbc3c8a221e0c376c439b1f2ce8a791e9f89fa07cc16f46286593725925a530f2d2f7f0264e3bebbb603eab7bfbc0752c9ada8a9a0579aaeb1975fe0581809101f4b3b455c6a3628d6228b9eb7162738a71bd826029c03c8be71559b7fdfe25627493c01e4e1f70c2c118f902b7b1de9727d1393506845472a1a412299006f0aa51d5390833d0e40b5f8e60218fb92a9c32ca04f50b518a06eb488600ca17b7e5d1d12c3bba876e6222463cfcc7bbbfef661a7228986076b507530a66fd3dfd5569be5a3dd8a5847820984797e695e3bed34d0a11410f20b6e290abbfe8059201fc0f4b4a64461908ff4b026107c6ab68cac844190e121c18b4d5c3dc6b73501d3ede01ef56e42f7d3059e2cb6d7793debce742ed7e818ccb60b15b8f9e509feef65ef20bade830b087b4f63b8fb60a3df5bc3b8b29df9425bdb81ed37e97dc90706c806edde2ceb2e6f06196a7215fc6fe22bec5868c9b5aff1ae493cd9792d7b7eb3c883e3223289276e958b1663d4943278a4f01bf138b35493a57c7263fda1826012f8d18894d011f726ae53a376e2adb3ec63dbce215f65b3e34fd2f4922430c583e6b45c45968a1f271e21e95dbd5ed9f5a4f0660064c4430583b6cc527b8594180edfe364bab1c981cb3e62d333b7e87be3e1ac7d8a69e57065be2a71b01539bdbfd9f462a8c5fa87e595a9a4e1dba09d98802bc0916858d7c20a4313c0ec93a7b2f7d71ec7d04d4863f238c4a28a534e2fc0eb4f4e3700366937268bbba0001008d5643c543dad5c6bc7abea3a07b8cab517646f827c3d0f4f76d3091184a1ace2fec35bae94b395aa1a4999f3a89c60c5d3f453b7073cdf8228f84a69594ef88ab8577e09d1c028945dde4ef5880245d5e0ccf245fe1f751e3ffb98a4fefe274193930663b0c4eb74d8e1603e1616e3994840d764c0d446fd53de8d4c6573b3bc26495875d33e7b28410c5a599bb67253036bbdb2c642e647fbe9b1279866fa9be5d0472a6a4ecfc8b1347281b0399e600edfd89b3bf000093000100f02962504458de9648a8dc94eadbebe55efb6a5dc0d5e4b6fbda485e4fa59fa7c1f4210f038620ce6a5f4e4cdfecc37c2c5cc16c7938a73df33aa0b14c24ab9e5b3b360675b231e1c66d24eeaf416151229a17384d74eb27831728dfd7fd89df5a830b386a3a7bd8fa23d21b3e5bb44a9a18951c2f37b3e022b3147d74b0b6b6b7ef5e8ae8c8b29658af52cee87874005700010019fd0abf5a0cb3d22249f48bfa62c7158c3d525087034576c35f71bab8317fedfd5c6e125640ea5c90e7e93ad7a4d9afa9f03ba330c88943766daa289f1a8c0c131be907bc79c5ddb31fb787ad489dd26986f44d5b56a58a3cfb012ed8ed8b4dc3aca400c7000100e625617a468334f3a63fc96dcb2cd7a33a4858a81b2333010d70f399fa255b460ff5562de545663ab31dca46d725b62de74424ca402fb72977d628def9de3925923e0211fb811650ca5126a6cc1374984505fd1a5bf8b825544059a720cde487a2335c9a56fddf1b5088e7214fcb09b194fc2d1f3a5d63d9d393a5dd71c22ef4b892b8e386c74281c009551ac803574c24eec6ca950608ad3c876661d7a0c89c56eb99b4fd137ecc38b6fcec21ba8ab522ee32157c7c2896de40e49420bfbf3566ffec00f90001008432e34a37588d22003354a5d4c5e463d987dd8b6a2edd16a833efab77cc524f8c5dd4b59c546159b54b7735f323494a23114fe49b826e2b538153354c971ce70c862b2fad6a674d351444ef60bc655ae24b182519baeda71baac6e1b0a84178597d3808d062431bd64d9269a7a9fbc21050b2f85c357cd381ff8cef71667204a43b5643789dd4370bc572bab9df1bc271f613a35727bcc0610896015ce5b5ae08ff47933c019c17935cbfeb9b56bdb29931c4b639a6f597f3f8977dfb334790cf6eee3bc168ce9c7987daf3894e63502a68a367a8ef1bc9514b88360e3fb0ea2fc2061323c4733ab127cfbb73c5b0aefe2420dbd10000000000e8a83cafa39d15c9157d7b3a49890d2053097e14955a"], 0x1384}, 0x1, 0x0, 0x0, 0x8800}, 0x8810) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) (async) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={r0}) (async) sendmsg$SOCK_DESTROY(r2, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f00000000c0)={&(0x7f0000001b40)=ANY=[@ANYBLOB="841300001500100027bd7000fcdbdf250b80041001008f4435894df62e9937f6d98bcabf35ef2f6518c22112c5d13decdf039c5a9b85c30514dcd906dc1939f16ec45b778a373b124636866101871bf8f6fe2cdb728159ff99273c653850f01babe729bd2ddc2b261ff6a5c51fd8c4226d8d5d18edbe83651cbaa0cbaba6e8cb0396582ca396f0b7e5d4343f6d7ab5cf017595b0621874495157f901577baadc92da6dd37d09abb63fa57afe94565b9ce9125f831e8a6c62fc410c10c9b1d7d2c604e62b1e5d2e8241ef6815262e89f047f82c2e114280331ac97f24169f63bd84dc39ff9fc914ef4420e86f01910fee4c8b845d33fb13396cf9de7f52bad2dff90e087888eda94c1f2af911eb683b9d5c748d924c5f14d23fe6e992987201638534efec560a1e06939d5944fd3eba06cd7d0855c4090cf40127e595cd0d36ed8e4f6d834106127a3f07677d73abef58d7d68242fd46d3f3e87346145f0d3bcc20ff4613eeeb8ac154d5cdff4edb9f1885b199a76a8de3877d5fef3bddd945b1414554bf709cc6e00230c5d2f666b0963566bbbfcc8ef6773cc1faedf557f7bac7d4818bf542bc8af9a0e6924c1c4ee79c118c9ce99b8ab279d0fde61bab5bf9f85de492472c06f0a3ed280b038e8931cbc249e8becf8572d9c3a48041894eb91446a2b87ac53db3063e9e8ff9ac08a2a89648c730ca86048196ac9a9d64dd406af96fefd8149bf7cc490893034b5e4ca38e1d1fd54ee47d95a04dbc649cc63769ae94875f26c37690f4a0c76e357648678ede67bb7f67afaccacdf1ab9abce105db75542edc508591791e9bd23b6448534854c8cfce853b18e47dc445e8c957b03fea61e4b82fdc0a1f3d009a6c52490387b25c837d30c04aa1ccfb9886d278a45070ce9799f2fc4a9f72b40c1bc624b4de9fef4533a2dabddc36a1ec2f571e5b90dd45f608a13daec223fb75104feeb9f4b0f30d4e4156b236051fe33d38facfc5ceb97815c1a9a81f951dbfdfcdc9875675d150cb9122ab44b8d4b2ec598dc823eeec7faf876a460d0211fbf658502faaf705d0ef0f8f0b0040f60aa4899a7c166ac6d1db81c5a9fb9440f1f901c653c97d8e7a45769838d859d145da1e245089ba3b7d04d0266cfeb573eaed8c0e3096dda6cae05add401019b667d2f3fb24a18e7e30cf6faccf953acf83ba89096d8a39a84f4116bc7e70f87156a51a5d575cc1dcb5781aa56512f5692d808526cb3dd237c0f88a6ec2f4b1d6729bd0d77df2740966a284c35ea3e5ca39538da0f6ada534d7a38ef4232f343fc2430854742261e0f557aee1e22559a94cdb882ef5ded3db8ccafb8ab1f4d68209b1dc6fed00079edf970f952b7f3554fa8256beac686d39475c9d3f09985a72f604900f0edc16e66e16ac94527017ae3a63828ef483e3bb7b7526c32c41fbf768f2b11f25b136ec478d7a092ff1938d12598b25ac08b254615b8efb96a7e1afeb4cf3f923375cc5ba80351a8560e45d5fce0ce9e69a71780b0376a9e9107ef6fd39a7a055d34e576c0793611cdf9f12626f759c926d68bf49b6d4f0427b2fd73360fbf303dc7a11bceb38e2068604fbbcb5f1bdec747c972a9af5af45b3ce5a05f3b8efd45fc4325d846f1b6363bb200ce9e338665c592f88ce52308d2b959165f634927b6b01d31128291f6d42cb077b268b5c9dc8ea31ae7b92c7c65fe99f921532386edf3fb893bba606a9eff471ef5bfadff79f5c8b1c0f575a36f87bcedbcdfbfb0e1c3605d33a58e7df7b4d678dbd2945edadcc5b1910f16970891103de9281de1fd1c9dac41cb2d5854f3d7008b8e06b13d5a5433b88e32c3f341076cb4b535beb7bc22b6a2204371a2bc4a08fb9157b509909ac914ba3e05f3d359749b95cd50dd587f027926ebdb7ec2279ed5689d74b4cd81e477b969f615cd5aab6eb0af2b2fc33399acb7c7eebd7bc20d134264ebd816af456338371bb5f5849d6dbda4147a6b0fa9bfbc062adfa26b8479201e885b1058e12b861af2b7c1922f300e408d9f5da8afff77a21c6c7fb184cee00a21db413511527e4a78f65b321ac9584e3b85ea49fa9c820f8d9bbc9161f173cfd754116ffb11e2a69fa5bc5670cbf3377d26ba9c32da0d3b5fe1cc2b521686df1a8b4510ea9622e7c1713bb10ab96119d674f8ec2b2c8f2d48eca325ede67c177bcf2ac55a5c0a664c95cd14621e428ce6b1a7384db4b1d0fac74890bf82109ffc459b4098807620dd0759ebba520c82357667f77c33de0f55076ec70facb475059f19102664e559affb2e48b6c9f75ae8881391facc184c690f5eae8034211b6fb6550949529c61225cd87a86dc42e4a86194625758c4e08d29fbdb818e3c5c1dcb91fbbfd11a5aa732cf124f1ef3357bcd3097196a6197e8ecb8f7b92689c767541b42340d3e8bc9df59f2f7847e2037e97c6d03c4e0aeb2e946170d79d53705735f5cf3a9f7765aba716ce0ad806105d3a73748420398dccb67bd250f0f79ad32c9a31917fd161e193ad27ac56fbe85da9876236d2829bbfe21b363637f2af6651803d3d458fb8347869c474109f2f56fbab40114bc65053becdc1a21cc41f6ec8a5909433a55407274364d9f41c171cfa5e8843e0ef41891edd2c78cf66b6d123c29988b5a6517f6279cb027ca9662222cb551f1923dae93c23ec434d0a89832ec474a88feec3faa16bb533579dfc31bd91bab79960e13ee96e1661823f7fe48fc6d771186cad460736067174b9d29763a9474d6bcf5c9795a6df7a7ac67ea394f250ed2d457bda637646669c5b4f72a87b4feebd52d394591670639f969f84e98c1c04c0bfc54b86dd384cb2df9a17083090cbfb022560d25f5d600cc18cc263c9852ce5cf650ae5d96fd235f8d090aeb699290ba19728dcacf916acf8199d71fa9d8a1b7912017204c7ccbb1aab0d0bf12a065d3e6874fd8f89dcb00e15706cfb5c5f3bb5c0ab1925da80d693968a178bd33068e9a470cadd64cd46e5c5cb6d0907ea725d0755442e89c28a6dcd0560e575617a89351cb1c05832c4f36659cf787015c67ded37bb8345d16b1b75a4f7b2a0bfc59e9a3884ac64d63c576155e6c719c219a73157dca413372aa697e663078a15510ebd24337831d1b9c412c428651095a306ce0f7b20127ef0294fffdcb49e1271f3d570c54b7988785356b4c33d1079b5cf77a11b01833592ea1cb9cb0f01a953c89164083ff51c1173bb5336c42da270a5755152f6504d93637d5fcbd55f2b45635e319a616bd86eab6e1245d1f76d11c83e8dc80b2541f8b077b0634137eb9406a7a663e3dc641f2b71e003db2cca7ec3ea0f8acb9961e3c06b50e4e07f7c99c9827627eb76cb787167c224491c5302c9cb381ef189bbc92f426e53d040da6c0d1ce9707b65c0b439d31f869d23baf032bdad85763569d2f34961040f89bcdb16d0ab047c2661958a893d4a8747d36519a6c27be98558f354735cb46e0bfab15b314f35081de39de078bba9fc8f3fbca38d209efe7aad7b1fe6358f7d8429b97eef0a336864608879ad7dc4515c2e0035ee77dc7a7fd126748414467ef4aada970e610f3163067512ceac80a3801915010f989b0eb16ad5e40a1efd7d119971cd3d0bf73170cb14110712521cc28d70c03ec1a7e0c80833be1e168e94c0b4bfe55c98a4396fc4d79834613c8046f7aa59512e839b2f8e43ba427a1094a627cca323bc6ee82ca5226f83cf19690d644cfed4684f96beabc349011578be7227f499f2a8e4170736b3e2cdb369f05a5b537e0f8fee374720da6046de11b0a380f958a7bb3d0f52e577e864b65c616ec5719cc2ead1dffdfcf52b14a1c81eb8afbc098a70a0e0b7cc3eb820e166bc587d57b8b0767dbecba7506ae6d9a01e5d0ac9f1bf3fe1f6303fa0e279b5ad00934aa6a7b5ab8e7839cf7bfe1ea430641122cd9b6d72234051bc2888ca6bdc60400e520beeea0623688dad0cf931b30ab8d228d3254211cce06a2fe7a833830d13b59f40dcb82c09af61f46411e4c6f12f34804631040d2169405b8972e1539e0d76843786779a286e02aff45100703e299ac03cbe596d79b74101ff0e783e3e3616cd42f475b3bf35c009a0cf4ea4799552c8aa306ec9bb6e2d56325b46e7702b84f03327bab4095900e62b9330f5a0dcee62fb257272ca9c674b4c414ab93d7a2143e3673187d67135a6e3384897dbdd078ef313e9d548aa766e5cee39eae571ba788841a862299b80fb812774b2a696c58b73a221f1e27e7fe0248a6c76c3d94e3c879f45b5165f0333ea437dc537bc6e617752ba28b4dace59053b682c7737763c735ee95ba99945109ce57fd9e75af269835a23f32307066e25c7a22e434a7475b5f3c3418c7a5c89161c38b00837cc338f4a0f20906938daa2e1d535231f2f696ebe0d7e8cf28fb4e09eb9604849e80d929896a9fd2ee3157da1d1a3f1573f9bcfd55a671ee48c250c1d0cf650d8a8e30a4eeba7248a49d210b2216b67060613076cd84f91c4a1eb7548e9dba824eb694ccbcbf324ce31981b8cd0b13c988748b429a80ea258e0228ec652de606547c567a0d619b37c93a429b252b2a4402a06625b637f93f36ebf6f7267f75d0d65536a3026c0695f4f63c93591640c02ea449b029058390258e027039b1c1a44d2a6e442dc5407fbd7eb97a1a0de34fc2e0b2361249925b1cffa6ea70487e427f480c6e3fec91276d8fe317e4b3b3265b2ab1af9d8e1beca577054fe68c18c4d136634f4d4b972cb1b3e02ccca384453dd73e83ad8885a5fe536f94612394645eccbd6e0e24dd0491a187f4c7a19a1569bf3fb7d9eba128adcf00faf54dc5cc48012c012e62648881374ce3fa11a090578e8c0c37af556857fade3f478129a9b874c440b79f9b8d11f2b5d579c88e91ea822f0c465f362277e26e91bfd0edad658c3060e9722c6e45adf300705901576338ab9dd53954f748634737857cc47f709d437d1251eeec04aa01bb659d723e1fd987b25e430196a467af6fa2b3241fb65e5690d755bf5a14ea42172bcd9973c88b50e15c9b3c53da1ba24e0397bbc3c8a221e0c376c439b1f2ce8a791e9f89fa07cc16f46286593725925a530f2d2f7f0264e3bebbb603eab7bfbc0752c9ada8a9a0579aaeb1975fe0581809101f4b3b455c6a3628d6228b9eb7162738a71bd826029c03c8be71559b7fdfe25627493c01e4e1f70c2c118f902b7b1de9727d1393506845472a1a412299006f0aa51d5390833d0e40b5f8e60218fb92a9c32ca04f50b518a06eb488600ca17b7e5d1d12c3bba876e6222463cfcc7bbbfef661a7228986076b507530a66fd3dfd5569be5a3dd8a5847820984797e695e3bed34d0a11410f20b6e290abbfe8059201fc0f4b4a64461908ff4b026107c6ab68cac844190e121c18b4d5c3dc6b73501d3ede01ef56e42f7d3059e2cb6d7793debce742ed7e818ccb60b15b8f9e509feef65ef20bade830b087b4f63b8fb60a3df5bc3b8b29df9425bdb81ed37e97dc90706c806edde2ceb2e6f06196a7215fc6fe22bec5868c9b5aff1ae493cd9792d7b7eb3c883e3223289276e958b1663d4943278a4f01bf138b35493a57c7263fda1826012f8d18894d011f726ae53a376e2adb3ec63dbce215f65b3e34fd2f4922430c583e6b45c45968a1f271e21e95dbd5ed9f5a4f0660064c4430583b6cc527b8594180edfe364bab1c981cb3e62d333b7e87be3e1ac7d8a69e57065be2a71b01539bdbfd9f462a8c5fa87e595a9a4e1dba09d98802bc0916858d7c20a4313c0ec93a7b2f7d71ec7d04d4863f238c4a28a534e2fc0eb4f4e3700366937268bbba0001008d5643c543dad5c6bc7abea3a07b8cab517646f827c3d0f4f76d3091184a1ace2fec35bae94b395aa1a4999f3a89c60c5d3f453b7073cdf8228f84a69594ef88ab8577e09d1c028945dde4ef5880245d5e0ccf245fe1f751e3ffb98a4fefe274193930663b0c4eb74d8e1603e1616e3994840d764c0d446fd53de8d4c6573b3bc26495875d33e7b28410c5a599bb67253036bbdb2c642e647fbe9b1279866fa9be5d0472a6a4ecfc8b1347281b0399e600edfd89b3bf000093000100f02962504458de9648a8dc94eadbebe55efb6a5dc0d5e4b6fbda485e4fa59fa7c1f4210f038620ce6a5f4e4cdfecc37c2c5cc16c7938a73df33aa0b14c24ab9e5b3b360675b231e1c66d24eeaf416151229a17384d74eb27831728dfd7fd89df5a830b386a3a7bd8fa23d21b3e5bb44a9a18951c2f37b3e022b3147d74b0b6b6b7ef5e8ae8c8b29658af52cee87874005700010019fd0abf5a0cb3d22249f48bfa62c7158c3d525087034576c35f71bab8317fedfd5c6e125640ea5c90e7e93ad7a4d9afa9f03ba330c88943766daa289f1a8c0c131be907bc79c5ddb31fb787ad489dd26986f44d5b56a58a3cfb012ed8ed8b4dc3aca400c7000100e625617a468334f3a63fc96dcb2cd7a33a4858a81b2333010d70f399fa255b460ff5562de545663ab31dca46d725b62de74424ca402fb72977d628def9de3925923e0211fb811650ca5126a6cc1374984505fd1a5bf8b825544059a720cde487a2335c9a56fddf1b5088e7214fcb09b194fc2d1f3a5d63d9d393a5dd71c22ef4b892b8e386c74281c009551ac803574c24eec6ca950608ad3c876661d7a0c89c56eb99b4fd137ecc38b6fcec21ba8ab522ee32157c7c2896de40e49420bfbf3566ffec00f90001008432e34a37588d22003354a5d4c5e463d987dd8b6a2edd16a833efab77cc524f8c5dd4b59c546159b54b7735f323494a23114fe49b826e2b538153354c971ce70c862b2fad6a674d351444ef60bc655ae24b182519baeda71baac6e1b0a84178597d3808d062431bd64d9269a7a9fbc21050b2f85c357cd381ff8cef71667204a43b5643789dd4370bc572bab9df1bc271f613a35727bcc0610896015ce5b5ae08ff47933c019c17935cbfeb9b56bdb29931c4b639a6f597f3f8977dfb334790cf6eee3bc168ce9c7987daf3894e63502a68a367a8ef1bc9514b88360e3fb0ea2fc2061323c4733ab127cfbb73c5b0aefe2420dbd10000000000e8a83cafa39d15c9157d7b3a49890d2053097e14955a"], 0x1384}, 0x1, 0x0, 0x0, 0x8800}, 0x8810) (async) 14:48:44 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 316.585248] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 316.592504] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 [ 316.599780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 316.607040] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 316.663019] erofs: read_super, device -> /dev/loop4 [ 316.668064] erofs: options -> [ 316.673865] erofs: read_super, device -> /dev/loop5 [ 316.678897] erofs: options -> [ 316.680033] erofs: root inode @ nid 0 [ 316.686848] erofs: bogus i_mode (0) @ nid 0 [ 316.694123] erofs: blksize 1 isn't supported on this platform [ 316.716223] erofs: read_super, device -> /dev/loop2 [ 316.728558] erofs: options -> [ 316.732611] erofs: blksize 1 isn't supported on this platform [ 316.752810] misc userio: Begin command sent, but we're already running 14:48:44 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e01000000", 0xc, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:44 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 14) 14:48:44 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 316.828269] erofs: read_super, device -> /dev/loop1 [ 316.833699] erofs: options -> [ 316.862022] erofs: cannot find valid erofs superblock [ 316.882228] erofs: read_super, device -> /dev/loop3 [ 316.887364] erofs: options -> [ 316.890683] erofs: cannot find valid erofs superblock 14:48:44 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0) 14:48:44 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 316.981181] erofs: read_super, device -> /dev/loop2 [ 316.986226] erofs: options -> [ 316.989874] erofs: read_super, device -> /dev/loop4 [ 316.997652] erofs: options -> [ 317.001036] FAULT_INJECTION: forcing a failure. [ 317.001036] name failslab, interval 1, probability 0, space 0, times 0 [ 317.011878] erofs: blksize 1 isn't supported on this platform [ 317.019102] CPU: 0 PID: 22863 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 317.027013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 317.028703] erofs: root inode @ nid 0 [ 317.036505] Call Trace: [ 317.036528] dump_stack+0x1fc/0x2ef [ 317.036549] should_fail.cold+0xa/0xf [ 317.036567] ? setup_fault_attr+0x200/0x200 [ 317.036581] ? lock_acquire+0x170/0x3c0 [ 317.036600] __should_failslab+0x115/0x180 [ 317.036616] should_failslab+0x5/0x10 [ 317.036628] kmem_cache_alloc+0x277/0x370 [ 317.036645] __kernfs_new_node+0xd2/0x680 [ 317.046661] erofs: bogus i_mode (0) @ nid 0 [ 317.050417] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 317.050434] ? kernfs_activate+0x2c/0x1d0 [ 317.050451] ? lock_downgrade+0x720/0x720 [ 317.050464] ? kernfs_add_one+0x51/0x4c0 [ 317.050480] ? mutex_trylock+0x1a0/0x1a0 [ 317.100429] ? __mutex_unlock_slowpath+0xea/0x610 [ 317.105275] kernfs_new_node+0x92/0x120 [ 317.109240] __kernfs_create_file+0x51/0x340 [ 317.113634] sysfs_add_file_mode_ns+0x226/0x540 [ 317.118301] internal_create_group+0x355/0xb20 [ 317.122971] ? sysfs_remove_link_from_group+0x70/0x70 [ 317.128161] ? lock_downgrade+0x720/0x720 [ 317.132306] lo_ioctl+0xf7c/0x20e0 [ 317.135829] ? loop_set_status64+0x110/0x110 [ 317.140236] blkdev_ioctl+0x5cb/0x1a80 [ 317.144113] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 317.149468] ? blkpg_ioctl+0x9d0/0x9d0 [ 317.153338] ? mark_held_locks+0xf0/0xf0 [ 317.157427] ? mark_held_locks+0xf0/0xf0 [ 317.161473] ? debug_check_no_obj_freed+0x201/0x490 [ 317.166475] ? lock_downgrade+0x720/0x720 [ 317.170616] block_ioctl+0xe9/0x130 [ 317.174230] ? blkdev_fallocate+0x3f0/0x3f0 [ 317.178533] do_vfs_ioctl+0xcdb/0x12e0 [ 317.182492] ? lock_downgrade+0x720/0x720 [ 317.186620] ? check_preemption_disabled+0x41/0x280 [ 317.191627] ? ioctl_preallocate+0x200/0x200 [ 317.196047] ? __fget+0x356/0x510 [ 317.199491] ? do_dup2+0x450/0x450 [ 317.203014] ? do_sys_open+0x2bf/0x520 [ 317.206885] ksys_ioctl+0x9b/0xc0 [ 317.210321] __x64_sys_ioctl+0x6f/0xb0 [ 317.214207] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 317.218770] do_syscall_64+0xf9/0x620 [ 317.222560] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 317.227747] RIP: 0033:0x7f9bcb2f9fc7 [ 317.231451] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 317.250352] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 317.258050] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2f9fc7 [ 317.265308] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 317.272557] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 14:48:45 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x19bc}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 317.279806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 317.287054] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 14:48:45 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0) [ 317.342149] erofs: read_super, device -> /dev/loop5 [ 317.347342] erofs: options -> [ 317.354285] erofs: blksize 1 isn't supported on this platform 14:48:45 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e01000000", 0xc, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 317.461555] erofs: read_super, device -> /dev/loop3 [ 317.466591] erofs: options -> [ 317.469977] erofs: cannot find valid erofs superblock 14:48:45 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 15) 14:48:45 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 317.511930] erofs: read_super, device -> /dev/loop2 [ 317.517038] erofs: options -> [ 317.520533] erofs: blksize 1 isn't supported on this platform 14:48:45 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e01000000", 0xc, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:45 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 317.656466] FAULT_INJECTION: forcing a failure. [ 317.656466] name failslab, interval 1, probability 0, space 0, times 0 [ 317.669140] CPU: 1 PID: 22903 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 317.677040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 317.686399] Call Trace: [ 317.688980] dump_stack+0x1fc/0x2ef [ 317.692606] should_fail.cold+0xa/0xf [ 317.696399] ? setup_fault_attr+0x200/0x200 [ 317.700704] ? lock_acquire+0x170/0x3c0 [ 317.704681] __should_failslab+0x115/0x180 [ 317.708915] should_failslab+0x5/0x10 [ 317.712705] kmem_cache_alloc+0x277/0x370 [ 317.716864] __kernfs_new_node+0xd2/0x680 [ 317.721023] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 317.725781] ? __mutex_unlock_slowpath+0xea/0x610 [ 317.730615] ? wait_for_completion_io+0x10/0x10 [ 317.735267] ? kernfs_next_descendant_post+0x19c/0x290 [ 317.740528] kernfs_new_node+0x92/0x120 [ 317.744486] __kernfs_create_file+0x51/0x340 [ 317.748898] sysfs_add_file_mode_ns+0x226/0x540 [ 317.753570] internal_create_group+0x355/0xb20 [ 317.758158] ? sysfs_remove_link_from_group+0x70/0x70 [ 317.763347] ? lock_downgrade+0x720/0x720 [ 317.767493] lo_ioctl+0xf7c/0x20e0 [ 317.771030] ? loop_set_status64+0x110/0x110 [ 317.775440] blkdev_ioctl+0x5cb/0x1a80 [ 317.779322] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 317.784680] ? blkpg_ioctl+0x9d0/0x9d0 [ 317.788556] ? mark_held_locks+0xf0/0xf0 [ 317.792611] ? mark_held_locks+0xf0/0xf0 [ 317.796674] ? debug_check_no_obj_freed+0x201/0x490 [ 317.801697] ? lock_downgrade+0x720/0x720 14:48:45 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x19bc}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() (async, rerun: 64) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (rerun: 64) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 317.805837] block_ioctl+0xe9/0x130 [ 317.809445] ? blkdev_fallocate+0x3f0/0x3f0 [ 317.813752] do_vfs_ioctl+0xcdb/0x12e0 [ 317.817636] ? lock_downgrade+0x720/0x720 [ 317.821788] ? check_preemption_disabled+0x41/0x280 [ 317.826821] ? ioctl_preallocate+0x200/0x200 [ 317.831240] ? __fget+0x356/0x510 [ 317.834701] ? do_dup2+0x450/0x450 [ 317.838236] ? do_sys_open+0x2bf/0x520 [ 317.842123] ksys_ioctl+0x9b/0xc0 [ 317.845586] __x64_sys_ioctl+0x6f/0xb0 [ 317.849473] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 317.854051] do_syscall_64+0xf9/0x620 [ 317.857838] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 317.863028] RIP: 0033:0x7f9bcb2f9fc7 [ 317.866737] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 317.885619] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 317.893315] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2f9fc7 [ 317.900574] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 317.907827] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 [ 317.915082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 317.922349] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 14:48:45 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0) [ 317.981669] erofs: read_super, device -> /dev/loop4 [ 317.989743] erofs: options -> [ 317.991047] erofs: read_super, device -> /dev/loop5 [ 317.996969] erofs: cannot find valid erofs superblock [ 317.998240] erofs: read_super, device -> /dev/loop2 [ 318.008467] erofs: options -> [ 318.014011] erofs: options -> [ 318.017297] erofs: blksize 1 isn't supported on this platform [ 318.023967] erofs: blksize 1 isn't supported on this platform [ 318.111473] erofs: read_super, device -> /dev/loop3 [ 318.116777] erofs: options -> [ 318.120272] erofs: cannot find valid erofs superblock 14:48:46 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:46 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:46 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 16) 14:48:46 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:46 executing program 1: sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000c40)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000180)=ANY=[@ANYBLOB="d80080821819294b51ab4396febba9086efd53696495674ce2e60b677afcee0fad03a6f47256cc1cae45", @ANYRES16=r4, @ANYBLOB="28032cbd7000ffdbdf25110000001c00038008000200190000000800020003000000080003000200000054000980080002002a060000080001005e0000000800020001000000080002000000000008000200e300000008000100030000000800020005000000080001000400000008000100050000000800010002000000340003800800030084f5000008000100ff010000080003000800000008000300d07e0000080003000100000008000300f4090000140009800800020000000070080001004c0000000c0007800800010000000000"], 0xd8}, 0x1, 0x0, 0x0, 0x8000}, 0x24002000) sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r4, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffa}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x20000080) [ 318.250074] erofs: read_super, device -> /dev/loop4 [ 318.263400] erofs: options -> [ 318.268619] erofs: cannot find valid erofs superblock [ 318.293132] FAULT_INJECTION: forcing a failure. [ 318.293132] name failslab, interval 1, probability 0, space 0, times 0 [ 318.304628] CPU: 1 PID: 22941 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 318.312503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 318.321862] Call Trace: [ 318.324455] dump_stack+0x1fc/0x2ef [ 318.328075] should_fail.cold+0xa/0xf [ 318.331876] ? setup_fault_attr+0x200/0x200 [ 318.336191] ? lock_acquire+0x170/0x3c0 [ 318.340149] __should_failslab+0x115/0x180 [ 318.344380] should_failslab+0x5/0x10 [ 318.348165] kmem_cache_alloc+0x277/0x370 [ 318.352309] __kernfs_new_node+0xd2/0x680 [ 318.356453] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 318.361210] ? __mutex_unlock_slowpath+0xea/0x610 [ 318.366044] ? wait_for_completion_io+0x10/0x10 [ 318.370701] ? kernfs_next_descendant_post+0x19c/0x290 [ 318.375993] kernfs_new_node+0x92/0x120 [ 318.379961] __kernfs_create_file+0x51/0x340 [ 318.384356] sysfs_add_file_mode_ns+0x226/0x540 [ 318.389026] internal_create_group+0x355/0xb20 14:48:46 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x19bc}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x19bc}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (async) [ 318.393611] ? sysfs_remove_link_from_group+0x70/0x70 [ 318.398806] ? lock_downgrade+0x720/0x720 [ 318.402978] lo_ioctl+0xf7c/0x20e0 [ 318.406527] ? loop_set_status64+0x110/0x110 [ 318.410931] blkdev_ioctl+0x5cb/0x1a80 [ 318.414805] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 318.420236] ? blkpg_ioctl+0x9d0/0x9d0 [ 318.424124] ? mark_held_locks+0xf0/0xf0 [ 318.428190] ? mark_held_locks+0xf0/0xf0 [ 318.432247] ? debug_check_no_obj_freed+0x201/0x490 [ 318.437264] ? lock_downgrade+0x720/0x720 [ 318.441417] block_ioctl+0xe9/0x130 [ 318.445044] ? blkdev_fallocate+0x3f0/0x3f0 [ 318.449357] do_vfs_ioctl+0xcdb/0x12e0 [ 318.453232] ? lock_downgrade+0x720/0x720 [ 318.457380] ? check_preemption_disabled+0x41/0x280 [ 318.462384] ? ioctl_preallocate+0x200/0x200 [ 318.466801] ? __fget+0x356/0x510 [ 318.470242] ? do_dup2+0x450/0x450 [ 318.473784] ? do_sys_open+0x2bf/0x520 [ 318.477671] ksys_ioctl+0x9b/0xc0 [ 318.481132] __x64_sys_ioctl+0x6f/0xb0 [ 318.485025] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 318.489606] do_syscall_64+0xf9/0x620 [ 318.493392] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 318.498559] RIP: 0033:0x7f9bcb2f9fc7 [ 318.502263] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 318.521165] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 318.528867] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2f9fc7 [ 318.536221] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:48:46 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 318.543477] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 [ 318.550733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 318.558070] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 318.571521] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.577155] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.613364] erofs: read_super, device -> /dev/loop5 [ 318.618404] erofs: options -> [ 318.630962] erofs: read_super, device -> /dev/loop2 [ 318.635999] erofs: options -> [ 318.639565] erofs: root inode @ nid 0 [ 318.651068] erofs: bogus i_mode (0) @ nid 0 [ 318.652653] erofs: read_super, device -> /dev/loop3 [ 318.664999] erofs: options -> [ 318.676702] erofs: blksize 1 isn't supported on this platform [ 318.692632] erofs: cannot find valid erofs superblock 14:48:46 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 318.720132] misc userio: Can't change port type on an already running userio instance 14:48:46 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:46 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 17) [ 318.831686] erofs: read_super, device -> /dev/loop4 [ 318.860300] erofs: options -> [ 318.876453] FAULT_INJECTION: forcing a failure. [ 318.876453] name failslab, interval 1, probability 0, space 0, times 0 [ 318.877515] erofs: cannot find valid erofs superblock [ 318.898389] CPU: 0 PID: 22984 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 318.906279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 318.915616] Call Trace: [ 318.918211] dump_stack+0x1fc/0x2ef [ 318.921841] should_fail.cold+0xa/0xf [ 318.925624] ? setup_fault_attr+0x200/0x200 [ 318.929925] ? lock_acquire+0x170/0x3c0 [ 318.933884] __should_failslab+0x115/0x180 [ 318.938098] should_failslab+0x5/0x10 [ 318.941899] kmem_cache_alloc+0x277/0x370 [ 318.946045] __kernfs_new_node+0xd2/0x680 [ 318.950266] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 318.955006] ? __mutex_unlock_slowpath+0xea/0x610 [ 318.959843] ? wait_for_completion_io+0x10/0x10 [ 318.964517] ? kernfs_next_descendant_post+0x19c/0x290 [ 318.969783] kernfs_new_node+0x92/0x120 [ 318.973747] __kernfs_create_file+0x51/0x340 [ 318.978141] sysfs_add_file_mode_ns+0x226/0x540 [ 318.982802] internal_create_group+0x355/0xb20 [ 318.987373] ? sysfs_remove_link_from_group+0x70/0x70 [ 318.992545] ? lock_downgrade+0x720/0x720 [ 318.996700] lo_ioctl+0xf7c/0x20e0 [ 319.000227] ? loop_set_status64+0x110/0x110 [ 319.004619] blkdev_ioctl+0x5cb/0x1a80 [ 319.008487] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 319.013832] ? blkpg_ioctl+0x9d0/0x9d0 [ 319.017709] ? mark_held_locks+0xf0/0xf0 [ 319.021757] ? mark_held_locks+0xf0/0xf0 [ 319.025800] ? debug_check_no_obj_freed+0x201/0x490 [ 319.030799] ? lock_downgrade+0x720/0x720 [ 319.034927] block_ioctl+0xe9/0x130 [ 319.038532] ? blkdev_fallocate+0x3f0/0x3f0 [ 319.042838] do_vfs_ioctl+0xcdb/0x12e0 [ 319.046705] ? lock_downgrade+0x720/0x720 [ 319.050839] ? check_preemption_disabled+0x41/0x280 [ 319.055835] ? ioctl_preallocate+0x200/0x200 [ 319.060223] ? __fget+0x356/0x510 [ 319.063656] ? do_dup2+0x450/0x450 [ 319.067185] ? do_sys_open+0x2bf/0x520 [ 319.071054] ksys_ioctl+0x9b/0xc0 [ 319.074490] __x64_sys_ioctl+0x6f/0xb0 [ 319.078366] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 319.082929] do_syscall_64+0xf9/0x620 [ 319.086722] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 319.091913] RIP: 0033:0x7f9bcb2f9fc7 [ 319.095608] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 319.114538] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 319.122227] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2f9fc7 [ 319.129491] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 319.136754] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 [ 319.144013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 319.151264] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 14:48:47 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0) [ 319.166269] erofs: read_super, device -> /dev/loop5 [ 319.168213] erofs: read_super, device -> /dev/loop2 [ 319.171744] erofs: options -> [ 319.180100] erofs: blksize 1 isn't supported on this platform [ 319.181167] erofs: options -> [ 319.191163] erofs: root inode @ nid 0 [ 319.196775] erofs: bogus i_mode (0) @ nid 0 14:48:47 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:47 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 18) [ 319.242296] erofs: read_super, device -> /dev/loop3 [ 319.247330] erofs: options -> [ 319.250698] erofs: cannot find valid erofs superblock 14:48:47 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 319.346581] FAULT_INJECTION: forcing a failure. [ 319.346581] name failslab, interval 1, probability 0, space 0, times 0 [ 319.361122] CPU: 1 PID: 23001 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 319.369017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 319.378351] Call Trace: [ 319.380937] dump_stack+0x1fc/0x2ef [ 319.384572] should_fail.cold+0xa/0xf [ 319.388363] ? setup_fault_attr+0x200/0x200 [ 319.392685] ? lock_acquire+0x170/0x3c0 [ 319.396641] __should_failslab+0x115/0x180 [ 319.400874] should_failslab+0x5/0x10 [ 319.404669] kmem_cache_alloc+0x277/0x370 [ 319.408801] __kernfs_new_node+0xd2/0x680 [ 319.412933] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 319.417670] ? __mutex_unlock_slowpath+0xea/0x610 [ 319.422505] ? wait_for_completion_io+0x10/0x10 [ 319.427162] ? kernfs_next_descendant_post+0x19c/0x290 [ 319.432439] kernfs_new_node+0x92/0x120 [ 319.436399] __kernfs_create_file+0x51/0x340 [ 319.440802] sysfs_add_file_mode_ns+0x226/0x540 [ 319.445482] internal_create_group+0x355/0xb20 [ 319.450074] ? sysfs_remove_link_from_group+0x70/0x70 [ 319.455261] ? lock_downgrade+0x720/0x720 [ 319.459412] lo_ioctl+0xf7c/0x20e0 [ 319.462955] ? loop_set_status64+0x110/0x110 [ 319.467420] blkdev_ioctl+0x5cb/0x1a80 [ 319.471306] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 319.476658] ? blkpg_ioctl+0x9d0/0x9d0 [ 319.480525] ? mark_held_locks+0xf0/0xf0 [ 319.484576] ? mark_held_locks+0xf0/0xf0 [ 319.488628] ? debug_check_no_obj_freed+0x201/0x490 [ 319.493636] ? lock_downgrade+0x720/0x720 [ 319.497775] block_ioctl+0xe9/0x130 [ 319.501398] ? blkdev_fallocate+0x3f0/0x3f0 [ 319.505714] do_vfs_ioctl+0xcdb/0x12e0 [ 319.509588] ? lock_downgrade+0x720/0x720 [ 319.513727] ? check_preemption_disabled+0x41/0x280 [ 319.518741] ? ioctl_preallocate+0x200/0x200 [ 319.523148] ? __fget+0x356/0x510 [ 319.526592] ? do_dup2+0x450/0x450 [ 319.530112] ? do_sys_open+0x2bf/0x520 [ 319.533993] ksys_ioctl+0x9b/0xc0 [ 319.537449] __x64_sys_ioctl+0x6f/0xb0 [ 319.541327] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 319.545904] do_syscall_64+0xf9/0x620 [ 319.549706] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 319.554875] RIP: 0033:0x7f9bcb2f9fc7 [ 319.558568] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 319.577455] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 319.585152] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2f9fc7 [ 319.592403] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 319.599659] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 [ 319.606916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 319.614165] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 14:48:47 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0) [ 319.647103] erofs: read_super, device -> /dev/loop5 [ 319.665493] erofs: options -> [ 319.669387] erofs: blksize 1 isn't supported on this platform [ 319.691857] erofs: read_super, device -> /dev/loop2 14:48:47 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 319.696977] erofs: options -> [ 319.703905] erofs: root inode @ nid 0 [ 319.708742] erofs: bogus i_mode (0) @ nid 0 [ 319.775590] erofs: read_super, device -> /dev/loop3 [ 319.789509] erofs: options -> [ 319.794088] erofs: cannot find valid erofs superblock [ 319.875889] erofs: read_super, device -> /dev/loop2 [ 319.883343] erofs: options -> [ 319.886788] erofs: root inode @ nid 36 [ 319.891464] erofs: bogus i_mode (0) @ nid 36 14:48:48 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 1) 14:48:48 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 19) 14:48:48 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0) 14:48:48 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:48 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:48 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffc}, 0x0, 0x0, 0xfcb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) [ 320.146287] erofs: read_super, device -> /dev/loop3 [ 320.157695] FAULT_INJECTION: forcing a failure. [ 320.157695] name failslab, interval 1, probability 0, space 0, times 0 [ 320.159220] erofs: options -> [ 320.174193] CPU: 1 PID: 23050 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 320.175311] erofs: cannot find valid erofs superblock [ 320.182086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 320.182093] Call Trace: [ 320.182117] dump_stack+0x1fc/0x2ef [ 320.182137] should_fail.cold+0xa/0xf [ 320.182155] ? setup_fault_attr+0x200/0x200 [ 320.182170] ? lock_acquire+0x170/0x3c0 [ 320.182190] __should_failslab+0x115/0x180 [ 320.182205] should_failslab+0x5/0x10 [ 320.182218] __kmalloc+0x2ab/0x3c0 [ 320.182228] ? __se_sys_memfd_create+0xf8/0x440 [ 320.182244] __se_sys_memfd_create+0xf8/0x440 [ 320.182259] ? memfd_file_seals_ptr+0x150/0x150 [ 320.182275] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 320.182292] ? trace_hardirqs_off_caller+0x6e/0x210 [ 320.182306] ? do_syscall_64+0x21/0x620 [ 320.182323] do_syscall_64+0xf9/0x620 [ 320.182340] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 320.182351] RIP: 0033:0x7f53f879d209 [ 320.182368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 320.286157] RSP: 002b:00007f53f7111f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 320.293853] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f53f879d209 [ 320.301111] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f53f87f629c [ 320.308368] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f53f71121d0 [ 320.315654] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 320.322909] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 14:48:48 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 2) [ 320.359907] erofs: read_super, device -> /dev/loop2 [ 320.372771] erofs: options -> [ 320.383087] FAULT_INJECTION: forcing a failure. [ 320.383087] name failslab, interval 1, probability 0, space 0, times 0 [ 320.391184] erofs: root inode @ nid 0 [ 320.398905] CPU: 1 PID: 23051 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 14:48:48 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 1) [ 320.406796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 320.416152] Call Trace: [ 320.417434] erofs: bogus i_mode (0) @ nid 0 [ 320.418742] dump_stack+0x1fc/0x2ef [ 320.418765] should_fail.cold+0xa/0xf [ 320.430454] ? setup_fault_attr+0x200/0x200 [ 320.434763] ? lock_acquire+0x170/0x3c0 [ 320.438855] ? dev_uevent_filter+0xd0/0xd0 [ 320.443069] __should_failslab+0x115/0x180 [ 320.447286] should_failslab+0x5/0x10 [ 320.451067] kmem_cache_alloc_trace+0x284/0x380 [ 320.455718] ? dev_uevent_filter+0xd0/0xd0 [ 320.459936] kobject_uevent_env+0x236/0x1480 [ 320.464331] lo_ioctl+0xff9/0x20e0 [ 320.467853] ? loop_set_status64+0x110/0x110 [ 320.472372] blkdev_ioctl+0x5cb/0x1a80 [ 320.476239] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 320.481581] ? blkpg_ioctl+0x9d0/0x9d0 [ 320.485446] ? mark_held_locks+0xf0/0xf0 [ 320.489502] ? mark_held_locks+0xf0/0xf0 [ 320.493545] ? debug_check_no_obj_freed+0x201/0x490 [ 320.498542] ? lock_downgrade+0x720/0x720 [ 320.502668] block_ioctl+0xe9/0x130 [ 320.506281] ? blkdev_fallocate+0x3f0/0x3f0 [ 320.510584] do_vfs_ioctl+0xcdb/0x12e0 [ 320.514451] ? lock_downgrade+0x720/0x720 [ 320.518665] ? check_preemption_disabled+0x41/0x280 [ 320.523680] ? ioctl_preallocate+0x200/0x200 [ 320.528067] ? __fget+0x356/0x510 [ 320.531501] ? do_dup2+0x450/0x450 [ 320.535018] ? do_sys_open+0x2bf/0x520 [ 320.538889] ksys_ioctl+0x9b/0xc0 [ 320.542323] __x64_sys_ioctl+0x6f/0xb0 [ 320.546190] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 320.550754] do_syscall_64+0xf9/0x620 [ 320.554553] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 320.559722] RIP: 0033:0x7f9bcb2f9fc7 [ 320.563429] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 320.582319] RSP: 002b:00007f9bc9c6ef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 320.590003] RAX: ffffffffffffffda RBX: 00007f9bcb343a20 RCX: 00007f9bcb2f9fc7 [ 320.597250] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:48:48 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 320.604496] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f9bc9c6f1d0 [ 320.611747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 320.618995] R13: 0000000000000004 R14: 0000000020000230 R15: 0000000000000002 [ 320.655036] FAULT_INJECTION: forcing a failure. [ 320.655036] name failslab, interval 1, probability 0, space 0, times 0 [ 320.666811] CPU: 0 PID: 23061 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 320.674710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 320.684062] Call Trace: [ 320.686664] dump_stack+0x1fc/0x2ef [ 320.690308] should_fail.cold+0xa/0xf [ 320.694121] ? setup_fault_attr+0x200/0x200 [ 320.698621] ? lock_acquire+0x170/0x3c0 [ 320.702614] __should_failslab+0x115/0x180 [ 320.706859] should_failslab+0x5/0x10 [ 320.710661] __kmalloc+0x2ab/0x3c0 [ 320.714202] ? __se_sys_memfd_create+0xf8/0x440 [ 320.718883] __se_sys_memfd_create+0xf8/0x440 [ 320.722447] FAULT_INJECTION: forcing a failure. [ 320.722447] name failslab, interval 1, probability 0, space 0, times 0 [ 320.723377] ? memfd_file_seals_ptr+0x150/0x150 [ 320.723396] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 320.723413] ? trace_hardirqs_off_caller+0x6e/0x210 [ 320.723428] ? do_syscall_64+0x21/0x620 [ 320.723448] do_syscall_64+0xf9/0x620 [ 320.757366] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 320.762558] RIP: 0033:0x7fcb13760209 [ 320.766274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 320.785175] RSP: 002b:00007fcb120d4f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 320.793150] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fcb13760209 [ 320.800416] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007fcb137b929c [ 320.807703] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007fcb120d51d0 [ 320.814970] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 320.822236] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 320.833727] erofs: read_super, device -> /dev/loop5 [ 320.839781] CPU: 1 PID: 23064 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 14:48:48 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 2) [ 320.847767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 320.851018] erofs: options -> [ 320.857118] Call Trace: [ 320.857140] dump_stack+0x1fc/0x2ef [ 320.857158] should_fail.cold+0xa/0xf [ 320.857176] ? setup_fault_attr+0x200/0x200 [ 320.861544] erofs: blksize 1 isn't supported on this platform [ 320.862927] ? lock_acquire+0x170/0x3c0 [ 320.862954] __should_failslab+0x115/0x180 [ 320.888718] should_failslab+0x5/0x10 [ 320.892528] kmem_cache_alloc+0x277/0x370 [ 320.896697] ? shmem_destroy_callback+0xb0/0xb0 [ 320.901374] shmem_alloc_inode+0x18/0x40 [ 320.905449] ? shmem_destroy_callback+0xb0/0xb0 [ 320.910202] alloc_inode+0x5d/0x180 [ 320.913813] new_inode+0x1d/0xf0 [ 320.917162] shmem_get_inode+0x96/0x8d0 [ 320.921140] __shmem_file_setup.part.0+0x7a/0x2b0 [ 320.925978] shmem_file_setup+0x61/0x90 [ 320.929941] __se_sys_memfd_create+0x26b/0x440 [ 320.934519] ? memfd_file_seals_ptr+0x150/0x150 [ 320.939182] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 320.944535] ? trace_hardirqs_off_caller+0x6e/0x210 [ 320.949538] ? do_syscall_64+0x21/0x620 [ 320.953550] do_syscall_64+0xf9/0x620 [ 320.957422] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 320.962597] RIP: 0033:0x7f53f879d209 [ 320.966300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 320.985181] RSP: 002b:00007f53f7111f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 320.992867] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f53f879d209 14:48:49 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async, rerun: 32) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0) (async, rerun: 32) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (rerun: 32) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffc}, 0x0, 0x0, 0xfcb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) 14:48:49 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 3) [ 321.000121] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f53f87f629c [ 321.007479] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f53f71121d0 [ 321.014751] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 321.022010] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 14:48:49 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:49 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 321.220945] erofs: read_super, device -> /dev/loop3 [ 321.225991] erofs: options -> [ 321.236773] erofs: cannot find valid erofs superblock 14:48:49 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 321.370298] FAULT_INJECTION: forcing a failure. [ 321.370298] name failslab, interval 1, probability 0, space 0, times 0 [ 321.397705] erofs: read_super, device -> /dev/loop5 [ 321.410054] FAULT_INJECTION: forcing a failure. [ 321.410054] name failslab, interval 1, probability 0, space 0, times 0 [ 321.411246] erofs: options -> [ 321.434278] erofs: read_super, device -> /dev/loop2 [ 321.444901] erofs: options -> [ 321.468245] CPU: 0 PID: 23081 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 321.473140] erofs: root inode @ nid 0 [ 321.476146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 321.476152] Call Trace: [ 321.476175] dump_stack+0x1fc/0x2ef [ 321.476195] should_fail.cold+0xa/0xf [ 321.476214] ? setup_fault_attr+0x200/0x200 [ 321.488870] erofs: bogus i_mode (0) @ nid 0 [ 321.489360] ? lock_acquire+0x170/0x3c0 [ 321.489381] __should_failslab+0x115/0x180 [ 321.516153] should_failslab+0x5/0x10 14:48:49 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 321.519954] kmem_cache_alloc+0x277/0x370 [ 321.524146] __d_alloc+0x2b/0xa10 [ 321.527628] d_alloc_pseudo+0x19/0x70 [ 321.531431] alloc_file_pseudo+0xc6/0x250 [ 321.535579] ? alloc_file+0x4d0/0x4d0 [ 321.539382] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 321.545014] ? shmem_get_inode+0x44c/0x8d0 [ 321.549268] __shmem_file_setup.part.0+0x102/0x2b0 [ 321.554213] shmem_file_setup+0x61/0x90 [ 321.558188] __se_sys_memfd_create+0x26b/0x440 [ 321.562777] ? memfd_file_seals_ptr+0x150/0x150 14:48:49 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 321.567447] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 321.572810] ? trace_hardirqs_off_caller+0x6e/0x210 [ 321.577825] ? do_syscall_64+0x21/0x620 [ 321.581814] do_syscall_64+0xf9/0x620 [ 321.585629] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.590819] RIP: 0033:0x7f53f879d209 [ 321.594534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 321.613429] RSP: 002b:00007f53f7111f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 321.621134] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f53f879d209 [ 321.628402] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f53f87f629c [ 321.635672] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f53f71121d0 [ 321.642951] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 321.650217] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 321.663166] erofs: blksize 1 isn't supported on this platform [ 321.677978] CPU: 1 PID: 23092 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 321.685876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 321.695236] Call Trace: [ 321.697831] dump_stack+0x1fc/0x2ef [ 321.701475] should_fail.cold+0xa/0xf [ 321.705286] ? setup_fault_attr+0x200/0x200 [ 321.709613] ? lock_acquire+0x170/0x3c0 [ 321.713598] __should_failslab+0x115/0x180 [ 321.717841] should_failslab+0x5/0x10 [ 321.721648] kmem_cache_alloc+0x277/0x370 [ 321.725812] ? shmem_destroy_callback+0xb0/0xb0 [ 321.730484] shmem_alloc_inode+0x18/0x40 [ 321.734553] ? shmem_destroy_callback+0xb0/0xb0 [ 321.739224] alloc_inode+0x5d/0x180 [ 321.742851] new_inode+0x1d/0xf0 [ 321.746225] shmem_get_inode+0x96/0x8d0 [ 321.750211] __shmem_file_setup.part.0+0x7a/0x2b0 [ 321.755065] shmem_file_setup+0x61/0x90 [ 321.759054] __se_sys_memfd_create+0x26b/0x440 [ 321.763639] ? memfd_file_seals_ptr+0x150/0x150 [ 321.768314] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 321.773687] ? trace_hardirqs_off_caller+0x6e/0x210 [ 321.778707] ? do_syscall_64+0x21/0x620 [ 321.782692] do_syscall_64+0xf9/0x620 [ 321.786503] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.791697] RIP: 0033:0x7fcb13760209 [ 321.795414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 321.814314] RSP: 002b:00007fcb120d4f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f 14:48:49 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 4) 14:48:49 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffc}, 0x0, 0x0, 0xfcb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) 14:48:49 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 3) 14:48:49 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 321.822027] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fcb13760209 [ 321.829390] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007fcb137b929c [ 321.836659] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007fcb120d51d0 [ 321.843922] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 321.851178] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 321.931192] erofs: read_super, device -> /dev/loop3 [ 321.936239] erofs: options -> [ 321.939480] erofs: cannot find valid erofs superblock [ 321.960871] erofs: read_super, device -> /dev/loop2 [ 321.965954] erofs: options -> [ 321.980870] erofs: cannot find valid erofs superblock [ 321.992058] FAULT_INJECTION: forcing a failure. [ 321.992058] name failslab, interval 1, probability 0, space 0, times 0 [ 322.017318] FAULT_INJECTION: forcing a failure. [ 322.017318] name failslab, interval 1, probability 0, space 0, times 0 [ 322.026846] CPU: 0 PID: 23144 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 322.036402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 322.045750] Call Trace: [ 322.048336] dump_stack+0x1fc/0x2ef [ 322.051964] should_fail.cold+0xa/0xf [ 322.055876] ? setup_fault_attr+0x200/0x200 [ 322.060191] ? lock_acquire+0x170/0x3c0 [ 322.064164] __should_failslab+0x115/0x180 [ 322.068395] should_failslab+0x5/0x10 [ 322.072188] kmem_cache_alloc+0x277/0x370 [ 322.076434] __alloc_file+0x21/0x340 [ 322.080146] alloc_empty_file+0x6d/0x170 [ 322.084237] alloc_file+0x5e/0x4d0 [ 322.087801] alloc_file_pseudo+0x165/0x250 [ 322.092039] ? alloc_file+0x4d0/0x4d0 [ 322.095841] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 322.101467] ? shmem_get_inode+0x44c/0x8d0 [ 322.105727] __shmem_file_setup.part.0+0x102/0x2b0 [ 322.110660] shmem_file_setup+0x61/0x90 [ 322.114632] __se_sys_memfd_create+0x26b/0x440 [ 322.119211] ? memfd_file_seals_ptr+0x150/0x150 [ 322.123881] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 322.129252] ? trace_hardirqs_off_caller+0x6e/0x210 [ 322.134266] ? do_syscall_64+0x21/0x620 [ 322.138261] do_syscall_64+0xf9/0x620 [ 322.142061] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 322.147245] RIP: 0033:0x7f53f879d209 [ 322.150952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 322.169843] RSP: 002b:00007f53f7111f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 322.177543] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f53f879d209 [ 322.184801] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f53f87f629c [ 322.192066] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f53f71121d0 [ 322.199321] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 322.206580] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 322.213863] CPU: 1 PID: 23149 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 322.221748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 322.231104] Call Trace: [ 322.233693] dump_stack+0x1fc/0x2ef [ 322.237316] should_fail.cold+0xa/0xf [ 322.241105] ? setup_fault_attr+0x200/0x200 [ 322.245417] ? lock_acquire+0x170/0x3c0 [ 322.249392] __should_failslab+0x115/0x180 [ 322.253621] should_failslab+0x5/0x10 [ 322.257841] kmem_cache_alloc+0x277/0x370 [ 322.261978] __d_alloc+0x2b/0xa10 [ 322.265429] d_alloc_pseudo+0x19/0x70 [ 322.269220] alloc_file_pseudo+0xc6/0x250 [ 322.273353] ? alloc_file+0x4d0/0x4d0 [ 322.277142] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 322.282753] ? shmem_get_inode+0x44c/0x8d0 [ 322.286978] __shmem_file_setup.part.0+0x102/0x2b0 [ 322.291899] shmem_file_setup+0x61/0x90 [ 322.295861] __se_sys_memfd_create+0x26b/0x440 [ 322.300435] ? memfd_file_seals_ptr+0x150/0x150 [ 322.305090] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 322.310437] ? trace_hardirqs_off_caller+0x6e/0x210 [ 322.315439] ? do_syscall_64+0x21/0x620 [ 322.319399] do_syscall_64+0xf9/0x620 [ 322.323191] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 322.328366] RIP: 0033:0x7fcb13760209 [ 322.332166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 322.351054] RSP: 002b:00007fcb120d4f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 322.358747] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fcb13760209 [ 322.366004] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007fcb137b929c [ 322.373261] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007fcb120d51d0 [ 322.380516] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 322.387768] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 14:48:50 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 4) 14:48:50 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e803000000000000", 0x20, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:50 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 5) [ 322.439097] erofs: read_super, device -> /dev/loop5 14:48:50 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 322.463779] erofs: options -> 14:48:50 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 322.491198] erofs: blksize 1 isn't supported on this platform [ 322.525795] FAULT_INJECTION: forcing a failure. [ 322.525795] name failslab, interval 1, probability 0, space 0, times 0 14:48:50 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000068486, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 322.618921] FAULT_INJECTION: forcing a failure. [ 322.618921] name failslab, interval 1, probability 0, space 0, times 0 [ 322.632670] CPU: 1 PID: 23166 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 322.640571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 322.649928] Call Trace: [ 322.652524] dump_stack+0x1fc/0x2ef [ 322.656165] should_fail.cold+0xa/0xf [ 322.659984] ? setup_fault_attr+0x200/0x200 [ 322.664311] ? lock_acquire+0x170/0x3c0 [ 322.668298] __should_failslab+0x115/0x180 [ 322.672541] should_failslab+0x5/0x10 [ 322.676344] kmem_cache_alloc+0x277/0x370 [ 322.680516] __alloc_file+0x21/0x340 [ 322.684234] alloc_empty_file+0x6d/0x170 [ 322.688299] alloc_file+0x5e/0x4d0 [ 322.691841] alloc_file_pseudo+0x165/0x250 [ 322.696078] ? alloc_file+0x4d0/0x4d0 [ 322.699882] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 322.705515] ? shmem_get_inode+0x44c/0x8d0 [ 322.709790] __shmem_file_setup.part.0+0x102/0x2b0 [ 322.714728] shmem_file_setup+0x61/0x90 [ 322.718702] __se_sys_memfd_create+0x26b/0x440 [ 322.723278] ? memfd_file_seals_ptr+0x150/0x150 [ 322.727937] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 322.733295] ? trace_hardirqs_off_caller+0x6e/0x210 [ 322.738299] ? do_syscall_64+0x21/0x620 [ 322.742269] do_syscall_64+0xf9/0x620 [ 322.746067] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 322.751246] RIP: 0033:0x7fcb13760209 [ 322.754951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 322.773850] RSP: 002b:00007fcb120d4f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 322.778685] erofs: read_super, device -> /dev/loop3 [ 322.781559] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fcb13760209 [ 322.781568] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007fcb137b929c [ 322.781575] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007fcb120d51d0 [ 322.781582] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 322.781590] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 322.796505] CPU: 1 PID: 23170 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 322.811330] erofs: read_super, device -> /dev/loop2 [ 322.815876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 322.845338] Call Trace: [ 322.847933] dump_stack+0x1fc/0x2ef [ 322.851577] should_fail.cold+0xa/0xf [ 322.855383] ? setup_fault_attr+0x200/0x200 [ 322.855393] erofs: read_super, device -> /dev/loop5 [ 322.859700] ? lock_acquire+0x170/0x3c0 [ 322.859724] __should_failslab+0x115/0x180 [ 322.859741] should_failslab+0x5/0x10 [ 322.859757] kmem_cache_alloc_trace+0x284/0x380 [ 322.881406] apparmor_file_alloc_security+0x394/0xad0 [ 322.886611] ? apparmor_file_receive+0x160/0x160 [ 322.891379] ? __alloc_file+0x21/0x340 [ 322.895278] security_file_alloc+0x40/0x90 [ 322.899538] __alloc_file+0xd8/0x340 [ 322.903261] alloc_empty_file+0x6d/0x170 [ 322.907330] alloc_file+0x5e/0x4d0 [ 322.910878] alloc_file_pseudo+0x165/0x250 [ 322.915123] ? alloc_file+0x4d0/0x4d0 [ 322.918936] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 322.924572] ? shmem_get_inode+0x44c/0x8d0 [ 322.928820] __shmem_file_setup.part.0+0x102/0x2b0 [ 322.933771] shmem_file_setup+0x61/0x90 [ 322.937762] __se_sys_memfd_create+0x26b/0x440 [ 322.942357] ? memfd_file_seals_ptr+0x150/0x150 [ 322.947034] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 322.952409] ? trace_hardirqs_off_caller+0x6e/0x210 [ 322.957434] ? do_syscall_64+0x21/0x620 [ 322.961419] do_syscall_64+0xf9/0x620 [ 322.963301] erofs: options -> 14:48:50 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 5) [ 322.965226] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 322.965240] RIP: 0033:0x7f53f879d209 [ 322.965253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 322.965264] RSP: 002b:00007f53f7111f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 322.968573] erofs: cannot find valid erofs superblock [ 322.973611] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f53f879d209 [ 322.973618] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f53f87f629c [ 322.973626] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f53f71121d0 [ 322.973634] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 322.973643] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 323.002716] erofs: options -> 14:48:51 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000068486, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 323.068633] erofs: options -> [ 323.090678] erofs: root inode @ nid 36 [ 323.096840] FAULT_INJECTION: forcing a failure. [ 323.096840] name failslab, interval 1, probability 0, space 0, times 0 [ 323.118311] erofs: mounted on /dev/loop3 with opts: . [ 323.125447] CPU: 1 PID: 23186 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 323.133346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 323.142799] Call Trace: [ 323.145397] dump_stack+0x1fc/0x2ef [ 323.149177] should_fail.cold+0xa/0xf [ 323.152996] ? setup_fault_attr+0x200/0x200 [ 323.157330] ? lock_acquire+0x170/0x3c0 [ 323.161319] __should_failslab+0x115/0x180 [ 323.165571] should_failslab+0x5/0x10 [ 323.169390] kmem_cache_alloc_trace+0x284/0x380 [ 323.174074] apparmor_file_alloc_security+0x394/0xad0 [ 323.179281] ? apparmor_file_receive+0x160/0x160 [ 323.184060] ? __alloc_file+0x21/0x340 [ 323.187963] security_file_alloc+0x40/0x90 [ 323.192211] __alloc_file+0xd8/0x340 [ 323.195941] alloc_empty_file+0x6d/0x170 [ 323.200021] alloc_file+0x5e/0x4d0 [ 323.203573] alloc_file_pseudo+0x165/0x250 [ 323.207819] ? alloc_file+0x4d0/0x4d0 [ 323.211626] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 323.217256] ? shmem_get_inode+0x44c/0x8d0 [ 323.221505] __shmem_file_setup.part.0+0x102/0x2b0 [ 323.226448] shmem_file_setup+0x61/0x90 [ 323.230550] __se_sys_memfd_create+0x26b/0x440 [ 323.235139] ? memfd_file_seals_ptr+0x150/0x150 [ 323.239820] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 323.245295] ? trace_hardirqs_off_caller+0x6e/0x210 [ 323.250318] ? do_syscall_64+0x21/0x620 [ 323.254303] do_syscall_64+0xf9/0x620 [ 323.258114] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.263296] RIP: 0033:0x7fcb13760209 [ 323.267005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 323.285901] RSP: 002b:00007fcb120d4f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 323.293603] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fcb13760209 [ 323.300860] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007fcb137b929c [ 323.308125] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007fcb120d51d0 14:48:51 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e803000000000000", 0x20, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:51 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 6) 14:48:51 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 6) [ 323.315378] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 323.322629] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 323.341520] erofs: blksize 1 isn't supported on this platform [ 323.347610] erofs: unmounted for /dev/loop3 [ 323.412328] FAULT_INJECTION: forcing a failure. [ 323.412328] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 323.424387] CPU: 1 PID: 23197 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 323.432267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 323.441608] Call Trace: [ 323.444189] dump_stack+0x1fc/0x2ef [ 323.447807] should_fail.cold+0xa/0xf [ 323.451596] ? lock_acquire+0x170/0x3c0 [ 323.455556] ? setup_fault_attr+0x200/0x200 [ 323.459875] __alloc_pages_nodemask+0x239/0x2890 [ 323.464616] ? __lock_acquire+0x6de/0x3ff0 [ 323.468841] ? static_obj+0x50/0x50 [ 323.472459] ? __lock_acquire+0x6de/0x3ff0 [ 323.476683] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 323.481510] ? __lock_acquire+0x6de/0x3ff0 [ 323.485738] ? mark_held_locks+0xf0/0xf0 [ 323.489786] ? unwind_next_frame+0xeee/0x1400 [ 323.494267] ? mark_held_locks+0xf0/0xf0 [ 323.498313] ? deref_stack_reg+0x134/0x1d0 [ 323.502532] ? get_reg+0x176/0x1f0 [ 323.506064] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 323.511934] alloc_pages_vma+0xf2/0x780 [ 323.515907] shmem_alloc_page+0x11c/0x1f0 [ 323.520042] ? shmem_swapin+0x220/0x220 [ 323.524018] ? percpu_counter_add_batch+0x126/0x180 [ 323.529021] ? __vm_enough_memory+0x316/0x650 [ 323.533508] shmem_alloc_and_acct_page+0x15a/0x850 [ 323.538428] shmem_getpage_gfp+0x4e9/0x37f0 [ 323.542746] ? shmem_alloc_and_acct_page+0x850/0x850 [ 323.547834] ? mark_held_locks+0xa6/0xf0 [ 323.551884] ? ktime_get_coarse_real_ts64+0x1c7/0x290 [ 323.557060] ? iov_iter_fault_in_readable+0x1fc/0x3f0 [ 323.562239] shmem_write_begin+0xff/0x1e0 [ 323.566375] generic_perform_write+0x1f8/0x4d0 [ 323.570948] ? filemap_page_mkwrite+0x2f0/0x2f0 [ 323.575601] ? current_time+0x1c0/0x1c0 [ 323.579562] ? lock_acquire+0x170/0x3c0 [ 323.583524] __generic_file_write_iter+0x24b/0x610 [ 323.588442] generic_file_write_iter+0x3f8/0x730 [ 323.593188] __vfs_write+0x51b/0x770 [ 323.596889] ? kernel_read+0x110/0x110 [ 323.600769] ? check_preemption_disabled+0x41/0x280 [ 323.605776] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 323.610779] vfs_write+0x1f3/0x540 [ 323.614308] __x64_sys_pwrite64+0x1f7/0x250 [ 323.618617] ? ksys_pwrite64+0x1a0/0x1a0 [ 323.622667] ? trace_hardirqs_off_caller+0x6e/0x210 [ 323.627669] ? do_syscall_64+0x21/0x620 [ 323.631629] do_syscall_64+0xf9/0x620 [ 323.635423] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.640602] RIP: 0033:0x7fcb137131d7 [ 323.644302] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b 14:48:51 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 323.663184] RSP: 002b:00007fcb120d4f00 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 323.670879] RAX: ffffffffffffffda RBX: 00007fcb137a9a20 RCX: 00007fcb137131d7 [ 323.678133] RDX: 000000000000000f RSI: 0000000020010000 RDI: 0000000000000004 [ 323.685388] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007fcb120d51d0 [ 323.692652] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 323.699906] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 323.745058] erofs: read_super, device -> /dev/loop4 [ 323.750097] erofs: options -> [ 323.758282] FAULT_INJECTION: forcing a failure. [ 323.758282] name failslab, interval 1, probability 0, space 0, times 0 [ 323.776091] CPU: 1 PID: 23202 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 323.783992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 323.793346] Call Trace: [ 323.795941] dump_stack+0x1fc/0x2ef [ 323.799583] should_fail.cold+0xa/0xf [ 323.803398] ? setup_fault_attr+0x200/0x200 [ 323.807726] ? lock_acquire+0x170/0x3c0 [ 323.811721] __should_failslab+0x115/0x180 [ 323.815967] should_failslab+0x5/0x10 [ 323.819775] kmem_cache_alloc_trace+0x284/0x380 [ 323.824462] apparmor_file_alloc_security+0x394/0xad0 [ 323.829660] ? apparmor_file_receive+0x160/0x160 [ 323.834423] ? __alloc_file+0x21/0x340 [ 323.838320] security_file_alloc+0x40/0x90 [ 323.842566] __alloc_file+0xd8/0x340 [ 323.846287] alloc_empty_file+0x6d/0x170 [ 323.850364] alloc_file+0x5e/0x4d0 [ 323.853918] alloc_file_pseudo+0x165/0x250 [ 323.858157] ? alloc_file+0x4d0/0x4d0 [ 323.861965] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 323.867596] ? shmem_get_inode+0x44c/0x8d0 [ 323.871845] __shmem_file_setup.part.0+0x102/0x2b0 [ 323.876789] shmem_file_setup+0x61/0x90 [ 323.880771] __se_sys_memfd_create+0x26b/0x440 [ 323.885360] ? memfd_file_seals_ptr+0x150/0x150 [ 323.890037] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe 14:48:51 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 323.895411] ? trace_hardirqs_off_caller+0x6e/0x210 [ 323.900434] ? do_syscall_64+0x21/0x620 [ 323.904425] do_syscall_64+0xf9/0x620 [ 323.908237] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.913437] RIP: 0033:0x7f53f879d209 [ 323.917155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 323.927437] erofs: read_super, device -> /dev/loop3 14:48:51 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 7) 14:48:51 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (rerun: 64) gettid() (async, rerun: 64) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000068486, 0x0) (rerun: 64) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 323.936054] RSP: 002b:00007f53f7111f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 323.936068] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f53f879d209 [ 323.936076] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f53f87f629c [ 323.936085] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f53f71121d0 [ 323.936094] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 323.936102] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 323.985904] erofs: cannot find valid erofs superblock [ 324.010060] erofs: options -> [ 324.015858] erofs: root inode @ nid 36 [ 324.020186] erofs: mounted on /dev/loop3 with opts: . [ 324.036657] FAULT_INJECTION: forcing a failure. [ 324.036657] name failslab, interval 1, probability 0, space 0, times 0 [ 324.048876] CPU: 1 PID: 23218 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 324.056758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 324.066206] Call Trace: [ 324.068788] dump_stack+0x1fc/0x2ef [ 324.072430] should_fail.cold+0xa/0xf [ 324.076241] ? setup_fault_attr+0x200/0x200 [ 324.080594] ? lock_acquire+0x170/0x3c0 [ 324.084578] __should_failslab+0x115/0x180 [ 324.088818] should_failslab+0x5/0x10 [ 324.092617] kmem_cache_alloc+0x277/0x370 [ 324.096759] getname_flags+0xce/0x590 [ 324.100559] do_sys_open+0x26c/0x520 [ 324.104273] ? filp_open+0x70/0x70 [ 324.107806] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 324.113155] ? trace_hardirqs_off_caller+0x6e/0x210 [ 324.118157] ? do_syscall_64+0x21/0x620 [ 324.122136] do_syscall_64+0xf9/0x620 [ 324.125931] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.131100] RIP: 0033:0x7f53f8750124 [ 324.134794] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 14:48:52 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 8) [ 324.153678] RSP: 002b:00007f53f7111eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 324.161388] RAX: ffffffffffffffda RBX: 00007f53f87e6a20 RCX: 00007f53f8750124 [ 324.168735] RDX: 0000000000000002 RSI: 00007f53f7111fe0 RDI: 00000000ffffff9c [ 324.175999] RBP: 00007f53f7111fe0 R08: 0000000000000000 R09: 00007f53f71121d0 [ 324.183258] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 324.190556] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:48:52 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 7) [ 324.226895] erofs: read_super, device -> /dev/loop2 [ 324.232287] erofs: read_super, device -> /dev/loop5 [ 324.261082] erofs: options -> [ 324.264272] erofs: options -> [ 324.270662] erofs: cannot find valid erofs superblock 14:48:52 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024000000000000000000e803000000000000", 0x20, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 324.282497] erofs: blksize 1 isn't supported on this platform [ 324.294114] erofs: unmounted for /dev/loop3 [ 324.302489] FAULT_INJECTION: forcing a failure. [ 324.302489] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 324.309671] FAULT_INJECTION: forcing a failure. [ 324.309671] name failslab, interval 1, probability 0, space 0, times 0 [ 324.314293] CPU: 1 PID: 23224 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 324.314303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 324.314308] Call Trace: [ 324.314330] dump_stack+0x1fc/0x2ef [ 324.314350] should_fail.cold+0xa/0xf [ 324.314368] ? setup_fault_attr+0x200/0x200 [ 324.314385] ? do_writepages+0x290/0x290 [ 324.314400] ? unlock_page+0x13d/0x230 [ 324.314422] __alloc_pages_nodemask+0x239/0x2890 [ 324.314441] ? lock_downgrade+0x720/0x720 [ 324.314457] ? check_preemption_disabled+0x41/0x280 [ 324.314475] ? __lock_acquire+0x6de/0x3ff0 [ 324.314501] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 324.387936] ? lock_downgrade+0x720/0x720 [ 324.392084] ? lock_acquire+0x170/0x3c0 [ 324.396053] ? up_write+0x18/0x150 [ 324.399579] ? generic_file_write_iter+0x381/0x730 [ 324.404496] ? iov_iter_init+0xb8/0x1d0 [ 324.408460] cache_grow_begin+0xa4/0x8a0 [ 324.412509] ? setup_fault_attr+0x200/0x200 [ 324.416819] ? lock_acquire+0x170/0x3c0 [ 324.420782] cache_alloc_refill+0x273/0x340 [ 324.425096] kmem_cache_alloc+0x346/0x370 [ 324.429233] getname_flags+0xce/0x590 [ 324.433022] do_sys_open+0x26c/0x520 [ 324.436722] ? filp_open+0x70/0x70 [ 324.440253] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 324.445602] ? trace_hardirqs_off_caller+0x6e/0x210 [ 324.450605] ? do_syscall_64+0x21/0x620 [ 324.454566] do_syscall_64+0xf9/0x620 [ 324.458356] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.463533] RIP: 0033:0x7f53f8750124 [ 324.467240] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 324.486123] RSP: 002b:00007f53f7111eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 324.493814] RAX: ffffffffffffffda RBX: 00007f53f87e6a20 RCX: 00007f53f8750124 [ 324.501067] RDX: 0000000000000002 RSI: 00007f53f7111fe0 RDI: 00000000ffffff9c [ 324.508335] RBP: 00007f53f7111fe0 R08: 0000000000000000 R09: 00007f53f71121d0 [ 324.515598] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 324.522853] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 324.542150] CPU: 1 PID: 23227 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 324.550045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 324.559384] Call Trace: [ 324.561965] dump_stack+0x1fc/0x2ef [ 324.565582] should_fail.cold+0xa/0xf [ 324.569373] ? setup_fault_attr+0x200/0x200 [ 324.573683] ? lock_acquire+0x170/0x3c0 [ 324.577647] __should_failslab+0x115/0x180 [ 324.581874] should_failslab+0x5/0x10 [ 324.585658] kmem_cache_alloc+0x277/0x370 [ 324.589800] getname_flags+0xce/0x590 [ 324.593587] do_sys_open+0x26c/0x520 [ 324.597287] ? filp_open+0x70/0x70 [ 324.600815] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 324.606163] ? trace_hardirqs_off_caller+0x6e/0x210 [ 324.611166] ? do_syscall_64+0x21/0x620 [ 324.615127] do_syscall_64+0xf9/0x620 [ 324.618918] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.624106] RIP: 0033:0x7fcb13713124 14:48:52 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 324.627803] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 324.646687] RSP: 002b:00007fcb120d4eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 324.654390] RAX: ffffffffffffffda RBX: 00007fcb137a9a20 RCX: 00007fcb13713124 [ 324.661641] RDX: 0000000000000002 RSI: 00007fcb120d4fe0 RDI: 00000000ffffff9c [ 324.668981] RBP: 00007fcb120d4fe0 R08: 0000000000000000 R09: 00007fcb120d51d0 [ 324.676232] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 324.683488] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:48:52 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 8) 14:48:52 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0) [ 324.780418] erofs: read_super, device -> /dev/loop1 [ 324.794164] erofs: options -> [ 324.813780] erofs: root inode @ nid 36 [ 324.840375] erofs: mounted on /dev/loop1 with opts: . 14:48:52 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 9) [ 324.898142] erofs: read_super, device -> /dev/loop5 [ 324.922358] erofs: unmounted for /dev/loop1 [ 324.929118] FAULT_INJECTION: forcing a failure. [ 324.929118] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 324.933873] erofs: options -> [ 324.940937] CPU: 1 PID: 23248 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 324.940946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 324.940951] Call Trace: [ 324.940974] dump_stack+0x1fc/0x2ef [ 324.940993] should_fail.cold+0xa/0xf [ 324.941011] ? setup_fault_attr+0x200/0x200 [ 324.941029] ? do_writepages+0x290/0x290 [ 324.941044] ? unlock_page+0x13d/0x230 [ 324.941064] __alloc_pages_nodemask+0x239/0x2890 [ 324.941080] ? lock_downgrade+0x720/0x720 [ 324.941099] ? check_preemption_disabled+0x41/0x280 [ 324.954341] erofs: blksize 1 isn't supported on this platform [ 324.961600] ? __lock_acquire+0x6de/0x3ff0 [ 324.961624] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 324.961638] ? lock_downgrade+0x720/0x720 [ 324.961650] ? lock_acquire+0x170/0x3c0 [ 324.961671] ? up_write+0x18/0x150 [ 324.961684] ? generic_file_write_iter+0x381/0x730 [ 324.961698] ? iov_iter_init+0xb8/0x1d0 [ 324.961715] cache_grow_begin+0xa4/0x8a0 [ 324.961729] ? setup_fault_attr+0x200/0x200 [ 324.961745] ? lock_acquire+0x170/0x3c0 [ 325.045469] cache_alloc_refill+0x273/0x340 [ 325.049896] kmem_cache_alloc+0x346/0x370 [ 325.054053] getname_flags+0xce/0x590 [ 325.057852] do_sys_open+0x26c/0x520 [ 325.061548] ? filp_open+0x70/0x70 [ 325.065087] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 325.070453] ? trace_hardirqs_off_caller+0x6e/0x210 [ 325.075454] ? do_syscall_64+0x21/0x620 [ 325.079426] do_syscall_64+0xf9/0x620 [ 325.083212] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 325.088379] RIP: 0033:0x7fcb13713124 [ 325.092098] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 325.111002] RSP: 002b:00007fcb120d4eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 14:48:53 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000000)={{r0}, 0x7f9, 0x101, 0x158}) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) 14:48:53 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0) [ 325.118721] RAX: ffffffffffffffda RBX: 00007fcb137a9a20 RCX: 00007fcb13713124 [ 325.126041] RDX: 0000000000000002 RSI: 00007fcb120d4fe0 RDI: 00000000ffffff9c [ 325.133293] RBP: 00007fcb120d4fe0 R08: 0000000000000000 R09: 00007fcb120d51d0 [ 325.140659] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 325.147928] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 325.264841] erofs: read_super, device -> /dev/loop4 [ 325.269882] erofs: options -> [ 325.273578] erofs: root inode @ nid 36 [ 325.277731] erofs: mounted on /dev/loop4 with opts: . [ 325.301202] erofs: read_super, device -> /dev/loop3 [ 325.306423] erofs: options -> [ 325.320973] erofs: root inode @ nid 36 14:48:53 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 9) 14:48:53 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 325.346479] erofs: unmounted for /dev/loop4 [ 325.362636] erofs: mounted on /dev/loop3 with opts: . 14:48:53 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 325.412477] FAULT_INJECTION: forcing a failure. [ 325.412477] name failslab, interval 1, probability 0, space 0, times 0 [ 325.429094] erofs: unmounted for /dev/loop3 [ 325.436964] CPU: 1 PID: 23272 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 325.444858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 325.445392] FAULT_INJECTION: forcing a failure. [ 325.445392] name failslab, interval 1, probability 0, space 0, times 0 [ 325.454204] Call Trace: [ 325.454228] dump_stack+0x1fc/0x2ef [ 325.454246] should_fail.cold+0xa/0xf [ 325.454263] ? setup_fault_attr+0x200/0x200 [ 325.454278] ? lock_acquire+0x170/0x3c0 [ 325.454297] __should_failslab+0x115/0x180 [ 325.454312] should_failslab+0x5/0x10 [ 325.454332] kmem_cache_alloc+0x277/0x370 [ 325.495835] __alloc_file+0x21/0x340 [ 325.499575] alloc_empty_file+0x6d/0x170 [ 325.503637] path_openat+0xe9/0x2df0 [ 325.507351] ? __lock_acquire+0x6de/0x3ff0 [ 325.511585] ? path_lookupat+0x8d0/0x8d0 [ 325.515638] ? mark_held_locks+0xf0/0xf0 [ 325.519691] do_filp_open+0x18c/0x3f0 [ 325.523481] ? may_open_dev+0xf0/0xf0 [ 325.527275] ? __alloc_fd+0x28d/0x570 [ 325.531068] ? lock_downgrade+0x720/0x720 [ 325.535202] ? lock_acquire+0x170/0x3c0 [ 325.539163] ? __alloc_fd+0x34/0x570 [ 325.542874] ? do_raw_spin_unlock+0x171/0x230 [ 325.547363] ? _raw_spin_unlock+0x29/0x40 [ 325.551499] ? __alloc_fd+0x28d/0x570 [ 325.555295] do_sys_open+0x3b3/0x520 [ 325.558999] ? filp_open+0x70/0x70 [ 325.562537] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 325.567892] ? trace_hardirqs_off_caller+0x6e/0x210 [ 325.572897] ? do_syscall_64+0x21/0x620 [ 325.576864] do_syscall_64+0xf9/0x620 [ 325.580660] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 325.585842] RIP: 0033:0x7f53f8750124 [ 325.589545] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 325.608430] RSP: 002b:00007f53f7111eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 325.616127] RAX: ffffffffffffffda RBX: 00007f53f87e6a20 RCX: 00007f53f8750124 [ 325.623386] RDX: 0000000000000002 RSI: 00007f53f7111fe0 RDI: 00000000ffffff9c [ 325.630648] RBP: 00007f53f7111fe0 R08: 0000000000000000 R09: 00007f53f71121d0 [ 325.637904] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 325.645158] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 325.652435] CPU: 0 PID: 23275 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 14:48:53 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 10) [ 325.660321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 325.669668] Call Trace: [ 325.672263] dump_stack+0x1fc/0x2ef [ 325.675900] should_fail.cold+0xa/0xf [ 325.679709] ? setup_fault_attr+0x200/0x200 [ 325.684036] ? lock_acquire+0x170/0x3c0 [ 325.688008] __should_failslab+0x115/0x180 [ 325.692229] should_failslab+0x5/0x10 [ 325.696009] kmem_cache_alloc+0x277/0x370 [ 325.700140] __alloc_file+0x21/0x340 [ 325.703838] alloc_empty_file+0x6d/0x170 [ 325.707879] path_openat+0xe9/0x2df0 [ 325.711575] ? __lock_acquire+0x6de/0x3ff0 [ 325.715792] ? path_lookupat+0x8d0/0x8d0 [ 325.719838] ? mark_held_locks+0xf0/0xf0 [ 325.723884] do_filp_open+0x18c/0x3f0 [ 325.727660] ? may_open_dev+0xf0/0xf0 [ 325.731441] ? __alloc_fd+0x28d/0x570 [ 325.735225] ? lock_downgrade+0x720/0x720 [ 325.739349] ? lock_acquire+0x170/0x3c0 [ 325.743299] ? __alloc_fd+0x34/0x570 [ 325.746994] ? do_raw_spin_unlock+0x171/0x230 [ 325.751476] ? _raw_spin_unlock+0x29/0x40 [ 325.755604] ? __alloc_fd+0x28d/0x570 [ 325.759386] do_sys_open+0x3b3/0x520 [ 325.763080] ? filp_open+0x70/0x70 [ 325.766602] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 325.771946] ? trace_hardirqs_off_caller+0x6e/0x210 [ 325.776939] ? do_syscall_64+0x21/0x620 [ 325.780894] do_syscall_64+0xf9/0x620 [ 325.784676] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 325.789844] RIP: 0033:0x7fcb13713124 [ 325.793536] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 14:48:53 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000000)={{r0}, 0x7f9, 0x101, 0x158}) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) 14:48:53 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0) 14:48:53 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 10) [ 325.812416] RSP: 002b:00007fcb120d4eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 325.820104] RAX: ffffffffffffffda RBX: 00007fcb137a9a20 RCX: 00007fcb13713124 [ 325.827352] RDX: 0000000000000002 RSI: 00007fcb120d4fe0 RDI: 00000000ffffff9c [ 325.834597] RBP: 00007fcb120d4fe0 R08: 0000000000000000 R09: 00007fcb120d51d0 [ 325.841842] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 325.849089] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 325.924510] FAULT_INJECTION: forcing a failure. [ 325.924510] name failslab, interval 1, probability 0, space 0, times 0 [ 325.935901] CPU: 1 PID: 23284 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 325.943782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 325.953138] Call Trace: [ 325.955737] dump_stack+0x1fc/0x2ef [ 325.959375] should_fail.cold+0xa/0xf [ 325.963185] ? setup_fault_attr+0x200/0x200 [ 325.967496] FAULT_INJECTION: forcing a failure. [ 325.967496] name failslab, interval 1, probability 0, space 0, times 0 [ 325.978678] ? lock_acquire+0x170/0x3c0 [ 325.982656] __should_failslab+0x115/0x180 [ 325.986891] should_failslab+0x5/0x10 [ 325.990685] kmem_cache_alloc_trace+0x284/0x380 [ 325.995356] apparmor_file_alloc_security+0x394/0xad0 [ 326.000566] ? apparmor_file_receive+0x160/0x160 [ 326.005317] ? __alloc_file+0x21/0x340 [ 326.009201] security_file_alloc+0x40/0x90 [ 326.013427] __alloc_file+0xd8/0x340 [ 326.017183] alloc_empty_file+0x6d/0x170 [ 326.021241] path_openat+0xe9/0x2df0 [ 326.024955] ? __lock_acquire+0x6de/0x3ff0 [ 326.029187] ? path_lookupat+0x8d0/0x8d0 [ 326.033243] ? mark_held_locks+0xf0/0xf0 [ 326.037299] do_filp_open+0x18c/0x3f0 [ 326.041093] ? may_open_dev+0xf0/0xf0 [ 326.044885] ? __alloc_fd+0x28d/0x570 [ 326.048678] ? lock_downgrade+0x720/0x720 [ 326.052829] ? lock_acquire+0x170/0x3c0 [ 326.056809] ? __alloc_fd+0x34/0x570 [ 326.060529] ? do_raw_spin_unlock+0x171/0x230 [ 326.065022] ? _raw_spin_unlock+0x29/0x40 [ 326.069167] ? __alloc_fd+0x28d/0x570 [ 326.073066] do_sys_open+0x3b3/0x520 [ 326.076772] ? filp_open+0x70/0x70 [ 326.080307] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 326.085662] ? trace_hardirqs_off_caller+0x6e/0x210 [ 326.090667] ? do_syscall_64+0x21/0x620 [ 326.094632] do_syscall_64+0xf9/0x620 [ 326.098421] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 326.103597] RIP: 0033:0x7fcb13713124 [ 326.107298] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 326.126364] RSP: 002b:00007fcb120d4eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 326.134061] RAX: ffffffffffffffda RBX: 00007fcb137a9a20 RCX: 00007fcb13713124 [ 326.141336] RDX: 0000000000000002 RSI: 00007fcb120d4fe0 RDI: 00000000ffffff9c [ 326.148598] RBP: 00007fcb120d4fe0 R08: 0000000000000000 R09: 00007fcb120d51d0 [ 326.155875] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 326.163135] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 326.195736] CPU: 1 PID: 23285 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 326.203639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 326.212991] Call Trace: [ 326.215572] dump_stack+0x1fc/0x2ef [ 326.219190] should_fail.cold+0xa/0xf [ 326.222993] ? setup_fault_attr+0x200/0x200 [ 326.227305] ? lock_acquire+0x170/0x3c0 [ 326.231271] __should_failslab+0x115/0x180 [ 326.235494] should_failslab+0x5/0x10 [ 326.239281] kmem_cache_alloc_trace+0x284/0x380 [ 326.243939] apparmor_file_alloc_security+0x394/0xad0 [ 326.249113] ? do_raw_spin_unlock+0x171/0x230 [ 326.253593] ? apparmor_file_receive+0x160/0x160 [ 326.258338] ? __alloc_file+0x21/0x340 [ 326.262218] security_file_alloc+0x40/0x90 [ 326.266442] __alloc_file+0xd8/0x340 [ 326.270142] alloc_empty_file+0x6d/0x170 [ 326.274195] path_openat+0xe9/0x2df0 [ 326.277895] ? __lock_acquire+0x6de/0x3ff0 [ 326.282121] ? path_lookupat+0x8d0/0x8d0 [ 326.286168] ? mark_held_locks+0xf0/0xf0 [ 326.290223] do_filp_open+0x18c/0x3f0 [ 326.294011] ? may_open_dev+0xf0/0xf0 [ 326.297801] ? __alloc_fd+0x28d/0x570 [ 326.301596] ? lock_downgrade+0x720/0x720 [ 326.305728] ? lock_acquire+0x170/0x3c0 [ 326.309689] ? __alloc_fd+0x34/0x570 [ 326.313397] ? do_raw_spin_unlock+0x171/0x230 [ 326.317880] ? _raw_spin_unlock+0x29/0x40 [ 326.322011] ? __alloc_fd+0x28d/0x570 [ 326.325802] do_sys_open+0x3b3/0x520 [ 326.329501] ? filp_open+0x70/0x70 [ 326.333031] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 326.338386] ? trace_hardirqs_off_caller+0x6e/0x210 [ 326.343387] ? do_syscall_64+0x21/0x620 [ 326.347353] do_syscall_64+0xf9/0x620 [ 326.351145] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 326.356318] RIP: 0033:0x7f53f8750124 [ 326.360017] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 326.378906] RSP: 002b:00007f53f7111eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 326.386601] RAX: ffffffffffffffda RBX: 00007f53f87e6a20 RCX: 00007f53f8750124 14:48:54 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async, rerun: 64) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 32) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async, rerun: 64) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (rerun: 64) ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000000)={{r0}, 0x7f9, 0x101, 0x158}) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 326.393856] RDX: 0000000000000002 RSI: 00007f53f7111fe0 RDI: 00000000ffffff9c [ 326.401109] RBP: 00007f53f7111fe0 R08: 0000000000000000 R09: 00007f53f71121d0 [ 326.408373] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 326.415644] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 326.432242] erofs: read_super, device -> /dev/loop5 [ 326.437725] erofs: options -> 14:48:54 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 11) 14:48:54 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 11) [ 326.462761] erofs: read_super, device -> /dev/loop3 [ 326.469161] erofs: blksize 1 isn't supported on this platform [ 326.487767] erofs: options -> [ 326.501154] erofs: cannot find valid erofs superblock 14:48:54 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 326.587172] FAULT_INJECTION: forcing a failure. [ 326.587172] name failslab, interval 1, probability 0, space 0, times 0 [ 326.608669] CPU: 1 PID: 23309 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 326.616569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 326.625922] Call Trace: [ 326.628517] dump_stack+0x1fc/0x2ef [ 326.632151] should_fail.cold+0xa/0xf [ 326.635938] ? setup_fault_attr+0x200/0x200 [ 326.640248] ? lock_acquire+0x170/0x3c0 [ 326.644240] __should_failslab+0x115/0x180 [ 326.648469] should_failslab+0x5/0x10 [ 326.652253] kmem_cache_alloc_trace+0x284/0x380 [ 326.656903] ? loop_info64_to_compat+0x5e0/0x5e0 [ 326.661672] __kthread_create_on_node+0xd2/0x410 [ 326.666426] ? kthread_parkme+0xa0/0xa0 [ 326.670400] ? lock_acquire+0x170/0x3c0 [ 326.674365] ? lo_ioctl+0x1bb/0x20e0 [ 326.678079] ? __mutex_lock+0x368/0x1190 [ 326.682144] ? lock_downgrade+0x720/0x720 [ 326.686284] ? check_preemption_disabled+0x41/0x280 [ 326.691282] ? loop_info64_to_compat+0x5e0/0x5e0 [ 326.696019] kthread_create_on_node+0xbb/0xf0 [ 326.700503] ? __kthread_create_on_node+0x410/0x410 [ 326.705512] ? __fget+0x356/0x510 [ 326.708949] ? do_dup2+0x450/0x450 [ 326.712477] ? __lockdep_init_map+0x100/0x5a0 [ 326.716963] ? __lockdep_init_map+0x100/0x5a0 [ 326.721454] lo_ioctl+0xae5/0x20e0 [ 326.724999] ? loop_set_status64+0x110/0x110 [ 326.729398] blkdev_ioctl+0x5cb/0x1a80 [ 326.733272] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 326.738617] ? blkpg_ioctl+0x9d0/0x9d0 [ 326.742497] ? mark_held_locks+0xf0/0xf0 [ 326.746550] ? mark_held_locks+0xf0/0xf0 [ 326.750594] ? debug_check_no_obj_freed+0x201/0x490 [ 326.755593] ? lock_downgrade+0x720/0x720 [ 326.759720] block_ioctl+0xe9/0x130 [ 326.763341] ? blkdev_fallocate+0x3f0/0x3f0 [ 326.767656] do_vfs_ioctl+0xcdb/0x12e0 [ 326.771537] ? lock_downgrade+0x720/0x720 [ 326.775705] ? check_preemption_disabled+0x41/0x280 [ 326.780724] ? ioctl_preallocate+0x200/0x200 [ 326.785135] ? __fget+0x356/0x510 [ 326.788581] ? do_dup2+0x450/0x450 [ 326.792103] ? do_sys_open+0x2bf/0x520 [ 326.795973] ksys_ioctl+0x9b/0xc0 [ 326.799409] __x64_sys_ioctl+0x6f/0xb0 [ 326.803290] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 326.807873] do_syscall_64+0xf9/0x620 [ 326.811672] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 326.816842] RIP: 0033:0x7f53f879cfc7 [ 326.820544] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 326.839435] RSP: 002b:00007f53f7111f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 326.847122] RAX: ffffffffffffffda RBX: 00007f53f87e6a20 RCX: 00007f53f879cfc7 [ 326.854385] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 326.861649] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f53f71121d0 [ 326.868908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 326.876155] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 326.940880] FAULT_INJECTION: forcing a failure. [ 326.940880] name failslab, interval 1, probability 0, space 0, times 0 [ 326.953857] CPU: 0 PID: 23308 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 326.961745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 326.971082] Call Trace: [ 326.973711] dump_stack+0x1fc/0x2ef [ 326.977336] should_fail.cold+0xa/0xf [ 326.981131] ? setup_fault_attr+0x200/0x200 [ 326.985437] ? lock_acquire+0x170/0x3c0 [ 326.989393] __should_failslab+0x115/0x180 [ 326.993614] should_failslab+0x5/0x10 [ 326.997394] kmem_cache_alloc_trace+0x284/0x380 [ 327.002047] ? loop_info64_to_compat+0x5e0/0x5e0 [ 327.006806] __kthread_create_on_node+0xd2/0x410 [ 327.011545] ? kthread_parkme+0xa0/0xa0 [ 327.015499] ? lock_acquire+0x170/0x3c0 [ 327.019453] ? lo_ioctl+0x1bb/0x20e0 [ 327.023154] ? __mutex_lock+0x368/0x1190 [ 327.027201] ? lock_downgrade+0x720/0x720 [ 327.031328] ? check_preemption_disabled+0x41/0x280 [ 327.036326] ? loop_info64_to_compat+0x5e0/0x5e0 [ 327.041059] kthread_create_on_node+0xbb/0xf0 [ 327.045532] ? __kthread_create_on_node+0x410/0x410 [ 327.050539] ? __fget+0x356/0x510 [ 327.053972] ? do_dup2+0x450/0x450 [ 327.057501] ? __lockdep_init_map+0x100/0x5a0 [ 327.062066] ? __lockdep_init_map+0x100/0x5a0 [ 327.066558] lo_ioctl+0xae5/0x20e0 [ 327.070087] ? loop_set_status64+0x110/0x110 [ 327.074488] blkdev_ioctl+0x5cb/0x1a80 [ 327.078363] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.083726] ? blkpg_ioctl+0x9d0/0x9d0 [ 327.087599] ? mark_held_locks+0xf0/0xf0 [ 327.091639] ? mark_held_locks+0xf0/0xf0 [ 327.095680] ? debug_check_no_obj_freed+0x201/0x490 [ 327.100678] ? lock_downgrade+0x720/0x720 [ 327.104813] block_ioctl+0xe9/0x130 [ 327.108421] ? blkdev_fallocate+0x3f0/0x3f0 [ 327.112724] do_vfs_ioctl+0xcdb/0x12e0 [ 327.116594] ? lock_downgrade+0x720/0x720 [ 327.120729] ? check_preemption_disabled+0x41/0x280 [ 327.125741] ? ioctl_preallocate+0x200/0x200 [ 327.130141] ? __fget+0x356/0x510 [ 327.133576] ? do_dup2+0x450/0x450 [ 327.137096] ? do_sys_open+0x2bf/0x520 [ 327.140986] ksys_ioctl+0x9b/0xc0 [ 327.144422] __x64_sys_ioctl+0x6f/0xb0 [ 327.148297] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 327.152858] do_syscall_64+0xf9/0x620 [ 327.156642] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.161810] RIP: 0033:0x7fcb1375ffc7 [ 327.165502] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 327.184385] RSP: 002b:00007fcb120d4f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:48:55 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:55 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) sendfile(r0, r3, 0x0, 0x20) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) r4 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r5 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r6 = dup2(r4, r5) ioctl$IOC_PR_PREEMPT(r6, 0x40046109, &(0x7f0000000080)={0x2}) ioctl$IOC_PR_PREEMPT(r6, 0x401870cb, &(0x7f00000000c0)={0xb128, 0x10000, 0x486cd984, 0x9}) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r7 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r7, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r7, &(0x7f0000000040), 0x2) [ 327.192074] RAX: ffffffffffffffda RBX: 00007fcb137a9a20 RCX: 00007fcb1375ffc7 [ 327.199323] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 327.206569] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fcb120d51d0 [ 327.213816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 327.221063] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:48:55 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 12) 14:48:55 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 12) [ 327.293970] erofs: read_super, device -> /dev/loop5 [ 327.319740] erofs: options -> [ 327.332041] erofs: blksize 1 isn't supported on this platform [ 327.359481] FAULT_INJECTION: forcing a failure. 14:48:55 executing program 2: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000000)={{r0}, 0x7f9, 0x101, 0x158}) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 327.359481] name failslab, interval 1, probability 0, space 0, times 0 [ 327.382989] CPU: 1 PID: 23325 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 327.390888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 327.400244] Call Trace: [ 327.402840] dump_stack+0x1fc/0x2ef [ 327.406479] should_fail.cold+0xa/0xf [ 327.410286] ? setup_fault_attr+0x200/0x200 [ 327.414612] ? lock_acquire+0x170/0x3c0 [ 327.418600] __should_failslab+0x115/0x180 [ 327.422842] should_failslab+0x5/0x10 [ 327.426645] kmem_cache_alloc+0x277/0x370 [ 327.430793] __kernfs_new_node+0xd2/0x680 [ 327.434925] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 327.439663] ? _raw_spin_unlock_irq+0x5a/0x80 [ 327.444152] ? __cpu_to_node+0x7b/0xa0 [ 327.448464] ? mark_held_locks+0xf0/0xf0 [ 327.452505] ? io_schedule_timeout+0x140/0x140 [ 327.457068] ? enqueue_entity+0xf86/0x3850 [ 327.461285] ? set_user_nice.part.0+0x3b9/0xab0 [ 327.465934] kernfs_create_dir_ns+0x9e/0x230 [ 327.470324] internal_create_group+0x1c1/0xb20 [ 327.474889] ? sysfs_remove_link_from_group+0x70/0x70 [ 327.480058] ? lock_downgrade+0x720/0x720 [ 327.484216] lo_ioctl+0xf7c/0x20e0 [ 327.487749] ? loop_set_status64+0x110/0x110 [ 327.492163] blkdev_ioctl+0x5cb/0x1a80 [ 327.496062] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.501408] ? blkpg_ioctl+0x9d0/0x9d0 [ 327.505276] ? mark_held_locks+0xf0/0xf0 [ 327.509329] ? mark_held_locks+0xf0/0xf0 [ 327.513379] ? debug_check_no_obj_freed+0x201/0x490 [ 327.518391] ? lock_downgrade+0x720/0x720 [ 327.522522] block_ioctl+0xe9/0x130 [ 327.526130] ? blkdev_fallocate+0x3f0/0x3f0 [ 327.530442] do_vfs_ioctl+0xcdb/0x12e0 [ 327.534312] ? lock_downgrade+0x720/0x720 [ 327.538439] ? check_preemption_disabled+0x41/0x280 [ 327.543434] ? ioctl_preallocate+0x200/0x200 [ 327.547825] ? __fget+0x356/0x510 [ 327.551391] ? do_dup2+0x450/0x450 [ 327.554912] ? do_sys_open+0x2bf/0x520 [ 327.558784] ksys_ioctl+0x9b/0xc0 [ 327.562224] __x64_sys_ioctl+0x6f/0xb0 [ 327.566094] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 327.570659] do_syscall_64+0xf9/0x620 [ 327.574447] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.579624] RIP: 0033:0x7f53f879cfc7 [ 327.583317] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 327.602198] RSP: 002b:00007f53f7111f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 327.609887] RAX: ffffffffffffffda RBX: 00007f53f87e6a20 RCX: 00007f53f879cfc7 14:48:55 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 327.617141] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 327.624395] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f53f71121d0 [ 327.631653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 327.638904] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 327.674523] FAULT_INJECTION: forcing a failure. [ 327.674523] name failslab, interval 1, probability 0, space 0, times 0 [ 327.686282] CPU: 0 PID: 23330 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 327.694156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 327.703500] Call Trace: [ 327.706085] dump_stack+0x1fc/0x2ef [ 327.709696] should_fail.cold+0xa/0xf [ 327.713479] ? setup_fault_attr+0x200/0x200 [ 327.717795] ? lock_acquire+0x170/0x3c0 [ 327.721777] __should_failslab+0x115/0x180 [ 327.726005] should_failslab+0x5/0x10 [ 327.729785] kmem_cache_alloc+0x277/0x370 [ 327.733917] __kernfs_new_node+0xd2/0x680 [ 327.738049] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 327.742796] ? kernfs_activate+0x2c/0x1d0 [ 327.746943] ? lock_downgrade+0x720/0x720 [ 327.751088] ? kernfs_add_one+0x51/0x4c0 [ 327.755134] ? mutex_trylock+0x1a0/0x1a0 [ 327.759185] ? __mutex_unlock_slowpath+0xea/0x610 [ 327.764019] kernfs_new_node+0x92/0x120 [ 327.767976] __kernfs_create_file+0x51/0x340 [ 327.772399] sysfs_add_file_mode_ns+0x226/0x540 [ 327.777051] internal_create_group+0x355/0xb20 [ 327.781619] ? sysfs_remove_link_from_group+0x70/0x70 [ 327.786809] ? lock_downgrade+0x720/0x720 [ 327.790947] lo_ioctl+0xf7c/0x20e0 [ 327.794474] ? loop_set_status64+0x110/0x110 [ 327.798868] blkdev_ioctl+0x5cb/0x1a80 [ 327.802747] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.808102] ? blkpg_ioctl+0x9d0/0x9d0 [ 327.811975] ? mark_held_locks+0xf0/0xf0 [ 327.816017] ? mark_held_locks+0xf0/0xf0 [ 327.820068] ? debug_check_no_obj_freed+0x201/0x490 [ 327.825089] ? lock_downgrade+0x720/0x720 [ 327.829230] block_ioctl+0xe9/0x130 [ 327.832846] ? blkdev_fallocate+0x3f0/0x3f0 [ 327.837161] do_vfs_ioctl+0xcdb/0x12e0 [ 327.841036] ? lock_downgrade+0x720/0x720 [ 327.845185] ? check_preemption_disabled+0x41/0x280 [ 327.850206] ? ioctl_preallocate+0x200/0x200 [ 327.854622] ? __fget+0x356/0x510 [ 327.858070] ? do_dup2+0x450/0x450 [ 327.861591] ? do_sys_open+0x2bf/0x520 [ 327.865468] ksys_ioctl+0x9b/0xc0 [ 327.868913] __x64_sys_ioctl+0x6f/0xb0 [ 327.872784] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 327.877347] do_syscall_64+0xf9/0x620 [ 327.881139] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.886317] RIP: 0033:0x7fcb1375ffc7 [ 327.890018] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 327.908912] RSP: 002b:00007fcb120d4f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 327.916623] RAX: ffffffffffffffda RBX: 00007fcb137a9a20 RCX: 00007fcb1375ffc7 [ 327.923882] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 327.931144] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fcb120d51d0 [ 327.938409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 327.945674] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 327.973169] erofs: read_super, device -> /dev/loop1 [ 327.978544] erofs: options -> [ 327.987207] erofs: root inode @ nid 36 [ 327.992229] erofs: mounted on /dev/loop1 with opts: . [ 328.002706] erofs: read_super, device -> /dev/loop3 [ 328.007734] erofs: options -> [ 328.011977] erofs: cannot find valid erofs superblock 14:48:56 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 13) [ 328.041883] erofs: read_super, device -> /dev/loop4 [ 328.063485] erofs: options -> [ 328.067069] erofs: unmounted for /dev/loop1 [ 328.070121] erofs: root inode @ nid 36 [ 328.078805] erofs: mounted on /dev/loop4 with opts: . 14:48:56 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 13) 14:48:56 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 328.134526] erofs: read_super, device -> /dev/loop5 [ 328.143025] erofs: unmounted for /dev/loop4 [ 328.158123] erofs: options -> [ 328.169481] erofs: blksize 1 isn't supported on this platform [ 328.188697] FAULT_INJECTION: forcing a failure. [ 328.188697] name failslab, interval 1, probability 0, space 0, times 0 [ 328.200481] CPU: 0 PID: 23352 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 328.208372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 328.217721] Call Trace: [ 328.220302] dump_stack+0x1fc/0x2ef [ 328.223916] should_fail.cold+0xa/0xf [ 328.227703] ? setup_fault_attr+0x200/0x200 [ 328.232005] ? lock_acquire+0x170/0x3c0 [ 328.235965] __should_failslab+0x115/0x180 [ 328.240185] should_failslab+0x5/0x10 [ 328.243967] kmem_cache_alloc+0x277/0x370 [ 328.248100] __kernfs_new_node+0xd2/0x680 [ 328.252246] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 328.256989] ? kernfs_activate+0x2c/0x1d0 [ 328.261122] ? lock_downgrade+0x720/0x720 [ 328.265253] ? kernfs_add_one+0x51/0x4c0 [ 328.269295] ? mutex_trylock+0x1a0/0x1a0 [ 328.273339] ? __mutex_unlock_slowpath+0xea/0x610 [ 328.278166] kernfs_new_node+0x92/0x120 [ 328.282141] __kernfs_create_file+0x51/0x340 [ 328.286548] sysfs_add_file_mode_ns+0x226/0x540 [ 328.291208] internal_create_group+0x355/0xb20 [ 328.295777] ? sysfs_remove_link_from_group+0x70/0x70 [ 328.300959] ? lock_downgrade+0x720/0x720 [ 328.305106] lo_ioctl+0xf7c/0x20e0 [ 328.308649] ? loop_set_status64+0x110/0x110 [ 328.313062] blkdev_ioctl+0x5cb/0x1a80 [ 328.316944] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 328.322289] ? blkpg_ioctl+0x9d0/0x9d0 [ 328.326166] ? mark_held_locks+0xf0/0xf0 [ 328.330228] ? mark_held_locks+0xf0/0xf0 [ 328.334272] ? debug_check_no_obj_freed+0x201/0x490 [ 328.339273] ? lock_downgrade+0x720/0x720 [ 328.343405] block_ioctl+0xe9/0x130 [ 328.347018] ? blkdev_fallocate+0x3f0/0x3f0 [ 328.351339] do_vfs_ioctl+0xcdb/0x12e0 [ 328.355223] ? lock_downgrade+0x720/0x720 [ 328.359359] ? check_preemption_disabled+0x41/0x280 [ 328.364357] ? ioctl_preallocate+0x200/0x200 [ 328.368748] ? __fget+0x356/0x510 [ 328.372202] ? do_dup2+0x450/0x450 [ 328.375727] ? do_sys_open+0x2bf/0x520 [ 328.379612] ksys_ioctl+0x9b/0xc0 [ 328.383065] __x64_sys_ioctl+0x6f/0xb0 [ 328.386935] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 328.391499] do_syscall_64+0xf9/0x620 [ 328.395285] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 328.400649] RIP: 0033:0x7f53f879cfc7 [ 328.404354] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 328.423245] RSP: 002b:00007f53f7111f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 328.430938] RAX: ffffffffffffffda RBX: 00007f53f87e6a20 RCX: 00007f53f879cfc7 14:48:56 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 1) 14:48:56 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) sendfile(r0, r3, 0x0, 0x20) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) r4 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r5 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r6 = dup2(r4, r5) ioctl$IOC_PR_PREEMPT(r6, 0x40046109, &(0x7f0000000080)={0x2}) ioctl$IOC_PR_PREEMPT(r6, 0x401870cb, &(0x7f00000000c0)={0xb128, 0x10000, 0x486cd984, 0x9}) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r7 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r7, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r7, &(0x7f0000000040), 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) dup2(r1, r2) (async) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) (async) sendfile(r0, r3, 0x0, 0x20) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) dup2(r4, r5) (async) ioctl$IOC_PR_PREEMPT(r6, 0x40046109, &(0x7f0000000080)={0x2}) (async) ioctl$IOC_PR_PREEMPT(r6, 0x401870cb, &(0x7f00000000c0)={0xb128, 0x10000, 0x486cd984, 0x9}) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r7, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r7, &(0x7f0000000040), 0x2) (async) [ 328.438192] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 328.445442] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f53f71121d0 [ 328.452701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 328.459964] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 328.501358] FAULT_INJECTION: forcing a failure. [ 328.501358] name failslab, interval 1, probability 0, space 0, times 0 [ 328.516347] CPU: 0 PID: 23358 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 328.524283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 328.533620] Call Trace: [ 328.536201] dump_stack+0x1fc/0x2ef [ 328.539815] should_fail.cold+0xa/0xf [ 328.543622] ? setup_fault_attr+0x200/0x200 [ 328.547931] ? lock_acquire+0x170/0x3c0 [ 328.551889] __should_failslab+0x115/0x180 [ 328.556107] should_failslab+0x5/0x10 [ 328.559898] kmem_cache_alloc+0x277/0x370 [ 328.564037] __kernfs_new_node+0xd2/0x680 [ 328.568171] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 328.572907] ? kernfs_activate+0x2c/0x1d0 [ 328.577037] ? lock_downgrade+0x720/0x720 [ 328.581166] ? kernfs_add_one+0x51/0x4c0 [ 328.585212] ? mutex_trylock+0x1a0/0x1a0 [ 328.589254] ? __mutex_unlock_slowpath+0xea/0x610 [ 328.594080] kernfs_new_node+0x92/0x120 [ 328.598037] __kernfs_create_file+0x51/0x340 [ 328.602430] sysfs_add_file_mode_ns+0x226/0x540 [ 328.607084] internal_create_group+0x355/0xb20 [ 328.611651] ? sysfs_remove_link_from_group+0x70/0x70 [ 328.616822] ? lock_downgrade+0x720/0x720 [ 328.620967] lo_ioctl+0xf7c/0x20e0 [ 328.624494] ? loop_set_status64+0x110/0x110 [ 328.628883] blkdev_ioctl+0x5cb/0x1a80 [ 328.632755] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 328.638118] ? blkpg_ioctl+0x9d0/0x9d0 [ 328.642079] ? mark_held_locks+0xf0/0xf0 [ 328.646123] ? mark_held_locks+0xf0/0xf0 [ 328.650166] ? debug_check_no_obj_freed+0x201/0x490 [ 328.655168] ? lock_downgrade+0x720/0x720 [ 328.659299] block_ioctl+0xe9/0x130 [ 328.662904] ? blkdev_fallocate+0x3f0/0x3f0 [ 328.667208] do_vfs_ioctl+0xcdb/0x12e0 [ 328.671079] ? lock_downgrade+0x720/0x720 [ 328.675219] ? check_preemption_disabled+0x41/0x280 [ 328.680248] ? ioctl_preallocate+0x200/0x200 [ 328.684644] ? __fget+0x356/0x510 [ 328.688079] ? do_dup2+0x450/0x450 [ 328.691602] ? do_sys_open+0x2bf/0x520 [ 328.695477] ksys_ioctl+0x9b/0xc0 [ 328.698912] __x64_sys_ioctl+0x6f/0xb0 [ 328.702781] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 328.707355] do_syscall_64+0xf9/0x620 [ 328.711149] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 328.716323] RIP: 0033:0x7fcb1375ffc7 [ 328.720038] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 328.738924] RSP: 002b:00007fcb120d4f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 328.746618] RAX: ffffffffffffffda RBX: 00007fcb137a9a20 RCX: 00007fcb1375ffc7 [ 328.753868] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 328.761124] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fcb120d51d0 [ 328.768383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 328.775663] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 328.788001] erofs: read_super, device -> /dev/loop1 [ 328.791276] erofs: read_super, device -> /dev/loop4 [ 328.798039] erofs: options -> 14:48:56 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x60, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:56 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 14) [ 328.802492] erofs: options -> [ 328.805703] erofs: root inode @ nid 36 [ 328.810203] erofs: root inode @ nid 36 [ 328.814412] erofs: mounted on /dev/loop4 with opts: . [ 328.821718] erofs: mounted on /dev/loop1 with opts: . [ 328.830585] erofs: read_super, device -> /dev/loop3 [ 328.835618] erofs: options -> [ 328.846029] erofs: cannot find valid erofs superblock 14:48:56 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 14) [ 328.870536] erofs: unmounted for /dev/loop1 [ 328.897138] erofs: unmounted for /dev/loop4 [ 328.908837] FAULT_INJECTION: forcing a failure. [ 328.908837] name failslab, interval 1, probability 0, space 0, times 0 [ 328.920455] CPU: 0 PID: 23371 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 328.928342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 328.937686] Call Trace: [ 328.940283] dump_stack+0x1fc/0x2ef [ 328.943895] should_fail.cold+0xa/0xf [ 328.947682] ? setup_fault_attr+0x200/0x200 [ 328.952006] ? lock_acquire+0x170/0x3c0 [ 328.955983] __should_failslab+0x115/0x180 [ 328.960202] should_failslab+0x5/0x10 [ 328.963983] __kmalloc+0x2ab/0x3c0 [ 328.967506] ? __se_sys_memfd_create+0xf8/0x440 [ 328.972163] __se_sys_memfd_create+0xf8/0x440 [ 328.976638] ? memfd_file_seals_ptr+0x150/0x150 [ 328.981365] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 328.986715] ? trace_hardirqs_off_caller+0x6e/0x210 [ 328.991720] ? do_syscall_64+0x21/0x620 [ 328.995689] do_syscall_64+0xf9/0x620 [ 328.999474] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.004645] RIP: 0033:0x7f5bb64d2209 [ 329.008342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 329.027398] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 329.035087] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d2209 [ 329.042340] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f5bb652b29c [ 329.049590] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f5bb4e471d0 [ 329.056839] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 329.064107] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 14:48:57 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 2) 14:48:57 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c002400", 0x10, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 329.147350] erofs: read_super, device -> /dev/loop5 [ 329.156962] erofs: options -> [ 329.168359] FAULT_INJECTION: forcing a failure. [ 329.168359] name failslab, interval 1, probability 0, space 0, times 0 [ 329.180215] CPU: 0 PID: 23398 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 329.188109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 329.197468] Call Trace: [ 329.200064] dump_stack+0x1fc/0x2ef [ 329.200376] erofs: blksize 1 isn't supported on this platform [ 329.203699] should_fail.cold+0xa/0xf [ 329.203718] ? setup_fault_attr+0x200/0x200 [ 329.203734] ? lock_acquire+0x170/0x3c0 [ 329.203755] __should_failslab+0x115/0x180 [ 329.210108] FAULT_INJECTION: forcing a failure. [ 329.210108] name failslab, interval 1, probability 0, space 0, times 0 [ 329.213419] should_failslab+0x5/0x10 [ 329.213432] kmem_cache_alloc+0x277/0x370 [ 329.213451] __kernfs_new_node+0xd2/0x680 [ 329.213469] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 329.213488] ? __mutex_unlock_slowpath+0xea/0x610 [ 329.213506] ? wait_for_completion_io+0x10/0x10 [ 329.213526] ? kernfs_next_descendant_post+0x19c/0x290 [ 329.268664] kernfs_new_node+0x92/0x120 [ 329.272631] __kernfs_create_file+0x51/0x340 [ 329.277031] sysfs_add_file_mode_ns+0x226/0x540 [ 329.281698] internal_create_group+0x355/0xb20 [ 329.286274] ? sysfs_remove_link_from_group+0x70/0x70 [ 329.291456] ? lock_downgrade+0x720/0x720 [ 329.295602] lo_ioctl+0xf7c/0x20e0 [ 329.299138] ? loop_set_status64+0x110/0x110 [ 329.303536] blkdev_ioctl+0x5cb/0x1a80 [ 329.307422] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.312776] ? blkpg_ioctl+0x9d0/0x9d0 [ 329.316651] ? mark_held_locks+0xf0/0xf0 [ 329.320708] ? mark_held_locks+0xf0/0xf0 [ 329.324767] ? debug_check_no_obj_freed+0x201/0x490 [ 329.329776] ? lock_downgrade+0x720/0x720 [ 329.333914] block_ioctl+0xe9/0x130 [ 329.337531] ? blkdev_fallocate+0x3f0/0x3f0 [ 329.341843] do_vfs_ioctl+0xcdb/0x12e0 [ 329.345737] ? lock_downgrade+0x720/0x720 [ 329.349884] ? check_preemption_disabled+0x41/0x280 [ 329.354891] ? ioctl_preallocate+0x200/0x200 [ 329.359294] ? __fget+0x356/0x510 [ 329.362740] ? do_dup2+0x450/0x450 [ 329.366274] ? do_sys_open+0x2bf/0x520 [ 329.370166] ksys_ioctl+0x9b/0xc0 [ 329.373617] __x64_sys_ioctl+0x6f/0xb0 [ 329.377525] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 329.382103] do_syscall_64+0xf9/0x620 [ 329.385897] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.391083] RIP: 0033:0x7f53f879cfc7 [ 329.394787] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 329.413675] RSP: 002b:00007f53f7111f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 329.421375] RAX: ffffffffffffffda RBX: 00007f53f87e6a20 RCX: 00007f53f879cfc7 [ 329.428630] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 329.435885] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f53f71121d0 [ 329.443141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 329.450746] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 329.458058] CPU: 1 PID: 23407 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 329.465949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 329.475300] Call Trace: [ 329.477893] dump_stack+0x1fc/0x2ef [ 329.481529] should_fail.cold+0xa/0xf [ 329.485338] ? setup_fault_attr+0x200/0x200 [ 329.489663] ? lock_acquire+0x170/0x3c0 [ 329.493652] __should_failslab+0x115/0x180 [ 329.497891] should_failslab+0x5/0x10 [ 329.501698] kmem_cache_alloc+0x277/0x370 [ 329.505848] ? shmem_destroy_callback+0xb0/0xb0 [ 329.510522] shmem_alloc_inode+0x18/0x40 [ 329.514589] ? shmem_destroy_callback+0xb0/0xb0 [ 329.519354] alloc_inode+0x5d/0x180 [ 329.522998] new_inode+0x1d/0xf0 [ 329.526375] shmem_get_inode+0x96/0x8d0 [ 329.530358] __shmem_file_setup.part.0+0x7a/0x2b0 [ 329.535206] shmem_file_setup+0x61/0x90 [ 329.539185] __se_sys_memfd_create+0x26b/0x440 [ 329.542042] erofs: read_super, device -> /dev/loop1 [ 329.543766] ? memfd_file_seals_ptr+0x150/0x150 [ 329.543784] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 329.543803] ? trace_hardirqs_off_caller+0x6e/0x210 [ 329.555239] erofs: options -> [ 329.559154] ? do_syscall_64+0x21/0x620 [ 329.559172] do_syscall_64+0xf9/0x620 [ 329.559191] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.576338] erofs: root inode @ nid 36 [ 329.580291] RIP: 0033:0x7f5bb64d2209 14:48:57 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) (async) sendfile(r0, r3, 0x0, 0x20) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) r4 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r5 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r6 = dup2(r4, r5) ioctl$IOC_PR_PREEMPT(r6, 0x40046109, &(0x7f0000000080)={0x2}) (async) ioctl$IOC_PR_PREEMPT(r6, 0x401870cb, &(0x7f00000000c0)={0xb128, 0x10000, 0x486cd984, 0x9}) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r7 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r7, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r7, &(0x7f0000000040), 0x2) [ 329.580306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 329.580313] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 329.580325] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d2209 [ 329.580334] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f5bb652b29c [ 329.580342] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f5bb4e471d0 [ 329.580349] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 329.580356] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 329.591069] FAULT_INJECTION: forcing a failure. [ 329.591069] name failslab, interval 1, probability 0, space 0, times 0 [ 329.618143] erofs: mounted on /dev/loop1 with opts: . [ 329.625213] CPU: 1 PID: 23408 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 329.675494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 329.684825] Call Trace: [ 329.687413] dump_stack+0x1fc/0x2ef [ 329.691039] should_fail.cold+0xa/0xf [ 329.694842] ? setup_fault_attr+0x200/0x200 [ 329.699157] ? lock_acquire+0x170/0x3c0 [ 329.703116] __should_failslab+0x115/0x180 [ 329.707346] should_failslab+0x5/0x10 [ 329.711139] kmem_cache_alloc+0x277/0x370 [ 329.715279] __kernfs_new_node+0xd2/0x680 [ 329.719407] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 329.724159] ? __mutex_unlock_slowpath+0xea/0x610 [ 329.729005] ? wait_for_completion_io+0x10/0x10 [ 329.733678] ? kernfs_next_descendant_post+0x19c/0x290 [ 329.738948] kernfs_new_node+0x92/0x120 [ 329.742908] __kernfs_create_file+0x51/0x340 [ 329.747304] sysfs_add_file_mode_ns+0x226/0x540 [ 329.751972] internal_create_group+0x355/0xb20 [ 329.756551] ? sysfs_remove_link_from_group+0x70/0x70 [ 329.761741] ? lock_downgrade+0x720/0x720 [ 329.765878] lo_ioctl+0xf7c/0x20e0 [ 329.769414] ? loop_set_status64+0x110/0x110 [ 329.773818] blkdev_ioctl+0x5cb/0x1a80 [ 329.777712] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.783071] ? blkpg_ioctl+0x9d0/0x9d0 [ 329.786956] ? mark_held_locks+0xf0/0xf0 [ 329.791009] ? mark_held_locks+0xf0/0xf0 [ 329.795074] ? debug_check_no_obj_freed+0x201/0x490 [ 329.800081] ? lock_downgrade+0x720/0x720 [ 329.804235] block_ioctl+0xe9/0x130 [ 329.807841] ? blkdev_fallocate+0x3f0/0x3f0 [ 329.812243] do_vfs_ioctl+0xcdb/0x12e0 [ 329.816235] ? lock_downgrade+0x720/0x720 [ 329.820368] ? check_preemption_disabled+0x41/0x280 [ 329.825374] ? ioctl_preallocate+0x200/0x200 [ 329.829766] ? __fget+0x356/0x510 [ 329.833214] ? do_dup2+0x450/0x450 [ 329.836744] ? do_sys_open+0x2bf/0x520 [ 329.840618] ksys_ioctl+0x9b/0xc0 [ 329.844056] __x64_sys_ioctl+0x6f/0xb0 [ 329.848358] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 329.852933] do_syscall_64+0xf9/0x620 [ 329.856729] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.861898] RIP: 0033:0x7fcb1375ffc7 [ 329.865593] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 329.884480] RSP: 002b:00007fcb120d4f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 329.892193] RAX: ffffffffffffffda RBX: 00007fcb137a9a20 RCX: 00007fcb1375ffc7 [ 329.899461] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 329.906722] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007fcb120d51d0 [ 329.913987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 329.921250] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:48:57 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 3) 14:48:57 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2e7, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:57 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 329.969643] erofs: read_super, device -> /dev/loop4 [ 329.974962] erofs: read_super, device -> /dev/loop3 [ 329.982993] erofs: unmounted for /dev/loop1 [ 329.987605] erofs: options -> [ 329.995534] erofs: root inode @ nid 36 [ 330.005082] erofs: options -> [ 330.012949] erofs: mounted on /dev/loop3 with opts: . [ 330.022054] erofs: root inode @ nid 36 [ 330.036946] erofs: mounted on /dev/loop4 with opts: . [ 330.039614] FAULT_INJECTION: forcing a failure. [ 330.039614] name failslab, interval 1, probability 0, space 0, times 0 [ 330.054918] CPU: 1 PID: 23428 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 330.062800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 330.072229] Call Trace: [ 330.074822] dump_stack+0x1fc/0x2ef [ 330.078446] should_fail.cold+0xa/0xf [ 330.082243] ? setup_fault_attr+0x200/0x200 [ 330.086665] ? lock_acquire+0x170/0x3c0 [ 330.090658] __should_failslab+0x115/0x180 [ 330.094891] should_failslab+0x5/0x10 [ 330.098679] kmem_cache_alloc+0x277/0x370 [ 330.102823] __d_alloc+0x2b/0xa10 [ 330.106272] d_alloc_pseudo+0x19/0x70 [ 330.110062] alloc_file_pseudo+0xc6/0x250 [ 330.114207] ? alloc_file+0x4d0/0x4d0 [ 330.118018] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 330.123641] ? shmem_get_inode+0x44c/0x8d0 [ 330.127863] __shmem_file_setup.part.0+0x102/0x2b0 [ 330.132790] shmem_file_setup+0x61/0x90 [ 330.136760] __se_sys_memfd_create+0x26b/0x440 [ 330.141339] ? memfd_file_seals_ptr+0x150/0x150 [ 330.146110] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 330.151474] ? trace_hardirqs_off_caller+0x6e/0x210 [ 330.156491] ? do_syscall_64+0x21/0x620 [ 330.160461] do_syscall_64+0xf9/0x620 [ 330.164259] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.169430] RIP: 0033:0x7f5bb64d2209 [ 330.173134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 330.192035] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 330.199737] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d2209 [ 330.206989] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f5bb652b29c [ 330.214251] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f5bb4e471d0 14:48:58 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 4) [ 330.221516] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 330.228769] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 14:48:58 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:58 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c002400", 0x10, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 330.279764] erofs: read_super, device -> /dev/loop5 [ 330.284930] erofs: options -> [ 330.288556] erofs: blksize 1 isn't supported on this platform [ 330.302733] erofs: unmounted for /dev/loop4 [ 330.308416] erofs: unmounted for /dev/loop3 [ 330.323242] FAULT_INJECTION: forcing a failure. [ 330.323242] name failslab, interval 1, probability 0, space 0, times 0 [ 330.334625] CPU: 1 PID: 23438 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 330.342507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 330.351857] Call Trace: [ 330.354443] dump_stack+0x1fc/0x2ef [ 330.358058] should_fail.cold+0xa/0xf [ 330.361856] ? setup_fault_attr+0x200/0x200 [ 330.366169] ? lock_acquire+0x170/0x3c0 [ 330.370128] __should_failslab+0x115/0x180 [ 330.374349] should_failslab+0x5/0x10 [ 330.378158] kmem_cache_alloc+0x277/0x370 [ 330.382306] __alloc_file+0x21/0x340 [ 330.386014] alloc_empty_file+0x6d/0x170 [ 330.390061] alloc_file+0x5e/0x4d0 [ 330.393589] alloc_file_pseudo+0x165/0x250 [ 330.397807] ? alloc_file+0x4d0/0x4d0 [ 330.401604] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 330.407232] ? shmem_get_inode+0x44c/0x8d0 [ 330.411476] __shmem_file_setup.part.0+0x102/0x2b0 [ 330.416404] shmem_file_setup+0x61/0x90 [ 330.420370] __se_sys_memfd_create+0x26b/0x440 [ 330.424947] ? memfd_file_seals_ptr+0x150/0x150 14:48:58 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_LIST_KEY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r0, 0x2, 0x70bd2b, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r1, &(0x7f0000000000)={0x2, 0x7}, 0x2) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) [ 330.429601] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 330.434949] ? trace_hardirqs_off_caller+0x6e/0x210 [ 330.439959] ? do_syscall_64+0x21/0x620 [ 330.443924] do_syscall_64+0xf9/0x620 [ 330.447710] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.452888] RIP: 0033:0x7f5bb64d2209 [ 330.456591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:48:58 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 5) [ 330.475486] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 330.483201] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d2209 [ 330.490485] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f5bb652b29c [ 330.497759] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f5bb4e471d0 [ 330.505017] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 330.512275] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 330.603924] erofs: read_super, device -> /dev/loop1 [ 330.608965] erofs: options -> [ 330.612966] erofs: root inode @ nid 36 [ 330.617277] erofs: mounted on /dev/loop1 with opts: . 14:48:58 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:58 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 330.646087] FAULT_INJECTION: forcing a failure. [ 330.646087] name failslab, interval 1, probability 0, space 0, times 0 [ 330.701458] erofs: unmounted for /dev/loop1 [ 330.707793] misc userio: The device must be registered before sending interrupts [ 330.723290] CPU: 1 PID: 23447 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 330.731187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 330.740569] Call Trace: [ 330.743168] dump_stack+0x1fc/0x2ef [ 330.746809] should_fail.cold+0xa/0xf [ 330.750622] ? setup_fault_attr+0x200/0x200 [ 330.754960] ? lock_acquire+0x170/0x3c0 [ 330.758939] __should_failslab+0x115/0x180 [ 330.763188] should_failslab+0x5/0x10 [ 330.766990] kmem_cache_alloc_trace+0x284/0x380 [ 330.771656] apparmor_file_alloc_security+0x394/0xad0 [ 330.776840] ? apparmor_file_receive+0x160/0x160 [ 330.781590] ? __alloc_file+0x21/0x340 [ 330.785473] security_file_alloc+0x40/0x90 [ 330.789691] __alloc_file+0xd8/0x340 [ 330.793408] alloc_empty_file+0x6d/0x170 [ 330.797452] alloc_file+0x5e/0x4d0 [ 330.800980] alloc_file_pseudo+0x165/0x250 [ 330.805213] ? alloc_file+0x4d0/0x4d0 [ 330.808998] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 330.814605] ? shmem_get_inode+0x44c/0x8d0 [ 330.818824] __shmem_file_setup.part.0+0x102/0x2b0 [ 330.823747] shmem_file_setup+0x61/0x90 [ 330.827706] __se_sys_memfd_create+0x26b/0x440 [ 330.832280] ? memfd_file_seals_ptr+0x150/0x150 [ 330.836941] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 330.842292] ? trace_hardirqs_off_caller+0x6e/0x210 [ 330.847302] ? do_syscall_64+0x21/0x620 [ 330.851270] do_syscall_64+0xf9/0x620 [ 330.855084] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.860261] RIP: 0033:0x7f5bb64d2209 [ 330.863975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 330.882860] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 330.890555] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d2209 14:48:58 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 6) [ 330.897815] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f5bb652b29c [ 330.905066] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f5bb4e471d0 [ 330.912323] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 330.919606] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 330.966609] erofs: read_super, device -> /dev/loop3 [ 330.969775] erofs: read_super, device -> /dev/loop4 [ 330.977589] erofs: options -> [ 330.978722] erofs: read_super, device -> /dev/loop5 [ 330.986517] erofs: root inode @ nid 36 [ 330.990568] erofs: options -> [ 330.994438] erofs: blksize 1 isn't supported on this platform [ 330.999580] erofs: mounted on /dev/loop4 with opts: . [ 331.002842] erofs: options -> [ 331.021258] erofs: root inode @ nid 36 14:48:59 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 331.041649] FAULT_INJECTION: forcing a failure. [ 331.041649] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 331.049116] erofs: mounted on /dev/loop3 with opts: . [ 331.053862] CPU: 1 PID: 23472 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 331.066725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 331.076155] Call Trace: [ 331.078728] dump_stack+0x1fc/0x2ef [ 331.082354] should_fail.cold+0xa/0xf [ 331.086150] ? lock_acquire+0x170/0x3c0 [ 331.090111] ? setup_fault_attr+0x200/0x200 [ 331.094419] __alloc_pages_nodemask+0x239/0x2890 [ 331.099175] ? __lock_acquire+0x6de/0x3ff0 [ 331.103410] ? static_obj+0x50/0x50 [ 331.107032] ? __lock_acquire+0x6de/0x3ff0 [ 331.111275] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 331.116127] ? __lock_acquire+0x6de/0x3ff0 [ 331.120361] ? mark_held_locks+0xf0/0xf0 [ 331.124427] ? unwind_next_frame+0xeee/0x1400 [ 331.128914] ? mark_held_locks+0xf0/0xf0 [ 331.132960] ? deref_stack_reg+0x134/0x1d0 [ 331.137175] ? get_reg+0x176/0x1f0 [ 331.140708] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 331.146585] alloc_pages_vma+0xf2/0x780 [ 331.150558] shmem_alloc_page+0x11c/0x1f0 [ 331.154712] ? shmem_swapin+0x220/0x220 [ 331.158694] ? percpu_counter_add_batch+0x126/0x180 [ 331.163710] ? __vm_enough_memory+0x316/0x650 [ 331.168220] shmem_alloc_and_acct_page+0x15a/0x850 [ 331.173140] shmem_getpage_gfp+0x4e9/0x37f0 [ 331.177453] ? shmem_alloc_and_acct_page+0x850/0x850 [ 331.182552] ? mark_held_locks+0xa6/0xf0 [ 331.186604] ? ktime_get_coarse_real_ts64+0x1c7/0x290 [ 331.191774] ? iov_iter_fault_in_readable+0x1fc/0x3f0 [ 331.196966] shmem_write_begin+0xff/0x1e0 [ 331.201124] generic_perform_write+0x1f8/0x4d0 [ 331.205701] ? filemap_page_mkwrite+0x2f0/0x2f0 [ 331.210350] ? current_time+0x1c0/0x1c0 [ 331.214307] ? lock_acquire+0x170/0x3c0 [ 331.218265] __generic_file_write_iter+0x24b/0x610 [ 331.223193] generic_file_write_iter+0x3f8/0x730 [ 331.228030] __vfs_write+0x51b/0x770 [ 331.231727] ? kernel_read+0x110/0x110 [ 331.235601] ? check_preemption_disabled+0x41/0x280 [ 331.240616] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 331.245623] vfs_write+0x1f3/0x540 [ 331.249165] __x64_sys_pwrite64+0x1f7/0x250 [ 331.253470] ? ksys_pwrite64+0x1a0/0x1a0 [ 331.257516] ? trace_hardirqs_off_caller+0x6e/0x210 [ 331.262525] ? do_syscall_64+0x21/0x620 [ 331.266489] do_syscall_64+0xf9/0x620 [ 331.270290] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 331.275467] RIP: 0033:0x7f5bb64851d7 [ 331.279190] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 331.298077] RSP: 002b:00007f5bb4e46f00 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 331.305772] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64851d7 [ 331.313029] RDX: 000000000000000f RSI: 0000000020010000 RDI: 0000000000000004 [ 331.320289] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 331.327549] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 331.334796] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 14:48:59 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_LIST_KEY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r0, 0x2, 0x70bd2b, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r1, &(0x7f0000000000)={0x2, 0x7}, 0x2) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) [ 331.350352] erofs: unmounted for /dev/loop4 [ 331.361671] erofs: read_super, device -> /dev/loop1 [ 331.388638] erofs: options -> [ 331.392713] erofs: root inode @ nid 36 14:48:59 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:59 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:59 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 331.396833] erofs: mounted on /dev/loop1 with opts: . [ 331.405408] erofs: read_super, device -> /dev/loop2 [ 331.411840] erofs: options -> [ 331.424000] erofs: cannot find valid erofs superblock [ 331.433201] erofs: unmounted for /dev/loop3 [ 331.456996] erofs: unmounted for /dev/loop1 [ 331.477469] misc userio: The device must be registered before sending interrupts 14:48:59 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 7) [ 331.560562] erofs: read_super, device -> /dev/loop4 [ 331.565172] erofs: read_super, device -> /dev/loop3 [ 331.565601] erofs: options -> [ 331.571123] erofs: options -> [ 331.577370] erofs: read_super, device -> /dev/loop5 [ 331.590097] erofs: options -> [ 331.594809] erofs: cannot find valid erofs superblock [ 331.604688] erofs: blksize 1 isn't supported on this platform [ 331.610861] erofs: root inode @ nid 36 [ 331.625392] erofs: mounted on /dev/loop4 with opts: . [ 331.638014] FAULT_INJECTION: forcing a failure. [ 331.638014] name failslab, interval 1, probability 0, space 0, times 0 [ 331.649888] CPU: 1 PID: 23504 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 331.657792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 331.667135] Call Trace: [ 331.669709] dump_stack+0x1fc/0x2ef [ 331.673338] should_fail.cold+0xa/0xf [ 331.677146] ? setup_fault_attr+0x200/0x200 [ 331.681463] ? lock_acquire+0x170/0x3c0 [ 331.685425] __should_failslab+0x115/0x180 [ 331.689643] should_failslab+0x5/0x10 [ 331.693434] kmem_cache_alloc+0x277/0x370 [ 331.697576] getname_flags+0xce/0x590 [ 331.701361] do_sys_open+0x26c/0x520 [ 331.705064] ? filp_open+0x70/0x70 [ 331.708589] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 331.713949] ? trace_hardirqs_off_caller+0x6e/0x210 [ 331.718968] ? do_syscall_64+0x21/0x620 [ 331.722935] do_syscall_64+0xf9/0x620 [ 331.726721] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 331.731901] RIP: 0033:0x7f5bb6485124 [ 331.735615] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 14:48:59 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 8) [ 331.754511] RSP: 002b:00007f5bb4e46eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 331.762206] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb6485124 [ 331.769463] RDX: 0000000000000002 RSI: 00007f5bb4e46fe0 RDI: 00000000ffffff9c [ 331.776718] RBP: 00007f5bb4e46fe0 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 331.783973] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 331.791229] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:48:59 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:59 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:48:59 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 331.858211] erofs: read_super, device -> /dev/loop1 [ 331.874480] erofs: options -> [ 331.890200] erofs: unmounted for /dev/loop4 [ 331.902055] erofs: root inode @ nid 36 14:48:59 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_LIST_KEY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r0, 0x2, 0x70bd2b, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async) gettid() (async) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r1, &(0x7f0000000000)={0x2, 0x7}, 0x2) (async, rerun: 64) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (rerun: 64) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) [ 331.912612] erofs: mounted on /dev/loop1 with opts: . [ 331.926056] FAULT_INJECTION: forcing a failure. [ 331.926056] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 331.937900] CPU: 1 PID: 23515 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 331.945775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 331.955124] Call Trace: [ 331.957696] dump_stack+0x1fc/0x2ef [ 331.961331] should_fail.cold+0xa/0xf [ 331.965125] ? setup_fault_attr+0x200/0x200 [ 331.969428] ? do_writepages+0x290/0x290 [ 331.973528] ? unlock_page+0x13d/0x230 [ 331.977403] __alloc_pages_nodemask+0x239/0x2890 [ 331.982156] ? lock_downgrade+0x720/0x720 [ 331.986297] ? check_preemption_disabled+0x41/0x280 [ 331.991312] ? __lock_acquire+0x6de/0x3ff0 [ 331.995544] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 332.000378] ? lock_downgrade+0x720/0x720 [ 332.004513] ? lock_acquire+0x170/0x3c0 [ 332.008472] ? up_write+0x18/0x150 [ 332.012003] ? generic_file_write_iter+0x381/0x730 [ 332.016920] ? iov_iter_init+0xb8/0x1d0 [ 332.020894] cache_grow_begin+0xa4/0x8a0 [ 332.024951] ? setup_fault_attr+0x200/0x200 [ 332.029253] ? lock_acquire+0x170/0x3c0 [ 332.033236] cache_alloc_refill+0x273/0x340 [ 332.037546] kmem_cache_alloc+0x346/0x370 [ 332.041689] getname_flags+0xce/0x590 [ 332.045484] do_sys_open+0x26c/0x520 [ 332.049191] ? filp_open+0x70/0x70 [ 332.052730] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 332.058086] ? trace_hardirqs_off_caller+0x6e/0x210 [ 332.063090] ? do_syscall_64+0x21/0x620 [ 332.067057] do_syscall_64+0xf9/0x620 [ 332.070875] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 332.076088] RIP: 0033:0x7f5bb6485124 [ 332.079815] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 332.098700] RSP: 002b:00007f5bb4e46eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 332.106389] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb6485124 [ 332.113639] RDX: 0000000000000002 RSI: 00007f5bb4e46fe0 RDI: 00000000ffffff9c [ 332.120899] RBP: 00007f5bb4e46fe0 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 332.128157] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 332.135409] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:00 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 332.174443] erofs: read_super, device -> /dev/loop5 [ 332.179792] erofs: options -> [ 332.179969] erofs: read_super, device -> /dev/loop2 [ 332.183880] erofs: read_super, device -> /dev/loop3 [ 332.197004] erofs: unmounted for /dev/loop1 [ 332.198303] erofs: options -> [ 332.210578] erofs: blksize 1 isn't supported on this platform [ 332.215987] erofs: root inode @ nid 36 [ 332.227566] erofs: bogus i_mode (0) @ nid 36 [ 332.232363] erofs: options -> [ 332.244194] erofs: cannot find valid erofs superblock [ 332.258591] misc userio: The device must be registered before sending interrupts [ 332.268718] misc userio: The device must be registered before sending interrupts 14:49:00 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:00 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 332.340015] erofs: read_super, device -> /dev/loop1 [ 332.344021] erofs: read_super, device -> /dev/loop4 [ 332.345275] erofs: options -> [ 332.360570] erofs: root inode @ nid 36 [ 332.364875] erofs: mounted on /dev/loop1 with opts: . [ 332.367833] erofs: options -> [ 332.379187] erofs: root inode @ nid 36 14:49:00 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 9) 14:49:00 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:00 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 332.386737] erofs: mounted on /dev/loop4 with opts: . [ 332.434673] erofs: unmounted for /dev/loop1 [ 332.437137] erofs: read_super, device -> /dev/loop5 [ 332.444543] erofs: unmounted for /dev/loop4 [ 332.446044] erofs: options -> [ 332.461990] erofs: blksize 1 isn't supported on this platform [ 332.468835] FAULT_INJECTION: forcing a failure. [ 332.468835] name failslab, interval 1, probability 0, space 0, times 0 [ 332.486172] CPU: 0 PID: 23554 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 332.494071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 332.503416] Call Trace: [ 332.505999] dump_stack+0x1fc/0x2ef [ 332.509622] should_fail.cold+0xa/0xf [ 332.513436] ? setup_fault_attr+0x200/0x200 [ 332.517740] ? lock_acquire+0x1ec/0x3c0 [ 332.521701] __should_failslab+0x115/0x180 [ 332.525942] should_failslab+0x5/0x10 [ 332.529732] kmem_cache_alloc_trace+0x284/0x380 [ 332.534387] apparmor_file_alloc_security+0x394/0xad0 [ 332.539561] ? apparmor_file_receive+0x160/0x160 [ 332.544300] ? __alloc_file+0x21/0x340 [ 332.548442] security_file_alloc+0x40/0x90 [ 332.552661] __alloc_file+0xd8/0x340 [ 332.556380] alloc_empty_file+0x6d/0x170 [ 332.560433] path_openat+0xe9/0x2df0 [ 332.564127] ? __lock_acquire+0x6de/0x3ff0 [ 332.568350] ? path_lookupat+0x8d0/0x8d0 [ 332.572392] ? mark_held_locks+0xf0/0xf0 [ 332.576436] ? mark_held_locks+0xf0/0xf0 [ 332.580490] do_filp_open+0x18c/0x3f0 [ 332.584277] ? may_open_dev+0xf0/0xf0 [ 332.588066] ? __alloc_fd+0x28d/0x570 [ 332.591863] ? lock_downgrade+0x720/0x720 [ 332.596004] ? lock_acquire+0x170/0x3c0 [ 332.599959] ? __alloc_fd+0x34/0x570 [ 332.603654] ? do_raw_spin_unlock+0x171/0x230 [ 332.608142] ? _raw_spin_unlock+0x29/0x40 [ 332.612280] ? __alloc_fd+0x28d/0x570 [ 332.616069] do_sys_open+0x3b3/0x520 [ 332.619774] ? filp_open+0x70/0x70 [ 332.623299] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 332.628644] ? trace_hardirqs_off_caller+0x6e/0x210 [ 332.633644] ? do_syscall_64+0x21/0x620 [ 332.637603] do_syscall_64+0xf9/0x620 [ 332.641389] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 332.646560] RIP: 0033:0x7f5bb6485124 [ 332.650256] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 332.669138] RSP: 002b:00007f5bb4e46eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 332.676828] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb6485124 14:49:00 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 10) [ 332.684079] RDX: 0000000000000002 RSI: 00007f5bb4e46fe0 RDI: 00000000ffffff9c [ 332.691328] RBP: 00007f5bb4e46fe0 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 332.698579] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 332.705856] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:00 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 332.780551] erofs: read_super, device -> /dev/loop3 [ 332.785591] erofs: options -> [ 332.792491] erofs: read_super, device -> /dev/loop4 [ 332.800930] erofs: cannot find valid erofs superblock [ 332.808593] erofs: options -> [ 332.824268] erofs: root inode @ nid 36 [ 332.838060] erofs: mounted on /dev/loop4 with opts: . 14:49:00 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 332.864175] FAULT_INJECTION: forcing a failure. [ 332.864175] name failslab, interval 1, probability 0, space 0, times 0 [ 332.884315] CPU: 0 PID: 23570 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 332.892217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 332.901566] Call Trace: [ 332.904148] dump_stack+0x1fc/0x2ef [ 332.907772] should_fail.cold+0xa/0xf [ 332.911567] ? setup_fault_attr+0x200/0x200 [ 332.915881] ? lock_acquire+0x170/0x3c0 [ 332.919848] __should_failslab+0x115/0x180 [ 332.924085] should_failslab+0x5/0x10 [ 332.927883] kmem_cache_alloc_trace+0x284/0x380 [ 332.932546] ? loop_info64_to_compat+0x5e0/0x5e0 [ 332.937293] __kthread_create_on_node+0xd2/0x410 [ 332.942048] ? kthread_parkme+0xa0/0xa0 [ 332.946039] ? lock_acquire+0x170/0x3c0 [ 332.950000] ? lo_ioctl+0x1bb/0x20e0 [ 332.953722] ? __mutex_lock+0x368/0x1190 [ 332.957776] ? lock_downgrade+0x720/0x720 [ 332.961911] ? check_preemption_disabled+0x41/0x280 [ 332.966913] ? loop_info64_to_compat+0x5e0/0x5e0 [ 332.971652] kthread_create_on_node+0xbb/0xf0 [ 332.976130] ? __kthread_create_on_node+0x410/0x410 [ 332.981140] ? __fget+0x356/0x510 [ 332.984577] ? do_dup2+0x450/0x450 [ 332.988097] ? __lockdep_init_map+0x100/0x5a0 [ 332.992578] ? __lockdep_init_map+0x100/0x5a0 [ 332.997057] lo_ioctl+0xae5/0x20e0 [ 333.000583] ? loop_set_status64+0x110/0x110 [ 333.004974] blkdev_ioctl+0x5cb/0x1a80 [ 333.008848] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.014191] ? blkpg_ioctl+0x9d0/0x9d0 [ 333.018060] ? mark_held_locks+0xf0/0xf0 [ 333.022103] ? mark_held_locks+0xf0/0xf0 [ 333.026150] ? debug_check_no_obj_freed+0x201/0x490 [ 333.031152] ? lock_downgrade+0x720/0x720 [ 333.035281] block_ioctl+0xe9/0x130 [ 333.038889] ? blkdev_fallocate+0x3f0/0x3f0 [ 333.043195] do_vfs_ioctl+0xcdb/0x12e0 [ 333.047084] ? lock_downgrade+0x720/0x720 [ 333.051215] ? check_preemption_disabled+0x41/0x280 [ 333.056214] ? ioctl_preallocate+0x200/0x200 [ 333.060619] ? __fget+0x356/0x510 [ 333.064056] ? do_dup2+0x450/0x450 [ 333.067576] ? do_sys_open+0x2bf/0x520 [ 333.071445] ksys_ioctl+0x9b/0xc0 [ 333.074883] __x64_sys_ioctl+0x6f/0xb0 [ 333.078758] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 333.083332] do_syscall_64+0xf9/0x620 [ 333.087132] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.092321] RIP: 0033:0x7f5bb64d1fc7 [ 333.096029] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 333.114931] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 333.122634] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 333.129889] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 333.137157] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 333.144412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 333.151662] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:01 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:01 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 11) [ 333.173753] erofs: read_super, device -> /dev/loop1 [ 333.174967] erofs: read_super, device -> /dev/loop5 [ 333.178778] erofs: options -> [ 333.179033] erofs: root inode @ nid 36 [ 333.191298] erofs: mounted on /dev/loop1 with opts: . [ 333.225760] erofs: unmounted for /dev/loop4 [ 333.237690] erofs: unmounted for /dev/loop1 [ 333.247203] erofs: options -> [ 333.252000] erofs: blksize 1 isn't supported on this platform [ 333.301078] FAULT_INJECTION: forcing a failure. [ 333.301078] name failslab, interval 1, probability 0, space 0, times 0 [ 333.312853] CPU: 1 PID: 23583 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 333.320746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 333.330092] Call Trace: [ 333.332678] dump_stack+0x1fc/0x2ef [ 333.336304] should_fail.cold+0xa/0xf [ 333.340090] ? setup_fault_attr+0x200/0x200 [ 333.344412] ? lock_acquire+0x170/0x3c0 [ 333.348395] __should_failslab+0x115/0x180 [ 333.352625] should_failslab+0x5/0x10 [ 333.356416] kmem_cache_alloc_trace+0x284/0x380 [ 333.361080] ? loop_info64_to_compat+0x5e0/0x5e0 [ 333.365825] __kthread_create_on_node+0xd2/0x410 [ 333.370655] ? kthread_parkme+0xa0/0xa0 [ 333.374617] ? lock_acquire+0x170/0x3c0 [ 333.378581] ? lo_ioctl+0x1bb/0x20e0 [ 333.382289] ? __mutex_lock+0x368/0x1190 [ 333.386341] ? lock_downgrade+0x720/0x720 [ 333.390475] ? check_preemption_disabled+0x41/0x280 [ 333.395480] ? loop_info64_to_compat+0x5e0/0x5e0 [ 333.400224] kthread_create_on_node+0xbb/0xf0 [ 333.404710] ? __kthread_create_on_node+0x410/0x410 [ 333.409716] ? __fget+0x356/0x510 [ 333.413180] ? do_dup2+0x450/0x450 [ 333.416710] ? __lockdep_init_map+0x100/0x5a0 [ 333.421195] ? __lockdep_init_map+0x100/0x5a0 [ 333.425681] lo_ioctl+0xae5/0x20e0 [ 333.429213] ? loop_set_status64+0x110/0x110 [ 333.433611] blkdev_ioctl+0x5cb/0x1a80 [ 333.437490] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.442841] ? blkpg_ioctl+0x9d0/0x9d0 [ 333.446717] ? mark_held_locks+0xf0/0xf0 [ 333.450769] ? mark_held_locks+0xf0/0xf0 [ 333.454824] ? debug_check_no_obj_freed+0x201/0x490 [ 333.459831] ? lock_downgrade+0x720/0x720 [ 333.463966] block_ioctl+0xe9/0x130 [ 333.467576] ? blkdev_fallocate+0x3f0/0x3f0 [ 333.471887] do_vfs_ioctl+0xcdb/0x12e0 [ 333.475765] ? lock_downgrade+0x720/0x720 [ 333.479898] ? check_preemption_disabled+0x41/0x280 [ 333.484909] ? ioctl_preallocate+0x200/0x200 [ 333.489306] ? __fget+0x356/0x510 [ 333.492757] ? do_dup2+0x450/0x450 [ 333.496287] ? do_sys_open+0x2bf/0x520 [ 333.500172] ksys_ioctl+0x9b/0xc0 [ 333.503618] __x64_sys_ioctl+0x6f/0xb0 [ 333.507492] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 333.512062] do_syscall_64+0xf9/0x620 [ 333.515851] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.521027] RIP: 0033:0x7f5bb64d1fc7 [ 333.524733] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 333.543618] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:49:01 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000080}, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) 14:49:01 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:01 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 12) [ 333.551315] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 333.558589] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 333.565846] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 333.573099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 333.580353] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 333.644629] erofs: read_super, device -> /dev/loop4 [ 333.649672] erofs: options -> 14:49:01 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 333.685984] erofs: read_super, device -> /dev/loop3 [ 333.695650] erofs: root inode @ nid 36 [ 333.706671] erofs: options -> [ 333.716391] erofs: mounted on /dev/loop4 with opts: . [ 333.717212] erofs: read_super, device -> /dev/loop1 [ 333.723763] FAULT_INJECTION: forcing a failure. [ 333.723763] name failslab, interval 1, probability 0, space 0, times 0 [ 333.736242] erofs: options -> [ 333.739674] CPU: 1 PID: 23601 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 333.744657] erofs: blksize 1 isn't supported on this platform [ 333.750055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 333.750060] Call Trace: [ 333.750082] dump_stack+0x1fc/0x2ef [ 333.750104] should_fail.cold+0xa/0xf [ 333.750121] ? setup_fault_attr+0x200/0x200 [ 333.750139] ? lock_acquire+0x170/0x3c0 [ 333.774373] erofs: root inode @ nid 36 [ 333.775338] __should_failslab+0x115/0x180 [ 333.775357] should_failslab+0x5/0x10 [ 333.775372] kmem_cache_alloc+0x277/0x370 [ 333.775391] __kernfs_new_node+0xd2/0x680 [ 333.780044] erofs: mounted on /dev/loop1 with opts: . [ 333.783711] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 333.783727] ? _raw_spin_unlock_irq+0x5a/0x80 [ 333.783743] ? __cpu_to_node+0x7b/0xa0 [ 333.783763] ? mark_held_locks+0xf0/0xf0 [ 333.783776] ? io_schedule_timeout+0x140/0x140 [ 333.783790] ? enqueue_entity+0xf86/0x3850 [ 333.783807] ? set_user_nice.part.0+0x3b9/0xab0 [ 333.783826] kernfs_create_dir_ns+0x9e/0x230 [ 333.783843] internal_create_group+0x1c1/0xb20 [ 333.783862] ? sysfs_remove_link_from_group+0x70/0x70 [ 333.783873] ? lock_downgrade+0x720/0x720 [ 333.783899] lo_ioctl+0xf7c/0x20e0 [ 333.783919] ? loop_set_status64+0x110/0x110 [ 333.783935] blkdev_ioctl+0x5cb/0x1a80 [ 333.783950] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.783963] ? blkpg_ioctl+0x9d0/0x9d0 [ 333.783977] ? mark_held_locks+0xf0/0xf0 [ 333.783991] ? mark_held_locks+0xf0/0xf0 [ 333.784009] ? debug_check_no_obj_freed+0x201/0x490 [ 333.784027] ? lock_downgrade+0x720/0x720 [ 333.784042] block_ioctl+0xe9/0x130 [ 333.900053] ? blkdev_fallocate+0x3f0/0x3f0 [ 333.904376] do_vfs_ioctl+0xcdb/0x12e0 [ 333.908269] ? lock_downgrade+0x720/0x720 [ 333.912416] ? check_preemption_disabled+0x41/0x280 [ 333.917429] ? ioctl_preallocate+0x200/0x200 [ 333.921829] ? __fget+0x356/0x510 [ 333.925285] ? do_dup2+0x450/0x450 [ 333.928811] ? do_sys_open+0x2bf/0x520 [ 333.932700] ksys_ioctl+0x9b/0xc0 [ 333.936150] __x64_sys_ioctl+0x6f/0xb0 [ 333.940041] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 333.944618] do_syscall_64+0xf9/0x620 [ 333.948418] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.953597] RIP: 0033:0x7f5bb64d1fc7 [ 333.957310] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 333.976198] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 333.983889] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 333.991244] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 333.998509] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 334.005786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 334.013057] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:02 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:02 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:02 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 13) 14:49:02 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 334.045792] erofs: read_super, device -> /dev/loop2 [ 334.051183] erofs: options -> [ 334.057272] erofs: root inode @ nid 36 [ 334.061666] erofs: bogus i_mode (0) @ nid 36 [ 334.074180] erofs: unmounted for /dev/loop4 [ 334.114755] erofs: unmounted for /dev/loop1 [ 334.121315] erofs: read_super, device -> /dev/loop5 [ 334.126575] erofs: options -> [ 334.131176] erofs: blksize 1 isn't supported on this platform 14:49:02 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:02 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000080}, 0x8000) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64) gettid() (rerun: 64) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async, rerun: 32) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (rerun: 32) [ 334.230368] erofs: read_super, device -> /dev/loop3 [ 334.235415] erofs: options -> [ 334.253050] erofs: blksize 1 isn't supported on this platform 14:49:02 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 334.344258] misc userio: Begin command sent, but we're already running [ 334.357101] FAULT_INJECTION: forcing a failure. [ 334.357101] name failslab, interval 1, probability 0, space 0, times 0 [ 334.359693] misc userio: Begin command sent, but we're already running [ 334.384619] misc userio: Begin command sent, but we're already running [ 334.391819] CPU: 1 PID: 23635 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 334.393543] misc userio: Begin command sent, but we're already running [ 334.399722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 334.399728] Call Trace: [ 334.399750] dump_stack+0x1fc/0x2ef [ 334.399770] should_fail.cold+0xa/0xf [ 334.415138] misc userio: Begin command sent, but we're already running [ 334.415769] ? setup_fault_attr+0x200/0x200 [ 334.415784] ? lock_acquire+0x170/0x3c0 [ 334.415803] __should_failslab+0x115/0x180 [ 334.418425] misc userio: Begin command sent, but we're already running [ 334.422012] should_failslab+0x5/0x10 [ 334.422026] kmem_cache_alloc+0x277/0x370 [ 334.422044] __kernfs_new_node+0xd2/0x680 [ 334.422061] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 334.422078] ? __mutex_unlock_slowpath+0xea/0x610 [ 334.422093] ? wait_for_completion_io+0x10/0x10 [ 334.422110] ? kernfs_next_descendant_post+0x19c/0x290 [ 334.422128] kernfs_new_node+0x92/0x120 [ 334.422145] __kernfs_create_file+0x51/0x340 [ 334.422164] sysfs_add_file_mode_ns+0x226/0x540 [ 334.422185] internal_create_group+0x355/0xb20 [ 334.438239] misc userio: Begin command sent, but we're already running [ 334.440887] ? sysfs_remove_link_from_group+0x70/0x70 [ 334.440902] ? lock_downgrade+0x720/0x720 [ 334.440926] lo_ioctl+0xf7c/0x20e0 [ 334.440945] ? loop_set_status64+0x110/0x110 [ 334.440962] blkdev_ioctl+0x5cb/0x1a80 [ 334.440978] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 334.440993] ? blkpg_ioctl+0x9d0/0x9d0 [ 334.449716] misc userio: Begin command sent, but we're already running [ 334.451869] ? mark_held_locks+0xf0/0xf0 [ 334.451884] ? mark_held_locks+0xf0/0xf0 [ 334.451904] ? debug_check_no_obj_freed+0x201/0x490 [ 334.451924] ? lock_downgrade+0x720/0x720 [ 334.451940] block_ioctl+0xe9/0x130 [ 334.451952] ? blkdev_fallocate+0x3f0/0x3f0 [ 334.451967] do_vfs_ioctl+0xcdb/0x12e0 [ 334.451983] ? lock_downgrade+0x720/0x720 [ 334.464932] misc userio: Begin command sent, but we're already running [ 334.468798] ? check_preemption_disabled+0x41/0x280 [ 334.468817] ? ioctl_preallocate+0x200/0x200 [ 334.468836] ? __fget+0x356/0x510 [ 334.487890] misc userio: Begin command sent, but we're already running [ 334.492025] ? do_dup2+0x450/0x450 [ 334.492041] ? do_sys_open+0x2bf/0x520 [ 334.492061] ksys_ioctl+0x9b/0xc0 [ 334.492078] __x64_sys_ioctl+0x6f/0xb0 [ 334.492093] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 334.492107] do_syscall_64+0xf9/0x620 [ 334.492126] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 334.492140] RIP: 0033:0x7f5bb64d1fc7 [ 334.507094] misc userio: Begin command sent, but we're already running [ 334.508017] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 334.508025] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 334.508039] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 334.508050] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 334.519511] misc userio: Begin command sent, but we're already running [ 334.521224] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 334.521232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 334.521240] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 334.589374] erofs: read_super, device -> /dev/loop1 [ 334.595742] misc userio: Begin command sent, but we're already running [ 334.598981] erofs: options -> [ 334.635103] misc userio: Begin command sent, but we're already running [ 334.643575] erofs: read_super, device -> /dev/loop2 [ 334.676751] misc userio: Begin command sent, but we're already running [ 334.682557] erofs: options -> [ 334.708272] erofs: read_super, device -> /dev/loop5 [ 334.709289] erofs: root inode @ nid 36 [ 334.755760] erofs: options -> [ 334.762419] erofs: read_super, device -> /dev/loop4 [ 334.766146] erofs: read_super, device -> /dev/loop3 [ 334.773304] erofs: options -> [ 334.790295] erofs: root inode @ nid 36 [ 334.800290] erofs: root inode @ nid 36 [ 334.818584] erofs: options -> [ 334.822203] erofs: bogus i_mode (0) @ nid 36 [ 334.828058] erofs: mounted on /dev/loop4 with opts: . [ 334.835036] erofs: blksize 1 isn't supported on this platform [ 334.836793] misc userio: Begin command sent, but we're already running 14:49:02 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xe702, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 334.845848] erofs: blksize 1 isn't supported on this platform [ 334.855239] misc userio: Begin command sent, but we're already running 14:49:02 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 14) 14:49:02 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 334.899305] misc userio: Begin command sent, but we're already running [ 334.912730] erofs: mounted on /dev/loop1 with opts: . [ 334.914737] misc userio: Begin command sent, but we're already running [ 334.924858] erofs: unmounted for /dev/loop4 14:49:02 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 334.964772] misc userio: Begin command sent, but we're already running [ 334.973785] misc userio: Begin command sent, but we're already running [ 334.982919] misc userio: Begin command sent, but we're already running [ 334.989617] misc userio: Begin command sent, but we're already running [ 334.999657] misc userio: Begin command sent, but we're already running [ 335.008256] misc userio: Begin command sent, but we're already running [ 335.018167] misc userio: Begin command sent, but we're already running [ 335.021271] FAULT_INJECTION: forcing a failure. [ 335.021271] name failslab, interval 1, probability 0, space 0, times 0 [ 335.028096] misc userio: Begin command sent, but we're already running [ 335.037069] CPU: 0 PID: 23662 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 335.049796] misc userio: Begin command sent, but we're already running [ 335.050731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 335.050737] Call Trace: [ 335.050756] dump_stack+0x1fc/0x2ef [ 335.050775] should_fail.cold+0xa/0xf [ 335.050796] ? setup_fault_attr+0x200/0x200 [ 335.060145] misc userio: Begin command sent, but we're already running [ 335.066784] ? lock_acquire+0x170/0x3c0 [ 335.066805] __should_failslab+0x115/0x180 [ 335.066821] should_failslab+0x5/0x10 [ 335.066835] kmem_cache_alloc+0x277/0x370 [ 335.066853] __kernfs_new_node+0xd2/0x680 [ 335.066870] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 335.066889] ? __mutex_unlock_slowpath+0xea/0x610 [ 335.066905] ? wait_for_completion_io+0x10/0x10 [ 335.066921] ? kernfs_next_descendant_post+0x19c/0x290 [ 335.066943] kernfs_new_node+0x92/0x120 [ 335.066963] __kernfs_create_file+0x51/0x340 [ 335.066983] sysfs_add_file_mode_ns+0x226/0x540 [ 335.067005] internal_create_group+0x355/0xb20 [ 335.067026] ? sysfs_remove_link_from_group+0x70/0x70 [ 335.067040] ? lock_downgrade+0x720/0x720 [ 335.067068] lo_ioctl+0xf7c/0x20e0 [ 335.067087] ? loop_set_status64+0x110/0x110 [ 335.067104] blkdev_ioctl+0x5cb/0x1a80 14:49:03 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 335.067119] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 335.067132] ? blkpg_ioctl+0x9d0/0x9d0 [ 335.067148] ? mark_held_locks+0xf0/0xf0 [ 335.067163] ? mark_held_locks+0xf0/0xf0 [ 335.067187] ? debug_check_no_obj_freed+0x201/0x490 [ 335.067206] ? lock_downgrade+0x720/0x720 [ 335.067222] block_ioctl+0xe9/0x130 [ 335.067234] ? blkdev_fallocate+0x3f0/0x3f0 [ 335.067249] do_vfs_ioctl+0xcdb/0x12e0 [ 335.067265] ? lock_downgrade+0x720/0x720 [ 335.067281] ? check_preemption_disabled+0x41/0x280 [ 335.067295] ? ioctl_preallocate+0x200/0x200 [ 335.067314] ? __fget+0x356/0x510 [ 335.067331] ? do_dup2+0x450/0x450 [ 335.067346] ? do_sys_open+0x2bf/0x520 [ 335.067369] ksys_ioctl+0x9b/0xc0 [ 335.067385] __x64_sys_ioctl+0x6f/0xb0 [ 335.067400] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 335.067413] do_syscall_64+0xf9/0x620 [ 335.067432] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 335.067444] RIP: 0033:0x7f5bb64d1fc7 [ 335.067458] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 335.067466] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 335.067480] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 335.067488] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 335.067496] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 335.067504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 335.067511] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 335.150350] erofs: read_super, device -> /dev/loop2 [ 335.190765] erofs: unmounted for /dev/loop1 [ 335.197617] erofs: options -> [ 335.207389] erofs: read_super, device -> /dev/loop3 [ 335.239316] erofs: root inode @ nid 36 [ 335.248107] erofs: read_super, device -> /dev/loop5 [ 335.339632] erofs: bogus i_mode (0) @ nid 36 [ 335.343005] erofs: options -> [ 335.355768] erofs: blksize 1 isn't supported on this platform 14:49:03 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000080}, 0x8000) (async) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() (async) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) 14:49:03 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xedc0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 335.384358] erofs: options -> [ 335.388145] erofs: read_super, device -> /dev/loop4 [ 335.396989] erofs: options -> [ 335.400684] erofs: root inode @ nid 36 [ 335.404697] erofs: blksize 1 isn't supported on this platform [ 335.406227] erofs: mounted on /dev/loop4 with opts: . 14:49:03 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:03 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:03 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 15) [ 335.483021] erofs: unmounted for /dev/loop4 14:49:03 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 335.511860] erofs: read_super, device -> /dev/loop1 [ 335.524830] erofs: options -> [ 335.531386] erofs: root inode @ nid 36 [ 335.541371] erofs: mounted on /dev/loop1 with opts: . [ 335.591480] FAULT_INJECTION: forcing a failure. [ 335.591480] name failslab, interval 1, probability 0, space 0, times 0 [ 335.600377] erofs: unmounted for /dev/loop1 [ 335.605152] CPU: 0 PID: 23699 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 335.614927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 335.624277] Call Trace: [ 335.626851] dump_stack+0x1fc/0x2ef [ 335.630570] should_fail.cold+0xa/0xf [ 335.634357] ? setup_fault_attr+0x200/0x200 [ 335.638675] ? lock_acquire+0x170/0x3c0 [ 335.642646] __should_failslab+0x115/0x180 [ 335.647132] should_failslab+0x5/0x10 [ 335.650922] kmem_cache_alloc+0x277/0x370 [ 335.655055] __kernfs_new_node+0xd2/0x680 [ 335.659186] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 335.663925] ? __mutex_unlock_slowpath+0xea/0x610 [ 335.668752] ? wait_for_completion_io+0x10/0x10 [ 335.673405] ? kernfs_next_descendant_post+0x19c/0x290 [ 335.678667] kernfs_new_node+0x92/0x120 [ 335.682629] __kernfs_create_file+0x51/0x340 [ 335.687114] sysfs_add_file_mode_ns+0x226/0x540 [ 335.691872] internal_create_group+0x355/0xb20 [ 335.696437] ? sysfs_remove_link_from_group+0x70/0x70 [ 335.701610] ? lock_downgrade+0x720/0x720 [ 335.705748] lo_ioctl+0xf7c/0x20e0 [ 335.709272] ? loop_set_status64+0x110/0x110 [ 335.713665] blkdev_ioctl+0x5cb/0x1a80 [ 335.717540] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 335.722897] ? blkpg_ioctl+0x9d0/0x9d0 [ 335.726780] ? mark_held_locks+0xf0/0xf0 [ 335.730831] ? mark_held_locks+0xf0/0xf0 [ 335.734893] ? debug_check_no_obj_freed+0x201/0x490 [ 335.739904] ? lock_downgrade+0x720/0x720 [ 335.744035] block_ioctl+0xe9/0x130 [ 335.748088] ? blkdev_fallocate+0x3f0/0x3f0 [ 335.752409] do_vfs_ioctl+0xcdb/0x12e0 [ 335.756283] ? lock_downgrade+0x720/0x720 [ 335.760414] ? check_preemption_disabled+0x41/0x280 [ 335.765412] ? ioctl_preallocate+0x200/0x200 [ 335.769806] ? __fget+0x356/0x510 [ 335.773273] ? do_dup2+0x450/0x450 [ 335.776829] ? do_sys_open+0x2bf/0x520 [ 335.780716] ksys_ioctl+0x9b/0xc0 [ 335.784166] __x64_sys_ioctl+0x6f/0xb0 [ 335.788047] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 335.792620] do_syscall_64+0xf9/0x620 [ 335.796418] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 335.801598] RIP: 0033:0x7f5bb64d1fc7 [ 335.805304] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 335.824200] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 335.831900] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 335.839164] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 335.846421] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 335.853673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 335.860923] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 335.874282] erofs: read_super, device -> /dev/loop2 [ 335.879398] erofs: options -> [ 335.883161] erofs: root inode @ nid 36 [ 335.888461] erofs: bogus i_mode (0) @ nid 36 [ 335.892785] erofs: read_super, device -> /dev/loop5 [ 335.899395] erofs: options -> [ 335.907353] erofs: blksize 1 isn't supported on this platform [ 335.923116] erofs: read_super, device -> /dev/loop4 [ 335.923566] erofs: read_super, device -> /dev/loop3 [ 335.928144] erofs: options -> [ 335.933520] erofs: options -> [ 335.940742] erofs: blksize 1 isn't supported on this platform [ 335.946797] erofs: root inode @ nid 36 [ 335.951272] erofs: mounted on /dev/loop4 with opts: . 14:49:04 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x66, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:04 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 16) 14:49:04 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:04 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 336.106132] erofs: unmounted for /dev/loop4 14:49:04 executing program 0: perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x0, 0xf7, 0x0, 0x3f, 0x0, 0xf9, 0x2000, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x2, @perf_config_ext={0x8, 0x2d}, 0x1020, 0x5, 0x572, 0x0, 0x0, 0x5, 0x9, 0x0, 0x9, 0x0, 0x141}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x9) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = dup2(r0, r1) ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000080)={0x2}) connect$can_bcm(r2, &(0x7f0000000000), 0x10) gettid() r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, &(0x7f0000000080)={0x2}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_GET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r5, 0x721}, 0x14}}, 0x0) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0xe8, r5, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}]}, 0xe8}, 0x1, 0x0, 0x0, 0x40800}, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r3, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r3, &(0x7f0000000040), 0x2) [ 336.183461] FAULT_INJECTION: forcing a failure. [ 336.183461] name failslab, interval 1, probability 0, space 0, times 0 [ 336.209580] CPU: 0 PID: 23726 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 336.217500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 336.226858] Call Trace: [ 336.229450] dump_stack+0x1fc/0x2ef [ 336.233092] should_fail.cold+0xa/0xf [ 336.236895] ? setup_fault_attr+0x200/0x200 [ 336.241200] ? lock_acquire+0x170/0x3c0 [ 336.245166] __should_failslab+0x115/0x180 [ 336.249733] should_failslab+0x5/0x10 [ 336.253514] kmem_cache_alloc+0x277/0x370 [ 336.257644] __kernfs_new_node+0xd2/0x680 [ 336.261795] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 336.266535] ? __mutex_unlock_slowpath+0xea/0x610 [ 336.271357] ? wait_for_completion_io+0x10/0x10 [ 336.276008] ? kernfs_next_descendant_post+0x19c/0x290 [ 336.281268] kernfs_new_node+0x92/0x120 [ 336.285240] __kernfs_create_file+0x51/0x340 [ 336.289637] sysfs_add_file_mode_ns+0x226/0x540 [ 336.294292] internal_create_group+0x355/0xb20 [ 336.298862] ? sysfs_remove_link_from_group+0x70/0x70 [ 336.304031] ? lock_downgrade+0x720/0x720 [ 336.308170] lo_ioctl+0xf7c/0x20e0 [ 336.311717] ? loop_set_status64+0x110/0x110 [ 336.316107] blkdev_ioctl+0x5cb/0x1a80 [ 336.319978] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 336.325324] ? blkpg_ioctl+0x9d0/0x9d0 [ 336.329200] ? mark_held_locks+0xf0/0xf0 [ 336.333246] ? mark_held_locks+0xf0/0xf0 [ 336.337291] ? debug_check_no_obj_freed+0x201/0x490 [ 336.342305] ? lock_downgrade+0x720/0x720 [ 336.346436] block_ioctl+0xe9/0x130 [ 336.350043] ? blkdev_fallocate+0x3f0/0x3f0 [ 336.354368] do_vfs_ioctl+0xcdb/0x12e0 [ 336.358243] ? lock_downgrade+0x720/0x720 [ 336.362374] ? check_preemption_disabled+0x41/0x280 [ 336.367371] ? ioctl_preallocate+0x200/0x200 [ 336.371768] ? __fget+0x356/0x510 [ 336.375203] ? do_dup2+0x450/0x450 [ 336.378721] ? do_sys_open+0x2bf/0x520 [ 336.382596] ksys_ioctl+0x9b/0xc0 [ 336.386033] __x64_sys_ioctl+0x6f/0xb0 [ 336.389902] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 336.394472] do_syscall_64+0xf9/0x620 [ 336.398266] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 336.403438] RIP: 0033:0x7f5bb64d1fc7 [ 336.407144] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 336.426033] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 336.433721] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 336.440976] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 336.448233] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 336.455484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 336.462736] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 336.519186] erofs: read_super, device -> /dev/loop3 [ 336.524085] erofs: read_super, device -> /dev/loop5 [ 336.533030] erofs: read_super, device -> /dev/loop1 [ 336.544941] erofs: read_super, device -> /dev/loop2 [ 336.547908] erofs: read_super, device -> /dev/loop4 [ 336.559437] erofs: options -> [ 336.571103] erofs: options -> [ 336.578994] erofs: blksize 1 isn't supported on this platform [ 336.580652] erofs: options -> [ 336.594156] erofs: root inode @ nid 36 [ 336.603945] erofs: options -> [ 336.607340] erofs: options -> [ 336.614064] erofs: bogus i_mode (0) @ nid 36 14:49:04 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:04 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1fffff, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:04 executing program 0: perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x0, 0xf7, 0x0, 0x3f, 0x0, 0xf9, 0x2000, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x2, @perf_config_ext={0x8, 0x2d}, 0x1020, 0x5, 0x572, 0x0, 0x0, 0x5, 0x9, 0x0, 0x9, 0x0, 0x141}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x9) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = dup2(r0, r1) ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000080)={0x2}) (async) connect$can_bcm(r2, &(0x7f0000000000), 0x10) (async) gettid() (async) r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, &(0x7f0000000080)={0x2}) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_GET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r5, 0x721}, 0x14}}, 0x0) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0xe8, r5, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}]}, 0xe8}, 0x1, 0x0, 0x0, 0x40800}, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r3, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r3, &(0x7f0000000040), 0x2) [ 336.616314] erofs: root inode @ nid 36 [ 336.623276] erofs: root inode @ nid 36 [ 336.627372] erofs: blksize 1 isn't supported on this platform [ 336.634896] erofs: mounted on /dev/loop1 with opts: . [ 336.651183] erofs: mounted on /dev/loop4 with opts: . 14:49:04 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 336.760602] erofs: unmounted for /dev/loop4 14:49:04 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 336.803214] erofs: unmounted for /dev/loop1 14:49:04 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 17) [ 336.824998] erofs: read_super, device -> /dev/loop3 [ 336.840380] erofs: options -> [ 336.844296] erofs: root inode @ nid 0 [ 336.848231] erofs: bogus i_mode (0) @ nid 0 [ 336.912701] FAULT_INJECTION: forcing a failure. [ 336.912701] name failslab, interval 1, probability 0, space 0, times 0 [ 336.924355] CPU: 1 PID: 23769 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 336.932312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 336.941658] Call Trace: [ 336.944336] dump_stack+0x1fc/0x2ef [ 336.947951] should_fail.cold+0xa/0xf [ 336.951740] ? setup_fault_attr+0x200/0x200 [ 336.956060] ? lock_acquire+0x170/0x3c0 [ 336.960046] __should_failslab+0x115/0x180 [ 336.964274] should_failslab+0x5/0x10 [ 336.968058] kmem_cache_alloc+0x277/0x370 [ 336.972205] __kernfs_new_node+0xd2/0x680 [ 336.976345] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 336.981099] ? __mutex_unlock_slowpath+0xea/0x610 [ 336.985932] ? wait_for_completion_io+0x10/0x10 [ 336.990588] ? kernfs_next_descendant_post+0x19c/0x290 [ 336.995853] kernfs_new_node+0x92/0x120 [ 336.999809] __kernfs_create_file+0x51/0x340 [ 337.004204] sysfs_add_file_mode_ns+0x226/0x540 [ 337.008858] internal_create_group+0x355/0xb20 [ 337.013427] ? sysfs_remove_link_from_group+0x70/0x70 [ 337.018605] ? lock_downgrade+0x720/0x720 [ 337.022759] lo_ioctl+0xf7c/0x20e0 [ 337.026296] ? loop_set_status64+0x110/0x110 [ 337.030694] blkdev_ioctl+0x5cb/0x1a80 [ 337.034581] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.040010] ? blkpg_ioctl+0x9d0/0x9d0 [ 337.043903] ? mark_held_locks+0xf0/0xf0 [ 337.047954] ? mark_held_locks+0xf0/0xf0 [ 337.051999] ? debug_check_no_obj_freed+0x201/0x490 [ 337.057000] ? lock_downgrade+0x720/0x720 [ 337.061158] block_ioctl+0xe9/0x130 [ 337.064788] ? blkdev_fallocate+0x3f0/0x3f0 [ 337.069099] do_vfs_ioctl+0xcdb/0x12e0 [ 337.072983] ? lock_downgrade+0x720/0x720 [ 337.077127] ? check_preemption_disabled+0x41/0x280 [ 337.082146] ? ioctl_preallocate+0x200/0x200 [ 337.086548] ? __fget+0x356/0x510 [ 337.090000] ? do_dup2+0x450/0x450 [ 337.093531] ? do_sys_open+0x2bf/0x520 [ 337.097405] ksys_ioctl+0x9b/0xc0 [ 337.100854] __x64_sys_ioctl+0x6f/0xb0 [ 337.104731] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 337.109307] do_syscall_64+0xf9/0x620 [ 337.113127] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.118410] RIP: 0033:0x7f5bb64d1fc7 [ 337.122120] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 337.141019] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 337.148732] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 337.155991] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:49:05 executing program 0: perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x0, 0xf7, 0x0, 0x3f, 0x0, 0xf9, 0x2000, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x2, @perf_config_ext={0x8, 0x2d}, 0x1020, 0x5, 0x572, 0x0, 0x0, 0x5, 0x9, 0x0, 0x9, 0x0, 0x141}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x9) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = dup2(r0, r1) ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000080)={0x2}) connect$can_bcm(r2, &(0x7f0000000000), 0x10) gettid() (async) r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, &(0x7f0000000080)={0x2}) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_GET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r5, 0x721}, 0x14}}, 0x0) (async) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0xe8, r5, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}]}, 0xe8}, 0x1, 0x0, 0x0, 0x40800}, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r3, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r3, &(0x7f0000000040), 0x2) [ 337.163243] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 337.170498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 337.177746] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 337.186543] erofs: read_super, device -> /dev/loop5 [ 337.200241] erofs: options -> [ 337.208357] erofs: blksize 1 isn't supported on this platform 14:49:05 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 337.231596] erofs: read_super, device -> /dev/loop4 [ 337.237783] erofs: read_super, device -> /dev/loop2 [ 337.248507] erofs: options -> [ 337.272362] erofs: root inode @ nid 36 [ 337.281636] erofs: options -> [ 337.291585] erofs: root inode @ nid 36 [ 337.297149] erofs: mounted on /dev/loop4 with opts: . [ 337.299992] erofs: bogus i_mode (0) @ nid 36 14:49:05 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x200, 0x70bd25, 0x9, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000013}, 0x0) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) 14:49:05 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 337.323261] misc userio: No port type given on /dev/userio 14:49:05 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 18) 14:49:05 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x398, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 337.383350] erofs: read_super, device -> /dev/loop1 [ 337.401328] erofs: read_super, device -> /dev/loop3 [ 337.414655] erofs: options -> [ 337.417531] erofs: options -> [ 337.429217] erofs: unmounted for /dev/loop4 14:49:05 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 337.437130] erofs: root inode @ nid 36 [ 337.438374] erofs: root inode @ nid 0 [ 337.449763] erofs: bogus i_mode (0) @ nid 0 [ 337.475281] erofs: mounted on /dev/loop1 with opts: . [ 337.529349] FAULT_INJECTION: forcing a failure. [ 337.529349] name failslab, interval 1, probability 0, space 0, times 0 [ 337.541164] CPU: 1 PID: 23810 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 337.549042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 337.558378] Call Trace: [ 337.560974] dump_stack+0x1fc/0x2ef [ 337.564598] should_fail.cold+0xa/0xf [ 337.568381] ? setup_fault_attr+0x200/0x200 [ 337.572706] ? lock_acquire+0x170/0x3c0 [ 337.576664] __should_failslab+0x115/0x180 [ 337.580898] should_failslab+0x5/0x10 [ 337.584712] kmem_cache_alloc+0x277/0x370 [ 337.588845] __kernfs_new_node+0xd2/0x680 [ 337.593020] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 337.597760] ? __mutex_unlock_slowpath+0xea/0x610 [ 337.602595] ? wait_for_completion_io+0x10/0x10 [ 337.607257] ? kernfs_next_descendant_post+0x19c/0x290 [ 337.612522] kernfs_new_node+0x92/0x120 [ 337.616485] __kernfs_create_file+0x51/0x340 [ 337.620891] sysfs_add_file_mode_ns+0x226/0x540 [ 337.625565] internal_create_group+0x355/0xb20 [ 337.630155] ? sysfs_remove_link_from_group+0x70/0x70 [ 337.635334] ? lock_downgrade+0x720/0x720 [ 337.639494] lo_ioctl+0xf7c/0x20e0 [ 337.643041] ? loop_set_status64+0x110/0x110 [ 337.647442] blkdev_ioctl+0x5cb/0x1a80 [ 337.651315] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.656658] ? blkpg_ioctl+0x9d0/0x9d0 [ 337.660537] ? mark_held_locks+0xf0/0xf0 [ 337.664590] ? mark_held_locks+0xf0/0xf0 [ 337.668636] ? debug_check_no_obj_freed+0x201/0x490 [ 337.673637] ? lock_downgrade+0x720/0x720 [ 337.677767] block_ioctl+0xe9/0x130 [ 337.681393] ? blkdev_fallocate+0x3f0/0x3f0 [ 337.685706] do_vfs_ioctl+0xcdb/0x12e0 [ 337.689578] ? lock_downgrade+0x720/0x720 [ 337.693709] ? check_preemption_disabled+0x41/0x280 [ 337.698714] ? ioctl_preallocate+0x200/0x200 [ 337.703129] ? __fget+0x356/0x510 [ 337.706575] ? do_dup2+0x450/0x450 [ 337.710105] ? do_sys_open+0x2bf/0x520 [ 337.713989] ksys_ioctl+0x9b/0xc0 [ 337.717426] __x64_sys_ioctl+0x6f/0xb0 [ 337.721304] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 337.725877] do_syscall_64+0xf9/0x620 [ 337.729667] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.734837] RIP: 0033:0x7f5bb64d1fc7 [ 337.738544] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 337.757436] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 337.765127] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 337.772378] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 337.779627] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 337.786878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 337.794126] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 337.809389] erofs: read_super, device -> /dev/loop5 14:49:05 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x23, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 337.829402] erofs: read_super, device -> /dev/loop4 [ 337.841519] erofs: options -> [ 337.846233] erofs: unmounted for /dev/loop1 [ 337.851821] erofs: options -> [ 337.860851] erofs: blksize 1 isn't supported on this platform [ 337.868851] erofs: root inode @ nid 36 14:49:05 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x200, 0x70bd25, 0x9, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000013}, 0x0) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) [ 337.888795] erofs: read_super, device -> /dev/loop2 14:49:05 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 337.915496] erofs: read_super, device -> /dev/loop3 [ 337.916004] erofs: mounted on /dev/loop4 with opts: . [ 337.932271] erofs: options -> [ 337.939317] erofs: options -> [ 337.944427] erofs: root inode @ nid 0 [ 337.954592] erofs: root inode @ nid 36 [ 337.956688] erofs: bogus i_mode (0) @ nid 0 14:49:05 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:05 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x200, 0x70bd25, 0x9, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000013}, 0x0) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() (async) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) 14:49:05 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 19) [ 337.967241] erofs: bogus i_mode (0) @ nid 36 [ 337.977492] erofs: unmounted for /dev/loop4 [ 337.986563] misc userio: No port type given on /dev/userio 14:49:06 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 338.098090] erofs: read_super, device -> /dev/loop1 [ 338.128310] erofs: options -> [ 338.135050] erofs: read_super, device -> /dev/loop5 [ 338.145079] erofs: root inode @ nid 36 14:49:06 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:06 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x60, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 338.190123] erofs: options -> [ 338.198334] erofs: mounted on /dev/loop1 with opts: . [ 338.219102] erofs: blksize 1 isn't supported on this platform [ 338.272303] erofs: unmounted for /dev/loop1 [ 338.291992] FAULT_INJECTION: forcing a failure. [ 338.291992] name failslab, interval 1, probability 0, space 0, times 0 [ 338.303699] CPU: 0 PID: 23851 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 338.311601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 338.320948] Call Trace: [ 338.323528] dump_stack+0x1fc/0x2ef [ 338.327158] should_fail.cold+0xa/0xf [ 338.330948] ? setup_fault_attr+0x200/0x200 [ 338.335257] ? lock_acquire+0x170/0x3c0 [ 338.339274] ? dev_uevent_filter+0xd0/0xd0 [ 338.343504] __should_failslab+0x115/0x180 [ 338.347732] should_failslab+0x5/0x10 [ 338.351524] kmem_cache_alloc_trace+0x284/0x380 [ 338.356247] ? dev_uevent_filter+0xd0/0xd0 [ 338.360490] kobject_uevent_env+0x236/0x1480 [ 338.364901] lo_ioctl+0xff9/0x20e0 [ 338.368433] ? loop_set_status64+0x110/0x110 [ 338.372830] blkdev_ioctl+0x5cb/0x1a80 [ 338.376732] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 338.382079] ? blkpg_ioctl+0x9d0/0x9d0 [ 338.385951] ? mark_held_locks+0xf0/0xf0 [ 338.390009] ? mark_held_locks+0xf0/0xf0 [ 338.394060] ? debug_check_no_obj_freed+0x201/0x490 [ 338.399069] ? lock_downgrade+0x720/0x720 [ 338.403398] block_ioctl+0xe9/0x130 [ 338.407019] ? blkdev_fallocate+0x3f0/0x3f0 [ 338.411438] do_vfs_ioctl+0xcdb/0x12e0 [ 338.415317] ? lock_downgrade+0x720/0x720 [ 338.419457] ? check_preemption_disabled+0x41/0x280 [ 338.424462] ? ioctl_preallocate+0x200/0x200 [ 338.428863] ? __fget+0x356/0x510 [ 338.432302] ? do_dup2+0x450/0x450 [ 338.435854] ? do_sys_open+0x2bf/0x520 [ 338.439733] ksys_ioctl+0x9b/0xc0 [ 338.443202] __x64_sys_ioctl+0x6f/0xb0 [ 338.447080] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 338.451649] do_syscall_64+0xf9/0x620 [ 338.455443] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 338.460644] RIP: 0033:0x7f5bb64d1fc7 [ 338.464351] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 338.483238] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 338.490930] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 338.498184] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 338.505442] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 338.512696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 338.519983] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 338.593584] erofs: read_super, device -> /dev/loop2 [ 338.598659] erofs: options -> [ 338.602136] erofs: read_super, device -> /dev/loop4 [ 338.607165] erofs: options -> [ 338.615295] erofs: root inode @ nid 36 [ 338.619402] erofs: root inode @ nid 36 [ 338.624490] erofs: read_super, device -> /dev/loop3 [ 338.630147] erofs: mounted on /dev/loop4 with opts: . [ 338.635729] erofs: bogus i_mode (0) @ nid 36 14:49:06 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 20) 14:49:06 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 338.665880] erofs: options -> [ 338.675465] erofs: root inode @ nid 36 [ 338.685361] erofs: unmounted for /dev/loop4 [ 338.692575] erofs: mounted on /dev/loop3 with opts: . 14:49:06 executing program 0: fcntl$notify(0xffffffffffffffff, 0x402, 0xb) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) r1 = open(&(0x7f0000000000)='./file0\x00', 0x280, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 338.714922] erofs: read_super, device -> /dev/loop5 [ 338.725290] erofs: options -> [ 338.734219] erofs: blksize 1 isn't supported on this platform 14:49:06 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:06 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 338.763020] erofs: read_super, device -> /dev/loop1 [ 338.768092] erofs: options -> [ 338.796735] erofs: root inode @ nid 36 [ 338.802136] erofs: mounted on /dev/loop1 with opts: . [ 338.807825] FAULT_INJECTION: forcing a failure. [ 338.807825] name failslab, interval 1, probability 0, space 0, times 0 [ 338.807914] erofs: unmounted for /dev/loop3 [ 338.830858] CPU: 0 PID: 23880 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 338.838758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 338.848112] Call Trace: [ 338.850759] dump_stack+0x1fc/0x2ef [ 338.854404] should_fail.cold+0xa/0xf [ 338.858250] ? setup_fault_attr+0x200/0x200 [ 338.862570] ? lock_acquire+0x170/0x3c0 [ 338.866546] __should_failslab+0x115/0x180 [ 338.870775] should_failslab+0x5/0x10 [ 338.874568] __kmalloc+0x2ab/0x3c0 [ 338.878112] ? kobject_get_path+0xbf/0x240 [ 338.882343] kobject_get_path+0xbf/0x240 [ 338.886488] kobject_uevent_env+0x25c/0x1480 [ 338.890899] lo_ioctl+0xff9/0x20e0 [ 338.894436] ? loop_set_status64+0x110/0x110 [ 338.898841] blkdev_ioctl+0x5cb/0x1a80 [ 338.902728] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 338.908083] ? blkpg_ioctl+0x9d0/0x9d0 [ 338.911962] ? mark_held_locks+0xf0/0xf0 [ 338.916031] ? mark_held_locks+0xf0/0xf0 [ 338.920092] ? debug_check_no_obj_freed+0x201/0x490 [ 338.925108] ? lock_downgrade+0x720/0x720 [ 338.929249] block_ioctl+0xe9/0x130 [ 338.932868] ? blkdev_fallocate+0x3f0/0x3f0 [ 338.937188] do_vfs_ioctl+0xcdb/0x12e0 [ 338.941075] ? lock_downgrade+0x720/0x720 [ 338.945220] ? check_preemption_disabled+0x41/0x280 [ 338.950230] ? ioctl_preallocate+0x200/0x200 [ 338.954635] ? __fget+0x356/0x510 [ 338.958084] ? do_dup2+0x450/0x450 [ 338.961618] ? do_sys_open+0x2bf/0x520 [ 338.965646] ksys_ioctl+0x9b/0xc0 [ 338.969096] __x64_sys_ioctl+0x6f/0xb0 [ 338.972976] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 338.977550] do_syscall_64+0xf9/0x620 [ 338.981352] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 338.986530] RIP: 0033:0x7f5bb64d1fc7 [ 338.990248] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 339.009247] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 339.016949] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 339.024208] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 339.031467] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 339.038726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 339.045987] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:07 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 339.082102] erofs: unmounted for /dev/loop1 [ 339.181622] erofs: read_super, device -> /dev/loop4 [ 339.186674] erofs: options -> [ 339.190907] erofs: root inode @ nid 36 [ 339.195224] erofs: mounted on /dev/loop4 with opts: . [ 339.208773] erofs: read_super, device -> /dev/loop2 [ 339.214748] erofs: options -> [ 339.215601] erofs: read_super, device -> /dev/loop5 14:49:07 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 339.233300] erofs: root inode @ nid 36 [ 339.239660] erofs: unmounted for /dev/loop4 [ 339.253287] erofs: bogus i_mode (0) @ nid 36 [ 339.259507] erofs: options -> [ 339.279609] erofs: blksize 1 isn't supported on this platform 14:49:07 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 21) [ 339.338148] erofs: read_super, device -> /dev/loop1 [ 339.343488] erofs: options -> [ 339.347358] erofs: root inode @ nid 36 [ 339.353089] erofs: mounted on /dev/loop1 with opts: . [ 339.364245] erofs: read_super, device -> /dev/loop3 [ 339.372075] erofs: read_super, device -> /dev/loop4 [ 339.372517] erofs: options -> [ 339.377102] erofs: options -> 14:49:07 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:07 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x383, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 339.388182] erofs: root inode @ nid 36 [ 339.405998] erofs: root inode @ nid 0 [ 339.413385] erofs: mounted on /dev/loop4 with opts: . [ 339.413535] erofs: bogus i_mode (0) @ nid 0 [ 339.439711] erofs: unmounted for /dev/loop1 14:49:07 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:07 executing program 0: fcntl$notify(0xffffffffffffffff, 0x402, 0xb) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) r1 = open(&(0x7f0000000000)='./file0\x00', 0x280, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) fcntl$notify(0xffffffffffffffff, 0x402, 0xb) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) open(&(0x7f0000000000)='./file0\x00', 0x280, 0x2) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (async) [ 339.486137] erofs: unmounted for /dev/loop4 14:49:07 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 339.512317] FAULT_INJECTION: forcing a failure. [ 339.512317] name failslab, interval 1, probability 0, space 0, times 0 [ 339.524147] CPU: 1 PID: 23916 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 339.532046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 339.541410] Call Trace: [ 339.544011] dump_stack+0x1fc/0x2ef [ 339.547656] should_fail.cold+0xa/0xf [ 339.551480] ? setup_fault_attr+0x200/0x200 [ 339.555814] ? lock_acquire+0x170/0x3c0 [ 339.559792] __should_failslab+0x115/0x180 [ 339.564025] should_failslab+0x5/0x10 [ 339.567821] kmem_cache_alloc_node+0x245/0x3b0 [ 339.572393] __alloc_skb+0x71/0x560 [ 339.576025] alloc_uevent_skb+0x7b/0x210 [ 339.580090] kobject_uevent_env+0xa90/0x1480 [ 339.584506] lo_ioctl+0xff9/0x20e0 [ 339.588094] ? loop_set_status64+0x110/0x110 [ 339.592504] blkdev_ioctl+0x5cb/0x1a80 [ 339.596392] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.601753] ? blkpg_ioctl+0x9d0/0x9d0 [ 339.605635] ? mark_held_locks+0xf0/0xf0 [ 339.609680] ? mark_held_locks+0xf0/0xf0 [ 339.613728] ? debug_check_no_obj_freed+0x201/0x490 [ 339.618731] ? lock_downgrade+0x720/0x720 [ 339.622874] block_ioctl+0xe9/0x130 [ 339.626494] ? blkdev_fallocate+0x3f0/0x3f0 [ 339.630806] do_vfs_ioctl+0xcdb/0x12e0 [ 339.634680] ? lock_downgrade+0x720/0x720 [ 339.638813] ? check_preemption_disabled+0x41/0x280 [ 339.643827] ? ioctl_preallocate+0x200/0x200 [ 339.648231] ? __fget+0x356/0x510 [ 339.651672] ? do_dup2+0x450/0x450 [ 339.655326] ? do_sys_open+0x2bf/0x520 [ 339.659306] ksys_ioctl+0x9b/0xc0 [ 339.662760] __x64_sys_ioctl+0x6f/0xb0 [ 339.666642] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 339.671210] do_syscall_64+0xf9/0x620 [ 339.675002] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.680183] RIP: 0033:0x7f5bb64d1fc7 [ 339.683899] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 339.702797] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 339.710497] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 339.717772] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 339.725034] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 339.732324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 339.739577] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 339.774470] erofs: read_super, device -> /dev/loop5 [ 339.779516] erofs: options -> [ 339.790199] erofs: read_super, device -> /dev/loop2 [ 339.801154] erofs: options -> [ 339.807236] erofs: root inode @ nid 36 [ 339.813788] erofs: blksize 1 isn't supported on this platform 14:49:07 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 339.859224] erofs: bogus i_mode (0) @ nid 36 [ 339.860929] erofs: read_super, device -> /dev/loop3 [ 339.868829] erofs: options -> [ 339.874254] erofs: root inode @ nid 0 [ 339.880993] erofs: bogus i_mode (0) @ nid 0 14:49:07 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:07 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 22) [ 340.031868] erofs: read_super, device -> /dev/loop1 [ 340.035076] erofs: read_super, device -> /dev/loop4 [ 340.036917] erofs: options -> [ 340.066462] erofs: options -> [ 340.067867] erofs: read_super, device -> /dev/loop3 [ 340.082554] erofs: root inode @ nid 36 [ 340.084177] erofs: root inode @ nid 36 [ 340.096663] erofs: mounted on /dev/loop1 with opts: . [ 340.105310] erofs: options -> [ 340.122982] erofs: root inode @ nid 0 [ 340.127652] erofs: bogus i_mode (0) @ nid 0 14:49:08 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x384, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 340.131327] erofs: mounted on /dev/loop4 with opts: . [ 340.140737] erofs: unmounted for /dev/loop1 [ 340.150455] erofs: read_super, device -> /dev/loop5 [ 340.155845] erofs: options -> [ 340.159500] erofs: blksize 1 isn't supported on this platform [ 340.226422] FAULT_INJECTION: forcing a failure. [ 340.226422] name failslab, interval 1, probability 0, space 0, times 0 [ 340.244628] CPU: 1 PID: 23968 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 340.252529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 340.261878] Call Trace: [ 340.264459] dump_stack+0x1fc/0x2ef [ 340.268081] should_fail.cold+0xa/0xf [ 340.271872] ? setup_fault_attr+0x200/0x200 [ 340.276181] ? lock_acquire+0x170/0x3c0 [ 340.280144] __should_failslab+0x115/0x180 [ 340.284369] should_failslab+0x5/0x10 [ 340.288159] kmem_cache_alloc_node+0x245/0x3b0 [ 340.292742] __alloc_skb+0x71/0x560 [ 340.296374] alloc_uevent_skb+0x7b/0x210 [ 340.300439] kobject_uevent_env+0xa90/0x1480 [ 340.304846] lo_ioctl+0xff9/0x20e0 [ 340.308388] ? loop_set_status64+0x110/0x110 [ 340.312784] blkdev_ioctl+0x5cb/0x1a80 [ 340.316662] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 340.322013] ? blkpg_ioctl+0x9d0/0x9d0 [ 340.325890] ? mark_held_locks+0xf0/0xf0 [ 340.330030] ? mark_held_locks+0xf0/0xf0 [ 340.334093] ? debug_check_no_obj_freed+0x201/0x490 [ 340.339199] ? lock_downgrade+0x720/0x720 [ 340.343339] block_ioctl+0xe9/0x130 [ 340.346996] ? blkdev_fallocate+0x3f0/0x3f0 [ 340.351316] do_vfs_ioctl+0xcdb/0x12e0 [ 340.355195] ? lock_downgrade+0x720/0x720 [ 340.359343] ? check_preemption_disabled+0x41/0x280 [ 340.364357] ? ioctl_preallocate+0x200/0x200 [ 340.368753] ? __fget+0x356/0x510 [ 340.372193] ? do_dup2+0x450/0x450 [ 340.375731] ? do_sys_open+0x2bf/0x520 [ 340.379616] ksys_ioctl+0x9b/0xc0 [ 340.383058] __x64_sys_ioctl+0x6f/0xb0 [ 340.386941] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 340.391526] do_syscall_64+0xf9/0x620 [ 340.395331] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 340.400655] RIP: 0033:0x7f5bb64d1fc7 [ 340.404372] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 340.423260] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 340.430958] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 340.438218] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 340.445479] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 340.452738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 340.460004] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:08 executing program 0: fcntl$notify(0xffffffffffffffff, 0x402, 0xb) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() (async) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) r1 = open(&(0x7f0000000000)='./file0\x00', 0x280, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)) (async, rerun: 32) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (rerun: 32) 14:49:08 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 340.474587] erofs: read_super, device -> /dev/loop2 14:49:08 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 340.507189] erofs: options -> [ 340.517990] erofs: root inode @ nid 36 [ 340.533125] erofs: bogus i_mode (0) @ nid 36 14:49:08 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 340.559753] erofs: unmounted for /dev/loop4 [ 340.589079] misc userio: Begin command sent, but we're already running [ 340.601271] misc userio: Begin command sent, but we're already running [ 340.608024] misc userio: Begin command sent, but we're already running [ 340.615154] misc userio: Begin command sent, but we're already running [ 340.622780] misc userio: Begin command sent, but we're already running [ 340.629516] misc userio: Begin command sent, but we're already running [ 340.636525] misc userio: Begin command sent, but we're already running [ 340.649506] misc userio: Begin command sent, but we're already running [ 340.676150] erofs: read_super, device -> /dev/loop1 14:49:08 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 23) [ 340.691258] misc userio: Begin command sent, but we're already running [ 340.697622] erofs: read_super, device -> /dev/loop5 [ 340.709854] erofs: options -> [ 340.715084] erofs: options -> [ 340.736721] erofs: blksize 1 isn't supported on this platform 14:49:08 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 340.770383] erofs: root inode @ nid 36 [ 340.779480] misc userio: Begin command sent, but we're already running [ 340.791239] erofs: mounted on /dev/loop1 with opts: . [ 340.815148] misc userio: Begin command sent, but we're already running [ 340.824126] misc userio: Begin command sent, but we're already running [ 340.833882] misc userio: Begin command sent, but we're already running [ 340.844817] misc userio: Begin command sent, but we're already running [ 340.850753] erofs: read_super, device -> /dev/loop3 [ 340.856557] erofs: options -> [ 340.859795] erofs: cannot find valid erofs superblock 14:49:08 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 340.876261] misc userio: Begin command sent, but we're already running [ 340.886392] FAULT_INJECTION: forcing a failure. [ 340.886392] name failslab, interval 1, probability 0, space 0, times 0 [ 340.896125] misc userio: Begin command sent, but we're already running [ 340.901436] CPU: 1 PID: 24001 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 340.909243] erofs: unmounted for /dev/loop1 [ 340.912250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 340.912255] Call Trace: [ 340.912276] dump_stack+0x1fc/0x2ef [ 340.912294] should_fail.cold+0xa/0xf [ 340.912312] ? setup_fault_attr+0x200/0x200 [ 340.912326] ? lock_acquire+0x170/0x3c0 [ 340.912344] __should_failslab+0x115/0x180 [ 340.912361] should_failslab+0x5/0x10 [ 340.952264] kmem_cache_alloc+0x277/0x370 [ 340.956410] skb_clone+0x151/0x3d0 [ 340.959953] netlink_broadcast_filtered+0x8e5/0xbc0 [ 340.964966] netlink_broadcast+0x35/0x40 [ 340.969036] kobject_uevent_env+0xa56/0x1480 [ 340.973451] lo_ioctl+0xff9/0x20e0 [ 340.976997] ? loop_set_status64+0x110/0x110 [ 340.981398] blkdev_ioctl+0x5cb/0x1a80 [ 340.985298] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 340.990664] ? blkpg_ioctl+0x9d0/0x9d0 [ 340.994560] ? mark_held_locks+0xf0/0xf0 [ 340.998618] ? mark_held_locks+0xf0/0xf0 [ 341.002679] ? debug_check_no_obj_freed+0x201/0x490 [ 341.007700] ? lock_downgrade+0x720/0x720 [ 341.011875] block_ioctl+0xe9/0x130 [ 341.015495] ? blkdev_fallocate+0x3f0/0x3f0 [ 341.019808] do_vfs_ioctl+0xcdb/0x12e0 [ 341.023690] ? lock_downgrade+0x720/0x720 [ 341.027946] ? check_preemption_disabled+0x41/0x280 [ 341.032971] ? ioctl_preallocate+0x200/0x200 [ 341.037378] ? __fget+0x356/0x510 [ 341.040827] ? do_dup2+0x450/0x450 [ 341.044376] ? do_sys_open+0x2bf/0x520 [ 341.048272] ksys_ioctl+0x9b/0xc0 [ 341.051840] __x64_sys_ioctl+0x6f/0xb0 [ 341.055728] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 341.060315] do_syscall_64+0xf9/0x620 [ 341.064115] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 341.069298] RIP: 0033:0x7f5bb64d1fc7 [ 341.073008] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 341.091904] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 341.099605] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 341.106872] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 341.114132] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 341.121393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 341.128827] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 341.141822] misc userio: Begin command sent, but we're already running [ 341.148691] misc userio: Begin command sent, but we're already running [ 341.155894] misc userio: Begin command sent, but we're already running [ 341.163202] misc userio: Begin command sent, but we're already running [ 341.170288] misc userio: Begin command sent, but we're already running [ 341.177026] misc userio: Begin command sent, but we're already running [ 341.187662] erofs: read_super, device -> /dev/loop4 [ 341.189272] misc userio: Begin command sent, but we're already running [ 341.197024] erofs: options -> [ 341.200386] misc userio: Begin command sent, but we're already running [ 341.211621] misc userio: Begin command sent, but we're already running [ 341.214199] erofs: root inode @ nid 36 14:49:09 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6600, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 341.218370] misc userio: Begin command sent, but we're already running [ 341.218392] misc userio: Begin command sent, but we're already running [ 341.233201] erofs: mounted on /dev/loop4 with opts: . [ 341.241323] misc userio: Begin command sent, but we're already running [ 341.248076] misc userio: Begin command sent, but we're already running [ 341.257552] erofs: read_super, device -> /dev/loop2 [ 341.264864] misc userio: Begin command sent, but we're already running [ 341.273662] erofs: options -> [ 341.277304] erofs: root inode @ nid 36 [ 341.279357] misc userio: Begin command sent, but we're already running [ 341.288432] erofs: bogus i_mode (0) @ nid 36 [ 341.288544] erofs: unmounted for /dev/loop4 [ 341.300206] erofs: read_super, device -> /dev/loop5 [ 341.305233] erofs: options -> [ 341.318213] erofs: blksize 1 isn't supported on this platform 14:49:09 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:09 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xff, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 341.333865] misc userio: Begin command sent, but we're already running 14:49:09 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 24) 14:49:09 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x20000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 341.422967] erofs: read_super, device -> /dev/loop4 [ 341.428015] erofs: options -> [ 341.457204] erofs: read_super, device -> /dev/loop3 [ 341.469598] erofs: read_super, device -> /dev/loop1 [ 341.484807] erofs: root inode @ nid 36 [ 341.484943] erofs: options -> [ 341.489185] erofs: mounted on /dev/loop4 with opts: . [ 341.492651] erofs: options -> [ 341.502782] erofs: root inode @ nid 36 [ 341.506851] erofs: cannot find valid erofs superblock [ 341.513543] erofs: mounted on /dev/loop1 with opts: . 14:49:09 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9803, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 341.573450] FAULT_INJECTION: forcing a failure. [ 341.573450] name failslab, interval 1, probability 0, space 0, times 0 [ 341.584934] erofs: unmounted for /dev/loop4 [ 341.584980] CPU: 1 PID: 24040 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 341.597153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 341.606504] Call Trace: [ 341.609086] dump_stack+0x1fc/0x2ef [ 341.612721] should_fail.cold+0xa/0xf [ 341.616524] ? setup_fault_attr+0x200/0x200 [ 341.620851] ? lock_acquire+0x170/0x3c0 [ 341.624823] __should_failslab+0x115/0x180 [ 341.629060] should_failslab+0x5/0x10 [ 341.632869] kmem_cache_alloc_trace+0x284/0x380 [ 341.637563] ? wait_for_completion_io+0x10/0x10 [ 341.642231] ? kobj_ns_initial+0x90/0x90 [ 341.646304] call_usermodehelper_setup+0x84/0x300 [ 341.651154] kobject_uevent_env+0xe83/0x1480 [ 341.655576] lo_ioctl+0xff9/0x20e0 [ 341.659106] ? loop_set_status64+0x110/0x110 [ 341.663503] blkdev_ioctl+0x5cb/0x1a80 [ 341.667385] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 341.672757] ? blkpg_ioctl+0x9d0/0x9d0 [ 341.676657] ? mark_held_locks+0xf0/0xf0 [ 341.680727] ? mark_held_locks+0xf0/0xf0 [ 341.684787] ? debug_check_no_obj_freed+0x201/0x490 [ 341.689808] ? lock_downgrade+0x720/0x720 [ 341.693954] block_ioctl+0xe9/0x130 [ 341.697574] ? blkdev_fallocate+0x3f0/0x3f0 [ 341.701901] do_vfs_ioctl+0xcdb/0x12e0 [ 341.705784] ? lock_downgrade+0x720/0x720 [ 341.709930] ? check_preemption_disabled+0x41/0x280 [ 341.714943] ? ioctl_preallocate+0x200/0x200 [ 341.719340] ? __fget+0x356/0x510 [ 341.722792] ? do_dup2+0x450/0x450 [ 341.726327] ? do_sys_open+0x2bf/0x520 [ 341.730262] ksys_ioctl+0x9b/0xc0 [ 341.733711] __x64_sys_ioctl+0x6f/0xb0 [ 341.737588] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 341.742170] do_syscall_64+0xf9/0x620 [ 341.745970] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 341.751155] RIP: 0033:0x7f5bb64d1fc7 [ 341.754865] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:49:09 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 341.773763] RSP: 002b:00007f5bb4e46f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 341.781475] RAX: ffffffffffffffda RBX: 00007f5bb651ba20 RCX: 00007f5bb64d1fc7 [ 341.788743] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 341.796105] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 341.803360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 341.810616] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:09 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 341.856409] erofs: unmounted for /dev/loop1 [ 341.868743] erofs: read_super, device -> /dev/loop2 [ 341.874646] erofs: read_super, device -> /dev/loop5 [ 341.880955] erofs: options -> [ 341.884372] erofs: options -> [ 341.887907] erofs: blksize 1 isn't supported on this platform [ 341.895334] erofs: root inode @ nid 36 14:49:09 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 341.907564] erofs: bogus i_mode (0) @ nid 36 14:49:09 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 25) [ 341.949659] erofs: read_super, device -> /dev/loop3 14:49:09 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xff, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 341.981208] erofs: options -> [ 341.984819] erofs: cannot find valid erofs superblock [ 342.071698] erofs: read_super, device -> /dev/loop4 [ 342.076737] erofs: options -> [ 342.080320] erofs: read_super, device -> /dev/loop1 [ 342.081956] erofs: root inode @ nid 36 [ 342.085930] erofs: options -> [ 342.090731] FAULT_INJECTION: forcing a failure. [ 342.090731] name failslab, interval 1, probability 0, space 0, times 0 [ 342.108530] erofs: mounted on /dev/loop4 with opts: . 14:49:10 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0) [ 342.114319] CPU: 1 PID: 24067 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 342.122221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 342.131669] Call Trace: [ 342.134272] dump_stack+0x1fc/0x2ef [ 342.137793] erofs: root inode @ nid 36 [ 342.137908] should_fail.cold+0xa/0xf [ 342.143023] erofs: mounted on /dev/loop1 with opts: . [ 342.145641] ? setup_fault_attr+0x200/0x200 [ 342.145658] ? lock_acquire+0x170/0x3c0 [ 342.145685] __should_failslab+0x115/0x180 [ 342.145703] should_failslab+0x5/0x10 [ 342.145716] kmem_cache_alloc+0x277/0x370 [ 342.145735] getname_flags+0xce/0x590 [ 342.175132] do_mkdirat+0x8d/0x2d0 [ 342.178692] ? __ia32_sys_mknod+0x120/0x120 [ 342.183027] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 342.188407] ? trace_hardirqs_off_caller+0x6e/0x210 [ 342.193424] ? do_syscall_64+0x21/0x620 [ 342.197399] do_syscall_64+0xf9/0x620 [ 342.201197] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.206379] RIP: 0033:0x7f5bb64d1317 [ 342.210083] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 342.228976] RSP: 002b:00007f5bb4e46f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 342.236689] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d1317 [ 342.243949] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 342.251206] RBP: 00007f5bb4e471d0 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 342.258465] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 14:49:10 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 26) [ 342.265723] R13: 0000000020000100 R14: 00007f5bb4e46fe0 R15: 0000000020010a00 [ 342.291643] erofs: read_super, device -> /dev/loop5 14:49:10 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a9, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:10 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xedc0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 342.323584] erofs: options -> [ 342.341420] erofs: blksize 1 isn't supported on this platform [ 342.350134] erofs: unmounted for /dev/loop1 [ 342.361802] erofs: unmounted for /dev/loop4 14:49:10 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x60000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:10 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0) [ 342.524725] FAULT_INJECTION: forcing a failure. [ 342.524725] name failslab, interval 1, probability 0, space 0, times 0 [ 342.537847] CPU: 1 PID: 24085 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 342.545778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 342.555240] Call Trace: [ 342.557833] dump_stack+0x1fc/0x2ef [ 342.561462] should_fail.cold+0xa/0xf [ 342.565261] ? setup_fault_attr+0x200/0x200 [ 342.569571] ? lock_acquire+0x170/0x3c0 [ 342.573536] __should_failslab+0x115/0x180 [ 342.577772] should_failslab+0x5/0x10 [ 342.581577] kmem_cache_alloc+0x277/0x370 [ 342.585896] getname_flags+0xce/0x590 [ 342.589685] do_mkdirat+0x8d/0x2d0 [ 342.593213] ? __ia32_sys_mknod+0x120/0x120 [ 342.597524] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 342.602888] ? trace_hardirqs_off_caller+0x6e/0x210 [ 342.607915] ? do_syscall_64+0x21/0x620 [ 342.611901] do_syscall_64+0xf9/0x620 [ 342.615704] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.620886] RIP: 0033:0x7f5bb64d1317 [ 342.624593] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 342.643486] RSP: 002b:00007f5bb4e46f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 342.651191] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d1317 [ 342.658456] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 342.665712] RBP: 00007f5bb4e471d0 R08: 0000000000000000 R09: 00007f5bb4e471d0 14:49:10 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xff, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 342.672978] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 342.680250] R13: 0000000020000100 R14: 00007f5bb4e46fe0 R15: 0000000020010a00 [ 342.706429] erofs: read_super, device -> /dev/loop4 [ 342.718525] erofs: options -> 14:49:10 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 27) [ 342.725463] erofs: root inode @ nid 36 [ 342.729632] erofs: mounted on /dev/loop4 with opts: . [ 342.742982] erofs: read_super, device -> /dev/loop1 [ 342.749441] erofs: options -> [ 342.768508] erofs: read_super, device -> /dev/loop5 14:49:10 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 342.774275] erofs: options -> [ 342.777822] erofs: blksize 1 isn't supported on this platform [ 342.797763] erofs: unmounted for /dev/loop4 [ 342.807043] erofs: root inode @ nid 36 [ 342.817800] erofs: mounted on /dev/loop1 with opts: . 14:49:10 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 342.868818] FAULT_INJECTION: forcing a failure. [ 342.868818] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 342.880658] CPU: 1 PID: 24122 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 342.888553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 342.897912] Call Trace: [ 342.900588] dump_stack+0x1fc/0x2ef [ 342.904216] should_fail.cold+0xa/0xf [ 342.908016] ? setup_fault_attr+0x200/0x200 [ 342.912333] ? wake_up_q+0x93/0xe0 [ 342.915908] ? __mutex_unlock_slowpath+0x2be/0x610 [ 342.920835] __alloc_pages_nodemask+0x239/0x2890 [ 342.925594] ? __lock_acquire+0x6de/0x3ff0 [ 342.929832] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 342.934668] ? blkdev_ioctl+0x11a/0x1a80 [ 342.938724] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.944081] ? blkpg_ioctl+0x9d0/0x9d0 [ 342.947970] ? debug_check_no_obj_freed+0x201/0x490 [ 342.952983] ? lock_downgrade+0x720/0x720 [ 342.957220] cache_grow_begin+0xa4/0x8a0 [ 342.961274] ? setup_fault_attr+0x200/0x200 [ 342.965596] ? lock_acquire+0x170/0x3c0 [ 342.969592] cache_alloc_refill+0x273/0x340 [ 342.973911] kmem_cache_alloc+0x346/0x370 [ 342.978054] getname_flags+0xce/0x590 [ 342.981848] do_mkdirat+0x8d/0x2d0 [ 342.985378] ? __ia32_sys_mknod+0x120/0x120 [ 342.989693] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 342.995054] ? trace_hardirqs_off_caller+0x6e/0x210 [ 343.000063] ? do_syscall_64+0x21/0x620 [ 343.004032] do_syscall_64+0xf9/0x620 [ 343.007829] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 343.013009] RIP: 0033:0x7f5bb64d1317 [ 343.016740] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 343.035726] RSP: 002b:00007f5bb4e46f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 343.043445] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d1317 [ 343.050707] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 343.057984] RBP: 00007f5bb4e471d0 R08: 0000000000000000 R09: 00007f5bb4e471d0 14:49:11 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3aa, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 343.065243] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 343.072501] R13: 0000000020000100 R14: 00007f5bb4e46fe0 R15: 0000000020010a00 [ 343.087529] erofs: read_super, device -> /dev/loop2 [ 343.092745] erofs: options -> [ 343.096300] erofs: root inode @ nid 36 [ 343.102525] erofs: bogus i_mode (0) @ nid 36 [ 343.114810] erofs: unmounted for /dev/loop1 14:49:11 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0) 14:49:11 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 28) 14:49:11 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$TIPC_NL_MON_GET(r5, &(0x7f0000000600)={&(0x7f00000004c0), 0xc, &(0x7f00000005c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9951312c1c98736812407fdb1d08eca3bb1f2a019f4cd9a14c9a0c88384b8092891076e4b651e8e222a87e2de1dba5040032f8bf06dc57458b2a81dbac1b39fb1aece0e957fc73133930852d319ddbbb21110ded56d741e8fd6e57a7447ad6c10451a447dfa0b6096617", @ANYBLOB="9fa3ef67bc6bbb34bcad914d55ac030000000000000044448d880808bd47b94bfba8810f5c48c5b7f17d20f2b774066629d0f2feaaebb8e7a81fbb1240f19011f345ad3096c30000000000000000"], 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x20000040) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x41100, 0x10044}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x9}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}}, 0x0) bind$can_raw(r3, &(0x7f0000000000)={0x1d, r6}, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r7 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r7, &(0x7f0000000040), 0x2) dup3(r0, 0xffffffffffffffff, 0x0) [ 343.250095] erofs: read_super, device -> /dev/loop4 [ 343.255143] erofs: options -> [ 343.262937] erofs: root inode @ nid 36 [ 343.271435] erofs: mounted on /dev/loop4 with opts: . 14:49:11 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1fffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 343.314025] erofs: read_super, device -> /dev/loop5 [ 343.319270] erofs: options -> [ 343.323686] erofs: blksize 1 isn't supported on this platform [ 343.338316] erofs: unmounted for /dev/loop4 [ 343.343360] FAULT_INJECTION: forcing a failure. [ 343.343360] name failslab, interval 1, probability 0, space 0, times 0 [ 343.363750] CPU: 1 PID: 24140 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 343.371653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 343.381007] Call Trace: [ 343.383607] dump_stack+0x1fc/0x2ef [ 343.387252] should_fail.cold+0xa/0xf [ 343.391203] ? setup_fault_attr+0x200/0x200 [ 343.395527] __should_failslab+0x115/0x180 [ 343.399922] should_failslab+0x5/0x10 [ 343.403775] kmem_cache_alloc+0x277/0x370 [ 343.407917] ? ext4_sync_fs+0x8d0/0x8d0 [ 343.411890] ext4_alloc_inode+0x1a/0x630 [ 343.415944] ? ext4_sync_fs+0x8d0/0x8d0 [ 343.419913] alloc_inode+0x5d/0x180 [ 343.422403] misc userio: No port type given on /dev/userio [ 343.423545] new_inode+0x1d/0xf0 [ 343.423569] __ext4_new_inode+0x400/0x5a20 [ 343.423590] ? putname+0xe1/0x120 [ 343.423600] ? do_mkdirat+0xa0/0x2d0 [ 343.423621] ? ext4_free_inode+0x1780/0x1780 [ 343.448371] ? debug_check_no_obj_freed+0x201/0x490 [ 343.453385] ? __dquot_initialize+0x298/0xb70 [ 343.458230] ? lock_acquire+0x170/0x3c0 [ 343.462195] ? dquot_initialize_needed+0x290/0x290 [ 343.467116] ? trace_hardirqs_off+0x64/0x200 [ 343.471513] ? common_perm+0x4be/0x800 [ 343.475401] ext4_mkdir+0x396/0xe10 [ 343.479019] ? putname+0xe1/0x120 [ 343.482463] ? ext4_init_dot_dotdot+0x600/0x600 [ 343.487123] ? generic_permission+0x116/0x4d0 [ 343.491698] ? security_inode_permission+0xc5/0xf0 [ 343.496627] ? inode_permission.part.0+0x10c/0x450 [ 343.501556] vfs_mkdir+0x508/0x7a0 [ 343.505091] do_mkdirat+0x262/0x2d0 [ 343.508725] ? __ia32_sys_mknod+0x120/0x120 [ 343.513045] ? trace_hardirqs_off_caller+0x6e/0x210 [ 343.518047] ? do_syscall_64+0x21/0x620 [ 343.522013] do_syscall_64+0xf9/0x620 [ 343.525802] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 343.530976] RIP: 0033:0x7f5bb64d1317 [ 343.534674] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 343.553564] RSP: 002b:00007f5bb4e46f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 14:49:11 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc0ed0000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 343.561259] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d1317 [ 343.568514] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 343.575771] RBP: 00007f5bb4e471d0 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 343.583028] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 343.590285] R13: 0000000020000100 R14: 00007f5bb4e46fe0 R15: 0000000020010a00 14:49:11 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) (async, rerun: 32) r4 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32) r5 = socket(0x10, 0x803, 0x0) sendmsg$TIPC_NL_MON_GET(r5, &(0x7f0000000600)={&(0x7f00000004c0), 0xc, &(0x7f00000005c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9951312c1c98736812407fdb1d08eca3bb1f2a019f4cd9a14c9a0c88384b8092891076e4b651e8e222a87e2de1dba5040032f8bf06dc57458b2a81dbac1b39fb1aece0e957fc73133930852d319ddbbb21110ded56d741e8fd6e57a7447ad6c10451a447dfa0b6096617", @ANYBLOB="9fa3ef67bc6bbb34bcad914d55ac030000000000000044448d880808bd47b94bfba8810f5c48c5b7f17d20f2b774066629d0f2feaaebb8e7a81fbb1240f19011f345ad3096c30000000000000000"], 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x20000040) (async) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x41100, 0x10044}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x9}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}}, 0x0) bind$can_raw(r3, &(0x7f0000000000)={0x1d, r6}, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() (async) r7 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r7, &(0x7f0000000040), 0x2) dup3(r0, 0xffffffffffffffff, 0x0) 14:49:11 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 29) [ 343.666313] erofs: read_super, device -> /dev/loop1 [ 343.683681] erofs: read_super, device -> /dev/loop5 [ 343.687800] erofs: options -> [ 343.692610] erofs: root inode @ nid 36 [ 343.696679] erofs: mounted on /dev/loop1 with opts: . [ 343.710219] erofs: options -> 14:49:11 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3ab, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 343.749181] erofs: blksize 1 isn't supported on this platform [ 343.778452] erofs: unmounted for /dev/loop1 14:49:11 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xe7020000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:11 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 343.797261] FAULT_INJECTION: forcing a failure. [ 343.797261] name failslab, interval 1, probability 0, space 0, times 0 [ 343.821125] CPU: 1 PID: 24176 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 343.829035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 343.838408] Call Trace: [ 343.841017] dump_stack+0x1fc/0x2ef [ 343.844669] should_fail.cold+0xa/0xf [ 343.848489] ? setup_fault_attr+0x200/0x200 [ 343.852820] ? __lock_acquire+0x6de/0x3ff0 [ 343.857084] __should_failslab+0x115/0x180 [ 343.861331] should_failslab+0x5/0x10 [ 343.865144] __kmalloc+0x2ab/0x3c0 [ 343.868689] ? ext4_find_extent+0x9bb/0xc70 [ 343.873020] ext4_find_extent+0x9bb/0xc70 [ 343.877180] ext4_ext_map_blocks+0x1c0/0x7390 [ 343.881666] ? __lock_acquire+0x6de/0x3ff0 [ 343.885889] ? __lock_acquire+0x6de/0x3ff0 [ 343.890130] ? mark_held_locks+0xf0/0xf0 [ 343.894189] ? __ext4_handle_dirty_metadata+0x1e0/0x590 [ 343.899573] ? ext4_find_delalloc_cluster+0x1f0/0x1f0 [ 343.904762] ? mark_held_locks+0xf0/0xf0 [ 343.908822] ? ext4_mark_iloc_dirty+0x1b0d/0x2b30 [ 343.913675] ? ext4_es_lookup_extent+0x375/0xb60 [ 343.918455] ? lock_downgrade+0x720/0x720 [ 343.922613] ? lock_acquire+0x170/0x3c0 [ 343.926607] ? check_preemption_disabled+0x41/0x280 [ 343.931623] ? lock_acquire+0x170/0x3c0 [ 343.935632] ? ext4_map_blocks+0x33e/0x1a50 [ 343.939963] ext4_map_blocks+0xd88/0x1a50 [ 343.944116] ? check_preemption_disabled+0x41/0x280 [ 343.949132] ? ext4_issue_zeroout+0x160/0x160 [ 343.953638] ? __brelse+0x84/0xa0 [ 343.957089] ? __ext4_new_inode+0x2eb/0x5a20 [ 343.961497] ext4_getblk+0xad/0x4f0 [ 343.965134] ? ext4_iomap_begin+0xe00/0xe00 [ 343.969456] ? ext4_free_inode+0x1780/0x1780 [ 343.973871] ? debug_check_no_obj_freed+0x201/0x490 [ 343.979174] ? __dquot_initialize+0x298/0xb70 [ 343.983666] ext4_bread+0x7c/0x210 [ 343.987202] ? ext4_getblk+0x4f0/0x4f0 [ 343.991084] ? dquot_initialize_needed+0x290/0x290 [ 343.996013] ? trace_hardirqs_off+0x64/0x200 [ 344.000415] ext4_append+0x155/0x370 [ 344.004127] ext4_mkdir+0x5bd/0xe10 [ 344.007764] ? ext4_init_dot_dotdot+0x600/0x600 [ 344.012429] ? generic_permission+0x116/0x4d0 [ 344.016917] ? inode_permission.part.0+0x10c/0x450 [ 344.021840] vfs_mkdir+0x508/0x7a0 [ 344.025373] do_mkdirat+0x262/0x2d0 [ 344.028997] ? __ia32_sys_mknod+0x120/0x120 [ 344.033315] ? trace_hardirqs_off_caller+0x6e/0x210 [ 344.038371] ? do_syscall_64+0x21/0x620 [ 344.042343] do_syscall_64+0xf9/0x620 [ 344.046169] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 344.051350] RIP: 0033:0x7f5bb64d1317 [ 344.055059] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 344.073953] RSP: 002b:00007f5bb4e46f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 344.081656] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d1317 [ 344.088917] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 344.096176] RBP: 00007f5bb4e471d0 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 344.103444] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 344.110711] R13: 0000000020000100 R14: 00007f5bb4e46fe0 R15: 0000000020010a00 [ 344.121616] misc userio: No port type given on /dev/userio [ 344.139001] erofs: read_super, device -> /dev/loop2 [ 344.159646] erofs: read_super, device -> /dev/loop3 [ 344.166580] erofs: options -> [ 344.175223] erofs: options -> [ 344.181703] erofs: root inode @ nid 36 [ 344.187998] erofs: root inode @ nid 36 [ 344.191435] erofs: bogus i_mode (0) @ nid 36 [ 344.200881] erofs: read_super, device -> /dev/loop4 14:49:12 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 30) [ 344.207213] erofs: mounted on /dev/loop3 with opts: . [ 344.211915] erofs: options -> [ 344.224905] erofs: root inode @ nid 36 [ 344.232498] erofs: mounted on /dev/loop4 with opts: . 14:49:12 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 1) 14:49:12 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) (async, rerun: 32) r4 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32) r5 = socket(0x10, 0x803, 0x0) sendmsg$TIPC_NL_MON_GET(r5, &(0x7f0000000600)={&(0x7f00000004c0), 0xc, &(0x7f00000005c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9951312c1c98736812407fdb1d08eca3bb1f2a019f4cd9a14c9a0c88384b8092891076e4b651e8e222a87e2de1dba5040032f8bf06dc57458b2a81dbac1b39fb1aece0e957fc73133930852d319ddbbb21110ded56d741e8fd6e57a7447ad6c10451a447dfa0b6096617", @ANYBLOB="9fa3ef67bc6bbb34bcad914d55ac030000000000000044448d880808bd47b94bfba8810f5c48c5b7f17d20f2b774066629d0f2feaaebb8e7a81fbb1240f19011f345ad3096c30000000000000000"], 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x20000040) (async, rerun: 64) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (rerun: 64) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x41100, 0x10044}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x9}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}}, 0x0) (async) bind$can_raw(r3, &(0x7f0000000000)={0x1d, r6}, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r7 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async, rerun: 64) write$USERIO_CMD_REGISTER(r7, &(0x7f0000000040), 0x2) (async, rerun: 64) dup3(r0, 0xffffffffffffffff, 0x0) 14:49:12 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 344.303672] erofs: read_super, device -> /dev/loop5 [ 344.308719] erofs: options -> [ 344.326114] erofs: unmounted for /dev/loop3 [ 344.344488] erofs: blksize 1 isn't supported on this platform [ 344.355112] erofs: unmounted for /dev/loop4 [ 344.420500] erofs: read_super, device -> /dev/loop1 [ 344.425719] erofs: options -> [ 344.429228] erofs: root inode @ nid 36 [ 344.435138] erofs: mounted on /dev/loop1 with opts: . [ 344.455531] misc userio: No port type given on /dev/userio [ 344.462075] misc userio: No port type given on /dev/userio 14:49:12 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf6ffffff, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 344.480552] misc userio: No port type given on /dev/userio [ 344.486515] FAULT_INJECTION: forcing a failure. [ 344.486515] name failslab, interval 1, probability 0, space 0, times 0 [ 344.486607] CPU: 0 PID: 24211 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 344.486616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 14:49:12 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3ac, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 344.486621] Call Trace: [ 344.486640] dump_stack+0x1fc/0x2ef [ 344.486661] should_fail.cold+0xa/0xf [ 344.486680] ? setup_fault_attr+0x200/0x200 [ 344.486697] ? __es_tree_search.isra.0+0x1af/0x210 [ 344.486715] __should_failslab+0x115/0x180 [ 344.486732] should_failslab+0x5/0x10 [ 344.486745] kmem_cache_alloc+0x3f/0x370 [ 344.486762] __es_insert_extent+0x39b/0x13b0 [ 344.486778] ? lock_acquire+0x170/0x3c0 [ 344.486792] ? ext4_es_insert_extent+0x17e/0x5e0 [ 344.486812] ext4_es_insert_extent+0x22e/0x5e0 [ 344.486828] ? lock_downgrade+0x720/0x720 [ 344.486842] ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0 [ 344.486863] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 344.486877] ? ext4_es_find_delayed_extent_range+0x7d9/0x9f0 [ 344.486895] ext4_ext_map_blocks+0x2129/0x7390 [ 344.486911] ? __lock_acquire+0x6de/0x3ff0 [ 344.486930] ? __lock_acquire+0x6de/0x3ff0 [ 344.486950] ? mark_held_locks+0xf0/0xf0 [ 344.486964] ? __ext4_handle_dirty_metadata+0x1e0/0x590 [ 344.486978] ? ext4_find_delalloc_cluster+0x1f0/0x1f0 [ 344.486991] ? mark_held_locks+0xf0/0xf0 [ 344.487016] ? ext4_mark_iloc_dirty+0x1b0d/0x2b30 [ 344.487036] ? ext4_es_lookup_extent+0x375/0xb60 [ 344.487059] ? check_preemption_disabled+0x41/0x280 [ 344.487079] ? lock_acquire+0x170/0x3c0 [ 344.487094] ? ext4_map_blocks+0x33e/0x1a50 [ 344.487123] ext4_map_blocks+0xd88/0x1a50 [ 344.487142] ? check_preemption_disabled+0x41/0x280 [ 344.487160] ? ext4_issue_zeroout+0x160/0x160 [ 344.487176] ? __brelse+0x84/0xa0 [ 344.487191] ? __ext4_new_inode+0x2eb/0x5a20 [ 344.487212] ext4_getblk+0xad/0x4f0 [ 344.487229] ? ext4_iomap_begin+0xe00/0xe00 [ 344.487245] ? ext4_free_inode+0x1780/0x1780 [ 344.487258] ? debug_check_no_obj_freed+0x201/0x490 [ 344.487273] ? __dquot_initialize+0x298/0xb70 [ 344.487291] ext4_bread+0x7c/0x210 [ 344.487305] ? ext4_getblk+0x4f0/0x4f0 [ 344.487320] ? dquot_initialize_needed+0x290/0x290 [ 344.487337] ? trace_hardirqs_off+0x64/0x200 [ 344.487354] ext4_append+0x155/0x370 [ 344.487372] ext4_mkdir+0x5bd/0xe10 [ 344.487393] ? ext4_init_dot_dotdot+0x600/0x600 [ 344.487409] ? generic_permission+0x116/0x4d0 [ 344.487427] ? inode_permission.part.0+0x10c/0x450 [ 344.487445] vfs_mkdir+0x508/0x7a0 [ 344.487461] do_mkdirat+0x262/0x2d0 [ 344.487476] ? __ia32_sys_mknod+0x120/0x120 [ 344.487492] ? trace_hardirqs_off_caller+0x6e/0x210 [ 344.487506] ? do_syscall_64+0x21/0x620 [ 344.487523] do_syscall_64+0xf9/0x620 [ 344.487541] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 344.487553] RIP: 0033:0x7f5bb64d1317 [ 344.487566] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 344.487573] RSP: 002b:00007f5bb4e46f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 344.487587] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d1317 [ 344.487596] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c 14:49:12 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 2) [ 344.487604] RBP: 00007f5bb4e471d0 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 344.487612] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 344.487620] R13: 0000000020000100 R14: 00007f5bb4e46fe0 R15: 0000000020010a00 [ 344.556658] erofs: unmounted for /dev/loop1 [ 344.608989] misc userio: No port type given on /dev/userio [ 344.617478] erofs: read_super, device -> /dev/loop2 [ 344.688538] misc userio: No port type given on /dev/userio [ 344.705845] erofs: options -> [ 344.706171] erofs: root inode @ nid 36 [ 344.706384] erofs: bogus i_mode (0) @ nid 36 [ 344.708872] FAULT_INJECTION: forcing a failure. [ 344.708872] name failslab, interval 1, probability 0, space 0, times 0 [ 344.734691] misc userio: No port type given on /dev/userio [ 344.754643] CPU: 0 PID: 24235 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 344.763243] misc userio: No port type given on /dev/userio [ 344.763319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 344.763325] Call Trace: [ 344.763346] dump_stack+0x1fc/0x2ef [ 344.763366] should_fail.cold+0xa/0xf [ 344.763385] ? setup_fault_attr+0x200/0x200 [ 344.768610] misc userio: No port type given on /dev/userio [ 344.772385] ? lock_acquire+0x170/0x3c0 [ 344.772406] __should_failslab+0x115/0x180 [ 344.772423] should_failslab+0x5/0x10 [ 344.772435] __kmalloc+0x2ab/0x3c0 [ 344.772448] ? __se_sys_memfd_create+0xf8/0x440 [ 344.772464] __se_sys_memfd_create+0xf8/0x440 [ 344.783109] misc userio: No port type given on /dev/userio [ 344.785129] ? memfd_file_seals_ptr+0x150/0x150 [ 344.785148] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 344.785164] ? trace_hardirqs_off_caller+0x6e/0x210 [ 344.785186] ? do_syscall_64+0x21/0x620 [ 344.820526] misc userio: No port type given on /dev/userio [ 344.826386] do_syscall_64+0xf9/0x620 [ 344.826406] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 344.826419] RIP: 0033:0x7f63e5c4a209 [ 344.837491] misc userio: No port type given on /dev/userio [ 344.840955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 344.840963] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 344.840976] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4a209 [ 344.840990] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f63e5ca329c [ 344.840998] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f63e45bf1d0 [ 344.841006] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 344.841015] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 345.125622] misc userio: No port type given on /dev/userio [ 345.133190] misc userio: No port type given on /dev/userio [ 345.150084] erofs: read_super, device -> /dev/loop4 [ 345.155137] erofs: options -> [ 345.170411] misc userio: No port type given on /dev/userio 14:49:13 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 31) [ 345.176300] misc userio: No port type given on /dev/userio [ 345.187135] misc userio: No port type given on /dev/userio [ 345.189076] erofs: root inode @ nid 36 [ 345.197236] misc userio: No port type given on /dev/userio [ 345.212229] erofs: mounted on /dev/loop4 with opts: . 14:49:13 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 345.224195] erofs: read_super, device -> /dev/loop5 [ 345.229230] erofs: options -> [ 345.241706] erofs: blksize 1 isn't supported on this platform [ 345.260783] erofs: read_super, device -> /dev/loop1 [ 345.272871] erofs: options -> 14:49:13 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffff1f00, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 345.287808] erofs: unmounted for /dev/loop4 [ 345.296489] erofs: root inode @ nid 36 [ 345.306218] FAULT_INJECTION: forcing a failure. [ 345.306218] name failslab, interval 1, probability 0, space 0, times 0 [ 345.313141] erofs: mounted on /dev/loop1 with opts: . [ 345.356203] FAULT_INJECTION: forcing a failure. [ 345.356203] name failslab, interval 1, probability 0, space 0, times 0 [ 345.387113] CPU: 0 PID: 24253 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 345.395021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 345.404384] Call Trace: [ 345.406987] dump_stack+0x1fc/0x2ef [ 345.410632] should_fail.cold+0xa/0xf [ 345.414446] ? setup_fault_attr+0x200/0x200 [ 345.418778] ? lock_acquire+0x170/0x3c0 [ 345.422770] __should_failslab+0x115/0x180 [ 345.427032] should_failslab+0x5/0x10 [ 345.430839] kmem_cache_alloc+0x277/0x370 [ 345.434995] ? shmem_destroy_callback+0xb0/0xb0 [ 345.439660] shmem_alloc_inode+0x18/0x40 [ 345.443717] ? shmem_destroy_callback+0xb0/0xb0 [ 345.448379] alloc_inode+0x5d/0x180 [ 345.452001] new_inode+0x1d/0xf0 [ 345.455364] shmem_get_inode+0x96/0x8d0 [ 345.459340] __shmem_file_setup.part.0+0x7a/0x2b0 [ 345.464184] shmem_file_setup+0x61/0x90 [ 345.468157] __se_sys_memfd_create+0x26b/0x440 [ 345.472755] ? memfd_file_seals_ptr+0x150/0x150 [ 345.477426] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 345.482783] ? trace_hardirqs_off_caller+0x6e/0x210 [ 345.487799] ? do_syscall_64+0x21/0x620 [ 345.491771] do_syscall_64+0xf9/0x620 [ 345.495574] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.500757] RIP: 0033:0x7f63e5c4a209 [ 345.504462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 345.523355] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 345.531059] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4a209 [ 345.538324] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f63e5ca329c [ 345.545587] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f63e45bf1d0 14:49:13 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) r1 = getpgid(0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000500)={'\x00', 0x1000, 0x26d88cab, 0x1f, 0x9, 0x0, r1}) ioprio_set$pid(0x2, r1, 0x4007) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r4 = dup2(r2, r3) ioctl$IOC_PR_PREEMPT(r4, 0x40046109, &(0x7f0000000080)={0x2}) write$USERIO_CMD_SET_PORT_TYPE(r4, &(0x7f00000000c0)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 345.552848] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 345.560107] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 345.567387] CPU: 1 PID: 24251 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 345.575285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 345.584640] Call Trace: [ 345.587238] dump_stack+0x1fc/0x2ef [ 345.590890] should_fail.cold+0xa/0xf [ 345.594704] ? setup_fault_attr+0x200/0x200 [ 345.599038] ? lock_downgrade+0x720/0x720 [ 345.603204] __should_failslab+0x115/0x180 14:49:13 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 3) [ 345.607442] should_failslab+0x5/0x10 [ 345.611234] __kmalloc+0x2ab/0x3c0 [ 345.614761] ? ext4_find_extent+0x9bb/0xc70 [ 345.619085] ext4_find_extent+0x9bb/0xc70 [ 345.623230] ext4_ext_map_blocks+0x1c0/0x7390 [ 345.627720] ? __lock_acquire+0x6de/0x3ff0 [ 345.631949] ? mark_held_locks+0xf0/0xf0 [ 345.636006] ? __ext4_handle_dirty_metadata+0x1e0/0x590 [ 345.641357] ? ext4_find_delalloc_cluster+0x1f0/0x1f0 [ 345.646537] ? mark_held_locks+0xf0/0xf0 [ 345.650585] ? ext4_mark_iloc_dirty+0x1b0d/0x2b30 [ 345.655415] ? ext4_es_lookup_extent+0x375/0xb60 [ 345.660173] ? ext4_map_blocks+0x59f/0x1a50 [ 345.664484] ? lock_acquire+0x170/0x3c0 [ 345.668449] ? ext4_map_blocks+0x740/0x1a50 [ 345.672770] ext4_map_blocks+0x7a2/0x1a50 [ 345.676911] ? check_preemption_disabled+0x41/0x280 [ 345.681934] ? ext4_issue_zeroout+0x160/0x160 [ 345.686419] ? __brelse+0x84/0xa0 [ 345.689867] ? __ext4_new_inode+0x2eb/0x5a20 [ 345.694292] ext4_getblk+0xad/0x4f0 [ 345.697947] ? ext4_iomap_begin+0xe00/0xe00 [ 345.702256] ? ext4_free_inode+0x1780/0x1780 [ 345.706674] ? debug_check_no_obj_freed+0x201/0x490 [ 345.711674] ? __dquot_initialize+0x298/0xb70 [ 345.716159] ext4_bread+0x7c/0x210 [ 345.719699] ? ext4_getblk+0x4f0/0x4f0 [ 345.723582] ? dquot_initialize_needed+0x290/0x290 [ 345.728517] ? trace_hardirqs_off+0x64/0x200 [ 345.732935] ext4_append+0x155/0x370 [ 345.736657] ext4_mkdir+0x5bd/0xe10 [ 345.740276] ? ext4_init_dot_dotdot+0x600/0x600 [ 345.744935] ? generic_permission+0x116/0x4d0 [ 345.749422] ? inode_permission.part.0+0x10c/0x450 [ 345.754348] vfs_mkdir+0x508/0x7a0 [ 345.757878] do_mkdirat+0x262/0x2d0 [ 345.761520] ? __ia32_sys_mknod+0x120/0x120 [ 345.765843] ? trace_hardirqs_off_caller+0x6e/0x210 [ 345.770852] ? do_syscall_64+0x21/0x620 [ 345.774814] do_syscall_64+0xf9/0x620 [ 345.778620] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.783798] RIP: 0033:0x7f5bb64d1317 [ 345.787508] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 345.806413] RSP: 002b:00007f5bb4e46f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 345.814212] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d1317 [ 345.821476] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 345.828735] RBP: 00007f5bb4e471d0 R08: 0000000000000000 R09: 00007f5bb4e471d0 [ 345.835996] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 345.843345] R13: 0000000020000100 R14: 00007f5bb4e46fe0 R15: 0000000020010a00 14:49:13 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3ad, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:13 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) r1 = getpgid(0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000500)={'\x00', 0x1000, 0x26d88cab, 0x1f, 0x9, 0x0, r1}) (async) ioprio_set$pid(0x2, r1, 0x4007) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r4 = dup2(r2, r3) ioctl$IOC_PR_PREEMPT(r4, 0x40046109, &(0x7f0000000080)={0x2}) (async) write$USERIO_CMD_SET_PORT_TYPE(r4, &(0x7f00000000c0)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 345.899295] erofs: unmounted for /dev/loop1 [ 345.906023] misc userio: No port type given on /dev/userio [ 345.930030] erofs: read_super, device -> /dev/loop5 14:49:13 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 32) [ 345.949955] erofs: read_super, device -> /dev/loop4 [ 345.955007] erofs: options -> [ 345.958258] erofs: root inode @ nid 36 [ 345.977169] erofs: options -> [ 345.984302] erofs: mounted on /dev/loop4 with opts: . [ 345.988261] erofs: blksize 1 isn't supported on this platform [ 346.000898] FAULT_INJECTION: forcing a failure. [ 346.000898] name failslab, interval 1, probability 0, space 0, times 0 [ 346.012691] CPU: 0 PID: 24275 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 346.020590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 346.029956] Call Trace: [ 346.032559] dump_stack+0x1fc/0x2ef [ 346.036204] should_fail.cold+0xa/0xf [ 346.040020] ? setup_fault_attr+0x200/0x200 [ 346.044351] ? lock_acquire+0x170/0x3c0 14:49:14 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async, rerun: 32) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async, rerun: 32) r1 = getpgid(0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000500)={'\x00', 0x1000, 0x26d88cab, 0x1f, 0x9, 0x0, r1}) (async) ioprio_set$pid(0x2, r1, 0x4007) (async) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r4 = dup2(r2, r3) ioctl$IOC_PR_PREEMPT(r4, 0x40046109, &(0x7f0000000080)={0x2}) write$USERIO_CMD_SET_PORT_TYPE(r4, &(0x7f00000000c0)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 346.044837] misc userio: No port type given on /dev/userio [ 346.048335] __should_failslab+0x115/0x180 [ 346.048352] should_failslab+0x5/0x10 [ 346.048366] kmem_cache_alloc+0x277/0x370 [ 346.048384] __d_alloc+0x2b/0xa10 [ 346.048408] d_alloc_pseudo+0x19/0x70 [ 346.073402] alloc_file_pseudo+0xc6/0x250 [ 346.077540] ? alloc_file+0x4d0/0x4d0 [ 346.081358] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 346.087000] ? shmem_get_inode+0x44c/0x8d0 [ 346.091231] __shmem_file_setup.part.0+0x102/0x2b0 [ 346.096153] shmem_file_setup+0x61/0x90 [ 346.100195] __se_sys_memfd_create+0x26b/0x440 [ 346.104771] ? memfd_file_seals_ptr+0x150/0x150 [ 346.109430] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 346.114782] ? trace_hardirqs_off_caller+0x6e/0x210 [ 346.119786] ? do_syscall_64+0x21/0x620 [ 346.123750] do_syscall_64+0xf9/0x620 [ 346.127542] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.132726] RIP: 0033:0x7f63e5c4a209 14:49:14 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 4) [ 346.136438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 346.155717] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 346.163502] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4a209 [ 346.170764] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f63e5ca329c [ 346.178020] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f63e45bf1d0 [ 346.185535] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 346.192804] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 346.225430] FAULT_INJECTION: forcing a failure. [ 346.225430] name failslab, interval 1, probability 0, space 0, times 0 [ 346.237264] CPU: 0 PID: 24273 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0 [ 346.245163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 346.254522] Call Trace: [ 346.257123] dump_stack+0x1fc/0x2ef [ 346.260759] should_fail.cold+0xa/0xf [ 346.263786] erofs: read_super, device -> /dev/loop1 [ 346.264578] ? setup_fault_attr+0x200/0x200 [ 346.269577] erofs: options -> [ 346.273914] ? __es_tree_search.isra.0+0x1af/0x210 [ 346.273933] __should_failslab+0x115/0x180 [ 346.273956] should_failslab+0x5/0x10 [ 346.273968] kmem_cache_alloc+0x3f/0x370 [ 346.273983] __es_insert_extent+0x39b/0x13b0 [ 346.298555] ext4_es_insert_extent+0x22e/0x5e0 [ 346.303200] ? ext4_map_blocks+0x59f/0x1a50 [ 346.307589] ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0 [ 346.313418] ext4_map_blocks+0xa2a/0x1a50 [ 346.317589] ? ext4_issue_zeroout+0x160/0x160 [ 346.322107] ? __brelse+0x84/0xa0 [ 346.325573] ? __ext4_new_inode+0x2eb/0x5a20 [ 346.330001] ext4_getblk+0xad/0x4f0 [ 346.333642] ? ext4_iomap_begin+0xe00/0xe00 [ 346.337979] ? ext4_free_inode+0x1780/0x1780 [ 346.342399] ? debug_check_no_obj_freed+0x201/0x490 [ 346.347429] ? __dquot_initialize+0x298/0xb70 [ 346.351949] ext4_bread+0x7c/0x210 [ 346.355503] ? ext4_getblk+0x4f0/0x4f0 [ 346.359409] ? dquot_initialize_needed+0x290/0x290 [ 346.364354] ? trace_hardirqs_off+0x64/0x200 [ 346.368780] ext4_append+0x155/0x370 [ 346.372512] ext4_mkdir+0x5bd/0xe10 14:49:14 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) sendmmsg$inet(r0, &(0x7f00000001c0)=[{{&(0x7f0000000000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000080)="99bd6922b743bc4c6c05a43070fe6c6c840f04079a4fd9a6365eaab8e1fa3e00a352d083226b18184fcce70fb334b0f9495e560fefe1c2fdb6b3335e18ed9de90fa339fbc5e6fb32f44fb44b11ebbd762bc16ac7ccd09e5a169bc2425924767ebbdd45c0096908d0f8fdec56f20eb2be825b766b6e6503e1a1729d89d0", 0x7d}], 0x1, &(0x7f0000000180)}}], 0x1, 0x20000014) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) [ 346.376162] ? ext4_init_dot_dotdot+0x600/0x600 [ 346.380846] ? generic_permission+0x116/0x4d0 [ 346.385358] ? inode_permission.part.0+0x10c/0x450 [ 346.390301] vfs_mkdir+0x508/0x7a0 [ 346.393855] do_mkdirat+0x262/0x2d0 [ 346.397493] ? __ia32_sys_mknod+0x120/0x120 [ 346.401829] ? trace_hardirqs_off_caller+0x6e/0x210 [ 346.406855] ? do_syscall_64+0x21/0x620 [ 346.410928] do_syscall_64+0xf9/0x620 [ 346.414754] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.419953] RIP: 0033:0x7f5bb64d1317 [ 346.423676] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 346.442586] RSP: 002b:00007f5bb4e46f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 346.450393] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f5bb64d1317 [ 346.457683] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 346.464964] RBP: 00007f5bb4e471d0 R08: 0000000000000000 R09: 00007f5bb4e471d0 14:49:14 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 346.472237] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 346.479514] R13: 0000000020000100 R14: 00007f5bb4e46fe0 R15: 0000000020010a00 [ 346.493214] erofs: unmounted for /dev/loop4 [ 346.495957] erofs: root inode @ nid 36 14:49:14 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff7f, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:14 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 346.550264] erofs: mounted on /dev/loop1 with opts: . [ 346.575536] FAULT_INJECTION: forcing a failure. [ 346.575536] name failslab, interval 1, probability 0, space 0, times 0 [ 346.587610] CPU: 1 PID: 24309 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 346.595513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 346.604995] Call Trace: [ 346.607600] dump_stack+0x1fc/0x2ef [ 346.611245] should_fail.cold+0xa/0xf [ 346.615061] ? setup_fault_attr+0x200/0x200 [ 346.619398] ? lock_acquire+0x170/0x3c0 [ 346.623396] __should_failslab+0x115/0x180 [ 346.627654] should_failslab+0x5/0x10 [ 346.631468] kmem_cache_alloc+0x277/0x370 [ 346.635634] __alloc_file+0x21/0x340 [ 346.639362] alloc_empty_file+0x6d/0x170 [ 346.643445] alloc_file+0x5e/0x4d0 [ 346.647004] alloc_file_pseudo+0x165/0x250 [ 346.651256] ? alloc_file+0x4d0/0x4d0 [ 346.655070] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 346.660708] ? shmem_get_inode+0x44c/0x8d0 [ 346.664965] __shmem_file_setup.part.0+0x102/0x2b0 [ 346.667186] erofs: read_super, device -> /dev/loop5 [ 346.669908] shmem_file_setup+0x61/0x90 [ 346.669923] __se_sys_memfd_create+0x26b/0x440 [ 346.669936] ? memfd_file_seals_ptr+0x150/0x150 [ 346.669952] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 346.669967] ? trace_hardirqs_off_caller+0x6e/0x210 [ 346.669986] ? do_syscall_64+0x21/0x620 [ 346.675260] erofs: read_super, device -> /dev/loop4 [ 346.678964] do_syscall_64+0xf9/0x620 [ 346.678985] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.678996] RIP: 0033:0x7f63e5c4a209 14:49:14 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3ae, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 346.679011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 346.723306] erofs: options -> [ 346.739156] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 346.739171] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4a209 [ 346.739178] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f63e5ca329c [ 346.739187] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f63e45bf1d0 [ 346.739195] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 346.739203] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 [ 346.761651] erofs: read_super, device -> /dev/loop2 [ 346.775227] erofs: options -> [ 346.780404] erofs: unmounted for /dev/loop1 14:49:14 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 5) [ 346.825415] erofs: blksize 1 isn't supported on this platform [ 346.825555] erofs: options -> [ 346.832039] erofs: root inode @ nid 36 [ 346.839083] erofs: root inode @ nid 36 [ 346.840708] erofs: mounted on /dev/loop4 with opts: . [ 346.848507] erofs: bogus i_mode (0) @ nid 36 14:49:14 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 346.963841] FAULT_INJECTION: forcing a failure. [ 346.963841] name failslab, interval 1, probability 0, space 0, times 0 [ 346.975237] CPU: 0 PID: 24324 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 346.983125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 346.992468] Call Trace: [ 346.995053] dump_stack+0x1fc/0x2ef [ 346.998669] should_fail.cold+0xa/0xf [ 347.002461] ? setup_fault_attr+0x200/0x200 [ 347.006779] ? lock_acquire+0x170/0x3c0 [ 347.010762] __should_failslab+0x115/0x180 [ 347.014989] should_failslab+0x5/0x10 [ 347.018778] kmem_cache_alloc_trace+0x284/0x380 [ 347.023569] apparmor_file_alloc_security+0x394/0xad0 [ 347.028773] ? apparmor_file_receive+0x160/0x160 [ 347.033649] ? __alloc_file+0x21/0x340 [ 347.037528] security_file_alloc+0x40/0x90 [ 347.041757] __alloc_file+0xd8/0x340 [ 347.045472] alloc_empty_file+0x6d/0x170 [ 347.049532] alloc_file+0x5e/0x4d0 [ 347.053171] alloc_file_pseudo+0x165/0x250 [ 347.057535] ? alloc_file+0x4d0/0x4d0 [ 347.061326] ? lockdep_annotate_inode_mutex_key+0x43/0x130 [ 347.066937] ? shmem_get_inode+0x44c/0x8d0 [ 347.071196] __shmem_file_setup.part.0+0x102/0x2b0 [ 347.076117] shmem_file_setup+0x61/0x90 [ 347.080080] __se_sys_memfd_create+0x26b/0x440 [ 347.084803] ? memfd_file_seals_ptr+0x150/0x150 [ 347.089468] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 347.094819] ? trace_hardirqs_off_caller+0x6e/0x210 [ 347.099830] ? do_syscall_64+0x21/0x620 [ 347.103792] do_syscall_64+0xf9/0x620 [ 347.107609] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 347.112802] RIP: 0033:0x7f63e5c4a209 [ 347.116512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 347.135426] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 347.143136] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4a209 [ 347.150399] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00007f63e5ca329c [ 347.157666] RBP: 0000000000000003 R08: 0000000000001000 R09: 00007f63e45bf1d0 14:49:15 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) sendmmsg$inet(r0, &(0x7f00000001c0)=[{{&(0x7f0000000000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000080)="99bd6922b743bc4c6c05a43070fe6c6c840f04079a4fd9a6365eaab8e1fa3e00a352d083226b18184fcce70fb334b0f9495e560fefe1c2fdb6b3335e18ed9de90fa339fbc5e6fb32f44fb44b11ebbd762bc16ac7ccd09e5a169bc2425924767ebbdd45c0096908d0f8fdec56f20eb2be825b766b6e6503e1a1729d89d0", 0x7d}], 0x1, &(0x7f0000000180)}}], 0x1, 0x20000014) (async) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async, rerun: 64) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) (rerun: 64) [ 347.164920] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000 [ 347.172295] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010a00 14:49:15 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:15 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 6) [ 347.219616] erofs: unmounted for /dev/loop4 14:49:15 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff8c, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 347.240775] erofs: read_super, device -> /dev/loop1 [ 347.245851] erofs: options -> [ 347.264423] misc userio: Begin command sent, but we're already running [ 347.268545] erofs: root inode @ nid 36 [ 347.273055] misc userio: Begin command sent, but we're already running [ 347.307363] erofs: mounted on /dev/loop1 with opts: . [ 347.313438] misc userio: Begin command sent, but we're already running [ 347.321332] misc userio: Begin command sent, but we're already running [ 347.346123] misc userio: Begin command sent, but we're already running 14:49:15 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3af, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 347.356433] erofs: read_super, device -> /dev/loop5 [ 347.357802] erofs: read_super, device -> /dev/loop2 [ 347.363283] FAULT_INJECTION: forcing a failure. [ 347.363283] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 347.374704] erofs: options -> [ 347.384972] misc userio: Begin command sent, but we're already running [ 347.393868] erofs: options -> [ 347.400735] erofs: root inode @ nid 36 [ 347.404785] erofs: unmounted for /dev/loop1 [ 347.405798] erofs: blksize 1 isn't supported on this platform [ 347.413786] erofs: read_super, device -> /dev/loop4 [ 347.418560] CPU: 0 PID: 24349 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 347.420680] erofs: bogus i_mode (0) @ nid 36 [ 347.428114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 347.428120] Call Trace: [ 347.428141] dump_stack+0x1fc/0x2ef [ 347.428162] should_fail.cold+0xa/0xf [ 347.428178] ? lock_acquire+0x170/0x3c0 [ 347.428193] ? setup_fault_attr+0x200/0x200 [ 347.428216] __alloc_pages_nodemask+0x239/0x2890 [ 347.433233] misc userio: Begin command sent, but we're already running [ 347.441969] ? __lock_acquire+0x6de/0x3ff0 [ 347.441990] ? static_obj+0x50/0x50 [ 347.442014] ? __lock_acquire+0x6de/0x3ff0 [ 347.442029] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 347.442043] ? __lock_acquire+0x6de/0x3ff0 [ 347.442068] ? mark_held_locks+0xf0/0xf0 [ 347.445017] erofs: options -> [ 347.448261] ? unwind_next_frame+0xeee/0x1400 [ 347.448279] ? mark_held_locks+0xf0/0xf0 [ 347.448293] ? deref_stack_reg+0x134/0x1d0 [ 347.448311] ? get_reg+0x176/0x1f0 [ 347.448326] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 347.448342] alloc_pages_vma+0xf2/0x780 [ 347.452822] erofs: root inode @ nid 36 [ 347.456099] shmem_alloc_page+0x11c/0x1f0 [ 347.456116] ? shmem_swapin+0x220/0x220 [ 347.456150] ? percpu_counter_add_batch+0x126/0x180 [ 347.456165] ? __vm_enough_memory+0x316/0x650 [ 347.456183] shmem_alloc_and_acct_page+0x15a/0x850 [ 347.456205] shmem_getpage_gfp+0x4e9/0x37f0 [ 347.456233] ? shmem_alloc_and_acct_page+0x850/0x850 [ 347.456249] ? mark_held_locks+0xa6/0xf0 [ 347.456263] ? ktime_get_coarse_real_ts64+0x1c7/0x290 [ 347.456275] ? iov_iter_fault_in_readable+0x1fc/0x3f0 [ 347.456294] shmem_write_begin+0xff/0x1e0 [ 347.456321] generic_perform_write+0x1f8/0x4d0 [ 347.456345] ? filemap_page_mkwrite+0x2f0/0x2f0 [ 347.456359] ? current_time+0x1c0/0x1c0 [ 347.456378] ? lock_acquire+0x170/0x3c0 [ 347.456394] __generic_file_write_iter+0x24b/0x610 [ 347.456413] generic_file_write_iter+0x3f8/0x730 [ 347.456434] __vfs_write+0x51b/0x770 [ 347.456450] ? kernel_read+0x110/0x110 [ 347.456476] ? check_preemption_disabled+0x41/0x280 [ 347.456497] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 347.456514] vfs_write+0x1f3/0x540 [ 347.456533] __x64_sys_pwrite64+0x1f7/0x250 [ 347.456549] ? ksys_pwrite64+0x1a0/0x1a0 [ 347.456567] ? trace_hardirqs_off_caller+0x6e/0x210 [ 347.456583] ? do_syscall_64+0x21/0x620 [ 347.456600] do_syscall_64+0xf9/0x620 [ 347.456619] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 347.456631] RIP: 0033:0x7f63e5bfd1d7 [ 347.456646] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 347.456653] RSP: 002b:00007f63e45bef00 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 347.456667] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5bfd1d7 [ 347.456675] RDX: 000000000000000f RSI: 0000000020010000 RDI: 0000000000000004 [ 347.456683] RBP: 0000000000000003 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 347.456691] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004 [ 347.456699] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 [ 347.494427] misc userio: Begin command sent, but we're already running [ 347.494948] erofs: mounted on /dev/loop4 with opts: . [ 347.498841] misc userio: Begin command sent, but we're already running [ 347.744860] misc userio: Begin command sent, but we're already running [ 347.757131] misc userio: Begin command sent, but we're already running [ 347.764424] misc userio: Begin command sent, but we're already running [ 347.772349] misc userio: Begin command sent, but we're already running [ 347.779016] misc userio: Begin command sent, but we're already running [ 347.788165] misc userio: Begin command sent, but we're already running [ 347.796422] misc userio: Begin command sent, but we're already running 14:49:15 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 347.804460] misc userio: Begin command sent, but we're already running [ 347.812210] misc userio: Begin command sent, but we're already running [ 347.818892] misc userio: Begin command sent, but we're already running [ 347.837196] misc userio: Begin command sent, but we're already running [ 347.849120] erofs: read_super, device -> /dev/loop3 [ 347.854489] erofs: unmounted for /dev/loop4 14:49:15 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffff6, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:15 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 347.857654] erofs: options -> [ 347.868815] erofs: cannot find valid erofs superblock [ 347.877791] misc userio: Begin command sent, but we're already running [ 347.887618] misc userio: Begin command sent, but we're already running [ 347.898371] misc userio: Begin command sent, but we're already running [ 347.908365] misc userio: Begin command sent, but we're already running [ 347.935940] misc userio: Begin command sent, but we're already running [ 347.946610] misc userio: Begin command sent, but we're already running [ 347.955003] misc userio: Begin command sent, but we're already running [ 347.963905] misc userio: Begin command sent, but we're already running [ 347.973971] misc userio: Begin command sent, but we're already running 14:49:15 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 7) [ 347.982271] misc userio: Begin command sent, but we're already running [ 347.989432] misc userio: Begin command sent, but we're already running [ 347.998091] erofs: read_super, device -> /dev/loop1 [ 348.012563] misc userio: Begin command sent, but we're already running [ 348.018744] erofs: options -> [ 348.023331] erofs: read_super, device -> /dev/loop4 [ 348.033717] erofs: read_super, device -> /dev/loop5 [ 348.056258] erofs: root inode @ nid 36 [ 348.056589] erofs: options -> [ 348.067840] erofs: options -> [ 348.078578] erofs: mounted on /dev/loop1 with opts: . [ 348.080126] misc userio: Begin command sent, but we're already running [ 348.112949] erofs: read_super, device -> /dev/loop2 [ 348.114107] erofs: root inode @ nid 36 [ 348.119069] FAULT_INJECTION: forcing a failure. [ 348.119069] name failslab, interval 1, probability 0, space 0, times 0 [ 348.128877] erofs: blksize 1 isn't supported on this platform [ 348.150133] erofs: options -> 14:49:16 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3b0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 348.158488] erofs: mounted on /dev/loop4 with opts: . [ 348.164138] erofs: root inode @ nid 36 [ 348.168171] erofs: unmounted for /dev/loop1 [ 348.170132] erofs: bogus i_mode (0) @ nid 36 [ 348.177403] CPU: 1 PID: 24382 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 348.185291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 348.194668] Call Trace: [ 348.197265] dump_stack+0x1fc/0x2ef [ 348.200897] should_fail.cold+0xa/0xf [ 348.204686] ? setup_fault_attr+0x200/0x200 [ 348.208993] ? lock_acquire+0x170/0x3c0 [ 348.212970] __should_failslab+0x115/0x180 [ 348.217201] should_failslab+0x5/0x10 [ 348.220993] kmem_cache_alloc+0x277/0x370 [ 348.225131] getname_flags+0xce/0x590 [ 348.228934] do_sys_open+0x26c/0x520 [ 348.232653] ? filp_open+0x70/0x70 [ 348.236189] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 348.241542] ? trace_hardirqs_off_caller+0x6e/0x210 [ 348.246548] ? do_syscall_64+0x21/0x620 [ 348.250537] do_syscall_64+0xf9/0x620 [ 348.254354] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.259531] RIP: 0033:0x7f63e5bfd124 [ 348.263235] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 348.282147] RSP: 002b:00007f63e45beeb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 348.289852] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5bfd124 [ 348.297129] RDX: 0000000000000002 RSI: 00007f63e45befe0 RDI: 00000000ffffff9c [ 348.304383] RBP: 00007f63e45befe0 R08: 0000000000000000 R09: 00007f63e45bf1d0 14:49:16 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64) gettid() (async, rerun: 64) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) sendmmsg$inet(r0, &(0x7f00000001c0)=[{{&(0x7f0000000000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000080)="99bd6922b743bc4c6c05a43070fe6c6c840f04079a4fd9a6365eaab8e1fa3e00a352d083226b18184fcce70fb334b0f9495e560fefe1c2fdb6b3335e18ed9de90fa339fbc5e6fb32f44fb44b11ebbd762bc16ac7ccd09e5a169bc2425924767ebbdd45c0096908d0f8fdec56f20eb2be825b766b6e6503e1a1729d89d0", 0x7d}], 0x1, &(0x7f0000000180)}}], 0x1, 0x20000014) (async) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) 14:49:16 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 8) [ 348.311651] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 348.318917] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 348.421519] FAULT_INJECTION: forcing a failure. [ 348.421519] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 348.433350] CPU: 1 PID: 24391 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 348.441237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 348.450594] Call Trace: [ 348.453192] dump_stack+0x1fc/0x2ef [ 348.456840] should_fail.cold+0xa/0xf [ 348.460659] ? setup_fault_attr+0x200/0x200 [ 348.465126] ? do_writepages+0x290/0x290 [ 348.469196] ? unlock_page+0x13d/0x230 [ 348.473103] __alloc_pages_nodemask+0x239/0x2890 [ 348.477981] ? lock_downgrade+0x720/0x720 [ 348.482242] ? check_preemption_disabled+0x41/0x280 [ 348.487277] ? __lock_acquire+0x6de/0x3ff0 [ 348.491548] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 348.496405] ? lock_downgrade+0x720/0x720 [ 348.500565] ? lock_acquire+0x170/0x3c0 [ 348.504562] ? up_write+0x18/0x150 [ 348.508113] ? generic_file_write_iter+0x381/0x730 [ 348.509358] erofs: read_super, device -> /dev/loop1 [ 348.513046] ? iov_iter_init+0xb8/0x1d0 14:49:16 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 348.513068] cache_grow_begin+0xa4/0x8a0 [ 348.513085] ? setup_fault_attr+0x200/0x200 [ 348.513098] ? lock_acquire+0x170/0x3c0 [ 348.513114] cache_alloc_refill+0x273/0x340 [ 348.513134] kmem_cache_alloc+0x346/0x370 [ 348.513152] getname_flags+0xce/0x590 [ 348.513168] do_sys_open+0x26c/0x520 [ 348.526354] erofs: options -> [ 348.530508] ? filp_open+0x70/0x70 [ 348.530528] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 348.530543] ? trace_hardirqs_off_caller+0x6e/0x210 [ 348.530558] ? do_syscall_64+0x21/0x620 [ 348.530573] do_syscall_64+0xf9/0x620 [ 348.530591] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.530602] RIP: 0033:0x7f63e5bfd124 [ 348.530614] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 348.530621] RSP: 002b:00007f63e45beeb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 348.530633] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5bfd124 14:49:16 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xedc000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:16 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 348.530640] RDX: 0000000000000002 RSI: 00007f63e45befe0 RDI: 00000000ffffff9c [ 348.530648] RBP: 00007f63e45befe0 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 348.530658] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 348.631348] erofs: root inode @ nid 36 [ 348.632848] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 348.652594] erofs: unmounted for /dev/loop4 [ 348.681819] erofs: read_super, device -> /dev/loop3 [ 348.688317] erofs: options -> [ 348.699139] erofs: root inode @ nid 36 [ 348.704054] erofs: mounted on /dev/loop3 with opts: . 14:49:16 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 9) [ 348.732137] erofs: mounted on /dev/loop1 with opts: . 14:49:16 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3b1, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 348.754322] erofs: unmounted for /dev/loop3 [ 348.770244] erofs: read_super, device -> /dev/loop5 [ 348.775396] erofs: options -> [ 348.790153] erofs: unmounted for /dev/loop1 [ 348.798036] erofs: blksize 1 isn't supported on this platform [ 348.855562] erofs: read_super, device -> /dev/loop2 [ 348.861934] FAULT_INJECTION: forcing a failure. [ 348.861934] name failslab, interval 1, probability 0, space 0, times 0 [ 348.878435] CPU: 1 PID: 24424 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 348.878983] erofs: read_super, device -> /dev/loop4 [ 348.886325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 348.886330] Call Trace: [ 348.886353] dump_stack+0x1fc/0x2ef [ 348.886374] should_fail.cold+0xa/0xf [ 348.886392] ? setup_fault_attr+0x200/0x200 [ 348.886408] ? lock_acquire+0x170/0x3c0 [ 348.886426] __should_failslab+0x115/0x180 [ 348.907299] erofs: options -> [ 348.910924] should_failslab+0x5/0x10 [ 348.910940] kmem_cache_alloc+0x277/0x370 [ 348.910958] __alloc_file+0x21/0x340 [ 348.910974] alloc_empty_file+0x6d/0x170 [ 348.910991] path_openat+0xe9/0x2df0 [ 348.911006] ? __lock_acquire+0x6de/0x3ff0 [ 348.911027] ? path_lookupat+0x8d0/0x8d0 [ 348.911042] ? mark_held_locks+0xf0/0xf0 [ 348.911068] do_filp_open+0x18c/0x3f0 [ 348.955651] erofs: options -> [ 348.958421] ? may_open_dev+0xf0/0xf0 [ 348.958439] ? __alloc_fd+0x28d/0x570 [ 348.958457] ? lock_downgrade+0x720/0x720 [ 348.958472] ? lock_acquire+0x170/0x3c0 [ 348.969158] erofs: root inode @ nid 36 [ 348.969228] ? __alloc_fd+0x34/0x570 [ 348.974402] erofs: mounted on /dev/loop4 with opts: . [ 348.977148] ? do_raw_spin_unlock+0x171/0x230 [ 348.977166] ? _raw_spin_unlock+0x29/0x40 [ 348.977179] ? __alloc_fd+0x28d/0x570 [ 348.977199] do_sys_open+0x3b3/0x520 [ 348.997832] erofs: root inode @ nid 36 [ 348.998369] ? filp_open+0x70/0x70 [ 348.998391] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 348.998405] ? trace_hardirqs_off_caller+0x6e/0x210 [ 348.998423] ? do_syscall_64+0x21/0x620 [ 349.002862] erofs: bogus i_mode (0) @ nid 36 [ 349.006345] do_syscall_64+0xf9/0x620 [ 349.006367] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.006377] RIP: 0033:0x7f63e5bfd124 [ 349.006392] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 349.067890] RSP: 002b:00007f63e45beeb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 349.075580] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5bfd124 [ 349.082839] RDX: 0000000000000002 RSI: 00007f63e45befe0 RDI: 00000000ffffff9c [ 349.090124] RBP: 00007f63e45befe0 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 349.097381] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 14:49:17 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:17 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 10) [ 349.104637] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:17 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 349.154881] erofs: read_super, device -> /dev/loop1 [ 349.167515] erofs: options -> [ 349.202205] erofs: root inode @ nid 36 [ 349.209916] erofs: unmounted for /dev/loop4 [ 349.214821] FAULT_INJECTION: forcing a failure. [ 349.214821] name failslab, interval 1, probability 0, space 0, times 0 [ 349.221422] erofs: mounted on /dev/loop1 with opts: . [ 349.229369] CPU: 0 PID: 24437 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 349.239113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 349.248453] Call Trace: [ 349.251035] dump_stack+0x1fc/0x2ef [ 349.254657] should_fail.cold+0xa/0xf [ 349.258450] ? setup_fault_attr+0x200/0x200 [ 349.262760] ? lock_acquire+0x170/0x3c0 [ 349.266728] __should_failslab+0x115/0x180 [ 349.270953] should_failslab+0x5/0x10 [ 349.274740] kmem_cache_alloc_trace+0x284/0x380 [ 349.279402] apparmor_file_alloc_security+0x394/0xad0 [ 349.284585] ? apparmor_file_receive+0x160/0x160 [ 349.289331] ? __alloc_file+0x21/0x340 [ 349.293212] security_file_alloc+0x40/0x90 [ 349.297434] __alloc_file+0xd8/0x340 [ 349.301138] alloc_empty_file+0x6d/0x170 [ 349.305194] path_openat+0xe9/0x2df0 [ 349.308898] ? __lock_acquire+0x6de/0x3ff0 [ 349.313126] ? path_lookupat+0x8d0/0x8d0 [ 349.317177] ? mark_held_locks+0xf0/0xf0 [ 349.321233] do_filp_open+0x18c/0x3f0 [ 349.325019] ? may_open_dev+0xf0/0xf0 [ 349.328815] ? __alloc_fd+0x28d/0x570 [ 349.332609] ? lock_downgrade+0x720/0x720 [ 349.336745] ? lock_acquire+0x170/0x3c0 [ 349.340710] ? __alloc_fd+0x34/0x570 [ 349.344415] ? do_raw_spin_unlock+0x171/0x230 [ 349.348903] ? _raw_spin_unlock+0x29/0x40 [ 349.353039] ? __alloc_fd+0x28d/0x570 [ 349.356833] do_sys_open+0x3b3/0x520 [ 349.360535] ? filp_open+0x70/0x70 [ 349.364066] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 349.369417] ? trace_hardirqs_off_caller+0x6e/0x210 [ 349.374420] ? do_syscall_64+0x21/0x620 [ 349.378384] do_syscall_64+0xf9/0x620 [ 349.382174] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.387351] RIP: 0033:0x7f63e5bfd124 [ 349.391054] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 349.409939] RSP: 002b:00007f63e45beeb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 349.417633] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5bfd124 [ 349.424890] RDX: 0000000000000002 RSI: 00007f63e45befe0 RDI: 00000000ffffff9c [ 349.432148] RBP: 00007f63e45befe0 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 349.439402] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 14:49:17 executing program 0: ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000000)={0x7ff, 0x1000, 0x7, 0x8000, 0x8, "2b723fbfc74a1e03a12dfbb10c94866017ca33", 0x1, 0x7}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 349.446656] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:17 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:17 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:17 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 11) [ 349.516357] erofs: unmounted for /dev/loop1 [ 349.525474] erofs: read_super, device -> /dev/loop5 [ 349.555186] erofs: options -> [ 349.558721] erofs: blksize 1 isn't supported on this platform [ 349.580708] erofs: read_super, device -> /dev/loop2 [ 349.587350] erofs: options -> [ 349.592335] erofs: root inode @ nid 36 [ 349.596506] erofs: bogus i_mode (0) @ nid 36 [ 349.702807] FAULT_INJECTION: forcing a failure. [ 349.702807] name failslab, interval 1, probability 0, space 0, times 0 [ 349.714223] CPU: 0 PID: 24455 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 349.722110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 349.731461] Call Trace: [ 349.734037] dump_stack+0x1fc/0x2ef [ 349.737653] should_fail.cold+0xa/0xf [ 349.741450] ? setup_fault_attr+0x200/0x200 [ 349.745757] ? lock_acquire+0x170/0x3c0 [ 349.749716] __should_failslab+0x115/0x180 [ 349.753946] should_failslab+0x5/0x10 [ 349.757744] kmem_cache_alloc_trace+0x284/0x380 [ 349.762411] ? loop_info64_to_compat+0x5e0/0x5e0 [ 349.767157] __kthread_create_on_node+0xd2/0x410 [ 349.771901] ? kthread_parkme+0xa0/0xa0 [ 349.775869] ? lock_acquire+0x170/0x3c0 [ 349.779835] ? lo_ioctl+0x1bb/0x20e0 [ 349.783544] ? __mutex_lock+0x368/0x1190 [ 349.787613] ? lock_downgrade+0x720/0x720 [ 349.791747] ? check_preemption_disabled+0x41/0x280 [ 349.796761] ? loop_info64_to_compat+0x5e0/0x5e0 [ 349.801513] kthread_create_on_node+0xbb/0xf0 [ 349.806004] ? __kthread_create_on_node+0x410/0x410 [ 349.811282] ? __fget+0x356/0x510 [ 349.814731] ? do_dup2+0x450/0x450 [ 349.818275] ? __lockdep_init_map+0x100/0x5a0 [ 349.822757] ? __lockdep_init_map+0x100/0x5a0 [ 349.827240] lo_ioctl+0xae5/0x20e0 [ 349.830769] ? loop_set_status64+0x110/0x110 [ 349.835348] blkdev_ioctl+0x5cb/0x1a80 [ 349.839232] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.844584] ? blkpg_ioctl+0x9d0/0x9d0 [ 349.848458] ? mark_held_locks+0xf0/0xf0 [ 349.852502] ? mark_held_locks+0xf0/0xf0 [ 349.856549] ? debug_check_no_obj_freed+0x201/0x490 [ 349.861562] ? lock_downgrade+0x720/0x720 [ 349.865701] block_ioctl+0xe9/0x130 [ 349.869311] ? blkdev_fallocate+0x3f0/0x3f0 [ 349.873647] do_vfs_ioctl+0xcdb/0x12e0 [ 349.877518] ? lock_downgrade+0x720/0x720 [ 349.881662] ? check_preemption_disabled+0x41/0x280 [ 349.886671] ? ioctl_preallocate+0x200/0x200 [ 349.891063] ? __fget+0x356/0x510 [ 349.894501] ? do_dup2+0x450/0x450 [ 349.898026] ? do_sys_open+0x2bf/0x520 [ 349.901919] ksys_ioctl+0x9b/0xc0 [ 349.905360] __x64_sys_ioctl+0x6f/0xb0 [ 349.909245] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 349.913826] do_syscall_64+0xf9/0x620 [ 349.917631] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.922804] RIP: 0033:0x7f63e5c49fc7 [ 349.926508] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 349.945394] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 349.953094] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 349.960356] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 349.967787] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 349.975048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 349.982300] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:18 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 12) 14:49:18 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 350.003262] erofs: read_super, device -> /dev/loop4 [ 350.011857] erofs: read_super, device -> /dev/loop1 [ 350.018068] erofs: options -> [ 350.030678] erofs: options -> [ 350.046149] erofs: root inode @ nid 36 14:49:18 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x100000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:18 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 350.057067] erofs: root inode @ nid 36 [ 350.062161] erofs: mounted on /dev/loop1 with opts: . [ 350.073698] erofs: mounted on /dev/loop4 with opts: . [ 350.094475] FAULT_INJECTION: forcing a failure. [ 350.094475] name failslab, interval 1, probability 0, space 0, times 0 [ 350.107984] CPU: 0 PID: 24471 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 350.108256] erofs: unmounted for /dev/loop1 [ 350.115876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 350.115882] Call Trace: [ 350.115906] dump_stack+0x1fc/0x2ef [ 350.115929] should_fail.cold+0xa/0xf [ 350.115947] ? setup_fault_attr+0x200/0x200 [ 350.115962] ? lock_acquire+0x170/0x3c0 [ 350.115984] __should_failslab+0x115/0x180 [ 350.116008] should_failslab+0x5/0x10 [ 350.116024] kmem_cache_alloc+0x277/0x370 [ 350.116042] __kernfs_new_node+0xd2/0x680 [ 350.116059] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 350.116076] ? __cpu_to_node+0x7b/0xa0 [ 350.172786] ? account_entity_enqueue+0x2e5/0x440 [ 350.177616] ? mark_held_locks+0xf0/0xf0 [ 350.181660] ? enqueue_entity+0xf86/0x3850 [ 350.186004] ? set_user_nice.part.0+0x3b9/0xab0 [ 350.190669] kernfs_create_dir_ns+0x9e/0x230 [ 350.195065] internal_create_group+0x1c1/0xb20 [ 350.199639] ? sysfs_remove_link_from_group+0x70/0x70 [ 350.204832] ? lock_downgrade+0x720/0x720 [ 350.208984] lo_ioctl+0xf7c/0x20e0 [ 350.212519] ? loop_set_status64+0x110/0x110 [ 350.216929] blkdev_ioctl+0x5cb/0x1a80 [ 350.220816] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.226175] ? blkpg_ioctl+0x9d0/0x9d0 [ 350.230062] ? mark_held_locks+0xf0/0xf0 [ 350.234117] ? mark_held_locks+0xf0/0xf0 [ 350.238274] ? debug_check_no_obj_freed+0x201/0x490 [ 350.243278] ? lock_downgrade+0x720/0x720 [ 350.247416] block_ioctl+0xe9/0x130 [ 350.251032] ? blkdev_fallocate+0x3f0/0x3f0 [ 350.255346] do_vfs_ioctl+0xcdb/0x12e0 [ 350.259220] ? lock_downgrade+0x720/0x720 [ 350.263354] ? check_preemption_disabled+0x41/0x280 [ 350.268358] ? ioctl_preallocate+0x200/0x200 [ 350.272754] ? __fget+0x356/0x510 [ 350.276193] ? do_dup2+0x450/0x450 [ 350.279714] ? do_sys_open+0x2bf/0x520 [ 350.283609] ksys_ioctl+0x9b/0xc0 [ 350.287055] __x64_sys_ioctl+0x6f/0xb0 [ 350.290928] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 350.295494] do_syscall_64+0xf9/0x620 [ 350.299282] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.304453] RIP: 0033:0x7f63e5c49fc7 [ 350.308155] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 350.327212] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 350.334905] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 350.342272] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 350.349537] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 14:49:18 executing program 0: ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000000)={0x7ff, 0x1000, 0x7, 0x8000, 0x8, "2b723fbfc74a1e03a12dfbb10c94866017ca33", 0x1, 0x7}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000000)={0x7ff, 0x1000, 0x7, 0x8000, 0x8, "2b723fbfc74a1e03a12dfbb10c94866017ca33", 0x1, 0x7}) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (async) [ 350.356803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 350.364055] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 350.374654] erofs: read_super, device -> /dev/loop2 [ 350.380057] erofs: options -> [ 350.384583] erofs: root inode @ nid 36 [ 350.395101] erofs: read_super, device -> /dev/loop5 [ 350.401564] erofs: read_super, device -> /dev/loop3 14:49:18 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x20000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 350.407023] erofs: options -> [ 350.410769] erofs: options -> [ 350.414595] erofs: bogus i_mode (0) @ nid 36 [ 350.419350] erofs: blksize 1 isn't supported on this platform [ 350.426675] erofs: root inode @ nid 36 [ 350.433016] erofs: mounted on /dev/loop3 with opts: . [ 350.434730] erofs: unmounted for /dev/loop4 14:49:18 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 13) [ 350.519888] erofs: unmounted for /dev/loop3 14:49:18 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:18 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 350.606927] erofs: read_super, device -> /dev/loop1 [ 350.624590] erofs: options -> [ 350.640710] erofs: root inode @ nid 36 [ 350.652108] erofs: read_super, device -> /dev/loop4 [ 350.653745] erofs: mounted on /dev/loop1 with opts: . [ 350.657145] erofs: options -> [ 350.666937] erofs: root inode @ nid 36 [ 350.676172] erofs: read_super, device -> /dev/loop5 [ 350.681721] erofs: options -> [ 350.683230] erofs: mounted on /dev/loop4 with opts: . [ 350.685320] erofs: blksize 1 isn't supported on this platform [ 350.693627] FAULT_INJECTION: forcing a failure. [ 350.693627] name failslab, interval 1, probability 0, space 0, times 0 [ 350.707760] CPU: 1 PID: 24515 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 350.715647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 350.724991] Call Trace: [ 350.727564] dump_stack+0x1fc/0x2ef [ 350.731205] should_fail.cold+0xa/0xf [ 350.734997] ? setup_fault_attr+0x200/0x200 [ 350.739322] ? lock_acquire+0x170/0x3c0 [ 350.743304] __should_failslab+0x115/0x180 [ 350.747536] should_failslab+0x5/0x10 [ 350.751326] kmem_cache_alloc+0x277/0x370 [ 350.755481] __kernfs_new_node+0xd2/0x680 [ 350.759632] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 350.764395] ? kernfs_activate+0x2c/0x1d0 [ 350.768538] ? lock_downgrade+0x720/0x720 [ 350.772670] ? kernfs_add_one+0x51/0x4c0 [ 350.776733] ? mutex_trylock+0x1a0/0x1a0 [ 350.780795] ? __mutex_unlock_slowpath+0xea/0x610 [ 350.785646] kernfs_new_node+0x92/0x120 [ 350.789631] __kernfs_create_file+0x51/0x340 [ 350.794042] sysfs_add_file_mode_ns+0x226/0x540 [ 350.798727] internal_create_group+0x355/0xb20 [ 350.803306] ? sysfs_remove_link_from_group+0x70/0x70 [ 350.808490] ? lock_downgrade+0x720/0x720 [ 350.812639] lo_ioctl+0xf7c/0x20e0 [ 350.816168] ? loop_set_status64+0x110/0x110 [ 350.820572] blkdev_ioctl+0x5cb/0x1a80 [ 350.824456] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.829815] ? blkpg_ioctl+0x9d0/0x9d0 [ 350.833782] ? mark_held_locks+0xf0/0xf0 [ 350.837845] ? mark_held_locks+0xf0/0xf0 [ 350.841905] ? debug_check_no_obj_freed+0x201/0x490 [ 350.846919] ? lock_downgrade+0x720/0x720 [ 350.851054] block_ioctl+0xe9/0x130 14:49:18 executing program 0: ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000000)={0x7ff, 0x1000, 0x7, 0x8000, 0x8, "2b723fbfc74a1e03a12dfbb10c94866017ca33", 0x1, 0x7}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async, rerun: 64) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() (async) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 350.854670] ? blkdev_fallocate+0x3f0/0x3f0 [ 350.858985] do_vfs_ioctl+0xcdb/0x12e0 [ 350.862881] ? lock_downgrade+0x720/0x720 [ 350.867035] ? check_preemption_disabled+0x41/0x280 [ 350.872045] ? ioctl_preallocate+0x200/0x200 [ 350.876455] ? __fget+0x356/0x510 [ 350.879911] ? do_dup2+0x450/0x450 [ 350.883475] ? do_sys_open+0x2bf/0x520 [ 350.887355] ksys_ioctl+0x9b/0xc0 [ 350.890796] __x64_sys_ioctl+0x6f/0xb0 [ 350.894675] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 350.899255] do_syscall_64+0xf9/0x620 [ 350.903055] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.908243] RIP: 0033:0x7f63e5c49fc7 [ 350.911955] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 350.931377] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 350.939081] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 350.946349] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:49:18 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 350.953619] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 350.960885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 350.968147] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 350.978499] erofs: read_super, device -> /dev/loop2 [ 350.979292] erofs: read_super, device -> /dev/loop3 14:49:19 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:19 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 351.027789] erofs: options -> [ 351.030263] erofs: options -> [ 351.038265] erofs: unmounted for /dev/loop1 [ 351.042574] erofs: root inode @ nid 36 [ 351.048670] erofs: unmounted for /dev/loop4 [ 351.058294] erofs: mounted on /dev/loop3 with opts: . [ 351.074658] erofs: root inode @ nid 36 [ 351.078810] erofs: bogus i_mode (0) @ nid 36 14:49:19 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 14) [ 351.157306] erofs: unmounted for /dev/loop3 14:49:19 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 351.233093] erofs: read_super, device -> /dev/loop1 [ 351.238139] erofs: options -> [ 351.239818] erofs: read_super, device -> /dev/loop5 [ 351.243409] erofs: read_super, device -> /dev/loop4 [ 351.253837] erofs: options -> [ 351.257350] erofs: root inode @ nid 36 [ 351.257703] erofs: options -> [ 351.268151] erofs: root inode @ nid 36 [ 351.270845] FAULT_INJECTION: forcing a failure. [ 351.270845] name failslab, interval 1, probability 0, space 0, times 0 [ 351.273412] erofs: mounted on /dev/loop4 with opts: . [ 351.290255] erofs: mounted on /dev/loop1 with opts: . [ 351.296120] erofs: blksize 1 isn't supported on this platform [ 351.300222] CPU: 1 PID: 24545 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 351.309881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 351.319213] Call Trace: [ 351.321786] dump_stack+0x1fc/0x2ef [ 351.325397] should_fail.cold+0xa/0xf [ 351.329201] ? setup_fault_attr+0x200/0x200 [ 351.333508] ? lock_acquire+0x170/0x3c0 [ 351.337479] __should_failslab+0x115/0x180 [ 351.341710] should_failslab+0x5/0x10 [ 351.345541] kmem_cache_alloc+0x277/0x370 [ 351.349681] __kernfs_new_node+0xd2/0x680 [ 351.353818] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 351.358558] ? kernfs_activate+0x2c/0x1d0 [ 351.362689] ? lock_downgrade+0x720/0x720 [ 351.366819] ? kernfs_add_one+0x51/0x4c0 [ 351.370867] ? mutex_trylock+0x1a0/0x1a0 [ 351.374915] ? __mutex_unlock_slowpath+0xea/0x610 [ 351.379830] kernfs_new_node+0x92/0x120 [ 351.383791] __kernfs_create_file+0x51/0x340 [ 351.388185] sysfs_add_file_mode_ns+0x226/0x540 [ 351.392843] internal_create_group+0x355/0xb20 [ 351.397408] ? sysfs_remove_link_from_group+0x70/0x70 [ 351.402581] ? lock_downgrade+0x720/0x720 [ 351.406741] lo_ioctl+0xf7c/0x20e0 [ 351.410265] ? loop_set_status64+0x110/0x110 [ 351.414656] blkdev_ioctl+0x5cb/0x1a80 [ 351.418532] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.423884] ? blkpg_ioctl+0x9d0/0x9d0 [ 351.427754] ? mark_held_locks+0xf0/0xf0 [ 351.431797] ? mark_held_locks+0xf0/0xf0 [ 351.435844] ? debug_check_no_obj_freed+0x201/0x490 [ 351.440883] ? lock_downgrade+0x720/0x720 [ 351.445020] block_ioctl+0xe9/0x130 [ 351.448631] ? blkdev_fallocate+0x3f0/0x3f0 [ 351.452943] do_vfs_ioctl+0xcdb/0x12e0 [ 351.456815] ? lock_downgrade+0x720/0x720 [ 351.460948] ? check_preemption_disabled+0x41/0x280 [ 351.465946] ? ioctl_preallocate+0x200/0x200 [ 351.470337] ? __fget+0x356/0x510 [ 351.473773] ? do_dup2+0x450/0x450 [ 351.477315] ? do_sys_open+0x2bf/0x520 [ 351.481187] ksys_ioctl+0x9b/0xc0 [ 351.484624] __x64_sys_ioctl+0x6f/0xb0 [ 351.488493] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 351.493055] do_syscall_64+0xf9/0x620 [ 351.496846] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.502025] RIP: 0033:0x7f63e5c49fc7 [ 351.505722] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 351.524607] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:49:19 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000008487, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000600)='fd\x00') getdents(r1, &(0x7f0000001040)=""/4096, 0x1000) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000080)=0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x7d, 0xff, 0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8283, 0x1, @perf_config_ext={0x0, 0x9}, 0x20, 0x0, 0x7, 0x4, 0x0, 0xb5, 0x0, 0x0, 0x406}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) perf_event_open(0x0, r2, 0x2, 0xffffffffffffffff, 0x0) process_vm_writev(r2, &(0x7f0000000300)=[{&(0x7f0000000780)=""/4096, 0x1000}, {&(0x7f0000000000)=""/17, 0x11}, {&(0x7f0000000140)=""/186, 0xba}, {&(0x7f0000000080)=""/25, 0x19}, {&(0x7f0000000200)=""/205, 0xcd}], 0x5, &(0x7f0000000600)=[{&(0x7f00000000c0)}, {&(0x7f00000003c0)}, {&(0x7f0000000400)=""/186, 0xba}, {&(0x7f00000004c0)=""/198, 0xc6}, {&(0x7f00000005c0)}], 0x5, 0x0) [ 351.532296] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 351.539554] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 351.546830] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 351.554081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 351.561332] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:19 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:19 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x900, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 351.649851] erofs: read_super, device -> /dev/loop3 [ 351.656384] erofs: options -> [ 351.670445] erofs: read_super, device -> /dev/loop2 [ 351.684668] erofs: options -> 14:49:19 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x66000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:19 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async, rerun: 64) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000008487, 0x0) (rerun: 64) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (async, rerun: 64) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000600)='fd\x00') (rerun: 64) getdents(r1, &(0x7f0000001040)=""/4096, 0x1000) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000080)=0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x7d, 0xff, 0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8283, 0x1, @perf_config_ext={0x0, 0x9}, 0x20, 0x0, 0x7, 0x4, 0x0, 0xb5, 0x0, 0x0, 0x406}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) (async) perf_event_open(0x0, r2, 0x2, 0xffffffffffffffff, 0x0) process_vm_writev(r2, &(0x7f0000000300)=[{&(0x7f0000000780)=""/4096, 0x1000}, {&(0x7f0000000000)=""/17, 0x11}, {&(0x7f0000000140)=""/186, 0xba}, {&(0x7f0000000080)=""/25, 0x19}, {&(0x7f0000000200)=""/205, 0xcd}], 0x5, &(0x7f0000000600)=[{&(0x7f00000000c0)}, {&(0x7f00000003c0)}, {&(0x7f0000000400)=""/186, 0xba}, {&(0x7f00000004c0)=""/198, 0xc6}, {&(0x7f00000005c0)}], 0x5, 0x0) 14:49:19 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 15) [ 351.698272] erofs: unmounted for /dev/loop1 [ 351.703763] erofs: root inode @ nid 36 [ 351.709286] erofs: mounted on /dev/loop3 with opts: . [ 351.711830] erofs: root inode @ nid 36 [ 351.720000] erofs: unmounted for /dev/loop4 [ 351.726633] erofs: bogus i_mode (0) @ nid 36 14:49:19 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 351.779151] erofs: unmounted for /dev/loop3 14:49:19 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000008487, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000600)='fd\x00') getdents(r1, &(0x7f0000001040)=""/4096, 0x1000) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000080)=0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x7d, 0xff, 0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8283, 0x1, @perf_config_ext={0x0, 0x9}, 0x20, 0x0, 0x7, 0x4, 0x0, 0xb5, 0x0, 0x0, 0x406}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) perf_event_open(0x0, r2, 0x2, 0xffffffffffffffff, 0x0) process_vm_writev(r2, &(0x7f0000000300)=[{&(0x7f0000000780)=""/4096, 0x1000}, {&(0x7f0000000000)=""/17, 0x11}, {&(0x7f0000000140)=""/186, 0xba}, {&(0x7f0000000080)=""/25, 0x19}, {&(0x7f0000000200)=""/205, 0xcd}], 0x5, &(0x7f0000000600)=[{&(0x7f00000000c0)}, {&(0x7f00000003c0)}, {&(0x7f0000000400)=""/186, 0xba}, {&(0x7f00000004c0)=""/198, 0xc6}, {&(0x7f00000005c0)}], 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000008487, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (async) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000600)='fd\x00') (async) getdents(r1, &(0x7f0000001040)=""/4096, 0x1000) (async) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000080)) (async) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x7d, 0xff, 0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8283, 0x1, @perf_config_ext={0x0, 0x9}, 0x20, 0x0, 0x7, 0x4, 0x0, 0xb5, 0x0, 0x0, 0x406}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) (async) perf_event_open(0x0, r2, 0x2, 0xffffffffffffffff, 0x0) (async) process_vm_writev(r2, &(0x7f0000000300)=[{&(0x7f0000000780)=""/4096, 0x1000}, {&(0x7f0000000000)=""/17, 0x11}, {&(0x7f0000000140)=""/186, 0xba}, {&(0x7f0000000080)=""/25, 0x19}, {&(0x7f0000000200)=""/205, 0xcd}], 0x5, &(0x7f0000000600)=[{&(0x7f00000000c0)}, {&(0x7f00000003c0)}, {&(0x7f0000000400)=""/186, 0xba}, {&(0x7f00000004c0)=""/198, 0xc6}, {&(0x7f00000005c0)}], 0x5, 0x0) (async) [ 351.831718] erofs: read_super, device -> /dev/loop5 [ 351.834331] erofs: read_super, device -> /dev/loop1 [ 351.836761] erofs: options -> [ 351.848123] erofs: options -> [ 351.854315] erofs: root inode @ nid 36 [ 351.861928] erofs: mounted on /dev/loop1 with opts: . [ 351.871520] erofs: read_super, device -> /dev/loop4 [ 351.876544] erofs: options -> 14:49:19 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 351.885022] erofs: blksize 1 isn't supported on this platform [ 351.892620] erofs: root inode @ nid 36 [ 351.897115] erofs: mounted on /dev/loop4 with opts: . 14:49:19 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = dup2(r0, r1) ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000080)={0x2, 0x0, 0x1}) syz_open_dev$cec(&(0x7f0000000140), 0x2, 0x2) r3 = syz_open_dev$cec(&(0x7f00000000c0), 0xffffffffffffffff, 0x2) r4 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r5 = dup2(r3, r4) ioctl$IOC_PR_PREEMPT(r5, 0x40046109, &(0x7f0000000080)={0x2}) sendmsg$NL80211_CMD_SET_STATION(r5, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r6 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r6, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r6, &(0x7f0000000040), 0x2) [ 351.939040] erofs: unmounted for /dev/loop1 [ 351.966008] FAULT_INJECTION: forcing a failure. [ 351.966008] name failslab, interval 1, probability 0, space 0, times 0 [ 351.977356] CPU: 0 PID: 24588 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 351.985240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 351.994576] Call Trace: [ 351.997150] dump_stack+0x1fc/0x2ef [ 352.000790] should_fail.cold+0xa/0xf [ 352.004600] ? setup_fault_attr+0x200/0x200 [ 352.008917] ? lock_acquire+0x170/0x3c0 [ 352.012885] __should_failslab+0x115/0x180 [ 352.017234] should_failslab+0x5/0x10 [ 352.021018] kmem_cache_alloc+0x277/0x370 [ 352.025155] __kernfs_new_node+0xd2/0x680 [ 352.029289] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 352.034036] ? __mutex_unlock_slowpath+0xea/0x610 [ 352.038874] ? wait_for_completion_io+0x10/0x10 [ 352.043675] ? kernfs_next_descendant_post+0x19c/0x290 [ 352.048944] kernfs_new_node+0x92/0x120 [ 352.052933] __kernfs_create_file+0x51/0x340 [ 352.057389] sysfs_add_file_mode_ns+0x226/0x540 [ 352.062061] internal_create_group+0x355/0xb20 [ 352.066637] ? sysfs_remove_link_from_group+0x70/0x70 [ 352.071816] ? lock_downgrade+0x720/0x720 [ 352.075973] lo_ioctl+0xf7c/0x20e0 [ 352.079520] ? loop_set_status64+0x110/0x110 [ 352.083923] blkdev_ioctl+0x5cb/0x1a80 [ 352.087793] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.093144] ? blkpg_ioctl+0x9d0/0x9d0 [ 352.097025] ? mark_held_locks+0xf0/0xf0 [ 352.101075] ? mark_held_locks+0xf0/0xf0 [ 352.105126] ? debug_check_no_obj_freed+0x201/0x490 [ 352.110136] ? lock_downgrade+0x720/0x720 [ 352.114286] block_ioctl+0xe9/0x130 [ 352.117907] ? blkdev_fallocate+0x3f0/0x3f0 [ 352.122216] do_vfs_ioctl+0xcdb/0x12e0 [ 352.126090] ? lock_downgrade+0x720/0x720 [ 352.130251] ? check_preemption_disabled+0x41/0x280 [ 352.135262] ? ioctl_preallocate+0x200/0x200 [ 352.139660] ? __fget+0x356/0x510 [ 352.143100] ? do_dup2+0x450/0x450 [ 352.146628] ? do_sys_open+0x2bf/0x520 [ 352.150624] ksys_ioctl+0x9b/0xc0 [ 352.154073] __x64_sys_ioctl+0x6f/0xb0 [ 352.157953] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 352.162538] do_syscall_64+0xf9/0x620 [ 352.166345] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.171530] RIP: 0033:0x7f63e5c49fc7 [ 352.175231] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 352.194115] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 352.201808] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 352.209093] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 352.216359] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 352.223612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 352.230863] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 352.241764] erofs: read_super, device -> /dev/loop2 14:49:20 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 352.277749] erofs: options -> 14:49:20 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:20 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 16) [ 352.303939] erofs: read_super, device -> /dev/loop3 [ 352.310013] erofs: options -> [ 352.314184] erofs: root inode @ nid 36 [ 352.315053] erofs: root inode @ nid 36 [ 352.322319] erofs: mounted on /dev/loop3 with opts: . [ 352.336686] erofs: unmounted for /dev/loop4 14:49:20 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 352.350882] erofs: unmounted for /dev/loop3 [ 352.355229] erofs: bogus i_mode (0) @ nid 36 [ 352.461668] erofs: read_super, device -> /dev/loop1 [ 352.469835] erofs: options -> [ 352.481366] erofs: root inode @ nid 36 [ 352.491148] erofs: mounted on /dev/loop1 with opts: . [ 352.498038] erofs: read_super, device -> /dev/loop4 14:49:20 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 352.508220] erofs: read_super, device -> /dev/loop5 [ 352.515948] erofs: options -> [ 352.527733] erofs: options -> [ 352.530939] erofs: root inode @ nid 36 [ 352.531019] erofs: mounted on /dev/loop4 with opts: . [ 352.555638] erofs: read_super, device -> /dev/loop2 14:49:20 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x98030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:20 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 352.571985] erofs: options -> [ 352.581597] erofs: root inode @ nid 36 [ 352.585674] erofs: blksize 1 isn't supported on this platform [ 352.587684] erofs: unmounted for /dev/loop1 [ 352.595180] erofs: bogus i_mode (0) @ nid 36 [ 352.600702] erofs: unmounted for /dev/loop4 [ 352.672532] FAULT_INJECTION: forcing a failure. [ 352.672532] name failslab, interval 1, probability 0, space 0, times 0 [ 352.684976] CPU: 0 PID: 24632 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 352.692872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 352.702219] Call Trace: [ 352.704798] dump_stack+0x1fc/0x2ef [ 352.708418] should_fail.cold+0xa/0xf [ 352.712208] ? setup_fault_attr+0x200/0x200 [ 352.716520] ? lock_acquire+0x170/0x3c0 [ 352.720539] __should_failslab+0x115/0x180 [ 352.724761] should_failslab+0x5/0x10 [ 352.728547] kmem_cache_alloc+0x277/0x370 [ 352.732681] __kernfs_new_node+0xd2/0x680 [ 352.736818] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 352.741562] ? __mutex_unlock_slowpath+0xea/0x610 [ 352.746393] ? wait_for_completion_io+0x10/0x10 [ 352.751049] ? kernfs_next_descendant_post+0x19c/0x290 [ 352.756312] kernfs_new_node+0x92/0x120 [ 352.760381] __kernfs_create_file+0x51/0x340 [ 352.764776] sysfs_add_file_mode_ns+0x226/0x540 [ 352.769436] internal_create_group+0x355/0xb20 [ 352.774003] ? sysfs_remove_link_from_group+0x70/0x70 [ 352.779178] ? lock_downgrade+0x720/0x720 [ 352.783319] lo_ioctl+0xf7c/0x20e0 [ 352.786848] ? loop_set_status64+0x110/0x110 [ 352.791255] blkdev_ioctl+0x5cb/0x1a80 [ 352.795159] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.800509] ? blkpg_ioctl+0x9d0/0x9d0 [ 352.804379] ? mark_held_locks+0xf0/0xf0 [ 352.808432] ? mark_held_locks+0xf0/0xf0 [ 352.812481] ? debug_check_no_obj_freed+0x201/0x490 [ 352.817485] ? lock_downgrade+0x720/0x720 [ 352.821615] block_ioctl+0xe9/0x130 [ 352.825224] ? blkdev_fallocate+0x3f0/0x3f0 [ 352.829530] do_vfs_ioctl+0xcdb/0x12e0 [ 352.833404] ? lock_downgrade+0x720/0x720 [ 352.837547] ? check_preemption_disabled+0x41/0x280 [ 352.842548] ? ioctl_preallocate+0x200/0x200 [ 352.846941] ? __fget+0x356/0x510 [ 352.850380] ? do_dup2+0x450/0x450 [ 352.853905] ? do_sys_open+0x2bf/0x520 [ 352.857782] ksys_ioctl+0x9b/0xc0 [ 352.861220] __x64_sys_ioctl+0x6f/0xb0 [ 352.865094] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 352.869781] do_syscall_64+0xf9/0x620 [ 352.873576] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.878757] RIP: 0033:0x7f63e5c49fc7 [ 352.882460] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 352.901560] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 352.909256] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 352.916518] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:49:20 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = dup2(r0, r1) ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000080)={0x2, 0x0, 0x1}) (async) syz_open_dev$cec(&(0x7f0000000140), 0x2, 0x2) (async) r3 = syz_open_dev$cec(&(0x7f00000000c0), 0xffffffffffffffff, 0x2) r4 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r5 = dup2(r3, r4) ioctl$IOC_PR_PREEMPT(r5, 0x40046109, &(0x7f0000000080)={0x2}) (async) sendmsg$NL80211_CMD_SET_STATION(r5, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async, rerun: 32) r6 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (rerun: 32) write$USERIO_CMD_SET_PORT_TYPE(r6, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r6, &(0x7f0000000040), 0x2) [ 352.923778] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 352.931050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 352.938331] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:21 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 353.022924] erofs: read_super, device -> /dev/loop3 [ 353.027968] erofs: options -> [ 353.054959] erofs: root inode @ nid 36 [ 353.075550] erofs: mounted on /dev/loop3 with opts: . 14:49:21 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 17) [ 353.135104] erofs: read_super, device -> /dev/loop5 [ 353.140521] erofs: read_super, device -> /dev/loop4 [ 353.146145] erofs: options -> [ 353.149680] erofs: unmounted for /dev/loop3 [ 353.152634] erofs: options -> [ 353.158307] erofs: root inode @ nid 36 [ 353.163526] erofs: mounted on /dev/loop4 with opts: . [ 353.163571] erofs: read_super, device -> /dev/loop2 [ 353.169077] erofs: blksize 1 isn't supported on this platform [ 353.181652] erofs: options -> [ 353.185225] erofs: root inode @ nid 36 [ 353.191182] erofs: bogus i_mode (0) @ nid 36 14:49:21 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc0ed0000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:21 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 353.230694] erofs: read_super, device -> /dev/loop1 [ 353.237647] erofs: options -> [ 353.244865] erofs: root inode @ nid 36 [ 353.252922] erofs: mounted on /dev/loop1 with opts: . [ 353.262708] erofs: unmounted for /dev/loop4 14:49:21 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x268b, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 353.322651] FAULT_INJECTION: forcing a failure. [ 353.322651] name failslab, interval 1, probability 0, space 0, times 0 [ 353.336850] erofs: unmounted for /dev/loop1 [ 353.339376] CPU: 0 PID: 24673 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 353.349095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 353.358452] Call Trace: [ 353.361051] dump_stack+0x1fc/0x2ef [ 353.364673] should_fail.cold+0xa/0xf [ 353.368468] ? setup_fault_attr+0x200/0x200 [ 353.372778] ? lock_acquire+0x170/0x3c0 [ 353.376763] __should_failslab+0x115/0x180 [ 353.380996] should_failslab+0x5/0x10 [ 353.384824] kmem_cache_alloc+0x277/0x370 [ 353.388971] __kernfs_new_node+0xd2/0x680 [ 353.393118] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 353.397877] ? __mutex_unlock_slowpath+0xea/0x610 [ 353.402714] ? wait_for_completion_io+0x10/0x10 [ 353.407375] ? kernfs_next_descendant_post+0x19c/0x290 [ 353.412647] kernfs_new_node+0x92/0x120 [ 353.416614] __kernfs_create_file+0x51/0x340 [ 353.421017] sysfs_add_file_mode_ns+0x226/0x540 [ 353.425682] internal_create_group+0x355/0xb20 [ 353.430255] ? sysfs_remove_link_from_group+0x70/0x70 [ 353.435430] ? lock_downgrade+0x720/0x720 [ 353.439579] lo_ioctl+0xf7c/0x20e0 [ 353.443114] ? loop_set_status64+0x110/0x110 [ 353.447512] blkdev_ioctl+0x5cb/0x1a80 [ 353.451390] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 353.456749] ? blkpg_ioctl+0x9d0/0x9d0 [ 353.460623] ? mark_held_locks+0xf0/0xf0 [ 353.464669] ? mark_held_locks+0xf0/0xf0 [ 353.468719] ? debug_check_no_obj_freed+0x201/0x490 [ 353.473727] ? lock_downgrade+0x720/0x720 [ 353.477862] block_ioctl+0xe9/0x130 [ 353.481475] ? blkdev_fallocate+0x3f0/0x3f0 [ 353.485782] do_vfs_ioctl+0xcdb/0x12e0 [ 353.489658] ? lock_downgrade+0x720/0x720 [ 353.493791] ? check_preemption_disabled+0x41/0x280 [ 353.498792] ? ioctl_preallocate+0x200/0x200 [ 353.503196] ? __fget+0x356/0x510 [ 353.506646] ? do_dup2+0x450/0x450 [ 353.510172] ? do_sys_open+0x2bf/0x520 [ 353.514050] ksys_ioctl+0x9b/0xc0 [ 353.517497] __x64_sys_ioctl+0x6f/0xb0 [ 353.521375] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 353.525943] do_syscall_64+0xf9/0x620 [ 353.529733] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 353.534910] RIP: 0033:0x7f63e5c49fc7 [ 353.538616] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 353.557504] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 353.565199] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 353.572454] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 353.579711] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 353.586963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 353.594216] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:21 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 353.643905] erofs: read_super, device -> /dev/loop5 [ 353.646538] erofs: read_super, device -> /dev/loop4 [ 353.649174] erofs: options -> [ 353.655274] erofs: options -> [ 353.663087] erofs: root inode @ nid 36 [ 353.668445] erofs: mounted on /dev/loop4 with opts: . [ 353.675853] erofs: read_super, device -> /dev/loop3 [ 353.686709] erofs: blksize 1 isn't supported on this platform 14:49:21 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf6ffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 353.694320] erofs: options -> [ 353.700901] erofs: unmounted for /dev/loop4 [ 353.704866] erofs: read_super, device -> /dev/loop2 [ 353.710438] erofs: options -> [ 353.713910] erofs: root inode @ nid 36 [ 353.714832] erofs: root inode @ nid 36 [ 353.718164] erofs: bogus i_mode (0) @ nid 36 [ 353.727081] erofs: mounted on /dev/loop3 with opts: . 14:49:21 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = dup2(r0, r1) ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000080)={0x2, 0x0, 0x1}) syz_open_dev$cec(&(0x7f0000000140), 0x2, 0x2) r3 = syz_open_dev$cec(&(0x7f00000000c0), 0xffffffffffffffff, 0x2) r4 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r5 = dup2(r3, r4) ioctl$IOC_PR_PREEMPT(r5, 0x40046109, &(0x7f0000000080)={0x2}) sendmsg$NL80211_CMD_SET_STATION(r5, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r6 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r6, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r6, &(0x7f0000000040), 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) dup2(r0, r1) (async) ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000080)={0x2, 0x0, 0x1}) (async) syz_open_dev$cec(&(0x7f0000000140), 0x2, 0x2) (async) syz_open_dev$cec(&(0x7f00000000c0), 0xffffffffffffffff, 0x2) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) dup2(r3, r4) (async) ioctl$IOC_PR_PREEMPT(r5, 0x40046109, &(0x7f0000000080)={0x2}) (async) sendmsg$NL80211_CMD_SET_STATION(r5, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r6, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r6, &(0x7f0000000040), 0x2) (async) 14:49:21 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x800000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:21 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 18) 14:49:21 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 353.966924] erofs: unmounted for /dev/loop3 [ 354.024674] erofs: read_super, device -> /dev/loop1 [ 354.043418] erofs: read_super, device -> /dev/loop5 [ 354.048766] erofs: options -> [ 354.068436] erofs: options -> [ 354.068854] erofs: read_super, device -> /dev/loop4 [ 354.077415] erofs: options -> [ 354.081169] erofs: read_super, device -> /dev/loop2 [ 354.088592] erofs: blksize 1 isn't supported on this platform [ 354.094624] erofs: root inode @ nid 36 [ 354.095223] erofs: mounted on /dev/loop4 with opts: . [ 354.104960] FAULT_INJECTION: forcing a failure. [ 354.104960] name failslab, interval 1, probability 0, space 0, times 0 [ 354.107160] erofs: root inode @ nid 36 [ 354.123150] erofs: options -> [ 354.126664] erofs: mounted on /dev/loop1 with opts: . [ 354.133663] erofs: root inode @ nid 36 [ 354.137821] erofs: bogus i_mode (0) @ nid 36 [ 354.144408] CPU: 1 PID: 24727 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 354.152301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 354.161644] Call Trace: [ 354.164244] dump_stack+0x1fc/0x2ef [ 354.167869] should_fail.cold+0xa/0xf [ 354.171677] ? setup_fault_attr+0x200/0x200 [ 354.175992] ? lock_acquire+0x170/0x3c0 [ 354.179974] __should_failslab+0x115/0x180 [ 354.184216] should_failslab+0x5/0x10 [ 354.188080] kmem_cache_alloc+0x277/0x370 [ 354.192227] __kernfs_new_node+0xd2/0x680 [ 354.196372] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 354.201124] ? __mutex_unlock_slowpath+0xea/0x610 [ 354.205962] ? wait_for_completion_io+0x10/0x10 [ 354.210616] ? kernfs_next_descendant_post+0x19c/0x290 [ 354.215892] kernfs_new_node+0x92/0x120 [ 354.219869] __kernfs_create_file+0x51/0x340 [ 354.224286] sysfs_add_file_mode_ns+0x226/0x540 [ 354.228960] internal_create_group+0x355/0xb20 [ 354.233530] ? sysfs_remove_link_from_group+0x70/0x70 [ 354.238707] ? lock_downgrade+0x720/0x720 [ 354.242871] lo_ioctl+0xf7c/0x20e0 [ 354.246405] ? loop_set_status64+0x110/0x110 [ 354.250796] blkdev_ioctl+0x5cb/0x1a80 [ 354.254677] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.260035] ? blkpg_ioctl+0x9d0/0x9d0 [ 354.263923] ? mark_held_locks+0xf0/0xf0 [ 354.267974] ? mark_held_locks+0xf0/0xf0 [ 354.272017] ? debug_check_no_obj_freed+0x201/0x490 [ 354.277016] ? lock_downgrade+0x720/0x720 [ 354.281157] block_ioctl+0xe9/0x130 [ 354.284774] ? blkdev_fallocate+0x3f0/0x3f0 [ 354.289080] do_vfs_ioctl+0xcdb/0x12e0 [ 354.292950] ? lock_downgrade+0x720/0x720 [ 354.297079] ? check_preemption_disabled+0x41/0x280 [ 354.302087] ? ioctl_preallocate+0x200/0x200 [ 354.306486] ? __fget+0x356/0x510 [ 354.309933] ? do_dup2+0x450/0x450 [ 354.313461] ? do_sys_open+0x2bf/0x520 [ 354.317340] ksys_ioctl+0x9b/0xc0 [ 354.320786] __x64_sys_ioctl+0x6f/0xb0 [ 354.324680] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 354.329248] do_syscall_64+0xf9/0x620 [ 354.333037] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.338207] RIP: 0033:0x7f63e5c49fc7 [ 354.341911] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 354.360811] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 354.368512] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 14:49:22 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)=@getpolicy={0x50, 0x15, 0x400, 0x70bd2a, 0x25dfdbfe, {{@in=@remote, @in6=@dev={0xfe, 0x80, '\x00', 0x11}, 0x4e21, 0x7, 0x4e23, 0x100, 0x2, 0xa0, 0x80, 0x4, 0x0, 0xffffffffffffffff}, 0x6e6bb7, 0x2}}, 0x50}}, 0x80) 14:49:22 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 354.375763] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 354.383019] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 354.390280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 354.397530] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 354.460820] erofs: read_super, device -> /dev/loop3 14:49:22 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x269a, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:22 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:22 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffff1f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 354.483475] erofs: options -> [ 354.486743] erofs: root inode @ nid 36 [ 354.505640] erofs: unmounted for /dev/loop1 [ 354.529005] erofs: mounted on /dev/loop3 with opts: . [ 354.535711] erofs: unmounted for /dev/loop4 14:49:22 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 19) [ 354.633290] erofs: read_super, device -> /dev/loop2 [ 354.638347] erofs: options -> [ 354.645581] erofs: root inode @ nid 36 [ 354.652313] erofs: bogus i_mode (0) @ nid 36 [ 354.666216] erofs: read_super, device -> /dev/loop1 [ 354.667953] erofs: read_super, device -> /dev/loop5 [ 354.680986] erofs: options -> [ 354.684537] erofs: unmounted for /dev/loop3 [ 354.692346] erofs: options -> [ 354.696544] erofs: blksize 1 isn't supported on this platform [ 354.702812] erofs: root inode @ nid 36 [ 354.707058] erofs: mounted on /dev/loop1 with opts: . 14:49:22 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:22 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:22 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 354.811634] erofs: unmounted for /dev/loop1 [ 354.818630] FAULT_INJECTION: forcing a failure. [ 354.818630] name failslab, interval 1, probability 0, space 0, times 0 [ 354.833427] CPU: 1 PID: 24763 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 354.841319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 354.850679] Call Trace: [ 354.853266] dump_stack+0x1fc/0x2ef [ 354.856894] should_fail.cold+0xa/0xf [ 354.860703] ? setup_fault_attr+0x200/0x200 [ 354.865018] ? lock_acquire+0x170/0x3c0 [ 354.868979] ? dev_uevent_filter+0xd0/0xd0 [ 354.873198] __should_failslab+0x115/0x180 [ 354.877432] should_failslab+0x5/0x10 [ 354.881232] kmem_cache_alloc_trace+0x284/0x380 [ 354.885899] ? dev_uevent_filter+0xd0/0xd0 [ 354.890127] kobject_uevent_env+0x236/0x1480 [ 354.894537] lo_ioctl+0xff9/0x20e0 [ 354.898075] ? loop_set_status64+0x110/0x110 [ 354.902494] blkdev_ioctl+0x5cb/0x1a80 [ 354.906377] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.911722] ? blkpg_ioctl+0x9d0/0x9d0 [ 354.915593] ? mark_held_locks+0xf0/0xf0 [ 354.919648] ? mark_held_locks+0xf0/0xf0 [ 354.923703] ? debug_check_no_obj_freed+0x201/0x490 [ 354.928703] ? lock_downgrade+0x720/0x720 [ 354.932854] block_ioctl+0xe9/0x130 [ 354.936477] ? blkdev_fallocate+0x3f0/0x3f0 [ 354.940793] do_vfs_ioctl+0xcdb/0x12e0 [ 354.944762] ? lock_downgrade+0x720/0x720 [ 354.948903] ? check_preemption_disabled+0x41/0x280 [ 354.953917] ? ioctl_preallocate+0x200/0x200 [ 354.958314] ? __fget+0x356/0x510 [ 354.961764] ? do_dup2+0x450/0x450 [ 354.965304] ? do_sys_open+0x2bf/0x520 [ 354.969178] ksys_ioctl+0x9b/0xc0 [ 354.972621] __x64_sys_ioctl+0x6f/0xb0 [ 354.976492] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 354.981069] do_syscall_64+0xf9/0x620 [ 354.984867] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.990054] RIP: 0033:0x7f63e5c49fc7 [ 354.993768] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 355.012651] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 355.020348] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 355.027610] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 355.034874] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 355.042139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 355.049403] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:23 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)=@getpolicy={0x50, 0x15, 0x400, 0x70bd2a, 0x25dfdbfe, {{@in=@remote, @in6=@dev={0xfe, 0x80, '\x00', 0x11}, 0x4e21, 0x7, 0x4e23, 0x100, 0x2, 0xa0, 0x80, 0x4, 0x0, 0xffffffffffffffff}, 0x6e6bb7, 0x2}}, 0x50}}, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (async) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)=@getpolicy={0x50, 0x15, 0x400, 0x70bd2a, 0x25dfdbfe, {{@in=@remote, @in6=@dev={0xfe, 0x80, '\x00', 0x11}, 0x4e21, 0x7, 0x4e23, 0x100, 0x2, 0xa0, 0x80, 0x4, 0x0, 0xffffffffffffffff}, 0x6e6bb7, 0x2}}, 0x50}}, 0x80) (async) [ 355.068148] erofs: read_super, device -> /dev/loop4 [ 355.080761] erofs: options -> [ 355.089599] erofs: root inode @ nid 36 [ 355.098934] erofs: mounted on /dev/loop4 with opts: . [ 355.137417] erofs: read_super, device -> /dev/loop3 [ 355.166953] erofs: options -> 14:49:23 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff7f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:23 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 20) [ 355.192855] erofs: root inode @ nid 36 [ 355.206443] erofs: unmounted for /dev/loop4 [ 355.210746] erofs: mounted on /dev/loop3 with opts: . [ 355.236655] erofs: unmounted for /dev/loop3 [ 355.306912] erofs: read_super, device -> /dev/loop2 [ 355.312566] erofs: options -> [ 355.318616] erofs: read_super, device -> /dev/loop4 [ 355.325812] erofs: options -> [ 355.330387] erofs: root inode @ nid 36 [ 355.333693] erofs: read_super, device -> /dev/loop1 [ 355.340073] erofs: read_super, device -> /dev/loop5 [ 355.348301] erofs: mounted on /dev/loop4 with opts: . 14:49:23 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff8c, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 355.395291] erofs: options -> [ 355.403557] erofs: unmounted for /dev/loop4 [ 355.405880] erofs: root inode @ nid 36 [ 355.427653] erofs: options -> [ 355.431704] erofs: root inode @ nid 36 [ 355.449268] erofs: blksize 1 isn't supported on this platform [ 355.461106] erofs: bogus i_mode (0) @ nid 36 [ 355.466860] erofs: mounted on /dev/loop1 with opts: . 14:49:23 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xedc0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:23 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:23 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() (async) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (async) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)=@getpolicy={0x50, 0x15, 0x400, 0x70bd2a, 0x25dfdbfe, {{@in=@remote, @in6=@dev={0xfe, 0x80, '\x00', 0x11}, 0x4e21, 0x7, 0x4e23, 0x100, 0x2, 0xa0, 0x80, 0x4, 0x0, 0xffffffffffffffff}, 0x6e6bb7, 0x2}}, 0x50}}, 0x80) [ 355.564162] FAULT_INJECTION: forcing a failure. [ 355.564162] name failslab, interval 1, probability 0, space 0, times 0 [ 355.580547] CPU: 1 PID: 24809 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 355.588465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 355.597801] Call Trace: [ 355.600390] dump_stack+0x1fc/0x2ef [ 355.604010] should_fail.cold+0xa/0xf [ 355.607794] ? setup_fault_attr+0x200/0x200 [ 355.612097] ? lock_acquire+0x170/0x3c0 [ 355.616053] __should_failslab+0x115/0x180 [ 355.620281] should_failslab+0x5/0x10 [ 355.624070] __kmalloc+0x2ab/0x3c0 [ 355.627609] ? kobject_get_path+0xbf/0x240 [ 355.631832] kobject_get_path+0xbf/0x240 [ 355.635877] kobject_uevent_env+0x25c/0x1480 [ 355.640291] lo_ioctl+0xff9/0x20e0 [ 355.643825] ? loop_set_status64+0x110/0x110 [ 355.648219] blkdev_ioctl+0x5cb/0x1a80 [ 355.652091] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 355.657516] ? blkpg_ioctl+0x9d0/0x9d0 [ 355.661398] ? mark_held_locks+0xf0/0xf0 [ 355.665451] ? mark_held_locks+0xf0/0xf0 [ 355.669505] ? debug_check_no_obj_freed+0x201/0x490 [ 355.674527] ? lock_downgrade+0x720/0x720 [ 355.678668] block_ioctl+0xe9/0x130 [ 355.682289] ? blkdev_fallocate+0x3f0/0x3f0 [ 355.686600] do_vfs_ioctl+0xcdb/0x12e0 [ 355.690479] ? lock_downgrade+0x720/0x720 [ 355.694615] ? check_preemption_disabled+0x41/0x280 [ 355.699623] ? ioctl_preallocate+0x200/0x200 [ 355.704025] ? __fget+0x356/0x510 [ 355.707459] ? do_dup2+0x450/0x450 [ 355.710982] ? do_sys_open+0x2bf/0x520 [ 355.714854] ksys_ioctl+0x9b/0xc0 [ 355.718291] __x64_sys_ioctl+0x6f/0xb0 [ 355.722169] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 355.726741] do_syscall_64+0xf9/0x620 [ 355.730528] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 355.735699] RIP: 0033:0x7f63e5c49fc7 [ 355.739400] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:49:23 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 355.758313] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 355.766004] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 355.773257] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 355.780519] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 355.787780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 355.795030] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 355.821777] erofs: unmounted for /dev/loop1 [ 355.862485] erofs: read_super, device -> /dev/loop3 [ 355.867046] erofs: read_super, device -> /dev/loop4 [ 355.875235] erofs: options -> [ 355.882664] erofs: options -> [ 355.883229] erofs: root inode @ nid 36 [ 355.894142] erofs: root inode @ nid 36 [ 355.895922] erofs: mounted on /dev/loop3 with opts: . [ 355.903934] erofs: mounted on /dev/loop4 with opts: . 14:49:23 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffff6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:23 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 21) [ 355.925764] erofs: read_super, device -> /dev/loop2 [ 355.937576] erofs: options -> [ 355.944699] erofs: root inode @ nid 36 [ 355.949318] erofs: unmounted for /dev/loop4 [ 355.959143] erofs: bogus i_mode (0) @ nid 36 [ 355.976479] erofs: unmounted for /dev/loop3 14:49:24 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 356.128716] erofs: read_super, device -> /dev/loop1 [ 356.136937] erofs: read_super, device -> /dev/loop5 [ 356.144636] erofs: options -> [ 356.155171] erofs: blksize 1 isn't supported on this platform [ 356.156011] erofs: options -> [ 356.183474] erofs: root inode @ nid 36 [ 356.198899] erofs: mounted on /dev/loop1 with opts: . [ 356.235473] FAULT_INJECTION: forcing a failure. [ 356.235473] name failslab, interval 1, probability 0, space 0, times 0 [ 356.247435] CPU: 0 PID: 24849 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 356.255306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 356.264644] Call Trace: [ 356.267308] dump_stack+0x1fc/0x2ef [ 356.270924] should_fail.cold+0xa/0xf [ 356.274706] ? setup_fault_attr+0x200/0x200 [ 356.279007] ? lock_acquire+0x170/0x3c0 [ 356.282982] __should_failslab+0x115/0x180 [ 356.287200] should_failslab+0x5/0x10 [ 356.290979] __kmalloc+0x2ab/0x3c0 [ 356.294501] ? kobject_get_path+0xbf/0x240 [ 356.298719] kobject_get_path+0xbf/0x240 [ 356.302771] kobject_uevent_env+0x25c/0x1480 [ 356.307184] lo_ioctl+0xff9/0x20e0 [ 356.310719] ? loop_set_status64+0x110/0x110 [ 356.315109] blkdev_ioctl+0x5cb/0x1a80 [ 356.318978] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 356.324324] ? blkpg_ioctl+0x9d0/0x9d0 [ 356.328192] ? mark_held_locks+0xf0/0xf0 [ 356.332236] ? mark_held_locks+0xf0/0xf0 [ 356.336281] ? debug_check_no_obj_freed+0x201/0x490 [ 356.341280] ? lock_downgrade+0x720/0x720 [ 356.345411] block_ioctl+0xe9/0x130 [ 356.349015] ? blkdev_fallocate+0x3f0/0x3f0 [ 356.353319] do_vfs_ioctl+0xcdb/0x12e0 [ 356.357213] ? lock_downgrade+0x720/0x720 [ 356.361344] ? check_preemption_disabled+0x41/0x280 [ 356.366342] ? ioctl_preallocate+0x200/0x200 [ 356.370732] ? __fget+0x356/0x510 [ 356.374171] ? do_dup2+0x450/0x450 [ 356.377692] ? do_sys_open+0x2bf/0x520 [ 356.381564] ksys_ioctl+0x9b/0xc0 [ 356.384998] __x64_sys_ioctl+0x6f/0xb0 [ 356.388866] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 356.393439] do_syscall_64+0xf9/0x620 [ 356.397226] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 356.402398] RIP: 0033:0x7f63e5c49fc7 [ 356.406101] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 356.424991] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:49:24 executing program 0: ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084503, &(0x7f0000000140)=""/231) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 356.432690] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 356.440027] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 356.447275] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 356.454529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 356.461778] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:24 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff00000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 356.499804] erofs: read_super, device -> /dev/loop3 [ 356.504842] erofs: options -> [ 356.508925] erofs: read_super, device -> /dev/loop2 [ 356.521398] erofs: read_super, device -> /dev/loop4 [ 356.528959] erofs: options -> [ 356.535781] erofs: root inode @ nid 36 14:49:24 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8303, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:24 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 22) [ 356.559588] erofs: root inode @ nid 36 [ 356.574170] erofs: mounted on /dev/loop3 with opts: . [ 356.581014] erofs: options -> [ 356.589126] erofs: unmounted for /dev/loop1 [ 356.600815] erofs: root inode @ nid 36 [ 356.604838] erofs: bogus i_mode (0) @ nid 36 [ 356.614542] erofs: unmounted for /dev/loop3 [ 356.620689] erofs: mounted on /dev/loop4 with opts: . 14:49:24 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xedc000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:24 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1fffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:24 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xe702000000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 356.692132] erofs: unmounted for /dev/loop4 [ 356.697738] erofs: read_super, device -> /dev/loop5 [ 356.704327] erofs: read_super, device -> /dev/loop1 [ 356.715224] erofs: options -> [ 356.725056] erofs: blksize 1 isn't supported on this platform [ 356.727962] erofs: options -> 14:49:24 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 356.767451] erofs: read_super, device -> /dev/loop2 [ 356.772766] erofs: options -> [ 356.777927] erofs: root inode @ nid 36 [ 356.783349] erofs: bogus i_mode (0) @ nid 36 [ 356.788283] erofs: root inode @ nid 36 [ 356.793718] erofs: mounted on /dev/loop1 with opts: . 14:49:24 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8403, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 356.850599] FAULT_INJECTION: forcing a failure. [ 356.850599] name failslab, interval 1, probability 0, space 0, times 0 [ 356.864490] CPU: 1 PID: 24885 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 356.872399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 356.881750] Call Trace: [ 356.884335] dump_stack+0x1fc/0x2ef [ 356.887953] should_fail.cold+0xa/0xf [ 356.891741] ? setup_fault_attr+0x200/0x200 [ 356.896071] ? lock_acquire+0x170/0x3c0 [ 356.900045] __should_failslab+0x115/0x180 [ 356.904320] should_failslab+0x5/0x10 [ 356.908143] kmem_cache_alloc_node_trace+0x244/0x3b0 [ 356.913255] __kmalloc_node_track_caller+0x38/0x70 [ 356.918175] __alloc_skb+0xae/0x560 [ 356.921792] alloc_uevent_skb+0x7b/0x210 [ 356.925839] kobject_uevent_env+0xa90/0x1480 [ 356.930243] lo_ioctl+0xff9/0x20e0 [ 356.933773] ? loop_set_status64+0x110/0x110 [ 356.938173] blkdev_ioctl+0x5cb/0x1a80 [ 356.942053] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 356.947402] ? blkpg_ioctl+0x9d0/0x9d0 [ 356.951284] ? mark_held_locks+0xf0/0xf0 [ 356.955348] ? mark_held_locks+0xf0/0xf0 [ 356.959415] ? debug_check_no_obj_freed+0x201/0x490 [ 356.964515] ? lock_downgrade+0x720/0x720 [ 356.968654] block_ioctl+0xe9/0x130 [ 356.972273] ? blkdev_fallocate+0x3f0/0x3f0 [ 356.976593] do_vfs_ioctl+0xcdb/0x12e0 [ 356.980522] ? lock_downgrade+0x720/0x720 [ 356.984655] ? check_preemption_disabled+0x41/0x280 [ 356.989655] ? ioctl_preallocate+0x200/0x200 [ 356.994053] ? __fget+0x356/0x510 [ 356.997499] ? do_dup2+0x450/0x450 [ 357.001034] ? do_sys_open+0x2bf/0x520 [ 357.004908] ksys_ioctl+0x9b/0xc0 [ 357.008343] __x64_sys_ioctl+0x6f/0xb0 [ 357.012225] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 357.016790] do_syscall_64+0xf9/0x620 [ 357.020576] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.025749] RIP: 0033:0x7f63e5c49fc7 [ 357.029455] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 357.048367] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 357.056066] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 357.063325] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 357.070582] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 357.077833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 357.085184] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:25 executing program 0: ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084503, &(0x7f0000000140)=""/231) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 357.100775] erofs: unmounted for /dev/loop1 [ 357.146833] erofs: read_super, device -> /dev/loop4 [ 357.156280] erofs: options -> [ 357.157486] erofs: read_super, device -> /dev/loop3 [ 357.165209] erofs: options -> [ 357.168785] erofs: root inode @ nid 36 [ 357.174906] erofs: mounted on /dev/loop3 with opts: . [ 357.188308] erofs: read_super, device -> /dev/loop5 [ 357.201595] erofs: root inode @ nid 36 [ 357.205808] erofs: read_super, device -> /dev/loop2 [ 357.215165] erofs: options -> [ 357.216592] erofs: options -> [ 357.223445] erofs: mounted on /dev/loop4 with opts: . [ 357.235961] erofs: root inode @ nid 36 [ 357.248912] erofs: bogus i_mode (0) @ nid 36 14:49:25 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:25 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 23) 14:49:25 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:25 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf6ffffff00000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 357.272461] erofs: blksize 1 isn't supported on this platform [ 357.278492] erofs: unmounted for /dev/loop4 [ 357.297907] erofs: unmounted for /dev/loop3 [ 357.427584] erofs: read_super, device -> /dev/loop1 [ 357.446274] erofs: options -> [ 357.453930] erofs: read_super, device -> /dev/loop4 [ 357.460953] erofs: options -> [ 357.493124] erofs: root inode @ nid 36 [ 357.507773] erofs: root inode @ nid 36 [ 357.511143] erofs: mounted on /dev/loop1 with opts: . [ 357.518828] FAULT_INJECTION: forcing a failure. [ 357.518828] name failslab, interval 1, probability 0, space 0, times 0 [ 357.522826] erofs: mounted on /dev/loop4 with opts: . [ 357.531670] CPU: 0 PID: 24928 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 357.543251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 357.552598] Call Trace: [ 357.555175] dump_stack+0x1fc/0x2ef [ 357.558804] should_fail.cold+0xa/0xf [ 357.562590] ? setup_fault_attr+0x200/0x200 [ 357.566896] ? lock_acquire+0x170/0x3c0 [ 357.570872] __should_failslab+0x115/0x180 [ 357.575105] should_failslab+0x5/0x10 [ 357.578890] kmem_cache_alloc+0x277/0x370 [ 357.583036] skb_clone+0x151/0x3d0 [ 357.586581] netlink_broadcast_filtered+0x8e5/0xbc0 [ 357.591590] netlink_broadcast+0x35/0x40 [ 357.595648] kobject_uevent_env+0xa56/0x1480 [ 357.600065] lo_ioctl+0xff9/0x20e0 [ 357.603618] ? loop_set_status64+0x110/0x110 [ 357.608027] blkdev_ioctl+0x5cb/0x1a80 [ 357.611908] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.617251] ? blkpg_ioctl+0x9d0/0x9d0 [ 357.621135] ? mark_held_locks+0xf0/0xf0 [ 357.625190] ? mark_held_locks+0xf0/0xf0 [ 357.629235] ? debug_check_no_obj_freed+0x201/0x490 [ 357.634240] ? lock_downgrade+0x720/0x720 [ 357.638370] block_ioctl+0xe9/0x130 [ 357.641975] ? blkdev_fallocate+0x3f0/0x3f0 [ 357.646279] do_vfs_ioctl+0xcdb/0x12e0 [ 357.650155] ? lock_downgrade+0x720/0x720 [ 357.654297] ? check_preemption_disabled+0x41/0x280 [ 357.659305] ? ioctl_preallocate+0x200/0x200 [ 357.663699] ? __fget+0x356/0x510 [ 357.667138] ? do_dup2+0x450/0x450 [ 357.670659] ? do_sys_open+0x2bf/0x520 [ 357.674531] ksys_ioctl+0x9b/0xc0 [ 357.677967] __x64_sys_ioctl+0x6f/0xb0 [ 357.681836] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 357.686409] do_syscall_64+0xf9/0x620 [ 357.690214] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.695392] RIP: 0033:0x7f63e5c49fc7 [ 357.699113] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 357.718014] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 357.725715] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 357.732975] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 14:49:25 executing program 0: ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084503, &(0x7f0000000140)=""/231) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 357.740226] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 357.747494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 357.754745] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 357.773712] erofs: read_super, device -> /dev/loop2 [ 357.781959] erofs: options -> [ 357.785315] erofs: root inode @ nid 36 [ 357.795646] erofs: bogus i_mode (0) @ nid 36 [ 357.807599] erofs: read_super, device -> /dev/loop3 [ 357.816669] erofs: read_super, device -> /dev/loop5 [ 357.829733] erofs: options -> [ 357.840231] erofs: blksize 1 isn't supported on this platform 14:49:25 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:25 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 24) 14:49:25 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x100000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:25 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8b26, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:25 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffff1f0000000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 357.846190] erofs: options -> [ 357.849576] erofs: root inode @ nid 36 [ 357.853551] erofs: mounted on /dev/loop3 with opts: . [ 357.911721] erofs: unmounted for /dev/loop4 [ 357.917372] erofs: unmounted for /dev/loop1 [ 357.922891] erofs: unmounted for /dev/loop3 [ 358.079568] erofs: read_super, device -> /dev/loop2 [ 358.084864] erofs: options -> [ 358.088669] erofs: root inode @ nid 36 [ 358.101203] erofs: bogus i_mode (0) @ nid 36 [ 358.109040] erofs: read_super, device -> /dev/loop1 [ 358.127838] FAULT_INJECTION: forcing a failure. [ 358.127838] name failslab, interval 1, probability 0, space 0, times 0 [ 358.139564] CPU: 0 PID: 24961 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 358.147463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 358.153503] erofs: options -> [ 358.156815] Call Trace: [ 358.156838] dump_stack+0x1fc/0x2ef [ 358.156857] should_fail.cold+0xa/0xf [ 358.156875] ? setup_fault_attr+0x200/0x200 [ 358.163741] erofs: root inode @ nid 36 [ 358.166292] ? lock_acquire+0x170/0x3c0 [ 358.166314] __should_failslab+0x115/0x180 [ 358.166331] should_failslab+0x5/0x10 [ 358.170687] erofs: mounted on /dev/loop1 with opts: . [ 358.174432] kmem_cache_alloc_trace+0x284/0x380 [ 358.174449] ? wait_for_completion_io+0x10/0x10 [ 358.174469] ? kobj_ns_initial+0x90/0x90 [ 358.208828] call_usermodehelper_setup+0x84/0x300 [ 358.213681] kobject_uevent_env+0xe83/0x1480 [ 358.218080] lo_ioctl+0xff9/0x20e0 [ 358.221611] ? loop_set_status64+0x110/0x110 [ 358.226015] blkdev_ioctl+0x5cb/0x1a80 [ 358.229886] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 358.235230] ? blkpg_ioctl+0x9d0/0x9d0 [ 358.239103] ? mark_held_locks+0xf0/0xf0 [ 358.243143] ? mark_held_locks+0xf0/0xf0 [ 358.247187] ? debug_check_no_obj_freed+0x201/0x490 [ 358.252184] ? lock_downgrade+0x720/0x720 [ 358.256316] block_ioctl+0xe9/0x130 [ 358.259923] ? blkdev_fallocate+0x3f0/0x3f0 [ 358.264226] do_vfs_ioctl+0xcdb/0x12e0 [ 358.268107] ? lock_downgrade+0x720/0x720 [ 358.272249] ? check_preemption_disabled+0x41/0x280 [ 358.277247] ? ioctl_preallocate+0x200/0x200 [ 358.281638] ? __fget+0x356/0x510 [ 358.285076] ? do_dup2+0x450/0x450 [ 358.288600] ? do_sys_open+0x2bf/0x520 [ 358.292485] ksys_ioctl+0x9b/0xc0 [ 358.295930] __x64_sys_ioctl+0x6f/0xb0 [ 358.299797] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 358.304359] do_syscall_64+0xf9/0x620 [ 358.308147] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 358.313316] RIP: 0033:0x7f63e5c49fc7 14:49:26 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:26 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)={0xdc, 0x0, 0x800, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0xf}, @void, @val={0xc, 0x99, {0x5, 0x3d}}}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'macvlan1\x00'}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}], @NL80211_ATTR_4ADDR={0x5}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "4c3fe73cd3ca2a1d98d14f66c20e0e6d28c930dffd5970c8"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "cc0d03607c2e9ef9a04ab949c0144120e9273613aaf6e962"}], @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ip6gretap0\x00'}]}, 0xdc}, 0x1, 0x0, 0x0, 0x8000000}, 0x20004050) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) sendmsg$NL80211_CMD_NOTIFY_RADAR(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, 0x0, 0x10, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x80000000, 0xa}}}}, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}]}, 0x28}}, 0x8080) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x240000, 0x0) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000080)={0x0, 0x2}, 0x2) sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="080027bd7000fddbdf250900000005002f000100000005002e000100000005002e000000000008003a00ff0f000008000300", @ANYRES32=0x0, @ANYBLOB="25472f5394e371ea39e5d21c3c9f1c6118d13c242a703236a05e1b61e52267304b52376d192d4c79bfaff8f1069956edd6e56ffba00be62ca8f427923a17b6faeb9d9344f68b78e6eb06e3252b40bee1bb3aaa77e0f59dc70fac9a6edf5d1a773c08390792e33ea1b664d33277414dece7729017cd58f978f23cfa55e9586bbcc43fded43d300dab1d5b3e11a8b2357eda56af41f9b6e225750c2f833dec2ae7c0df2f8001"], 0x3c}}, 0x24040844) [ 358.317011] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 358.335892] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 358.343598] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 [ 358.350938] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 358.358190] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 358.365438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 358.372687] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 [ 358.398840] erofs: read_super, device -> /dev/loop5 [ 358.399889] erofs: read_super, device -> /dev/loop3 [ 358.404641] erofs: options -> [ 358.408947] erofs: options -> [ 358.409210] erofs: root inode @ nid 36 [ 358.421859] erofs: mounted on /dev/loop3 with opts: . [ 358.427810] erofs: blksize 1 isn't supported on this platform [ 358.445745] erofs: read_super, device -> /dev/loop4 14:49:26 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 25) 14:49:26 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9a26, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:26 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff7f00000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 358.480315] erofs: options -> [ 358.486928] erofs: unmounted for /dev/loop3 [ 358.496780] erofs: unmounted for /dev/loop1 [ 358.508174] erofs: root inode @ nid 36 [ 358.520477] erofs: read_super, device -> /dev/loop2 14:49:26 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 358.540728] erofs: options -> [ 358.544348] erofs: mounted on /dev/loop4 with opts: . [ 358.556055] erofs: root inode @ nid 36 [ 358.563392] erofs: bogus i_mode (0) @ nid 36 [ 358.591305] erofs: unmounted for /dev/loop4 [ 358.625828] erofs: read_super, device -> /dev/loop1 [ 358.631057] erofs: options -> [ 358.634498] erofs: root inode @ nid 36 [ 358.638620] erofs: mounted on /dev/loop1 with opts: . [ 358.646592] erofs: read_super, device -> /dev/loop5 [ 358.652084] erofs: options -> [ 358.655721] erofs: blksize 1 isn't supported on this platform [ 358.656586] FAULT_INJECTION: forcing a failure. [ 358.656586] name failslab, interval 1, probability 0, space 0, times 0 [ 358.673164] CPU: 1 PID: 24986 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 358.681045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 358.690399] Call Trace: [ 358.692981] dump_stack+0x1fc/0x2ef [ 358.696592] should_fail.cold+0xa/0xf [ 358.700389] ? setup_fault_attr+0x200/0x200 [ 358.704716] ? lock_acquire+0x170/0x3c0 [ 358.708675] __should_failslab+0x115/0x180 [ 358.712909] should_failslab+0x5/0x10 [ 358.716705] kmem_cache_alloc_trace+0x284/0x380 [ 358.721369] ? wait_for_completion_io+0x10/0x10 [ 358.726034] ? kobj_ns_initial+0x90/0x90 [ 358.730088] call_usermodehelper_setup+0x84/0x300 [ 358.734929] kobject_uevent_env+0xe83/0x1480 [ 358.739345] lo_ioctl+0xff9/0x20e0 [ 358.742884] ? loop_set_status64+0x110/0x110 [ 358.747277] blkdev_ioctl+0x5cb/0x1a80 [ 358.751159] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 358.756527] ? blkpg_ioctl+0x9d0/0x9d0 [ 358.760409] ? mark_held_locks+0xf0/0xf0 [ 358.764472] ? mark_held_locks+0xf0/0xf0 [ 358.768528] ? debug_check_no_obj_freed+0x201/0x490 [ 358.773528] ? lock_downgrade+0x720/0x720 [ 358.777665] block_ioctl+0xe9/0x130 [ 358.781276] ? blkdev_fallocate+0x3f0/0x3f0 [ 358.785584] do_vfs_ioctl+0xcdb/0x12e0 [ 358.789472] ? lock_downgrade+0x720/0x720 [ 358.793613] ? check_preemption_disabled+0x41/0x280 [ 358.798610] ? ioctl_preallocate+0x200/0x200 [ 358.803006] ? __fget+0x356/0x510 [ 358.806461] ? do_dup2+0x450/0x450 [ 358.810004] ? do_sys_open+0x2bf/0x520 [ 358.813897] ksys_ioctl+0x9b/0xc0 [ 358.817338] __x64_sys_ioctl+0x6f/0xb0 [ 358.821221] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 358.825796] do_syscall_64+0xf9/0x620 [ 358.829597] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 358.834778] RIP: 0033:0x7f63e5c49fc7 [ 358.838471] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 34 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 358.857364] RSP: 002b:00007f63e45bef28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 358.865065] RAX: ffffffffffffffda RBX: 00007f63e5c93a20 RCX: 00007f63e5c49fc7 14:49:26 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)={0xdc, 0x0, 0x800, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0xf}, @void, @val={0xc, 0x99, {0x5, 0x3d}}}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'macvlan1\x00'}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}], @NL80211_ATTR_4ADDR={0x5}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "4c3fe73cd3ca2a1d98d14f66c20e0e6d28c930dffd5970c8"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "cc0d03607c2e9ef9a04ab949c0144120e9273613aaf6e962"}], @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ip6gretap0\x00'}]}, 0xdc}, 0x1, 0x0, 0x0, 0x8000000}, 0x20004050) (rerun: 64) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64) gettid() r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) sendmsg$NL80211_CMD_NOTIFY_RADAR(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, 0x0, 0x10, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x80000000, 0xa}}}}, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}]}, 0x28}}, 0x8080) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) (async, rerun: 64) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x240000, 0x0) (rerun: 64) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000080)={0x0, 0x2}, 0x2) (async) sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="080027bd7000fddbdf250900000005002f000100000005002e000100000005002e000000000008003a00ff0f000008000300", @ANYRES32=0x0, @ANYBLOB="25472f5394e371ea39e5d21c3c9f1c6118d13c242a703236a05e1b61e52267304b52376d192d4c79bfaff8f1069956edd6e56ffba00be62ca8f427923a17b6faeb9d9344f68b78e6eb06e3252b40bee1bb3aaa77e0f59dc70fac9a6edf5d1a773c08390792e33ea1b664d33277414dece7729017cd58f978f23cfa55e9586bbcc43fded43d300dab1d5b3e11a8b2357eda56af41f9b6e225750c2f833dec2ae7c0df2f8001"], 0x3c}}, 0x24040844) [ 358.872327] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 358.879593] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 358.886861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 358.894159] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003 14:49:26 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:26 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa703, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 358.952602] erofs: read_super, device -> /dev/loop3 [ 358.957669] erofs: options -> 14:49:26 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffffff00000000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 358.996817] erofs: root inode @ nid 36 [ 359.018518] erofs: unmounted for /dev/loop1 [ 359.044729] erofs: mounted on /dev/loop3 with opts: . [ 359.075571] misc userio: Begin command sent, but we're already running [ 359.096939] misc userio: Begin command sent, but we're already running [ 359.108640] misc userio: Begin command sent, but we're already running 14:49:27 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 26) [ 359.132776] erofs: read_super, device -> /dev/loop4 [ 359.137845] erofs: options -> [ 359.163775] erofs: unmounted for /dev/loop3 [ 359.178537] erofs: root inode @ nid 36 [ 359.184217] erofs: read_super, device -> /dev/loop5 [ 359.191879] erofs: read_super, device -> /dev/loop2 [ 359.196671] erofs: mounted on /dev/loop4 with opts: . [ 359.197221] erofs: options -> [ 359.216305] misc userio: Begin command sent, but we're already running [ 359.220697] erofs: options -> 14:49:27 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 359.231495] misc userio: Begin command sent, but we're already running [ 359.233678] erofs: blksize 1 isn't supported on this platform [ 359.255126] erofs: read_super, device -> /dev/loop1 [ 359.279332] erofs: options -> [ 359.288143] erofs: root inode @ nid 36 [ 359.295368] erofs: unmounted for /dev/loop4 [ 359.298568] erofs: root inode @ nid 36 [ 359.308954] erofs: mounted on /dev/loop1 with opts: . [ 359.317246] misc userio: Begin command sent, but we're already running [ 359.326939] erofs: bogus i_mode (0) @ nid 36 [ 359.353619] misc userio: Begin command sent, but we're already running [ 359.373816] misc userio: Begin command sent, but we're already running [ 359.380780] misc userio: Begin command sent, but we're already running [ 359.387640] misc userio: Begin command sent, but we're already running [ 359.395593] misc userio: Begin command sent, but we're already running [ 359.404283] misc userio: Begin command sent, but we're already running [ 359.412721] misc userio: Begin command sent, but we're already running [ 359.417729] FAULT_INJECTION: forcing a failure. [ 359.417729] name failslab, interval 1, probability 0, space 0, times 0 [ 359.432495] misc userio: Begin command sent, but we're already running 14:49:27 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 359.457253] misc userio: Begin command sent, but we're already running [ 359.466428] misc userio: Begin command sent, but we're already running [ 359.474925] misc userio: Begin command sent, but we're already running [ 359.481186] erofs: read_super, device -> /dev/loop4 [ 359.483343] misc userio: Begin command sent, but we're already running [ 359.495128] misc userio: Begin command sent, but we're already running 14:49:27 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:27 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa803, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 359.503467] misc userio: Begin command sent, but we're already running [ 359.518821] misc userio: Begin command sent, but we're already running [ 359.522517] erofs: unmounted for /dev/loop1 [ 359.534038] erofs: options -> [ 359.538850] CPU: 0 PID: 25027 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 359.546737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 359.556085] Call Trace: [ 359.558678] dump_stack+0x1fc/0x2ef [ 359.560510] misc userio: Begin command sent, but we're already running [ 359.562313] should_fail.cold+0xa/0xf [ 359.562332] ? setup_fault_attr+0x200/0x200 [ 359.562355] __should_failslab+0x115/0x180 [ 359.562370] should_failslab+0x5/0x10 [ 359.562385] kmem_cache_alloc+0x277/0x370 [ 359.569534] misc userio: Begin command sent, but we're already running [ 359.572823] ? ext4_sync_fs+0x8d0/0x8d0 [ 359.572845] ext4_alloc_inode+0x1a/0x630 [ 359.572861] ? ext4_sync_fs+0x8d0/0x8d0 [ 359.572874] alloc_inode+0x5d/0x180 [ 359.572888] new_inode+0x1d/0xf0 [ 359.580938] misc userio: Begin command sent, but we're already running [ 359.581416] __ext4_new_inode+0x400/0x5a20 [ 359.585376] misc userio: Begin command sent, but we're already running [ 359.589343] ? putname+0xe1/0x120 [ 359.589356] ? do_mkdirat+0xa0/0x2d0 [ 359.589381] ? ext4_free_inode+0x1780/0x1780 [ 359.589395] ? debug_check_no_obj_freed+0x201/0x490 [ 359.589409] ? __dquot_initialize+0x298/0xb70 [ 359.589427] ? lock_acquire+0x170/0x3c0 [ 359.589444] ? dquot_initialize_needed+0x290/0x290 [ 359.596494] misc userio: Begin command sent, but we're already running [ 359.600049] ? trace_hardirqs_off+0x64/0x200 [ 359.600068] ? common_perm+0x4be/0x800 [ 359.600087] ext4_mkdir+0x396/0xe10 [ 359.600106] ? putname+0xe1/0x120 [ 359.600124] ? ext4_init_dot_dotdot+0x600/0x600 [ 359.600140] ? generic_permission+0x116/0x4d0 [ 359.604617] misc userio: Begin command sent, but we're already running [ 359.608153] ? security_inode_permission+0xc5/0xf0 [ 359.608174] ? inode_permission.part.0+0x10c/0x450 [ 359.608193] vfs_mkdir+0x508/0x7a0 [ 359.608208] do_mkdirat+0x262/0x2d0 [ 359.608222] ? __ia32_sys_mknod+0x120/0x120 [ 359.612183] misc userio: Begin command sent, but we're already running [ 359.615190] ? trace_hardirqs_off_caller+0x6e/0x210 [ 359.615206] ? do_syscall_64+0x21/0x620 [ 359.615223] do_syscall_64+0xf9/0x620 [ 359.615242] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 359.615255] RIP: 0033:0x7f63e5c49317 [ 359.622329] misc userio: Begin command sent, but we're already running [ 359.626291] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 359.626299] RSP: 002b:00007f63e45bef88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 359.626313] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c49317 [ 359.626322] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 359.626331] RBP: 00007f63e45bf1d0 R08: 0000000000000000 R09: 00007f63e45bf1d0 14:49:27 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 27) [ 359.626338] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 359.626346] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 359.638541] erofs: root inode @ nid 36 [ 359.647072] misc userio: Begin command sent, but we're already running [ 359.662270] erofs: mounted on /dev/loop4 with opts: . [ 359.669056] misc userio: Begin command sent, but we're already running [ 359.769764] erofs: read_super, device -> /dev/loop1 [ 359.791062] erofs: read_super, device -> /dev/loop2 14:49:27 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 359.815120] erofs: options -> [ 359.821483] erofs: options -> [ 359.824918] erofs: read_super, device -> /dev/loop5 [ 359.827436] misc userio: Begin command sent, but we're already running [ 359.845804] erofs: unmounted for /dev/loop4 [ 359.848215] erofs: options -> [ 359.857313] erofs: root inode @ nid 36 [ 359.862661] erofs: root inode @ nid 36 [ 359.864512] erofs: bogus i_mode (0) @ nid 36 [ 359.869015] erofs: mounted on /dev/loop1 with opts: . [ 359.891539] misc userio: Begin command sent, but we're already running 14:49:27 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)={0xdc, 0x0, 0x800, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0xf}, @void, @val={0xc, 0x99, {0x5, 0x3d}}}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'macvlan1\x00'}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}], @NL80211_ATTR_4ADDR={0x5}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "4c3fe73cd3ca2a1d98d14f66c20e0e6d28c930dffd5970c8"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "cc0d03607c2e9ef9a04ab949c0144120e9273613aaf6e962"}], @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'ip6gretap0\x00'}]}, 0xdc}, 0x1, 0x0, 0x0, 0x8000000}, 0x20004050) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() (async, rerun: 32) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (rerun: 32) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) sendmsg$NL80211_CMD_NOTIFY_RADAR(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, 0x0, 0x10, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x80000000, 0xa}}}}, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}]}, 0x28}}, 0x8080) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) (async) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x240000, 0x0) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000080)={0x0, 0x2}, 0x2) (async) sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="080027bd7000fddbdf250900000005002f000100000005002e000100000005002e000000000008003a00ff0f000008000300", @ANYRES32=0x0, @ANYBLOB="25472f5394e371ea39e5d21c3c9f1c6118d13c242a703236a05e1b61e52267304b52376d192d4c79bfaff8f1069956edd6e56ffba00be62ca8f427923a17b6faeb9d9344f68b78e6eb06e3252b40bee1bb3aaa77e0f59dc70fac9a6edf5d1a773c08390792e33ea1b664d33277414dece7729017cd58f978f23cfa55e9586bbcc43fded43d300dab1d5b3e11a8b2357eda56af41f9b6e225750c2f833dec2ae7c0df2f8001"], 0x3c}}, 0x24040844) [ 359.911125] erofs: blksize 1 isn't supported on this platform 14:49:27 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:27 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa903, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 359.971849] FAULT_INJECTION: forcing a failure. [ 359.971849] name failslab, interval 1, probability 0, space 0, times 0 [ 360.010780] erofs: unmounted for /dev/loop1 [ 360.024425] CPU: 1 PID: 25054 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 360.032321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 360.041679] Call Trace: [ 360.044274] dump_stack+0x1fc/0x2ef [ 360.047918] should_fail.cold+0xa/0xf [ 360.051736] ? setup_fault_attr+0x200/0x200 [ 360.056071] ? lock_acquire+0x170/0x3c0 [ 360.060065] __should_failslab+0x115/0x180 [ 360.064308] should_failslab+0x5/0x10 [ 360.068112] kmem_cache_alloc+0x277/0x370 [ 360.072273] __d_alloc+0x2b/0xa10 [ 360.075995] d_alloc+0x4a/0x230 [ 360.079317] __lookup_hash+0xc8/0x180 [ 360.083121] filename_create+0x186/0x490 [ 360.087195] ? kern_path_mountpoint+0x40/0x40 [ 360.091695] ? strncpy_from_user+0x2a2/0x350 [ 360.096111] ? getname_flags+0x25b/0x590 [ 360.100179] do_mkdirat+0xa0/0x2d0 [ 360.103722] ? __ia32_sys_mknod+0x120/0x120 [ 360.108048] ? trace_hardirqs_off_caller+0x6e/0x210 [ 360.113087] ? do_syscall_64+0x21/0x620 [ 360.117079] do_syscall_64+0xf9/0x620 [ 360.120894] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.126171] RIP: 0033:0x7f63e5c49317 [ 360.129893] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 360.148798] RSP: 002b:00007f63e45bef88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 360.156516] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c49317 [ 360.163874] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c 14:49:28 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 360.171243] RBP: 00007f63e45bf1d0 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 360.178505] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 360.185773] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 360.221736] erofs: read_super, device -> /dev/loop2 [ 360.226845] erofs: options -> [ 360.234507] erofs: root inode @ nid 36 [ 360.238641] erofs: bogus i_mode (0) @ nid 36 14:49:28 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 28) 14:49:28 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 360.306450] erofs: read_super, device -> /dev/loop4 [ 360.315348] erofs: options -> [ 360.318869] erofs: root inode @ nid 36 [ 360.319740] erofs: read_super, device -> /dev/loop5 [ 360.332643] erofs: mounted on /dev/loop4 with opts: . 14:49:28 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 360.353499] erofs: read_super, device -> /dev/loop1 [ 360.383127] erofs: unmounted for /dev/loop4 [ 360.388278] erofs: options -> [ 360.404430] erofs: blksize 1 isn't supported on this platform [ 360.410729] erofs: options -> [ 360.417696] FAULT_INJECTION: forcing a failure. [ 360.417696] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 360.422336] erofs: root inode @ nid 36 [ 360.429504] CPU: 1 PID: 25097 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 360.429514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 360.429519] Call Trace: [ 360.429541] dump_stack+0x1fc/0x2ef [ 360.429561] should_fail.cold+0xa/0xf [ 360.429584] ? setup_fault_attr+0x200/0x200 [ 360.450346] erofs: mounted on /dev/loop1 with opts: . [ 360.451110] __alloc_pages_nodemask+0x239/0x2890 [ 360.451131] ? __lock_acquire+0x6de/0x3ff0 [ 360.479541] ? get_reg+0x1f0/0x1f0 [ 360.483082] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 360.487907] ? mark_held_locks+0xf0/0xf0 [ 360.491951] ? unwind_next_frame+0xeee/0x1400 [ 360.496429] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 360.502294] ? deref_stack_reg+0x1d0/0x1d0 [ 360.506508] ? __find_get_block+0x9d6/0xde0 [ 360.510810] ? is_bpf_text_address+0xd5/0x1b0 [ 360.515285] cache_grow_begin+0xa4/0x8a0 [ 360.519328] ? setup_fault_attr+0x200/0x200 [ 360.523645] cache_alloc_refill+0x273/0x340 [ 360.527973] kmem_cache_alloc+0x346/0x370 [ 360.532103] ? ext4_sync_fs+0x8d0/0x8d0 [ 360.536061] ext4_alloc_inode+0x1a/0x630 [ 360.540115] ? ext4_sync_fs+0x8d0/0x8d0 [ 360.544068] alloc_inode+0x5d/0x180 [ 360.547761] new_inode+0x1d/0xf0 [ 360.551111] __ext4_new_inode+0x400/0x5a20 [ 360.555330] ? putname+0xe1/0x120 [ 360.558760] ? do_mkdirat+0xa0/0x2d0 [ 360.562480] ? ext4_free_inode+0x1780/0x1780 [ 360.566882] ? debug_check_no_obj_freed+0x201/0x490 [ 360.571897] ? __dquot_initialize+0x298/0xb70 [ 360.576385] ? lock_acquire+0x170/0x3c0 [ 360.580341] ? dquot_initialize_needed+0x290/0x290 [ 360.585274] ? trace_hardirqs_off+0x64/0x200 [ 360.589664] ? common_perm+0x4be/0x800 [ 360.593532] ext4_mkdir+0x396/0xe10 [ 360.597141] ? putname+0xe1/0x120 [ 360.600576] ? ext4_init_dot_dotdot+0x600/0x600 [ 360.605236] ? generic_permission+0x116/0x4d0 [ 360.609720] ? security_inode_permission+0xc5/0xf0 [ 360.614629] ? inode_permission.part.0+0x10c/0x450 [ 360.619538] vfs_mkdir+0x508/0x7a0 [ 360.623058] do_mkdirat+0x262/0x2d0 [ 360.626676] ? __ia32_sys_mknod+0x120/0x120 [ 360.630980] ? trace_hardirqs_off_caller+0x6e/0x210 [ 360.635975] ? do_syscall_64+0x21/0x620 [ 360.639928] do_syscall_64+0xf9/0x620 [ 360.643716] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.648887] RIP: 0033:0x7f63e5c49317 [ 360.652590] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 360.671469] RSP: 002b:00007f63e45bef88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 14:49:28 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, &(0x7f0000000080)={0x2}) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000600)='fd\x00') getdents(r0, &(0x7f0000001040)=""/4096, 0x1000) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000080)=0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x7d, 0xff, 0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8283, 0x1, @perf_config_ext={0x0, 0x9}, 0x20, 0x0, 0x7, 0x4, 0x0, 0xb5, 0x0, 0x0, 0x406}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) perf_event_open(0x0, r1, 0x2, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r4 = dup2(r2, r3) ioctl$IOC_PR_PREEMPT(r4, 0x40046109, &(0x7f0000000080)={0x2}) sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="f4000000", @ANYRES16=0x0, @ANYBLOB="00032abd7000fedbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008a00", @ANYRES32, @ANYBLOB="bf8cdb7546080001007063690011000200303030303a30303a31302e300000000008008b0082c027880265b75d86cbe7a7255f76d9f1f03b12f1385bb1d79168cbeec5dd2f84c310715070d1da04060849fdb348ebb37c52e79ed5be28259f2017acc89a13b8090e0037ce6bab2e9ed5f1dacfb93b32ec52db71eeea98cd7878da8e821bce3e0c5ff105c5de11c60dfb67a0b173c4c9471b20a359d53fff28d34943a798d58b6dbc090e22f8eb69494258e9517fef3bf02abbb70e1dee7b146eae0c076c", @ANYRES32=r1, @ANYBLOB="0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008b00", @ANYRES32=0x0, @ANYBLOB="080001007063690011000200303030303a30303a31302e300000000008008a00", @ANYRES32=r4, @ANYBLOB="080001007063690011000200303030303a30303a31302e300000000008008c0001000000080001007063690011000200303030303a30303a31302e300000000008008c0003000000"], 0xf4}, 0x1, 0x0, 0x0, 0x40800}, 0x40004) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x4) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r5 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r5, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r5, &(0x7f0000000040), 0x2) [ 360.679158] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c49317 [ 360.686410] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 360.693659] RBP: 00007f63e45bf1d0 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 360.700938] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 360.708186] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:28 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xaa03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 360.762885] erofs: read_super, device -> /dev/loop3 [ 360.769171] erofs: options -> [ 360.772992] erofs: root inode @ nid 36 [ 360.777264] erofs: mounted on /dev/loop3 with opts: . 14:49:28 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 29) 14:49:28 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 360.819189] erofs: read_super, device -> /dev/loop2 [ 360.824233] erofs: options -> [ 360.836556] erofs: root inode @ nid 36 [ 360.841435] erofs: read_super, device -> /dev/loop4 [ 360.859793] erofs: unmounted for /dev/loop1 [ 360.859833] erofs: unmounted for /dev/loop3 [ 360.864895] erofs: bogus i_mode (0) @ nid 36 [ 360.885043] erofs: options -> [ 360.897733] erofs: root inode @ nid 36 [ 360.911084] erofs: mounted on /dev/loop4 with opts: . 14:49:29 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x20000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:29 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 361.013791] erofs: read_super, device -> /dev/loop1 [ 361.025991] erofs: read_super, device -> /dev/loop5 [ 361.033179] erofs: options -> [ 361.041368] erofs: root inode @ nid 36 [ 361.046530] erofs: options -> [ 361.051279] erofs: unmounted for /dev/loop4 [ 361.057689] FAULT_INJECTION: forcing a failure. [ 361.057689] name failslab, interval 1, probability 0, space 0, times 0 [ 361.063585] erofs: mounted on /dev/loop1 with opts: . [ 361.075784] erofs: blksize 1 isn't supported on this platform [ 361.113517] CPU: 1 PID: 25126 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 361.121417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 361.130779] Call Trace: [ 361.133382] dump_stack+0x1fc/0x2ef [ 361.137026] should_fail.cold+0xa/0xf [ 361.140840] ? setup_fault_attr+0x200/0x200 [ 361.145169] ? __lock_acquire+0x6de/0x3ff0 [ 361.149404] __should_failslab+0x115/0x180 [ 361.153730] should_failslab+0x5/0x10 [ 361.157510] __kmalloc+0x2ab/0x3c0 [ 361.161031] ? ext4_find_extent+0x9bb/0xc70 [ 361.165338] ext4_find_extent+0x9bb/0xc70 [ 361.169487] ext4_ext_map_blocks+0x1c0/0x7390 [ 361.173985] ? __lock_acquire+0x6de/0x3ff0 [ 361.178219] ? __lock_acquire+0x6de/0x3ff0 [ 361.182452] ? mark_held_locks+0xf0/0xf0 [ 361.186498] ? __ext4_handle_dirty_metadata+0x1e0/0x590 [ 361.192022] ? ext4_find_delalloc_cluster+0x1f0/0x1f0 [ 361.197212] ? mark_held_locks+0xf0/0xf0 [ 361.201268] ? ext4_mark_iloc_dirty+0x1b0d/0x2b30 [ 361.206134] ? ext4_es_lookup_extent+0x375/0xb60 [ 361.210891] ? lock_downgrade+0x720/0x720 [ 361.215026] ? lock_acquire+0x170/0x3c0 [ 361.218992] ? check_preemption_disabled+0x41/0x280 [ 361.224005] ? lock_acquire+0x170/0x3c0 [ 361.227964] ? ext4_map_blocks+0x33e/0x1a50 [ 361.232273] ext4_map_blocks+0xd88/0x1a50 [ 361.236412] ? check_preemption_disabled+0x41/0x280 [ 361.241432] ? ext4_issue_zeroout+0x160/0x160 [ 361.245949] ? __brelse+0x84/0xa0 [ 361.249407] ? __ext4_new_inode+0x2eb/0x5a20 [ 361.253830] ext4_getblk+0xad/0x4f0 [ 361.257451] ? ext4_iomap_begin+0xe00/0xe00 [ 361.261762] ? ext4_free_inode+0x1780/0x1780 [ 361.266154] ? debug_check_no_obj_freed+0x201/0x490 [ 361.271177] ? __dquot_initialize+0x298/0xb70 [ 361.275660] ext4_bread+0x7c/0x210 [ 361.279192] ? ext4_getblk+0x4f0/0x4f0 [ 361.283071] ? dquot_initialize_needed+0x290/0x290 [ 361.287996] ? trace_hardirqs_off+0x64/0x200 [ 361.292409] ext4_append+0x155/0x370 [ 361.296119] ext4_mkdir+0x5bd/0xe10 [ 361.299737] ? ext4_init_dot_dotdot+0x600/0x600 [ 361.304392] ? generic_permission+0x116/0x4d0 [ 361.308871] ? inode_permission.part.0+0x10c/0x450 [ 361.313802] vfs_mkdir+0x508/0x7a0 [ 361.317340] do_mkdirat+0x262/0x2d0 [ 361.320950] ? __ia32_sys_mknod+0x120/0x120 [ 361.325367] ? trace_hardirqs_off_caller+0x6e/0x210 [ 361.330380] ? do_syscall_64+0x21/0x620 [ 361.334344] do_syscall_64+0xf9/0x620 [ 361.338146] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 361.343322] RIP: 0033:0x7f63e5c49317 [ 361.347040] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 361.365943] RSP: 002b:00007f63e45bef88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 361.373658] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c49317 [ 361.380931] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 361.388186] RBP: 00007f63e45bf1d0 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 361.395445] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 361.402706] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:29 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, &(0x7f0000000080)={0x2}) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000600)='fd\x00') getdents(r0, &(0x7f0000001040)=""/4096, 0x1000) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000080)=0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x7d, 0xff, 0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8283, 0x1, @perf_config_ext={0x0, 0x9}, 0x20, 0x0, 0x7, 0x4, 0x0, 0xb5, 0x0, 0x0, 0x406}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) perf_event_open(0x0, r1, 0x2, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r4 = dup2(r2, r3) ioctl$IOC_PR_PREEMPT(r4, 0x40046109, &(0x7f0000000080)={0x2}) sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="f4000000", @ANYRES16=0x0, @ANYBLOB="00032abd7000fedbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008a00", @ANYRES32, @ANYBLOB="bf8cdb7546080001007063690011000200303030303a30303a31302e300000000008008b0082c027880265b75d86cbe7a7255f76d9f1f03b12f1385bb1d79168cbeec5dd2f84c310715070d1da04060849fdb348ebb37c52e79ed5be28259f2017acc89a13b8090e0037ce6bab2e9ed5f1dacfb93b32ec52db71eeea98cd7878da8e821bce3e0c5ff105c5de11c60dfb67a0b173c4c9471b20a359d53fff28d34943a798d58b6dbc090e22f8eb69494258e9517fef3bf02abbb70e1dee7b146eae0c076c", @ANYRES32=r1, @ANYBLOB="0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008b00", @ANYRES32=0x0, @ANYBLOB="080001007063690011000200303030303a30303a31302e300000000008008a00", @ANYRES32=r4, @ANYBLOB="080001007063690011000200303030303a30303a31302e300000000008008c0001000000080001007063690011000200303030303a30303a31302e300000000008008c0003000000"], 0xf4}, 0x1, 0x0, 0x0, 0x40800}, 0x40004) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x4) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r5 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r5, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r5, &(0x7f0000000040), 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, &(0x7f0000000080)={0x2}) (async) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000600)='fd\x00') (async) getdents(r0, &(0x7f0000001040)=""/4096, 0x1000) (async) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000080)) (async) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x7d, 0xff, 0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8283, 0x1, @perf_config_ext={0x0, 0x9}, 0x20, 0x0, 0x7, 0x4, 0x0, 0xb5, 0x0, 0x0, 0x406}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) (async) perf_event_open(0x0, r1, 0x2, 0xffffffffffffffff, 0x0) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) dup2(r2, r3) (async) ioctl$IOC_PR_PREEMPT(r4, 0x40046109, &(0x7f0000000080)={0x2}) (async) sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="f4000000", @ANYRES16=0x0, @ANYBLOB="00032abd7000fedbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008a00", @ANYRES32, @ANYBLOB="bf8cdb7546080001007063690011000200303030303a30303a31302e300000000008008b0082c027880265b75d86cbe7a7255f76d9f1f03b12f1385bb1d79168cbeec5dd2f84c310715070d1da04060849fdb348ebb37c52e79ed5be28259f2017acc89a13b8090e0037ce6bab2e9ed5f1dacfb93b32ec52db71eeea98cd7878da8e821bce3e0c5ff105c5de11c60dfb67a0b173c4c9471b20a359d53fff28d34943a798d58b6dbc090e22f8eb69494258e9517fef3bf02abbb70e1dee7b146eae0c076c", @ANYRES32=r1, @ANYBLOB="0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008b00", @ANYRES32=0x0, @ANYBLOB="080001007063690011000200303030303a30303a31302e300000000008008a00", @ANYRES32=r4, @ANYBLOB="080001007063690011000200303030303a30303a31302e300000000008008c0001000000080001007063690011000200303030303a30303a31302e300000000008008c0003000000"], 0xf4}, 0x1, 0x0, 0x0, 0x40800}, 0x40004) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x4) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r5, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r5, &(0x7f0000000040), 0x2) (async) 14:49:29 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 30) [ 361.425618] erofs: read_super, device -> /dev/loop3 [ 361.432750] erofs: options -> [ 361.436863] erofs: root inode @ nid 36 [ 361.437255] erofs: read_super, device -> /dev/loop2 [ 361.440985] erofs: mounted on /dev/loop3 with opts: . [ 361.450852] erofs: options -> [ 361.457142] erofs: read_super, device -> /dev/loop4 14:49:29 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x10, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:29 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xab03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 361.476260] erofs: unmounted for /dev/loop3 [ 361.488071] erofs: root inode @ nid 36 [ 361.493760] erofs: options -> [ 361.502652] erofs: bogus i_mode (0) @ nid 36 [ 361.507249] erofs: unmounted for /dev/loop1 [ 361.513571] erofs: root inode @ nid 36 [ 361.528633] erofs: mounted on /dev/loop4 with opts: . [ 361.557529] misc userio: Can't change port type on an already running userio instance 14:49:29 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 361.613435] FAULT_INJECTION: forcing a failure. [ 361.613435] name failslab, interval 1, probability 0, space 0, times 0 [ 361.624793] CPU: 0 PID: 25157 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 361.632683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 361.642216] Call Trace: [ 361.644818] dump_stack+0x1fc/0x2ef [ 361.648457] should_fail.cold+0xa/0xf [ 361.652279] ? setup_fault_attr+0x200/0x200 [ 361.656730] ? __es_tree_search.isra.0+0x1af/0x210 14:49:29 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 361.661710] __should_failslab+0x115/0x180 [ 361.666054] should_failslab+0x5/0x10 [ 361.669837] kmem_cache_alloc+0x3f/0x370 [ 361.673894] __es_insert_extent+0x39b/0x13b0 [ 361.678306] ? lock_acquire+0x170/0x3c0 [ 361.682270] ? ext4_es_insert_extent+0x17e/0x5e0 [ 361.687124] ext4_es_insert_extent+0x22e/0x5e0 [ 361.691694] ? lock_downgrade+0x720/0x720 [ 361.695839] ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0 [ 361.701651] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 361.706675] ? ext4_es_find_delayed_extent_range+0x7d9/0x9f0 [ 361.712469] ext4_ext_map_blocks+0x2129/0x7390 [ 361.717040] ? __lock_acquire+0x6de/0x3ff0 [ 361.721262] ? __lock_acquire+0x6de/0x3ff0 [ 361.725504] ? mark_held_locks+0xf0/0xf0 [ 361.729560] ? __ext4_handle_dirty_metadata+0x1e0/0x590 [ 361.734908] ? ext4_find_delalloc_cluster+0x1f0/0x1f0 [ 361.740080] ? mark_held_locks+0xf0/0xf0 [ 361.744126] ? ext4_mark_iloc_dirty+0x1b0d/0x2b30 [ 361.748954] ? ext4_es_lookup_extent+0x375/0xb60 [ 361.753711] ? check_preemption_disabled+0x41/0x280 [ 361.758837] ? lock_acquire+0x170/0x3c0 [ 361.762795] ? ext4_map_blocks+0x33e/0x1a50 [ 361.767105] ext4_map_blocks+0xd88/0x1a50 [ 361.771249] ? check_preemption_disabled+0x41/0x280 [ 361.776252] ? ext4_issue_zeroout+0x160/0x160 [ 361.780751] ? __brelse+0x84/0xa0 [ 361.784194] ? __ext4_new_inode+0x2eb/0x5a20 [ 361.788606] ext4_getblk+0xad/0x4f0 [ 361.792244] ? ext4_iomap_begin+0xe00/0xe00 [ 361.796648] ? ext4_free_inode+0x1780/0x1780 [ 361.801038] ? debug_check_no_obj_freed+0x201/0x490 [ 361.806037] ? __dquot_initialize+0x298/0xb70 [ 361.810515] ext4_bread+0x7c/0x210 [ 361.814040] ? ext4_getblk+0x4f0/0x4f0 [ 361.817933] ? dquot_initialize_needed+0x290/0x290 [ 361.822857] ? trace_hardirqs_off+0x64/0x200 [ 361.827257] ext4_append+0x155/0x370 [ 361.830954] ext4_mkdir+0x5bd/0xe10 [ 361.834570] ? ext4_init_dot_dotdot+0x600/0x600 [ 361.839221] ? generic_permission+0x116/0x4d0 [ 361.843800] ? inode_permission.part.0+0x10c/0x450 [ 361.848804] vfs_mkdir+0x508/0x7a0 [ 361.852326] do_mkdirat+0x262/0x2d0 [ 361.855938] ? __ia32_sys_mknod+0x120/0x120 [ 361.860256] ? trace_hardirqs_off_caller+0x6e/0x210 [ 361.865264] ? do_syscall_64+0x21/0x620 [ 361.869248] do_syscall_64+0xf9/0x620 [ 361.873033] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 361.878204] RIP: 0033:0x7f63e5c49317 [ 361.881909] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 361.900797] RSP: 002b:00007f63e45bef88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 361.908577] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c49317 [ 361.915836] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 361.923090] RBP: 00007f63e45bf1d0 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 361.930360] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 361.937612] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 361.959698] erofs: read_super, device -> /dev/loop5 [ 361.967375] erofs: options -> [ 361.971937] erofs: unmounted for /dev/loop4 [ 361.975361] erofs: blksize 1 isn't supported on this platform [ 362.070017] erofs: read_super, device -> /dev/loop1 [ 362.075066] erofs: options -> [ 362.083050] erofs: root inode @ nid 36 [ 362.087346] erofs: mounted on /dev/loop1 with opts: . [ 362.087725] erofs: read_super, device -> /dev/loop3 [ 362.101241] erofs: options -> [ 362.106362] erofs: root inode @ nid 36 [ 362.111863] erofs: mounted on /dev/loop3 with opts: . 14:49:30 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x14, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 362.119380] erofs: read_super, device -> /dev/loop2 [ 362.124402] erofs: options -> [ 362.127641] erofs: root inode @ nid 36 14:49:30 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, &(0x7f0000000080)={0x2}) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000600)='fd\x00') getdents(r0, &(0x7f0000001040)=""/4096, 0x1000) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000080)=0x0) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x7d, 0xff, 0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8283, 0x1, @perf_config_ext={0x0, 0x9}, 0x20, 0x0, 0x7, 0x4, 0x0, 0xb5, 0x0, 0x0, 0x406}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) (async) perf_event_open(0x0, r1, 0x2, 0xffffffffffffffff, 0x0) (async) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r4 = dup2(r2, r3) ioctl$IOC_PR_PREEMPT(r4, 0x40046109, &(0x7f0000000080)={0x2}) sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="f4000000", @ANYRES16=0x0, @ANYBLOB="00032abd7000fedbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008a00", @ANYRES32, @ANYBLOB="bf8cdb7546080001007063690011000200303030303a30303a31302e300000000008008b0082c027880265b75d86cbe7a7255f76d9f1f03b12f1385bb1d79168cbeec5dd2f84c310715070d1da04060849fdb348ebb37c52e79ed5be28259f2017acc89a13b8090e0037ce6bab2e9ed5f1dacfb93b32ec52db71eeea98cd7878da8e821bce3e0c5ff105c5de11c60dfb67a0b173c4c9471b20a359d53fff28d34943a798d58b6dbc090e22f8eb69494258e9517fef3bf02abbb70e1dee7b146eae0c076c", @ANYRES32=r1, @ANYBLOB="0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008b00", @ANYRES32=0x0, @ANYBLOB="080001007063690011000200303030303a30303a31302e300000000008008a00", @ANYRES32=r4, @ANYBLOB="080001007063690011000200303030303a30303a31302e300000000008008c0001000000080001007063690011000200303030303a30303a31302e300000000008008c0003000000"], 0xf4}, 0x1, 0x0, 0x0, 0x40800}, 0x40004) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x4) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r5 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r5, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r5, &(0x7f0000000040), 0x2) 14:49:30 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 31) [ 362.162585] erofs: bogus i_mode (0) @ nid 36 14:49:30 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xac03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:30 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) recvfrom$packet(0xffffffffffffffff, &(0x7f0000000780)=""/4096, 0x1000, 0x10020, 0x0, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8000000000000000, 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x0, 0x7f, 0x2d, 0x0, 0x0, 0xba, 0x10800, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x7, 0x80000001}, 0xc060, 0x7fff, 0x1ff, 0x9, 0x8, 0xfffffff7, 0x401, 0x0, 0x0, 0x0, 0x30400}, r1, 0x10, r0, 0xa) [ 362.200186] erofs: unmounted for /dev/loop3 [ 362.208306] erofs: unmounted for /dev/loop1 [ 362.259836] erofs: read_super, device -> /dev/loop5 [ 362.264861] erofs: options -> [ 362.268500] erofs: blksize 1 isn't supported on this platform [ 362.293555] erofs: read_super, device -> /dev/loop4 [ 362.298722] erofs: options -> [ 362.306346] erofs: root inode @ nid 36 [ 362.315321] erofs: mounted on /dev/loop4 with opts: . 14:49:30 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x800000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:30 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:30 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x37, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 362.364058] erofs: unmounted for /dev/loop4 [ 362.394513] erofs: read_super, device -> /dev/loop1 [ 362.400851] erofs: options -> [ 362.405554] FAULT_INJECTION: forcing a failure. [ 362.405554] name failslab, interval 1, probability 0, space 0, times 0 [ 362.416986] CPU: 0 PID: 25208 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 362.424884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 362.434327] Call Trace: [ 362.436943] dump_stack+0x1fc/0x2ef [ 362.440585] should_fail.cold+0xa/0xf [ 362.444396] ? setup_fault_attr+0x200/0x200 [ 362.448727] ? __es_tree_search.isra.0+0x1af/0x210 [ 362.453670] __should_failslab+0x115/0x180 [ 362.453843] erofs: root inode @ nid 36 [ 362.457910] should_failslab+0x5/0x10 [ 362.457925] kmem_cache_alloc+0x3f/0x370 [ 362.457943] __es_insert_extent+0x39b/0x13b0 [ 362.457961] ? lock_acquire+0x170/0x3c0 [ 362.457973] ? ext4_es_insert_extent+0x17e/0x5e0 [ 362.457992] ext4_es_insert_extent+0x22e/0x5e0 [ 362.462540] erofs: mounted on /dev/loop1 with opts: . [ 362.465919] ? lock_downgrade+0x720/0x720 [ 362.465937] ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0 [ 362.465959] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 362.465973] ? ext4_es_find_delayed_extent_range+0x7d9/0x9f0 [ 362.465989] ext4_ext_map_blocks+0x2129/0x7390 [ 362.518114] ? __lock_acquire+0x6de/0x3ff0 [ 362.522335] ? __lock_acquire+0x6de/0x3ff0 [ 362.526572] ? mark_held_locks+0xf0/0xf0 [ 362.530628] ? __ext4_handle_dirty_metadata+0x1e0/0x590 [ 362.535983] ? ext4_find_delalloc_cluster+0x1f0/0x1f0 [ 362.541187] ? mark_held_locks+0xf0/0xf0 [ 362.545257] ? ext4_mark_iloc_dirty+0x1b0d/0x2b30 [ 362.550088] ? ext4_es_lookup_extent+0x375/0xb60 [ 362.554836] ? check_preemption_disabled+0x41/0x280 [ 362.559852] ? lock_acquire+0x170/0x3c0 [ 362.563821] ? ext4_map_blocks+0x33e/0x1a50 [ 362.568153] ext4_map_blocks+0xd88/0x1a50 [ 362.572319] ? check_preemption_disabled+0x41/0x280 [ 362.577334] ? ext4_issue_zeroout+0x160/0x160 [ 362.581838] ? __brelse+0x84/0xa0 [ 362.585372] ? __ext4_new_inode+0x2eb/0x5a20 [ 362.589766] ext4_getblk+0xad/0x4f0 [ 362.593380] ? ext4_iomap_begin+0xe00/0xe00 [ 362.597686] ? ext4_free_inode+0x1780/0x1780 [ 362.602075] ? debug_check_no_obj_freed+0x201/0x490 [ 362.607082] ? __dquot_initialize+0x298/0xb70 [ 362.611676] ext4_bread+0x7c/0x210 [ 362.615209] ? ext4_getblk+0x4f0/0x4f0 [ 362.619078] ? dquot_initialize_needed+0x290/0x290 [ 362.623994] ? trace_hardirqs_off+0x64/0x200 [ 362.628388] ext4_append+0x155/0x370 [ 362.632103] ext4_mkdir+0x5bd/0xe10 [ 362.635723] ? ext4_init_dot_dotdot+0x600/0x600 [ 362.640399] ? generic_permission+0x116/0x4d0 [ 362.644904] ? inode_permission.part.0+0x10c/0x450 [ 362.649829] vfs_mkdir+0x508/0x7a0 [ 362.653374] do_mkdirat+0x262/0x2d0 [ 362.657001] ? __ia32_sys_mknod+0x120/0x120 [ 362.661314] ? trace_hardirqs_off_caller+0x6e/0x210 [ 362.666312] ? do_syscall_64+0x21/0x620 [ 362.670279] do_syscall_64+0xf9/0x620 [ 362.674075] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 362.679259] RIP: 0033:0x7f63e5c49317 [ 362.682956] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 362.701839] RSP: 002b:00007f63e45bef88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 362.709526] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c49317 [ 362.716776] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 362.724027] RBP: 00007f63e45bf1d0 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 362.731280] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 362.738548] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:30 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xad03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 362.765840] erofs: read_super, device -> /dev/loop2 [ 362.770679] erofs: read_super, device -> /dev/loop3 [ 362.784980] erofs: options -> [ 362.787186] erofs: read_super, device -> /dev/loop4 [ 362.794131] erofs: root inode @ nid 36 [ 362.797291] erofs: options -> [ 362.798322] erofs: unmounted for /dev/loop1 [ 362.803834] erofs: read_super, device -> /dev/loop5 [ 362.811308] erofs: options -> [ 362.816172] erofs: mounted on /dev/loop3 with opts: . [ 362.818639] erofs: root inode @ nid 36 [ 362.824512] erofs: root inode @ nid 36 [ 362.829666] erofs: options -> [ 362.831272] erofs: bogus i_mode (0) @ nid 36 [ 362.834986] erofs: mounted on /dev/loop4 with opts: . [ 362.837582] erofs: blksize 1 isn't supported on this platform 14:49:30 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:30 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 32) 14:49:30 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2650, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 362.901103] erofs: unmounted for /dev/loop4 [ 362.906898] erofs: unmounted for /dev/loop3 14:49:30 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) recvfrom$packet(0xffffffffffffffff, &(0x7f0000000780)=""/4096, 0x1000, 0x10020, 0x0, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8000000000000000, 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() (async) r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) (async) perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x0, 0x7f, 0x2d, 0x0, 0x0, 0xba, 0x10800, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x7, 0x80000001}, 0xc060, 0x7fff, 0x1ff, 0x9, 0x8, 0xfffffff7, 0x401, 0x0, 0x0, 0x0, 0x30400}, r1, 0x10, r0, 0xa) 14:49:30 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc0ed0000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 362.956800] erofs: read_super, device -> /dev/loop1 [ 362.968888] erofs: options -> [ 362.973250] erofs: root inode @ nid 36 [ 362.982689] erofs: mounted on /dev/loop1 with opts: . 14:49:31 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xae03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 363.048150] erofs: unmounted for /dev/loop1 [ 363.103808] erofs: read_super, device -> /dev/loop4 [ 363.109349] erofs: options -> [ 363.113014] erofs: root inode @ nid 36 [ 363.117330] erofs: mounted on /dev/loop4 with opts: . [ 363.126559] FAULT_INJECTION: forcing a failure. [ 363.126559] name failslab, interval 1, probability 0, space 0, times 0 [ 363.144823] CPU: 0 PID: 25249 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 363.148653] erofs: read_super, device -> /dev/loop2 [ 363.152726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 363.161058] erofs: options -> [ 363.167118] Call Trace: [ 363.167140] dump_stack+0x1fc/0x2ef [ 363.167158] should_fail.cold+0xa/0xf [ 363.180310] ? setup_fault_attr+0x200/0x200 [ 363.184638] ? lock_downgrade+0x720/0x720 [ 363.188793] __should_failslab+0x115/0x180 [ 363.192955] erofs: read_super, device -> /dev/loop5 [ 363.193035] should_failslab+0x5/0x10 [ 363.198229] erofs: read_super, device -> /dev/loop1 [ 363.201818] __kmalloc+0x2ab/0x3c0 [ 363.201832] ? ext4_find_extent+0x9bb/0xc70 [ 363.201848] ext4_find_extent+0x9bb/0xc70 [ 363.201868] ext4_ext_map_blocks+0x1c0/0x7390 [ 363.207982] erofs: options -> [ 363.210399] ? __lock_acquire+0x6de/0x3ff0 [ 363.210421] ? mark_held_locks+0xf0/0xf0 [ 363.210436] ? __ext4_handle_dirty_metadata+0x1e0/0x590 [ 363.210452] ? ext4_find_delalloc_cluster+0x1f0/0x1f0 [ 363.226398] erofs: options -> [ 363.226549] ? mark_held_locks+0xf0/0xf0 [ 363.234410] erofs: cannot find valid erofs superblock [ 363.234811] ? ext4_mark_iloc_dirty+0x1b0d/0x2b30 [ 363.243903] erofs: root inode @ nid 36 [ 363.245508] ? ext4_es_lookup_extent+0x375/0xb60 [ 363.245528] ? ext4_map_blocks+0x59f/0x1a50 [ 363.252374] erofs: mounted on /dev/loop1 with opts: . [ 363.252754] ? lock_acquire+0x170/0x3c0 [ 363.264476] erofs: root inode @ nid 36 [ 363.266656] ? ext4_map_blocks+0x740/0x1a50 [ 363.266679] ext4_map_blocks+0x7a2/0x1a50 [ 363.272978] erofs: bogus i_mode (0) @ nid 36 [ 363.275738] ? check_preemption_disabled+0x41/0x280 [ 363.275756] ? ext4_issue_zeroout+0x160/0x160 [ 363.311079] ? __brelse+0x84/0xa0 [ 363.314517] ? __ext4_new_inode+0x2eb/0x5a20 [ 363.318910] ext4_getblk+0xad/0x4f0 [ 363.322522] ? ext4_iomap_begin+0xe00/0xe00 [ 363.326931] ? ext4_free_inode+0x1780/0x1780 [ 363.331337] ? debug_check_no_obj_freed+0x201/0x490 [ 363.336335] ? __dquot_initialize+0x298/0xb70 [ 363.340830] ext4_bread+0x7c/0x210 [ 363.344353] ? ext4_getblk+0x4f0/0x4f0 [ 363.348222] ? dquot_initialize_needed+0x290/0x290 [ 363.353137] ? trace_hardirqs_off+0x64/0x200 [ 363.357528] ext4_append+0x155/0x370 [ 363.361314] ext4_mkdir+0x5bd/0xe10 [ 363.364925] ? ext4_init_dot_dotdot+0x600/0x600 [ 363.369580] ? generic_permission+0x116/0x4d0 [ 363.374058] ? inode_permission.part.0+0x10c/0x450 [ 363.378970] vfs_mkdir+0x508/0x7a0 [ 363.382504] do_mkdirat+0x262/0x2d0 [ 363.386119] ? __ia32_sys_mknod+0x120/0x120 [ 363.390424] ? trace_hardirqs_off_caller+0x6e/0x210 [ 363.395423] ? do_syscall_64+0x21/0x620 [ 363.399378] do_syscall_64+0xf9/0x620 [ 363.403163] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 363.408340] RIP: 0033:0x7f63e5c49317 [ 363.412035] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 363.430917] RSP: 002b:00007f63e45bef88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 363.438603] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c49317 [ 363.445851] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c 14:49:31 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 363.453101] RBP: 00007f63e45bf1d0 R08: 0000000000000000 R09: 00007f63e45bf1d0 [ 363.460351] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000 [ 363.467600] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:31 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x72dfdcd2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:31 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xaf03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 363.499372] erofs: unmounted for /dev/loop4 [ 363.522371] erofs: unmounted for /dev/loop1 14:49:31 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf6ffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:31 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 33) 14:49:31 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) recvfrom$packet(0xffffffffffffffff, &(0x7f0000000780)=""/4096, 0x1000, 0x10020, 0x0, 0x0) (async, rerun: 64) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8000000000000000, 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) (async) perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x0, 0x7f, 0x2d, 0x0, 0x0, 0xba, 0x10800, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x7, 0x80000001}, 0xc060, 0x7fff, 0x1ff, 0x9, 0x8, 0xfffffff7, 0x401, 0x0, 0x0, 0x0, 0x30400}, r1, 0x10, r0, 0xa) [ 363.684650] erofs: read_super, device -> /dev/loop4 [ 363.703959] erofs: options -> [ 363.736987] erofs: root inode @ nid 36 [ 363.757558] erofs: mounted on /dev/loop4 with opts: . [ 363.775056] erofs: read_super, device -> /dev/loop2 [ 363.780567] FAULT_INJECTION: forcing a failure. [ 363.780567] name failslab, interval 1, probability 0, space 0, times 0 [ 363.791528] erofs: options -> 14:49:31 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6600000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 363.811479] erofs: read_super, device -> /dev/loop1 [ 363.818020] erofs: root inode @ nid 36 [ 363.834164] misc userio: No port type given on /dev/userio [ 363.840523] erofs: unmounted for /dev/loop4 [ 363.875356] erofs: options -> [ 363.879900] CPU: 1 PID: 25290 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 363.887229] erofs: bogus i_mode (0) @ nid 36 [ 363.887797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 363.901547] Call Trace: [ 363.904145] dump_stack+0x1fc/0x2ef [ 363.907789] should_fail.cold+0xa/0xf [ 363.911632] ? setup_fault_attr+0x200/0x200 [ 363.915963] ? lock_acquire+0x170/0x3c0 [ 363.919951] __should_failslab+0x115/0x180 [ 363.924198] should_failslab+0x5/0x10 [ 363.928002] __kmalloc_track_caller+0x2a6/0x3c0 [ 363.932692] ? strndup_user+0x70/0x120 [ 363.936585] ? _copy_from_user+0xd2/0x130 [ 363.940744] memdup_user+0x22/0xb0 [ 363.944293] strndup_user+0x70/0x120 [ 363.948015] ksys_mount+0x6f/0x130 [ 363.951567] __x64_sys_mount+0xba/0x150 [ 363.955550] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 363.960170] do_syscall_64+0xf9/0x620 [ 363.963989] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 363.969184] RIP: 0033:0x7f63e5c4b73a [ 363.972897] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 363.991802] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 363.999703] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 364.006975] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 364.011578] erofs: root inode @ nid 36 [ 364.014354] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 14:49:32 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000000), 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup(r0) clock_gettime(0x0, &(0x7f00000000c0)) sendmsg$can_bcm(r1, &(0x7f0000000200)={&(0x7f0000000080), 0x10, &(0x7f00000001c0)={&(0x7f0000000140)={0x5, 0x26c5d53fe61e27ab, 0x0, {}, {}, {0x4, 0x1, 0x1, 0x1}, 0x1, @can={{0x0, 0x0, 0x1}, 0x4, 0x3, 0x0, 0x0, "b0ed68c52283a665"}}, 0x48}, 0x1, 0x0, 0x0, 0x78c55d82a8ca1e82}, 0x40011) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r4 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r5 = dup2(r3, r4) ioctl$IOC_PR_PREEMPT(r5, 0x40046109, &(0x7f0000000080)={0x2}) clock_gettime(0x0, &(0x7f0000002d40)={0x0, 0x0}) recvmmsg$unix(r5, &(0x7f0000002c80)=[{{&(0x7f0000000240)=@abs, 0x6e, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/150, 0x96}], 0x1, &(0x7f0000000400)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}}, {{&(0x7f0000000480)=@abs, 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000500)=""/30, 0x1e}, {&(0x7f0000000540)=""/92, 0x5c}], 0x2, &(0x7f0000002dc0)=ANY=[@ANYBLOB="38000000000000000100800001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000a920e57c0034000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x160}}, {{&(0x7f0000000600), 0x6e, &(0x7f0000002c00)=[{&(0x7f0000000680)}, {&(0x7f0000000900)=""/183, 0xb7}, {&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/56, 0x38}, {&(0x7f00000019c0)=""/98, 0x62}, {&(0x7f0000001a40)=""/4096, 0x1000}, {&(0x7f0000002a40)=""/204, 0xcc}, {&(0x7f0000002b40)=""/182, 0xb6}], 0x8}}], 0x3, 0x100, &(0x7f0000002d80)={r6, r7+10000000}) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) 14:49:32 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffff1f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 364.014362] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 364.014370] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 364.152264] erofs: read_super, device -> /dev/loop4 [ 364.196829] erofs: options -> [ 364.222071] erofs: root inode @ nid 36 [ 364.231940] erofs: mounted on /dev/loop1 with opts: . [ 364.266890] erofs: mounted on /dev/loop4 with opts: . [ 364.270354] erofs: read_super, device -> /dev/loop2 [ 364.305115] erofs: options -> 14:49:32 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:32 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb003, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 364.316732] erofs: root inode @ nid 36 [ 364.331551] erofs: unmounted for /dev/loop1 [ 364.336242] erofs: unmounted for /dev/loop4 14:49:32 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 34) [ 364.370215] erofs: bogus i_mode (0) @ nid 36 14:49:32 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff7f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:32 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x2, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 364.491085] FAULT_INJECTION: forcing a failure. [ 364.491085] name failslab, interval 1, probability 0, space 0, times 0 [ 364.503103] CPU: 0 PID: 25330 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 364.510998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 364.520350] Call Trace: [ 364.522948] dump_stack+0x1fc/0x2ef [ 364.526587] should_fail.cold+0xa/0xf [ 364.530398] ? setup_fault_attr+0x200/0x200 [ 364.534727] ? lock_acquire+0x170/0x3c0 [ 364.538713] __should_failslab+0x115/0x180 [ 364.542957] should_failslab+0x5/0x10 [ 364.546761] __kmalloc_track_caller+0x2a6/0x3c0 [ 364.551437] ? strndup_user+0x70/0x120 [ 364.555320] ? _copy_from_user+0xd2/0x130 [ 364.559456] memdup_user+0x22/0xb0 [ 364.562980] strndup_user+0x70/0x120 [ 364.566705] ksys_mount+0x6f/0x130 [ 364.570230] __x64_sys_mount+0xba/0x150 [ 364.574186] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 364.578783] do_syscall_64+0xf9/0x620 [ 364.582581] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 364.587763] RIP: 0033:0x7f63e5c4b73a [ 364.591455] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 364.610338] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 364.618040] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 364.625298] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 364.632555] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 14:49:32 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000000), 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup(r0) clock_gettime(0x0, &(0x7f00000000c0)) (async) sendmsg$can_bcm(r1, &(0x7f0000000200)={&(0x7f0000000080), 0x10, &(0x7f00000001c0)={&(0x7f0000000140)={0x5, 0x26c5d53fe61e27ab, 0x0, {}, {}, {0x4, 0x1, 0x1, 0x1}, 0x1, @can={{0x0, 0x0, 0x1}, 0x4, 0x3, 0x0, 0x0, "b0ed68c52283a665"}}, 0x48}, 0x1, 0x0, 0x0, 0x78c55d82a8ca1e82}, 0x40011) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) r4 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r5 = dup2(r3, r4) ioctl$IOC_PR_PREEMPT(r5, 0x40046109, &(0x7f0000000080)={0x2}) (async) clock_gettime(0x0, &(0x7f0000002d40)={0x0, 0x0}) recvmmsg$unix(r5, &(0x7f0000002c80)=[{{&(0x7f0000000240)=@abs, 0x6e, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/150, 0x96}], 0x1, &(0x7f0000000400)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}}, {{&(0x7f0000000480)=@abs, 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000500)=""/30, 0x1e}, {&(0x7f0000000540)=""/92, 0x5c}], 0x2, &(0x7f0000002dc0)=ANY=[@ANYBLOB="38000000000000000100800001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000a920e57c0034000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x160}}, {{&(0x7f0000000600), 0x6e, &(0x7f0000002c00)=[{&(0x7f0000000680)}, {&(0x7f0000000900)=""/183, 0xb7}, {&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/56, 0x38}, {&(0x7f00000019c0)=""/98, 0x62}, {&(0x7f0000001a40)=""/4096, 0x1000}, {&(0x7f0000002a40)=""/204, 0xcc}, {&(0x7f0000002b40)=""/182, 0xb6}], 0x8}}], 0x3, 0x100, &(0x7f0000002d80)={r6, r7+10000000}) (async) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) [ 364.639814] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 364.647065] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 364.686932] erofs: read_super, device -> /dev/loop4 [ 364.708893] erofs: options -> [ 364.712302] erofs: root inode @ nid 36 [ 364.733250] erofs: read_super, device -> /dev/loop5 [ 364.738528] erofs: read_super, device -> /dev/loop2 [ 364.743994] erofs: read_super, device -> /dev/loop1 [ 364.754387] erofs: options -> 14:49:32 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 35) [ 364.757637] erofs: cannot find valid erofs superblock [ 364.774502] erofs: options -> [ 364.777767] erofs: root inode @ nid 36 [ 364.783126] erofs: options -> [ 364.786375] erofs: root inode @ nid 36 [ 364.791227] erofs: mounted on /dev/loop4 with opts: . [ 364.812961] erofs: mounted on /dev/loop1 with opts: . [ 364.819702] erofs: bogus i_mode (0) @ nid 36 14:49:32 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9803000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:32 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x3, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:32 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xb103, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:32 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff8c, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 364.867795] FAULT_INJECTION: forcing a failure. [ 364.867795] name failslab, interval 1, probability 0, space 0, times 0 [ 364.888238] erofs: unmounted for /dev/loop4 [ 364.907614] erofs: unmounted for /dev/loop1 [ 364.923856] CPU: 0 PID: 25359 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 364.931864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 364.941291] Call Trace: [ 364.943869] dump_stack+0x1fc/0x2ef [ 364.947501] should_fail.cold+0xa/0xf [ 364.951292] ? setup_fault_attr+0x200/0x200 [ 364.955697] ? lock_acquire+0x170/0x3c0 [ 364.959664] __should_failslab+0x115/0x180 [ 364.963885] should_failslab+0x5/0x10 [ 364.967668] __kmalloc_track_caller+0x2a6/0x3c0 [ 364.972322] ? strndup_user+0x70/0x120 [ 364.976191] ? _copy_from_user+0xd2/0x130 [ 364.980420] memdup_user+0x22/0xb0 [ 364.983943] strndup_user+0x70/0x120 [ 364.987657] ksys_mount+0x6f/0x130 [ 364.991210] __x64_sys_mount+0xba/0x150 [ 364.995178] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 364.999748] do_syscall_64+0xf9/0x620 [ 365.003534] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 365.008711] RIP: 0033:0x7f63e5c4b73a [ 365.012407] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 365.031311] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 365.039006] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 365.046281] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 365.053538] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 365.060789] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 365.068041] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:33 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 36) [ 365.191329] erofs: read_super, device -> /dev/loop4 [ 365.196515] erofs: options -> [ 365.201728] erofs: root inode @ nid 36 [ 365.209651] erofs: mounted on /dev/loop4 with opts: . 14:49:33 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf6ffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:33 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async, rerun: 32) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (rerun: 32) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000000), 0x10) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup(r0) (async) clock_gettime(0x0, &(0x7f00000000c0)) sendmsg$can_bcm(r1, &(0x7f0000000200)={&(0x7f0000000080), 0x10, &(0x7f00000001c0)={&(0x7f0000000140)={0x5, 0x26c5d53fe61e27ab, 0x0, {}, {}, {0x4, 0x1, 0x1, 0x1}, 0x1, @can={{0x0, 0x0, 0x1}, 0x4, 0x3, 0x0, 0x0, "b0ed68c52283a665"}}, 0x48}, 0x1, 0x0, 0x0, 0x78c55d82a8ca1e82}, 0x40011) (async, rerun: 64) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) r4 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r5 = dup2(r3, r4) ioctl$IOC_PR_PREEMPT(r5, 0x40046109, &(0x7f0000000080)={0x2}) (async) clock_gettime(0x0, &(0x7f0000002d40)={0x0, 0x0}) recvmmsg$unix(r5, &(0x7f0000002c80)=[{{&(0x7f0000000240)=@abs, 0x6e, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/150, 0x96}], 0x1, &(0x7f0000000400)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}}, {{&(0x7f0000000480)=@abs, 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000500)=""/30, 0x1e}, {&(0x7f0000000540)=""/92, 0x5c}], 0x2, &(0x7f0000002dc0)=ANY=[@ANYBLOB="38000000000000000100800001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000a920e57c0034000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x160}}, {{&(0x7f0000000600), 0x6e, &(0x7f0000002c00)=[{&(0x7f0000000680)}, {&(0x7f0000000900)=""/183, 0xb7}, {&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/56, 0x38}, {&(0x7f00000019c0)=""/98, 0x62}, {&(0x7f0000001a40)=""/4096, 0x1000}, {&(0x7f0000002a40)=""/204, 0xcc}, {&(0x7f0000002b40)=""/182, 0xb6}], 0x8}}], 0x3, 0x100, &(0x7f0000002d80)={r6, r7+10000000}) (async, rerun: 64) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) (rerun: 64) [ 365.251466] erofs: read_super, device -> /dev/loop2 [ 365.253893] erofs: read_super, device -> /dev/loop5 [ 365.262459] erofs: unmounted for /dev/loop4 [ 365.262560] erofs: options -> [ 365.272352] erofs: options -> [ 365.285772] erofs: read_super, device -> /dev/loop1 [ 365.293518] erofs: options -> [ 365.296936] erofs: cannot find valid erofs superblock [ 365.297193] erofs: root inode @ nid 36 [ 365.308907] erofs: root inode @ nid 36 [ 365.313456] erofs: bogus i_mode (0) @ nid 36 [ 365.319415] erofs: mounted on /dev/loop1 with opts: . [ 365.330314] misc userio: Begin command sent, but we're already running [ 365.337504] misc userio: Begin command sent, but we're already running [ 365.361196] misc userio: Begin command sent, but we're already running [ 365.370580] misc userio: Begin command sent, but we're already running [ 365.378276] misc userio: Begin command sent, but we're already running [ 365.387443] misc userio: Begin command sent, but we're already running [ 365.396508] misc userio: Begin command sent, but we're already running 14:49:33 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xedc0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 365.414111] FAULT_INJECTION: forcing a failure. [ 365.414111] name failslab, interval 1, probability 0, space 0, times 0 [ 365.425434] misc userio: Begin command sent, but we're already running [ 365.448940] erofs: read_super, device -> /dev/loop4 [ 365.454782] CPU: 0 PID: 25394 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 365.462680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 365.472030] Call Trace: [ 365.474633] dump_stack+0x1fc/0x2ef [ 365.478271] should_fail.cold+0xa/0xf [ 365.482068] ? setup_fault_attr+0x200/0x200 [ 365.486378] ? lock_acquire+0x170/0x3c0 [ 365.490349] __should_failslab+0x115/0x180 [ 365.494576] should_failslab+0x5/0x10 [ 365.498363] kmem_cache_alloc_trace+0x284/0x380 [ 365.503019] ? _copy_from_user+0xd2/0x130 [ 365.507195] copy_mount_options+0x59/0x380 [ 365.511422] ksys_mount+0x9b/0x130 [ 365.514951] __x64_sys_mount+0xba/0x150 [ 365.518914] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 365.523484] do_syscall_64+0xf9/0x620 [ 365.527274] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 365.532451] RIP: 0033:0x7f63e5c4b73a [ 365.536155] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 365.555040] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 14:49:33 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x5, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:33 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffff6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 365.562734] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 365.570005] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 365.577261] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 365.584516] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 365.591770] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 365.599324] erofs: unmounted for /dev/loop1 [ 365.615429] misc userio: Begin command sent, but we're already running [ 365.627884] erofs: options -> [ 365.643565] erofs: root inode @ nid 36 [ 365.648907] misc userio: Begin command sent, but we're already running [ 365.662574] erofs: read_super, device -> /dev/loop5 [ 365.667809] erofs: mounted on /dev/loop4 with opts: . [ 365.676061] erofs: options -> [ 365.676915] misc userio: Begin command sent, but we're already running [ 365.684878] erofs: blksize 1 isn't supported on this platform [ 365.704952] misc userio: Begin command sent, but we're already running [ 365.713773] misc userio: Begin command sent, but we're already running [ 365.721085] misc userio: Begin command sent, but we're already running [ 365.727889] misc userio: Begin command sent, but we're already running [ 365.735256] misc userio: Begin command sent, but we're already running [ 365.741924] erofs: read_super, device -> /dev/loop1 [ 365.741932] erofs: options -> [ 365.750430] misc userio: Begin command sent, but we're already running [ 365.757180] misc userio: Begin command sent, but we're already running 14:49:33 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffff1f0000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 365.759062] erofs: root inode @ nid 36 [ 365.763972] misc userio: Begin command sent, but we're already running [ 365.774715] misc userio: Begin command sent, but we're already running [ 365.774720] erofs: mounted on /dev/loop1 with opts: . [ 365.786710] misc userio: Begin command sent, but we're already running [ 365.793681] misc userio: Begin command sent, but we're already running [ 365.800534] misc userio: Begin command sent, but we're already running [ 365.807288] misc userio: Begin command sent, but we're already running 14:49:33 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x6, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 365.814160] erofs: unmounted for /dev/loop4 [ 365.814477] misc userio: Begin command sent, but we're already running [ 365.825269] misc userio: Begin command sent, but we're already running [ 365.832075] misc userio: Begin command sent, but we're already running [ 365.838907] misc userio: Begin command sent, but we're already running [ 365.845653] misc userio: Begin command sent, but we're already running [ 365.852884] misc userio: Begin command sent, but we're already running 14:49:33 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xff0f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:33 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 37) [ 365.885032] misc userio: Begin command sent, but we're already running [ 365.892177] erofs: unmounted for /dev/loop1 [ 365.894210] misc userio: Begin command sent, but we're already running [ 365.904809] misc userio: Begin command sent, but we're already running [ 365.913691] erofs: read_super, device -> /dev/loop2 [ 365.918382] misc userio: Begin command sent, but we're already running [ 365.933333] erofs: options -> [ 365.934264] misc userio: Begin command sent, but we're already running [ 365.943834] misc userio: Begin command sent, but we're already running [ 365.945776] erofs: root inode @ nid 36 [ 365.954798] misc userio: Begin command sent, but we're already running [ 365.955123] erofs: bogus i_mode (0) @ nid 36 [ 365.965662] misc userio: Begin command sent, but we're already running [ 365.973737] misc userio: Begin command sent, but we're already running [ 365.996887] misc userio: Begin command sent, but we're already running [ 366.028192] misc userio: Begin command sent, but we're already running 14:49:34 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xedc000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 366.101545] misc userio: Begin command sent, but we're already running [ 366.115957] erofs: read_super, device -> /dev/loop5 [ 366.138173] erofs: read_super, device -> /dev/loop1 [ 366.145044] misc userio: Begin command sent, but we're already running 14:49:34 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)=0x0) sendmsg$nl_route(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@RTM_NEWNSID={0x1c, 0x58, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@NETNSA_PID={0x8, 0x2, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20040800) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r5 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r5, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r5, &(0x7f0000000040), 0x2) [ 366.147808] erofs: options -> [ 366.153190] erofs: options -> [ 366.169396] erofs: root inode @ nid 36 [ 366.175906] erofs: blksize 1 isn't supported on this platform [ 366.185399] erofs: mounted on /dev/loop1 with opts: . [ 366.211390] FAULT_INJECTION: forcing a failure. [ 366.211390] name failslab, interval 1, probability 0, space 0, times 0 [ 366.227460] erofs: read_super, device -> /dev/loop4 14:49:34 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 366.268137] erofs: options -> [ 366.272593] erofs: unmounted for /dev/loop1 [ 366.278799] erofs: root inode @ nid 36 [ 366.298843] CPU: 0 PID: 25435 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 366.306745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 366.313691] erofs: mounted on /dev/loop4 with opts: . [ 366.316094] Call Trace: [ 366.316119] dump_stack+0x1fc/0x2ef [ 366.316139] should_fail.cold+0xa/0xf [ 366.316159] ? setup_fault_attr+0x200/0x200 [ 366.335615] ? lock_acquire+0x170/0x3c0 [ 366.339595] __should_failslab+0x115/0x180 [ 366.343817] should_failslab+0x5/0x10 [ 366.347613] kmem_cache_alloc+0x277/0x370 [ 366.351756] getname_flags+0xce/0x590 [ 366.355547] user_path_at_empty+0x2a/0x50 [ 366.359690] do_mount+0x147/0x2f50 [ 366.363225] ? cmp_ex_sort+0xc0/0xc0 [ 366.366922] ? __do_page_fault+0x180/0xd60 [ 366.371141] ? copy_mount_string+0x40/0x40 [ 366.375380] ? memset+0x20/0x40 [ 366.378640] ? copy_mount_options+0x26f/0x380 [ 366.383117] ksys_mount+0xcf/0x130 [ 366.386641] __x64_sys_mount+0xba/0x150 [ 366.390602] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 366.395289] do_syscall_64+0xf9/0x620 [ 366.399089] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 366.404258] RIP: 0033:0x7f63e5c4b73a [ 366.407951] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 366.426851] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 366.434545] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 366.441815] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 366.449076] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 366.456327] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 14:49:34 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff7f00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 366.463581] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 366.483670] erofs: read_super, device -> /dev/loop2 [ 366.488816] erofs: options -> [ 366.492203] erofs: root inode @ nid 36 [ 366.496230] erofs: bogus i_mode (0) @ nid 36 [ 366.526113] erofs: unmounted for /dev/loop4 14:49:34 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:34 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x7, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:34 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 38) [ 366.659417] erofs: read_super, device -> /dev/loop1 [ 366.677894] erofs: options -> [ 366.698523] erofs: root inode @ nid 36 14:49:34 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) (async) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)=0x0) sendmsg$nl_route(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@RTM_NEWNSID={0x1c, 0x58, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@NETNSA_PID={0x8, 0x2, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20040800) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r5 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r5, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r5, &(0x7f0000000040), 0x2) [ 366.705028] erofs: mounted on /dev/loop1 with opts: . [ 366.732990] FAULT_INJECTION: forcing a failure. [ 366.732990] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 366.744816] CPU: 1 PID: 25473 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 366.748470] erofs: read_super, device -> /dev/loop4 [ 366.752720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 366.752727] Call Trace: [ 366.752750] dump_stack+0x1fc/0x2ef [ 366.752770] should_fail.cold+0xa/0xf [ 366.752790] ? setup_fault_attr+0x200/0x200 [ 366.766795] erofs: options -> [ 366.767148] ? is_bpf_text_address+0xfc/0x1b0 [ 366.785485] erofs: root inode @ nid 36 [ 366.789098] ? kernel_text_address+0xbd/0xf0 [ 366.789115] ? __kernel_text_address+0x9/0x30 [ 366.789134] __alloc_pages_nodemask+0x239/0x2890 [ 366.789159] ? __lock_acquire+0x6de/0x3ff0 [ 366.789178] ? __x64_sys_mount+0xba/0x150 [ 366.789193] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 366.789205] ? ext4_mkdir+0x82b/0xe10 [ 366.789219] ? mark_held_locks+0xf0/0xf0 [ 366.789236] ? mark_held_locks+0xf0/0xf0 14:49:34 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x100000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 366.789252] ? list_lru_add+0x292/0x600 [ 366.812603] erofs: mounted on /dev/loop4 with opts: . [ 366.815151] ? mntput_no_expire+0xf2/0xa30 [ 366.815172] cache_grow_begin+0xa4/0x8a0 [ 366.815189] ? setup_fault_attr+0x200/0x200 [ 366.815206] ? lock_acquire+0x170/0x3c0 [ 366.828761] erofs: read_super, device -> /dev/loop2 [ 366.832003] cache_alloc_refill+0x273/0x340 [ 366.835953] erofs: options -> [ 366.841140] kmem_cache_alloc_trace+0x354/0x380 [ 366.841158] copy_mount_options+0x59/0x380 [ 366.841176] ksys_mount+0x9b/0x130 [ 366.841191] __x64_sys_mount+0xba/0x150 [ 366.841207] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 366.841221] do_syscall_64+0xf9/0x620 [ 366.841239] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 366.841250] RIP: 0033:0x7f63e5c4b73a [ 366.841264] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 366.877287] erofs: read_super, device -> /dev/loop5 14:49:34 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 366.879150] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 366.879165] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 366.879174] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 366.879183] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 366.879191] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 366.879199] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 366.909662] erofs: root inode @ nid 36 [ 366.924745] erofs: unmounted for /dev/loop1 [ 366.965899] erofs: unmounted for /dev/loop4 [ 366.997613] erofs: bogus i_mode (0) @ nid 36 [ 367.005369] erofs: options -> [ 367.009438] erofs: blksize 1 isn't supported on this platform [ 367.022736] erofs: read_super, device -> /dev/loop3 [ 367.027761] erofs: options -> 14:49:35 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x12, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 367.048990] erofs: root inode @ nid 36 [ 367.054480] erofs: mounted on /dev/loop3 with opts: . 14:49:35 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x100000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:35 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 39) [ 367.152188] erofs: read_super, device -> /dev/loop5 [ 367.154141] erofs: read_super, device -> /dev/loop1 [ 367.157264] erofs: options -> [ 367.175731] erofs: options -> [ 367.195208] erofs: root inode @ nid 36 [ 367.201281] erofs: unmounted for /dev/loop3 [ 367.211373] erofs: blksize 1 isn't supported on this platform [ 367.222027] erofs: mounted on /dev/loop1 with opts: . [ 367.274085] erofs: read_super, device -> /dev/loop4 [ 367.287118] FAULT_INJECTION: forcing a failure. [ 367.287118] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 367.298827] erofs: options -> [ 367.298952] CPU: 0 PID: 25516 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 367.307538] erofs: root inode @ nid 36 [ 367.310021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 367.310026] Call Trace: [ 367.310047] dump_stack+0x1fc/0x2ef [ 367.310067] should_fail.cold+0xa/0xf [ 367.310084] ? setup_fault_attr+0x200/0x200 [ 367.310098] ? is_bpf_text_address+0xfc/0x1b0 [ 367.310114] ? kernel_text_address+0xbd/0xf0 [ 367.310131] ? __kernel_text_address+0x9/0x30 [ 367.319636] erofs: mounted on /dev/loop4 with opts: . [ 367.323381] __alloc_pages_nodemask+0x239/0x2890 [ 367.323408] ? __lock_acquire+0x6de/0x3ff0 [ 367.323427] ? __x64_sys_mount+0xba/0x150 [ 367.323443] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 367.374187] ? ext4_mkdir+0x82b/0xe10 [ 367.377998] ? mark_held_locks+0xf0/0xf0 [ 367.382073] ? mark_held_locks+0xf0/0xf0 [ 367.386146] ? list_lru_add+0x292/0x600 [ 367.390136] ? mntput_no_expire+0xf2/0xa30 [ 367.394350] erofs: read_super, device -> /dev/loop2 [ 367.394378] cache_grow_begin+0xa4/0x8a0 [ 367.403436] ? setup_fault_attr+0x200/0x200 [ 367.407770] ? lock_acquire+0x170/0x3c0 [ 367.407918] erofs: options -> [ 367.411751] cache_alloc_refill+0x273/0x340 [ 367.411773] kmem_cache_alloc_trace+0x354/0x380 [ 367.411793] copy_mount_options+0x59/0x380 [ 367.411812] ksys_mount+0x9b/0x130 [ 367.411831] __x64_sys_mount+0xba/0x150 [ 367.427601] erofs: root inode @ nid 36 [ 367.428189] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 367.444115] do_syscall_64+0xf9/0x620 [ 367.445138] erofs: bogus i_mode (0) @ nid 36 [ 367.447921] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 367.447934] RIP: 0033:0x7f63e5c4b73a [ 367.447948] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 367.447958] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 367.487787] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 367.495045] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 367.502300] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 367.509554] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 367.516808] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:35 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:35 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1fffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:35 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x14, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:35 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r3 = dup2(r1, r2) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)=0x0) sendmsg$nl_route(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@RTM_NEWNSID={0x1c, 0x58, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@NETNSA_PID={0x8, 0x2, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20040800) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r5 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r5, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r5, &(0x7f0000000040), 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) dup2(r1, r2) (async) ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000080)={0x2}) (async) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)) (async) sendmsg$nl_route(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@RTM_NEWNSID={0x1c, 0x58, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@NETNSA_PID={0x8, 0x2, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20040800) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r5, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r5, &(0x7f0000000040), 0x2) (async) [ 367.528552] erofs: unmounted for /dev/loop1 [ 367.534928] erofs: read_super, device -> /dev/loop3 [ 367.556352] erofs: options -> [ 367.560246] erofs: root inode @ nid 36 [ 367.574175] erofs: unmounted for /dev/loop4 14:49:35 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 367.576615] erofs: mounted on /dev/loop3 with opts: . [ 367.696404] erofs: read_super, device -> /dev/loop5 [ 367.706521] erofs: read_super, device -> /dev/loop1 [ 367.717270] erofs: options -> 14:49:35 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 40) [ 367.738664] erofs: root inode @ nid 36 [ 367.742633] erofs: options -> [ 367.752545] erofs: blksize 1 isn't supported on this platform [ 367.762074] erofs: mounted on /dev/loop1 with opts: . [ 367.770961] erofs: unmounted for /dev/loop3 14:49:35 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:35 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x37, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 367.867288] erofs: read_super, device -> /dev/loop4 [ 367.874522] erofs: read_super, device -> /dev/loop2 [ 367.888985] erofs: options -> [ 367.899987] erofs: options -> [ 367.904433] erofs: cannot read erofs superblock [ 367.911658] erofs: unmounted for /dev/loop1 14:49:35 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 367.916000] erofs: root inode @ nid 36 [ 367.916046] erofs: bogus i_mode (0) @ nid 36 14:49:35 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:35 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_config_ext, 0x0, 0x0, 0x6f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) prctl$PR_SCHED_CORE(0x3e, 0x2, r0, 0x0, &(0x7f0000000080)) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) [ 367.983559] FAULT_INJECTION: forcing a failure. [ 367.983559] name failslab, interval 1, probability 0, space 0, times 0 [ 368.015044] erofs: read_super, device -> /dev/loop5 [ 368.023156] erofs: options -> [ 368.030737] CPU: 0 PID: 25572 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 368.038662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 368.048127] Call Trace: [ 368.050727] dump_stack+0x1fc/0x2ef [ 368.054365] should_fail.cold+0xa/0xf [ 368.058171] ? setup_fault_attr+0x200/0x200 [ 368.062499] ? lock_acquire+0x170/0x3c0 [ 368.066487] __should_failslab+0x115/0x180 [ 368.070728] should_failslab+0x5/0x10 [ 368.074532] kmem_cache_alloc+0x277/0x370 [ 368.078693] getname_kernel+0x4e/0x370 [ 368.082584] kern_path+0x1b/0x40 [ 368.085958] lookup_bdev+0xfc/0x220 [ 368.089778] ? bd_acquire+0x440/0x440 [ 368.093602] blkdev_get_by_path+0x1b/0xd0 [ 368.097764] mount_bdev+0x5b/0x3b0 [ 368.101313] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 368.106601] erofs_mount+0x8c/0xc0 [ 368.110152] ? erofs_kill_sb+0x20/0x20 [ 368.114050] ? alloc_pages_current+0x19b/0x2a0 [ 368.118639] ? __lockdep_init_map+0x100/0x5a0 [ 368.123146] mount_fs+0xa3/0x310 [ 368.124051] erofs: blksize 1 isn't supported on this platform [ 368.126521] vfs_kern_mount.part.0+0x68/0x470 [ 368.126567] do_mount+0x115c/0x2f50 [ 368.126585] ? cmp_ex_sort+0xc0/0xc0 [ 368.144275] ? __do_page_fault+0x180/0xd60 [ 368.148511] ? copy_mount_string+0x40/0x40 [ 368.152760] ? memset+0x20/0x40 [ 368.156038] ? copy_mount_options+0x26f/0x380 [ 368.160531] ksys_mount+0xcf/0x130 [ 368.164060] __x64_sys_mount+0xba/0x150 [ 368.168018] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 368.172680] do_syscall_64+0xf9/0x620 [ 368.176473] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 368.181652] RIP: 0033:0x7f63e5c4b73a [ 368.185358] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 368.204278] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 368.212011] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 368.219271] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 368.226564] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 368.233833] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 368.241094] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:36 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x104, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 368.339114] erofs: read_super, device -> /dev/loop1 [ 368.344160] erofs: options -> [ 368.347618] erofs: read_super, device -> /dev/loop2 [ 368.354417] erofs: options -> [ 368.355312] erofs: read_super, device -> /dev/loop4 [ 368.359430] erofs: root inode @ nid 36 [ 368.370796] erofs: options -> 14:49:36 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 41) [ 368.392348] erofs: bogus i_mode (0) @ nid 36 [ 368.394584] erofs: root inode @ nid 36 [ 368.407171] erofs: root inode @ nid 36 [ 368.418371] erofs: mounted on /dev/loop4 with opts: . [ 368.421008] erofs: mounted on /dev/loop1 with opts: . 14:49:36 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_config_ext, 0x0, 0x0, 0x6f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) prctl$PR_SCHED_CORE(0x3e, 0x2, r0, 0x0, &(0x7f0000000080)) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) 14:49:36 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 368.460970] FAULT_INJECTION: forcing a failure. [ 368.460970] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 368.488929] CPU: 1 PID: 25604 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 368.490925] erofs: read_super, device -> /dev/loop5 [ 368.496923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 368.496929] Call Trace: [ 368.496951] dump_stack+0x1fc/0x2ef [ 368.496975] should_fail.cold+0xa/0xf [ 368.502947] erofs: unmounted for /dev/loop4 [ 368.511346] ? lock_acquire+0x170/0x3c0 [ 368.511363] ? setup_fault_attr+0x200/0x200 [ 368.511390] __alloc_pages_nodemask+0x239/0x2890 [ 368.511403] ? lock_acquire+0x170/0x3c0 [ 368.511416] ? pcpu_alloc+0x91f/0x1190 [ 368.511429] ? mark_held_locks+0xf0/0xf0 [ 368.511445] ? pcpu_alloc+0xe78/0x1190 [ 368.554573] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 368.559422] ? check_preemption_disabled+0x41/0x280 [ 368.564434] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 368.569438] ? pcpu_alloc+0xc9/0x1190 [ 368.573231] alloc_pages_current+0x193/0x2a0 [ 368.577626] ? __lockdep_init_map+0x100/0x5a0 [ 368.582108] get_zeroed_page+0x10/0x40 [ 368.585980] mount_fs+0x203/0x310 [ 368.589426] vfs_kern_mount.part.0+0x68/0x470 [ 368.593910] do_mount+0x115c/0x2f50 [ 368.597545] ? cmp_ex_sort+0xc0/0xc0 [ 368.601260] ? __do_page_fault+0x180/0xd60 [ 368.605487] ? copy_mount_string+0x40/0x40 [ 368.609714] ? memset+0x20/0x40 [ 368.612981] ? copy_mount_options+0x26f/0x380 [ 368.617466] ksys_mount+0xcf/0x130 [ 368.620996] __x64_sys_mount+0xba/0x150 [ 368.624958] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 368.629528] do_syscall_64+0xf9/0x620 [ 368.633321] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 368.638497] RIP: 0033:0x7f63e5c4b73a [ 368.642211] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:49:36 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:36 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 368.661098] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 368.668906] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 368.676173] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 368.683449] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 368.690719] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 368.697979] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 368.708583] erofs: unmounted for /dev/loop1 14:49:36 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_config_ext, 0x0, 0x0, 0x6f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) prctl$PR_SCHED_CORE(0x3e, 0x2, r0, 0x0, &(0x7f0000000080)) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_config_ext, 0x0, 0x0, 0x6f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)) (async) prctl$PR_SCHED_CORE(0x3e, 0x2, r0, 0x0, &(0x7f0000000080)) (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040), 0x2) (async) 14:49:36 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 42) [ 368.750847] erofs: options -> [ 368.758124] erofs: blksize 1 isn't supported on this platform [ 368.780453] misc userio: No port type given on /dev/userio 14:49:36 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x1f00, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 368.853647] misc userio: Can't change port type on an already running userio instance [ 368.931805] erofs: read_super, device -> /dev/loop1 [ 368.932589] erofs: read_super, device -> /dev/loop2 [ 368.936848] erofs: options -> [ 368.947859] erofs: root inode @ nid 36 [ 368.973521] erofs: options -> [ 368.990897] erofs: root inode @ nid 36 [ 368.992795] FAULT_INJECTION: forcing a failure. [ 368.992795] name failslab, interval 1, probability 0, space 0, times 0 [ 368.999864] erofs: bogus i_mode (0) @ nid 36 [ 369.014199] erofs: mounted on /dev/loop1 with opts: . [ 369.041054] CPU: 1 PID: 25642 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 369.048959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 369.058330] Call Trace: [ 369.060930] dump_stack+0x1fc/0x2ef [ 369.064557] should_fail.cold+0xa/0xf [ 369.068345] ? setup_fault_attr+0x200/0x200 [ 369.072655] ? lock_acquire+0x170/0x3c0 [ 369.076615] __should_failslab+0x115/0x180 [ 369.080857] should_failslab+0x5/0x10 [ 369.084657] __kmalloc_track_caller+0x2a6/0x3c0 [ 369.089313] ? kstrdup_const+0x53/0x80 [ 369.093308] kstrdup+0x36/0x70 [ 369.096503] kstrdup_const+0x53/0x80 [ 369.100231] alloc_vfsmnt+0xb5/0x780 [ 369.103926] ? _raw_read_unlock+0x29/0x40 [ 369.108056] vfs_kern_mount.part.0+0x27/0x470 [ 369.112538] do_mount+0x115c/0x2f50 [ 369.116151] ? cmp_ex_sort+0xc0/0xc0 [ 369.119940] ? __do_page_fault+0x180/0xd60 [ 369.124188] ? copy_mount_string+0x40/0x40 [ 369.128412] ? memset+0x20/0x40 [ 369.131677] ? copy_mount_options+0x26f/0x380 [ 369.136160] ksys_mount+0xcf/0x130 [ 369.139699] __x64_sys_mount+0xba/0x150 [ 369.143685] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 369.148305] do_syscall_64+0xf9/0x620 [ 369.152092] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 369.157280] RIP: 0033:0x7f63e5c4b73a [ 369.160987] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 369.179877] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 14:49:37 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 369.187579] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 369.195210] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 369.202478] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 369.209729] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 369.216982] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:37 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:37 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x340048c5) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) r1 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x5) syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r0) sendfile(r1, r3, &(0x7f0000000000), 0x4) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) [ 369.242522] erofs: unmounted for /dev/loop1 [ 369.279495] erofs: read_super, device -> /dev/loop5 [ 369.284551] erofs: options -> [ 369.287940] erofs: blksize 1 isn't supported on this platform [ 369.299390] erofs: read_super, device -> /dev/loop4 14:49:37 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 43) 14:49:37 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x2000, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 369.321832] erofs: options -> [ 369.336229] erofs: root inode @ nid 36 [ 369.348435] erofs: mounted on /dev/loop4 with opts: . 14:49:37 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 369.370659] erofs: read_super, device -> /dev/loop2 [ 369.385936] erofs: options -> [ 369.397341] erofs: root inode @ nid 36 [ 369.412492] erofs: bogus i_mode (0) @ nid 36 [ 369.420348] erofs: unmounted for /dev/loop4 14:49:37 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 369.501316] erofs: read_super, device -> /dev/loop1 [ 369.504599] FAULT_INJECTION: forcing a failure. [ 369.504599] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 369.506360] erofs: options -> [ 369.518151] CPU: 1 PID: 25675 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 369.518160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 369.518165] Call Trace: [ 369.518186] dump_stack+0x1fc/0x2ef [ 369.518206] should_fail.cold+0xa/0xf [ 369.518223] ? setup_fault_attr+0x200/0x200 [ 369.518243] ? get_page_from_freelist+0x1d60/0x4170 [ 369.518268] __alloc_pages_nodemask+0x239/0x2890 [ 369.518284] ? get_page_from_freelist+0x1d60/0x4170 [ 369.518298] ? bad_range+0x260/0x3c0 [ 369.518313] ? __lock_acquire+0x6de/0x3ff0 [ 369.518329] ? preempt_count_add+0xaf/0x190 [ 369.518344] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 369.518367] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 369.518391] cache_grow_begin+0xa4/0x8a0 [ 369.518405] ? setup_fault_attr+0x200/0x200 [ 369.518420] ? lock_acquire+0x170/0x3c0 [ 369.518438] cache_alloc_refill+0x273/0x340 [ 369.518457] kmem_cache_alloc+0x346/0x370 [ 369.518477] getname_kernel+0x4e/0x370 [ 369.518492] kern_path+0x1b/0x40 [ 369.518505] lookup_bdev+0xfc/0x220 [ 369.518516] ? bd_acquire+0x440/0x440 [ 369.518534] blkdev_get_by_path+0x1b/0xd0 [ 369.518547] mount_bdev+0x5b/0x3b0 [ 369.518561] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 369.518578] erofs_mount+0x8c/0xc0 [ 369.518592] ? erofs_kill_sb+0x20/0x20 [ 369.518613] ? alloc_pages_current+0x19b/0x2a0 [ 369.518626] ? __lockdep_init_map+0x100/0x5a0 [ 369.518640] mount_fs+0xa3/0x310 [ 369.518660] vfs_kern_mount.part.0+0x68/0x470 [ 369.518678] do_mount+0x115c/0x2f50 [ 369.518695] ? cmp_ex_sort+0xc0/0xc0 [ 369.518711] ? __do_page_fault+0x180/0xd60 [ 369.518727] ? copy_mount_string+0x40/0x40 [ 369.518749] ? memset+0x20/0x40 [ 369.518764] ? copy_mount_options+0x26f/0x380 [ 369.518782] ksys_mount+0xcf/0x130 [ 369.518798] __x64_sys_mount+0xba/0x150 [ 369.518813] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 369.518827] do_syscall_64+0xf9/0x620 [ 369.518845] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 369.518856] RIP: 0033:0x7f63e5c4b73a [ 369.518870] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 369.518877] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 369.518891] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a 14:49:37 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 44) [ 369.518899] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 369.518907] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 369.518914] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 369.518923] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 369.529778] erofs: read_super, device -> /dev/loop3 [ 369.588812] erofs: root inode @ nid 36 [ 369.614506] erofs: options -> [ 369.648670] erofs: mounted on /dev/loop1 with opts: . [ 369.654499] erofs: root inode @ nid 36 14:49:37 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x340048c5) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) r1 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x5) syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r0) (async) sendfile(r1, r3, &(0x7f0000000000), 0x4) (async, rerun: 32) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async, rerun: 32) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) [ 369.671477] erofs: read_super, device -> /dev/loop5 [ 369.679424] erofs: read_super, device -> /dev/loop4 [ 369.700337] erofs: options -> [ 369.704729] erofs: mounted on /dev/loop3 with opts: . [ 369.706374] erofs: read_super, device -> /dev/loop2 [ 369.711769] erofs: options -> [ 369.737199] erofs: options -> [ 369.752597] erofs: root inode @ nid 36 [ 369.767168] erofs: unmounted for /dev/loop3 [ 369.772764] erofs: mounted on /dev/loop4 with opts: . [ 369.801266] erofs: blksize 1 isn't supported on this platform 14:49:37 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:37 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x340048c5) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) r1 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x5) syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r0) (async) sendfile(r1, r3, &(0x7f0000000000), 0x4) (async) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) 14:49:37 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x14, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:37 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 369.830784] erofs: root inode @ nid 36 [ 369.858709] erofs: unmounted for /dev/loop1 [ 369.874425] erofs: bogus i_mode (0) @ nid 36 [ 369.879163] erofs: unmounted for /dev/loop4 [ 370.021481] FAULT_INJECTION: forcing a failure. [ 370.021481] name failslab, interval 1, probability 0, space 0, times 0 [ 370.033099] CPU: 1 PID: 25720 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 370.041256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 370.050615] Call Trace: [ 370.053230] dump_stack+0x1fc/0x2ef [ 370.056881] should_fail.cold+0xa/0xf [ 370.060695] ? setup_fault_attr+0x200/0x200 [ 370.065025] ? lock_acquire+0x170/0x3c0 [ 370.069009] __should_failslab+0x115/0x180 [ 370.073255] should_failslab+0x5/0x10 [ 370.077061] kmem_cache_alloc_trace+0x284/0x380 [ 370.081739] ? set_bdev_super+0x110/0x110 [ 370.085889] ? ns_test_super+0x50/0x50 [ 370.089870] sget_userns+0x122/0xcd0 [ 370.093590] ? set_bdev_super+0x110/0x110 [ 370.097750] ? ns_test_super+0x50/0x50 [ 370.101640] ? set_bdev_super+0x110/0x110 [ 370.105793] ? ns_test_super+0x50/0x50 [ 370.109683] sget+0x102/0x140 [ 370.112795] mount_bdev+0xf8/0x3b0 [ 370.116337] ? gb_gbphy_register_driver.cold+0x39/0x39 14:49:38 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x2100, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:38 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 370.121622] erofs_mount+0x8c/0xc0 [ 370.125173] ? erofs_kill_sb+0x20/0x20 [ 370.129045] ? alloc_pages_current+0x19b/0x2a0 [ 370.133618] ? __lockdep_init_map+0x100/0x5a0 [ 370.138107] mount_fs+0xa3/0x310 [ 370.141482] vfs_kern_mount.part.0+0x68/0x470 [ 370.145987] do_mount+0x115c/0x2f50 [ 370.149613] ? cmp_ex_sort+0xc0/0xc0 [ 370.153310] ? __do_page_fault+0x180/0xd60 [ 370.157587] ? copy_mount_string+0x40/0x40 [ 370.161820] ? memset+0x20/0x40 [ 370.165096] ? copy_mount_options+0x26f/0x380 [ 370.169576] ksys_mount+0xcf/0x130 [ 370.173098] __x64_sys_mount+0xba/0x150 [ 370.177053] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 370.181624] do_syscall_64+0xf9/0x620 [ 370.185416] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 370.190587] RIP: 0033:0x7f63e5c4b73a [ 370.194291] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 370.213275] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 14:49:38 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 370.221153] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 370.228418] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 370.235678] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 370.242954] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 370.250216] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 370.319184] erofs: read_super, device -> /dev/loop4 [ 370.329055] erofs: options -> [ 370.347210] erofs: root inode @ nid 36 14:49:38 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 45) [ 370.364706] erofs: read_super, device -> /dev/loop2 [ 370.380836] erofs: mounted on /dev/loop4 with opts: . [ 370.387922] erofs: options -> [ 370.398547] erofs: root inode @ nid 36 [ 370.404126] erofs: read_super, device -> /dev/loop5 14:49:38 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x37, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 370.415769] erofs: bogus i_mode (0) @ nid 36 [ 370.426305] erofs: read_super, device -> /dev/loop1 [ 370.432590] erofs: options -> [ 370.439620] erofs: unmounted for /dev/loop4 [ 370.444637] erofs: blksize 1 isn't supported on this platform [ 370.453121] erofs: options -> [ 370.456577] erofs: root inode @ nid 36 [ 370.460971] erofs: mounted on /dev/loop1 with opts: . 14:49:38 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x2500, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:38 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async, rerun: 32) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) (rerun: 32) 14:49:38 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:38 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x800000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 370.588178] erofs: read_super, device -> /dev/loop4 [ 370.593240] erofs: options -> [ 370.596521] erofs: root inode @ nid 36 [ 370.604843] erofs: unmounted for /dev/loop1 [ 370.609697] FAULT_INJECTION: forcing a failure. [ 370.609697] name failslab, interval 1, probability 0, space 0, times 0 [ 370.689522] CPU: 0 PID: 25753 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 370.697441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 370.704564] erofs: mounted on /dev/loop4 with opts: . [ 370.706791] Call Trace: [ 370.706876] dump_stack+0x1fc/0x2ef [ 370.718413] should_fail.cold+0xa/0xf [ 370.722221] ? setup_fault_attr+0x200/0x200 [ 370.726549] ? lock_acquire+0x170/0x3c0 [ 370.730533] __should_failslab+0x115/0x180 [ 370.734764] should_failslab+0x5/0x10 [ 370.738554] kmem_cache_alloc_node_trace+0x244/0x3b0 [ 370.743648] __kmalloc_node+0x38/0x70 [ 370.747444] kvmalloc_node+0x61/0xf0 [ 370.751145] __list_lru_init+0x4c6/0x7f0 [ 370.755285] ? up_read+0xb3/0x110 [ 370.758736] sget_userns+0x7e2/0xcd0 [ 370.762435] ? set_bdev_super+0x110/0x110 [ 370.766673] ? ns_test_super+0x50/0x50 [ 370.770547] ? set_bdev_super+0x110/0x110 [ 370.774693] ? ns_test_super+0x50/0x50 [ 370.778563] sget+0x102/0x140 [ 370.781671] mount_bdev+0xf8/0x3b0 [ 370.785196] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 370.790471] erofs_mount+0x8c/0xc0 [ 370.793998] ? erofs_kill_sb+0x20/0x20 [ 370.797874] ? alloc_pages_current+0x19b/0x2a0 [ 370.802458] ? __lockdep_init_map+0x100/0x5a0 [ 370.806952] mount_fs+0xa3/0x310 [ 370.810311] vfs_kern_mount.part.0+0x68/0x470 [ 370.814803] do_mount+0x115c/0x2f50 [ 370.818420] ? cmp_ex_sort+0xc0/0xc0 [ 370.822122] ? __do_page_fault+0x180/0xd60 [ 370.826357] ? copy_mount_string+0x40/0x40 [ 370.830585] ? memset+0x20/0x40 [ 370.833854] ? copy_mount_options+0x26f/0x380 [ 370.838772] ksys_mount+0xcf/0x130 [ 370.842306] __x64_sys_mount+0xba/0x150 [ 370.846269] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 370.850932] do_syscall_64+0xf9/0x620 [ 370.854808] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 370.859981] RIP: 0033:0x7f63e5c4b73a [ 370.863784] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 370.882755] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 370.890444] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 370.897698] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 370.904954] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 370.912221] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 370.919476] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:38 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x63, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:38 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) 14:49:38 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 46) [ 370.975416] erofs: read_super, device -> /dev/loop5 [ 370.980582] erofs: unmounted for /dev/loop4 [ 370.992175] erofs: options -> [ 371.002165] erofs: blksize 1 isn't supported on this platform 14:49:39 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x3700, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 371.030924] erofs: read_super, device -> /dev/loop1 [ 371.036100] erofs: options -> [ 371.041311] erofs: root inode @ nid 36 [ 371.049757] erofs: mounted on /dev/loop1 with opts: . [ 371.069330] erofs: read_super, device -> /dev/loop2 14:49:39 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 371.086145] erofs: options -> [ 371.096247] erofs: root inode @ nid 36 [ 371.162516] erofs: unmounted for /dev/loop1 [ 371.181516] erofs: bogus i_mode (0) @ nid 36 14:49:39 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 371.245026] FAULT_INJECTION: forcing a failure. [ 371.245026] name failslab, interval 1, probability 0, space 0, times 0 [ 371.264829] CPU: 1 PID: 25799 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 371.272736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 371.280909] erofs: read_super, device -> /dev/loop4 [ 371.282093] Call Trace: [ 371.282116] dump_stack+0x1fc/0x2ef [ 371.282135] should_fail.cold+0xa/0xf [ 371.282153] ? setup_fault_attr+0x200/0x200 [ 371.287150] erofs: options -> [ 371.289726] ? lock_acquire+0x170/0x3c0 [ 371.289746] __should_failslab+0x115/0x180 [ 371.289764] should_failslab+0x5/0x10 [ 371.289778] kmem_cache_alloc_node_trace+0x244/0x3b0 [ 371.289795] __kmalloc_node+0x38/0x70 [ 371.289814] kvmalloc_node+0x61/0xf0 [ 371.289829] __list_lru_init+0x4c6/0x7f0 [ 371.289841] ? up_read+0xb3/0x110 [ 371.289860] sget_userns+0x7e2/0xcd0 [ 371.309934] erofs: root inode @ nid 36 14:49:39 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e005c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 371.312906] ? set_bdev_super+0x110/0x110 [ 371.312926] ? ns_test_super+0x50/0x50 [ 371.312943] ? set_bdev_super+0x110/0x110 [ 371.316920] erofs: mounted on /dev/loop4 with opts: . [ 371.321809] ? ns_test_super+0x50/0x50 [ 371.321824] sget+0x102/0x140 [ 371.321840] mount_bdev+0xf8/0x3b0 [ 371.321854] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 371.321872] erofs_mount+0x8c/0xc0 [ 371.321886] ? erofs_kill_sb+0x20/0x20 [ 371.321906] ? alloc_pages_current+0x19b/0x2a0 [ 371.321920] ? __lockdep_init_map+0x100/0x5a0 [ 371.321934] mount_fs+0xa3/0x310 [ 371.321953] vfs_kern_mount.part.0+0x68/0x470 [ 371.321970] do_mount+0x115c/0x2f50 [ 371.321987] ? cmp_ex_sort+0xc0/0xc0 [ 371.382382] erofs: read_super, device -> /dev/loop5 [ 371.385065] ? __do_page_fault+0x180/0xd60 [ 371.385084] ? copy_mount_string+0x40/0x40 [ 371.385111] ? memset+0x20/0x40 [ 371.400595] erofs: read_super, device -> /dev/loop1 [ 371.402111] ? copy_mount_options+0x26f/0x380 [ 371.402131] ksys_mount+0xcf/0x130 [ 371.402148] __x64_sys_mount+0xba/0x150 [ 371.406924] erofs: options -> [ 371.409466] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 371.409481] do_syscall_64+0xf9/0x620 [ 371.409501] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.409513] RIP: 0033:0x7f63e5c4b73a [ 371.409527] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 371.409533] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 371.409547] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 371.409560] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 371.409568] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 371.409580] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 371.436050] erofs: options -> [ 371.439329] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 371.521784] erofs: root inode @ nid 36 [ 371.523417] erofs: unmounted for /dev/loop4 14:49:39 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) sendmsg$nl_route_sched(r1, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@getqdisc={0x30, 0x26, 0x400, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x8, 0xfff1}, {0xffe0, 0x10}, {0x5, 0x8}}, [{0x4}, {0x4}, {0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x400c011}, 0x8094) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) [ 371.545990] erofs: blksize 1 isn't supported on this platform [ 371.552848] erofs: mounted on /dev/loop1 with opts: . [ 371.582415] erofs: read_super, device -> /dev/loop2 [ 371.587451] erofs: options -> 14:49:39 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4000, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 371.593276] erofs: root inode @ nid 36 [ 371.597854] erofs: bogus i_mode (0) @ nid 36 14:49:39 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:39 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 47) 14:49:39 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 371.697367] erofs: unmounted for /dev/loop1 [ 371.726306] erofs: read_super, device -> /dev/loop4 [ 371.751474] erofs: options -> [ 371.764638] erofs: root inode @ nid 36 [ 371.782578] erofs: mounted on /dev/loop4 with opts: . [ 371.798509] FAULT_INJECTION: forcing a failure. [ 371.798509] name failslab, interval 1, probability 0, space 0, times 0 [ 371.810628] erofs: read_super, device -> /dev/loop5 [ 371.855757] CPU: 0 PID: 25839 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 371.862512] erofs: options -> [ 371.863655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 371.863661] Call Trace: [ 371.863683] dump_stack+0x1fc/0x2ef [ 371.863704] should_fail.cold+0xa/0xf [ 371.863725] ? setup_fault_attr+0x200/0x200 [ 371.881465] erofs: blksize 1 isn't supported on this platform [ 371.882436] ? lock_acquire+0x170/0x3c0 [ 371.882460] __should_failslab+0x115/0x180 14:49:39 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e007c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 371.882479] should_failslab+0x5/0x10 [ 371.882491] __kmalloc+0x2ab/0x3c0 [ 371.882506] ? __list_lru_init+0xd3/0x7f0 [ 371.916088] __list_lru_init+0xd3/0x7f0 [ 371.920078] ? up_write+0x18/0x150 [ 371.923637] sget_userns+0x7e2/0xcd0 [ 371.927361] ? set_bdev_super+0x110/0x110 [ 371.931509] ? ns_test_super+0x50/0x50 [ 371.935378] ? set_bdev_super+0x110/0x110 [ 371.939527] ? ns_test_super+0x50/0x50 [ 371.943410] sget+0x102/0x140 [ 371.946511] mount_bdev+0xf8/0x3b0 [ 371.950059] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 371.955345] erofs_mount+0x8c/0xc0 [ 371.958869] ? erofs_kill_sb+0x20/0x20 [ 371.962738] ? alloc_pages_current+0x19b/0x2a0 [ 371.967313] ? __lockdep_init_map+0x100/0x5a0 [ 371.971787] mount_fs+0xa3/0x310 [ 371.975136] vfs_kern_mount.part.0+0x68/0x470 [ 371.979612] do_mount+0x115c/0x2f50 [ 371.983239] ? cmp_ex_sort+0xc0/0xc0 [ 371.986935] ? __do_page_fault+0x180/0xd60 [ 371.991167] ? copy_mount_string+0x40/0x40 [ 371.995402] ? memset+0x20/0x40 [ 371.998674] ? copy_mount_options+0x26f/0x380 [ 372.003167] ksys_mount+0xcf/0x130 [ 372.006700] __x64_sys_mount+0xba/0x150 [ 372.010683] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 372.015266] do_syscall_64+0xf9/0x620 [ 372.019060] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 372.024335] RIP: 0033:0x7f63e5c4b73a [ 372.028135] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 372.047022] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 372.054722] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 372.062016] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 372.069389] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 372.076673] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 372.083935] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 372.092685] erofs: unmounted for /dev/loop4 14:49:40 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4001, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 372.109225] erofs: read_super, device -> /dev/loop2 [ 372.114385] erofs: options -> [ 372.117795] erofs: root inode @ nid 36 [ 372.124194] erofs: bogus i_mode (0) @ nid 36 14:49:40 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 48) [ 372.189198] erofs: read_super, device -> /dev/loop1 [ 372.218099] erofs: options -> [ 372.232080] erofs: root inode @ nid 36 14:49:40 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 372.263970] erofs: mounted on /dev/loop1 with opts: . [ 372.278834] erofs: read_super, device -> /dev/loop5 [ 372.284164] erofs: options -> [ 372.289416] erofs: blksize 1 isn't supported on this platform [ 372.301972] erofs: read_super, device -> /dev/loop4 [ 372.306499] FAULT_INJECTION: forcing a failure. 14:49:40 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:40 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) sendmsg$nl_route_sched(r1, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@getqdisc={0x30, 0x26, 0x400, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x8, 0xfff1}, {0xffe0, 0x10}, {0x5, 0x8}}, [{0x4}, {0x4}, {0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x400c011}, 0x8094) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() (async) r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) [ 372.306499] name failslab, interval 1, probability 0, space 0, times 0 [ 372.314338] erofs: options -> [ 372.330322] erofs: unmounted for /dev/loop1 [ 372.332307] erofs: root inode @ nid 36 [ 372.347533] CPU: 1 PID: 25866 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 372.355428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 372.364770] Call Trace: [ 372.367351] dump_stack+0x1fc/0x2ef [ 372.370996] should_fail.cold+0xa/0xf [ 372.374794] ? setup_fault_attr+0x200/0x200 [ 372.379106] ? lock_acquire+0x170/0x3c0 [ 372.383074] __should_failslab+0x115/0x180 [ 372.387311] should_failslab+0x5/0x10 [ 372.391097] kmem_cache_alloc_node_trace+0x244/0x3b0 [ 372.396189] __kmalloc_node+0x38/0x70 [ 372.399978] kvmalloc_node+0x61/0xf0 [ 372.403676] __list_lru_init+0x4c6/0x7f0 [ 372.407729] ? up_read+0xb3/0x110 [ 372.411173] sget_userns+0x7e2/0xcd0 [ 372.414888] ? set_bdev_super+0x110/0x110 [ 372.419024] ? ns_test_super+0x50/0x50 [ 372.422903] ? set_bdev_super+0x110/0x110 [ 372.427065] ? ns_test_super+0x50/0x50 [ 372.430952] sget+0x102/0x140 [ 372.434062] mount_bdev+0xf8/0x3b0 [ 372.437589] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 372.442856] erofs_mount+0x8c/0xc0 [ 372.446383] ? erofs_kill_sb+0x20/0x20 [ 372.450273] ? alloc_pages_current+0x19b/0x2a0 [ 372.454852] ? __lockdep_init_map+0x100/0x5a0 [ 372.459332] mount_fs+0xa3/0x310 [ 372.462689] vfs_kern_mount.part.0+0x68/0x470 [ 372.467173] do_mount+0x115c/0x2f50 [ 372.470788] ? cmp_ex_sort+0xc0/0xc0 [ 372.474490] ? __do_page_fault+0x180/0xd60 [ 372.478710] ? copy_mount_string+0x40/0x40 [ 372.482940] ? memset+0x20/0x40 [ 372.486216] ? copy_mount_options+0x26f/0x380 [ 372.490702] ksys_mount+0xcf/0x130 [ 372.494233] __x64_sys_mount+0xba/0x150 [ 372.498195] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 372.502762] do_syscall_64+0xf9/0x620 [ 372.506553] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 372.511730] RIP: 0033:0x7f63e5c4b73a [ 372.515428] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 372.534312] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 372.542003] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 372.549256] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 372.556508] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 372.563760] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 372.571014] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 372.595537] erofs: mounted on /dev/loop4 with opts: . 14:49:40 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e009c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:40 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4002, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 372.650208] erofs: unmounted for /dev/loop4 14:49:40 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 49) 14:49:40 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf6ffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 372.711960] erofs: read_super, device -> /dev/loop2 [ 372.719409] erofs: options -> [ 372.730933] erofs: root inode @ nid 36 [ 372.748705] erofs: bogus i_mode (0) @ nid 36 [ 372.817343] erofs: read_super, device -> /dev/loop5 [ 372.817365] erofs: read_super, device -> /dev/loop4 [ 372.825038] erofs: read_super, device -> /dev/loop1 [ 372.831473] erofs: options -> [ 372.834503] FAULT_INJECTION: forcing a failure. [ 372.834503] name failslab, interval 1, probability 0, space 0, times 0 [ 372.837461] erofs: root inode @ nid 36 [ 372.850828] erofs: options -> [ 372.859497] erofs: options -> [ 372.862868] erofs: blksize 1 isn't supported on this platform [ 372.869933] erofs: read_super, device -> /dev/loop2 [ 372.873809] erofs: root inode @ nid 36 [ 372.876123] erofs: mounted on /dev/loop4 with opts: . [ 372.882530] CPU: 0 PID: 25894 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 372.890715] erofs: options -> [ 372.892088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 372.892093] Call Trace: [ 372.892114] dump_stack+0x1fc/0x2ef [ 372.892138] should_fail.cold+0xa/0xf [ 372.895779] erofs: root inode @ nid 36 [ 372.904663] ? setup_fault_attr+0x200/0x200 [ 372.904680] ? lock_acquire+0x170/0x3c0 [ 372.904701] __should_failslab+0x115/0x180 [ 372.904717] should_failslab+0x5/0x10 [ 372.904732] kmem_cache_alloc_node_trace+0x244/0x3b0 [ 372.904749] __kmalloc_node+0x38/0x70 [ 372.904767] kvmalloc_node+0x61/0xf0 [ 372.913132] erofs: bogus i_mode (0) @ nid 36 [ 372.914752] __list_lru_init+0x4c6/0x7f0 [ 372.914769] ? up_read+0xb3/0x110 [ 372.914789] sget_userns+0x7e2/0xcd0 [ 372.914805] ? set_bdev_super+0x110/0x110 [ 372.931645] erofs: mounted on /dev/loop1 with opts: . [ 372.934967] ? ns_test_super+0x50/0x50 [ 372.934986] ? set_bdev_super+0x110/0x110 [ 372.934999] ? ns_test_super+0x50/0x50 [ 372.935016] sget+0x102/0x140 [ 372.987309] mount_bdev+0xf8/0x3b0 [ 372.990832] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 372.996091] erofs_mount+0x8c/0xc0 [ 372.999612] ? erofs_kill_sb+0x20/0x20 [ 373.003511] ? alloc_pages_current+0x19b/0x2a0 [ 373.008085] ? __lockdep_init_map+0x100/0x5a0 [ 373.012570] mount_fs+0xa3/0x310 [ 373.015919] vfs_kern_mount.part.0+0x68/0x470 [ 373.020398] do_mount+0x115c/0x2f50 [ 373.024007] ? cmp_ex_sort+0xc0/0xc0 [ 373.027713] ? __do_page_fault+0x180/0xd60 [ 373.031945] ? copy_mount_string+0x40/0x40 [ 373.036169] ? memset+0x20/0x40 [ 373.039434] ? copy_mount_options+0x26f/0x380 [ 373.043928] ksys_mount+0xcf/0x130 [ 373.047459] __x64_sys_mount+0xba/0x150 [ 373.051415] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 373.055979] do_syscall_64+0xf9/0x620 [ 373.059766] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 373.064937] RIP: 0033:0x7f63e5c4b73a [ 373.068630] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 373.087525] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 373.095241] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 373.102512] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 373.109769] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 14:49:41 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) sendmsg$nl_route_sched(r1, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@getqdisc={0x30, 0x26, 0x400, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x8, 0xfff1}, {0xffe0, 0x10}, {0x5, 0x8}}, [{0x4}, {0x4}, {0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x400c011}, 0x8094) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) (async) sendmsg$nl_route_sched(r1, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@getqdisc={0x30, 0x26, 0x400, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x8, 0xfff1}, {0xffe0, 0x10}, {0x5, 0x8}}, [{0x4}, {0x4}, {0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x400c011}, 0x8094) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000040), 0x2) (async) 14:49:41 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x4003, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 373.117029] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 373.124282] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:41 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 373.206904] erofs: unmounted for /dev/loop1 14:49:41 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e014c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:41 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffff1f0000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:41 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 50) [ 373.272857] erofs: read_super, device -> /dev/loop5 [ 373.275340] erofs: unmounted for /dev/loop4 [ 373.278116] erofs: options -> [ 373.293088] erofs: blksize 1 isn't supported on this platform 14:49:41 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x8002, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 373.417437] erofs: read_super, device -> /dev/loop1 [ 373.427424] erofs: options -> [ 373.433724] erofs: read_super, device -> /dev/loop2 [ 373.435326] erofs: root inode @ nid 36 14:49:41 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x20000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 373.473035] erofs: mounted on /dev/loop1 with opts: . [ 373.473552] erofs: options -> [ 373.501451] erofs: root inode @ nid 36 [ 373.516709] erofs: unmounted for /dev/loop1 [ 373.524444] erofs: read_super, device -> /dev/loop5 [ 373.526980] erofs: bogus i_mode (0) @ nid 36 [ 373.533117] erofs: options -> [ 373.537511] erofs: blksize 1 isn't supported on this platform [ 373.591252] erofs: read_super, device -> /dev/loop3 [ 373.595030] erofs: read_super, device -> /dev/loop4 [ 373.602308] erofs: options -> [ 373.605933] erofs: options -> [ 373.612420] erofs: root inode @ nid 36 [ 373.616534] FAULT_INJECTION: forcing a failure. [ 373.616534] name failslab, interval 1, probability 0, space 0, times 0 [ 373.617489] erofs: mounted on /dev/loop4 with opts: . [ 373.628458] CPU: 1 PID: 25952 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 373.641068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 373.650411] Call Trace: [ 373.652995] dump_stack+0x1fc/0x2ef [ 373.656612] should_fail.cold+0xa/0xf [ 373.660406] ? setup_fault_attr+0x200/0x200 [ 373.664723] __should_failslab+0x115/0x180 [ 373.668948] should_failslab+0x5/0x10 [ 373.672736] kmem_cache_alloc+0x3f/0x370 [ 373.676784] ? mempool_alloc+0x350/0x350 [ 373.680843] mempool_alloc+0x146/0x350 [ 373.684730] ? mempool_resize+0x790/0x790 [ 373.688879] ? lock_downgrade+0x720/0x720 [ 373.693037] ? mark_held_locks+0xa6/0xf0 [ 373.697096] bio_alloc_bioset+0x389/0x5e0 [ 373.701245] ? __find_get_block+0x314/0xde0 [ 373.705559] ? bvec_alloc+0x2f0/0x2f0 [ 373.709352] ? __getblk_slow+0x6a3/0x9e0 [ 373.713406] submit_bh_wbc+0x141/0x760 [ 373.717284] __bread_gfp+0x14e/0x300 [ 373.720988] erofs_fill_super+0x207/0x12cc [ 373.725218] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 373.730486] ? vsprintf+0x30/0x30 [ 373.733934] ? wait_for_completion_io+0x10/0x10 [ 373.738591] ? set_blocksize+0x163/0x3f0 [ 373.742642] mount_bdev+0x2fc/0x3b0 [ 373.746270] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 373.751539] erofs_mount+0x8c/0xc0 [ 373.755070] ? erofs_kill_sb+0x20/0x20 [ 373.758948] ? alloc_pages_current+0x19b/0x2a0 [ 373.763516] ? __lockdep_init_map+0x100/0x5a0 [ 373.768003] mount_fs+0xa3/0x310 [ 373.771361] vfs_kern_mount.part.0+0x68/0x470 [ 373.775845] do_mount+0x115c/0x2f50 [ 373.779461] ? cmp_ex_sort+0xc0/0xc0 [ 373.783165] ? __do_page_fault+0x180/0xd60 [ 373.787388] ? copy_mount_string+0x40/0x40 [ 373.791614] ? memset+0x20/0x40 [ 373.794881] ? copy_mount_options+0x26f/0x380 [ 373.799363] ksys_mount+0xcf/0x130 [ 373.802891] __x64_sys_mount+0xba/0x150 [ 373.806850] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 373.811420] do_syscall_64+0xf9/0x620 [ 373.815209] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 373.820381] RIP: 0033:0x7f63e5c4b73a [ 373.824083] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 373.842964] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 373.850653] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 373.857914] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 373.865177] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 373.872437] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 373.879697] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:41 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = dup2(r0, r1) ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000080)={0x2}) connect$can_bcm(r2, &(0x7f0000000000), 0x10) gettid() r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r3, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r3, &(0x7f0000000040), 0x2) 14:49:41 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff7f00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:41 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e037c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 373.894159] erofs: root inode @ nid 36 [ 373.904917] erofs: mounted on /dev/loop3 with opts: . [ 373.911962] erofs: read_super, device -> /dev/loop1 [ 373.916982] erofs: options -> 14:49:41 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x8003, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:41 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 51) [ 373.941944] erofs: unmounted for /dev/loop4 [ 373.951696] erofs: root inode @ nid 36 [ 373.968567] erofs: mounted on /dev/loop1 with opts: . [ 373.978059] erofs: unmounted for /dev/loop3 14:49:42 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x23000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 374.038139] erofs: unmounted for /dev/loop1 [ 374.088473] erofs: read_super, device -> /dev/loop2 [ 374.100785] erofs: options -> [ 374.105516] erofs: root inode @ nid 36 [ 374.112064] erofs: read_super, device -> /dev/loop4 [ 374.117092] erofs: options -> [ 374.130888] erofs: root inode @ nid 36 14:49:42 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e020000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 374.135114] erofs: mounted on /dev/loop4 with opts: . [ 374.139376] erofs: read_super, device -> /dev/loop5 [ 374.157990] FAULT_INJECTION: forcing a failure. [ 374.157990] name failslab, interval 1, probability 0, space 0, times 0 14:49:42 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 374.192882] erofs: bogus i_mode (0) @ nid 36 [ 374.195972] erofs: options -> [ 374.211603] erofs: unmounted for /dev/loop4 [ 374.224998] erofs: blksize 1 isn't supported on this platform [ 374.276230] CPU: 0 PID: 25985 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 374.284121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 374.293459] Call Trace: [ 374.296037] dump_stack+0x1fc/0x2ef [ 374.299662] should_fail.cold+0xa/0xf [ 374.303461] ? setup_fault_attr+0x200/0x200 [ 374.307767] ? lock_acquire+0x170/0x3c0 [ 374.311730] __should_failslab+0x115/0x180 [ 374.315974] should_failslab+0x5/0x10 [ 374.319775] kmem_cache_alloc_node_trace+0x244/0x3b0 [ 374.324868] __kmalloc_node+0x38/0x70 [ 374.328657] kvmalloc_node+0x61/0xf0 [ 374.332360] __list_lru_init+0x4c6/0x7f0 [ 374.336407] ? up_read+0xb3/0x110 [ 374.339856] sget_userns+0x810/0xcd0 [ 374.343555] ? set_bdev_super+0x110/0x110 [ 374.347690] ? ns_test_super+0x50/0x50 [ 374.351572] ? set_bdev_super+0x110/0x110 [ 374.355703] ? ns_test_super+0x50/0x50 [ 374.359575] sget+0x102/0x140 [ 374.362667] mount_bdev+0xf8/0x3b0 [ 374.366192] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 374.371475] erofs_mount+0x8c/0xc0 [ 374.374999] ? erofs_kill_sb+0x20/0x20 [ 374.378895] ? alloc_pages_current+0x19b/0x2a0 [ 374.383464] ? __lockdep_init_map+0x100/0x5a0 [ 374.387963] mount_fs+0xa3/0x310 [ 374.391319] vfs_kern_mount.part.0+0x68/0x470 [ 374.395804] do_mount+0x115c/0x2f50 [ 374.399423] ? cmp_ex_sort+0xc0/0xc0 [ 374.403125] ? __do_page_fault+0x180/0xd60 [ 374.407369] ? copy_mount_string+0x40/0x40 [ 374.411604] ? memset+0x20/0x40 [ 374.414870] ? copy_mount_options+0x26f/0x380 [ 374.419356] ksys_mount+0xcf/0x130 [ 374.422884] __x64_sys_mount+0xba/0x150 [ 374.426844] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 374.431413] do_syscall_64+0xf9/0x620 [ 374.435203] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 374.440374] RIP: 0033:0x7f63e5c4b73a [ 374.444072] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 374.462954] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 14:49:42 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = dup2(r0, r1) ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000080)={0x2}) connect$can_bcm(r2, &(0x7f0000000000), 0x10) (async) gettid() (async) r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r3, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r3, &(0x7f0000000040), 0x2) [ 374.470647] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 374.477907] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 374.485163] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 374.492418] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 374.499675] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:42 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x8d01, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:42 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 52) [ 374.600168] erofs: read_super, device -> /dev/loop4 [ 374.610914] erofs: options -> [ 374.622761] erofs: root inode @ nid 36 [ 374.633941] erofs: read_super, device -> /dev/loop1 [ 374.638147] erofs: mounted on /dev/loop4 with opts: . 14:49:42 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e030000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 374.678440] erofs: options -> [ 374.705727] erofs: unmounted for /dev/loop4 [ 374.707464] erofs: read_super, device -> /dev/loop2 [ 374.715786] erofs: options -> [ 374.719462] erofs: root inode @ nid 36 [ 374.724756] erofs: root inode @ nid 36 [ 374.734263] erofs: mounted on /dev/loop1 with opts: . [ 374.739874] erofs: bogus i_mode (0) @ nid 36 14:49:42 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:42 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 374.780025] erofs: read_super, device -> /dev/loop5 [ 374.797720] erofs: options -> [ 374.809983] erofs: read_super, device -> /dev/loop3 [ 374.815782] erofs: unmounted for /dev/loop1 [ 374.816287] erofs: read_super, device -> /dev/loop4 [ 374.826393] erofs: blksize 1 isn't supported on this platform [ 374.829552] erofs: options -> [ 374.841301] erofs: options -> [ 374.849448] erofs: root inode @ nid 36 [ 374.853522] erofs: root inode @ nid 36 [ 374.855064] erofs: mounted on /dev/loop4 with opts: . [ 374.857562] FAULT_INJECTION: forcing a failure. [ 374.857562] name failslab, interval 1, probability 0, space 0, times 0 [ 374.874454] CPU: 0 PID: 26029 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 374.882333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 374.891665] Call Trace: [ 374.894247] dump_stack+0x1fc/0x2ef [ 374.897884] should_fail.cold+0xa/0xf [ 374.901693] ? setup_fault_attr+0x200/0x200 [ 374.906016] ? lock_acquire+0x170/0x3c0 [ 374.910004] __should_failslab+0x115/0x180 [ 374.914246] should_failslab+0x5/0x10 [ 374.918048] kmem_cache_alloc+0x277/0x370 [ 374.922199] ? destroy_inode+0x20/0x20 [ 374.926088] alloc_inode+0x18/0x50 [ 374.929624] ? destroy_inode+0x20/0x20 [ 374.933518] alloc_inode+0x5d/0x180 [ 374.937149] new_inode+0x1d/0xf0 [ 374.940520] erofs_fill_super+0xde9/0x12cc [ 374.944763] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 374.950047] ? vsprintf+0x30/0x30 [ 374.953508] ? wait_for_completion_io+0x10/0x10 [ 374.958177] ? set_blocksize+0x163/0x3f0 [ 374.962244] mount_bdev+0x2fc/0x3b0 [ 374.965883] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 374.971169] erofs_mount+0x8c/0xc0 [ 374.974714] ? erofs_kill_sb+0x20/0x20 [ 374.978612] ? alloc_pages_current+0x19b/0x2a0 [ 374.983198] ? __lockdep_init_map+0x100/0x5a0 [ 374.987699] mount_fs+0xa3/0x310 [ 374.991078] vfs_kern_mount.part.0+0x68/0x470 [ 374.995587] do_mount+0x115c/0x2f50 [ 374.999230] ? cmp_ex_sort+0xc0/0xc0 [ 375.002951] ? __do_page_fault+0x180/0xd60 [ 375.007192] ? copy_mount_string+0x40/0x40 [ 375.011441] ? memset+0x20/0x40 [ 375.014727] ? copy_mount_options+0x26f/0x380 [ 375.019230] ksys_mount+0xcf/0x130 [ 375.022776] __x64_sys_mount+0xba/0x150 [ 375.026761] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 375.031351] do_syscall_64+0xf9/0x620 [ 375.035167] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 375.040358] RIP: 0033:0x7f63e5c4b73a [ 375.044078] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 375.062981] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 375.070697] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 375.077974] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 375.085247] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 375.092520] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 375.099798] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:43 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e040000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 375.149754] erofs: read_super, device -> /dev/loop2 [ 375.154795] erofs: options -> [ 375.175719] erofs: root inode @ nid 36 [ 375.182068] erofs: unmounted for /dev/loop4 [ 375.185986] erofs: bogus i_mode (0) @ nid 36 14:49:43 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x8e01, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:43 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 53) [ 375.219137] erofs: read_super, device -> /dev/loop1 [ 375.224175] erofs: options -> [ 375.244735] erofs: root inode @ nid 36 [ 375.250739] erofs: mounted on /dev/loop1 with opts: . 14:49:43 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) r2 = dup2(r0, r1) ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000080)={0x2}) connect$can_bcm(r2, &(0x7f0000000000), 0x10) gettid() r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r3, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r3, &(0x7f0000000040), 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x2) (async) dup2(r0, r1) (async) ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000080)={0x2}) (async) connect$can_bcm(r2, &(0x7f0000000000), 0x10) (async) gettid() (async) openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (async) write$USERIO_CMD_SET_PORT_TYPE(r3, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r3, &(0x7f0000000040), 0x2) (async) 14:49:43 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x60000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:43 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 375.376331] erofs: read_super, device -> /dev/loop4 [ 375.376996] erofs: read_super, device -> /dev/loop3 [ 375.381712] erofs: options -> [ 375.386610] erofs: read_super, device -> /dev/loop5 [ 375.393930] erofs: unmounted for /dev/loop1 [ 375.406027] erofs: options -> [ 375.426020] erofs: blksize 1 isn't supported on this platform [ 375.441778] erofs: options -> [ 375.450550] erofs: root inode @ nid 36 [ 375.454820] erofs: root inode @ nid 36 [ 375.465629] erofs: mounted on /dev/loop4 with opts: . [ 375.468301] FAULT_INJECTION: forcing a failure. [ 375.468301] name failslab, interval 1, probability 0, space 0, times 0 [ 375.506257] CPU: 1 PID: 26059 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 375.514163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 375.523518] Call Trace: [ 375.526112] dump_stack+0x1fc/0x2ef [ 375.529831] should_fail.cold+0xa/0xf [ 375.533632] ? setup_fault_attr+0x200/0x200 [ 375.537949] ? lock_acquire+0x170/0x3c0 [ 375.541908] __should_failslab+0x115/0x180 [ 375.546128] should_failslab+0x5/0x10 [ 375.549961] kmem_cache_alloc+0x277/0x370 [ 375.554091] ? destroy_inode+0x20/0x20 [ 375.557968] alloc_inode+0x18/0x50 [ 375.561513] ? destroy_inode+0x20/0x20 [ 375.565383] alloc_inode+0x5d/0x180 [ 375.569005] new_inode+0x1d/0xf0 [ 375.572374] erofs_fill_super+0xde9/0x12cc [ 375.576602] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 375.581858] ? vsprintf+0x30/0x30 [ 375.585293] ? wait_for_completion_io+0x10/0x10 [ 375.589951] ? set_blocksize+0x163/0x3f0 [ 375.594005] mount_bdev+0x2fc/0x3b0 [ 375.597612] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 375.602872] erofs_mount+0x8c/0xc0 [ 375.606394] ? erofs_kill_sb+0x20/0x20 [ 375.610275] ? alloc_pages_current+0x19b/0x2a0 [ 375.614854] ? __lockdep_init_map+0x100/0x5a0 [ 375.619351] mount_fs+0xa3/0x310 [ 375.622727] vfs_kern_mount.part.0+0x68/0x470 [ 375.627310] do_mount+0x115c/0x2f50 [ 375.630920] ? cmp_ex_sort+0xc0/0xc0 [ 375.634626] ? __do_page_fault+0x180/0xd60 [ 375.638856] ? copy_mount_string+0x40/0x40 [ 375.643074] ? memset+0x20/0x40 [ 375.646337] ? copy_mount_options+0x26f/0x380 [ 375.650818] ksys_mount+0xcf/0x130 [ 375.654339] __x64_sys_mount+0xba/0x150 [ 375.658295] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 375.662858] do_syscall_64+0xf9/0x620 [ 375.666655] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 375.671837] RIP: 0033:0x7f63e5c4b73a [ 375.675531] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 375.694412] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 375.702103] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 375.709362] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 375.716630] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 375.723898] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 375.731157] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 375.793771] erofs: read_super, device -> /dev/loop2 [ 375.809193] erofs: options -> [ 375.816914] erofs: read_super, device -> /dev/loop1 [ 375.826081] erofs: root inode @ nid 36 [ 375.834507] erofs: bogus i_mode (0) @ nid 36 14:49:43 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 54) 14:49:43 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0xc000, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:43 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e080000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:43 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x14, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 375.843120] erofs: options -> [ 375.848058] erofs: root inode @ nid 36 [ 375.854008] erofs: unmounted for /dev/loop4 [ 375.854554] erofs: mounted on /dev/loop1 with opts: . 14:49:43 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x83030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:43 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 375.912393] erofs: unmounted for /dev/loop1 [ 375.943067] erofs: read_super, device -> /dev/loop5 [ 375.951569] erofs: options -> [ 375.959924] erofs: blksize 1 isn't supported on this platform 14:49:44 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0xc001, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 376.037656] erofs: read_super, device -> /dev/loop3 [ 376.042719] erofs: options -> [ 376.046402] FAULT_INJECTION: forcing a failure. [ 376.046402] name failslab, interval 1, probability 0, space 0, times 0 [ 376.049999] erofs: read_super, device -> /dev/loop4 [ 376.062547] erofs: read_super, device -> /dev/loop2 [ 376.070509] erofs: options -> [ 376.075223] CPU: 0 PID: 26102 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 376.083110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 376.092457] Call Trace: [ 376.094181] erofs: read_super, device -> /dev/loop1 [ 376.095045] dump_stack+0x1fc/0x2ef [ 376.095067] should_fail.cold+0xa/0xf [ 376.095083] ? do_mount+0x115c/0x2f50 [ 376.095100] ? setup_fault_attr+0x200/0x200 [ 376.095114] ? blk_queue_enter+0x40b/0xb70 [ 376.095133] __should_failslab+0x115/0x180 [ 376.124080] should_failslab+0x5/0x10 [ 376.127889] kmem_cache_alloc_node+0x54/0x3b0 [ 376.132399] create_task_io_context+0x2c/0x430 [ 376.136213] erofs: options -> [ 376.136987] generic_make_request_checks+0x1c4f/0x22e0 [ 376.145435] ? should_fail_bio.isra.0+0xa0/0xa0 [ 376.150114] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 376.155142] ? kmem_cache_alloc+0x315/0x370 [ 376.156405] erofs: options -> [ 376.159477] generic_make_request+0x23f/0xdf0 [ 376.159498] ? blk_put_request+0x110/0x110 [ 376.159516] ? lock_downgrade+0x720/0x720 [ 376.159540] submit_bio+0xb1/0x430 [ 376.159556] ? generic_make_request+0xdf0/0xdf0 [ 376.159572] ? check_preemption_disabled+0x41/0x280 [ 376.159590] ? guard_bio_eod+0x2a0/0x650 [ 376.159606] submit_bh_wbc+0x5a7/0x760 [ 376.172935] erofs: root inode @ nid 36 [ 376.175616] __bread_gfp+0x14e/0x300 [ 376.175635] erofs_fill_super+0x207/0x12cc [ 376.175656] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 376.175672] ? vsprintf+0x30/0x30 [ 376.175696] ? wait_for_completion_io+0x10/0x10 [ 376.175711] ? set_blocksize+0x163/0x3f0 [ 376.193019] erofs: mounted on /dev/loop1 with opts: . [ 376.196810] mount_bdev+0x2fc/0x3b0 [ 376.196826] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 376.196844] erofs_mount+0x8c/0xc0 [ 376.196859] ? erofs_kill_sb+0x20/0x20 [ 376.196880] ? alloc_pages_current+0x19b/0x2a0 [ 376.196892] ? __lockdep_init_map+0x100/0x5a0 [ 376.196906] mount_fs+0xa3/0x310 [ 376.208830] erofs: root inode @ nid 36 [ 376.213957] vfs_kern_mount.part.0+0x68/0x470 [ 376.218580] erofs: mounted on /dev/loop4 with opts: . [ 376.222045] do_mount+0x115c/0x2f50 [ 376.222064] ? cmp_ex_sort+0xc0/0xc0 [ 376.222082] ? __do_page_fault+0x180/0xd60 14:49:44 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e140000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:44 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x84030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 376.222100] ? copy_mount_string+0x40/0x40 [ 376.222123] ? memset+0x20/0x40 [ 376.222138] ? copy_mount_options+0x26f/0x380 [ 376.249453] erofs: read_super, device -> /dev/loop5 [ 376.252182] ksys_mount+0xcf/0x130 [ 376.252202] __x64_sys_mount+0xba/0x150 [ 376.252220] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 376.252235] do_syscall_64+0xf9/0x620 [ 376.252254] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 376.252269] RIP: 0033:0x7f63e5c4b73a [ 376.315790] erofs: options -> [ 376.318046] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 376.318055] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 376.318070] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 376.318079] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 376.318088] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 376.318096] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 14:49:44 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 55) [ 376.318104] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 376.319405] erofs: root inode @ nid 36 [ 376.324097] erofs: unmounted for /dev/loop4 [ 376.327093] erofs: bogus i_mode (0) @ nid 36 [ 376.356134] erofs: blksize 1 isn't supported on this platform [ 376.363303] erofs: root inode @ nid 36 [ 376.417485] erofs: unmounted for /dev/loop1 [ 376.418816] erofs: mounted on /dev/loop3 with opts: . 14:49:44 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0xc002, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:44 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e014c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 376.468200] erofs: unmounted for /dev/loop3 14:49:44 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 376.589335] erofs: read_super, device -> /dev/loop5 [ 376.594788] erofs: options -> [ 376.604108] erofs: read_super, device -> /dev/loop3 [ 376.614964] erofs: blksize 1 isn't supported on this platform [ 376.621347] erofs: options -> [ 376.643670] erofs: root inode @ nid 36 [ 376.657117] erofs: mounted on /dev/loop3 with opts: . [ 376.660830] erofs: read_super, device -> /dev/loop2 [ 376.665163] FAULT_INJECTION: forcing a failure. [ 376.665163] name failslab, interval 1, probability 0, space 0, times 0 [ 376.667814] erofs: options -> [ 376.682941] erofs: root inode @ nid 36 [ 376.687243] erofs: bogus i_mode (0) @ nid 36 [ 376.695215] CPU: 1 PID: 26142 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 376.703101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 376.712444] Call Trace: [ 376.715017] dump_stack+0x1fc/0x2ef [ 376.718641] should_fail.cold+0xa/0xf [ 376.722436] ? setup_fault_attr+0x200/0x200 [ 376.726738] ? lock_acquire+0x170/0x3c0 [ 376.730712] __should_failslab+0x115/0x180 [ 376.734937] should_failslab+0x5/0x10 [ 376.738730] kmem_cache_alloc_trace+0x284/0x380 [ 376.743396] get_mountpoint+0x140/0x3c0 [ 376.747354] lock_mount+0x131/0x4a0 [ 376.750962] ? lookup_mnt+0x420/0x420 [ 376.754751] ? vfs_kern_mount.part.0+0x2b4/0x470 [ 376.759507] do_add_mount+0x73/0x560 [ 376.763210] ? graft_tree+0x210/0x210 [ 376.766992] ? do_raw_spin_unlock+0x171/0x230 [ 376.771471] ? _raw_spin_unlock+0x29/0x40 [ 376.775600] ? vfs_kern_mount.part.0+0x2b9/0x470 [ 376.780351] do_mount+0x1976/0x2f50 [ 376.783969] ? cmp_ex_sort+0xc0/0xc0 [ 376.787664] ? __do_page_fault+0x180/0xd60 [ 376.791890] ? copy_mount_string+0x40/0x40 [ 376.796110] ? memset+0x20/0x40 [ 376.799384] ? copy_mount_options+0x26f/0x380 [ 376.803882] ksys_mount+0xcf/0x130 [ 376.807415] __x64_sys_mount+0xba/0x150 [ 376.811377] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 376.815937] do_syscall_64+0xf9/0x620 [ 376.819732] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 376.824911] RIP: 0033:0x7f63e5c4b73a [ 376.828606] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 376.847494] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 376.855191] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 376.862442] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 376.869692] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 376.876939] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 376.884188] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 14:49:44 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 56) [ 376.894248] erofs: unmounted for /dev/loop3 [ 376.910788] erofs: read_super, device -> /dev/loop1 [ 376.915893] erofs: options -> [ 376.920571] erofs: root inode @ nid 36 [ 376.924633] erofs: mounted on /dev/loop1 with opts: . 14:49:44 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0xc003, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:44 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e020000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 376.993120] erofs: read_super, device -> /dev/loop4 14:49:45 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8b260000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 377.044665] erofs: options -> [ 377.058880] erofs: root inode @ nid 36 [ 377.064719] erofs: unmounted for /dev/loop1 [ 377.076683] erofs: mounted on /dev/loop4 with opts: . 14:49:45 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) gettid() (async, rerun: 64) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) (rerun: 64) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 377.104275] erofs: read_super, device -> /dev/loop3 [ 377.111692] erofs: options -> [ 377.128514] erofs: root inode @ nid 36 [ 377.135165] erofs: read_super, device -> /dev/loop5 [ 377.135169] erofs: read_super, device -> /dev/loop2 [ 377.135179] erofs: options -> [ 377.147167] erofs: options -> [ 377.154831] erofs: blksize 1 isn't supported on this platform [ 377.161119] FAULT_INJECTION: forcing a failure. [ 377.161119] name failslab, interval 1, probability 0, space 0, times 0 [ 377.161136] CPU: 1 PID: 26174 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 377.161145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 377.161159] Call Trace: [ 377.183240] erofs: root inode @ nid 36 [ 377.189554] dump_stack+0x1fc/0x2ef [ 377.189575] should_fail.cold+0xa/0xf 14:49:45 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e250000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 377.189594] ? setup_fault_attr+0x200/0x200 [ 377.189610] ? static_obj+0x50/0x50 [ 377.189628] __should_failslab+0x115/0x180 [ 377.189645] should_failslab+0x5/0x10 [ 377.189658] kmem_cache_alloc+0x3f/0x370 [ 377.189671] ? mempool_alloc+0x350/0x350 [ 377.189682] mempool_alloc+0x146/0x350 [ 377.189701] ? mempool_resize+0x790/0x790 [ 377.196579] erofs: bogus i_mode (0) @ nid 36 [ 377.199783] ? find_get_entry+0x4f4/0x8a0 [ 377.199806] bio_alloc_bioset+0x389/0x5e0 [ 377.199821] ? mark_page_accessed+0x581/0xda0 [ 377.199834] ? bvec_alloc+0x2f0/0x2f0 [ 377.199850] ? pagecache_get_page+0x1c4/0xd50 [ 377.199873] erofs_get_meta_page+0x2bb/0xcd0 [ 377.199894] erofs_iget+0x21b/0x2720 [ 377.199915] erofs_fill_super+0xf65/0x12cc [ 377.199933] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 377.199947] ? vsprintf+0x30/0x30 [ 377.199964] ? wait_for_completion_io+0x10/0x10 [ 377.286744] ? set_blocksize+0x163/0x3f0 [ 377.290798] mount_bdev+0x2fc/0x3b0 [ 377.294410] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 377.299689] erofs_mount+0x8c/0xc0 [ 377.303220] ? erofs_kill_sb+0x20/0x20 [ 377.307095] ? alloc_pages_current+0x19b/0x2a0 [ 377.311669] ? __lockdep_init_map+0x100/0x5a0 [ 377.316152] mount_fs+0xa3/0x310 [ 377.319509] vfs_kern_mount.part.0+0x68/0x470 [ 377.323995] do_mount+0x115c/0x2f50 [ 377.327626] ? cmp_ex_sort+0xc0/0xc0 [ 377.331328] ? __do_page_fault+0x180/0xd60 [ 377.335551] ? copy_mount_string+0x40/0x40 [ 377.339782] ? memset+0x20/0x40 [ 377.343048] ? copy_mount_options+0x26f/0x380 [ 377.347540] ksys_mount+0xcf/0x130 [ 377.351072] __x64_sys_mount+0xba/0x150 [ 377.355039] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 377.359608] do_syscall_64+0xf9/0x620 [ 377.363399] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.368573] RIP: 0033:0x7f63e5c4b73a [ 377.372273] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 377.391341] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 377.399036] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a 14:49:45 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x4b60ee0d9295547e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x4000000000000, 0xfffffffffffffffe}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) [ 377.406297] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 377.413550] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 377.420801] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 377.428057] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 377.436151] erofs: unmounted for /dev/loop4 [ 377.441939] erofs: mounted on /dev/loop3 with opts: . 14:49:45 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0xe902, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:45 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e030000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 377.549305] erofs: read_super, device -> /dev/loop1 [ 377.554893] erofs: options -> [ 377.566577] erofs: root inode @ nid 36 [ 377.575762] erofs: mounted on /dev/loop1 with opts: . [ 377.593779] erofs: read_super, device -> /dev/loop4 14:49:45 executing program 3: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) (fail_nth: 57) 14:49:45 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 377.643506] erofs: unmounted for /dev/loop3 [ 377.650084] erofs: unmounted for /dev/loop1 [ 377.654359] erofs: read_super, device -> /dev/loop5 [ 377.665260] erofs: options -> [ 377.669490] erofs: blksize 1 isn't supported on this platform [ 377.675442] erofs: options -> [ 377.679853] erofs: root inode @ nid 36 [ 377.684370] erofs: mounted on /dev/loop4 with opts: . 14:49:45 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0xfa01, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) 14:49:45 executing program 4: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e370000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 377.715893] erofs: read_super, device -> /dev/loop3 [ 377.728005] erofs: read_super, device -> /dev/loop2 [ 377.736279] erofs: options -> [ 377.744737] erofs: root inode @ nid 36 [ 377.750616] erofs: unmounted for /dev/loop4 [ 377.753759] erofs: options -> [ 377.755546] erofs: bogus i_mode (0) @ nid 36 [ 377.765186] erofs: root inode @ nid 36 [ 377.771449] FAULT_INJECTION: forcing a failure. [ 377.771449] name failslab, interval 1, probability 0, space 0, times 0 [ 377.794824] erofs: read_super, device -> /dev/loop1 [ 377.801399] erofs: options -> [ 377.810534] erofs: root inode @ nid 36 [ 377.814618] erofs: mounted on /dev/loop1 with opts: . [ 377.833187] CPU: 1 PID: 26225 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 377.841097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 377.850445] Call Trace: [ 377.853022] dump_stack+0x1fc/0x2ef [ 377.856634] should_fail.cold+0xa/0xf [ 377.860420] ? setup_fault_attr+0x200/0x200 [ 377.864724] ? lock_acquire+0x170/0x3c0 [ 377.868687] __should_failslab+0x115/0x180 [ 377.872905] should_failslab+0x5/0x10 [ 377.876692] kmem_cache_alloc+0x277/0x370 [ 377.880833] __d_alloc+0x2b/0xa10 [ 377.884270] d_make_root+0x3e/0x90 [ 377.887793] erofs_fill_super+0x102f/0x12cc [ 377.892097] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 377.897374] ? vsprintf+0x30/0x30 [ 377.900825] ? wait_for_completion_io+0x10/0x10 [ 377.905478] ? set_blocksize+0x163/0x3f0 [ 377.909522] mount_bdev+0x2fc/0x3b0 [ 377.913139] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 377.918444] erofs_mount+0x8c/0xc0 [ 377.921990] ? erofs_kill_sb+0x20/0x20 [ 377.925873] ? alloc_pages_current+0x19b/0x2a0 [ 377.930435] ? __lockdep_init_map+0x100/0x5a0 [ 377.934914] mount_fs+0xa3/0x310 [ 377.938279] vfs_kern_mount.part.0+0x68/0x470 [ 377.942765] do_mount+0x115c/0x2f50 [ 377.946374] ? cmp_ex_sort+0xc0/0xc0 [ 377.950070] ? __do_page_fault+0x180/0xd60 [ 377.954312] ? copy_mount_string+0x40/0x40 [ 377.958544] ? memset+0x20/0x40 [ 377.961824] ? copy_mount_options+0x26f/0x380 [ 377.966327] ksys_mount+0xcf/0x130 [ 377.969864] __x64_sys_mount+0xba/0x150 [ 377.973833] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 377.978404] do_syscall_64+0xf9/0x620 [ 377.982201] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.987374] RIP: 0033:0x7f63e5c4b73a [ 377.991088] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 14:49:45 executing program 0: ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) (async) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x0) (async) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x4b60ee0d9295547e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x4000000000000, 0xfffffffffffffffe}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) gettid() r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100), 0x2000000000040406, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000380)={0x1, 0x6}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040), 0x2) 14:49:46 executing program 2: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e040000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 378.009982] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 378.017796] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 378.025069] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 [ 378.032334] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 378.039605] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 378.046853] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 378.060422] ------------[ cut here ]------------ [ 378.065189] kernel BUG at fs/inode.c:1571! [ 378.069651] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 378.075017] CPU: 1 PID: 26225 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 378.082890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 378.092246] RIP: 0010:iput+0x727/0x860 [ 378.096141] Code: b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 84 18 fd ff ff 48 8b 3c 24 e8 33 d9 ee ff e9 0a fd ff ff e8 39 fc b8 ff <0f> 0b e8 32 fc b8 ff 48 89 ef e8 1a f7 ff ff 4c 89 f7 e8 b2 c6 6f [ 378.115129] RSP: 0018:ffff888096d57a80 EFLAGS: 00010246 [ 378.117473] erofs: read_super, device -> /dev/loop5 [ 378.120492] RAX: 0000000000040000 RBX: 0000000000000040 RCX: ffffc9000b8e5000 [ 378.125600] erofs: options -> [ 378.132857] RDX: 0000000000040000 RSI: ffffffff81a98937 RDI: 0000000000000007 [ 378.132864] RBP: ffff888055c7a700 R08: 0000000000000000 R09: 0000000000000000 [ 378.132870] R10: 0000000000000007 R11: 0000000000000000 R12: ffff8880add11300 [ 378.132876] R13: ffff888055c7a700 R14: 0000000000000000 R15: 00000000fffffff4 [ 378.132884] FS: 00007f63e45bf700(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 [ 378.132891] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 378.132897] CR2: 0000555555835888 CR3: 00000000a6813000 CR4: 00000000003406e0 [ 378.132907] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 378.132913] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 378.132917] Call Trace: [ 378.132939] erofs_fill_super+0x1205/0x12cc [ 378.132956] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 378.213282] ? vsprintf+0x30/0x30 [ 378.216743] ? wait_for_completion_io+0x10/0x10 [ 378.221410] ? set_blocksize+0x163/0x3f0 [ 378.225479] mount_bdev+0x2fc/0x3b0 [ 378.229116] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 378.234418] erofs_mount+0x8c/0xc0 [ 378.237964] ? erofs_kill_sb+0x20/0x20 [ 378.241860] ? alloc_pages_current+0x19b/0x2a0 [ 378.246443] ? __lockdep_init_map+0x100/0x5a0 [ 378.248965] erofs: read_super, device -> /dev/loop2 [ 378.250941] mount_fs+0xa3/0x310 [ 378.250958] vfs_kern_mount.part.0+0x68/0x470 [ 378.250975] do_mount+0x115c/0x2f50 [ 378.267415] ? cmp_ex_sort+0xc0/0xc0 [ 378.271132] ? __do_page_fault+0x180/0xd60 [ 378.275366] ? copy_mount_string+0x40/0x40 [ 378.279638] ? memset+0x20/0x40 [ 378.280482] erofs: blksize 1 isn't supported on this platform [ 378.282919] ? copy_mount_options+0x26f/0x380 [ 378.282934] ksys_mount+0xcf/0x130 [ 378.282949] __x64_sys_mount+0xba/0x150 [ 378.300796] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 378.301456] erofs: options -> [ 378.305374] do_syscall_64+0xf9/0x620 [ 378.305392] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 378.305406] RIP: 0033:0x7f63e5c4b73a [ 378.321307] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 378.340201] RSP: 002b:00007f63e45bef88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 378.347916] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007f63e5c4b73a [ 378.355189] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f63e45befe0 14:49:46 executing program 1: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9a260000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e006c0ed9e010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 378.362458] RBP: 00007f63e45bf020 R08: 00007f63e45bf020 R09: 0000000020000000 [ 378.366594] erofs: root inode @ nid 36 [ 378.369722] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 378.369731] R13: 0000000020000100 R14: 00007f63e45befe0 R15: 0000000020010a00 [ 378.369743] Modules linked in: [ 378.389406] ---[ end trace 6c9832d55ee9ed3f ]--- [ 378.397930] erofs: unmounted for /dev/loop1 [ 378.403875] erofs: read_super, device -> /dev/loop4 [ 378.415092] erofs: options -> 14:49:46 executing program 5: syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e0", 0x100000, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00)) [ 378.420590] RIP: 0010:iput+0x727/0x860 [ 378.424757] erofs: root inode @ nid 36 [ 378.432033] Code: b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 84 18 fd ff ff 48 8b 3c 24 e8 33 d9 ee ff e9 0a fd ff ff e8 39 fc b8 ff <0f> 0b e8 32 fc b8 ff 48 89 ef e8 1a f7 ff ff 4c 89 f7 e8 b2 c6 6f [ 378.441909] erofs: bogus i_mode (0) @ nid 36 [ 378.454819] erofs: mounted on /dev/loop4 with opts: . [ 378.456452] RSP: 0018:ffff888096d57a80 EFLAGS: 00010246 [ 378.469609] RAX: 0000000000040000 RBX: 0000000000000040 RCX: ffffc9000b8e5000 [ 378.477162] RDX: 0000000000040000 RSI: ffffffff81a98937 RDI: 0000000000000007 [ 378.486125] RBP: ffff888055c7a700 R08: 0000000000000000 R09: 0000000000000000 [ 378.493752] R10: 0000000000000007 R11: 0000000000000000 R12: ffff8880add11300 [ 378.501091] R13: ffff888055c7a700 R14: 0000000000000000 R15: 00000000fffffff4 [ 378.508443] FS: 00007f63e45bf700(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 [ 378.516712] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 378.522701] CR2: 00007fcb13874090 CR3: 00000000a6813000 CR4: 00000000003406e0 [ 378.530033] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 378.537722] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 378.545405] Kernel panic - not syncing: Fatal exception [ 378.550909] Kernel Offset: disabled [ 378.554517] Rebooting in 86400 seconds..