octl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xb00}], 0x1, 0x0, 0x0, 0x0)

07:07:44 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  374.588334] erofs: unmounted for /dev/loop4
[  374.722610] erofs: read_super, device -> /dev/loop4
[  374.758381] erofs: options -> 
07:07:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xd00}], 0x1, 0x0, 0x0, 0x0)

07:07:44 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  374.844352] erofs: unmounted for /dev/loop4
[  374.954253] erofs: read_super, device -> /dev/loop4
07:07:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x2000}], 0x1, 0x0, 0x0, 0x0)

[  374.976865] erofs: options -> 
07:07:44 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:44 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  375.053245] erofs: unmounted for /dev/loop4
07:07:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x5000}], 0x1, 0x0, 0x0, 0x0)

[  375.224597] erofs: read_super, device -> /dev/loop4
[  375.239751] erofs: options -> 
[  375.243475] erofs: read_super, device -> /dev/loop2
07:07:45 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  375.281859] erofs: options -> 
[  375.302288] erofs: unmounted for /dev/loop4
07:07:45 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x200000}], 0x1, 0x0, 0x0, 0x0)

[  375.363860] erofs: unmounted for /dev/loop2
[  375.422472] erofs: read_super, device -> /dev/loop4
[  375.444843] erofs: options -> 
[  375.484846] erofs: read_super, device -> /dev/loop2
[  375.523323] erofs: options -> 
[  375.526641] erofs: unmounted for /dev/loop4
[  375.612702] erofs: unmounted for /dev/loop2
07:07:45 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7200, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:07:45 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8603, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:45 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x80ffff}], 0x1, 0x0, 0x0, 0x0)

[  375.742000] erofs: read_super, device -> /dev/loop4
[  375.747454] erofs: read_super, device -> /dev/loop2
[  375.779226] erofs: options -> 
[  375.790837] erofs: options -> 
07:07:45 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:45 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8803, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x1000000}], 0x1, 0x0, 0x0, 0x0)

[  375.876136] erofs: unmounted for /dev/loop4
[  375.880819] erofs: unmounted for /dev/loop2
[  375.980016] erofs: read_super, device -> /dev/loop4
[  376.017903] erofs: options -> 
[  376.078718] erofs: read_super, device -> /dev/loop2
07:07:45 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  376.102444] erofs: unmounted for /dev/loop4
[  376.112392] erofs: options -> 
07:07:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x1000040}], 0x1, 0x0, 0x0, 0x0)

07:07:45 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  376.196157] erofs: unmounted for /dev/loop2
07:07:46 executing program 5:
r0 = openat(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="03", 0x1, 0x640}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}], 0x0, &(0x7f00000000c0)=ANY=[])
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c44}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fchown(r1, 0xee01, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
fstatfs(r3, &(0x7f0000000040)=""/17)
umount2(&(0x7f00000001c0)='./file0\x00', 0x2)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000009c0)=ANY=[@ANYRES16, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x20044014}, 0x0)
r4 = dup3(r2, 0xffffffffffffffff, 0x80000)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan0\x00'})
sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x28, 0x0, 0x300, 0x70bd25, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x4, 0x54}}}}, [@NL80211_ATTR_KEY_TYPE={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x8c0)
sendmsg$NL80211_CMD_UPDATE_FT_IES(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x840}, 0x80c0)
sendmsg$NFNL_MSG_ACCT_NEW(r4, &(0x7f00000004c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)={0x20, 0x0, 0x7, 0x3, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x40}]}, 0x20}, 0x1, 0x0, 0x0, 0x20040081}, 0x4000800)
r5 = openat$vcsu(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0xf)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000480), r5)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000640)={&(0x7f0000000440), 0xc, &(0x7f00000004c0)={&(0x7f0000000540)={0xd8, r7, 0x4, 0x70bd28, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}]}, @MPTCP_PM_ATTR_ADDR={0x44, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}]}, 0xd8}, 0x1, 0x0, 0x0, 0x8840}, 0x4000000)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r3, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x4008}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x7c, r7, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_ADDR={0x40, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x40000)

[  376.255640] erofs: read_super, device -> /dev/loop4
[  376.267895] erofs: options -> 
[  376.332234] erofs: read_super, device -> /dev/loop2
[  376.346419] erofs: options -> 
07:07:46 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc701, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  376.379612] erofs: unmounted for /dev/loop4
[  376.412391] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  376.495098] erofs: unmounted for /dev/loop2
[  376.589337] erofs: read_super, device -> /dev/loop4
[  376.601014] erofs: options -> 
[  376.607273] EXT4-fs (loop5): Unrecognized mount option "" or missing value
07:07:46 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7300, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:07:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x1000080}], 0x1, 0x0, 0x0, 0x0)

07:07:46 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:46 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  376.662105] erofs: unmounted for /dev/loop4
07:07:46 executing program 5:
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000040)={&(0x7f0000000600)={0xe0, 0x0, 0x20, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_REKEY_DATA={0x88, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "777c91b7a84e5f8d"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "b7ee3043d576968f"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="a2bd5a875fa70253b092b2bf7cbe9123"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x1}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "6ffd15a157111897"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="1cff8bed1767d5e10b3b1c48bcc7afe1878b9d4451dff57494209a213b237860"}, @NL80211_REKEY_DATA_AKM={0x8}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8}]}, @NL80211_ATTR_REKEY_DATA={0x20, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x831}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "a08c22e7eb45b882"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x100}]}, @NL80211_ATTR_REKEY_DATA={0x1c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "3fae3b1ca6088a0a"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "111ae7031e50b85c"}]}]}, 0xe0}, 0x1, 0x0, 0x0, 0x40}, 0x40)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0xec6, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000840)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=@ipv4_getroute={0x1c, 0x1a, 0x4, 0x70bd2c, 0x25dfdbff, {0x2, 0x14, 0x0, 0x7, 0xff, 0x2, 0xfd, 0x3, 0x300}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x80)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000140)='wlan0\x00', 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x0, @multicast2}, 0x10)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000005c0)=ANY=[@ANYBLOB="fd53b9d83a4ba7c3adda1442d5b88de2738654e9d924cd55089cec5b3a34f4e49364dfddd095f8d1ad8c3cf5f9de512a0ec7c84ee06df4067e"])
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000780)={0x0, 0x0, 0x0, &(0x7f00000013c0)=""/171, 0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f00000001c0)={0x1, 0x0, 0x0, &(0x7f0000000100)=""/48, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000080)=0x1)
ioctl$VHOST_SET_VRING_NUM(0xffffffffffffffff, 0x4008af10, &(0x7f0000000000))
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000cc0)=ANY=[@ANYBLOB="07010498b00100001002000000000100a5000000080000000000000000000000d6644858af52493542dca728a1dc09066136e738aa8a507918089b1532ed1c8302e4d76478c28936dcbc00e987111eb246eef5ce5613433b3a82e6b9f71a721d2038201e3601295412c93ab8d3fbba56960e1cc2c9bdd3196c1469c859fcc1bb2f26ea08ce18b4456a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000049ef53f741890d6bbe52363308f60d4a6139b769b35c58261abe0fa8979d3167bae92e3d363195116e325ec33f9591a74ea346aa81b6a6fac0c0fa74ae6d864c67e09735076e979076496438dca6ad639b455a796210fbca1af7a9f64defd0d6e677695c82c1c71d3cc04c5b405d96352fade724515c14f9b5e0116aae103822f3a00f8d37d47e981f"], 0x389)
splice(0xffffffffffffffff, 0x0, r0, &(0x7f0000000100)=0x7, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000007fc0), 0x400000000000070, 0xc00)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x8001000000000000, 0x40, &(0x7f0000000280)=@raw={'raw\x00', 0x8, 0x3, 0x2e0, 0x158, 0x0, 0x148, 0x158, 0x0, 0x248, 0x2a8, 0x2a8, 0x248, 0x2a8, 0x3, 0x0, {[{{@ip={@remote, @loopback, 0x0, 0x0, 'wg0\x00', 'nr0\x00', {}, {}, 0x6}, 0x0, 0x130, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x0, 0x0, 0xffffe0e8, 0x0, 0x0, 0x20000003, 0x7}}}, @common=@unspec=@physdev={{0x68}, {'veth1_to_batadv\x00', {}, 'wlan1\x00', {}, 0x0, 0x6}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ip={@local, @multicast2, 0x0, 0x0, 'xfrm0\x00', 'team0\x00'}, 0x0, 0xc0, 0xf0, 0x0, {}, [@common=@socket0={{0x20}}, @common=@ah={{0x30}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x340)

07:07:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x10000c0}], 0x1, 0x0, 0x0, 0x0)

[  376.791896] erofs: read_super, device -> /dev/loop2
[  376.802112] erofs: options -> 
07:07:46 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  376.874209] x_tables: ip_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[  376.896314] erofs: read_super, device -> /dev/loop4
[  376.912735] erofs: options -> 
[  376.917575] erofs: unmounted for /dev/loop2
07:07:46 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1fffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  377.012790] erofs: unmounted for /dev/loop4
[  377.050219] erofs: read_super, device -> /dev/loop2
07:07:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x1010000}], 0x1, 0x0, 0x0, 0x0)

[  377.080379] erofs: options -> 
07:07:46 executing program 5:
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000000)={{0x0, 0x3, 0x1, 0x2, 0x1000}})
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/radio_mr800', 0x80401, 0x1)
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
fcntl$setpipe(r0, 0x407, 0xfffffffffffff801)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x44, 0x7, 0xa, 0x801, 0x0, 0x0, {0x4a5809fa938147a0, 0x0, 0x6}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x4}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x8880}, 0x4)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000340), 0xc01, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000006c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_DELTABLE={0x70, 0x2, 0xa, 0x301, 0x0, 0x0, {0xc, 0x0, 0x7}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x5}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x4}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWFLOWTABLE={0xe0, 0x16, 0xa, 0x201, 0x0, 0x0, {0xc, 0x0, 0x6}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xffffff43}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_HOOK={0x7c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'batadv_slave_1\x00'}, {0x14, 0x1, 'ip6gre0\x00'}, {0x14, 0x1, 'vlan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'gre0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x29e}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x104, 0x18, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFTA_FLOWTABLE_HOOK={0xe4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x5f1b}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0xb8, 0x3, 0x0, 0x1, [{0x14, 0x1, 'batadv_slave_1\x00'}, {0x14, 0x1, 'caif0\x00'}, {0x14, 0x1, 'nr0\x00'}, {0x14, 0x1, 'team_slave_1\x00'}, {0x14, 0x1, 'veth1\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'ip6_vti0\x00'}, {0x14, 0x1, 'macvlan0\x00'}, {0x14, 0x1, 'syz_tun\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x3}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x4}]}], {0x14}}, 0x2a4}, 0x1, 0x0, 0x0, 0x10}, 0x8481)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r1, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x5c, 0x3, 0x8, 0xc02, 0x0, 0x0, {0x7, 0x0, 0x9}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x1b}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x884c}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20004000}, 0x48000)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000840)={r0}, 0x8)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000880)={r1, r2, 0x20}, 0x10)
r3 = openat$cgroup_ro(r1, &(0x7f00000008c0)='cgroup.events\x00', 0x0, 0x0)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0)
openat$cgroup_ro(r4, &(0x7f0000000940)='io.stat\x00', 0x0, 0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000a40)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000ac0)={{{@in=@empty, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@dev}, 0x0, @in6=@private1}}, &(0x7f0000000bc0)=0xe8)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000d80)={'ip_vti0\x00', &(0x7f0000000d00)={'tunl0\x00', <r7=>0x0, 0x10, 0x700, 0x6, 0x2, {{0x17, 0x4, 0x1, 0x9, 0x5c, 0x65, 0x0, 0x2, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x33}, @dev={0xac, 0x14, 0x14, 0x29}, {[@generic={0x44, 0xd, "24a2be89ded75611baf16d"}, @ssrr={0x89, 0x1f, 0x4f, [@broadcast, @empty, @loopback, @empty, @local, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @rr={0x7, 0x7, 0x39, [@broadcast]}, @end, @generic={0x83, 0x9, "083d6f7bc3edb6"}, @noop, @ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4, 0x1}]}}}}})
sendmsg$TEAM_CMD_NOOP(r5, &(0x7f00000012c0)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001280)={&(0x7f0000000fc0)={0x2b4, 0x0, 0x800, 0x70bd2d, 0x25dfdbfc, {}, [{{0x8}, {0x17c, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r6}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8, 0x6, r7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x84, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x54, 0x4, [{0xfff, 0x3, 0x3f, 0x5}, {0x0, 0x8, 0x5f, 0x9}, {0x0, 0xab, 0x7c, 0x9}, {0x5b8d, 0x80, 0xd8, 0xffffffca}, {0xfff, 0x1, 0x0, 0x40}, {0x7, 0x59, 0x8}, {0x8, 0x20, 0x5, 0x8}, {0x0, 0x2, 0x5, 0x9}, {0x1, 0x20, 0x0, 0x1}, {0x800, 0xae, 0x30, 0x101}]}}}]}}, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}]}}, {{0x8}, {0xd0, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x35}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}]}, 0x2b4}}, 0x24040800)

07:07:46 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  377.178222] erofs: unmounted for /dev/loop2
[  377.186575] erofs: read_super, device -> /dev/loop4
[  377.216964] erofs: options -> 
07:07:47 executing program 5:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7cc, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x8000000000}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mq_notify(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x6, 0x2, @tid=r0})
r1 = openat$md(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$BLKPG(r1, 0x80480911, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000280), &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc)=0x4, 0xb, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1c0000000, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f0000000080))

[  377.316671] erofs: unmounted for /dev/loop4
[  377.361047] erofs: read_super, device -> /dev/loop2
[  377.366179] erofs: options -> 
[  377.428331] erofs: unmounted for /dev/loop2
07:07:47 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7400, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:07:47 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x2000000}], 0x1, 0x0, 0x0, 0x0)

07:07:47 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  377.793459] erofs: read_super, device -> /dev/loop4
[  377.813860] erofs: read_super, device -> /dev/loop2
[  377.818327] erofs: options -> 
[  377.848143] erofs: options -> 
07:07:47 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  377.894625] erofs: unmounted for /dev/loop4
07:07:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x4000000}], 0x1, 0x0, 0x0, 0x0)

07:07:47 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  377.966124] erofs: unmounted for /dev/loop2
[  378.000789] erofs: read_super, device -> /dev/loop4
[  378.017666] erofs: options -> 
[  378.070836] erofs: read_super, device -> /dev/loop2
[  378.101198] erofs: options -> 
07:07:47 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x5000000}], 0x1, 0x0, 0x0, 0x0)

07:07:47 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x23, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  378.150146] erofs: unmounted for /dev/loop4
[  378.192276] erofs: unmounted for /dev/loop2
[  378.284516] erofs: read_super, device -> /dev/loop4
[  378.315190] erofs: read_super, device -> /dev/loop2
[  378.333068] erofs: options -> 
[  378.377835] erofs: options -> 
07:07:48 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x6000000}], 0x1, 0x0, 0x0, 0x0)

[  378.428254] erofs: unmounted for /dev/loop4
[  378.452118] erofs: unmounted for /dev/loop2
[  378.543587] erofs: read_super, device -> /dev/loop4
[  378.555524] erofs: options -> 
[  378.596432] erofs: unmounted for /dev/loop4
07:07:48 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7500, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:07:48 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x60, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:48 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000400), 0x3196c170a3a0099f}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
renameat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000340)='./file0\x00')
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@gettaction={0x30, 0x32, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@action_gd=@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xff}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x0, 0x1}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8}, 0x40034)
perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000003c0)={0x0, 0xffffffffffffffff, 0x0, 0x13, &(0x7f0000000380)='cgroup.controllers\x00'}, 0x30)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40086602, 0x400007)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xa7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x40000, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x6}, 0x0, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000100)=0x400)
write$cgroup_int(r2, &(0x7f0000000200), 0x33000)

07:07:48 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x7000000}], 0x1, 0x0, 0x0, 0x0)

[  378.784489] erofs: read_super, device -> /dev/loop2
[  378.786941] erofs: read_super, device -> /dev/loop4
[  378.841830] erofs: options -> 
[  378.857644] erofs: options -> 
07:07:48 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:48 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:48 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000000080)="03", 0x1, 0x640}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000daf4655fdbf4655fdbf4655f0000000000000400800000", 0x1f, 0x4400}, {&(0x7f0000012800)="8081000000180000daf4655fdaf4655fdaf4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}], 0x0, &(0x7f00000001c0)=ANY=[])
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x1000}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(&(0x7f0000001780)={0x3, 0x80, 0x0, 0x0, 0x81, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x4, 0xd29, 0x7, 0x0, 0xfffffc00, 0x100, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x0)
syz_open_dev$vcsa(0x0, 0x3, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x1)
preadv(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in=@private}}, {{@in6=@remote}, 0x0, @in6}}, &(0x7f00000001c0)=0xe8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4c0)
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000002, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat$null(0xffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)

07:07:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x7000080}], 0x1, 0x0, 0x0, 0x0)

[  378.953159] erofs: unmounted for /dev/loop4
[  378.957702] erofs: unmounted for /dev/loop2
[  379.072212] erofs: read_super, device -> /dev/loop2
[  379.092475] erofs: options -> 
[  379.093029] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[  379.119353] ieee802154 phy1 wpan1: encryption failed: -22
[  379.155866] erofs: read_super, device -> /dev/loop4
07:07:48 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd9, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  379.186455] erofs: options -> 
[  379.202262] erofs: unmounted for /dev/loop2
07:07:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x8000080}], 0x1, 0x0, 0x0, 0x0)

07:07:49 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  379.347630] erofs: unmounted for /dev/loop4
[  379.360056] erofs: read_super, device -> /dev/loop2
[  379.390955] erofs: options -> 
[  379.532985] erofs: read_super, device -> /dev/loop4
[  379.569911] erofs: unmounted for /dev/loop2
[  379.587058] erofs: options -> 
07:07:49 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7600, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:07:49 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0xc, &(0x7f00000000c0)=0xffffffff, 0x4)
ioctl$VHOST_SET_VRING_NUM(0xffffffffffffffff, 0x4008af10, &(0x7f0000000000))
preadv(0xffffffffffffffff, &(0x7f00000008c0)=[{&(0x7f00000002c0)=""/192, 0xc0}, {&(0x7f0000000380)=""/170, 0xaa}, {&(0x7f0000000a00)=""/14, 0xe}, {&(0x7f0000000680)=""/171, 0xab}, {&(0x7f0000000440)=""/77, 0x4d}, {&(0x7f0000000740)=""/99, 0x63}, {&(0x7f00000007c0)=""/112, 0x70}, {&(0x7f0000000840)=""/101, 0x65}], 0x8, 0x7, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000240)={0x2, 0x4e20, @multicast2}, 0x10)
sendto$inet(r1, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r1, &(0x7f0000d7cfcb), 0xffffffffffffffcd, 0x0, 0x0, 0x53)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x20040ffe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
ioctl$sock_inet_SIOCDELRT(r1, 0x890c, &(0x7f0000000980)={0x0, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x24}}, {0x2, 0x4e22, @local}, {0x2, 0x4e24, @multicast2}, 0x17, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000940)='team_slave_1\x00', 0x19, 0x7, 0x874})
sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000280)=[@window, @window, @window, @mss={0x2, 0x7}, @window, @window, @sack_perm, @timestamp], 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000200), 0x88)
sendto$inet(r0, &(0x7f00000004c0)="34e2de4d8d957a8de4e490b6cd20b988d4edef164bd3377aa381b5f50b7ca40a516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe052e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x6050, 0x805, 0x0, 0x0)

[  379.725954] erofs: unmounted for /dev/loop4
07:07:49 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x9000000}], 0x1, 0x0, 0x0, 0x0)

07:07:49 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  379.871237] erofs: read_super, device -> /dev/loop4
[  379.884209] erofs: read_super, device -> /dev/loop2
[  379.890617] erofs: options -> 
[  379.919306] erofs: options -> 
07:07:49 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x20000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:49 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x383, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xa000000}], 0x1, 0x0, 0x0, 0x0)

[  380.002909] erofs: unmounted for /dev/loop4
[  380.009685] erofs: unmounted for /dev/loop2
[  380.115985] erofs: read_super, device -> /dev/loop4
[  380.143830] erofs: options -> 
[  380.146285] erofs: read_super, device -> /dev/loop2
[  380.182112] erofs: options -> 
07:07:50 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xb000000}], 0x1, 0x0, 0x0, 0x0)

07:07:50 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x385, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  380.275486] erofs: unmounted for /dev/loop4
[  380.289936] erofs: unmounted for /dev/loop2
[  380.403538] erofs: read_super, device -> /dev/loop4
[  380.431168] erofs: options -> 
[  380.479300] erofs: read_super, device -> /dev/loop2
07:07:50 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x60000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  380.520592] erofs: unmounted for /dev/loop4
[  380.521507] erofs: options -> 
[  380.634325] erofs: unmounted for /dev/loop2
[  380.672471] erofs: read_super, device -> /dev/loop4
[  380.677539] erofs: options -> 
[  380.704479] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  380.755703] batman_adv: batadv0: Removing interface: batadv_slave_0
[  380.798945] erofs: unmounted for /dev/loop4
[  380.802998] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  380.816589] batman_adv: batadv0: Removing interface: batadv_slave_1
[  380.825899] batman_adv: batadv0: Removing interface: macvtap2
[  380.833860] batman_adv: batadv0: Removing interface: macvtap3
07:07:50 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7700, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:07:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xd000000}], 0x1, 0x0, 0x0, 0x0)

07:07:50 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x386, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:50 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xd2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0x43408)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46f2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x80, 0x8, 0x0, 0x20, 0x0, 0x6, 0x9, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x2, @perf_bp={&(0x7f00000002c0)}, 0x80, 0x4c7a402e, 0xffc00000, 0x2, 0xab8, 0x3, 0x3ff, 0x0, 0xf, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000240), 0x4)
r3 = accept4$tipc(r0, &(0x7f0000000000)=@id, &(0x7f0000000300)=0x10, 0x800)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r3, 0x8982, &(0x7f0000000340))
close(r1)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x5, 0x4, 0x0, 0x0, 0x0, 0x24240, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x56, 0x0, @perf_bp={&(0x7f0000000280), 0x9}, 0x0, 0x0, 0x7, 0x7, 0x0, 0x1, 0x3, 0x0, 0xfff, 0x0, 0x3ff}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0xfb, 0x81, 0xf7, 0x5, 0x0, 0x0, 0x11094, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000500), 0xc}, 0x40000, 0x9, 0x7, 0x8, 0x3f, 0x374001, 0x4, 0x0, 0x100, 0x0, 0x3}, 0x0, 0x5, 0xffffffffffffffff, 0x11)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'})
close(r2)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)={0x1c, 0x0, 0x3, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r0, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000540)={&(0x7f0000000440)={0x3c, 0x0, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac=@broadcast}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x38}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48810}, 0x0)

07:07:50 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x86030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  380.852621] device bridge_slave_1 left promiscuous mode
[  380.889615] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.916319] erofs: read_super, device -> /dev/loop2
[  380.931663] erofs: options -> 
[  380.940785] device bridge_slave_0 left promiscuous mode
[  380.952316] erofs: read_super, device -> /dev/loop4
[  380.961276] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.980642] erofs: options -> 
07:07:50 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3ac, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  381.013184] erofs: unmounted for /dev/loop2
[  381.019674] device veth1_macvtap left promiscuous mode
07:07:50 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x88030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x19000080}], 0x1, 0x0, 0x0, 0x0)

[  381.068020] device veth0_macvtap left promiscuous mode
[  381.080670] erofs: unmounted for /dev/loop4
[  381.106064] device veth1_vlan left promiscuous mode
[  381.124139] device veth0_vlan left promiscuous mode
[  381.140666] erofs: read_super, device -> /dev/loop2
[  381.154850] erofs: options -> 
[  381.172963] erofs: read_super, device -> /dev/loop4
[  381.216218] erofs: options -> 
07:07:51 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3ba, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:51 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  381.256686] erofs: unmounted for /dev/loop2
[  381.283828] erofs: unmounted for /dev/loop4
07:07:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x1a000080}], 0x1, 0x0, 0x0, 0x0)

[  381.345198] erofs: read_super, device -> /dev/loop2
[  381.366310] erofs: options -> 
07:07:51 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3bb, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  381.399859] erofs: read_super, device -> /dev/loop4
[  381.412442] erofs: options -> 
[  381.453802] erofs: unmounted for /dev/loop2
[  381.547695] erofs: unmounted for /dev/loop4
[  381.615224] erofs: read_super, device -> /dev/loop2
[  381.623605] erofs: options -> 
[  381.685302] erofs: unmounted for /dev/loop2
07:07:51 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7800, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:07:51 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x93000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x1d000080}], 0x1, 0x0, 0x0, 0x0)

[  381.839762] erofs: read_super, device -> /dev/loop4
[  381.859196] erofs: options -> 
[  381.944131] erofs: unmounted for /dev/loop4
[  389.964039] device hsr_slave_1 left promiscuous mode
[  389.971483] device hsr_slave_0 left promiscuous mode
[  389.989283] team0 (unregistering): Port device team_slave_1 removed
[  389.999802] team0 (unregistering): Port device team_slave_0 removed
[  390.009598] bond0 (unregistering): Releasing backup interface bond_slave_1
[  390.020447] bond0 (unregistering): Releasing backup interface bond_slave_0
[  390.049025] bond0 (unregistering): Released all slaves
07:07:59 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc7010000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:59 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3bc, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:07:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x20000000}], 0x1, 0x0, 0x0, 0x0)

07:07:59 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7900, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:07:59 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000500)='map_files\x00')
fchdir(r0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000049180)={0x0, [{}, {<r1=>0x0, <r2=>0x0}, {0x0, <r3=>0x0}, {}, {<r4=>0x0}, {<r5=>0x0, <r6=>0x0}, {0x0, <r7=>0x0}, {}, {0x0, <r8=>0x0}, {0x0, <r9=>0x0}, {}, {<r10=>0x0, <r11=>0x0}, {0x0, <r12=>0x0}, {}, {0x0, <r13=>0x0}, {}, {}, {<r14=>0x0}, {<r15=>0x0, <r16=>0x0}, {<r17=>0x0, <r18=>0x0}, {0x0, <r19=>0x0}, {<r20=>0x0, <r21=>0x0}, {0x0, <r22=>0x0}, {0x0, <r23=>0x0}, {}, {}, {0x0, <r24=>0x0}, {<r25=>0x0, <r26=>0x0}, {}, {0x0, <r27=>0x0}, {}, {0x0, <r28=>0x0}, {<r29=>0x0}, {}, {}, {0x0, <r30=>0x0}, {<r31=>0x0}, {<r32=>0x0}, {}, {0x0, <r33=>0x0}, {}, {}, {0x0, <r34=>0x0}, {<r35=>0x0, <r36=>0x0}, {}, {}, {<r37=>0x0, <r38=>0x0}, {}, {0x0, <r39=>0x0}, {0x0, <r40=>0x0}, {0x0, <r41=>0x0}, {<r42=>0x0}, {0x0, <r43=>0x0}, {0x0, <r44=>0x0}, {}, {<r45=>0x0, <r46=>0x0}, {<r47=>0x0}, {}, {0x0, <r48=>0x0}, {}, {<r49=>0x0, <r50=>0x0}, {<r51=>0x0}, {<r52=>0x0, <r53=>0x0}, {<r54=>0x0}, {0x0, <r55=>0x0}, {<r56=>0x0, <r57=>0x0}, {0x0, <r58=>0x0}, {}, {}, {<r59=>0x0}, {}, {}, {}, {<r60=>0x0}, {0x0, <r61=>0x0}, {<r62=>0x0}, {}, {}, {0x0, <r63=>0x0}, {0x0, <r64=>0x0}, {0x0, <r65=>0x0}, {0x0, <r66=>0x0}, {}, {0x0, <r67=>0x0}, {}, {<r68=>0x0}, {<r69=>0x0, <r70=>0x0}, {<r71=>0x0, <r72=>0x0}, {<r73=>0x0}, {0x0, <r74=>0x0}, {<r75=>0x0}, {}, {<r76=>0x0, <r77=>0x0}, {}, {0x0, <r78=>0x0}, {}, {}, {<r79=>0x0, <r80=>0x0}, {}, {<r81=>0x0, <r82=>0x0}, {0x0, <r83=>0x0}, {}, {}, {<r84=>0x0}, {0x0, <r85=>0x0}, {<r86=>0x0, <r87=>0x0}, {}, {0x0, <r88=>0x0}, {}, {}, {<r89=>0x0}, {<r90=>0x0}, {<r91=>0x0}, {}, {}, {}, {<r92=>0x0}, {0x0, <r93=>0x0}, {}, {<r94=>0x0, <r95=>0x0}, {}, {<r96=>0x0}, {0x0, <r97=>0x0}, {<r98=>0x0}, {}, {}, {}, {0x0, <r99=>0x0}, {<r100=>0x0}, {<r101=>0x0}, {<r102=>0x0}, {}, {<r103=>0x0}, {}, {}, {}, {0x0, <r104=>0x0}, {}, {<r105=>0x0}, {<r106=>0x0, <r107=>0x0}, {<r108=>0x0, <r109=>0x0}, {<r110=>0x0}, {}, {}, {0x0, <r111=>0x0}, {<r112=>0x0}, {0x0, <r113=>0x0}, {}, {}, {<r114=>0x0}, {<r115=>0x0, <r116=>0x0}, {}, {<r117=>0x0}, {}, {<r118=>0x0}, {}, {<r119=>0x0}, {}, {0x0, <r120=>0x0}, {}, {<r121=>0x0, <r122=>0x0}, {}, {}, {<r123=>0x0, <r124=>0x0}, {}, {}, {<r125=>0x0}, {}, {0x0, <r126=>0x0}, {<r127=>0x0}, {0x0, <r128=>0x0}, {<r129=>0x0, <r130=>0x0}, {}, {}, {}, {}, {<r131=>0x0, <r132=>0x0}, {0x0, <r133=>0x0}, {<r134=>0x0}, {<r135=>0x0}, {}, {}, {}, {<r136=>0x0}, {}, {<r137=>0x0}, {0x0, <r138=>0x0}, {<r139=>0x0, <r140=>0x0}, {<r141=>0x0}, {}, {0x0, <r142=>0x0}, {<r143=>0x0}, {}, {<r144=>0x0}, {0x0, <r145=>0x0}, {}, {}, {}, {}, {<r146=>0x0, <r147=>0x0}, {}, {<r148=>0x0}, {}, {}, {}, {}, {<r149=>0x0}, {}, {<r150=>0x0, <r151=>0x0}, {<r152=>0x0, <r153=>0x0}, {}, {}, {}, {<r154=>0x0, <r155=>0x0}, {}, {<r156=>0x0}, {<r157=>0x0}, {}, {<r158=>0x0}, {<r159=>0x0, <r160=>0x0}, {0x0, <r161=>0x0}, {}, {}, {}, {}, {}, {0x0, <r162=>0x0}, {}, {}, {}, {}, {}, {<r163=>0x0, <r164=>0x0}, {}, {0x0, <r165=>0x0}, {0x0, <r166=>0x0}, {<r167=>0x0}, {0x0, <r168=>0x0}, {}, {<r169=>0x0}, {}, {<r170=>0x0}, {<r171=>0x0, <r172=>0x0}, {}, {<r173=>0x0}, {<r174=>0x0, <r175=>0x0}, {}, {0x0, <r176=>0x0}, {}, {0x0, <r177=>0x0}, {0x0, <r178=>0x0}, {0x0, <r179=>0x0}, {}, {0x0, <r180=>0x0}, {0x0, <r181=>0x0}], 0x0, "dc66b42d73a84c"})
r182 = perf_event_open(&(0x7f0000000840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000380))
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r182, 0xd000943e, &(0x7f00000018c0)={0x0, 0x0, "91abfaf5318dc23defc34dab2142bcd3e63103791af6057d4ba5752ff38a7158af5fce3907d2cb435b40f7ef0b5e67fad61865732c92dd0e7ae2f69e5effd0bb0ec6cd15da631f0c0771377bf8df190eb5f3bf4e3388707c4e460c3c5c7507d403e66519abb4d8a7362681a945d9c7a2a8194c91e3b847ed652e6135598b4ac14e9b70fd57823e6e234e3cd5445cb8a01c2ae2ed58177baac5ce989d2cf3f90c34b3bfe1f82cea05f6574f21dbdf64f02146f77f0bc666a57310144053c03bba38c09d1b8e7635135395795bcb82073981a197283f77c7f3214ef5c80cb17cc9c3c0a914e3a4ac1ff05b3ca4cb4e15a98253f76e324f23989c96367c8bfa078e", "00289ceed27210401f58b825e1d085419dee697ac4767b249f4a125c0e8161bd7070d80e467ebf8eedd5c0d6516b43c7d4e4110b94f800f014068aaec0edec5a80c772fb3aade77a357af3f53eaf75c990434536bf8cbc111ebc2156f6d97aa59cb3a7474079a12da90f78e227e79da607412374af85c3accbf96127662362fc42f89b12b7406ba707f77006862ef6336bdfe0e032a2bcf9b58f3af3d2af826a083509a4398c3f3305421245b67c0b86266e41e62a5627af863e8215cfc6e85b52cb944274fb45e9e72b0b8fa4502d8ac5b9ddd793a12a1b0a27644d652506fbdbfa7f4fb171ce915b86e98109ff78a314a7f21be5d62219df436f08c00309c52d584d30024b672ee01b20eef31f289aaddb01252522cd73858a3a95cb34a38e2e48e8a4fd409fdcb5e590ad65e8e6b1b22afd084ffea1e0aea4fe1c51c6e54b3358580a2cdb72cc67d9c37f4598770aa3d7f9944d027e40ce2e379587e9a96bfb1d05822682d968336178f43d27dcf4c093b92592e5efd0213380d09187b5d6add90c67d0ef7db2b72a605cfd7f89d529d4d5a98c9a36090506c72c154dfb0b0ecffeede8a4da38f294a848a8c66fd09e91a586f37f997c907a49e6489ce22432da47e81c51d8d1f55f0625bee8127a3f0a1282a7a35d7b437376cddd3fc02ae148f84cfae1de006066df056a8f08f354f37529157f096bbd4e7ff6b6bcbe599b4092f7123c2643f5bea75f2906fb88d1f4bef2a31260a882a056db26b4bc432824111579ba9b293f089274166ccbcbcda610dbc54b3668e966625a702691fa9556d71cf9aa3b45abfdb9a89ea4be537e837bf1a7c312ef5861e1529a4b02783340c6cc065d439d99865419650c2b47596597c9f9a1a678b245bd86769ee44c6599a2ffa35174dca6e20ad13bd54e89bbbfe5a060d0e091b841d82049ead90a9d9bd0105773146b83f9fc06db8a178c4e5306bd79a4b6f9f413eb9e21236b0b8445d8e50094ad428b085c71cde542e965564ff66ddffea4ca56866d4920e55473da1ccac2134a6472b37afdfbd4732c09c2292beeb7db938f9a5ab1b4edf911285e97afb654b30faed0943573c143e5c7dc26bc4e3aecac8277d4772512624d53653633eee8fc48d48e2ffb2b543f82fd06fba4b6a4d6a550a356f79a1d68a7c54cf5c14c94dd91eed2e86b59e8c9a6a28772bcf21bc31a891b0579aca76aecabccb37d3c0ff2f20a7950d471c2e5af533466eceed4d1c828d31b1f4d099a59904109950a987e5b5d43f2236e5c50977762a1f1fe44312381a5ff5b98202182e213c9127cd29d486a7cc01eb9c1f57de2962f1d12d6b4e29abb8e83ef85f613a954d62c3f520de95a6c0828c6fe182b9f3d6b6acbef65cf760cd9eef883bcf0c372bd1fe6ea92b5ce2bb384edd3f50e294984a864f81d506b3adf8f4af6e082fb08af11cfc9efcd2737e3037723be98a2cee58a2f50d14389f8b6dcd256e675bf0ec4430e270be10c899d9360388da15865e7ded64c633fbb4b5b0d3beb7f21caf552f68694a4370c30a9c186a211bc9a3b760a4056009be06dc99e27184164e6347f85f9185eb8d9307b2f80a82f3be06abe568f9cb77492605476892e060ed36549e0a689fd11d1ba48328c19d467ffa01dcfe0400067c2bf9d62490056e5ee4e7f9a9b398add203a4e9dff56749f055d0571d58fc1f5aa4bcf5b69bb3928bea962367b56744e69eed5f4901bcd4f78411ecfcee5cbc02e18f37ec7ab4b7dc5423d0ebb40cc0bb280dd15c4470c77afa9131df0c67c4bf7a74bfc6ec6de92a9f959dc1c7964a0496741bb1a61832fd601c528b685c2e3e113d60427e32f42de7ab4e51edd925c4be66983c1153f4bcb0f0532230ccbd53892f7e7b3458d007b752fa9f120b0d6f3354856e2af1889e4f32140ad612834d167e25dae80b43a1b32ea2d5ff465ae6b74a33c5f6afe09410df1cebfe6c5e130aea8a042e2f583a1179dad3f8be48b02c25c7fcbc8b00314cf0900847c2f4eb527b1e24ff4c09ab4f5616a63bed2ef3aab2af74b13a6f96d600b71b55f5313f925b4fa456a421f6bb9da4180c781cc6efa20411d4f6a8d5c2495500a4d1e9c22850e23fe2b745d9082d628684c412803213b61da1742c3df66333b52ed634db0b1db7636e5caef8b79bb90f08e0fe7c8b8c505be6444c029d9176bb2d15cfe5cd8eb304010742c83ac2e047bc36f1c50e93b9d033f0fcf8049e580d484ac096825d561067e0503bd882eec1db5c29900eb17e4baa953b649001d94a20e701b11d3c5924dc23114919305f0099c2f506cb46a59816c18560800bc1a7d3037efa62150759245e0bd180650fff5cbc7d16bce4108d9cf834ee888f574f9a3cba0d65dd0976b4be97bf966c5909529b33b7e5ee8378460b15bd62a00a2c06359b25c034952108c788d2dece6048a14172d44745534a375a6238a2a0f6ade373c142dc371a96f235e3ef2a6043bd9085ef0566ab79a3cd29274feae51b76969b404e8a184856131fd30115e00cf75dccb8387ff4fdbccaa85d04c90ea901fb284b93297132fc0f78c026a8b0f93c2261fc5ed31cd7b4b0d5fed6ea17bfcea46839d34436803484ebcd411bd57a0c0a18f5f89463a9aa913f6b5acd1a61fb39a01b9404ce886ab983bfdb0a2dc3a0d06afba83528edff4d0f1071556bcbb76cc7f106343b9913db1aff7d1bde6dbf7108d83d60fa5128ad291abcd1d39740cc0a1006462b5f44d66d0ffc31832e795aa79bed61eb4b24783d4cd6f1aa772f1bd5e85a260bc97b8389acc8dc1585f962611c426ff40a9bd0e95b99a1ebaa6ea50f648dbec15971698f8473a28d84ef6c3c33ed789423c722027720dfca789b808561318084c078efd6d47695f18b4753b58eeaf1398cf98082a6a911cd0b52ec8f0c4a83bfa94450fcaf18927d26a57a17ef3b353d8307f2b84e927ffdc1ae0e0c2414afb54cba6c06bf06f44cae4482c6f87be70a4431b8b119c3b44f9aa8e23ee401065bc717f7302812e676196adc281c9720652a6eaef5965d6c80e8e0b69050c926e83cff069fd75b3435b387ee5e8cffa9fe0bcd14d802f40b63dbb5fa419f5a9ac71ac908fd54f34fb0a5629ce5aa2eb7b466f9ea11d19ffe1acd4f606c68b919cb1017478976661740bb10f200dca3a0dba3d03d18fa3cd4adbd590ce15b8e67774d3ef9dccadc0eb1eb071b22161161cf4ee679ae7e1d02f9dd1f1c163999ca721ad875c9b21d9d38c3cb26b44d4710040d1683f5844716902d918cfedb4f2f965a85c1195575777215bca46f53538fe709d0aeb32541c9891b1a293b5abb624fd4854dd6976902b3bb6223ed119ac0295919e3934699ec0fc334dfd31572843f5067418bc23fb3b136e8759a6763f5f40891b05434f1219f88048327bb4608535129e76f2c3f1e55cd0b42b2ef23d5fe9cfdc50566b172f40467e02831d1362a2290b8e2191ed9857fe5cef03a33ce3461bbf86448220da1bbdf12b889befd401f208da9ecdbcdb1bb9dba5c049de207ba6d26680adbc1e2f827d8e31700df39ff7efb3c86061b325d2e51d52ecc88b89ffa5804899cbf95f2a7112b285c4cb114254379aaafa0217327c6b803ab8515968305c290a3c81467dfa10f1e7342d98f80a030ce605c9c999ff2a9314b433a222b6f1cb2f76111d0babc08ed1214d95873602336d7df4e7887465d28c34f8616f687c50777237b5f3bf7852e921f909238e0b809dc8b775716ea5ece16ac0128e0e9f834e40ccf14237771d4fb13af48599e6f6cd76e5845021c7252e0739b6b43d236019c2cdff3cb1776d79ed922a908f4740c5b0e1138972ee89428db8a5bdb51c2a5dd6e742e5214a301308f955c58ec20873e98271c97f72f4faa1417aebe1613f7496cb6a2723e1b152b761ef6c0fd0dc33f11856ae67665e2c10eeb070456fe309179e6e8576ff13fb9839371a8e7bd07d95d55089f9cbb59e010b3bafe372519a8ba7d70d3842f712d66a53cee1c8c28b7f4832559e07db2bf5ef6b9cc999a6d930e09f596715e2798c290691c0839f8b1b95c18fbecd21a5ed163cfd221de4039d1ac6d949d8ff6f3456a5e9cb039d294bfe73675f044dc3ea61ca7263e750f207ca908d415c5adedad0696ea0a4f6dac56128bb882dac564e22d7fe71cc3b1265089626e4d772db5304810b92a79af045fe84227b8390197c8324c8c9c4b1df86ad146186a345b18583be1ad6713f2698ea56ca3fc8c07073488270cad2121a8ce202bafbfb265580d7531961d425305af29c1e5352d3efb1a130ccbc663cf363315ed5b0ea83728eb218bbfe6701d0a16f9cca7579a250dfde54f7a0d3fdf058b09241b58167a47202fd4389813f0d76a761b3b3f88bd5325211253561767fa9afcab0e4d078e91f94e75a4f92fa088c56b28477ba02aa051528ab12091c6b857bbf32a17153e571ff599134bcc7de06b44c4245ca12b8c08dbfd646f50edaaa917c6d7851eb81f1825ad4756fcd55bcd06490b7d4710f127cf320606bd46debe36dd37c17fecea4e3a90d01a539b8064d900a8cb664a7d4b574e987e21f0d27faf1439acd6cb11286a6b2d44a627a96fb1f83077284b0729712cdb959bf7ff38a2c8d415d1872aa67ce1b56c19f88ff10322481202a2e8e368c913cc2ede8fe5a2f4d95c0ccc182dc32c013fc2becd577bad1c33a2c112a3470cdd829c4d8b8e455be15a58caa4934a4e3baa847e772c97912b3a97c09e5ededdfa5c9f6d6d8e0ce8494644b433621be20f512956798005d311642fc88d7d0052cca329b11a7fbdc28838bb69ae43c30b727e286b140d505b9fe561054f0acaf3c0385565286dec185843cdce923135ca09f08808e22dde61b75547de0715c1e236e1b48fe355b2acba59a4efd38180eb3a3fff7ef02ad722ba19ebcece5e0e1cb2be5a8d6d3cd26dae28b2698fe7a9e3fed250b6a0b9a625147e7915613ddf80999243c6944268960e062515f80dc05b271b03385e11b46b5bbeeb36694816540e891d30590953716fcf3fc7d330f421e39d6b232e6827cabd026da4844a6a5fb84c5dcb29aead8417409ecb194e84f463f17505cc20eae9487d515fff2cca56fb6ccc3d3c97583740ddafefce139074fb3caf950c874ff21d66854fde467ee7b863205f899f6d50e1c9ab58b3bef8c0393cc033d8043c551a226db96793934d08b24d3de61d316ba3a66fb8356eef038be4393ccfae792747e0f110f3b3439920115882a3dec8dcaebee3d9d7558b76db56824d554e8e0a286a845531361c421bcbf6a7c6bc2e0149cf4832deb3e721587f2c4af8b200f6ca4f544e626bd51e434fcffb6fb8808daa2336982d86db16d796779f83aa9b64134517163dc73fc661d451e1f"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000005fa40)={0x7, [{}, {}, {r52}, {}, {0x0, r176}, {r14}, {r59}, {}, {}, {}, {r148}, {}, {r106, r179}, {0x0, r120}, {0x0, r58}, {0x0, r36}, {r10, r97}, {}, {r98}, {}, {}, {r171}, {r47}, {r157, r133}, {0x0, r93}, {r29, r21}, {}, {r141}, {r35, r87}, {r158, r133}, {}, {}, {}, {r127}, {r139, r99}, {r167, r111}, {0x0, r33}, {r31, r95}, {r117}, {0x0, r38}, {r143, r172}, {0x0, r166}, {}, {}, {r25}, {r103, r116}, {r154, r147}, {}, {r96, r113}, {r137}, {0x0, r162}, {0x0, r3}, {0x0, r109}, {r76}, {}, {r144, r161}, {r29}, {}, {r169, r78}, {0x0, r160}, {}, {}, {r131}, {}, {0x0, r39}, {0x0, r140}, {r125, r30}, {}, {}, {}, {r149}, {r121}, {r163, r2}, {r94}, {0x0, r132}, {}, {0x0, r43}, {0x0, r46}, {r108}, {}, {r51, r104}, {r37}, {r152}, {}, {r84, r12}, {r136}, {}, {0x0, r145}, {}, {}, {}, {}, {0x0, r44}, {0x0, r24}, {0x0, r80}, {}, {r173, r13}, {r49, r138}, {}, {}, {r56}, {}, {0x0, r23}, {0x0, r178}, {0x0, r175}, {0x0, r18}, {r112, r67}, {r79, r130}, {}, {0x0, r57}, {r159}, {0x0, r7}, {0x0, r40}, {r174, r70}, {0x0, r168}, {r47}, {}, {0x0, r177}, {}, {r54}, {r90}, {0x0, r66}, {r20}, {}, {r134}, {}, {}, {}, {}, {}, {0x0, r27}, {r54, r30}, {r110, r128}, {r100, r13}, {}, {}, {r15}, {r103}, {r45, r172}, {r108}, {}, {}, {r94}, {r102}, {0x0, r126}, {r17, r8}, {0x0, r85}, {r115, r48}, {}, {}, {r86, r142}, {0x0, r9}, {}, {r92}, {r108, r165}, {0x0, r8}, {0x0, r53}, {r1, r153}, {}, {r112, r82}, {0x0, r177}, {}, {0x0, r151}, {r150}, {}, {0x0, r166}, {}, {0x0, r122}, {0x0, r176}, {}, {r69}, {}, {r32}, {0x0, r55}, {r143}, {r129}, {0x0, r6}, {0x0, r83}, {r75}, {}, {r167}, {0x0, r107}, {}, {}, {r51, r164}, {}, {r81}, {r73}, {r123}, {0x0, r36}, {r5}, {}, {}, {}, {r62, r64}, {0x0, r142}, {}, {r105, r50}, {0x0, r124}, {}, {}, {}, {r141, r28}, {r170, r88}, {}, {r68, r180}, {r127}, {r156, r85}, {0x0, r111}, {0x0, r72}, {}, {r60}, {}, {r118, r77}, {r119, r11}, {r101, r16}, {}, {}, {}, {0x0, r33}, {}, {0x0, r155}, {r4}, {0x0, r138}, {}, {0x0, r26}, {}, {}, {}, {}, {r146}, {0x0, r41}, {0x0, r65}, {r114}, {0x0, r18}, {r91, r74}, {}, {0x0, r178}, {}, {r102}, {0x0, r19}, {r115}, {}, {r135, r181}, {r32, r142}, {}, {r45}, {r71}, {}, {}, {0x0, r34}, {0x0, r160}, {}, {}, {0x0, r22}], 0x5, "d1ebf1795745ac"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000003c0))
r183 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
dup(r183)
ioctl$KVM_CREATE_VM(r183, 0xae01, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000000100)={0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r63}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r175}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r112}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r42}, {}, {0x0, <r184=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r89}, {}, {0x0, r61}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r21}], 0x3f, "ba65bf69df6fa4"})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000001100)={r184, 0x0, "911d1ff95ee4ab84bc63e682d68ce16bbbaca37b910137e3c499643f1bc1abde46d30981c22e8daee8a54ec82a431105f65b868a190dc0e9b3462ee2431a036c5c456026dfde60638df99c53cec3decab3c8a04da8215f6bcb147443431e3dd51f211534d76e8c1ee7f9be0f81dbdca4ee9255ad4cb2a9c2be1eaddc22b9ce46938c983ccab3215c72ab102e1276cda8d51b5034c7d9efb2c95ecb3d87b072b063e18093986132e1bd9fb16013ed4e179baa08244bcd0105032f5362f3a91a2a9025faca5c86ec694de7cf5c1df879c084996e66bd8f8fb448531e25266f7404291dd18ebf510362f7b1f44a3ef75f2d58bc8af159970bcb67181601f8a0f801", "61c965d7a81a5203998e001fad7601cd9e3449e6c0c0ceacbc545c0949c73f21984ba28f9aaebcfedabeec8ad5f49a25fe35823a570e5670cb5d7b6686fa45dd650719498e5aaec584c8c100cf90db7a4bc05c785e423abed68a5d439259ea55acca50f17c456fdbcac356a89c9eb5ddb39c69ff363143baa27cef8f50021b45cb467552ddd84441458a1fdacbed277735497213fb1d63f385c75ca9c4c1f9b45fddf0525b1706660fbf7eb8f268d79638a92c71a9f8681104369b19ce00630a078f14a0b8b133abc3075dcfcfd59f75289d2fdcb2b3f617de984dadbcea17a7f58b98a883ee44674d3d56e96ee865fd54b68968e3b2cc84bcc9d14cdf41e9be55b4eeab0ae150e188048380cce3b3343cc9d457560b277774d62351fb85c46d090ceb6f57a5579dab20ec65a0e92ea790ce6bdf7e94640ee531f7fe9ed52212832e6ad504f0765aa4ee9c6824406004474477bdad8985cc1985213c92ecb0d4d9306be134c129bc95636bc9fe3efc66e7ad0133b615a9aff68b6e35ef70a736a0e22a18e7dc7f0be5e68df586ab88a65ed8075f06230726845f8d8c37104e4d5714a9d5a0f5b9b7c248a6265c8c62465d813c5b1e708b4aaa2efc53d8147e0c6ea6354a58a3b67792df12400860551056ba39d75fd75f10ce7dd6a3635c6edc3fdbbe8c4f5ec325295566f683d73a4c6ece7b4b71e2ba82effeaf064d4f69f996b6e96b2682632d98a918e8e7894a0d0923b6f4af3a35b3d4321fad10f2de7e91c3b63ea53ddb83956c50e4d695f32b2b989ba0b7abc47cc31a95f08fbdbbbd66e2d2cdd63088ae4ddc9124575b60146c1b3a353d1d06775245e69d89f56ec2ceac1b20d7ff8d1f5a19a4ceb293b94e0923162ca1026ee611f16cb5903e6095b1893d9ce27214846ee31643298995a66c221c82263e4c4b69604c14efcc89eeae782295bab4e98bef46605d1c128a990eb38c0818dbb390411f8c388047e20e11ad72b8a18e4c560e00d699f18df132a8d8a66c7c9b5e58f4826f624223a52057cc0d17b0a419a49aee57a1918bd4a425b1eebaa9b35248ec86fe2ab87c8c9a295e21d7627749c9426db6a26f24e6a1a2c22792638e94676434c3e7e94b94529d1ec46fa5e2e6f9bb3202ee83b067061bc0a068f19b54ba1ce31a0cceee3ce8b7c3401f8ffc1212ba1a0303d8f5bb1074ef4bb67fa3b445781e2970664119b6c85ac745178efe8f7bd5c5b3813d2aab8ba204722bff7701f57e6b9f537600c25af5926ed1f8a01a07fd570c9fbfe5f1641d69bb314681f9b665e2b5194b9c19d4d6f821729c98f13a05c9705550d0d1322535cf1f408102111182f24acce764ca7994c0ca429848f3ade98a777dadc9bb13e029ce4a3d43e17c35c60999c49114d3f08d49fca7433e8277f60ecbca04f95e2c133ab7cb9d04287a8fb1dfd92bb8cf868faf636a149193ad5bb71ac3e91b66b94048eec2f3f83fc08fb6ee305447d80d7f36190627477674cb473f5cea0dd7f5234604f2b47692d5664bf18da6e2da4cf0c7b4c07e0f83d99de4083aaab7320fb1024a7f01106a20505341ee51c65d5b7139e3d14def900711fab04e23d97f4f76804d41d3c29a82d6a55fbbbb6f41e0aab007830d6e4562413547a22b5bf6964a19967464349ceee6ca5a7c4cd436eb3fecb9f4ced6478a39107a5f08340e0c353e7914ea3620a35365c3129e7e4e450dcead5fdc1cb5e03586041af187e0a635c33929a93a606279c9d8135f53f8afc39be2cfac26f8c05f509f3f30b4315517cb964710a48a9767c298b9797c1bf4e6c82342bae4648596a13c79e7df44d89f6b63f4ab331dcc2da29928d4968e1f5bce9444d0f3ced8b21ca820d92cee45891b9472fba9b7d9b7efed5fb3b71aeea5c75fa98ca3ce3366f11f96b258d194f6a319fdad040ead921a70a36409d80a72294b14c26fc70c907539e39114eef0be00cd4a3581b377f15c8e03ec419deef4586646fd05c48905860c66d67c0faad14605c1a0f08952302f712f59ef9b1526462ca82f7e389fc7dc866af03b20ed6be3a1ff6dedffb8f07a29302863fb5424c33d0990c0fcd42490906f9e4182c1710d46ae545a875534ab86c775e6194e772e635330a7916d0138afc9777cbcb3e0091ddc851108addaabecb81307ad53c8b4648782166dfaecb79269ec9fb2ea1426492653cb6757d06389a143617305a2e103abe8591da843ab5063e4e777b7eda50cd7264d2994e24be03a35ac1c7b8f85c3d8b17d20ade882baf25912e32e295d92fdaeb41d5de545ca4b4e82df6143590d2d8e41b26965acdd59becbc3185260eb3e0c012f56c37ea58e2b6a216e26d806f492acf57ebf30b87910c337c135f94b1bbd8fda2ad4f713b348b1c8ff71860683d123c92636396a1ce68bff4c1770c62eb9999f89f309cbd8314d9791264eb4eeeefdf511b3a1c94c0aa7b272d4710510cb2b43d279844b4bdedf212c717990531d9abcc98a7b4db2226b7d63670ea3c788cc9678385cb5fb9dae67fca09afeecb2cd9b42bd550bf5ed2214e29242c84ebea2b9c060afca31e73be5c0b9c186254309ac9cddd47d7a282307a9c8db0aace648bb97721bbeafb7dc973a53d075b8fe1e0d89e4818a11ef6701344725cdd37c3b15886f803c336f7407caf74da04de1123ab3ff22beb22a935a7ecca64db961ac0ddf0cfed5b1f04dea1ee7e7a5bb32dbdae1736b9f7fba19b0ab89ba4b019e4985ac6ead906c302bb2dd8995a3d7be8bc2411cf48dc60b1a45bea28a83b488dfd15c40a6dccf25bf9671766284889d80a52ffe2dec5dec1f3d5691f499e96fa274e66e42a4b68ea896a7ca3bb8021590b4495985ea22c7ee8af372763a3043a6ecedf9fcaaa6a2bd81a3aa94b6d245c16c5d54bec7a637bd9bd2e0419a6bdab2858cbde6853359e87638a6cf4c580ebb76dd51f11f68736afc56cdff70db7fcb5fe047649bf36142727fd82b2f3a5477b6bdd021e5362b7390784471adfbca07cbe834d13a9e199cbacae8abad4fe9ea36013f02e929d2225e1cf14074f41949690a1788c301139d98fd60cf5236127e55508b5c62b9996805d8c4f3bfcb085c6fbc2d54a5d42bd7943f304c93fc7fbef66e2f28a0e97f145adc3a1b92518cdce9a887e63fdc49ea7b8918b0b812f53a4936081e009b9ae8d7e9d161a09189ccd768ada4bb17c70e8d642f98e82b966520341627bbb579c569cba116567591f0bb89406d3933d390edfb7a79f90c530dcd222664189132a10a991371c26f6be54a5f661f96f8f3ce4fc221942f8968cfc4382e873390db0c5a4baaabe01783528df0629c3cfd4795966ed05d538e753c94ea5b9516bd5edea6da8d7bf3b707eaf0ee19851d83e4936f3013425d5fc8664a883d3fc727c12d7e4d0cb0fa6cf2a2ab97b10934d165b7e218dd7766b7fec5e547de9403ec251a4760d86b7c397ecd15c76c4a0b199631a259a939acbde916e5543db866943c2d0bdc65fe200f38944765ee6c5c0f5d86df5129db697464c690e9cb4699696fa4694730666919bf031a5535ded0f0e88407bfd0761dd36c63ae4ad44c23753078b9171f7a9a87751b118fe1a693ece02ca2f26045ed15015432d77dce34444d194f9086fe2e82ec25690dc903333e50c81280fb98f95ff01114498c537c83183124e1b6ba7e9f2bddb6327ad23dc13871b3258662aef6a8389be7764cbe04ebd18809e40b8e973462298ee6063cb87be081516e444d3978734745ace02b544180665071adae37124df2076fc373200f3866241d580909276980fc88d072a73b620eaf184e52e6825da52cab7a88642e97991f8c08a6d0b0358be5e95180368d26a9e7ca563476c4b5fe192678567f30f7f8f387124e09f96e968668d8952e32bca2d0929dcf82bdced1a7718e48ac0707a1c917839c7b981453a6b197986958ee5dcbb39042262fdc20dc9f79214f4dc5b7ea63b2761a466b8a41b7819013013b08dd0ef2977af1ebfdb9bebcaa7d2fc8a268403e1124bd355b722bc99ecd2628b1e4e29c29832cc77ac2ee476a4491a59654799fe614044b11cd593688b787a13c553bddd740e763c1db54af7f9194d9cd0383de17e2a4018550f2ff986f5a857995c230b3b91ec3d2ae6443d91f23904387e5a1361606d686218fa3534e2c6a8310d0fd708c5bb559e298c5ceba3cd2d0de0c6bdcc822174801c2c137e742d471269b7fbfadbaa123a46b06d465cafd57bc2927b5fddc0f3d3c59ed9f17adaf4404a4817e40aca40647909ca9fae614d48048f854cd48a215b03c757b6dc74e687a3493bc1b49addcc0f0bdb12e9afb4706055f4d2b3d14315e94050e5d7d58a11de883c1aeaf8dd179ad1391ed99e08c32b87767fc4181d4c800572619219810d3ceaa57d027d88b9051fcb987522ee8825aff6f96e7db124e0f12bd9bbc4abcb5ce14265b3016daf373ed2369e42a939c9b29f3d994193a3faa88f4cdaae46a5301b26003070e0f4e53263de8376c05742ebb8fa4cb320d5f02e1c6f1514872f942634061f4bd0900f4cc648bc0e08f0a727ef318c5f69ccf2f56c9b98cc5dcb4e99b02112a4ca52e07ff7ab2c7c425e06ae9b8372002e6d085965b16e5304dc969d75ec84acf16adffcc0dae5013d4615dad8ba5a92da08f170343e55df4c4ecce9bded72bedcfc02ac4d9a905606ef482da636d50d493c51270f43e5544e2115c39d612e03c2e57d6ea843f54754c292f368dbb1d451439514342c3aa3cb11ecf88fa25ca1229465748032d21c36227566a25efe57b7e3d28e9651275b0f99b129d269f7207b7b1c830620a6074352068452e6cc7bb579274030024a4ec07a18f32a3e5c492d3f8fc540623954d4cab9112d61e3862803b18f2f46411e950e811583fbc6c46f5fba76c265797e79ceb99297844ad068a62377c83ec2dfd36cbe74abfda7c87d2f17fafe85e9359c85f92017da713b09c982e9f6ed538405ae8101ea3d6fbf3b14b135eb67ea628b8326aa0ee659ed0f0a550521b3919d324a55ece39e65b03103954e5bd80b72dd3d158ab6301ee73ee928262ab1c7e77870a7442871e0e7378fecce7d5be3bac010c381237b3211e788745750231ee997af0abae773a60248ca4d5fb3e28d87ebdf917245542c8e0c265bbd2b6cb7c893d97ba13866e9dc13b6efad918000dbcb6fefa60c863b3a3664bb6d78edf6302911da42af4ddf9983405a606f19a05311ebf19f72fe467985bd34f226e27bca6201a55e9e3fdf6c4f2d237d2794792f96cabe781ee26977e95040e6408e3a2549c6bffbf84a95a87f9fe505ae56716c19ad1f4da2454f4b6c67c79737c9342fdacca11f30484b522fff0be6c88a6413eb588a3a0c36e090853b32dda5007c7"})
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
mq_notify(r0, &(0x7f0000000080)={0x0, 0x14, 0x0, @thr={&(0x7f00000028c0)="39a5d3cfddac11622b2496d9c513834f1adf975a6c905189b7617b3d72e240ade714654635906145afba9986c0d07e031ec98da16788428089bdd76a3bab5b49e59f3e08dc3228eb096625f5cabf8338bbbcc28132bc6ef8e84c362c2dd62000f554d5a7df63500343fb2d9abf9400b4ba5f29ef6c980ad37481a074357bd3aac7a3bfadd430c27c75ddb57a3330d45a882ae4148d0254ba943086e9457c9ab1e2267be4e3b70b5d8e7495959426879a9905f68951eac8385c2ae51e302a4da15822e3e4e30c9641e386b78a8ab521b009a57b9c3506889c8ec85512d97a27c84efa1f0ff77e3cfe826ae1091797516ab301", &(0x7f00000029c0)="d513e32b81c4f63d37a5e8229240f241a7f93eaad31b3e2dbf0d3696d5964deaf35c6e4bacb39ad837b2d93728872587193e4da44c80bc8f1ac19ca959b328e6d0980b87cb86af213f7723ea488855528a00308b7e2b7e16a39583ecca0046352cca1d09ca616a35e5bd5eff2f5fb5f86f181d6f7976c2b199beaf6c52d5f89136e54a951b05a47b7275aca7954c3df723c97ce1b39b2f22af34d5af41a9e748f8fd775be1a8b29f94c9c98181b72a26e3b75cd0d9afd61016d3ee65"}})
r185 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r185, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000180003041dfffd946f610500020c010a1f05fe060c10080008001e000a00c00e140000001a00ffffba16a0aa1c", 0x31}], 0x1}, 0x0)

07:07:59 executing program 5:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x20, 0x0, 0xfc, 0x0, 0x0, 0xce91, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3ff, 0x81}, 0x10088, 0x4, 0x810000, 0x0, 0x6, 0xffffffff}, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0x0)
mlockall(0x5)
r1 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
shmat(r1, &(0x7f0000000000/0x13000)=nil, 0x4000)
shmctl$SHM_LOCK(0x0, 0xb)
shmctl$SHM_UNLOCK(0x0, 0xc)
mlockall(0x0)
shmctl$SHM_UNLOCK(0x0, 0xc)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f00000000c0)=""/131)
shmget(0x1, 0x1000, 0x0, &(0x7f00001eb000/0x1000)=nil)

[  390.197008] erofs: read_super, device -> /dev/loop4
[  390.230296] erofs: options -> 
07:08:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x40000000}], 0x1, 0x0, 0x0, 0x0)

[  390.266165] erofs: read_super, device -> /dev/loop2
07:08:00 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf6ffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  390.318473] erofs: unmounted for /dev/loop4
[  390.320587] erofs: options -> 
07:08:00 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB='\x00\x00'])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
pipe(0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, &(0x7f0000001040)={{0x0, 0x0, 0x80, {0x0, 0x29a4d5f5c8278263, 0x3}}, "b49b66d854b199be0df06ce69b7c70b49d59dc65f447ed4b4f33513f5b4cdb917eaf34eee7b5cd633f14650ecbfbec71ac49de8597d47414349b31709399df8c06420ea27018afffd4765752d664fd47dec160c30376fa9fffb3230e4c016210b71360ca5594051728b8d3b16701ac1455e0ea122b8b44a54ca83c4a02ca51b6e44e339e783c65523e85800c526752c95b6bf1b5ccf3359451d45461f057fb725ed7cdfc93a13766ea50d28c36e9295ac9ade36d3404a017cb68dd4e9537445d4e2fe479836a46a8486eb18a72dc50c5397dc3f58f7063bc9c69da3281a3d37011bddabda0bc1970047f13fb78ecb3dd1409be2bdd2005459d9d1b6fabdedbf25b51718b3ec1f8dc9cfbc5908fe2855f4a8645875cbe9a405166eb952fa55cf4a737813881ef7af8625c1cbd7cf63222c9138590fa1c4ac87d32beb3475509c7d6cc1cc105c70b07013967e951192441f1802a0499d88546cd056e0f40adfafda5121ad4301802d12fcd5067068435b7698fc5d5adb5eb43dfa10726179d639b787b91d54f526ed54dfcaaeac01fc96df3c57d794dc697dfc6ae4cd2f84f3ded33ea2ad8502767939ddac2e371e195a8d53051a64e8c13c3cd7726dc3a5dcf8f65a681e4d187a6c3f845793c6cc48dcdd612d5d249d0db57a48cdd18400b99f3d3a9d4fffc4577802c444273eb01185554422d422f7232291ac19fb6de97883a02a2997ce88dcf7632ab0646a28591ebe051c9666d61650b731b3c247a8e977b1b1dc8c4042e8523e0c14e196e13260eea835f01e548d07b1323db38da30cecddc594b26353571f3f5e22865993c4b423c544279e53a9d15f4658e910d48fdd9dd58597fb5339793373aeb0a8bb162985681780e1c1e645105810dacb4e115b4669d7ead8a7b192a5744afd222040e10e4570129aac366a2707f6d3e84a0abd0af0168ee92fdc56c561e002337f5961caf94ad2d4f4bc76746c1e80fe5d3f14dbb35fba63b54a33b7ba0288ddee77224704fb9ac6f152cf26c358f7b07be7a721c09b04d0eaf231adc24992f8092d5f55ec45fa1f231dac95480a532cbe773772c213fc1e466d81c79ed4dd69f08f251e7e510ce8189a59ade10fa9b7ee6e3df1ac5ca4dd0b309ae7925a6af00ca53d1f9df13573468ea218dbbf4d0bd428438ccc44100befeb9d4fb261e54248d0ee3d69a8528463a7b0e911151d444742fa794addf803add173a10b9f51d7492a7476022dfb63e4f73e9f922cf1bafe8a509cfd7b9fafd9616c6ad223e89a3e604dfc8ec2e78c9d543965d16f8f6272bcbe5dc001906f0b5cb68dcd868be57a9e19c51da0502c717439371c42d41d031f23c2eca69de46511cf7349728ef941a8b5bdd810ba85c269782dc82c73f2b4282eaa0022508ffddeb79ef1620509ad02b6d389983fe13a58feac829f7917fbe8009e0899dafc95ac577a417641714618f49a77dc88e4df729a594a0ca88336f9857f768cae155274c9ee0574d675f0cb4b9f2ef97141eac0aad3a573de6ba9abe277bcede0f9dace81665cf2edfd1d597d87bfa077072f027d4969bddfcebadc7118670176db615b0aeba9758f45ad65f0ff85e144de1a0e98b564ddd6fab0c0ec36428e7e4e4c37353aa483c3e2fd6f68f8d2ed99f42ce1129e9885a19ba72b3e039131263ad3bc83979867c9133736e073a1f79fe418ecbc0cd6a6a76065482bff4ab59bb355eaa7bcd5ccfb9f233c949bda7d885fcaaa221794143dcd0aacef2f95b2e95247651eec78b54e94339536741a22bcfcc66805cf85c55a4f046a1da6fa08815fbd912e508c94c2e8616da2f9d8db7ecfa90c10b388d2749ea06ae4b7fa22403e2f132a545bc2ea86fa59408a7b01539f7811ab9d36fd35425da7ed1c3a23da6c341c6e6d2d387bd78908f1debda6fd14177763d970b02fac6454cc4fababbebd74a0da1c1e4717d05ddfeaff7963e99f65bb08fbeb433d6db3db679d5c3abe400eb4e63b0fcfcde3affde07a378801b4ccfe5000f9e18f980b30ec354ce2e989dfca20c5008dc7ea6c9558a7bbe3b589e294a5a4aca5ac006621b03b5199fb4dc59c8dc7ac287de09ae9be3e2d461980ba848a49e9d787ea2983c982177a1d61c13704f43b8cbe7c2d48997de27d3f86b680daf05bf827c150f1f30675aa81b8597ce5c34611aac4dd2e2f3b475a24f2d3e6c83aa360b1d5f795209f9066cfd3e1788f6a3617cbb6475618bcc8a4b812a79730f270dfc59ebf290350bccb91517e2fb09d0f3c06e255047b66b46a0514c522c8f10ca65067bf89a6fa7898a382b06ee1a55fc22165b568ef442c24909e201f0a1418b6ca4ed9d35f617c17794c043fa90e70b1b92e28ff7a8696cd7c9910a9989baede2b779f92659d581881dc835e64acf3d7eeacf188c89bd5b3fa189c5d139a72e04c82b6edbdcfa932bf26e4fd704f1a2beb49666721361c9678055c5e41f29583233ea1872000bc9b8455b7efcf2ecdbdba7559928cac6fb16e4a42d3d5ad89ed1865976b5c2aaf08b813333a186358151b6f08416594fe159eaa951579cc79fd82101d091d79e0e30d7aed8ba39df79f0fd5028c20fb0d28c69a7e0390137e73d4c6633675ae7fa1f70f77c683a9b7cf740923e59d2d7369c857b983ef4652598b1b4c62bb757f35c9b2a5e3834585cf8eb1c562837fd5e7584c9ec1227a77d460d1c09a10d9667c52bfb15a6365e6f34dc4a81a6dca72dfa6f16dbfccd00bb60406d6060ba4aa7139a0b58f16b5d42ab5a47091712344552c9943e727d56d13844301cdc8644794716eb9767921d18ac0aa62a1dd272392c224e1fde96b9257999f24ce047d60dae676ba328941b25366d33c92015798be40414407e0b9105d55c5b635c7c98f593b4e1473a8d62b51c784faf003080e6492aaa7e8eec508f4157180b87cc73ee963543722ed15e4f7de2d09cb373abffa63b80f67c58d758f893968dc0e48752a8a87c18307db903ce0021efca4682baf28ad8042b6dfa1ef90d4fb26fc12d8052221c4af4735680d2e68397b9e02cf94389da96e1e36b647a57656e5f223e6a5bb39c52e2b5882339aa837d956e97e1e8f0a46e25ce435bc820cedbb6b1a96042125111e5cdc1c0298591b517cc01ebf95fed37e70235c2482753e278be9bbe7e7ed08358c87a79e8939bbe101f488d822917dc38a81e89bd99a7db203593eaceed6548afc5a2d4b85b29e9f54ab4aed74072042de381fddcaf665922f69701a9ac39fa8b4e490ff0a475e7ed19d8d7961d79b280e2bc677d48e62a8bfbc4acd8b8798283808f0f43d8be8a1fe996da6fecfa28915729918268fb429dbf3d644502b97ce96933b3004e2cbe5787df9d374dd6b973091b8b892777d6b174360e3c26be7a8a60ee4bd4e991660bbea2866afb7374e6bc122fa2d3b6156e58ef5dd1f26194d0c15c5c61ca7f287e10f4cbd30394d5531a9cc6709fdeebd87c68b752e06c0da9c04b3a9b5b5e27ad8de745e5beaa90064bf25a71de4cbd6c6ebf5d8723be266c405e2eae647d7c19761c1142486be3aa0045c086059c3dcca6860eb87d3fbd1297185366081b4db8c7638e59e4c86216af81021525bc8aa440f1c749e29864708a252d5824b97e6c563beacb3debac78e21f815420c1516e32921fed82b4e1459efb6871237203fcfe35f0ce27d757183ca508a935259ed1f5f74541da8f23bcad7d60feb6311b57164b21695a4338887a6e09105bb2883bf07c735118951147d5be3703d9d67807325a8038e7a44d66dbf030a2ecf419327ead39bbae6ea146450b8f12726f6a891a57969952e9ddeda81955eff8583f0c05629d74501cc5520d1d6bc6928ea8315a375b422ae5977aa3de4447eb0dcee8da0d396802099f035ccbc440f575059e996803e762ba9f09d7a4d98513d3dc9e58e178c5de9a4e9933247e6b098232ab64886eff5dec648c55f2e17334e3d2ff6128a6a0abf5ad2fd870aa87a7dad356a62cea2736197f66a64c6e54ac06323c0814ba689cc04474f25b0814efdfd170b7bf1549055eed896328b90219ff933990e803de3470871dba115d63d21f1be885a4ce85b4dfbc073eab5a10650f5412ef17f4cea355cf86d1895ead85439fa214c71390cbcb15f4043d3b80e9036273cbde3339b16928cdf5eb340860761303c9581c25b6d6fff970d78ef80db50d29c67f9d9852ced246215b19a31bb7afc6eba29aeb4b0a8fce6d98a7933d69401d6868748101a570f868eeb22dd952198c8b607835db76f05b158c6e97f70be45d8df63af648f78b60663406a4043b51ec9324b47c59b4ed6836f9951d49f45bae141cda4f6b6b9625d7908e3dd25c9160e6a70d644a3bfcf82233e288d46446421604b30ee55c85c0c5d4fbd3d22820a859195702d37f6b44b9b3e20db12cab77f6c5789389c37184a2b68ec21e66b75b9c1e42e7a79687369ebd26821f5dc45bda4dedb01d1850472d6b037fc9e37cab4ed9e332ba50cdb1a652dd7f6ed6b1d13534b59645ac10b4ef6dae5ff3ed0060a9bcac5b1009826472fd946a2eff4809fa0e9af7b5da92ad77d0d5442a290d2374e8e8f7dc8b574db52a6c7555a4f39f435ef4b3805c52658ca59c8069b5707277e8a05b264e0c4be898919e21f3849739c51c27a37dbc3567a59ee1076294feb5238f8cdf26e4337abb23fefc4447574f309805981e06fb86a1bf27abf126b6e56f5f053403e539031bd7794ba0446c6e200f0f6eea3f58c4e773d7fed902dfab19eb15c984665d649e590ea6afc77989d1de369c21199e69381eec90e3d8100065c4d680ed4fc7778329c2a6f065198342beeedd55c65fa74944cd5df3b36a87c47424ca9d7ff6949bc0b085fb2084c008417ff3fec4c00dae67cc5e404769914b7dbaf5323673dca96fc75f86279048ad9be1cb97263d75cf61668949e7cdadc9944ed672e2d158d1e13b547f3bfc3b69b78b4dab1128d614d8f1b9f546076756efc07e965056a3c8268583cb293c51ab2152c54e1c01361da1f21535f64eef55ebd3fda3762d0cf59eab96148b5a7d53bce25bb26d058f945f3fb6ac0a33faea1be30f28ed74942d34fd90ec0f8e1e59f061aba4fc4d28b648b1cc642cd0cde656eb865e4554e5337e6be2e23790d6e50f330c54e5cc926a435e49f89c5a9e3e4d38ea8a8a4f97fe5568e1eb91ec2cdbb530411613275705c0fb1f37504cc090a7092ad94ee99289d21932a336ca6e3ad35981505d44cb8f6f93d9a6a4799d170a14ff5e437e74f0bb18f90ab83e2f0adf067e66b7d82a6a6b8e2e17e1c3ae8b95427753cec5fa9c5281c44da5c11a9a79b16726ba0f3d5c50aa1fd02a89d51e9b71db1b5db77bb49346c86bc77c3b1dec346d8e4a40c352281973842bd3f9fe07325b48b28effcb87d0f15d3ef15c8a4da0ad9050edfde239c8d5a3380042664b996db2ff222ffb09b5e3a94c4d92ee9d9b40628e791a30ad9eb3015e8777bfb517afb7f0e5e6b9556aa450fb6695e90ef9684394adfa831486cd77e0edb36571ef5af1885f87b66940a2914feb8b3644e657f18510f15726015a07a1775b8ce1e934275016422f7f0b9c63a4be6dd0a016f3693213d00661d0f23583e1e45a509cdee7aec2e3259d1642a1202e4a7c4ea73618fcacb692dc4cfcd11bb8a4f4e05ff4cd2d2e5c532d117e943065066d7972973eb3760f3f6aaf7578b82c868fbe444fe61d4eabfd0cd6a63f54ea91169e8e6fa0dc6b66e281f2870fd458c7b9d7e166a30126ea331a879f9a157480", "ca8285285e6132101ad92becbaf0d823138f61a9bfde1e8d47109f7469f9f298447edad63707ecc3ab2ab1b3a481af1b3291b8314140b6316add3eb03299117a65ccb9270288ab6b9f9b9febbc81bc0b9dde70a1a2982fab9b59d15e407047cca1c7f617f4e7f520ecadc449d6a71a530f44661a3e2655b7ed6995c0d14ced8c8e307478cd8be04b6fc83471a5c3bb277439bd17464e7243b22ac559c7f38e5df1c3b3402d2684e70edefbbe6d98b53932c06894ab0bfbbd378dbd47945924227607f484341d4f4c49cee1f1f5ae76a34ce62746ffe1589d53ab4227675ae84095ad2ae9dd1a90e67d4ab8f2029c2b9dedb21f505b21fa7afd3f4e0363a6c055481d7c2b9056c1489f815ec40015d6572699487fc5b0e2f65ebf9b468734a23f4acd9f9e0510893d5e71997593056bceb3a236558acb4eb52e72a6edd091b51ca97cd27c846a5929b696b037ae3acb6dc2185ab9f289599dc8de8cfc7509226a9ceecc6e84db60044fd35914c48b09b57ea1ea2613fe9cd9c938fb563873435bb69ebe814aecc508b84cf00d8086639d447e155b3122f5859c6b2fca5ab3bd236a08e6b89b5bd43fbb931778bf38e3e84e79233af7966626785eca87f5b17f0d2bb8d15aebd20d55c5d90519d375435849c61e37b4b428ebb0ed8d4ec196c46a0c7ff9f74c60b14ad2d78d2681b8f7c627436f0e0e7b30d2879d78036f504462b6ea5fd5e3386ef64c18f8f2f74305b423754cd97fbd6840ddd0e6653179886e95d90f57be2f60576e17ec22d54579f225681c4a9c12e62f7cb25c2b8b3193da6e8f0d9c380cbed5c502cb6ea7a8731cc0aba2bcb09ef1f9c4cb0b31cb8d0d96ef4841b81a24997376f4ca47ed4e2d35fafe978c4ca269a815ee48c30eb6244e345978222d00c147037bec9fd8e78f75ec6ed000c1001e2fe6f7fc22a69201c969fda517e4dd8d95203c56ec4b17bf5b02dbaa8950ca0670998cf158e9070585b044911722ecb653d33da8a02e0f058e5291d20f804189fabe5b9ad666c102d188be3eebc3940098b4e45e32117dbd39a4ca974046bfa464759730541a0f15e88ada849c3592633fb1835be59b258976221e7e0be1def6a6840a608c4c1c667cbc18fa80f6cf09b10ebec1dc13a81dd554bd1f0f3916cdb303b03e537cbe860e9f5051fa652df8647935a55ec8b7cf808d8ee069be3387bb1513052e1467febb3a3dd7321272e7917a22900b46a2e4332f37c70669fc1af832123a517b908d7703999d9c9cd5dfc71aaf64dbc87984d8f16aaf02ed7cb5efbaaa69bd318e0439f1bfeb546a1b29d4c5962eaa5c72ffc4e1c3b697a03d7b5673ac38ccf56d825b49cf492e65b1cf5544f3a1b6e4f2bc84269b6ba416bfc5808ccf94e113716bbb2c10121cfc45494246ae681a5cc95e464f9e1a6f0eb8199c03e4aeb9e5cfa028428b82329b1bff5ff78d10f08dfdf76462ad157b339cb9db9d7b0a50971a32b42ef3786addee33bb7f8a2434028f74b042db4fae351ebbb99f9c0c8373d8132a544eb46c6fea619f8a90d6bf0b7384ad520f5f607595008001f23815ae0c19856bed64c3a12c2ad3d40d06fd721a1c2230871657f07bb2c4616088c184cf107a0d3f8f8536c95489101e341097f482b3e01fe33aaf83055c7a76daef0d5c54f368ff07e70fab527af285181065a4aac4e4937b9cf25c14eda0d0c8f9376a08ef0c227cd0bc3ab0f24a3ef3251a23a37c5ae15b96d0ce59e4448cb6af6d0841f0de9ebd98a5d706c9fc786f6cc9a3e7572afc10d41c1a752f3943d10fac5e93c743f5b6fe4d9c4e3ad95ad0f9d1a42aa303ec14d3fda28b98ece9e5f9f79382a8a9f3c53768eaef8d19461b39609ca985460003f9ab66e9f11619608af50560fd6e80c7124335b76f9efece1e013011b7f5eb8efb2b144fd636bbe5f1cf215c0e87d6ac94f3d8d5b1035dd8d43a38833ca4e9f845a197d2aede35995219d896d93a2b070c27fa2dc183223d9b6aa2a465372c4ec89b037c58394e72b0ce1d022204311a4867a7e77e9220d4a3a7dddde1824868c51a9667678ef7b32c77645fe502bcc68e0ed9ed8e1030dc0e9c1c9d3826d329e6cdd633e304858f6fb5a79aa615f77ef76bb0967393a8687f28f2e0325b8da1aa155ac7c1746535a0facddcd81615517aef46ef3bc667ed2d81ab22748bfa8d563bc8f2c2e61126c567530073724d1a7984cdf7cf8b8da0c9ecb417a9431498dbf62e6a7c5cad272fabcb58d695591dff3ef5a8309f7f34bd54534bb09c88f0d6cb5dd2ba534cb8b3eda1595343781e29162b74476347ab72eec685bebc9c52df31acb4732c0eae6fef6dedb1301c53d534d553523802699ce18e89d8b48ada3d2be2b4cc5d90a6b0747dcdf8b3ec99beb3fda307e8100e7e2453ca5532639290de6727e871cb3583b0c16248cee60b0af2446a3b7494f526479486906c1814b709c19e4eef98f261deac96ab77b65960b0225f430238962663385b7ac6f8312d7a710d11ea6e9876dc7ce649316274b05667d5b9468c759b44a592c16c92b143d703348f0c8e612598899a2e9708cb4991ebba3d00da3740e90acf5a55cee3eb48ddb13c5c423d0dd22ea4f64700ad3db2fdf767f4cb1af1d2922382d3a62e391ab425e273708ee01be71b8fa552873d721a97ab152346895817455d40574b1ccba1c361304941a306716e2fb181d4bbca203aceb948470e0c99f233b23416ff3b1ec66a6c998c5fa1428bf7597c9d1e72e35152cb2cafa7e18535c2e441e7c5d302d3dac2ce01dda08062512cdef88569b3192a45499f70bb33fd0632c72cada2c5f348700ee60effdd6dc0bb74253bb1368322712d345c038211cdd8c67ef4632d7a999274e86544665b5face04199d461efa031bf124053ba5e68919a288e47bdce63b0fab9ed00a38a947d3321c01dc49244c0e89dfd4136c2c102c1ee9820c5cfbec38f49ece883b0e451d3c54f9cde5145e5c4c266ffb3600083e9aac29879be6bcc2a6c15beaf6a3a9724211d7f09efec4a619e108c3d5ca68a32a9c20664dc7ebc3be9aedd588bb7aa5ad1cfe9c3714fefd1122e571d1ab2434a5dcae9359c977be178f2da646f888dcf3354f4e44e66e9a056e0b2edf228804952697c449ea59f83e09c493ad9783a036afef0474a37216e40f0a4263e1eee7ebe29321d264639f3b98fdda8e52d23869c6182f5172c4adaaac89c88b6214b96b1511d6603e1b218dda8dad07bc5ba718531f2073463a9a0f30cb80ebc8dc33e701f01fc4a616b6742c201b6032d4e9ca41bd3b1f943f7a62000818633f6ad91ea2b82bc1381ddb3497baad8e13a775b219ebb7f08d1f65ab6ad2544fe77dd830040c0a9ef3cb47d3a9ee3e5fc9262f899002a6d3205f842c6b0ba5170d7cc4968f821b399fb7aac86379a276cf4ae557b3aaec1a2dd59f37cd2b8adb3e0868d461aad9affcd912cdee55cfb1361b2f0870fc8e09c916296d24b84fde6422ebb094e091ac6c2d7788071c7ce7c977a0787c48314f0b3c9e60d38b48e9719d0861f36a0b3a87b80621146611255efa0c239884a6dece08e8002c528d0dc98623985d87f495f83c5d6394b0a28800f9de8b423346eb8ce0d61c0be2e0f936006a1365834c5e1f731ab7d938d1b60e86cbcc4dad31a2790aa0bd7fef5febc35f47a4a46e0c6fa6951deb420deee47ef6bd2cd9c6205de84ae110f4cfebca6b901f65085cb35199b46dfbffb1480a4ab581f1dd5a2b04921fbc6bd8e58414e8d2c8b87e1bef9d1e3ffb230c65445e5ed0aee0a86bcb3f85ae318aac86d5ce96eb59dee9b007d7f666da3e06556699204b34bdde2f9ffe0e4925392de98bcfc974a5db32089864c69bcceab91faef377e674fd88957f806102376880dae247407ca23ca8e296092acefb294eb9140464274a25508f91102974c939068647bc59839fd8d22bee70467c10772dd2a98586967958e7abcceaf49231bb7ec38fc500059ef523068d3145752eefe09f90888cd6371a026a07ffc0265729b21bacb3a4f662ae5f7f8f9606084649ab5a7da2ce0bb90dbcc3bf8f24444fba651a8941092851c24ea0266e7919d8cbaea1d7981602a8628428c0098c33b39ec780ad00d67eac93f1ed1ec11b5883e88bf445b6f9c2ad0a65a92b73cc88920b2b14c883c927ff5198c42d035d50d2c9454a04e9761c9d73ba91b094e76c0245006a955e06f88b48c9d8ce93c9562cdf276c4954f5e8fe45edd8ebc8b44ab827f66e26ac604c7cf47f93cf1f381bdaaad23341a18235c455e784fcc3deca06b854c984420ccd0babd03a3f9df94c42a78ed6478dd7789c10d55035a7967fe9452f7db10db862571e49794839086c2a48d7fbab594ca08e0b4d5445886dd3e6027b2989121595383a740da48fa7d6577b8fc340fbbda11a0b33064e4d9efe0872ac38683738f1a41685b159b7bb71b7e47b17928a4ae7b3a405959bb35f5f25d4ae8fab0d9880261de5d076df7c96eb9cd79936ab97923afa31238f87dbcc0603c7ebe01916317741787208c218ea73e4091a09477a7654d927b922154e4e71c799211460898571a5d07de34a495567f1f65864e01388fa5892f4ed60a375b205b4ab712237bea16c51cd65fa08bf6db49d3abc858d1f2d25604ad354bd79967721a7f1d89cdc04ae15ef5cf32aa8f81d1dcb62a49d418ad9db60384de71e8570811a9611027d43ce197dc50c33536a9254ce7128f42d6fefa3b909a94b3fc4bb23ba32fbc5eeed26edd36d7057590d24bb8f2dfd396fca98ba151dde04610f6e01d78f9a8f5d89fc37118684c9bf65364545cdeedda25a9bb2529c5e59fd3d36a7fadca29fd9dcd6ba92c6d1387e3f06744f1827e3df9a2887fdc04705c3b0adb8845ceba20a409a69b0c995801205b16e359ebe24df4f241537f13d165894d8fe826b026fdc3893795e179b2f170a106970c93a7321e7f5ce90777f8e0cf43f8293694b5eb01cec35b1b5f8b9376e4df9fa626ae4d4c917058d413282aaba98d965be85ad8c70b5e99d4e20b58042ebb1368167e53a4fcf3fc674446f2cfe0877b31969ad288a54b299f3f19403edacdcca7f8bf9f0c331a705368956fb8b51008b7ae1757121ef8362c831b515eaa6ee656bb5219a44c4abea974c3a6e1151fe4fd13aca451b9ad2f9a3071a57089e34496557131b7e5f5c7cc91d04a2f484b3f653765134c094150a8b94ca74460522535429531dd52a2b001b34a51e80aa3ffd513dcd2c0a1e262c7d682d5d4f406109700a8cbc0583a0b7fe68839884b1f9c67cc7afc8e5c4d57effbcbede3d0fe0911ca5ea13804e29151166ea54fbb8a0047e61ba994fddd6457ff4166999cbd8c94ef0ed99ba5e0fc53991c4cf3b2629ea1388ac5c2641891e5f5a1cf68ec3b2e2ad38fc0255a87f0ba29c6f2747dc0cd5a70aed66d0204d2310bd99c72ee450ec933cf297712d499ffaa777561992585deca74aab5d24ff1cff4f38c4b0289bbd00f8009296823a56c775bb5b8d0c4ed04e089126385ab408ddc1f5228b3f1d50e47e7c551ee6fb1b479a159fc799a8da5a67d466e987cd1178fc706f455953252f47a3c114644d1ea3d6d49f2f69cf554f2a083034c2fd9870728da2433c396dfa9a9d87c4c42343fa81c92ccb4127e0a3ff5816b84ca5274cb817e8dec9f7b7b55a79fa54a82761cd49a9ec04e50acd33ac7fc6ea3ad0ffe649e5296b6ff7b83c623154b1c7cb969c85b7d707525025a4e0fb3e34140ed95ac9a3da70996bc8983857e"})

[  390.434725] erofs: read_super, device -> /dev/loop4
07:08:00 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3bd, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x40000001}], 0x1, 0x0, 0x0, 0x0)

[  390.484580] erofs: unmounted for /dev/loop2
[  390.485567] erofs: options -> 
07:08:00 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffff1f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  390.615177] erofs: unmounted for /dev/loop4
07:08:00 executing program 0:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netstat\x00')
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
syz_open_dev$loop(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r0, 0x0)
syz_emit_ethernet(0x300cce, &(0x7f0000000000)=ANY=[], 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={<r3=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f0000000100), 0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f0000000140), 0x0, 0x0, &(0x7f00000001c0))
r5 = dup3(r2, r1, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000026c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000002700)={r3, 0xfff9, 0x40, 0x2, 0x7, 0x7}, &(0x7f0000002740)=0x14)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r5, 0x84, 0x6c, &(0x7f0000000400)={r3, @in6={{0xa, 0x0, 0x0, @private1}}}, &(0x7f0000000280)=0x84)
r7 = openat(r5, &(0x7f0000000040)='./file0\x00', 0x402101, 0x160)
writev(r7, &(0x7f0000000140)=[{&(0x7f0000000300)="da1e745fe120b15633eede2bae74782205e306ee3b3b385aef9f0f621ec61c8f0900f69b4bb54c0b8e04516b4853b362b1e4a720086a5fec3c44be578d055ac8261a3f4c050000008aae43dd45678500dc07d0758eaa", 0x56}, {&(0x7f0000000380)="48ef67c5822a2a90d3e53dac5fb3d830b1111d8d53c848f947516fa6af2aefb0b4236982adbac099cf73f60332ed93b6c430dbf0c5746d7ddd9df2b5c82e7d6a0b9b839570ca74da1a8538dca26c0d934b9b7e044564006d6a42f127018f8de268a95b14301fca2821d2103063b803c4411f3736aa20e8e88feeae0118cd823a", 0x80}, {&(0x7f00000004c0)="f9513afc34b93df079c082a9ebf985d3aa19b3306fef7a9ce394f5d70a254be0b1e9c15075a256f15e377ab6e70c5a3ba17119c9f218824cfa4ca61f9500c0f253aa4a3e19f71740d010b9e3c5d3dfe6af3ef3b3074945e3e406416519c7540b528f71f1a1ba1f764c967b28369c434f03f6049cda2b8568b7f8f000eb72e309eb55e2ce0a65d2c7b4b86fb8e66b02af46441c709cd0ea4b756139abaf214fdb2bde3e93e3b255afe124c2138daca8ab532dd541d2dce10f16753cb6f8b84731d26f873dfa69304a530b52d354de56736b9239c2788a8fbe3b37760245f3283600ed0068eb355d118209924cde9a679ecafd7257d8d946522a511c541663d1ccb3a41ac19832a145fa14e72752c264ce297d0ab01f6e7d01067e727e25a36e2a9023d8e2fb19454ee7a09b83d4622feaacfbd837d27a873fae235de33d9b9eb5f2fd4262263e40dc8759052312c97d711114733136e630c1f2ac67f30e9575c5d6e39b3d466458c5c8ac9b9a46003fb6a3671521bab275ed38db6f2afc67e176a6974ddfbb4e8a6689684f24efca9e927e6378e7b110530e02ed135f57f6ce207562d30afe926b3501c16dc8af018c982edf41f0788bd35d1a4011fe584b0436b1aef6fb5c1228770d15fdc7643b968d9957706445cbdfbff400b6d21b43461bf696bdca955ec83b1dee10a7b45611b58ac836f9b03da503c1acf942000203ea4b85be0c264bd04a8418e5d219463ec2922711989f3625570d29915133ee45fa3ff3f2e5caa5a65aa3738b06c9c021726ff424454d3e0b6d50772e7dec7ebd431accc60159a58ab7a3662722255cd2d56012e62bf115ed42f454db40d1a73876c34c11a8ea73d7a982745552ec946820df89140a2cc0003b5abd84a5bf92e1f19f65b88bc310a3d424b391573757a383e7c0603ff83e9a84b33088e424afbcf13cc8a292dec850241ebbd0d83237dd7e5f6916db544375503c42278690040ddf28a0d0e2ab970220f49568489b9c9b072db54bd027e27be070fd15e83a484581e27b257ac91792937764b99d3e1ef38d601306599a80aa3d9c579abfc803323d94c95c1aac06ed872883c086efa9ad571820c690e8075ae7bfc1cede8b6078103219650c01cf81786260fce5308961b18d79b66b6f5963e1911a75d0faf2f7225f705d0f7baa4f8d76e2c30c17541c87418d239edba0f8b509bfbb3d85f72986797ad47f5d935ae756db7c2e02357661f4cdfc30166775de27f5f37af65bbff943b76c1024720fe8dcf5405808ef7d8eed789d8b064b5051f88196cef2d50c95802922877e381a22deb8539aada120ce06affad8780f8a43d185aedf6da8fdb361faa65c3fac083efdd8dc6e87cfbab1463ec18b9420843afb64bf65af7c12429e7a94061fb2480448c02104b2d8dac3e55b63d78a1d2694818bc311930c3e68ef341d05ec06b6abff092049c1549b601cd5bad4a57f6407c8398119d2f3df5e060e1c23a3117f67fcbc89321921ee1268a27dabd7e18f7579193317299d0f21c05d5f0548b8269c0fb676a458484a434cc9379481d0a2c129270ba882ea96690e4d21ae103a6f25c40e1b3e680cff9949eaabea7ccdee92d484c4b9bbad8b1273b582ea6810e82caf1c4830b555e6b2c7d6bcc11851b3fbbd3b18ce2eee67fdb94e2fdf5f5f0b732dd6c532985ab37af6309102f4b71fa4bc2bc5aa6ca76655149d6b7b0f77b9f92441e518e31b1757e44c50b80db826d89b74d5c8dd3d7505d31d3fe862fb817e9c0169c15a16fec9859b38f5a9ed8dbcf6bc53fff903ffba8d45ba37fc35d1a446b46fca168c87ed42a0db4244505263f648718a9ed1060f71486156f2ed2690b04ece34c301edb8656ca79f599c30821db56efa0c1451df43051ef1f06512a4c47a5fa3d08e8e1d47c36a7407da32b671351c04056b4ea3ddcc737531d86a62892d59493c4b46b015153aa8d694faf6146dbc725689d39082514493a93e9ccd1e35fdd4ebd51397144337fb4dc80ccd5d397ef9bd2e0c512220399e5332c784f5af323a2e9f4b7778649ebc564222178a81f34d74257e52559629460bb4735d2ab3544b23e77ce5b2a7f753d1eaf3e7fb5ab8470cb117486e4cc12fe002aba1cff633cf0b94a98529452c28c5583cda868b7ef8aed3b389d0d0ec89ed2b845bafccc9e88023258738c55fdc15b4886b52e8d53ed0c6876066512a1f13caff32d09e4625ec9878634e1e51a053caca941880087f7b01c2784d86f1e29bbd5c963299c7b09987a958fef54e233ab08716579c5523892cf165a764e9fff6929d434a7e7485f339885490e3831e743bf8b423ddc9ba6512051b5695794170101613c9074c1b7965a5f73393d0ac8f66c8cfe640230f3d8e53be6ff5d2ad7467fb24f7d4ded6410772581b59b5ba6ef6f3f1ab0157b425c4085ac49a12aff7c668e626a6c05b5a73bfc83c0181a614fa4747e1ee6d10f9affaf09b35926064b917a303438a6e9df364de1e2a0eda8194fe68dce8c462bd739263d458258c87d0cb6ab04bbe1653624ea9ba61d3e1410dcf418774763690e7783a24a4406e53ceaeacad3800b959e81e6badb70938d73aa29aa6a6662362629e4b808e06b49cd54867958241639579cb4814857b9ad0287953538599c1b39841369db92c4a580b54cdcbc6676bb01019330583a72d4f49f5948cbc081256fa48fa9cf23a750c9acca902f1128cbb53ca6b88fd35d3dea19233c937025930ca44e8fc5285c012a10b8c4a46e3f49dcbab9a81d96ad987a71d6d5a14d8e34190ab4f258ecfe793d8587c1e054a93006b741e6ffe42e943f1bd7c54e31817e42d04411981942ae4b1c7657cdfc359e60c460e33d230e029718774dc813d489da94586ff57c8620c4818f4170f22f20109eb0bc772157ccea9e856eba499323cd1b5a340e3a8de96b46afaf4dcc09a1d0ccc2be21cf7125947b6a907657f0d6a71308cb86fe6ea3a83db7291da7572b80ce8c791adb6cc0cd8afcef3147af03648039b18010f69c55584281f1c6d19e5d92079fcfd9642ffe077a7b6a004383237717f8430a2baf74e7bc632d2e1f5abce5d9718ee928e40d72fe5290b708d8e7ecc17f179e0d0903a37c4cc90e89be0d92343de4b75c07199b862289f696c208f3153ff6ad8616c25eb68ebcf99cb1dcae43b33a8ad43238b8d7c5ae7bfb0a50587cab4e940b3f959058684a0fe917c8a2537d5ea2e2491ac80aea6a0ef00e73acbb604067fa54725957e48ba587f4f0f0260e0b51237580039c3f56ec347b60a63b0a5da220c4237900ffcab00f3a6fb99f1a5c18abdd9ddfc4ce862edba4917fc6860757c5bcc70eabaed91d31c01cf504fb7c649677e39ebb85a563c33e64a6fbc20b6393d9cd842601ab12ace5284f2befdebe3517695960b9d9553fd005d13441d3d6be911ad8d24dfb6595e2050a31f368e697af49ae9226c99f544574a1ade261fa22e63883ec5686a6f06065ac6e19d6c14b1f80a8d8b4966529b342110c0fc0b96ceccc6678329900a197d39c237d7a79728aa61b97724f4e2f0c666c5812d6e1ebadeef35906e6c747b0370700fc8e9bc1f548c8dcfbd87fa2e5cc173228a5bab41c69c39caf489948ccc93d54c906ee0074d6592f093209e9910fb5e28efaf9ca50fb17d58c83f02c3b32b29d3afe7c366feffb4e4f215c3e521aa3db3733aec6e6ea143792cacbbd3c79026303b9155a5cc53e4c73c2bd970c646564fa67f2856af962d02c87d483e3cd255372f363308e7852f2e04b3e4669f072832a2a5ca7906e18f8be75e30700acd89f561154fc531c75794895fc4c4cf51dc5b8e1d79a4fdd00c7afce20cad514011ab8cdcebaf07125731d9e35ba64e0af6dfe2acd6d9077c32aca7b77f3775549b0cbd924d96af436d1d232ec83d51efb9476879618f772627ec4906e98ebf24fddd6fc0fc5e910dd55e9bdff903f9d0886288a9b94d5a8c515a5fa522da087f04516dff1b1cda7eff61695ef6b41cfde6d5b769d04c2c38ce7dbf2cecbb64f53792d19cf3bf319d2dd74088f0a7c93bf5ddbdef9bbdbf04853885f1a73f6f46e2139da25f7d1bee4fe9191bada30d92462a37bb379dca62d22d8294ab297fc8a63705b9b78157e95a22718bc5ff499f82fb115243754078952bda05a78a6239f9cef42c62a457022e78edd41879880636e96add711b351b8245265d7cc59420a09422d784f7dde88967d03915f3f8c1fc3262c61a8888497372e303b1ae2a40c8f3cbc6fd4d6f9d88d042fbb47f958999b94a297c5e433d674cd47d8ce98df40ef0d6d1f4562a604894863f4a41d8d90323fd12ee60e7cfd33dc90be5005ec0b125ce9c5ab157e7179bc0b24156fc1840005d04cee8e2420128f2747874eede34bd7c4e917aaee5b0f272a21cb22129776500ef56d1af662d9c44b503f4183a4abec67a0eef4a4dd343bf7f200300e2686c6e49e3251a54b84473ada87936e2ded79917c284035d52654d202ebb25def196e6a15ec732d4422262734f792b727331e3d5b84275f45d87419deac8359fec6d09e09bd0459a7b5a24a9a8df0aaf37717bc0833e6f1ae2be7100ce420cea7047144b2d348e0aeb51e4197851c54df82c6995cf020eb7787726c76a51b653736a99963f032efe29702e726bc54d1e7fface9aeead269bd1f1ac99425c3a6a509c0d4f75f12737db457793ed9c81ea848f00e9c1f5733f01ac2024b1340b55a094d2a576612e8a94bf523fe9b7aa9825fd93ab9a7d2b50602557bbb1c964a8269d37ddde08a1d5d2faf95c30dbd71f07e725fd4ee7df85c4c97b3eb9fdc4a09cd36780c7687c9ba733e9e25a28830434d66c8a66bea419b622a36a62c4771db795406a63eebdd1db12923adc93b05c71c232da61906460ac83aa521b19b4204f30217e927847fb2de379e9dd5a0e17b38a0f685eb6bf95849575d14cb67251da6e2cb25e4ea0424765531c294e0bb3217500cbcc841ee82d5dddaa19c1f147490a7eac0b0f7aa3e3537ccd52cc8aaf226897fb3b96065d76164447ecf4c58307e9d840b624c9a8e1f84e285fd67cdbfe7374924752dab09eac7f8c86e55d7e1ce7561a71493fe6b1e4b0d2d2db75d4496b5ad0f2e5ffb75ad7ba06bf7e4043516f270f09deba929d34a3e3a43ebe7298fc6e2c340869e96a5839449d08b5da4204f9135e36b7b2c38dd4613f18be75c56b70c1321f50933667e62a385741c30592da3a724800a642a8961bdf51a3acdb33e4d2e511d46dc44db4aeecfdbc27c171b189ab11f691fdf139ae463354fede16aa306ddcc51b3eed6299eddd3d778422d4f38e790b78daf8431e4b829850287385ef3761acf3a8958582d74e2cfc4908175f92ff59610b8fd12d23443464792cdf36ef8003d82b24f16795876c771d2b4832cb803182b89abfed26f6a3fcf483aa5b7e253eac6752f81c6a6bc0ec2312bea2c7d65dc60283c5f7de4c3356ab867c251c8001b85ed7ab1a23882fe83ee2019ad421e42827894a26c50c9cbf3e200916bd307a8c8349cee540dfa90e0fa64ce31e5b3f442fe2eb26e01ff23a6a42edbb09d175b85fe4b285954a6d5e0a9810e62360a9e55388a7cfe2e3f067c1993d75b89e9961cb996348e443f9c9491311c3db86e7a667bda9e48ac41cc40ee76f00718b97bb5a782ff2ac0bd3f1d246967298e9786c4e27cfbdc270e2724ef0ad3ab13293c29a7d63a6e2c39f50e669dee9def53287063acf611588ab9ebe7be279eff66005e5b6e2ec47d76584959a", 0x1000}], 0x3)

[  390.667662] erofs: read_super, device -> /dev/loop2
[  390.672702] erofs: options -> 
07:08:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x50000000}], 0x1, 0x0, 0x0, 0x0)

07:08:00 executing program 5:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_open_dev$radio(&(0x7f00000002c0), 0x1, 0x2)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
eventfd(0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f00000012c0), 0x0, 0x0)
ioctl$int_in(r1, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f0000000040)={0x1ff}, 0x0, 0x0)

[  390.768493] erofs: read_super, device -> /dev/loop4
[  390.803841] erofs: options -> 
[  390.806585] erofs: unmounted for /dev/loop2
[  390.909772] erofs: unmounted for /dev/loop4
07:08:00 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7a00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:00 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3be, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:00 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff7f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x80000007}], 0x1, 0x0, 0x0, 0x0)

07:08:00 executing program 5:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TUNSETLINK(r0, 0x8912, 0x400308)
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./bus\x00', 0x0)
r1 = creat(&(0x7f0000000180)='./bus/file1\x00', 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on'])
chown(&(0x7f0000000140)='./bus/file1\x00', 0xee00, 0x0)
write$binfmt_elf32(r1, &(0x7f0000000e80)=ANY=[], 0xa58)
truncate(&(0x7f00000000c0)='./bus/file1\x00', 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000017c0)=ANY=[])
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000780)={0x0, 0x0, 0x0, &(0x7f00000013c0)=""/171, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000001c0)={0x1, 0x0, 0x0, &(0x7f0000000100)=""/48, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000080)=0x1)
ioctl$VHOST_SET_VRING_NUM(r2, 0x4008af10, &(0x7f0000000000))
ftruncate(r2, 0x1)

07:08:00 executing program 0:
sendmsg$TIPC_NL_NODE_GET(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x1ff)
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
gettid()
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="f0000065", @ANYRES16=0x0, @ANYBLOB="100027bd7000fddbdf250300000008000500010400002c00018008000b00736970000800050000000000080009005300000008000b007369700008000b00737770002c00018008000b00736a7000080009006500000006000200620000000800090075000000060004004e2300002400038005000800030000000800010001000000050008000100000008000500ac1414bb5000038008000300010000000800030004000000080001000100000008000500ac14141614000200626f6e645f736c6176655f31000000000800030000000000080001000100000008000500ffffffff08000400ff7f0000edc75eea83f5d6be810328ec230b69dbdde3daa01b1940d80372cc14315af11fd5ad5804e2e258654dd10fd278718de9b64574a79ae4e04ba915c54706"], 0xf0}, 0x1, 0x0, 0x0, 0x81}, 0x20000010)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x6, 0x8, 0xa, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}, 0x8000, 0x8, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
rt_sigqueueinfo(0x0, 0x28, 0x0)
r1 = memfd_create(&(0x7f0000000340)='\xb51=\xe9\xa3\xdaz\t\xae/.(\x98\x97\xdaFa\xa5\xecX\xe0\xca\x1bW\x9dw\xb6v\x8anSx\t0/La^\xd6K\x00\xf6\xe9@\xd8\x8b{\xe6m\xea\x9e\f\xfdd\x10/X!\xe4\x06\x1fW\xcfSx\x14\x17?\xba\"\\', 0x0)
pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000840)="16884896426f2eead5b120e784fbc47c08", 0x11}], 0x1, 0x81805, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
sendfile(r0, r0, 0x0, 0x24002da8)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000940)={0x0, {}, 0x0, {}, 0xb3b, 0x0, 0x2b, 0x1, "1dcc79dc871c727f5161ac2a8e4cc9840bf9758bd451be073ffc9a88295eb61f59ed7b505b740380e9e52408f09a3a51eb40921a93b564681049851448ebb8ba", "3ffc41dee2559d50df9129b097ffb6a24732ffe375f19b9d3e5ca6831952a1c9"})
ioctl$LOOP_CLR_FD(r0, 0x4c01)

[  391.139758] erofs: read_super, device -> /dev/loop4
[  391.144163] erofs: read_super, device -> /dev/loop2
[  391.181373] erofs: options -> 
[  391.236892] erofs: options -> 
07:08:01 executing program 5:
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0), 0x0, 0x0)
msgctl$MSG_STAT(0xffffffffffffffff, 0xb, 0x0)
mkdir(&(0x7f00000003c0)='./file0/file0\x00', 0x0)
msgctl$IPC_RMID(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x20000000, &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x2001040, 0x0)
mount$bpf(0x20000000, &(0x7f0000000140)='./file0/file0/file0\x00', 0x0, 0xc50c4, 0x0)
mount$bpf(0x20000000, &(0x7f0000000100)='./file0\x00', 0x0, 0x5890, 0x0)
recvmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000480)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r0=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private2}}}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000500)=""/200, 0xc8}, {&(0x7f00000007c0)=""/4096, 0x1000}, {&(0x7f0000000600)=""/223, 0xdf}], 0x3, &(0x7f00000017c0)=""/86, 0x56}, 0x3b647ec595ce4b0c)
mount(0x0, &(0x7f0000000380)='./file0/file0/file0\x00', &(0x7f0000000780)='securityfs\x00', 0x0, 0x0)
unlink(&(0x7f0000001840)='./file1\x00')
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000280)={{{@in6=@initdev, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@loopback}, 0x0, @in=@local}}, &(0x7f0000000400)=0xe8)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000001880)={{{@in=@private, @in=@empty}}, {{@in=@multicast1}, 0x0, @in=@broadcast}}, &(0x7f0000001980)=0xe8)
lsetxattr$security_capability(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200), &(0x7f0000000440)=@v3={0x3000000, [{0x9, 0x502}, {0x6a, 0x80}], r1}, 0x18, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)
lremovexattr(0x0, 0x0)

07:08:01 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff8c, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x80000008}], 0x1, 0x0, 0x0, 0x0)

07:08:01 executing program 0:
r0 = syz_mount_image$reiserfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f00000000c0)={[{@noacl, 0x3d}]})
openat(r0, &(0x7f0000000000)='./file0\x00', 0x540, 0x19)

07:08:01 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3bf, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  391.332160] erofs: unmounted for /dev/loop4
[  391.367481] erofs: unmounted for /dev/loop2
07:08:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x80000019}], 0x1, 0x0, 0x0, 0x0)

[  391.466579] erofs: read_super, device -> /dev/loop4
[  391.472326] erofs: options -> 
[  391.482648] REISERFS warning (device loop0): super-6503 reiserfs_getopt: the option "noacl" does not require an argument
[  391.482648] 
[  391.549459] erofs: unmounted for /dev/loop4
[  391.588736] erofs: read_super, device -> /dev/loop2
[  391.593779] erofs: options -> 
[  391.651670] REISERFS warning (device loop0): super-6503 reiserfs_getopt: the option "noacl" does not require an argument
[  391.651670] 
[  391.673432] erofs: unmounted for /dev/loop2
07:08:01 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7b00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:01 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffff6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:01 executing program 5:
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x5}, 0x0, 0x0, 0x0, 0x2, 0x1, 0x6, 0x3, 0x0, 0x80000001, 0x0, 0x6}, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f00000002c0)={{0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x9e3a, 0x447, 0x80, 0x20, 0xfffff801, 0x765, 0x6, 0x3, 0x200}})
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0)
r3 = openat$hwrng(0xffffff9c, &(0x7f0000000200), 0x20000, 0x0)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000001, 0x10, r3, 0x65512000)
ppoll(&(0x7f0000001340)=[{r0}, {}, {r2, 0x122}], 0x3, &(0x7f00000013c0), &(0x7f0000001400)={[0x40]}, 0x8)
r4 = getpid()
sched_setscheduler(0x0, 0x5, &(0x7f00000001c0))
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r5, 0xd0009411, 0x0)
perf_event_open(&(0x7f00000012c0)={0x2, 0x80, 0x20, 0x1, 0x0, 0x5d, 0x0, 0x3ff, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, @perf_bp={&(0x7f0000000280)}, 0x1600, 0x4, 0x8, 0x0, 0x9, 0x70f, 0x4, 0x0, 0x9, 0x0, 0x6}, r4, 0xa, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000001380)='\x00')
ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0x0)
sendfile(r0, r2, &(0x7f0000000080), 0x5)
fcntl$setownex(r0, 0xf, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000240)='}[\x00')
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

07:08:01 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3c0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x8000001a}], 0x1, 0x0, 0x0, 0x0)

07:08:01 executing program 0:
r0 = syz_open_dev$vcsu(0x0, 0x8, 0x123880)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000001740)={0x0, 0x12, 0x2}, 0x8)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)={0x10, 0x1410, 0x300, 0x70bd26, 0x25dfdbfc}, 0x10}, 0x1, 0x0, 0x0, 0x4040000}, 0x4)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x7041, 0x0)
mkdir(&(0x7f00000001c0)='./file1\x00', 0x0)
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x18)
mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000300), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="6c6f7765726470e24503702c776f726b6469723d2e2f66691800312c75707065726469723d2e2f66696c653039a1a53e364d0093adf5bf9d0e03d01c7719d9029aa680bce29ed152025e88daf99c26790090bd7def9574bcb7ed9bc646663dda798d3976ed5672fdebb1fa44cc3f6095e0550aca0a234aff4c078963c5508e86fc53391e2aa2"])
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f776572ce93ed332e2f66696c65302c776f726b64d2af6d0f70058d8be6885df61e69723d2e2f66696c65315c00d6449a3fca184f7451ba1d1e3efa20f403f1ae5b4cb88e3ce970f1f1116e695612101b963e4671987268ea7983708a8048ca1af40d5023ed340da840602208386f4f09fc423a855325567d9908a9bd625d37f50000000000000000"])
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000140)={0x1, 0x200, 0x500, 0x7}, &(0x7f0000000200)=0x10)
creat(&(0x7f0000000400)='./file0\x00', 0xe9)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='pstore\x00', 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0)
creat(&(0x7f0000000440)='./file1\x00', 0xc2d21d08a9bc0776)

[  392.132205] overlayfs: unrecognized mount option "lowerdpâEp" or missing value
[  392.163662] erofs: read_super, device -> /dev/loop4
07:08:02 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3c1, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  392.179754] erofs: read_super, device -> /dev/loop2
[  392.186143] erofs: options -> 
[  392.200922] overlayfs: unrecognized mount option "lowerΓí3./file0" or missing value
[  392.210373] erofs: options -> 
07:08:02 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x8000001d}], 0x1, 0x0, 0x0, 0x0)

[  392.263856] erofs: unmounted for /dev/loop2
[  392.269923] overlayfs: unrecognized mount option "lowerdpâEp" or missing value
[  392.288772] overlayfs: unrecognized mount option "lowerΓí3./file0" or missing value
[  392.301176] erofs: unmounted for /dev/loop4
07:08:02 executing program 0:
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$BPF_PROG_GET_NEXT_ID(0xb, 0x0, 0x0)
r1 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc1, 0x3, 0x2d, 0x1, 0x0, 0xffffffff, 0x8020, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_config_ext={0x9, 0x5}, 0x1000, 0x3, 0x7, 0x8, 0x7, 0x5, 0xfff, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x1)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0x0, r0, 0x0, 0x3, &(0x7f0000000240)='\xf3[\x00', <r3=>0x0}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0)={r3}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)={0x14, 0x0, 0x0, 0x40, 0x20, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x40)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80800, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x40000, 0x4, @perf_bp, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r4 = gettid()
r5 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000300), 0x200, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x40082404, &(0x7f0000000340)=0x6)
r6 = perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0xfffffffffffffce8}, 0x0)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x3, 0x7f, 0xff, 0x76, 0x0, 0x7, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x1, @perf_bp={&(0x7f0000000180), 0x4}, 0x4, 0x3ff, 0x81, 0x9, 0x3, 0x8001}, r4, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1c, 0xa, &(0x7f0000000400)=@raw=[@jmp={0x5, 0x0, 0x7, 0x9, 0xb, 0xfffffffffffffffc, 0x1}, @map={0x18, 0x9}, @map={0x18, 0x8, 0x1, 0x0, r6}, @generic={0xff, 0x7, 0x7, 0xffff, 0xffff}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x4}, @generic={0xf8, 0xf, 0x4, 0x7, 0x3ff}, @generic={0x1f, 0x6, 0x0, 0x1, 0x10000}], &(0x7f0000000480)='GPL\x00', 0xfffff4a2, 0x1000, &(0x7f0000000780)=""/4096, 0x40f00, 0x4, '\x00', 0x0, 0x7, r5, 0x8, &(0x7f00000004c0)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x5, 0xc, 0x9, 0x6}, 0x10, 0xffffffffffffffff, r1}, 0x78)
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x89f1, &(0x7f0000000580)='ip6_vti0\x00')
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x89f2, &(0x7f0000000580)='ip6_vti0\x00')

[  392.435920] erofs: read_super, device -> /dev/loop2
[  392.442341] erofs: options -> 
07:08:02 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3c2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  392.498281] erofs: read_super, device -> /dev/loop4
[  392.503415] erofs: options -> 
07:08:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xc0000000}], 0x1, 0x0, 0x0, 0x0)

[  392.542430] erofs: unmounted for /dev/loop2
[  392.556650] erofs: unmounted for /dev/loop4
[  392.630656] erofs: read_super, device -> /dev/loop2
[  392.639062] erofs: options -> 
[  392.694150] erofs: unmounted for /dev/loop2
07:08:02 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7c00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:02 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x100000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:02 executing program 5:
unshare(0x6c060000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x403}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
bind$packet(r0, &(0x7f00000000c0)={0x11, 0x0, r3}, 0x14)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000080)=0x14)
sendto$inet6(r0, &(0x7f0000000100)="0503460008003e0000000200c52c", 0xe, 0x0, 0x0, 0x0)

07:08:02 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3c3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xc0000001}], 0x1, 0x0, 0x0, 0x0)

07:08:02 executing program 0:
creat(&(0x7f0000000100)='./file0\x00', 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x20)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file0\x00')
mkdir(&(0x7f0000000200)='./file0\x00', 0x1a6)
bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256\x00'}, 0x58)
bind$alg(r1, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0xffffffffffffff4a)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
mount(&(0x7f0000000180)=@sg0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='dax\x00', 0x20010, &(0x7f0000000380)='aead\x00')
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0xfb)
connect$unix(r2, &(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e)
bind$inet(r2, &(0x7f00000005c0)={0x2, 0x4e21, @loopback}, 0x10)
connect$inet(r2, &(0x7f0000000240)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000000)={0x0, 0x20, 0xfffffffa}, 0x14)
shutdown(r2, 0x1)
write$binfmt_misc(0xffffffffffffffff, &(0x7f00000003c0)={'syz0', "3fcaea7e37fb05d9cc7fbbc32fa6673e5d5444e1f5"}, 0x19)

[  393.048870] erofs: read_super, device -> /dev/loop4
[  393.062033] erofs: options -> 
[  393.088330] erofs: read_super, device -> /dev/loop2
07:08:02 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  393.144150] erofs: unmounted for /dev/loop4
[  393.146721] erofs: options -> 
[  393.167099] IPVS: ftp: loaded support on port[0] = 21
07:08:03 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xf6ffffff}], 0x1, 0x0, 0x0, 0x0)

[  393.282154] erofs: read_super, device -> /dev/loop4
07:08:03 executing program 0:
perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = getpgid(0x0)
r2 = perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x9f, 0x8, 0x1, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x6001, 0x0, 0x0, 0x6bd93668934210a9, 0x5, 0x7, 0x9, 0x0, 0x0, 0x0, 0x10001}, r1, 0x5, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000580)={0x0, 0xcf, 0x4, 0x1})
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r2, 0xc038943b, &(0x7f0000000100)={0x0, 0x18, '\x00', 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0]})
ioctl$RTC_UIE_ON(r0, 0x7003)
ioctl$RTC_UIE_OFF(r0, 0x7004)
pipe(0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
r3 = dup2(r0, 0xffffffffffffffff)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_DISALLOCATE(r4, 0x5608)
fchdir(r3)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x50, 0x2, 0x6, 0x401, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}, @IPSET_ATTR_SETNAME={0xffffffffffffff5e, 0x2, 'syz1\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x40004}, 0x6a84a7b992d32fb6)

[  393.313206] erofs: unmounted for /dev/loop2
[  393.322797] erofs: options -> 
07:08:03 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:03 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  393.425984] erofs: read_super, device -> /dev/loop2
[  393.425991] erofs: options -> 
[  393.432869] erofs: unmounted for /dev/loop4
[  393.498787] erofs: unmounted for /dev/loop2
[  393.541075] erofs: read_super, device -> /dev/loop4
[  393.546132] erofs: options -> 
[  393.601927] erofs: read_super, device -> /dev/loop2
[  393.616127] erofs: options -> 
[  393.629508] erofs: unmounted for /dev/loop4
[  393.693876] erofs: unmounted for /dev/loop2
07:08:03 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7d00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xfcfdffff}], 0x1, 0x0, 0x0, 0x0)

07:08:03 executing program 0:
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
getresgid(&(0x7f0000000500), 0x0, &(0x7f00000006c0))
setxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x1)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
creat(0x0, 0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000280)='./bus\x00', 0x0)
perf_event_open(0x0, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x2)
r2 = fanotify_init(0x0, 0x0)
fanotify_mark(r2, 0x2000000000000011, 0x2, r1, 0x0)
r3 = fanotify_init(0x0, 0x400)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x8)
fanotify_mark(r3, 0x1, 0x20, r4, 0x0)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r5, &(0x7f0000000380)=ANY=[], 0x44)
sendfile(r5, r5, &(0x7f0000000240), 0x7fff)
fanotify_mark(0xffffffffffffffff, 0x0, 0x1, r5, 0x0)

07:08:03 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:03 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:03 executing program 5:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000600))
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
ioctl$TCFLSH(r1, 0x540b, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = fanotify_init(0x40, 0x800)
open(0x0, 0x20000, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
fgetxattr(r3, &(0x7f0000000080)=@known='security.apparmor\x00', &(0x7f00000000c0)=""/61, 0x3d)
sendfile(r3, r0, &(0x7f00000000c0)=0x2800000000, 0x1)
r4 = fcntl$dupfd(r2, 0x0, 0xffffffffffffffff)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000008c0)=ANY=[@ANYBLOB="2321202e2f627506000000206f7665726c6179000a7a11e3d01a186630d9fb88856716b44731a2ceff197a5cb2096fe741de0167bbb19d04521d06ebd71a8088c3"], 0x41)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x100010, r4, 0x51ba9000)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1)
fanotify_mark(0xffffffffffffffff, 0x0, 0x8000031, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  393.946352] erofs: read_super, device -> /dev/loop4
[  393.975883] erofs: read_super, device -> /dev/loop2
[  393.990907] audit: type=1804 audit(1624259283.736:168): pid=23677 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir107747141/syzkaller.jqMwsF/280/file0/bus" dev="ramfs" ino=72624 res=1
[  394.027867] erofs: options -> 
07:08:03 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  394.050895] erofs: options -> 
[  394.093120] erofs: unmounted for /dev/loop4
[  394.101701] audit: type=1804 audit(1624259283.786:169): pid=23677 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir107747141/syzkaller.jqMwsF/280/file0/bus" dev="ramfs" ino=72624 res=1
07:08:03 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x900, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  394.224053] erofs: unmounted for /dev/loop2
07:08:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xfdfdffff}], 0x1, 0x0, 0x0, 0x0)

[  394.297885] erofs: read_super, device -> /dev/loop4
[  394.314796] erofs: options -> 
[  394.335823] erofs: read_super, device -> /dev/loop2
07:08:04 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  394.378946] erofs: options -> 
07:08:04 executing program 5:
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
set_mempolicy(0x4001, 0x0, 0x9)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
syz_emit_ethernet(0xfed6, &(0x7f00000000c0)={@link_local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @broadcast=0xe0000001}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)
creat(&(0x7f0000000300)='./bus\x00', 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x4002)
io_setup(0x79d0, &(0x7f0000000000))
syz_emit_ethernet(0x0, 0x0, &(0x7f0000000280)={0x0, 0x2, [0xaef, 0xe93, 0xc40, 0x652]})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
io_submit(0x0, 0x6, &(0x7f0000001940)=[&(0x7f0000000380)={0x0, 0x0, 0x0, 0x5, 0x1, 0xffffffffffffffff, &(0x7f00000033c0), 0x0, 0x1f, 0x0, 0x2}, 0x0, 0x0, 0x0, &(0x7f0000001880)={0x0, 0x0, 0x0, 0x6, 0x4, 0xffffffffffffffff, &(0x7f00000017c0), 0x0, 0x7, 0x0, 0x2}, 0x0])
pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000340)="d4", 0xfffffffffffffe9c}], 0x1, 0x40000c9, 0xfffffffc)

[  394.407025] erofs: unmounted for /dev/loop4
07:08:04 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  394.481445] erofs: unmounted for /dev/loop2
[  394.553942] erofs: read_super, device -> /dev/loop4
[  394.574893] erofs: options -> 
[  394.645214] erofs: read_super, device -> /dev/loop2
[  394.671098] erofs: unmounted for /dev/loop4
[  394.685142] erofs: options -> 
[  394.778802] erofs: unmounted for /dev/loop2
07:08:04 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7e00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xffff8000}], 0x1, 0x0, 0x0, 0x0)

07:08:04 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:04 executing program 5:
r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'geneve0\x00', <r1=>0x0})
sendmmsg$inet6(r0, &(0x7f0000002040)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x7fff, @private2, 0x6}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000100)="c1047cf63b362634c48eb06a35770e518014ba6de08399351be0aa5f100f096f5f02b76225a2", 0x26}], 0x1, &(0x7f0000000340)=[@dstopts={{0x60, 0x29, 0x37, {0x0, 0x8, '\x00', [@ra={0x5, 0x2, 0x20}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x3b}}, @pad1, @ra={0x5, 0x2, 0x20}, @pad1, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @padn={0x1, 0x2, [0x0, 0x0]}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x41}}}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x1}}, @dontfrag={{0x14, 0x29, 0x3e, 0x7}}, @hopopts_2292={{0xa0, 0x29, 0x36, {0x88, 0x11, '\x00', [@generic={0x2, 0x86, "4b3479ec5442376da1db4b3ddac0d454c8dc631d1192c36c565b2732ca6e487edff33d8b37421028031a3ed78ec39714d3344c9439e499cfbab79a06001120f915d11375436fee77bca6f589fd175a88a01ff76907a038943ea1e0d44bc003d0711593cbb056b6217b2d4e2d92fd06419eddf12fa26462bec04d2bcd5db6773b1a5b57cac99d"}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x401}}, @dstopts={{0x48, 0x29, 0x37, {0x32, 0x6, '\x00', [@pad1, @pad1, @ra={0x5, 0x2, 0x7ff}, @jumbo={0xc2, 0x4, 0x1000}, @ra={0x5, 0x2, 0x8}, @hao={0xc9, 0x10, @empty}, @ra={0x5, 0x2, 0x2}, @jumbo={0xc2, 0x4, 0x5}]}}}, @dstopts_2292={{0x98, 0x29, 0x4, {0x2b, 0xf, '\x00', [@generic={0x4, 0x75, "d759d30f0439ae1dc86a09853616f1aa0f6017ce9c3a31a071191613d9d054e636c7bb608aad439d861e5e2483358e2ca61df295cc71af06ff35fad028cd13b283999666bd2586c9b4b46af72055b14cf5aaa91d5181eab3d618344e0141e4d0b72edce28dc54c3525b750cf1ffd03885c268b761c"}, @padn={0x1, 0x1, [0x0]}]}}}], 0x228}}, {{&(0x7f0000000200)={0xa, 0x4e24, 0x7ff, @empty, 0x10000}, 0x1c, &(0x7f0000001b00)=[{&(0x7f0000000580)="836ec2079525d8160284974e3ccb180c0675ba6a7c700032c6ce4d19193b82e24c538d59ed7ec4389dcacb0df1b40e7500abeabd6071d7a7340b8cca389d79433f47f0717d65fd64bd90ced73dc2e85eb2b0131cbd98788b0b1a9d46ef787a1160834bb5564006f64c0b210d6e43d18f12341019089818718a7d99815da49a467934ca170fdbf058f044289ac676d1d06593c5d87157d436a8c67e0f486237b6db75cd6b30ddd3a1fe08849345979b0520a9f7f11495f7587e5252729c81338fb0ee95b5d9fd149a0229a2863cf13593fea1bf43ad24076cb357d6138b5eebad4d326a24651f592372afc7bb07089bd870e3cfab6c35b2dddd0638e0407c211b6999c3355eddf6511f88ee51600b5a0defc04982dbe9edb47a1f962a12a8227434384029b3fa50f47051068f29423e9c2024e251f00151f8853204afa7c06ec50f06acfcde5a87a9baaa4efcb8af5a2039c84508cb06061d5c26976f10d100893f86fbd31f8d098e1ed7caf4fc10f3a7608d1548bb97dfe4e87cae86702c031fbae092c79043b274c8544637c46b8975020b31bb842f90cfb5f9f67916b8d659cad9d58101b6b2ba881771f969ca6c1e470260c4af80ba20134c0a42a14c1b291c71345bcf2bd64490c6812ae874da069eb52743d2a2671d20394093314b524d629bdcf0e31f3d1d808d272af9c225a60dd8dfadc1eb3db747f5e555e7ad258e6e3c557fb26c6aacad05d44b93c415b78126be49ff1392614940dda09d56b5032b40423336b20121027b617bfbc9d7ff57c2fe8d5fd8b1a0c3904f09178668ca123d564e6af83b8b7028587a1e39dc575f2cb103a7fb002343c9d3edb5ea53dd8ffbd0da2da41d08a2f475d33b29de07fff9f1774320c0d05d6bf0e32f7ef33ffbeee702c680d07daeb38a9f3a7ea103caa59df33868eae77f551f7ed43eaec9bdf37cae2182944e5f84d0333bff178909ddf5921a7a42bed4265d6171e4dbcca292b8b705b676072c355a788572db2d5e2d8a3cf3e79c60c12947decf82ba533a68cd371fc3fb586248d4060a021cb7e127744d47b855e5e3fe9c6f8d3178011bdb43108b958d3cc0cc882bed83b34637652e6914a9c5e9ff007870ccc654c6a616db984714ad958bebc71991d3e9b4a5ea84f0583d1fb478d98eedd9e6772431c2e664acb8fb24508b4b5612b35fd8ade1e8c3831dd51891a90999f63f5445f123620fe19d4d1fab321b33f90ff8429ed87dacc31a589728381e877c5d9e12404022a4719414302263fb1a256d1a1363dd3fd704187855afb3633160a944b10a77a17b4dc011a591cd51d72e2e5fe79202fb48b527a0f074f6f3e1053c89560f05b01520240861969e1b5971648b3c5ab7db744ee49b5e84dabbcba58991960ef1f41b80a55b65b508610c4959f8bd5e6c245167b092b15158c1ebbee15be691b7a97504fa72defd55f8063af950c0047b9ff39045b5a189cb0e297709add0b76cc0fd95eaee55af802b61e4a7ccf27bcd5aae3bae32cdcecb7ff865e4214b5082da670f965aa041a00487afff8c85fd1170a84fe970431935e132043841ce1502609a30edc9831e66f59d5e0cf7d66cb06d622373ff965f88d2b989ae122383e00bb45ec53b5b128ab41951535df5d53fcd827d2335d7c0716d13a18e382d50ba2caacf3fa4e97e072d816b3c00a4ddbc7a48774de3556f64bb06c2820beee362dd28ecd23042e4eaca2e0ae3438850007df435e0f565cc86824ad864a4872a41baa2f41f614a120e7af64a468c5c3cabe42d836b8ddabad487354af822b6b0db1a45d4fbfef135228cfdead66a65c38649c4ef46b947055ab669ea15c6f253bc32a5aa074de1d6e344939c53360bfd41a8b4e5314bb07ef75ffae49ffa075b49057a7236079416a3d28afa819c0273c4d02120647c3e9fde1091b92801a7604121fb3ddd26310fa261ceb6b87e7933436c7544f5d6c88497d6c263b2d39eed4848b476d1098a8226a2638d7363b80d07d064f17e7ab435a0788dffc9788fb8bba3793a784785630cc87fc60167e50f397eafc7a558369288a124c1bf81f2c740cc5be6c46c8e878a98b416bac4a9c6610ea1424569587b0271478ca9f684c972a5ee89491117c9c8a1a8b8f37808656a19bfbb6d7411fd753fda9f8ef897d3dd2731ed95101ea80cacb563aae0b4b9ab24d06d75ec73e829039239732c7a6b749b69e8f8a74fe620b428ce765220aa2e31818a4666d1bc92afe91d2dea45fcf25d2959409600b9df03a853dd5c59737f9a6c2a04e858edd78e906b56682db91c39d41c9343799497e54a8a09e805220034b240f37faffc1dccd8d7638835e5f441015f334a8649aff8bb6930a54f6c48f68463a89ed855021e0748aebeb43ae76fe0fa4c1ebc543928288d8b4e75a02864f363abbb61bb443fccb808cf7ce870d4ae9d9129769c8725ff30b996eea234a2efcfe65acc175944226328de488ad2156d667ea17ce3301bc39aea9ecbc396f42212be21d28836db4336f020c9c29114e9fe5f56f3182bf7aa16a033d6534d269e7fd0ea7f8263136e376f98c31796d311a29db7d05db3570e757dfc7c7ae869d14add5e74d6686a8d8d72fe7c6265d125a0ec9078df3688f930a98a26f0e01fe095e61b51d540154ea175930d358ec46f6829f61d7a7ad57867d5bc2cb303e1291bd5da48d34b00d06050fc3bc255a5dfb98ed4559341b1682c0e6e85778ea82633abe4c97da8aadc5a6437009871c268bb6a3db47b278c1989e4b131780a099045768abd9b65cbe1508e32aeb7c223a1d08addcb031c13f584368103c054e519a3735aad0e724988b203578336eae919c0d870ddf2babdd195c6e1ec505b3606ece133d61c5cbd1b8d1379568766102f9a594484de50b5a1449dd62f024140dc8e5795e97bba4fb96a9892fb161fa90d63eb5f710a1b172929fc195f24253816560cf633d3cffae4b76c01c5ef20d7f21a5bf5273c78102380067b63e67b248c9215fd8eed1f10288828415d0418120d75a605c35d81f679f8812a4cb85a5e32e4549cdf467d0c0fec934f27a14f6dca21c325c0698873cf46b271a66af3d630251f5f91e8422ace9616536b77d4b80267caab9da98051fdb9b7beaa7f32deed6da3c22b8c09b8f770f2116b4eb2df262388ef1f5480af56eb399355afeb7464944f39dae8d0f5ea580c6c66f80256454cedfaa35d062eb3b95752c3cb2c6f4cc25fb0c6df11c20580547a1cd4c03b31520a9d881045844ba6db89197eeb5974db56bbffc91d1d6ea9141abe9fd7efdd6db7ce3170a0ba7f720086342fb90e79f3bdb877cb4e3d7a520845a33139939e95f888da63ef9395ce5638c55ce442e9b03b2d7e5d18bb4714a0cf3df4fb6423ece90816b9e5c927c9bcfe94ab2bb691de6026882771f02de8904441e38c6b00cf9c24f9929e8c828de90fca0f0a21b8a87f38fb28d4150142442ed40b3b18771cb6973fc7703c5a78203c444c97b54de9831b81ddbecff2734dc4f33944a2461663c03ca561821fcd2c1ec56f2fdbfbfcfdd1c36a55500fa7e77455ab54cb2df269a5cd1b9a3821f9c792e4f5a12989f030b6774b07e38917f057ea358e952ab6ff142cee6b2b4cea3186f327dd5080a7ddc838eddc27d5d9d98a40dca28d2afeb821be1bdc12a1a42b18da1385f09251c765dca4ba296c83ca84bc1f19d2cf52649bab318920d34133f495fe68407f80c8cfa536210a20a848adbf2b6d14dd43f4c00bce13b900e4ead0d27e35d7f37a81d283d0089e34c05bb715b45538197d3ed230a33e9a1a2a02ef68671ba3c10dc6d0f8c98d8343ee8eafffeae6fc3b139da7757339f79507bda815502fc8ab8c1944855ed899c583b97e415c5ea52af3ee467903d337c7739e997d4e9776869ab34207bab2716eb31d53c015ddfafdbe21be3a4bde2597c1188edf498284f04c51fb8d104569cf384d320ab9ada490549ccd60f89d059d40d59bd71d137b03cd792aa035a7639b3efb9dd4a50604730996fd1db99c32120e6d2f392c5006227a38920a8e10c66aae119210dd69ca3c804c6ac2e3d36ee2c4d58e50e98e65952e032a7abcf48ea028bc50c8553a99938a1e50dfeaba6db0fc31622cab85e1ef33fef48928ec816315ffa970a96e1344ab48b343248a8811354790e7cec3ce2cd735b59d7fe1b9ec226fa521a2faba38ba95a034e75c22529a27530ce32dd0ad77401b058d2f800b36d6fa9d10b553b4949430fd6a28006282824e2a6c13f0838b19766deaf4012058b8df7d0ab9984623bfadd5a64734fe58c3e863ca3695a27cf71de70e61df67dcf0ed991a61f9a1a6e491c2fe4ca0e1f074917ea16efa8d14701dab1ec88f79ea05c9d41cbf5a92668eb6d002b7c630c75dc00d0481020071da5a67730aacd9fa83c3da8ef77ef88b1f05ada4c732c03140f587b206f3ba6d37c4b6c9c65c85d31cc0c4de7fb81c95432f18e6e84078d2aeaf77a6a6bb407052573ebc118f468a86723ece39afdfa855bd10653b8e268f2ddabcf59900650b102458fd4ef60bdcb903b000a192209073e0e726a0b5fa201605a489e2793a00893ad655f17ccb9a47e77f79f80a13a2384cea18473065f607a979d2e8a8cd3567180006095cc0be3997027fa42d6dc15d4a1aac850e2c2247204798ad7ba50cf3b776632a8a238d07c2d24ac772a93f246c912106f7e72484063dc9e20d85bbeb69ef9b9812239b6eb5eedd4799ee7c5aea207e568f03178482176c9246f545a995708273267a4d1b1dd6eafe7ec0213015a64698a26ef288620c5c13e8ca4a87ad15f30e966a0d644bae35569748563b97bc53ce649d5b6ef3ddd75a828695bfe364bf49837e747083557eaa1ac4d76d7010daee249db4b9c09e8ed45b29183b604c202ca63c37213eb726bfd680b176d2072c6b31bbe06a0aed3f6536c124baed9ddbb540ddb670de5adf2276045851692490c2a279fdfc7392045ae83d1196c275d69aab45659f7752e8e62c5315e9aa3d8b8e1a92074f2065c64ed005a377facafb6571319bc869c34152e5353bac279ed3867c254ae013a6ff1a75eaea5a29fac0a1122ebe1f2117f21c97a21aebe9d4189bfa94a6e9982101ceca2408f3c8d4158077e7bbf7028cd104d969b4f27f3cb7b6717e3d367fe80c80a0fbb73f17240725ff7e5fe0227d6e55b48fafdb49ac6293ef86df9ee3ed1d2fe4abb874e6b685e3474fa225430f9d32ece9144b90e61b86794adc357d87d780aa8c9f32d5e31b87c81e2177944f960ccde7481de9051453ecd77d2da9f0bd1a7a44b8752d9cce88f104d7a12ee86df882cb0453d3d4851b2e138b66e885019a63e656af8f253620092cff6f3a41cbb33a9093cfa727b064c03a723f5c6dece84b38643a42a88c829af64b0bff2007586f6078845e216ab0609148a06df2a6bb8de5be75837d8f5051166c31608d9e0a2d172236454141f00708356799f4ff9ae9cd0932ecefdd745cb9ce3dec18c62f3c8c81520d755a23ac9a2fdc3e9a3a4caae55c6c69e26642dafe860008c9af7f29e01f24d0392aff0d2303651deb607cdb6f7a19cbe54474b78bf5958cc034b61e6006a295650c14e65fd4253dafa2e4273292aabc125a4200c766f90b67865641ccbcb5d81b7bbdf5bba78383f1627ed7186ef632dc13abbdf93cc8dbde465462d07f4f32816b32254d73ca7f0643ef7e178be8b7931d099aa2830ebb672f1b5f3b54c6c06a145abebde6c00ec91627dd52ccf31bc75456a1f85cb1f682", 0x1000}, {&(0x7f0000001580)="fcaf37416e14bd3d7b6156f93e863d1a931b66213ad6ab8d160227fb4c151cbfe637289a133f32c94f12dfc464e886483faee4ac1bdcec366ca8adba81da2ceeffb6b470777ef8066408eea3b2669734df037c1d09dacb554863989f7fed1f81e592840a3c69e26824", 0x69}, {&(0x7f0000001600)="08e32469133b491e91da3d2dcb42257d0f08f71ef55b63ede3813e095d748eb78e8ffedb2654cf77aae684fca156d6b20eb47c4ddc2512e674c9ccc13efde5e118e72751f90bd4d9df417b3b559cc901f246170d87f3b8a2947002329d981fb5f80e2a001a446605b764b382c872b7da1c392fd892631bcfd31a975476d7019693e8daa7ff6d2aaadbf1dd79df357b0fa4d6e30e256fb5f82f1b412e1e2505a1b49da7072171dc", 0xa7}, {&(0x7f00000016c0)="05c2141c8f3e663609091ee6ef3aa75504be197ceaacfce779031696c64dd134495fc9be4d2190182217db0e550c5c809d27a8ac041aa66a26655339f95cfcf918ee5270070faa0bd5f7ad63629d87ba3a5d9de9d08b463b7b05405a15019a8dbaf9d45640274513113c8b49808b6082e2466332db197daaf1c428284752cb58def8d79b61a67dbdcb8a5c796244d1ce921f2c7d9470ec5a5e62aa488ef54cb7a3cb473e06ae91971007711edc0d04de4e9f3ebbb9b5616e228787a0bf9de609288d273225e0e9af2d8b06bdd9cb12cc4b1256eeaf667d0060626b3c202e29161a5fba70e3691ce929a664b445452598e7992163b86c72", 0xf7}, {&(0x7f00000017c0)="7c1ca2920cdad83a6ae701e4e809ff778771a35d3f431d5336df9b968156b42094079e8258b0efa742273851db1846b458dd5630622cf2074589cc1637b7f575e4cf2a1d60b321968359a286476ad322148a7b6870ba36934fa8694696e826691313859c743248515fc4e51da162fb613c68f52941cd56090bb41ba40fcc5b51ea6ff59c674db84fee10ec5df4a999f17adc98bed1c35f4200c63e140c14f2aa8ed8966b1f9d23db82c51d145e0cdc43f42e53cb5e2f1fc8abe2e60f92b5002443ba3c6de8410c1ae16438c9bd588c17e2eb8da31f25128602b5e9b36fe88a53dfd53484b296c9ed692ca0be1af94e3c877e2394f8f6d7595d9f51", 0xfb}, {&(0x7f00000018c0)="3a23b2388e2586a1d43c35ea64aab3893035ef34be36030e0c76d38a9cfaf313091abced765bc2f3c5e5c5edb9b8cfb12f4784b0d6729cef04667f44becb39b5bf462182", 0x44}, {&(0x7f0000001940)="3fa5d13cc19971ec1bc61be59ac85938a1e240bb89fb5724ee72f594f15e8c5f76", 0x21}, {&(0x7f0000001980)="dfe7cf7c9ff1454f024e2df178f161ce4a70e1041a6611f702b6c65d8a2c1fc859d6abbc32e4365f407c521c047461fbf22b93c71a0fed2a743895b8e9b1b2b207d5e91fe20c9f0ef0761e2659fac0c45351644fd9111d9e0a30ee581928f41feb0a2b22a4f18c6dc3459defcb876f4cbd7db574af1cb53f293e59fcfd1de922645b66713a73e7cd4219065244b6f56bfd9c8d18795bf9841674704c9cc11f98644ee393614cac418f469204d54013", 0xaf}, {&(0x7f0000001a40)="c518d510b8d5afd2a53f2c9c34a8f86a86a9209e10d896b988270d051cd3755437b930139b84a4df0088b74fbfd662addab5635c23fb67c7adca08d8c735f52d0b949a174237872cd43411dc4d27bd6ee3602366fa66384f9ecf7cc9b32a4b76692631c0864cee84a7dee1203489079c4cf94bcebeef4e3318f2509171a9956f0e63b2a8c806895edc053e9bf8bb9e7972fe9a3d2377a6dca94fee7d015b1b4d", 0xa0}], 0x9}}, {{0x0, 0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)="8cea506eab5a85a970f2c64b3a4e85933471bbaf2334a83a8f1af87ef5dcfc6360adeaa81a767f391b725f0ea09791d8e80f1c5b3f1db06178687b63e501c063ae38a3752038bb8811fb99f5bd5028d8e1d29f6b656c017e74e19894858f677efc2ed410ef22772fb85d1da5ecf3a36352f1cb52b39fe991acda6f34747ee50c1a6b1ff0fa6e4874336f31076c9a19a739d8f660", 0x94}], 0x1, &(0x7f0000001cc0)=[@pktinfo={{0x24, 0x29, 0x32, {@mcast2, r1}}}], 0x28}}, {{&(0x7f0000001d00)={0xa, 0x4e20, 0x4, @loopback, 0x8575}, 0x1c, &(0x7f0000001f00)=[{&(0x7f0000001d40)="61f6693e23e7dc93119195628fa0e303451b5579443723612197e3489f7847d3d601b991f040768054579822ce3343065c2929cd8d62cee3977ee87e5682b6f59d617090d115d6323b1fcc392ce043ebca0bc48b9b2202c27e6342d079a5f58b740c2d5c32513c5a91fbe7cfec8d7ee64c4ddcb5551d78b57db25f091668aacde28d6efbcb0bca6ea0f9ce0ef225854a984a8703f4f23682d4929d36e58b0cec61d4ab125b5b58c63aecc86084570caa97858a20f353ad", 0xb7}, {&(0x7f0000001e00)="5c7f3cdff5e52d0d3a5a2c1de2bc4eefe93cd50345f81d15e21b41c0ff126db0d5e6656ce5014ce88d01f1b18d178674b77fa911ad0bf2606b9cc89ea21c90248eb23cfd525eb9b5a67da5b64a9cfd5d807430a8424b6182957a16b9a165bb1e97b13604f51bbc752ff0fde91723e9d8e6a21e022522883a5edc8c5708234a5d305f57c3604e9af7406c05158fa217a85a35a614f19a55c1c86af70a647502b8e980637857ac11fccb4ad78aa6a9a06084765980414185bfdaeb4c8084544ce28d597881fd8c49fff5a5bbde7b55bbbb4d57c4b4e21dcb7dca917371e873bd8f76cf690d73f11dde96a7b7897f21d2433ef8bb8ffbfeb3ac0f", 0xf9}], 0x2, &(0x7f0000001f40)=[@hopopts_2292={{0x30, 0x29, 0x36, {0xff, 0x2, '\x00', [@hao={0xc9, 0x10, @mcast2}, @padn={0x1, 0x2, [0x0, 0x0]}]}}}, @tclass={{0x14, 0x29, 0x43, 0x6496}}, @flowinfo={{0x14, 0x29, 0xb, 0x3ff}}, @hopopts={{0x28, 0x29, 0x36, {0x4, 0x1, '\x00', [@padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x6}}, @flowinfo={{0x14, 0x29, 0xb, 0x6}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x8001}}], 0xd0}}], 0x4, 0x40894)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x6, 0xaafb)
r4 = socket(0x200000000000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'team0\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000240)={0x11, 0x0, r5}, 0x14)
getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r6=>0x0}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}}, 0x0)

07:08:04 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:04 executing program 0:
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
getresgid(&(0x7f0000000500), 0x0, &(0x7f00000006c0))
setxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x1)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
creat(0x0, 0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000280)='./bus\x00', 0x0)
perf_event_open(0x0, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x2)
r2 = fanotify_init(0x0, 0x0)
fanotify_mark(r2, 0x2000000000000011, 0x2, r1, 0x0)
r3 = fanotify_init(0x0, 0x400)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x8)
fanotify_mark(r3, 0x1, 0x20, r4, 0x0)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r5, &(0x7f0000000380)=ANY=[], 0x44)
sendfile(r5, r5, &(0x7f0000000240), 0x7fff)
fanotify_mark(0xffffffffffffffff, 0x0, 0x1, r5, 0x0)

[  394.981541] erofs: read_super, device -> /dev/loop2
[  394.990977] erofs: read_super, device -> /dev/loop4
[  394.999941] erofs: options -> 
[  395.003243] erofs: options -> 
07:08:04 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x26c8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:04 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x800000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  395.013836] audit: type=1804 audit(1624259284.756:170): pid=23774 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir107747141/syzkaller.jqMwsF/281/file0/bus" dev="ramfs" ino=74783 res=1
[  395.044065] erofs: unmounted for /dev/loop2
[  395.049762] erofs: unmounted for /dev/loop4
07:08:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xfffffdfc}], 0x1, 0x0, 0x0, 0x0)

[  395.179227] audit: type=1804 audit(1624259284.816:171): pid=23774 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir107747141/syzkaller.jqMwsF/281/file0/bus" dev="ramfs" ino=74783 res=1
07:08:05 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  395.235577] erofs: read_super, device -> /dev/loop2
[  395.252014] erofs: read_super, device -> /dev/loop4
[  395.254229] erofs: options -> 
[  395.257219] erofs: options -> 
[  395.320972] erofs: unmounted for /dev/loop4
07:08:05 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xfffffdfd}], 0x1, 0x0, 0x0, 0x0)

[  395.414455] erofs: unmounted for /dev/loop2
[  395.470893] erofs: read_super, device -> /dev/loop4
[  395.489835] erofs: options -> 
[  395.557137] erofs: read_super, device -> /dev/loop2
[  395.605547] erofs: options -> 
[  395.654280] erofs: unmounted for /dev/loop4
[  395.700858] erofs: unmounted for /dev/loop2
07:08:05 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x7f00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:05 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xfffffff6}], 0x1, 0x0, 0x0, 0x0)

07:08:05 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xda00)
openat$cgroup_subtree(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x7a05, 0x1700)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={0x0}, 0x10)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r3, &(0x7f0000000200)=ANY=[], 0x4ea00)
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f00000002c0)={0x1, 0x6, [@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @link_local, @empty, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}, @link_local]})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000380)={'veth0_to_team\x00', @remote})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x1c)
perf_event_open(&(0x7f0000000500)={0x0, 0x80, 0x0, 0x0, 0x5, 0x7, 0x0, 0x0, 0xd900, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10004, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x2, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xc3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100008, 0x500001c)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1, 0x9, &(0x7f0000000980)=ANY=[@ANYBLOB="1817644fc15136d8a4ed1eeb3a937d0c926e9ce8395d826c00f555473a454f52ce2a290984a6fb1ba22adf36399718e330b1335d4a63f93f3c2313c26c4ae6b9abacac7b0a23269695cb95f65bdb053ee462bb51ff6cedc55617e07a9b748a6533358d02fd46c5cb7dca275468017490ce255fe66455c056b43ac1a15f2824c6ba6774c3cec2a8dcf318f1227d0427c165acfd820a0ada2824ef0766ddb2191455ecc9310213cb8b2db4838f4aac88261a7e67926973a7c592a8d1a1e123c268b222fe5abfe9c5a525f68d60524704fb4f9f9ed115a544aef0e63d144cfeba502b88b6041900000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000950000000000000045a130001400000085000000060000008500000009000000853700000100000018140000", @ANYRES32=r4, @ANYBLOB="00410c91379a0bdf6535d624c3da960e0b07b9b430f07483d966909945ffd271b8f6ae2a0d96946f2538244c659fafafe2731f845e64358be3fe166e2460e4a844f6be7102d9311944952f3617ad79bd9358d82f342b8dab3cdb68"], &(0x7f0000000040)='syzkaller\x00', 0x5, 0xef, &(0x7f00000003c0)=""/239, 0x1e00, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x3, 0x2}, 0x8, 0x10, &(0x7f00000005c0)={0x2, 0xc, 0x4, 0x811}, 0x10, 0xffffffffffffffff}, 0x78)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x31094, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x40, 0x81, 0x4, 0xab, 0x0, 0x7ff, 0xc8600, 0xb70316026e7472de, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000180)}, 0x801, 0x3, 0x7, 0x5, 0x100, 0x6c0, 0x5, 0x0, 0x3, 0x0, 0x40}, 0x0, 0xc, r5, 0x5)
write$cgroup_type(r2, &(0x7f0000000000), 0x248800)

07:08:05 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:05 executing program 0:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41ba}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580), 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lowerdir=.:file0'])
stat(&(0x7f0000000300)='./file1\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0})
read$FUSE(0xffffffffffffffff, &(0x7f0000000bc0)={0x2020, 0x0, 0x0, <r1=>0x0}, 0x2020)
rmdir(&(0x7f00000004c0)='./bus/file0\x00')
syz_mount_image$tmpfs(&(0x7f0000000100), &(0x7f0000000280)='./file1\x00', 0x2, 0x7, &(0x7f0000000b00)=[{&(0x7f00000005c0)="d5ff67f3b02e96a7de5ae496194551abdff462b1d121b2cdc17b7a6374a0a61d3dfe308f12f603f948b0975bd8d9e084b6cc94a115ee76eacd3a17633b506c28ac6fe3c5581ecb5ba4cd3df8571e90ccb4ab31e59271b413c3c64deacb3e0de0f8811580467a8069d7d02cb84ab6aff67e9cfb39985773eaae1dd812c881b23744d4f62323397fa50e75", 0x8a, 0x5}, {&(0x7f00000002c0)="63148b898df8218661dd5ec70cdd", 0xe, 0x9}, {&(0x7f0000000680)="998a5017a37ebcf09d7f5e36c057af682cbe90100df158d0af086d71173b91186dddff6507d90dbd11f9dd1e732ce6e7f64df14e4bc53d319641706941927e4ddf2ca501c41cfc34c765ae75533e670218746686a57483068d35c85d83df0a155e52849d8e4ae633137a9dd4ba485e2b90a664e746874a2f3946720c488c475fc9e7ccc389823bdfcb0c015d03ab4e", 0x8f, 0x9}, {&(0x7f0000000740)="6a391841d80317a697802198c592f319622c87b634d6accc2b121e9f5e37d5ee032c73264c2002002e7ae67ff10c82926342b6a3d54757b4ac8e5174b3fdc16672cdfcb439e1b99a5c57646e48e267cb57cf98a353e9e6b1d57c82654185de15fa4cd348242dff9bd706f35283b0fcd12837b12d8223e22acdb8c0218e0b0768d38ceaad95496c3cd55a3ee9d1313e13e59a7c1740e47b45a39e76fa8e233b4348ff2b7639a505007eb357fe5d4abc3a7339acc8b9f1b47e84866af565bcf84ee4398739753a9e7a5a7376b52e1fa42b", 0xd0}, {&(0x7f0000000840)="cbfadd865d88fa2a5b738d453ede3c6d3a4fece91c1517b2c3234fb135b5235d2c51968fe2bd79a4dacdd2b8ec22445d357680f737f9aa962ea59d528c0a58259270eb42904ac04ad9fa57b65cb69bca5dfac1b9fcfa42ceee3355d8531aafd1d422e047a7fb6b6ff7330960f4a106d769abaf8799254b5899405351b281ce83ce88d24232a96046a21bc3f8441337ae3fcfa0d826327f7e36348b1888f45613920d8b19b618d09a", 0xa8}, {&(0x7f0000000900)="a329a54d2197f2bac3511e8382694a908205934845ed07aa44079498d1c1ec36079e7f22438470429809d9e70e3ad94e318e8e77d4dd603ba9834750f0a8af75ded50e1d11bb0c093bb53e82b8e56f36924de3873207c63c10fcfb853dc4b2748039e468bb85c28fd337188487225d51685322463adb6b61dceff5b991219ef6b5db7a31c235e48195a10e943766617582c5388ff45dbe", 0x97}, {&(0x7f00000009c0)="3830a8cf3ec62ed90b310c0dd2533170e329888b681ee340ca191e6d9b4b5f633b1933ebc8136b85eeaad6ff166251a5b2267b74f1738df11bc2d3589429b599741b4faa6b08c59c79a9cea2792d1ac003d952ed40365e086d8163a7b165a8f756410cf40b0bc39a63fe0ac6d8edf1054c4fb7f6c2d594b321361e1b37bc4a032ade5df8b78ecf6e759cd72d3c", 0x8d, 0x9}], 0x1000000, &(0x7f0000002c00)={[{@nr_blocks={'nr_blocks', 0x3d, [0x14]}}, {@size={'size', 0x3d, [0x39, 0x67]}}, {@mode={'mode', 0x3d, 0x9}}, {@huge_within_size}, {@gid={'gid', 0x3d, r0}}, {@huge_within_size}], [{@euid_gt={'euid>', r1}}, {@fsmagic={'fsmagic', 0x3d, 0x3f}}, {@seclabel}, {@uid_eq={'uid', 0x3d, 0xee00}}]})
mkdir(&(0x7f0000000ac0)='./file1\x00', 0x118)
perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0xbb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000140)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=./file0'])
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002d00)={{{@in6=@local, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@private0}, 0x0, @in6=@mcast2}}, &(0x7f0000002e00)=0xe8)
mount$bpf(0x0, &(0x7f0000000500)='./bus/file0\x00', &(0x7f0000000a80), 0x2003, &(0x7f0000002e40)={[{@mode={'mode', 0x3d, 0x7}}, {@mode={'mode', 0x3d, 0x8000}}, {@mode={'mode', 0x3d, 0x8}}, {@mode={'mode', 0x3d, 0x1}}, {@mode={'mode', 0x3d, 0x9}}], [{@dont_appraise}, {@fowner_eq={'fowner', 0x3d, r2}}, {@obj_user={'obj_user', 0x3d, 'fsmagic'}}, {@dont_appraise}, {@dont_hash}, {@smackfshat={'smackfshat', 0x3d, 'gid'}}]})
lsetxattr$security_capability(&(0x7f0000000000)='./bus/file0\x00', &(0x7f0000000180), 0x0, 0x0, 0x0)
rmdir(&(0x7f0000000340)='./bus/file0\x00')

07:08:05 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  395.927395] erofs: read_super, device -> /dev/loop4
[  395.932581] erofs: options -> 
[  395.982046] erofs: unmounted for /dev/loop4
[  395.993391] erofs: read_super, device -> /dev/loop2
[  395.998637] erofs: options -> 
[  396.025010] audit: type=1804 audit(1624259285.766:172): pid=23870 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir053473643/syzkaller.ULn9kq/218/memory.events" dev="sda1" ino=13925 res=1
07:08:05 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8303, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  396.121859] erofs: unmounted for /dev/loop2
07:08:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x4000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:05 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8603000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  396.173652] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  396.235328] erofs: read_super, device -> /dev/loop4
[  396.240999] audit: type=1804 audit(1624259285.986:173): pid=23878 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir053473643/syzkaller.ULn9kq/218/memory.events" dev="sda1" ino=13925 res=1
[  396.265817] erofs: options -> 
[  396.275661] erofs: read_super, device -> /dev/loop2
07:08:06 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8803000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  396.281787] erofs: options -> 
07:08:06 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8503, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  396.318261] overlayfs: filesystem on './bus' not supported as upperdir
[  396.325204] erofs: unmounted for /dev/loop4
[  396.395881] erofs: unmounted for /dev/loop2
[  396.452767] erofs: read_super, device -> /dev/loop4
[  396.464710] erofs: options -> 
[  396.467289] erofs: read_super, device -> /dev/loop2
[  396.472952] erofs: options -> 
[  396.510570] erofs: unmounted for /dev/loop2
[  396.551147] erofs: unmounted for /dev/loop4
07:08:06 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8100, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x8000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:06 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xda00)
openat$cgroup_subtree(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x7a05, 0x1700)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={0x0}, 0x10)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r3, &(0x7f0000000200)=ANY=[], 0x4ea00)
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f00000002c0)={0x1, 0x6, [@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @link_local, @empty, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}, @link_local]})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000380)={'veth0_to_team\x00', @remote})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x1c)
perf_event_open(&(0x7f0000000500)={0x0, 0x80, 0x0, 0x0, 0x5, 0x7, 0x0, 0x0, 0xd900, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10004, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x2, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xc3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100008, 0x500001c)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1, 0x9, &(0x7f0000000980)=ANY=[@ANYBLOB="1817644fc15136d8a4ed1eeb3a937d0c926e9ce8395d826c00f555473a454f52ce2a290984a6fb1ba22adf36399718e330b1335d4a63f93f3c2313c26c4ae6b9abacac7b0a23269695cb95f65bdb053ee462bb51ff6cedc55617e07a9b748a6533358d02fd46c5cb7dca275468017490ce255fe66455c056b43ac1a15f2824c6ba6774c3cec2a8dcf318f1227d0427c165acfd820a0ada2824ef0766ddb2191455ecc9310213cb8b2db4838f4aac88261a7e67926973a7c592a8d1a1e123c268b222fe5abfe9c5a525f68d60524704fb4f9f9ed115a544aef0e63d144cfeba502b88b6041900000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000950000000000000045a130001400000085000000060000008500000009000000853700000100000018140000", @ANYRES32=r4, @ANYBLOB="00410c91379a0bdf6535d624c3da960e0b07b9b430f07483d966909945ffd271b8f6ae2a0d96946f2538244c659fafafe2731f845e64358be3fe166e2460e4a844f6be7102d9311944952f3617ad79bd9358d82f342b8dab3cdb68"], &(0x7f0000000040)='syzkaller\x00', 0x5, 0xef, &(0x7f00000003c0)=""/239, 0x1e00, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x3, 0x2}, 0x8, 0x10, &(0x7f00000005c0)={0x2, 0xc, 0x4, 0x811}, 0x10, 0xffffffffffffffff}, 0x78)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x31094, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x40, 0x81, 0x4, 0xab, 0x0, 0x7ff, 0xc8600, 0xb70316026e7472de, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000180)}, 0x801, 0x3, 0x7, 0x5, 0x100, 0x6c0, 0x5, 0x0, 0x3, 0x0, 0x40}, 0x0, 0xc, r5, 0x5)
write$cgroup_type(r2, &(0x7f0000000000), 0x248800)

07:08:06 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8603, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:06 executing program 0:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fchmod(r0, 0x81)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
syz_open_pts(0xffffffffffffffff, 0x0)
mmap(&(0x7f0000bfd000/0x400000)=nil, 0x400000, 0x8, 0x12, r1, 0xfdeed000)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$incfs(0xffffffffffffffff, &(0x7f00000000c0)='.pending_reads\x00', 0x123102, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xb)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x1)
creat(&(0x7f0000000240)='./file0\x00', 0x103)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)

07:08:06 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  396.859148] erofs: read_super, device -> /dev/loop4
[  396.864518] erofs: options -> 
[  396.888168] erofs: read_super, device -> /dev/loop2
[  396.892288] audit: type=1804 audit(1624259286.636:174): pid=23940 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir053473643/syzkaller.ULn9kq/219/memory.events" dev="sda1" ino=14114 res=1
[  396.893250] erofs: options -> 
07:08:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xc000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:06 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xac03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:07 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9300000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  397.237234] erofs: unmounted for /dev/loop2
07:08:07 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000074e000/0x1000)=nil, 0x1000, 0x0, 0x8010, r0, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x15, 0x0, 0x4}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f00000000c0)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_misc(r0, &(0x7f0000000ec0)=ANY=[@ANYBLOB="73797a3034b72b8b67f5f60f9f4de5d14c3249b33d1d231c984464541664318de4ddbd58a8570a55e10c9087e0a4d3948be69f8a2bd3791198315c83a1854d9b4c8d009c0b764f24b2b0bf74a5355cc48592c9fdf200e09e63baf3d13e61095169c0bf3996d2690838f98e9a1652261aa159a8c7006e16c71c893ab9f281b47e7ae71bbb9a08dc9575d0ea7413a2c769bedf098be75eea1dc5f1a4b409f0e9f97a4fa04f2a5fb7ce5086b9da300ff4448ffc2b527172ab9d83c7e9504a6abde2e31f13eb6ce81fc66b1c3b2abd6dfcd0dbe559962e40a0ea29132932f5a3b1a3f36bd3f703e12917b92620a61554432b51aede26956b6677389c0ab3d31230215d2793e6217bcc2c05afdd869c717097965101981224af264415c297d8b00b5b73cfffcd3298a86195c28a60ba0eb019507d352e8b65ea8c89a5279330c79f9d03b404b180f60e66cad15a9345da51daf6b407f94f5c23b8fd2de0a1d198538149528670f1d26a257255e662e9c40b30e46f209497c72813a3ce269f7bf9cbefa78d54fbb42a30a7a0bf3008847ab8e649f0e328c9eb06e823b1fe22835f5e51c00f663dcb110e77a723120d8fc024925f7306f873c2d860b3867fd35b32f643b91d8fe056d70761c618fdaac231625d442e78adf51473f9bd2ac7a56c5444f738e9d365e86936d8a4e80983afd9c7c13081aff627c96504fb2eaa0fc61520d0dd5655328aee35f57d7744fa1198392b5752eb0922ee3e8595c126425ba3e28d9ca38513de8e592fc5fa88de02235221e67906b575207679b0f8f83606b67819b54b89f5d8a475790b994aa2e350b3a35a5415f05c128aa56aaca5cc35e224c08acd0a3cb07ae88aaef33d80eeb66a9fb39305c48e15ef0369d7aafcc71a52ef0da2c7c8eca21c0a1f345606434e8d57d546177fcf2d3cc8d9fd43d18dd1160473498dee9e1810b898e225a357e023e3e38a0d593dabaf71329af4516e99118e521ead9ccaddca105a41219626814d989d61e48f4e6d9f24ea00d2f02c77b0dd455fea13b5d2aae8c9a89eda4734be02d64275bbc4d386fcc9489c137399d24211d1d1da56df98b58ab509db1ebb5ab0cc09a8c6a4358bb9bd67c88e65cf7b1d4a6a3e57f141b4aaa1d0ece3b05874bd73f63ab4537e798242ee2d7e82b4c6458db97009979f37309fd09f0d8b49e2c9c894721e603f1cae15164d1db5137210caee3a376b283e8f544732413da67abb128c651c6060a12d9f708b1531f911de6fb260385c367684c5f337650b7833a26c42d0532ed62fa6af46c886cee3ec900cdaf79776dd93079a349188abdeab0cb97b43dc4bc1d10de67984f63cab616d356afaff2ca8d122c718fddd157ac9f6fd73b24464f3f06ede80e19c8ff170f425f15d98ba7f1540e41b09566be45df9ce2887b3ffbcbbcd99c8ca2239a5857f123d7f40ccd24a2d1fdc562cd3982b31b518ca459d2e404b3b0a88640e15ff13cd5ce9ff9eac9751d2bb118bc0c72cbf4bc318346c653a72d468765938f54faca7465b221d89571d6b4c71dc574976f7c73db098d3fca3335f4adf6623ac19bf1f1dc6fc0c963499265a105fb6ee3fca63b6f75d25aaaed3517b8a8ee41f33165f979f44abba8f6627274f8e38831bf8577568d658d3af267dbe2a3d1b8391e8eef537a9f8a4503b40fae9acd7818646e521cb53aa0082feb33f00c76ad09f36d9c3b7f457344b7f0123fa73ada64b15003a2e88141bab3af97215c5f76769d798c53b9ee781fd0fa3348725eb1d48463b3d712cc6f747ee3d27ec972881e9d1435b1625cc0f7553b0bf6c22025c8969092097bdec7c447cc8132dc5c5e4277d5062b59422683e9a8c5ca1afe55bad9d75b1ec386c3dd08252a4ab3d0270a4711e35d6ce07164d041a7343bd8ef6f726ef1c021ff5a4862166075fe5762a8b87c8981706776bb22ee86826fe217d5ce5c8c8e46b32974ff200eee8752e310b8935a10de99ed95450a43d5e3be659dda70c994cf2c2243cd25555a6d242ffc9a8b2c77fff7590034ff61cccb686fd4d5a7c601498e8155266518d179ec04a9251342058377ce890d745e6803d6de58bb2c23fe01854f861ebf08c392b6dbe85bac760728bbf8a9f712e30d7203d2b09d61969196a751627ad566cbb5508d7ae542132d5e70a5afee122cfb09876d48da24c863862e79e1d5bcd34b5a9cd64cabed4031fc366bd9e0c94c6f1423f8fdb24f002a71a8812d61d1b6ef930a0564fd38ed34aa6b7827db59d5cfb1622606a739aa6e9d58ac2e4e7cde4957c6313750a646e5ccff23fd2a5fdbc34327da15c41a092ddb535b7b6ee3871cd341321912a42b1c78217c9e921ad127aa93d5bf0574d4dd67a4ed94c29b91a969730360584ee68bc697c1a42a71fc731fe1bb8f790e6625f52fb19c46299d682ef629fbd6d78435c202e1dae78c062eccd8dff14f5072c7d7ee12bbce152d074655da1fbeb4a61838cd2e45e8912401a72af88b7dc303037cb5e6eb11d30596ef3a4cf14f8cb5113110fc65167a7401893d68f1e9376ec867fe88d58b22023961b69160b6766047a8f96331d1e7ec7a763501879caf9038c34df12f7987eaa8ce9aaa86773ea2ca18e9b86227a52a293e54ee99c8a1000ff119dfe70bbdd8af323970b32adceb1ccb6e5ff1694a7390698d9ec7d7e2afb2c484b37bb9bb92b82fa17a51faca45527001d7452434bd921b290c1be07dc2eea34c0e84c3bc658507d19e2cc0f8d231cdd919cde669dfcd8248d285cf5a0f088b10e023ba8af7daca828a73fbf28fe69d6bead47adcbbfd4a46dbf8586355cae8eb87e10af67a9d81bff9989499715151b58367b601fb10b5bbe3b480884965446b10eb7b4deb9125c71783169a3af2fad5c61bda739fc0ff4f1f2299158e0e9fc26612ca3f5bfded8dd69e153b3ce23036778659e98a1610300f5c9cda6461ccf87f81e0eaab7f31421d5d3412b6b8e4cbf7f8325c856cbc914b47f80dd039717a5c33379e60ef79cbdfc3ebdbde5e70a6b9ce0938a8d236af725ae7e340613b454025be3c85de2d4fca3aa528249bf9205e9445062aa6ec18af2c910af4b6faf13f3916db2440ac209e0944dda27d5a1b63d9dea98c16f72dd845567b677f9a69f7584ab4a33793c380332c063fdbf7af0e1a83865e4b02a4985e8df5206b39f8e759b801f98f4e8c6ffeac737fddfc558a1a0bdc1e1521576f0f0d6966d9064f5a460347bb6483c91c4c036704000d160f3b6d67b10b72e14680817cb03022ac621c4577ebcec7294ae5fa1d4b5001819d5daec05e28d6cd7f15ee97f304d052e245ab86e0d06bfa4fce0132f2ad2eeb4e682314ec429a29cd8b103716237ecba709cb37e37496f9828ac4bd2f015a6ddf62bdbb9fea1ce2bdb8fb4a94464d097c44e01b620a98c81038c1483af96aae77220d9ab70c032ec766ea4560f7e9fa4fd82c3faee93186af166b33d51da0b36356ee410452a58aba56ba54dda3873a027f87b748ce4067d10322418832ddfa6b5092be551cb5328b6825cbc90450bb2ac7c6163e8dec7cf68328d357907d013e0b9e659404b84a98406c6f521329faea5dd6616115f6cf843ff7efab34a2101d30afd3154dbd664edb96027f9f20fd39b9c665428b8e0d55428311535dac1d80dce8f1753615932193495fe8244b8962a854295ddfd8c05603bf6fe954ca53ca98479697a68c5faec0465aa847184fd6c9a61ea60219b1ace4255b3a00f944e7817d6b08e2b3a62c2ba042bbcec3b08099a209a98d67f370c2e4383cd47cc49fd62e6a21824aa824ad0335b9f7f1da20580ca919e84e108bfb7990fe45c3d1e28234b19c5b7a8ccea7243b7d4687fce69af54f208e1e754ea62288a35e4a40f80bb820897f6dc2c2b8e662b2b3782e10199d288c725c8f7d30905a67b234bf5f6fcdf0bd1aa68ba9979e1d8a4291ac4a54e6b2b640254643ed1e0eecbc3e9dd4c8f752786843cf04daab6f5f459e996857f5530aa9014d997ae1d5ee773e3f07cd4024a04520265be347a38c8d46836748eed280b3b27581ce06c92de489d5a36e84624e7f3747cf537d2638efa41499cde0030b2b7f98aba2375a6aa55d177b4421572a18f360423e50d58b6cbd6b512cf96929c00bfe9c1638eba2bd40611e3f69f032804ae7196f5ae74d0d275f0a3b5d1f3a9d7c9a6625e005e2e8e34032436ce8fba4021bab9c329fc47d116adbadca282623550d179354433cc7b4676f945685294d70cc2e49f0c6cef057c695d8272a3b22477e0b8401116c1d51ef401db444248fa113e65775f15241bc84877b9f7cd9fea155a204db632b3af5f5032895eb055bcaefacfe31eba263e6310d5c703010c8d014c2271c23922d3009fa0b164a6fcfdb8ca5cf36aada3f226906ddd38ea29cc226b974b69f33f99e749ef5be72e7390e5ab5ee3d68ec57ef742379dfe588353ebb77c733185aeb0fb15549a0f540b891be7431b4a6e98b9296d141a973d2b81648a2c54fb433277a4e484a2e6e9f4f632d91e576211fee46b3096258c7d01b4090fac8cf443c0750e1f751d1f4c5c6fd1b5abc80884cfb28ba09e85202fb0565bf0fd0f76c90cdc208fc5908c30ad9d97128b7e60012008844f101ae00029140e19f12722dab4bc4e79cc44258ac85ca6c2b0ec9bb196df782374cc6ce3c72a02d1f6ff8743716139f06cc2d3bc8548b7ffcc64048b9b327ec9ff867c67913d11985cf86d549fcb4de4cc58d09bf8e9b92ddb899dee70a5b4023872392ccbc4f48cd4619ae6d1efe71d8c4ce90a949286bce479240e1d5a5d8c985a874c31c8f4237d3fd1a151ae5b43d1adc585dcbf443962326925df98468194a9cbb9e41f62b395607931e27caaa54217659c902de723bea78cc4179bad197271cbf2241b4e4fba8aea415a9b3fa218dd4974707530ff467ff0833d02bfabfd764dd10355f98cd9206eb3daa12a40e3b4f7c2bee65b7ed50b672c95e291335f5b2328316d8759761a388bd526196846b01d0804d886a50f9f9bf3ac29acf22e9e38cf6191020920b14ac93fcae39d59435c2723e9e5bc951ffccf15880ff3cc0e4436f2d51930341198d007e1a8770e68d9113e9e00f63769645d591b35ab663efc82c070c9726deda05ec48e99b6de7db58226dd035a043377bf0199385ed6841989f4a9eca6099babd7be7caa9016f70bdd09dfc2c4069bf9f8e0b5bf310ad5afd112de0c66ab246c8cf8df37e632f850c7b79deabfa6000e1d23080c17837a018e68b3987f6e289bcc5effe59d745aa03e820ac7ad329019afbf51dd76401736ccc85c2dad7377049e33391813450cca585a1f3d3ca7248f076d030f3e5a7af22244237188d3d14e9aa439c615d54544181e6346a5b0d92b36704156b08dd32d1ebc0ee7333204e25c69bb48220f4dea943e3347add22836197bcb6b81237a720d7e7fd9e2cb0ce808ab3517d484593ff2d389e8a4af9412b8d88b31b991ef6803264db8f11e5a431819a89501f08cc8c4de67327a5e099f363e3cb20e834a607cac29aff9598b77e8213a8aa420a9419fd1aba9b80a0d2646093c46aa17935e9d1a1b781fbc74ef99c42e998b8adb71a8bbcb0ce8f04812dc31ade270596b241b8cab2abe2141e6e00c0b2599636c849621ee6f7df89337b826bb8c7df8fba6d107772d45ed03326a5d1a95af24059c128c0c958fdfdc9ce3367abaacbc10c6af78bdd2d39d2156718417a95155c01782502b46302f5f96663652533987a03869336db3002f9b1a85d2afe4"], 0x1004)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={<r3=>0xffffffffffffffff})
splice(r3, &(0x7f00000002c0), 0xffffffffffffffff, &(0x7f0000000300)=0x3c4, 0x2, 0x1)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$P9_RRENAMEAT(0xffffffffffffffff, &(0x7f0000000340)={0x7, 0x4b, 0x1}, 0x7)
fcntl$setpipe(r4, 0x408, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000000), 0x600, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000200)=ANY=[@ANYRES16, @ANYBLOB="000500000000aca5fc6a691bfb0bd9aa18128e7e0fa47a4f20eb03bd5160", @ANYRES32], 0x58}}, 0x0)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x11000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x12, r5, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x7, 0x81, 0x1, 0xc7, 0x0, 0x1, 0x4206, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x9, 0x2, @perf_config_ext={0x93, 0x7}, 0x2002, 0xdb4, 0x266678e2, 0x5, 0x5db, 0xf6b, 0x2, 0x0, 0x4, 0x0, 0x678}, 0x0, 0xb, r5, 0x1)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x10)

[  397.273074] erofs: unmounted for /dev/loop4
07:08:07 executing program 0:
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x11182}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x7fff}, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0))
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a0, &(0x7f0000000000)='&@[\x00')
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000017c0)=ANY=[])
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000780)={0x0, 0x0, 0x0, &(0x7f00000013c0)=""/171, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000001c0)={0x1, 0x0, 0x0, &(0x7f0000000100)=""/48, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000080)=0x3)
ioctl$VHOST_SET_VRING_NUM(r1, 0x4008af10, &(0x7f0000000000))
sendfile(0xffffffffffffffff, r1, &(0x7f0000000040)=0x2044, 0x6)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89a1, &(0x7f0000000680)='&@[\x00')
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000017c0)=ANY=[])
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000780)={0x0, 0x0, 0x0, &(0x7f00000013c0)=""/171, 0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f00000001c0)={0x1, 0x0, 0x0, &(0x7f0000000100)=""/48, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000080)=0x1)
ioctl$VHOST_SET_VRING_NUM(0xffffffffffffffff, 0x4008af10, &(0x7f0000000000))
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)

[  397.367898] erofs: read_super, device -> /dev/loop4
07:08:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x1000000000000}], 0x1, 0x0, 0x0, 0x0)

[  397.410734] erofs: options -> 
[  397.419249] erofs: read_super, device -> /dev/loop2
[  397.450640] erofs: options -> 
[  397.472379] erofs: unmounted for /dev/loop4
[  397.565161] erofs: unmounted for /dev/loop2
07:08:07 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8200, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:07 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc701000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:07 executing program 5:
unshare(0x30000)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x4, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
dup3(r1, r0, 0x0)

07:08:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x20000000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:07 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xba03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:07 executing program 0:
r0 = syz_mount_image$vfat(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0xa00c02, 0x0)
openat(0xffffffffffffffff, &(0x7f00000008c0)='./file0/file0\x00', 0x1040, 0x8)
openat(0xffffffffffffffff, &(0x7f0000000540)='./file3\x00', 0x20180, 0x35)
utimes(&(0x7f00000001c0)='./file3\x00', &(0x7f0000000240)={{0x0, 0xea60}, {0x0, 0x2710}})
r1 = syz_mount_image$tmpfs(&(0x7f0000000080), 0x0, 0xc, 0x0, 0x0, 0x210061, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=57k\x00,huge=advise,fowner>', @ANYRESDEC=0x0, @ANYBLOB="2c6d6561737572652c66736e616d653d3d23ee87e92b6465762f7474795333002c666f776e65723c", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, 0x0, &(0x7f0000000180)='bpf\x00', 0x80800, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f000099e000)={0x2, 0x4e20, @local}, 0x10)
sendto$inet(r2, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
socket$packet(0x11, 0xa, 0x300)
sendmsg$NL80211_CMD_SET_POWER_SAVE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2800}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x44, 0x0, 0x2, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x4090)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvfrom(r2, &(0x7f0000000480)=""/110, 0xfffffe32, 0x734, 0x0, 0xffffffffffffff39)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000800)={<r3=>r0, 0xed1, 0x20})
bind(r3, &(0x7f0000000a00)=@l2tp6={0xa, 0x0, 0x80000000, @remote, 0xab}, 0x80)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000a80)={0x1e0, 0x0, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_STA_FLAGS={0xc, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_WME={0x4}, @NL80211_STA_FLAG_SHORT_PREAMBLE={0x4}]}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x39, 0xbe, "f48d0c1b21a6d6517afae90c82739b8ccb6adcb42d659a858c1b43b4201358686c3839fd9f8348222a499182dae0e86e9ac3b9218c"}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x1}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x649}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x80}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x10, 0xbd, [0x4, 0x101, 0xff, 0x7, 0x80, 0x25]}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x1}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x59, 0xbe, "eee67bdc5fda03035508a05159f4ed933bd4efcf93faaa887e068aed50044122d0885f2434042e2af0a56ab0f1823fb41139d1589a9b4153971f969ba5f32f1ef4c8296a34fffda979f53d21045c50618ba2af439d"}, @NL80211_ATTR_STA_EXT_CAPABILITY={0xeb, 0xac, "658f509a95e7dd027a32c4292b0c5e3545693b49d1cc52ef15e7101a57e06e51ff1a6f1d3429b59976d891e0019415e22be4ae81644d314234bdfb1bd9cd875a94975611d19b4a26260e2329bed3702f747432a456a39a52c85ee46631e146c4a24d7149931627b91121f4eb465cdacdca1bf71d9b8bde9ae9beb269c03ebee03dcc4c513b4b6d0d3c8bc7ac0b88df3d60f23dff0c5553080c2a8352ddf63a77de67a8777a4298f04a2956ca438d66b8ee4cffc3861fc8ae09b21183bfcbd7021864cb61b3907959b08bcea333e177866aba5f9d55bf551c24154ec6859c619cacf9dc2118e741"}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x20040000}, 0x40)
statx(r0, &(0x7f0000000840)='./file3/file0\x00', 0x800, 0x0, &(0x7f0000000900))

[  397.820908] erofs: read_super, device -> /dev/loop4
[  397.826466] erofs: read_super, device -> /dev/loop2
[  397.840401] erofs: options -> 
[  397.845343] erofs: options -> 
[  397.858756] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
07:08:07 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf6ffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:07 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbb03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x80ffff00000000}], 0x1, 0x0, 0x0, 0x0)

07:08:07 executing program 5:
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f00000001c0), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, 0x0)
openat$ion(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000000)={0x0, 0x0, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "0000001c000000000000000000000000000000000000008000"}})

[  397.959584] erofs: unmounted for /dev/loop4
[  397.970507] erofs: unmounted for /dev/loop2
[  398.099493] erofs: read_super, device -> /dev/loop2
07:08:07 executing program 5:
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff01840011084ecd4829303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000080)={0x18}, 0x18)
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x1)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f00000017c0)=ANY=[])
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000780)={0x0, 0x0, 0x0, &(0x7f00000013c0)=""/171, 0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f00000001c0)={0x1, 0x0, 0x0, &(0x7f0000000100)=""/48, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000080)=0x1)
ioctl$VHOST_SET_VRING_NUM(0xffffffffffffffff, 0x4008af10, &(0x7f0000000000))
preadv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000002c0)=""/112, 0x70}], 0x1, 0x401, 0x3)
lchown(&(0x7f0000000580)='./file0\x00', 0x0, 0x0)
r3 = open(&(0x7f000054eff8)='./file0\x00', 0x0, 0x0)
splice(r1, &(0x7f0000000180)=0x4, r3, &(0x7f0000000340)=0x3, 0x400, 0x5)
getdents(r3, 0x0, 0x2)

[  398.121338] erofs: read_super, device -> /dev/loop4
07:08:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x100000000000000}], 0x1, 0x0, 0x0, 0x0)

[  398.143038] erofs: options -> 
[  398.153692] erofs: options -> 
[  398.226501] erofs: unmounted for /dev/loop4
[  398.247862] erofs: unmounted for /dev/loop2
07:08:08 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8300, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:08 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffff1f0000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:08 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbc03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:08 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@setlink={0x4c, 0x13, 0x100, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x104, 0x15001}, [@IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x4046}, @IFLA_MAP={0x24, 0xe, {0x3f, 0x7, 0xff, 0x7f, 0xff, 0x5}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000800}, 0x24004801)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x35, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f00000001c0)="f5a99e29c73faf1bb1dc69c88651bd20226468c04b022ab2983a7ad675018faae332d1477cf225dacf30420dc42149b0e0506ba03c9ab0574308e3ed2a684b6df39fdf8bf61b4688dc64a10302b8468eefd96d853ea069a884952372392c9188a0934312fd41bbdc12", 0x69, 0x4000000, 0x0, 0x0)

07:08:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x100004000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:08 executing program 0:
getpgid(0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000500)={0x0, 0x80, 0x7, 0x62, 0x3, 0x9, 0x0, 0x5, 0x0, 0x8, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x6, 0x4, @perf_config_ext={0x7, 0x1ff}, 0x48000, 0x1, 0x8, 0x5, 0x5f3b, 0xfffffe7e, 0x9, 0x0, 0x6, 0x0, 0x2000000000000000}, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x81, 0x7}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x6c, 0x10, 0x801, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, [@IFLA_AF_SPEC={0x44, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4}}, @AF_INET={0x38, 0x2, 0x0, 0x1, {0x34, 0x1, 0x0, 0x1, [{0x8, 0x19}, {0x8, 0x16}, {0x8, 0x1a}, {0xfffffffffffffc55}, {0x8}, {0x8}]}}]}, @IFLA_GROUP={0x8}]}, 0x6c}}, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000300)={'team0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="18000000700001000000000000000000ac000000", @ANYRES32=r4], 0x18}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="ac0000006900020028bd00fcdbff2500000000000000000800000000000100"/40], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4008001)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r0)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={0x28, 0x0, 0x8, 0x0, 0x25dfdbff, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x0, 0x47}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x20000080)
syz_open_procfs(0xffffffffffffffff, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14)
sendmsg$nl_route(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x4)
open(&(0x7f0000000340)='./file0\x00', 0x604080, 0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@ipv4_newrule={0x28, 0x20, 0x1, 0x0, 0x0, {0x2, 0x20, 0x0, 0x0, 0xff}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc}]}, 0x28}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000580)={&(0x7f0000000380)=@RTM_GETMDB={0x18, 0x56, 0x10, 0x70bd2c, 0x25dfdbfe, {}, ["", "", ""]}, 0x18}}, 0x8880)

07:08:08 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbd03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  398.725025] erofs: read_super, device -> /dev/loop4
[  398.732878] erofs: options -> 
[  398.745852] erofs: read_super, device -> /dev/loop2
[  398.769100] erofs: options -> 
07:08:08 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff7f00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:08 executing program 5:
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fcntl$setown(0xffffffffffffffff, 0x8, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bpf(0x20000000, &(0x7f0000000100)='./file0\x00', 0x0, 0x2001001, 0x0)
r0 = perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40000}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000440)=ANY=[@ANYBLOB="0100002db2a08f690000006728beb56ef1000000000000"])
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(0xffffffffffffffff, 0x0, 0x40)
sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4020008}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x8010)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
ioctl$IOC_PR_REGISTER(r1, 0x401870c8, &(0x7f0000000040)={0xf18})
keyctl$set_reqkey_keyring(0xe, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
fallocate(r2, 0x2e, 0xce, 0x53c132ef)
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x7)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="500000001000010427bd7000fddbdf2500000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012800b000100697036746e6c00001800028014000300fe88000000000000000000000000000108000300", @ANYRES32=r4, @ANYBLOB="4ae49cced2b030874f29be01c64b534cb273e7d883a92bb76b4d1026357f259b29fef06b8208000000f75962695fc1a8702d4bb658aedf3171c38abd0b9eee5f33e7ec214f847ac80184fabbdcdf42d6c369891470cff8e566ef4f3513030a26ac1da5fc80e970e3e083b6fefe6bcb865008f0542da584cbcad588b58afdbf38a4905b628a00e95d43cb814422e1de802b60d9826a639ac849082a0375ea1981db0466ac35890282b8c83b31494b4d7269fd578a79e2f2ca201b915ce7fd6df36ff723a53f95755b7f050a4a022161bb04"], 0x50}}, 0x0)

[  398.799293] erofs: unmounted for /dev/loop2
[  398.804935] erofs: unmounted for /dev/loop4
07:08:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x100008000000000}], 0x1, 0x0, 0x0, 0x0)

[  398.848806] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  398.876156] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  398.891690] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  398.920396] erofs: read_super, device -> /dev/loop4
[  398.925423] erofs: options -> 
[  398.935634] erofs: read_super, device -> /dev/loop2
[  398.952670] erofs: options -> 
07:08:08 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  399.025059] erofs: unmounted for /dev/loop4
07:08:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x10000c000000000}], 0x1, 0x0, 0x0, 0x0)

[  399.128576] erofs: unmounted for /dev/loop2
[  399.273928] erofs: read_super, device -> /dev/loop4
[  399.284747] erofs: options -> 
[  399.286728] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  399.333366] erofs: unmounted for /dev/loop4
[  399.355059] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  399.396022] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
07:08:09 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8400, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:09 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbe03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:09 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x101000000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:09 executing program 0:
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000100))
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
r3 = socket(0x11, 0x800000003, 0x0)
r4 = socket(0x11, 0x2, 0x0)
bind(r4, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r6, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r6, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000000)='dctcp-reno\x00', 0xb)
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000400)={r5, 0x3, 0x6, @broadcast}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x3c}}, 0x0)

07:08:09 executing program 5:
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fcntl$setown(0xffffffffffffffff, 0x8, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bpf(0x20000000, &(0x7f0000000100)='./file0\x00', 0x0, 0x2001001, 0x0)
r0 = perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40000}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000440)=ANY=[@ANYBLOB="0100002db2a08f690000006728beb56ef1000000000000"])
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(0xffffffffffffffff, 0x0, 0x40)
sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4020008}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x8010)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
ioctl$IOC_PR_REGISTER(r1, 0x401870c8, &(0x7f0000000040)={0xf18})
keyctl$set_reqkey_keyring(0xe, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
fallocate(r2, 0x2e, 0xce, 0x53c132ef)
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x7)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="500000001000010427bd7000fddbdf2500000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012800b000100697036746e6c00001800028014000300fe88000000000000000000000000000108000300", @ANYRES32=r4, @ANYBLOB="4ae49cced2b030874f29be01c64b534cb273e7d883a92bb76b4d1026357f259b29fef06b8208000000f75962695fc1a8702d4bb658aedf3171c38abd0b9eee5f33e7ec214f847ac80184fabbdcdf42d6c369891470cff8e566ef4f3513030a26ac1da5fc80e970e3e083b6fefe6bcb865008f0542da584cbcad588b58afdbf38a4905b628a00e95d43cb814422e1de802b60d9826a639ac849082a0375ea1981db0466ac35890282b8c83b31494b4d7269fd578a79e2f2ca201b915ce7fd6df36ff723a53f95755b7f050a4a022161bb04"], 0x50}}, 0x0)

[  399.648059] erofs: read_super, device -> /dev/loop4
[  399.653107] erofs: options -> 
[  399.656644] erofs: read_super, device -> /dev/loop2
[  399.662149] erofs: options -> 
07:08:09 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbf03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  399.742431] device lo entered promiscuous mode
07:08:09 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  399.792942] erofs: unmounted for /dev/loop2
[  399.812101] erofs: unmounted for /dev/loop4
07:08:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x200000000000000}], 0x1, 0x0, 0x0, 0x0)

[  399.930614] erofs: read_super, device -> /dev/loop2
[  399.935662] erofs: options -> 
[  399.948786] erofs: read_super, device -> /dev/loop4
[  399.953810] erofs: options -> 
[  399.968173] erofs: cannot read erofs superblock
07:08:09 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc003, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x400000000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:09 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  400.054425] erofs: read_super, device -> /dev/loop4
[  400.063166] erofs: options -> 
[  400.066657] erofs: unmounted for /dev/loop2
[  400.081537] erofs: cannot read erofs superblock
[  400.159661] erofs: read_super, device -> /dev/loop5
[  400.181143] erofs: options -> 
[  400.186385] erofs: read_super, device -> /dev/loop2
[  400.203038] erofs: options -> 
[  400.235699] erofs: unmounted for /dev/loop5
[  400.248294] erofs: unmounted for /dev/loop2
[  400.463574] device lo left promiscuous mode
07:08:10 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8500, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:10 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x500000000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:10 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:10 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc103, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:10 executing program 0:
r0 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0)={[0xfffffffffffffc01]}, 0x8, 0x80000)
ioctl$UI_DEV_CREATE(r0, 0x5501)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf975, 0x1, &(0x7f0000000080)=[{&(0x7f0000010000)="6873717307000000911d675f004000000100000003000e00e0000200040000001201000000000000f801000000000000ac01000000000000e0010000000000007f000000000000001f0100000000000076010000000000009a010000000000001a73797a6b616c6c6572203a200020438c01200000009820002838001100009e001d0200ed0100000100911d675f40012b0100644c002a7d00032d6e001a040f000300ff277c005901006d08264c00000e2f746d702f73797a2d696d61676567656e3431393737363339322f66696c6530b5000129750102c40b7d00294d00074d0009297d000529f5010a2da402e6177e04bc002add00065d0160de0328232cdc006d0dff410000291f000100c027ed0007dc04651f545d1a085c001100004800130100a100034d00204c00090200040066696c65304000015002b2013104d404f7050200088003032e636f6c647e590201f9069e4001ec080131d60005273100322a3100331100000b00136000a1001fdc0011000069010000000000001a001200c1007edd0020dd0040dd009edd00d6de001201bc001100007e0100000000000008805cf90100535f0100a2010000000000001b001e00000600786174747231060000c401274d0032274d00321100000d001200c100024d00244c00110000b4010000000000000100000000000000d101", 0x1f2}], 0x0, &(0x7f0000000300)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
execve(&(0x7f0000000140)='./file2\x00', 0x0, 0x0)

[  400.583473] erofs: read_super, device -> /dev/loop2
[  400.598030] erofs: read_super, device -> /dev/loop5
[  400.607240] erofs: read_super, device -> /dev/loop4
[  400.612348] erofs: options -> 
[  400.629909] erofs: options -> 
[  400.637667] erofs: options -> 
07:08:10 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc203, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x600000000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:10 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:10 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  400.712263] erofs: unmounted for /dev/loop2
[  400.726408] erofs: unmounted for /dev/loop4
[  400.732093] erofs: unmounted for /dev/loop5
07:08:10 executing program 0:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000280), 0x8)
close(r0)
write$binfmt_misc(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="73797a30566ced7ff32e391effff50e336f6841128c96058ba960f8238b4f1fe4e35d125008c21340732fa35743f123b256a8d8e4e150fbc7571404cb796da0b240917f6408e9dd67bfc5710a3da3c81b695e75b49ae30e503d86f970df14840683cba25d490cabb072fb21e4ca943330b465d7125182d56ef0b40a1c523282798d414ff52690f24dc80c57c2e5bc8d7f0735c06c8527130fe1c73318b0a9c75e5734970d26c9ca9295aff4527091c7b5ddf7e346b828f4797eb71c9d6f06d38309c77e55b09583243366c19345e034e953945396c3e123624be6810c6570f9dab914bd33725d9bb0537a3099064b7dcc3e491db57"], 0xa9)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x40, 0xa, 0x0, 0x0, 0x7, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0xca04}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
write$binfmt_aout(r2, &(0x7f0000000900)={{0xcc, 0x3, 0x80, 0x288, 0x3e2, 0xa9, 0xb, 0xf2}, "b1c3406fd95f946b0cdeb250daac5c00b54d266f0a05d3a9e5088adef722cb2855e93d79603fc4d8f90f79a8921a2e8af700dedf36b80556e31ba8d9bd17f8822fe080b4eb614538a0d26e56818de82f23778e60886057848de48dde971862813666f1e042f8297168859f42549c830ec67a7d744bcdbe46665f35e05c4f39cb6e2c0f9172716a5e3d20ca9a7a1e9e99bf9909eb458edcf1e4a7de70b73aee3df7f87a1d0995e55b44ef5dd1643bdfc1fa9dc710aec9f29368ced450d3ba77f50391f4831c36ef5bbb02", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x8ea)
socket$unix(0x1, 0x2, 0x0)
socket$inet(0x2, 0x3, 0x1ffe)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
bind$inet(r3, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000100)=0x20, 0x4)
sendto$inet(r3, &(0x7f00000002c0)="afdf3866692474d9b7310e4eaa4ae2acb9d9f199f6d04f880005ce4db881386afb593307d9df680cb4ab2d2e4f57f27b38fcea556fa0cc532d2791ffccdba4b440861cdb9ff8ea0a334aab8ffbd307044399f1b2744d33a77ff0724b41fb6328a72c00e4d5246bc448afbba6638fb519de58c3b98b8c3cdf45f021e5fd6e1e85c60c7ffc10df1a7811c3bdd6930f3159764819a926fc039f401f935226f2e297e75b4e69f50a18892c647393c630c7485d1baf6a40eab26801b72de056c439517184fc925a5d0b35eeb1896e731d78c8b5aca9d295a621b12d44b9a3817d54991bec553d6784d50c89b67d5d633125a009c169e7962a595791cf02", 0xfb, 0x4000, &(0x7f0000000000)={0x2, 0x4e24, @remote}, 0x10)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
clock_gettime(0x4, &(0x7f0000000040)={0x0, <r4=>0x0})
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, &(0x7f0000000180)={0x0, r4+30000000}, 0x0)

[  400.793228] erofs: read_super, device -> /dev/loop2
07:08:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x700000000000000}], 0x1, 0x0, 0x0, 0x0)

[  400.829096] erofs: options -> 
[  400.895442] erofs: read_super, device -> /dev/loop4
[  400.908982] erofs: options -> 
[  400.921362] erofs: read_super, device -> /dev/loop5
[  400.928326] erofs: options -> 
[  400.962211] erofs: unmounted for /dev/loop2
[  400.977562] erofs: unmounted for /dev/loop4
[  400.992452] erofs: unmounted for /dev/loop5
07:08:11 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8600, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:11 executing program 0:
r0 = perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = getpid()
r2 = perf_event_open(&(0x7f0000000340)={0x0, 0x80, 0x7, 0x5, 0x0, 0x8, 0x0, 0x0, 0x8020, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0x5d}, 0x410, 0x1, 0x593, 0x0, 0x6, 0x4, 0x8, 0x0, 0x7f, 0x0, 0x1}, r1, 0xf, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000003c0)='+\x00')
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e00000010008108040f80ecdb4cb9460a480e0013000000e3060000000000000600140040fe00ff050003001201", 0x2e}], 0x1}, 0x0)
r4 = syz_open_dev$vcsu(&(0x7f0000000000), 0x4, 0xc0000)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000040)=0xe6)

07:08:11 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc303, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:11 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:11 executing program 5:
syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x700008000000000}], 0x1, 0x0, 0x0, 0x0)

[  401.514710] : renamed from caif0
[  401.521598] erofs: read_super, device -> /dev/loop2
[  401.526633] erofs: options -> 
07:08:11 executing program 5:
syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  401.615857] net_ratelimit: 17 callbacks suppressed
[  401.616044] A link change request failed with some changes committed already. Interface  may have been left with an inconsistent configuration, please check.
[  401.644319] A link change request failed with some changes committed already. Interface  may have been left with an inconsistent configuration, please check.
[  401.658923] erofs: read_super, device -> /dev/loop4
[  401.667477] erofs: options -> 
07:08:11 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x4c, &(0x7f0000000200), 0x4, &(0x7f0000000180)=ANY=[])
chdir(0x0)
open(0x0, 0x141042, 0x0)

07:08:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x800008000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:11 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x14, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:11 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc826, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  401.734024] erofs: unmounted for /dev/loop4
[  401.771719] erofs: unmounted for /dev/loop2
07:08:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x900000000000000}], 0x1, 0x0, 0x0, 0x0)

[  401.898010] erofs: read_super, device -> /dev/loop4
[  401.903240] erofs: read_super, device -> /dev/loop2
[  401.908827] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop0.
[  401.916205] erofs: options -> 
[  401.925511] erofs: options -> 
[  402.005277] erofs: unmounted for /dev/loop4
[  402.040518] erofs: unmounted for /dev/loop2
07:08:12 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8700, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:12 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x37, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:12 executing program 0:
r0 = open(&(0x7f0000000040)='./file0\x00', 0x40, 0x0)
syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$int_in(r1, 0x800000c004500a, &(0x7f0000000300))
socket$inet_sctp(0x2, 0x800000000001, 0x84)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34f9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000000)={0x0, r2+30000000}, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000200)=0x5)
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

07:08:12 executing program 5:
syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:12 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd800, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xa00000000000000}], 0x1, 0x0, 0x0, 0x0)

[  402.423594] erofs: read_super, device -> /dev/loop4
[  402.441503] erofs: options -> 
07:08:12 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  402.470558] erofs: read_super, device -> /dev/loop2
[  402.475693] erofs: options -> 
07:08:12 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x63, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:12 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd900, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xb00000000000000}], 0x1, 0x0, 0x0, 0x0)

[  402.583404] erofs: unmounted for /dev/loop4
[  402.594460] erofs: unmounted for /dev/loop2
07:08:12 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  402.727909] erofs: read_super, device -> /dev/loop4
[  402.736319] erofs: options -> 
07:08:12 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x7ffff, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  402.795353] erofs: unmounted for /dev/loop4
[  402.864657] erofs: read_super, device -> /dev/loop2
[  402.890229] erofs: options -> 
[  402.965471] erofs: unmounted for /dev/loop2
07:08:13 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xd00000000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:13 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xff0f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:13 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8800, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:13 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r1 = dup(r0)
r2 = getuid()
mount$overlay(0x0, &(0x7f0000000480)='./file1\x00', &(0x7f00000004c0), 0x187d011, &(0x7f00000005c0)={[{@index_off}], [{@euid_eq={'euid', 0x3d, r2}}, {@defcontext={'defcontext', 0x3d, 'root'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '9p\x00'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'nombcache'}}, {@fowner_gt={'fowner>', 0xee01}}, {@measure}]})
syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000200)='./file1\x00', 0x9, 0x1, &(0x7f0000000300)=[{&(0x7f0000000240)="2f958b9de3a290e9d6c84833b990aa708b26562cb6447d07e0859ea651e94d77a90d67cd8581763e032f75176cd6714beffc895ca687c1502f913603de88ab25e79f1dd087005442b8b256260f2ef7a0995f8eef7d7c8321a730cead46229d1464089dbb4cbf117a3c30f9e86ad873d109e6789baf50724396ef64ebe69350e54868161d28", 0x85}], 0x410, &(0x7f0000000380)={[{@nombcache}, {@noacl}, {@nombcache}, {@sysvgroups}, {@noload}, {@data_ordered}], [{@seclabel}, {@audit}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@fsmagic={'fsmagic', 0x3d, 0x6}}, {@obj_type={'obj_type', 0x3d, '9p\x00'}}]})
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ioctl$VHOST_SET_VRING_NUM(0xffffffffffffffff, 0x4008af10, &(0x7f0000000000))
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000500)={0x0, 0x1, 0xffffffffffffffff, 0x0, 0x80000})
umount2(&(0x7f0000000080)='./file0\x00', 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r4, 0x0)
preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
write$FUSE_INTERRUPT(r4, &(0x7f0000000440)={0x10}, 0x10)

[  403.395386] erofs: read_super, device -> /dev/loop2
[  403.412337] erofs: options -> 
07:08:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x1900008000000000}], 0x1, 0x0, 0x0, 0x0)

[  403.437351] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
07:08:13 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:13 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  403.531435] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
[  403.551015] erofs: unmounted for /dev/loop2
07:08:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x1a00008000000000}], 0x1, 0x0, 0x0, 0x0)

[  403.639352] erofs: read_super, device -> /dev/loop5
[  403.646046] erofs: options -> 
[  403.669616] erofs: read_super, device -> /dev/loop2
07:08:13 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x808002, &(0x7f0000000040))

[  403.710349] erofs: options -> 
07:08:13 executing program 0:
stat(&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0))

[  403.735642] erofs: unmounted for /dev/loop5
[  403.810558] erofs: unmounted for /dev/loop2
07:08:13 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3d0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:13 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x100000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:13 executing program 0:
openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x42000400)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(r0, &(0x7f0000000000)='./file0\x00', 0x901a00, 0x4)

07:08:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x1d00008000000000}], 0x1, 0x0, 0x0, 0x0)

[  403.973339] erofs: read_super, device -> /dev/loop2
[  403.982807] erofs: read_super, device -> /dev/loop4
[  403.990413] erofs: options -> 
[  404.003073] IPVS: ftp: loaded support on port[0] = 21
[  404.012047] erofs: options -> 
[  404.063865] erofs: unmounted for /dev/loop4
[  404.078980] erofs: unmounted for /dev/loop2
[  404.132133] IPVS: ftp: loaded support on port[0] = 21
07:08:14 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8900, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:14 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x808002, &(0x7f0000000040))

07:08:14 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f37cf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:14 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1fffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x2000000000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:14 executing program 0:
mkdir(&(0x7f0000000400)='./file0\x00', 0x8)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(0x0, 0x0)
lremovexattr(&(0x7f00000011c0)='./file0\x00', &(0x7f0000001200)=@known='user.syz\x00')
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = open(&(0x7f0000001680)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x1, 0x0, 0x0, 0x8, 0x0, 0x317d, 0x16808, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0xe}, 0x4c00c, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000540)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, r1)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(0xffffffffffffffff, 0x4018f50b, &(0x7f0000000200)={0x1, 0x400, 0x8})
openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0)
recvfrom$unix(0xffffffffffffffff, &(0x7f0000000e80)=""/33, 0x21, 0x0, &(0x7f0000001140)=@file={0x0, './file0\x00'}, 0x6e)
rmdir(&(0x7f0000000000)='./file0\x00')
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @local}, 0xc)
sendmmsg$alg(r0, &(0x7f0000000280)=[{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000600)}, {&(0x7f0000000440)="c6e88591259caa7125a508359c5645d07f4eb8b25920f8fdc3da62df9d36cb9db210f8be5425023af51f156e0412f6bf06921175064fcc3a696e797ebc34f176cf279bd06f7965015ea2acb9d94a5416360d39d821b326794487947dd36e2e046bfa6c709b41177751f2cd6bac088db49b942807e4785741114852c82756693024b9ff8c06a686b2e73c1bc060a0e5e81df8f181757e607377e536ba358bed18c3430463911ce7cb609656183829f5c7bd17305f87d23b45ae0f90de26d39909440887036c25fc18e1245c47bfc87e21eb05d3637bb9666e648af569f765ca02adc5e574c1", 0xe5}], 0x2, &(0x7f0000001500)=ANY=[], 0x158, 0x660000c5}, {0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000006c0)="ef69f5c8c20c08ffad43dfa49f1d9165431285de31e6ca0bd99be1c48cfd7904dbdacce9e6c032ccc7bb6cd06614f46a582a2c79a7b87df8d68cc223c0ce559ee67bc3bde61eeebd77ecefe544ae8939451abf319715755c7c61da7f653fa6a2199cf99d20e4ed673917a12427f78ea8d16c0cfe22d60581d5301a3918a7b6aa3a736f3418916651f55046a770f067925cdc893b", 0x94}, {&(0x7f0000001000)="58d18878f2bdcc3d09d805cf7832158e1d32a0b033decdfeae11bec6c71439ce73907aa323923f8295ff8c72a85300251f4d88b7427daa5345da43bed1700fddec5217f8df68102ba0c340834a556ddb480eb3f857012a53766119850496d02fa4281d69c8811cc9ba17603b51870651941c8ad771f15cc47fbde430b2e0f36c8fd1e9888db42ffbb839dd1bcae6b9ea3631d6b4c3e8e84439cd5afbb8eeba23ae862e29d05a5b7decd0222cda3f8d2d3e245ebfbc20d37c63ba98cd5c1d3194fc755852cf26fbc4d1792212c64a51ae0a071cba60082116df2d61c8766f0a4bb15656cf4a563aaaa95728b5653b0653b4b1242924dfb1c7303a2e60d8a881efbf4fff74c1", 0x105}, {&(0x7f0000000380)="bb503cf8f0f0ab370c9376b788aee0eabb93394e516f5091a4c18971cb202dfa9e71360900000093e5bb302eddd4a98d009878922f5f3bb324f2a2b3f785ef1c", 0x40}], 0x3, 0x0, 0x0, 0x40000}, {0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000880)="1aaf3d2dd474b2fb4d30219f8bea4925ea9091e41b3dee069005b8e9fa9e43296781940b4f50cf732bffd9923b0cf4390f0fd1a025c291992adb664b9eb5b540f96c4bfd07042616f7e3ee199cd6f1bd26f22086fae8ac83ce072814cd42ad272853bacf050b12c3d40d15b4598a2e7a8af2c01789e8cc2c459f0846f12c9cd20b5e798a182820167ca19cc356ffaa78d7b4f8db651d64e0a5d7c90fdfdfe8f00e5e662fc9438dcf4b34b8c56867676bccaf608f692531424054fdf2ecb76108e3fee9f326665c1694d2b43735859752925497c7abee5f0109bd40b6a6992be19bf89ad5b3", 0xe5}, {&(0x7f0000000980)="753e4b53613b5a16a9a19190ab", 0xd}, {&(0x7f0000000a00)="bfab93742ea58e84c6077909ab92a98a23ea2f2b2eb40267a3c3bb6a6a4ca7df1a3154662370b3aeb1b1f9b26f2c3e07daeaf2a75ba7ea0e6fb6677a4b81e6f82f85fe4698a488af0fc0d6ac6daaef9f4ab4a17ff8e763954ae22bb9a2848fc0581049892a6c3d7e785b04f3d84c6780497bd68dc1770432f0a8d76661dc74eb9d23bf6fb089041bd6e0f85627f4df530087a3a895a87f3e373ffb0f6222627949a7b1875306471623cbfbc2c49d0938325d27512d00287a73b92da374c4aa6b4bd94f66967760bc63871f6a5e049b", 0xcf}], 0x3, &(0x7f00000026c0)=ANY=[@ANYBLOB="18000000000000001701000004000000030000000000000000010000000000001701000002000000e8000000cdb7b6863269d5fff2dccbcc760a0f6982134c5d12c1dcec13ee4448961a921a91f78eb4bb20bfc436aa3ed191b0487e9dd6b5ac9db5a1c4c371a74983a39f51ecf14bf293ef1a6221a3ce2417dcbe8d46c9e57e13962158b6d617cce79b84027bedba35bfc95b3dfe712aba5350d7acb39afb0dcf2a2b5fadd009be49c3312767d51f433e7e71571dcd60128fa8cff7f4702fca74f89eeea975ac95c18cfe0e9f4a2ba899ff5049afed361bd7aa5a22a6a9222ce72450fd624082d5b50323c8e2b121e7709ae5ffc9d0ac109d8ded48959c2079bf65ac8d0c8681ce9de500000000eee611dd53702373ed1f2e58377c51f702bd721597e328789f3db3fd28ecfcdf8dbdf6c4c34969d3dcc13191938f014f6d0dd05f93a074b8f2fd165926b44ad1c84e4650cb310153ae018aa46478b7eb11079c65354bae52e7bb1fb35c2704000000af461a6213ceb62870c75b6f50220c604ee8d4a22c2b2fc2689dcbf4d07438838d5a55629a7b262ce9bda3c538d14016821294e7edd4012c57274b0d2014ce76a8ab78d4a7b99e512554ddd1057b531791e91c345fab1b16dd6fe93460bd0ac86514709c303dba478be8bac2981fa591ce6146e215b3bed306ddc649f51a3c6eec30ef467fe87e0fa1e26f3f0546b50da2953061de8c7b307364d994d1afae656c42cf3d84ec1e1a5487ecbab6149bfccd11785630abec61a58d9d4459ecfe7151a8dd24cdc0ddbbe53fd42798440819143744f728012028ec4c08c4ff4f81addb3bb19a0dda21ce67a0bc8e3f84be414579628684226a0ff6d4591654148300cfad3a926c0f0de848df8d8a03f87d1d81c7943f152328dac90482d5a07ea5dd6c3bc6e8056f712723b8bcbe74c689b33793359719218e7d01e2ccde1919c00adacd9a388e022ea35d731e1bd718210f30b98d352d1bb0069f9ec88ec99b57dac30c9cd22ff5f5e05988647a175c03f008dac9fcd7f6f7503ef3e2d0817315dbd618e8651c7235ad27400710ea135fefc37bf39ee72b83b9b9fdb2ac70551a9b603516f3df214183037375dda6df53177fabe81abdc15c0ad14f1bcf99c42ad03389875497f031ba02da4ad1d50d090d14de36ef454ca1c11cc0e1cdc371220f4f4225b9c67943960f626f9e1429d2d18e903848e2cf478c"], 0x118, 0x80}, {0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000b40)="da62e05b8e6b35fb6b27dd9e14ae77fdafc23febcb48d1ee6a7c267ea5f38ff751d76e61c6f09d14d75fecc2971763fe08f14b0f2e5b6380f9091f8b5d3abef22d26f1093becc93d248dc1de26524663b6441648d123ff24cb3b265696d605b43f6b16801cae88d9339067c2d93c84f7b9f3c5916f88d747a3b630c06e930dd1d572aecfeb42b75b255997793f2e48a64b5e9f9d565f251e8a9f53e6df198fe9e9f3b80000fbaa891d260c5dc6cc5e8db0d31d0a6812b88d9574e0679cfeb1e3b3775919909426236d8dd9d0c1530b19b4f9", 0xd2}], 0x1, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800000017010000030000000100000018000000170100000300000001000000400000001701000002980000290000004f01fba3340fd3debeba7bf95f89e2f8cd27192e890beb9bcaf29619a46972a4e4af42bcf9436d79fa0000b892b3a7aaee7b3a0002000000590000006af79c1df0b0a6c324fa63d376496ac30f0766d4f4822b1f45c4db22dd2e62a4dd821eb73384f598a4d4495df719ec9c1a269335012756d493a64991ff7f7a381d9f5fe7d888c7e4d70fa59a06c7f068000000"], 0xe0, 0x2000c041}, {0x0, 0x0, &(0x7f0000000ec0)=[{&(0x7f0000000d80)="89e2097bd0b1a55ddd20ddbd494a526621c28df6327306968089ecd5a2161615e4f54400006461c8066ea22d3ea5fd7865817cd90e1b22a3c9cea0f9e599a490b2dda046f576c0102a857530f8e3e289b9e6a27cd2961702bfe176bd6486845c4e18e8df25a82b37070335ac035a66badb423d53fe6e453921a566f0ab1ecd0ba12e80d669fcf18d2727fa9511d683f3d23415076672ad505c446f1513fa65dd09582db7f49a0ac869cd1d90bab399682650893c8af8adf401f7e5c2927814616dae2f2f54c0713e2d41f5c31c5cebe2f836ad7894367e4d7a362c4a183105f028aef687a41f6ab475a3447dfd", 0xed}, {&(0x7f0000000e80)}, {&(0x7f00000016c0)="4f91654e98dfd3fbadf70c02b345de63550a0706100d51b33c0037e9a8ec92d3558bfe0d08ddd72afd49a78510584ee87f006d5fd0d4a416aeb4c9695d799b395a48d18760edd1a9c884d57b022da4ec92592bcaaa7cfd5f08bcbed628876cd066d864ff9857cd3ba5f16776f05b8f59514cbed8cf5de43b0e37a3b4cc029977887c7b07505591a28993e374f5a3c535f653ff69f0c23ecb734e72eb2c9952029ee1d20faa1bbc9bdafcaed535d686ab6e21f606d474c9d148e5d54d70f6be517696a0527a9f69016e382ccbaa7e1279d93e869be104d5d5a47d0e7273eb4fa6fc566deffb4918ddbfb6b276904b6ada9227d6f37790e7b0275eac8b6fe8c5cbe6374ae38eafd977d3c768bf96072c688ed1bd85945cbaf6d8db59b0e036639696daff9faae557afaa7b552398d4968923a3a5eaa923046a5fff71fd59a4fe98797e7fe898ed7304fe863d904d358840d4600fc1f0df744a11d7a823088e144d2da9cb2444fecb3bffd901ab600a90e8a1187dc1dcb8358b85ef43cd98b2e8858bc4525459584ab9de244eb999c1469a77ecde440ebef7bfe12e905bd976209e441176a233bf6338b00df2029e093998f714a1e2392f90ed93bddf378e1c79027e0439f8c6b6eb8736cf6a319c89df9d761fc1d7597ed51505c89ee7a7edbb65784783bfbd866bc681c24a1a13a26c2610f948fb162243aeee9539a648c460724005d5274fbc00fcc421c48a94c7167cc08142134c5ccc6a328761d0e5e69168f3867fb1878b427d8851efbb1e8e6593eb574b3dccecda1bcc0666371ccf810e1e5a21f264e04f4e8391046126089a863c99e8345e3c32f101f90d3d55e1cfd8d23aaea8a1c3da21421dda5b69e7f16a5734afdb3296b1083b37c2aa98f2dde5739f26869fb4e232d42c755426e79a6785f9242228fe6ff86ea78dab3334fba1e348743f31e068bf44b6aa92887d63b3f86fdb201e301e6cf56ee31a890adaa0715c143a3a076b35defa33cf931d76ca4e3ddc0855aaf2f9beda8336343600681af226112deb205ea9e93c938b6c22b1b977b17482fb51de14f3ae76b365a50a07e208f216d3be1eaa9c6b6f7cce70cf93360caa9b198e48e2996e358152198c1361d3bdb2b55e3ba25e520b4ff8606aa6792260b65c61e6fa97c363a66d3561e958474687e5c999d17f7cf78386a91436f44d98834c9077ad301c744aebd380be877c77e338b306b869b8a34482495da98fc043055bb9b3fd9bceba91cc7d884457d45ac089455b83915b5b7e2e7c0188188acfaaa31e42314629cef8257f14e505e2bc109c026d7eab38dbe0bc75d001f20a641ea62a7a97ecdab3219dcb915cc394201eea6c1e46f61a44251af27bb8ef1df0f36f92f02522c8cb817ba3018fa19236619f64d01e0c941df77bd07754f83735d024ab028d3944160aab0b67c32f1ae433e63402eb06f64c7fedfe9c1fa9c54221a6c051db89d4f98cf6d1eed3cc2fd26087a0c4174dcb0bbe61f090abd4392d3b88cb63034045faf80a5dd9b22a39dfe72122e2a944b1d7061394465b31545e69cb93b72f0b25c5bbe4f9ea190c1b9d558348549871bab13c60689401009bc9d4b0a2e58d1a3a9e8ad5ea3de4284147ce48d84205ed57ec49f65f68df8f95a1469ba51262eac9772a003c9a5ca90aefb0f9f1a2d436a750d692abbcaece3941f8428e03668be88dbcaf94470ab09bab27f9c76d977148439a130722c60b9fc6b6d0f2a85508a1b23703ff661bdf76bda4d6a1671d9a76eeb21ce329fbb3c4ba34d097d278abb8c751f31cb4c0c837691539e4efb937cccd936e5f03d69f50381551522971cf217f575a8d70f933e3ff4a8cdc9f4c0e58671702c0202bb0d5847c52805f9f9b830041bfc90a83d2e666195ce7744c40d4d0671bbc1751639ebcdb390036d658bb653dab1e9b2864246b3127e93e549a7ba1932bb38d2126b6b7b7e3cc2bee07a63c0456ed7bf5d5be4e7f32eb4443e0268996eb3f91b60789f7a32f2ed2d9c850fe5a7f5849c126d61d860f347691dfe14cfed414738fa9428e3b40719fd2f1aaf13baa1369432a461d79ac48476d1f2f2d10060d3ed7caf3a106e0acc508662cd910189b4b799a666050fc2b7639b16420e0b305887ea5af2060c319d3ad47696f133231c92edd70d457363d167db0869983c7c31da7ca2c560f40b37bdc93eaee6a5fffbbc76abf6e22817098208b13479a49d5465f1624d76fdc7d01c115dadae3ba0450c1bde63624e1239e6b33b97b7b12361d03ba08b78bc55f74ae9156df7c72837f466b48d2a2103beb3dcca43a523c473e44eea64511f279c5c729930797651a875a50f8163e58a7e378b912659df4e798502e03fad64b96ef8589da1e94f4c5f1bcf0e67019c612d8178ba05711eec5b37b168440e81ac76381b6a49d31f7be2d7fab479811849509118da3e752a33e146adff41bce1b91d661a8beba02fa43f2671812c1e9df23b1b2605375d070807bdb0f3bacfbf50e8e6002288f201d4e613289955f1a5265ed0955973f02bfeedf98681e6917e63aa4a2663e4349180ecdce4276534fd7ad4bec24d785017281c6c76731753e1529c6a1c23e4b4a9aaff125d5d4c9ad10439a9c38038df7c7e4ff0485781a06bcb39b4a24fb0a6e98c6f7e53b231df06fb418ac7b5fea4ddb76591e96a45d24f539acbb5f4cfb95e0ac417228eef0d2ee91c5d42091ab09588546382fd57569bfb7477ffcba542467ff6a6b37951d56bdc0e3305a5a413a500b16555bacc2aa19fde830d2f0dd022f8aee189f81b667d2581bfdfc5838c9e485df533662fe7bddb08310b8c9a73d3f1f33ea292d734dba60d5b6873155a5428cfaf9f010b6f117b2fc7a035faef429b942a2b22cc2bb306b9f6d424f26633591dd0b7517d0a08bf137deb446d2ea1528320adf8698155f2da7c4d1934e495656e698c1e37d34fc9cb6b218fde79d9dbdfb602dc881726a8b637705e21fff4f222e97d4f6348dc6e3f0e105a717c0289012dc7459d05144d2314cd1bd7fd131b56dc11291335ea4ea90ac9769c9494d973dc4dd05c7df948e5a38cfa6e6456b260c5796ff5dcd50f053dbaefb74660da846041e66f9568d5d237a387735665b84022573ee20e2b6326e748739d7b4bdd052829d2d4fd2e5053bb4d50d43194a6dcfdcbee593a8e09720449104f09de46bdf304c4da15623c1293d231d679c24d76f62ed2303bee4aae65e90a6c64a6a3349eadf612a7c03f0ca881a5a709dbadd355826f215dc8293ed5511df801e22621188520d2954359402c5819b9976282a9311fefa54b4a6358f4f828c96498c49bdfeab83cc5c57ae4f17058ece571e18990a9bdac37680f8ec659f95033d4db155b72c341087f3b3ed467845a9d7ae07297bfbde70b68be875988a140697e0ff84b03766e10a0befd7b5831c6b3bcb135fa5f65344dc095a2f1c761af180f55c4ce22c60ad6e10ea8c8cdf3cf23c4a0dadcc7d396cb50928a8477643e6cd2c526a3e4991df8f97cedeead37287b32a17eee927fb51440b92c09a01d1a323c68bdff7caafb7813aa66b41d53d0d48222aa40f05c1b6600e6a4025f77742ce9c8f43a6f70b7ac17ec7da40b9d2e117558188a496a20b437aec219c79f85ca027a8f5d4d9dd59e7359e91eaae49a964a301b647eb51880604b9a5ba8e29d9d8955c14bc3f71480f147cec1681d831d8d58742ae0f6175e40e54295276b483f81160ba4b365e95f3e220662eb5c6f838ce2bbccacffcd49b782b92a18d4b2fbfffe111080194f3d0e433ac472bd85d5deec6984593b49bdda7c2a1f0b36ab908f9c7748d6d77c5af686cd135fe961941a323f321d860ee735201cc9233f6fc1bcd5de921264e8bb0883b747905f51517839a147dcf7cef847a287a75539dbcd44a68dccceeeedae6d265ca8f41e7160e49d2e376f7287c07718d811a3d4aa31bf1692fc275fe1844be31e5799d2ddd9d539fb4b69517ed30f3ed3b617990869fe7a80426d2e674f148b5a1f7aabc11a60ef785b4b96c853a7f56e223ee9ee78dd0833203948ca8abc82df7c8d8f6c6feaf05be02df42302cb9fbdb7dbd48229c0c1e71221039dd79d5d8dd44ade7513dd546b9e13d4c3a1887cf76770d35e41a9bdfb40fd7f8510a307bf0143d26c158e993f3100356489a0674822fd3c121eaa6acc543c96011f28cf6d9a77e81c2d72192d1106731ee46a854d271ca02d366f2f8db1f55e9e7e1273f4845d8ddcdab22f6d8e50097051699fdd3ff8d0b8df617074a4be3b087fb7351ddfe91bed987e8aa0ed22033cbe440028241a932680b6a96b50fd7a4968df2fe1960572f86ee289e35acfce2b4226d66795bbd83fa0aefbdddfe4775a784fed2d70fd30043b1b6d6912b21242a80830950a2c84ddfd832eeee4f6371edbfe1eb97b860fce709b7749237c54becb6160953ee3f1ac4628df3acb50d5a04aff3933b944f9e5f771e95c308c41b7d5765f675563c0a8779e5cb1a92be973370b619ba24c1b69a881c52279f6160ff56c3d5357e3d16fe57b4fe4f32824b665d17f28b0407059af771e85bd5a43e452047b549505b017ad338dbde086efd25d0660e828838c23ba192afc3aa1b2a84600cb9e0d590079ccd8d34ffda79f368e9494644ffd7eb697bbdb04dde007e8e2ebe154190684bc7d34e5d377b4ae6e23351123780d8c3730b2f5db88e70c518e88fbe914d57544a534b12c05cfb88933c5de1df7e50d29b7ea5033aac7a37f921ad79472bad8fd58e1a93a3801afc0afde54e98918adf5b29ab1565e677e0785f4d6306d5030317d973e7370735dd8fabe8fb82f01b1db7170142aa41cdfb8af79c2ff5b525d63e471f23bb95ee380cc60d07ed20134eb196706a7fd4ff44d2b3c6993ca8c2a8446b0b4e55bb2c0a0cc883ba9e0d740315ae5c72012f75b2771f58f270484d29a2a616e30a6b0f82b81af925f9f637ad3f4f19f1bd1c54a916aca0dc8690bd1cddd68146bf9aa36d34b4dbfccd1efb525f866080440231c28e6e5dcc7517c1f9d60f2882f3173e12711a2498bdc0122b23e865206d9fac392c8a8823840283ab2a66030a7d0e7757a63f27d703692a25ff6d4a24f8c0f3009e2c3a31e16d8addc8b386ef4f1e5d01336d728a77d9ea8617be392866c3b3e5e04aff688f42c4f2ebc6c060243c8a0e6e6b5e67c45d048af23f77a99334eaeafffc1161573f741628a7d5de40f1b7748089ca743fc9b66988f41db14fdcb919b890cf5da9b66ef226e3845fbae345ed04b39f5e529ca4aab2fbe09d851a0719c123d1d7a9de283965a3a109280f8979626bb39386bfe7aca1c03bd9eccf868cda1d116e7b3500bf27251b34847cb38819cdc55b00484758a5f928a8e621fba2c3f88a117b0b34f9aa1484b0b3c64d971fa561e9d17c1c5bf048f8835898568332b9d06de819c18cfe5bc44428dc9dd10a92990babbcc5be4dbc15c6b49838fbb8b3f908ac9470c7f38da249ff72b45beae8727e30b859f3598563d4cd509cec30f182b41be025b159661c71a4b0a99618315d37e8670537fd1a2478ee9402a3f6fe2aefb41bb24fde3e5138058ebd7d265ddef1e0a8120f95cdab0f8bbb29b0962d02119fec598bf7a288c13169d9c3169ede67ee3495ca1cd1f8ea4632c4be4c5116a53355a0bc8325e218a5bbf796c4a91f54c8c5fbe05067e54b4af60a1471ff9aa848ab9625f3c1e4f66fda079352e824ff8f8e84b25698909b0983c0863cdf660104c3f18bc4b0477e64", 0x1000}], 0x3, &(0x7f0000001240)=ANY=[], 0xf0, 0x44001}], 0x5, 0x0)
dup3(r2, r3, 0x0)
fchown(0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff)

07:08:14 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf020000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  404.352265] erofs: read_super, device -> /dev/loop2
[  404.357814] erofs: read_super, device -> /dev/loop4
[  404.370512] erofs: options -> 
[  404.385161] erofs: options -> 
07:08:14 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x808002, &(0x7f0000000040))

07:08:14 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  404.438428] erofs: unmounted for /dev/loop4
07:08:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x5000000000000000}], 0x1, 0x0, 0x0, 0x0)

[  404.464282] erofs: unmounted for /dev/loop2
07:08:14 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}], 0x808002, &(0x7f0000000040))

07:08:14 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_DELRULE={0x1d90, 0x8, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFTA_RULE_EXPRESSIONS={0x1980, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@limit={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_LIMIT_BURST={0x8, 0x3, 0x1, 0x0, 0xff}]}}]}, {0x104, 0x1, 0x0, 0x1, [@counter={{0xc}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x9}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x7fffffff}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x4e8}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x3}]}}, @rt={{0x7}, @void}, @objref={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_OBJREF_SET_SREG={0x8, 0x3, 0x1, 0x0, 0x9}, @NFTA_OBJREF_SET_NAME={0x9, 0x4, 'syz0\x00'}]}}, @target={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_TARGET_REV={0x8, 0x2, 0x1, 0x0, 0xa7}]}}, @payload={{0xc}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_CSUM_FLAGS={0x8, 0x8, 0x1, 0x0, 0x1}, @NFTA_PAYLOAD_CSUM_FLAGS={0x8}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x101}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0xa93}, @NFTA_PAYLOAD_CSUM_OFFSET={0x8, 0x7, 0x1, 0x0, 0x6}, @NFTA_PAYLOAD_CSUM_FLAGS={0x8, 0x8, 0x1, 0x0, 0x1}, @NFTA_PAYLOAD_SREG={0x8, 0x5, 0x1, 0x0, 0xa}, @NFTA_PAYLOAD_SREG={0x8, 0x5, 0x1, 0x0, 0x16}]}}, @masq={{0x9}, @void}, @payload={{0xc}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x3}]}}]}, {0x1c, 0x1, 0x0, 0x1, [@objref={{0xb}, @void}, @objref={{0xb}, @void}]}, {0x5c, 0x1, 0x0, 0x1, [@dup_ipv4={{0x8}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xe}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x16}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_DUP_SREG_DEV={0x8}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x13}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x4}]}}, @tproxy={{0xb}, @void}]}, {0x64, 0x1, 0x0, 0x1, [@counter={{0xc}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xe5}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x9}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x8}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x200}]}}, @dup_ipv4={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x9}]}}, @limit={{0xa}, @void}]}, {0x78, 0x1, 0x0, 0x1, [@objref={{0xb}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_OBJREF_SET_NAME={0x9, 0x4, 'syz1\x00'}, @NFTA_OBJREF_IMM_TYPE={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_OBJREF_SET_NAME={0x9, 0x4, 'syz0\x00'}, @NFTA_OBJREF_SET_NAME={0x9, 0x4, 'syz2\x00'}, @NFTA_OBJREF_SET_NAME={0x9, 0x4, 'syz1\x00'}, @NFTA_OBJREF_SET_ID={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_OBJREF_SET_ID={0x8, 0x5, 0x1, 0x0, 0xff}, @NFTA_OBJREF_SET_NAME={0x9, 0x4, 'syz2\x00'}]}}, @cmp={{0x8}, @void}, @ct={{0x7}, @void}]}, {0x7c, 0x1, 0x0, 0x1, [@dup_ipv4={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x14}]}}, @quota={{0xa}, @void}, @flow_offload={{0x11}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}, @nat={{0x8}, @void}]}, {0x3c, 0x1, 0x0, 0x1, [@quota={{0xa}, @void}, @synproxy={{0xd}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0xb752}, @NFTA_SYNPROXY_WSCALE={0x5}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}]}}]}, {0x163c, 0x1, 0x0, 0x1, [@connlimit={{0xe}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x3ff}, @NFTA_CONNLIMIT_COUNT={0x8}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_CONNLIMIT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x1}]}}, @fwd={{0x8}, @void}, @dup={{0x8}, @void}, @match={{0xa}, @void}, @match={{0xa}, @void}, @bitwise={{0xc}, @val={0x1548, 0x2, 0x0, 0x1, [@NFTA_BITWISE_XOR={0x1180, 0x5, 0x0, 0x1, [@NFTA_DATA_VALUE={0xd5, 0x1, "be516d3a5785a7d87062692066df3e3002793133dccc5778ab57f317ecc3acd8f31bf6665f82b37fd3828c077f6dd7125a827930225bd4c2ec2b97413755f4d5b5f203a9b0dd947ad1a03db134eff7993cc148a0bc9ac033cd3e26e865f376f4c829067ab2bd03f0d2dfeddeb9a904399cbce1cc35c557842e3b31badc6331940c96c1ce0fd624625a09b8ebadfee549d1a2d3a96daf7ec3ae150ec1422836fc696f328b4841f5a5ea13c58e359ddc8eef21e05c3514f3733afb004f2ddde84ee9d9ef2832dcac8ea505a61e2b0cdd3de1"}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "1f0c51a1353ab732d8dc2f451ce853d380700b9e2dc88dbcddaa33c6cc35eff32aaded3f66229d3a85655875b7862032e5f0d283c1ccac76a702d1e042a352385fc1a900a7e88fb8fb38c8961896c1a3ed2ff553bcb40fae7a1284ecf6451639d2b938fc9292f6936853f8604cca5798ccb850cecc00399d99fbdf98aafd7f679f89516ef222bf5fb9b2c957c27b718ac29f79dcec2823b17f9388dec203b69611ee7ce3c88a90100f6984d4e0b311089a45051b92ae21bb280f17ae347f0016e3275ff92271903e57827f4f9ba0ca2de2a8ef454a016eba905a4c48e723f75096f19bfa63a2124479f5b103c89bd3a882715eef50f66ced280e52e5ec4998a749a99a5a90683a4e0c2108906cfb146dfcc908a198fac33a19d3233d3a2c359212ea0e500043a0cd15f0245d1d8d562ad2afaaee84d35fd8cf6107f89cf9125cc2c63e6987c01c8feb38ef1edac4e9cd421efd53a37802b350d75b378d8095f09bc30dc86308dd5c4e01d8c1271a33121e5b14f261e7d9ce491425b6b1b904af1d7390c1313521a07cd82be112db315b34f602fcc5e63aab23658bbd73b9e2d00d751e4c5e792fa21e57a5e2603c34d8f2e5b0690e5fcbc865033f3ac7e45cc2e62ec0d7bbcf5f55ab1fa8546f7d20bcb0a35a2d384859f531cd764779a21a7ceae599c12538df27649593e905c9f02c16ed76c935945cefa7aa89be9a8a6ae27ea7d3b9f808e11aeb0e572487c0f30557c86c486f9f297c77431e71ff9e875daef26ef3b55d89f8d8f562125e1b896aa6055d494c0193ceabfe3e0d370db588067e3d50f42bf28be5ad9fe9675620ec5ab7cf7304b5afaadd9de135d43f9208da93c0338d5babda8f7f1d7720e0531661a7613a91f1c4ba0682c8a4f7170e5ebf0b9a7a15fe225e34a289dd3cd2ebe99feff6528dddacc8a34eb96e856414901cddf7aae4559e36e4ecfba454345cd00002c9db016e27a9b4a2449b27767506922ae243fc04f2331b5d648b041e7c297a37fd8dd7f56cf9508ab85251eee4bf4602124d50f7a812a8fb2439c3ea2cdd1b63c186e949e95fbbed7456ecbb60011b93d03e53c6a56c592c7f6972ab93042884c2666719c4092903bc8ca387d6d62db6c28eba00dd81fef793b912c9cb69069e38b9f523181a53243e4a36556c205c42ffc1eb5f450cc35c0206a80bb538fa646e8e4661191b9938928b3300fe6a95f4115fdc3e04bccce62d4d30e9ad8fd2e335582d5095c4adb2bd57a4557366006ff8627d31bed9aa2ae0e5324d41e00d69fa1f4e74d7f2c03c9a26d64f2faeb0dd597e13aa6c9701926c93326e3256af1a309a22e608ef0d3f238924e925f8940dcb2ce3deca76ab8d646bb65b889461a61d432bd5d33c474014154509ce9a9c0bf82ec3f895e9d17c6bca2e834a18b648fed8338aa3cc7834b897f3a6ba3a533ab01fff19eb08b660d0d592209452e6cbfddf9e1f8e0a6f9867464ecf6e7a33e95b7e35c76f6f29d2582b09c444877a88e4fad713f60f4f753f0c5b2d45b54e9f5f5df1d54b7cafe60d43132682820dd20b3556474eedb74c1b9c9012ed34dfce1d6796277b0429f15c1a4b26065532023d81ff05bb7b00ea582debb7475b8140d6eab5b6496dba10c51b732ec0196b5eb8446311ff69d8e83817f3e8d6475f4bb9ef4a40ffbc9f5f25027cf63c89657f515e33c3554a34e2c741d3c5770cea6f4dbef5cec1976f2bb6436a78ff86a0f6475c1ea899d0f873315b82c4b948a0fc2032424d3308dfd11e51e830f36d89935e860c6fc138378bebf02f421367f5aef3e32dd2c087b874d80ccc4f77ba3d1c15b18e26c3a0aafafcf84b0827267dc80ff9e49153a968d4236c65cbf8e8b131763373a2c0c0fae125aa1aed848b898cd534f280269e0a73af03f7880b61180f2549a6db35066a243cfafe73279d16de115ffbfbb3a71a36b58d48241716b9a23485815b31a508e57d00a122fc330cf591f781dc87ba7393a46bf7b6214dfabaf9cc0eced09c92f95afb70df4e1c5c6b20a3a3a91ec2c6daefe022a920d0abcdd9ff50635c99f532eb58027b61d27e77df2d9c37802130622ff72b805549f01fc77b0f8b926e4a2c825b99ddde00f69858c58ddc8144fbd85963a8c4a5c6b19b1b6fa7193ff44479f7f4a017dfa34be31171317806c2caa41e1e5f6198c281264816ca35c2cec6dcfdfdf6f2480bc70849f990589d6f2e0f66b253d49d89cc9a0b3bceb7ce9bea7ce96875336594f3aa5f392b088b923d66ac532d64063ad4886508bf954d9fd3c30ba2a9b2c25e9bc82f246392e3ec663af9cf1a92c60e6914bdb07e89052340817d045db69e4bff1521694cf0ca5a77611086c4e6a977bbf0f0690b77ebd630b2a000983d6b6fec5a17eba2594b8083a03c6d21f3625cef67a076ebf296d50ee27680f310dd009ec9347027cb68858a514c377f08d093d5bcf8de3358b3800c89901aaf73dcd78ac60a7d3158f94c7f1048f68959f64a5eaedcbcd68c46592c33f04c4b7e0b04126b8a65b0a6d6df536a7c74ebdda145239c41443586c33ba492e6f2e4d66e8332cfe43ee48bcd32f97d206776f578e9010f6467a1292995e25f6ae9770d1d3d85edcd4e8802c0ad6c08cdd29969a1ef2752316ca8ec41c31d2856db9541ccfce8c76c92db801d0613abd0d8f2206c007ab17abd4b27338ee7623244d841b944d6780da141d2336ef763ede3cf559f507c7548950c0db1c53c9c0b2a74487133039125e2ea3216f64adfb59889a39f847f12a4bec6d75fb5a4c09a3be14990793a01c79c719f9ab10cc470bea40b2697a2d24eb5cb5871716a0751ee597b3cdd8966b479baba122614b1f488d0d0c0d6918493184b02f58c45d90bb9d5d87652b67e528065f44f0d341c1412f56c4fb6d2eb6adac90c3fcb113fc37eef4cb020bc02c9de7cb5a8f49dd389117339205ea2f94af3ca76fa185f7cd9b94455f56e815ad5f244236d246e3bc313ad1dd4ced8a05c7467c8f6052763fd6eea790cecd238c362e4afae0b673c47b63d2e034e2231dd37c89d4ee4e210a9c6cb3b2b3408c4ab0a16e896619d4e15861975ca85dee2b3db590f6d1eeae1cc631634ea93fbdcaf749d989fee2be8ef398f7b8345bc6899e57737d1e9b956815f4a4c013b4dae370751a9c3c6ef9d90b5cea757f98df8b1462577c2da3389c8cd75435626acc43c9aa696b3e8d27b8e16d403f2f8cd79d0c0f1a69042d9b4b18dc53c40ad30a96f35729683782c82472cac383466ba56f53d72fcca5defaa9c0823d36ced7f065b92a63191ca1d5e764287c0e085dcb4e0fd363035b57d2eee39844f10aa25ad767c4cc4c37928a77363133b9f541d5e16ab7f8a7d9a575e880f92b921e63962060d1a3ea74a6fa3d7e94b8bbe2f89147df8e9a8ea539d4d2e2b8dacb1351d0770c1c395cf486103781fbc43242d446d2b4c333f7e78c108378d9336b25073ab303cde1abdd927b8b366ccb82311e52d485761df5bbd1682c3857a5b776c0d29fb7565943ee595892f737fb64c7cecc76c822e8538aa2922e268f787ec2e729a9af31859e5ba3e206d97221493d39cf55948a7575bef85dda5025f4636f689f35bbaf2089cdb218e4c3a3164c0bfbfd468350cd24b2839c7be28753cb16e6782f266dd0caed6215f694113496a0fc0cdbc27ea17a2fcd16f4ccfbec49d6aec902e9ab74857496672b6be0a4526a22eb9c5c27f425009533360483b8a8e55d370de7ca0ce97b1b66c717d7ce16ff3d1a43dcf195a0ab9893322c736fbab7a3253f3faad919c8826275fa164ad0a542f68fa3b38beae2ec53bbcbc74b2b2a58719606f70a164ecb4851be5aa67058bf1d01f9804d41fe43d24269ddfd9a4f64aa88f2d0610eac2f95d3800b47da9999eea61c313b47820f63e50faaeabeb544098d2826bc5e6d5f83fa8fcddc20dca102676f4038577d09c0a8483cc0ca78faf4b6af7e0474587d77516357de38cf35f23d8d3f2c4f15531a3ee9786339f0d6ef6dcb9dfd0983bc6c97d8cd0cd363f6719c818de9fe6e160ea2cdf846a7017d3fc6863bd9d007477608521d2b1bd6be3bc502041488a30fe18ff7cfb4af2574b9eee375902bb7d8b9a600d816ff149acc8ae50796b2c875c53749451e8ceeffa2d36e400ab2527170076aa871781882f1250292ae3461ab61461e4f175583001a6e447fffc38d6d6389ed0f81406d0039dc5dffaed3bbc4b3d95ad9fcc4d3fedf7dd3ad7ac1f8e88150e72299d092e0ac8a179d5f163880f2889c5ac66b3c7a00eac2559e2fcda236e5d0c3dd3d930c16ce505c2ea3da8dd30cc3b33901380764162540ec05f9e884f70503bef1e8dbcf7a3cbd63b045c099afa9090f54f991c5b983d6830aa86df60176d4dd2af8cd5da790b3e177bc25da9317514bcfba8d9010ce171c45a2402cd814ff4183d0c0d2c4510ba198d85521d63e46709a8475e3f764328dd23acbf4b5230e0bc0ab22cb4d3fb0aa52bf4454ac3d64a32de58cb9f2f8b5d27414ee6c69588debbf78fbdb65521fca3a8f69664cf346f24816d185dac0872822dad8c6dd36c29171886eac769648950058b0a3781d95b8669da40e11a66ae929ef228bcba118e0fbf1fe42bc6f795e166a9c2abdc446ed5183b81fdc24f0a72798ab06fcaed73b7bae32f9b49e5e30711c116e02bd1bef078604922dc55a627d6f22df91677a3381b045096da67292da59cc3afed502ae0e568354c25aadbc1fefeba419baf0e3a8eed847e1eabf1e151a0c42f5ac6193927f025a75de5d025ed740105a50f3821870bcf50f50f67e894f62f86514d5b9ba7ed587723255800a064fa6852e1c7f4fd086a371368071933544fade2d96380c978a8086db3cca2e0f1bdc3d694a38171457294b70d2b4308a23812a519f24ed3cb8b261a13bffc171f561c85a2e62c8f6429697eee50fdb32bc58ce9cfb61b6f6424d9ffc26745cd91266b4402494ccf16a2ef3193d1da19fb459c500bf95dfeb94d1b0fc7a3ba097ea93855635bef5d474dd127ed32518c309f1253bb63cbe8bc8914e249e11cdee8fab4b123e6c5c17cfe0e01d642e2e3222fc2a6b543f17708fb2ed1b11449bc2db1d12117ed330ef030d7c5fa9b3f490d2643074815c2022efc30a3778eeebc750e223c9899f269e95c0aad1fcf0ecdcba5ce41d89f4ba2fe4d32a503cfc6871d46a0d78d3d7a2963e5fb42fa615d5da9fff5f9e3d6178d1a6303747c99b1a013b5671b30ac130d9f522214accb48653d9aef38eb509e2a4b477f7629d185680a6fba619932305be0f8d036d42d4c82693db900edac8e73eea4a0aca6cb74aa727718bcc98bc1cd9b18f8d50967923912dbe9418f3527a59bb5d17a8fba1229ffc1db242fc7f1ecbc70a33c0b6a4bb19fe2796cc587dd5c76a5fada9a6f60fe199d737e7cd37b52d283f2786c99e6a8e81f7b8e0da94f9f025d1874b069e1d40bdeead435c403105c34c22567927af27ed88d168fec056f90eef326d06c14cafa7df0317bffd0a532ca4615867fa0b0d35539f4fb891153b30b395f5446a600fbc4bb45e411ba4ff2942799cf3075624acd34f0016e23e25eb00aa61ebb5f5b18eb9aa4081e6405119882af665dea5265420f2d356ad3033247b007e5d1b9bc664340fe700cd8aaf99c3c8edd12667c9890c108bd35da1db3571cf68ed5cdb07cd28f9ac8e1a996de25b709b4c0ffc9f9205af1204a553976a485aca1ac4784f7d5b27de510a76d172f6ddea5d2c2b5611266f4177d9abd78"}, @NFTA_DATA_VALUE={0x86, 0x1, "6b08bb671c52f1174185df23e82a97228cc4a58642349842df76ab83b4e0b16677ce53647dd759796641f18fac458b82dc1aa82ff6ce93c3bd5e77438ac8219cf89cb62ef1727f4a4cbc6215e05922f944690cd0ac9546e88c2f46ad8ff6a35d88aa87075ddac14a8d51c10d0fa2362ac830be6b7189d588c34b2066d9ad18eca213"}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}]}, @NFTA_BITWISE_MASK={0x20c, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, 'B'}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VALUE={0x77, 0x1, "70df6ec3fae29a33a26661127e603c8a9d3358f48c98b83278e911851ee70e9dce843af3b496a597b02b3bcd251b74002748d97ab548195fe3488aeca8c2bc55c8e16505e6258bc9b49f419503dc6150cef666def86f808c1c72eb7953b895f3b2ffff141c136b1e6658b4829df5cd5ebebf7f"}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0xe8, 0x1, "f70d46cd6c280b6b7ba1337e37e3a40d01075c46715628ffea728e6ee28a6f535d4758c279df05edb59a7c7b30d87b86c8999d48177df49b491d7a6929580ba16b1fc51171d306e451f62969bd681abdee0c55b8d1b7474b634a16d491d5e4805b7c9200918cb8c6558d8e71f471378b3b3ca09e0331a677c95fe57fa9a62f338ff12583a917a7d45de624313601668dd2d13fa835b1f907be375d85367178442a9d2e3f8ab3683bb65dcd829b232fdd827d1c223964f6e34f05367a045a6c174489f211f1290e159504eae5dc587df863b8b7b057787fdbf7423176e59091619f159f67"}]}, @NFTA_BITWISE_MASK={0x198, 0x4, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0x95, 0x1, "0cba1e23b4ca179f990bd74f65d767af75bdf7563c7b66cd48d5a93f7f4145245ab48f033fb21c56c2d1f9732a5e761a014042069e3a7c2ef364119716d625c8a8572dd09eb268e6c39776d055acec184ed4355499c82e98c8300c7791a3b607ac4e77833b587d275fd1318426439c6a0dc53569699440693d6ce897946928a9798aabcd65a4357226c4d1d1a6ebc5e69c"}, @NFTA_DATA_VERDICT={0x6c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0x1f, 0x1, "ac35cf21b37b7746108a8d23c244fcbc459d0bf5d9422218abc738"}]}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x1000}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x8001}]}}, @dup={{0x8}, @void}, @payload={{0xc}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_SREG={0x8, 0x5, 0x1, 0x0, 0xa}, @NFTA_PAYLOAD_CSUM_OFFSET={0x8, 0x7, 0x1, 0x0, 0x9}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x93}, @NFTA_PAYLOAD_CSUM_OFFSET={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_PAYLOAD_CSUM_TYPE={0x8}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x80000001}]}}, @connlimit={{0xe}, @void}, @payload={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_PAYLOAD_CSUM_TYPE={0x8}]}}]}, {0x14, 0x1, 0x0, 0x1, [@byteorder={{0xe}, @void}]}]}, @NFTA_RULE_EXPRESSIONS={0x2e4, 0x4, 0x0, 0x1, [{0x220, 0x1, 0x0, 0x1, [@connlimit={{0xe}, @void}, @quota={{0xa}, @void}, @xfrm={{0x9}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_XFRM_SPNUM={0x8}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x6}, @NFTA_XFRM_DIR={0x5}]}}, @masq={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MAX={0x8, 0x3, 0x1, 0x0, 0xb}, @NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0xe}]}}, @match={{0xa}, @val={0x14c, 0x2, 0x0, 0x1, [@NFTA_MATCH_NAME={0x6, 0x1, '\xdc\x00'}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_MATCH_INFO={0xd4, 0x3, "e2cb595a7ada72ad9fd1056cbfc7180a0f5faa218ce193e298cddba5f86539ab99b5b32bf654f89dbcb940970d00ce47282ea33ccc2c4fb14692872a3b9075a45de32160fdef0c30e928658a1b104a7701eeaa7ffda50c854785058d6b577cb96f01ec3318a52955d1ae4458940d574f0e1a4fbfa4cf53fd8011ed18b9b7759c62ae0ac89f73a142b685e7871054cc5660b18efb51472aa19f5f172f17a5411f64b7510ea942fd7c33c5574bf7b99d16451c0718c0c8fcd1ec5b4899b9c369ca3bf0d7e814cd32ffc10c160c1a97b4fd"}, @NFTA_MATCH_INFO={0x3d, 0x3, "020fdcd5dd8b0ca8982a9ce71ccd68ae14bdf5ae67cbd1d99d21cc04f9216f3c3b51b104d9893a4fb1b99831385ad0953e3cbb625d55759c6b"}, @NFTA_MATCH_NAME={0xf, 0x1, '%:^]%#&&^)\x00'}, @NFTA_MATCH_INFO={0x5, 0x3, "c4"}, @NFTA_MATCH_NAME={0xb, 0x1, ',/@)#@\x00'}]}}, @hash={{0x9}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_DREG={0x8}, @NFTA_HASH_SEED={0x8, 0x5, 0x1, 0x0, 0xff}, @NFTA_HASH_LEN={0x8, 0x3, 0x1, 0x0, 0x1c}, @NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0x13}, @NFTA_HASH_SEED={0x8, 0x5, 0x1, 0x0, 0x1000}, @NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0x14}]}}]}, {0xc0, 0x1, 0x0, 0x1, [@dup={{0x8}, @void}, @objref={{0xb}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_OBJREF_SET_SREG={0x8, 0x3, 0x1, 0x0, 0xc}, @NFTA_OBJREF_SET_NAME={0x9, 0x4, 'syz1\x00'}, @NFTA_OBJREF_SET_NAME={0x9, 0x4, 'syz0\x00'}, @NFTA_OBJREF_IMM_NAME={0x9, 0x2, 'syz0\x00'}]}}, @tproxy={{0xb}, @void}, @hash={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_HASH_OFFSET={0x8, 0x6, 0x1, 0x0, 0x6}]}}, @connlimit={{0xe}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x10001}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CONNLIMIT_FLAGS={0x8}, @NFTA_CONNLIMIT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_FLAGS={0x8}]}}, @numgen={{0xb}, @void}, @lookup={{0xb}, @void}]}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_RULE_USERDATA={0x102, 0x7, 0x1, 0x0, "dbe512f01eb55a5137a91941b22a63049c4ff8a04a4a5039ee230b2eb994a46372411d5280b94bd5edcaf240f48dd19351f68ebc9c303192c2b0e308fc5bcbdd8d9fe77e085d735581166fe1da6814fb3d7138dc38c9e5b1530a36781a825a96f9665b2fe608d5750a1310e6c30d049f44a4237183d7f58148ac43e32d8589d35fc72e5d2cc90c805afd127f528cb3c385394d5c470f3b33ffca18f4261379fcfe88d5dfdfbc2531bc3b3ab89102858da7f6dd2336a8a92ab43c637b4067b44be961ab10cc32cd2cea57d446dfd574c94a7d7ef9a729decf6f01882957912c8a809003b5263cee8a4adaf95bc30122349200912d46d78561237f203d715e"}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}], {0x14}}, 0x1db8}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x2c, 0x2, 0x2, 0x401, 0x0, 0x0, {0xa}, [@CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x101}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x7}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x3}]}, 0x2c}}, 0x840)

[  404.554002] erofs: read_super, device -> /dev/loop4
[  404.612983] erofs: options -> 
[  404.634009] erofs: read_super, device -> /dev/loop2
[  404.639759] erofs: read_super, device -> /dev/loop5
[  404.657487] erofs: options -> 
[  404.661055] erofs: cannot read erofs superblock
[  404.663020] erofs: options -> 
[  404.689420] erofs: unmounted for /dev/loop4
[  404.788074] erofs: unmounted for /dev/loop2
07:08:14 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8a00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0x8000000000000000}], 0x1, 0x0, 0x0, 0x0)

07:08:14 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf030000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:14 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}], 0x808002, &(0x7f0000000040))

07:08:14 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:14 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000500)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@remote}, 0x0, @in=@loopback}}, &(0x7f0000000600)=0xe8)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000006c0)={'tunl0\x00', &(0x7f0000000640)={'syztnl1\x00', <r2=>0x0, 0x8818, 0x700, 0x3, 0x8a52, {{0x10, 0x4, 0x1, 0x5, 0x40, 0x68, 0x0, 0xc4, 0x29, 0x0, @multicast2, @remote, {[@timestamp={0x44, 0x14, 0xf, 0x0, 0x9, [0x2, 0x6, 0x80000000, 0x2]}, @rr={0x7, 0x17, 0x81, [@empty, @empty, @local, @private=0x101, @local]}]}}}}})
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vlan0\x00', <r4=>0x0})
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000800)={&(0x7f0000000700)=@RTM_NEWMDB={0xd8, 0x54, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x3, 0x1, {@in6_addr=@remote, 0xc5b3}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x0, 0x1, 0x4, {@ip4=@multicast1, 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x0, 0x4, 0x4, {@ip4=@private=0xa010101, 0x96dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r2, 0x0, 0x2, 0x0, {@in6_addr=@empty, 0x8edd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x3, {@in6_addr=@private2={0xfc, 0x2, '\x00', 0x1}, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x0, 0x1, 0x1, {@in6_addr=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x86dd}}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x4000011}, 0x4004800)
r5 = socket$packet(0x11, 0x2, 0x300)
getsockopt$IP_VS_SO_GET_SERVICE(r5, 0x0, 0x483, &(0x7f0000000440), &(0x7f00000001c0)=0x68)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000858600e8ffffffffffffff000080", @ANYRES32=r7, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000050700"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128000028005000700030000000a00"/38, @ANYRES32=r10, @ANYBLOB], 0x44}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r6, &(0x7f00000000c0)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000011002504000000001000000000000000", @ANYRES32=r12], 0x20}}, 0x0)

[  405.248183] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  405.269142] erofs: read_super, device -> /dev/loop4
[  405.274180] erofs: options -> 
[  405.291139] erofs: read_super, device -> /dev/loop5
[  405.303586] erofs: read_super, device -> /dev/loop2
[  405.313028] erofs: options -> 
[  405.316352] erofs: cannot read erofs superblock
[  405.369263] erofs: options -> 
07:08:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xf6ffffff00000000}], 0x1, 0x0, 0x0, 0x0)

07:08:15 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf040000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:15 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}], 0x808002, &(0x7f0000000040))

07:08:15 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  405.451386] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  405.460019] erofs: unmounted for /dev/loop4
[  405.467473] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  405.484679] bond1 (unregistering): Released all slaves
[  405.490887] erofs: unmounted for /dev/loop2
[  405.590095] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  405.611189] erofs: read_super, device -> /dev/loop4
[  405.616350] erofs: options -> 
[  405.621206] erofs: read_super, device -> /dev/loop5
[  405.626244] erofs: options -> 
[  405.638954] erofs: read_super, device -> /dev/loop2
[  405.666875] erofs: cannot read erofs superblock
07:08:15 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf080000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xfcfdffff00000000}], 0x1, 0x0, 0x0, 0x0)

[  405.692225] erofs: options -> 
[  405.708495] erofs: unmounted for /dev/loop4
[  405.727794] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  405.737267] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  405.748412] bond1 (unregistering): Released all slaves
[  405.838385] erofs: unmounted for /dev/loop2
[  405.881003] erofs: read_super, device -> /dev/loop4
[  405.886042] erofs: options -> 
[  405.926080] erofs: unmounted for /dev/loop4
07:08:15 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8b00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:15 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0}], 0x808002, &(0x7f0000000040))

07:08:15 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xfdfdffff00000000}], 0x1, 0x0, 0x0, 0x0)

07:08:15 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x10, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013001d040000000000000000050002c0", @ANYRES32=0x0, @ANYBLOB="000000000000000008000a0010000000140003006970766c616e31000010000000000000"], 0x3c}, 0x4b, 0x5e}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={0x0, 0x120}, 0x1, 0x0, 0x0, 0x4000848}, 0x50)
sendmsg$nl_route(r0, 0x0, 0x0)
r2 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
setsockopt$bt_hci_HCI_FILTER(r2, 0x0, 0x2, 0x0, 0x0)
r3 = openat$audio1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$dsp(r3, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0x0, 0x0, 0xac, 0x0, 0x0, 0x6, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x0, 0x33dc}, 0x10222, 0x80000001, 0x4468b3d0, 0x9, 0x7be0c0a2, 0x0, 0x6, 0x0, 0x80000001}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x28, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT={0x8}]}]}, 0x28}}, 0x0)
sendmsg$NL80211_CMD_DISCONNECT(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x48, r6, 0x400, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x0, 0x35}}}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2f}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x36}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2d}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x23}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3a}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x20000800)

07:08:15 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf140000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  406.221972] erofs: read_super, device -> /dev/loop5
[  406.234022] erofs: options -> 
[  406.234502] erofs: read_super, device -> /dev/loop4
[  406.243019] erofs: read_super, device -> /dev/loop2
[  406.248496] erofs: options -> 
[  406.259735] team0: Device ipvlan1 failed to register rx_handler
07:08:16 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0, 0xffffffff00000000}], 0x1, 0x0, 0x0, 0x0)

[  406.282932] erofs: cannot read erofs superblock
[  406.296145] erofs: options -> 
[  406.315229] erofs: unmounted for /dev/loop2
07:08:16 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf250000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  406.371744] erofs: unmounted for /dev/loop4
07:08:16 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0}], 0x808002, &(0x7f0000000040))

[  406.449522] erofs: read_super, device -> /dev/loop2
[  406.454555] erofs: options -> 
07:08:16 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x2, 0x0, 0x0, 0x0)

[  406.535021] erofs: read_super, device -> /dev/loop5
[  406.552824] erofs: read_super, device -> /dev/loop4
[  406.569617] erofs: options -> 
[  406.573188] erofs: unmounted for /dev/loop2
[  406.590524] erofs: options -> 
[  406.595130] erofs: cannot read erofs superblock
[  406.682019] erofs: unmounted for /dev/loop4
[  406.736666] erofs: read_super, device -> /dev/loop2
[  406.769338] erofs: options -> 
[  406.832952] erofs: unmounted for /dev/loop2
07:08:16 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8c00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:16 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf370000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:16 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0}], 0x808002, &(0x7f0000000040))

07:08:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x3, 0x0, 0x0, 0x0)

[  407.156655] erofs: read_super, device -> /dev/loop4
[  407.168570] erofs: options -> 
[  407.200450] erofs: read_super, device -> /dev/loop5
[  407.224249] erofs: options -> 
[  407.235639] erofs: cannot read erofs superblock
07:08:17 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:17 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcfb70300000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:17 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:17 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  407.343397] erofs: unmounted for /dev/loop4
07:08:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x4, 0x0, 0x0, 0x0)

[  407.469410] erofs: read_super, device -> /dev/loop2
[  407.474728] erofs: read_super, device -> /dev/loop0
[  407.477927] erofs: options -> 
[  407.482255] erofs: options -> 
[  407.492038] erofs: read_super, device -> /dev/loop5
[  407.492057] erofs: read_super, device -> /dev/loop4
[  407.504692] erofs: options -> 
[  407.509935] erofs: options -> 
[  407.526242] erofs: bogus i_mode (0) @ nid 36
07:08:17 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:17 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:17 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcfcc0300000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  407.576263] erofs: unmounted for /dev/loop0
[  407.584597] erofs: unmounted for /dev/loop2
[  407.618253] erofs: unmounted for /dev/loop4
[  407.728907] erofs: read_super, device -> /dev/loop0
[  407.734160] erofs: options -> 
[  407.736213] erofs: read_super, device -> /dev/loop2
[  407.753407] erofs: options -> 
[  407.776271] erofs: read_super, device -> /dev/loop4
[  407.785920] erofs: unmounted for /dev/loop0
[  407.788070] erofs: options -> 
[  407.816113] erofs: unmounted for /dev/loop2
[  407.900430] erofs: unmounted for /dev/loop4
07:08:17 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8d00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x5, 0x0, 0x0, 0x0)

07:08:17 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:17 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:17 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:17 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003200000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  408.129859] erofs: read_super, device -> /dev/loop5
[  408.157801] erofs: options -> 
[  408.165406] erofs: read_super, device -> /dev/loop2
[  408.168875] erofs: read_super, device -> /dev/loop0
[  408.174252] erofs: bogus i_mode (0) @ nid 36
[  408.177830] erofs: read_super, device -> /dev/loop4
[  408.183428] erofs: options -> 
[  408.185831] erofs: options -> 
07:08:18 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  408.227066] erofs: options -> 
07:08:18 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:18 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x6, 0x0, 0x0, 0x0)

07:08:18 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003300000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  408.278999] erofs: unmounted for /dev/loop2
07:08:18 executing program 0:
syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  408.310938] erofs: unmounted for /dev/loop4
[  408.325736] erofs: unmounted for /dev/loop0
[  408.383486] erofs: read_super, device -> /dev/loop5
[  408.390503] erofs: options -> 
[  408.409599] erofs: read_super, device -> /dev/loop4
[  408.421039] erofs: read_super, device -> /dev/loop2
07:08:18 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x7, 0x0, 0x0, 0x0)

[  408.440998] erofs: options -> 
[  408.447136] erofs: bogus i_mode (0) @ nid 36
[  408.452801] erofs: options -> 
[  408.525715] erofs: unmounted for /dev/loop4
[  408.530264] erofs: unmounted for /dev/loop2
07:08:18 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8e00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:18 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003400000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:18 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x20000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:18 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:18 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x9, 0x0, 0x0, 0x0)

07:08:18 executing program 0:
syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  409.048663] erofs: read_super, device -> /dev/loop5
[  409.065818] erofs: options -> 
[  409.086648] erofs: bogus i_mode (0) @ nid 36
[  409.101126] erofs: read_super, device -> /dev/loop2
[  409.101797] erofs: read_super, device -> /dev/loop4
[  409.106168] erofs: options -> 
[  409.133212] erofs: options -> 
07:08:18 executing program 0:
syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:18 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0xa, 0x0, 0x0, 0x0)

07:08:19 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x23000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:19 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003500000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:19 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  409.310333] erofs: unmounted for /dev/loop4
[  409.310371] erofs: unmounted for /dev/loop2
07:08:19 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0xb, 0x0, 0x0, 0x0)

[  409.519835] erofs: read_super, device -> /dev/loop5
[  409.522375] erofs: read_super, device -> /dev/loop2
[  409.532075] erofs: read_super, device -> /dev/loop4
[  409.543226] erofs: options -> 
[  409.543956] erofs: options -> 
[  409.556259] erofs: options -> 
[  409.589252] erofs: bogus i_mode (0) @ nid 36
[  409.618884] erofs: unmounted for /dev/loop2
[  409.641303] erofs: unmounted for /dev/loop4
07:08:19 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x8f00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:19 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0xd, 0x0, 0x0, 0x0)

07:08:19 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:19 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:19 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003600000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:19 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  410.057735] erofs: read_super, device -> /dev/loop2
[  410.062944] erofs: options -> 
[  410.079583] erofs: read_super, device -> /dev/loop4
[  410.084730] erofs: options -> 
07:08:19 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x60000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  410.103398] erofs: read_super, device -> /dev/loop5
07:08:19 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003700000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  410.149526] erofs: unmounted for /dev/loop2
[  410.155348] erofs: unmounted for /dev/loop4
[  410.177031] erofs: options -> 
07:08:19 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:19 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x10, 0x0, 0x0, 0x0)

[  410.204307] erofs: bogus i_mode (0) @ nid 36
07:08:20 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x21, 0x0, 0x0, 0x0)

[  410.328212] erofs: read_super, device -> /dev/loop4
[  410.333532] erofs: options -> 
[  410.353901] erofs: read_super, device -> /dev/loop2
[  410.377290] erofs: options -> 
[  410.423538] erofs: read_super, device -> /dev/loop5
[  410.435828] erofs: unmounted for /dev/loop4
[  410.441463] erofs: unmounted for /dev/loop2
[  410.464273] erofs: options -> 
[  410.476834] erofs: bogus i_mode (0) @ nid 36
07:08:20 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9000, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:20 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), 0x0, 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:20 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003800000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:20 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x83030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x50, 0x0, 0x0, 0x0)

07:08:20 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  410.985730] erofs: read_super, device -> /dev/loop2
[  410.991103] erofs: read_super, device -> /dev/loop4
[  411.001590] erofs: options -> 
[  411.007490] erofs: options -> 
07:08:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0xe8, 0x0, 0x0, 0x0)

07:08:20 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:20 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003900000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:20 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x85030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  411.067347] erofs: read_super, device -> /dev/loop5
[  411.076919] erofs: options -> 
[  411.107323] erofs: bogus i_mode (0) @ nid 36
07:08:20 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  411.143527] erofs: unmounted for /dev/loop4
[  411.147956] erofs: unmounted for /dev/loop2
07:08:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x600, 0x0, 0x0, 0x0)

[  411.245943] erofs: read_super, device -> /dev/loop0
[  411.248522] erofs: read_super, device -> /dev/loop2
[  411.252580] erofs: options -> 
[  411.276149] erofs: options -> 
[  411.320836] erofs: unmounted for /dev/loop0
[  411.361369] erofs: unmounted for /dev/loop2
[  411.370144] erofs: read_super, device -> /dev/loop5
[  411.375200] erofs: options -> 
[  411.378697] erofs: read_super, device -> /dev/loop4
[  411.383714] erofs: options -> 
[  411.405341] erofs: bogus i_mode (0) @ nid 36
[  411.482258] erofs: unmounted for /dev/loop4
07:08:21 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9100, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:21 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x808002, &(0x7f0000000040))

07:08:21 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x86030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x900, 0x0, 0x0, 0x0)

07:08:21 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003a00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:21 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  411.882981] erofs: read_super, device -> /dev/loop5
[  411.883877] erofs: read_super, device -> /dev/loop2
[  411.900947] erofs: read_super, device -> /dev/loop4
[  411.913980] erofs: options -> 
[  411.919101] erofs: options -> 
[  411.924183] erofs: options -> 
07:08:21 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x808002, &(0x7f0000000040))

07:08:21 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003b00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  411.950751] erofs: bogus i_mode (0) @ nid 36
07:08:21 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:21 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x808002, &(0x7f0000000040))

07:08:21 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  412.007827] erofs: unmounted for /dev/loop4
[  412.012423] erofs: unmounted for /dev/loop2
07:08:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0xd01, 0x0, 0x0, 0x0)

[  412.164277] erofs: read_super, device -> /dev/loop5
[  412.182374] erofs: options -> 
[  412.213697] erofs: read_super, device -> /dev/loop2
[  412.221203] erofs: read_super, device -> /dev/loop4
[  412.244479] erofs: bogus i_mode (0) @ nid 36
[  412.253911] erofs: options -> 
[  412.263712] erofs: options -> 
[  412.373542] erofs: unmounted for /dev/loop4
[  412.398600] erofs: unmounted for /dev/loop2
07:08:22 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9200, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:22 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}], 0x808002, &(0x7f0000000040))

07:08:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x4000, 0x0, 0x0, 0x0)

07:08:22 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:22 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003c00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:22 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xac030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  412.771660] erofs: read_super, device -> /dev/loop5
[  412.781532] erofs: read_super, device -> /dev/loop4
[  412.793158] erofs: options -> 
[  412.805593] erofs: options -> 
[  412.810500] erofs: bogus i_mode (0) @ nid 36
[  412.820274] erofs: read_super, device -> /dev/loop2
[  412.825453] erofs: options -> 
[  412.868804] erofs: read_super, device -> /dev/loop0
07:08:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0xc000, 0x0, 0x0, 0x0)

07:08:22 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:22 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003d00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  412.896141] erofs: options -> 
07:08:22 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xba030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  412.924959] erofs: cannot read erofs superblock
[  412.930357] erofs: unmounted for /dev/loop4
[  412.948151] erofs: unmounted for /dev/loop2
07:08:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0xff00, 0x0, 0x0, 0x0)

07:08:22 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}], 0x808002, &(0x7f0000000040))

[  413.049729] erofs: read_super, device -> /dev/loop5
[  413.055007] erofs: options -> 
[  413.075191] erofs: bogus i_mode (300) @ nid 36
[  413.084126] erofs: read_super, device -> /dev/loop4
[  413.092623] erofs: options -> 
[  413.167502] erofs: unmounted for /dev/loop4
[  413.200392] erofs: read_super, device -> /dev/loop2
[  413.205691] erofs: options -> 
[  413.219930] erofs: read_super, device -> /dev/loop0
[  413.231527] erofs: options -> 
[  413.245599] erofs: cannot read erofs superblock
[  413.258365] erofs: unmounted for /dev/loop2
07:08:23 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9300, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:23 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:23 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003e00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1a5bac, 0x0, 0x0, 0x0)

07:08:23 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbb030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:23 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}], 0x808002, &(0x7f0000000040))

[  413.723545] erofs: read_super, device -> /dev/loop5
[  413.730253] erofs: options -> 
[  413.745878] erofs: bogus i_mode (300) @ nid 36
[  413.753716] erofs: read_super, device -> /dev/loop2
[  413.770282] erofs: options -> 
[  413.774127] erofs: read_super, device -> /dev/loop0
[  413.790375] erofs: options -> 
[  413.797116] erofs: cannot read erofs superblock
07:08:23 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  413.858445] erofs: read_super, device -> /dev/loop4
07:08:23 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbc030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x40000000, 0x0, 0x0, 0x0)

07:08:23 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0}], 0x808002, &(0x7f0000000040))

[  413.882088] erofs: unmounted for /dev/loop2
[  413.896475] erofs: options -> 
[  413.949852] erofs: read_super, device -> /dev/loop5
07:08:23 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf003f00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  413.982094] erofs: options -> 
[  413.995688] erofs: unmounted for /dev/loop4
[  414.006988] erofs: bogus i_mode (300) @ nid 36
[  414.019588] erofs: read_super, device -> /dev/loop2
[  414.024616] erofs: options -> 
07:08:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x40000001, 0x0, 0x0, 0x0)

[  414.075389] erofs: read_super, device -> /dev/loop0
[  414.088344] erofs: options -> 
[  414.108660] erofs: cannot read erofs superblock
[  414.119041] erofs: read_super, device -> /dev/loop4
[  414.119080] erofs: unmounted for /dev/loop2
[  414.130929] erofs: options -> 
[  414.225001] erofs: unmounted for /dev/loop4
07:08:24 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9400, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:24 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:24 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbd030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:24 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:24 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0}], 0x808002, &(0x7f0000000040))

07:08:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x80000007, 0x0, 0x0, 0x0)

[  414.661703] erofs: read_super, device -> /dev/loop0
[  414.677805] erofs: read_super, device -> /dev/loop4
[  414.677808] erofs: read_super, device -> /dev/loop5
[  414.677817] erofs: options -> 
[  414.682828] erofs: options -> 
[  414.695232] erofs: read_super, device -> /dev/loop2
07:08:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x80000008, 0x0, 0x0, 0x0)

07:08:24 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004100000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  414.715439] erofs: options -> 
[  414.725701] erofs: options -> 
[  414.742336] erofs: cannot read erofs superblock
[  414.756616] erofs: unmounted for /dev/loop4
[  414.761039] erofs: bogus i_mode (0) @ nid 36
07:08:24 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0}], 0x808002, &(0x7f0000000040))

07:08:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x80000019, 0x0, 0x0, 0x0)

07:08:24 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:24 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbe030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  414.930693] erofs: read_super, device -> /dev/loop4
[  414.945643] erofs: options -> 
[  414.952231] erofs: unmounted for /dev/loop2
[  414.996902] erofs: unmounted for /dev/loop4
[  415.006286] erofs: read_super, device -> /dev/loop0
[  415.012936] erofs: read_super, device -> /dev/loop5
[  415.030627] erofs: options -> 
[  415.031815] erofs: options -> 
[  415.033902] erofs: bogus i_mode (0) @ nid 36
[  415.052164] erofs: cannot read erofs superblock
[  415.149370] erofs: read_super, device -> /dev/loop2
[  415.164062] erofs: options -> 
[  415.204289] erofs: unmounted for /dev/loop2
07:08:25 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9500, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:25 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004200000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x8000001a, 0x0, 0x0, 0x0)

07:08:25 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:25 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:25 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbf030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  415.556307] erofs: read_super, device -> /dev/loop4
[  415.562897] erofs: read_super, device -> /dev/loop5
[  415.568098] erofs: options -> 
[  415.571965] erofs: options -> 
[  415.582139] erofs: bogus i_mode (0) @ nid 36
[  415.584137] erofs: read_super, device -> /dev/loop0
[  415.600855] erofs: options -> 
07:08:25 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004300000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:25 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  415.606734] erofs: read_super, device -> /dev/loop2
[  415.626821] erofs: options -> 
[  415.631251] erofs: bogus i_mode (0) @ nid 36
[  415.638861] erofs: unmounted for /dev/loop4
07:08:25 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x8000001d, 0x0, 0x0, 0x0)

07:08:25 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc0030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  415.785764] erofs: read_super, device -> /dev/loop0
[  415.804710] erofs: unmounted for /dev/loop2
[  415.809055] erofs: options -> 
[  415.814937] erofs: bogus i_mode (0) @ nid 36
07:08:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0xc0000000, 0x0, 0x0, 0x0)

[  415.911970] erofs: read_super, device -> /dev/loop5
[  415.919829] erofs: read_super, device -> /dev/loop4
[  415.961777] erofs: options -> 
[  415.967680] erofs: options -> 
[  415.977140] erofs: cannot find valid erofs superblock
[  416.024858] erofs: unmounted for /dev/loop4
[  416.110423] erofs: read_super, device -> /dev/loop2
[  416.126277] erofs: options -> 
[  416.168746] erofs: unmounted for /dev/loop2
07:08:26 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9600, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:26 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:26 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004400000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:26 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0xc0000001, 0x0, 0x0, 0x0)

07:08:26 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc1030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  416.494638] erofs: read_super, device -> /dev/loop4
[  416.500652] erofs: options -> 
[  416.510205] erofs: read_super, device -> /dev/loop5
[  416.515781] erofs: read_super, device -> /dev/loop2
[  416.529204] erofs: options -> 
[  416.534680] erofs: read_super, device -> /dev/loop0
[  416.544247] erofs: options -> 
[  416.569773] erofs: cannot find valid erofs superblock
07:08:26 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc2030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:26 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004500000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0xffffff1f, 0x0, 0x0, 0x0)

07:08:26 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  416.593391] erofs: options -> 
[  416.608918] erofs: bogus i_mode (0) @ nid 36
[  416.610291] erofs: unmounted for /dev/loop2
[  416.629176] erofs: unmounted for /dev/loop4
07:08:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x2, 0x0, 0x0)

07:08:26 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  416.867778] erofs: read_super, device -> /dev/loop4
[  416.873283] erofs: read_super, device -> /dev/loop2
[  416.881710] erofs: options -> 
[  416.885403] erofs: options -> 
[  416.891365] erofs: read_super, device -> /dev/loop5
[  416.898835] erofs: read_super, device -> /dev/loop0
[  416.908528] erofs: options -> 
[  416.914232] erofs: options -> 
[  416.919608] erofs: cannot find valid erofs superblock
[  416.925351] erofs: bogus i_mode (0) @ nid 36
[  416.945114] erofs: unmounted for /dev/loop4
[  416.972044] erofs: unmounted for /dev/loop2
07:08:27 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9700, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:27 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004600000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x4, 0x0, 0x0)

07:08:27 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc3030000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:27 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:27 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  417.399242] erofs: read_super, device -> /dev/loop0
[  417.404294] erofs: options -> 
[  417.413720] erofs: bogus i_mode (0) @ nid 36
[  417.424865] erofs: read_super, device -> /dev/loop2
[  417.438108] erofs: options -> 
[  417.469269] erofs: read_super, device -> /dev/loop4
[  417.469293] erofs: read_super, device -> /dev/loop5
[  417.475915] erofs: options -> 
07:08:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x5, 0x0, 0x0)

07:08:27 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc8260000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:27 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:27 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004700000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  417.533682] erofs: options -> 
[  417.545538] erofs: unmounted for /dev/loop2
[  417.561217] erofs: cannot find valid erofs superblock
[  417.571093] erofs: unmounted for /dev/loop4
[  417.653741] erofs: read_super, device -> /dev/loop0
[  417.666101] erofs: options -> 
[  417.673109] erofs: bogus i_mode (0) @ nid 36
[  417.682822] erofs: read_super, device -> /dev/loop2
07:08:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x6, 0x0, 0x0)

07:08:27 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  417.712953] erofs: options -> 
[  417.763132] erofs: read_super, device -> /dev/loop4
[  417.800216] erofs: unmounted for /dev/loop2
[  417.805848] erofs: options -> 
[  417.879856] erofs: read_super, device -> /dev/loop5
[  417.884968] erofs: options -> 
[  417.887093] erofs: unmounted for /dev/loop4
[  417.890267] erofs: cannot find valid erofs superblock
07:08:28 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd8000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:28 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:28 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004800000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x7, 0x0, 0x0)

07:08:28 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9800, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:28 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  418.343968] erofs: read_super, device -> /dev/loop2
[  418.343984] erofs: read_super, device -> /dev/loop0
[  418.351668] erofs: read_super, device -> /dev/loop4
[  418.354231] erofs: read_super, device -> /dev/loop5
[  418.364319] erofs: options -> 
[  418.368053] erofs: options -> 
[  418.375817] erofs: bogus i_mode (0) @ nid 36
07:08:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x9, 0x0, 0x0)

[  418.399739] erofs: options -> 
[  418.414882] erofs: options -> 
[  418.424516] erofs: cannot find valid erofs superblock
07:08:28 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd9000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:28 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:28 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004900000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  418.486667] erofs: unmounted for /dev/loop2
07:08:28 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  418.518284] erofs: unmounted for /dev/loop4
[  418.584456] erofs: read_super, device -> /dev/loop0
07:08:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xa, 0x0, 0x0)

[  418.608802] erofs: options -> 
[  418.623960] erofs: bogus i_mode (0) @ nid 36
07:08:28 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:28 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004a00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  418.700804] erofs: read_super, device -> /dev/loop5
[  418.705848] erofs: options -> 
[  418.711221] erofs: read_super, device -> /dev/loop4
[  418.717139] erofs: read_super, device -> /dev/loop2
[  418.722228] erofs: options -> 
[  418.729244] erofs: options -> 
[  418.733651] erofs: cannot find valid erofs superblock
07:08:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xb, 0x0, 0x0)

07:08:28 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf0ffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  418.773067] erofs: unmounted for /dev/loop4
[  418.811224] erofs: unmounted for /dev/loop2
[  418.904545] erofs: read_super, device -> /dev/loop0
[  418.924992] erofs: options -> 
[  418.936472] erofs: bogus i_mode (0) @ nid 36
[  418.945261] erofs: read_super, device -> /dev/loop2
[  418.952504] erofs: options -> 
[  418.959874] erofs: read_super, device -> /dev/loop4
[  418.965591] erofs: options -> 
[  419.010330] erofs: unmounted for /dev/loop4
[  419.033152] erofs: unmounted for /dev/loop2
07:08:28 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9900, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:28 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xd, 0x0, 0x0)

07:08:28 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004b00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:28 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:28 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf5ffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  419.264559] erofs: read_super, device -> /dev/loop2
[  419.272032] erofs: read_super, device -> /dev/loop5
[  419.275977] erofs: options -> 
[  419.293253] erofs: options -> 
[  419.304724] erofs: cannot find valid erofs superblock
07:08:29 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf6ffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  419.354539] erofs: unmounted for /dev/loop2
[  419.367879] erofs: read_super, device -> /dev/loop0
[  419.373209] erofs: read_super, device -> /dev/loop4
[  419.394102] erofs: options -> 
[  419.400274] erofs: options -> 
07:08:29 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x50, 0x0, 0x0)

[  419.427589] erofs: bogus i_mode (0) @ nid 36
07:08:29 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004c00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:29 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  419.506572] erofs: unmounted for /dev/loop4
[  419.748925] erofs: read_super, device -> /dev/loop4
[  419.750937] erofs: read_super, device -> /dev/loop5
[  419.767006] erofs: options -> 
[  419.770542] erofs: options -> 
[  419.773875] erofs: cannot find valid erofs superblock
[  419.779420] erofs: read_super, device -> /dev/loop0
[  419.784132] erofs: read_super, device -> /dev/loop2
[  419.784646] erofs: options -> 
[  419.810298] erofs: bogus i_mode (0) @ nid 36
07:08:29 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  419.832614] erofs: options -> 
[  419.901709] erofs: unmounted for /dev/loop4
[  419.942955] erofs: unmounted for /dev/loop2
[  420.003298] erofs: read_super, device -> /dev/loop5
[  420.015914] erofs: options -> 
[  420.023619] erofs: blksize 1 isn't supported on this platform
07:08:29 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9a00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xc0, 0x0, 0x0)

07:08:29 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004d00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:29 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfcfdffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:29 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:29 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  420.197991] erofs: read_super, device -> /dev/loop5
[  420.203352] erofs: read_super, device -> /dev/loop2
[  420.208905] erofs: read_super, device -> /dev/loop4
[  420.220725] erofs: options -> 
[  420.224100] erofs: options -> 
[  420.233431] erofs: options -> 
[  420.243993] erofs: blksize 1 isn't supported on this platform
[  420.268873] erofs: read_super, device -> /dev/loop0
07:08:30 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfdfdffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  420.302981] erofs: options -> 
07:08:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x500, 0x0, 0x0)

07:08:30 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004e00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  420.323242] erofs: unmounted for /dev/loop2
[  420.328444] erofs: bogus i_mode (0) @ nid 36
07:08:30 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  420.363695] erofs: unmounted for /dev/loop4
07:08:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x600, 0x0, 0x0)

07:08:30 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  420.484305] erofs: read_super, device -> /dev/loop5
[  420.489902] erofs: read_super, device -> /dev/loop2
[  420.496179] erofs: options -> 
[  420.515458] erofs: blksize 1 isn't supported on this platform
[  420.524116] erofs: options -> 
[  420.581369] erofs: read_super, device -> /dev/loop4
[  420.602231] erofs: options -> 
[  420.612599] erofs: read_super, device -> /dev/loop0
[  420.621921] erofs: options -> 
[  420.621955] erofs: unmounted for /dev/loop2
[  420.637022] erofs: bogus i_mode (300) @ nid 36
[  420.661509] erofs: unmounted for /dev/loop4
07:08:30 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9b00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:30 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:30 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfeffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:30 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf004f00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x700, 0x0, 0x0)

07:08:30 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:30 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  421.116262] erofs: read_super, device -> /dev/loop5
[  421.123388] erofs: options -> 
[  421.132022] erofs: read_super, device -> /dev/loop2
[  421.137225] erofs: options -> 
[  421.142204] erofs: blksize 1 isn't supported on this platform
[  421.143335] erofs: read_super, device -> /dev/loop4
07:08:30 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xff0f0000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  421.189718] erofs: options -> 
[  421.202645] erofs: read_super, device -> /dev/loop0
[  421.222004] erofs: options -> 
07:08:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x900, 0x0, 0x0)

07:08:31 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  421.243850] erofs: bogus i_mode (300) @ nid 36
[  421.249010] erofs: unmounted for /dev/loop2
[  421.298257] erofs: unmounted for /dev/loop4
07:08:31 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  421.351272] erofs: read_super, device -> /dev/loop5
[  421.357338] erofs: options -> 
[  421.361795] erofs: blksize 1 isn't supported on this platform
[  421.431592] erofs: read_super, device -> /dev/loop2
[  421.450598] erofs: options -> 
[  421.459793] erofs: read_super, device -> /dev/loop4
07:08:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xa00, 0x0, 0x0)

[  421.479813] erofs: options -> 
[  421.526060] erofs: unmounted for /dev/loop2
[  421.529680] erofs: read_super, device -> /dev/loop0
[  421.539906] erofs: options -> 
[  421.550572] erofs: unmounted for /dev/loop4
[  421.556847] erofs: bogus i_mode (300) @ nid 36
07:08:31 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9c00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:31 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:31 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffff1f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:31 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005100000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xb00, 0x0, 0x0)

07:08:31 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  422.097134] erofs: read_super, device -> /dev/loop5
[  422.099490] erofs: read_super, device -> /dev/loop0
[  422.102225] erofs: options -> 
[  422.112421] erofs: read_super, device -> /dev/loop2
[  422.122993] erofs: read_super, device -> /dev/loop4
[  422.132292] erofs: options -> 
[  422.138319] erofs: options -> 
07:08:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xd00, 0x0, 0x0)

[  422.152023] erofs: bogus i_mode (0) @ nid 36
[  422.159112] erofs: options -> 
[  422.187153] erofs: blksize 1 isn't supported on this platform
07:08:32 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:32 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffdfc, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:32 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005200000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  422.264037] erofs: unmounted for /dev/loop2
[  422.270600] erofs: unmounted for /dev/loop4
07:08:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x2000, 0x0, 0x0)

07:08:32 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  422.359259] erofs: read_super, device -> /dev/loop0
[  422.364303] erofs: options -> 
[  422.378524] erofs: bogus i_mode (0) @ nid 36
[  422.464626] erofs: read_super, device -> /dev/loop5
[  422.465408] erofs: read_super, device -> /dev/loop4
[  422.472217] erofs: options -> 
[  422.482175] erofs: bogus i_mode (0) @ nid 0
[  422.487184] erofs: options -> 
[  422.525574] erofs: read_super, device -> /dev/loop2
[  422.546587] erofs: options -> 
[  422.581198] erofs: unmounted for /dev/loop4
[  422.610251] erofs: unmounted for /dev/loop2
07:08:32 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9d00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:32 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:32 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005300000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:32 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x5000, 0x0, 0x0)

07:08:32 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffdfd, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  423.026136] erofs: read_super, device -> /dev/loop0
[  423.031314] erofs: options -> 
[  423.034350] erofs: read_super, device -> /dev/loop4
[  423.039911] erofs: read_super, device -> /dev/loop5
[  423.045287] erofs: read_super, device -> /dev/loop2
[  423.048603] erofs: bogus i_mode (0) @ nid 36
[  423.058697] erofs: options -> 
[  423.064092] erofs: options -> 
[  423.071672] erofs: options -> 
[  423.085574] erofs: bogus i_mode (0) @ nid 0
07:08:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x200000, 0x0, 0x0)

07:08:32 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:32 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005400000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:32 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff7f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:32 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x80ffff, 0x0, 0x0)

[  423.191571] erofs: unmounted for /dev/loop4
[  423.201688] erofs: unmounted for /dev/loop2
[  423.295055] erofs: read_super, device -> /dev/loop0
[  423.309764] erofs: read_super, device -> /dev/loop4
[  423.315752] erofs: options -> 
[  423.324777] erofs: options -> 
[  423.334951] erofs: cannot find valid erofs superblock
[  423.356433] erofs: read_super, device -> /dev/loop5
[  423.373322] erofs: options -> 
[  423.381316] erofs: bogus i_mode (0) @ nid 0
[  423.388561] erofs: unmounted for /dev/loop4
[  423.467569] erofs: read_super, device -> /dev/loop2
[  423.474936] erofs: options -> 
[  423.517706] erofs: unmounted for /dev/loop2
07:08:33 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9e00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:33 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005500000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:33 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x1000000, 0x0, 0x0)

07:08:33 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:33 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff8c, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  423.913803] erofs: read_super, device -> /dev/loop2
[  423.915823] erofs: read_super, device -> /dev/loop5
[  423.923946] erofs: options -> 
[  423.934576] erofs: cannot find valid erofs superblock
[  423.935057] erofs: options -> 
[  423.950606] erofs: read_super, device -> /dev/loop4
[  423.976477] erofs: options -> 
[  423.997829] erofs: read_super, device -> /dev/loop0
[  424.032465] erofs: options -> 
07:08:33 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005600000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:33 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x1000040, 0x0, 0x0)

07:08:33 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffff0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  424.052924] erofs: cannot find valid erofs superblock
[  424.068585] erofs: unmounted for /dev/loop4
[  424.096254] erofs: unmounted for /dev/loop2
07:08:33 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  424.201087] erofs: read_super, device -> /dev/loop5
07:08:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x1000080, 0x0, 0x0)

[  424.222987] erofs: options -> 
[  424.235364] erofs: read_super, device -> /dev/loop4
[  424.242585] erofs: cannot find valid erofs superblock
[  424.253923] erofs: options -> 
[  424.336299] erofs: read_super, device -> /dev/loop2
[  424.341918] erofs: read_super, device -> /dev/loop0
[  424.354186] erofs: options -> 
[  424.361247] erofs: options -> 
[  424.368561] erofs: unmounted for /dev/loop4
[  424.381464] erofs: cannot find valid erofs superblock
[  424.504303] erofs: unmounted for /dev/loop2
07:08:34 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x9f00, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:34 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005700000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:34 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:34 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffff5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:34 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x10000c0, 0x0, 0x0)

[  424.818702] erofs: read_super, device -> /dev/loop5
[  424.836096] erofs: read_super, device -> /dev/loop0
[  424.845438] erofs: options -> 
[  424.856800] erofs: options -> 
07:08:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x1010000, 0x0, 0x0)

[  424.864179] erofs: cannot find valid erofs superblock
[  424.864681] erofs: read_super, device -> /dev/loop2
[  424.885378] erofs: cannot find valid erofs superblock
[  424.894002] erofs: read_super, device -> /dev/loop4
[  424.910610] erofs: options -> 
[  424.913999] erofs: options -> 
07:08:34 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:34 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005800000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:34 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffff6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:34 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  425.014151] erofs: unmounted for /dev/loop4
[  425.022758] erofs: unmounted for /dev/loop2
[  425.071229] erofs: read_super, device -> /dev/loop5
[  425.088808] erofs: options -> 
[  425.092427] erofs: root inode @ nid 36
[  425.109382] erofs: mounted on /dev/loop5 with opts: .
07:08:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x2000000, 0x0, 0x0)

[  425.175829] erofs: read_super, device -> /dev/loop2
[  425.180871] erofs: options -> 
[  425.188136] erofs: unmounted for /dev/loop5
[  425.194322] erofs: read_super, device -> /dev/loop4
[  425.202555] erofs: read_super, device -> /dev/loop0
[  425.212382] erofs: options -> 
[  425.216968] erofs: options -> 
[  425.224927] erofs: cannot find valid erofs superblock
[  425.275743] erofs: unmounted for /dev/loop4
[  425.280943] erofs: unmounted for /dev/loop2
07:08:35 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0xa000, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:35 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

07:08:35 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005900000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:35 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffffe, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:35 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x4000000, 0x0, 0x0)

07:08:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x5000000, 0x0, 0x0)

07:08:35 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

[  425.780837] erofs: read_super, device -> /dev/loop2
[  425.793892] erofs: options -> 
[  425.816118] erofs: read_super, device -> /dev/loop4
[  425.825624] erofs: options -> 
[  425.865966] erofs: read_super, device -> /dev/loop0
[  425.870996] erofs: options -> 
[  425.874503] erofs: cannot find valid erofs superblock
07:08:35 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005a00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  425.945662] erofs: unmounted for /dev/loop4
07:08:35 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:35 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  426.015508] erofs: unmounted for /dev/loop2
07:08:35 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

[  426.135784] erofs: read_super, device -> /dev/loop4
[  426.143067] erofs: options -> 
[  426.185079] erofs: read_super, device -> /dev/loop0
[  426.218604] erofs: options -> 
[  426.234708] erofs: cannot find valid erofs superblock
[  426.245343] erofs: read_super, device -> /dev/loop2
[  426.275505] erofs: options -> 
[  426.279640] erofs: unmounted for /dev/loop4
[  426.443976] erofs: unmounted for /dev/loop2
07:08:36 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0xffffff1f, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x6000000, 0x0, 0x0)

07:08:36 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005b00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:36 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:36 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:36 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  426.669768] erofs: read_super, device -> /dev/loop0
[  426.680971] erofs: read_super, device -> /dev/loop5
[  426.694220] erofs: read_super, device -> /dev/loop4
[  426.699421] erofs: options -> 
[  426.704541] erofs: read_super, device -> /dev/loop2
[  426.709783] erofs: options -> 
[  426.713181] erofs: cannot find valid erofs superblock
[  426.722291] erofs: options -> 
[  426.730518] erofs: options -> 
[  426.734477] erofs: bogus i_mode (0) @ nid 36
07:08:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x7000000, 0x0, 0x0)

07:08:36 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:36 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005c00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:36 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  426.851876] erofs: unmounted for /dev/loop4
07:08:36 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd9000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x7000080, 0x0, 0x0)

[  426.886741] erofs: unmounted for /dev/loop2
[  426.952694] erofs: read_super, device -> /dev/loop2
[  426.958118] erofs: read_super, device -> /dev/loop4
[  426.962732] erofs: read_super, device -> /dev/loop0
[  426.963793] erofs: options -> 
[  426.983111] erofs: options -> 
[  426.992708] erofs: cannot find valid erofs superblock
[  427.005191] erofs: options -> 
[  427.022023] erofs: unmounted for /dev/loop4
[  427.029595] erofs: read_super, device -> /dev/loop5
[  427.049813] erofs: options -> 
[  427.145163] erofs: unmounted for /dev/loop2
[  427.165989] erofs: unmounted for /dev/loop5
07:08:37 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6823717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:37 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005d00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x8000080, 0x0, 0x0)

07:08:37 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:37 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x100000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:37 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  427.584228] erofs: read_super, device -> /dev/loop5
[  427.587576] erofs: read_super, device -> /dev/loop4
[  427.594391] erofs: read_super, device -> /dev/loop0
[  427.594397] erofs: options -> 
[  427.594773] erofs: read_super, device -> /dev/loop2
[  427.611400] erofs: blksize 1 isn't supported on this platform
[  427.621257] erofs: options -> 
[  427.625068] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  427.642865] erofs: options -> 
[  427.659682] erofs: options -> 
07:08:37 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:37 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:37 executing program 5 (fault-call:0 fault-nth:0):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x9000000, 0x0, 0x0)

07:08:37 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005e00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  427.751867] erofs: unmounted for /dev/loop2
[  427.770716] erofs: unmounted for /dev/loop5
07:08:37 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6825717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  427.800675] erofs: unmounted for /dev/loop4
[  427.825127] FAULT_INJECTION: forcing a failure.
[  427.825127] name failslab, interval 1, probability 0, space 0, times 0
[  427.837122] CPU: 0 PID: 27124 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  427.845008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  427.854340] Call Trace:
[  427.856910]  dump_stack+0x1fc/0x2ef
[  427.860540]  should_fail.cold+0xa/0xf
[  427.864334]  ? setup_fault_attr+0x200/0x200
[  427.868719]  ? lock_acquire+0x170/0x3c0
[  427.872673]  __should_failslab+0x115/0x180
[  427.876886]  should_failslab+0x5/0x10
[  427.880670]  __kmalloc+0x2ab/0x3c0
[  427.884188]  ? __se_sys_memfd_create+0xf8/0x440
[  427.888837]  __se_sys_memfd_create+0xf8/0x440
[  427.893575]  ? memfd_file_seals_ptr+0x150/0x150
[  427.898225]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  427.903566]  ? trace_hardirqs_off_caller+0x6e/0x210
[  427.908560]  ? do_syscall_64+0x21/0x620
[  427.912631]  do_syscall_64+0xf9/0x620
[  427.916412]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  427.921576] RIP: 0033:0x4665d9
[  427.924753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  427.943633] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  427.951322] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665d9
[  427.958568] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00000000004bee66
[  427.965811] RBP: 0000000000000003 R08: 0000000000001000 R09: ffffffffffffffff
07:08:37 executing program 5 (fault-call:0 fault-nth:1):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  427.973070] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  427.980336] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020000040
07:08:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xa000000, 0x0, 0x0)

[  428.062226] erofs: read_super, device -> /dev/loop0
[  428.076131] erofs: options -> 
[  428.080659] erofs: blksize 1 isn't supported on this platform
[  428.092795] erofs: read_super, device -> /dev/loop4
[  428.098039] erofs: options -> 
[  428.105766] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  428.109276] FAULT_INJECTION: forcing a failure.
[  428.109276] name failslab, interval 1, probability 0, space 0, times 0
[  428.125422] CPU: 1 PID: 27147 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  428.133303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  428.142639] Call Trace:
[  428.145214]  dump_stack+0x1fc/0x2ef
[  428.148823]  should_fail.cold+0xa/0xf
[  428.152607]  ? setup_fault_attr+0x200/0x200
[  428.156911]  ? lock_acquire+0x170/0x3c0
[  428.160891]  __should_failslab+0x115/0x180
[  428.165109]  should_failslab+0x5/0x10
[  428.168891]  kmem_cache_alloc+0x277/0x370
[  428.173019]  ? shmem_destroy_callback+0xb0/0xb0
[  428.177666]  shmem_alloc_inode+0x18/0x40
[  428.181708]  ? shmem_destroy_callback+0xb0/0xb0
[  428.186377]  alloc_inode+0x5d/0x180
[  428.189981]  new_inode+0x1d/0xf0
[  428.193335]  shmem_get_inode+0x96/0x8d0
[  428.197397]  __shmem_file_setup.part.0+0x7a/0x2b0
[  428.202244]  shmem_file_setup+0x61/0x90
[  428.206290]  __se_sys_memfd_create+0x26b/0x440
[  428.210873]  ? memfd_file_seals_ptr+0x150/0x150
[  428.215534]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  428.220889]  ? trace_hardirqs_off_caller+0x6e/0x210
[  428.225891]  ? do_syscall_64+0x21/0x620
[  428.229846]  do_syscall_64+0xf9/0x620
[  428.233630]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  428.238806] RIP: 0033:0x4665d9
[  428.241976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  428.260946] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  428.268640] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665d9
[  428.275899] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00000000004bee66
[  428.283165] RBP: 0000000000000003 R08: 0000000000001000 R09: ffffffffffffffff
[  428.290425] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  428.297683] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020000040
07:08:38 executing program 5 (fault-call:0 fault-nth:2):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  428.317574] erofs: read_super, device -> /dev/loop2
[  428.322894] erofs: options -> 
07:08:38 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf005f00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:38 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:38 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  428.387206] erofs: unmounted for /dev/loop4
07:08:38 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="682a717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  428.413286] erofs: unmounted for /dev/loop2
07:08:38 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xb000000, 0x0, 0x0)

[  428.455888] FAULT_INJECTION: forcing a failure.
[  428.455888] name failslab, interval 1, probability 0, space 0, times 0
[  428.472042] CPU: 0 PID: 27173 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  428.479931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  428.489962] Call Trace:
[  428.492532]  dump_stack+0x1fc/0x2ef
[  428.496139]  should_fail.cold+0xa/0xf
[  428.499915]  ? setup_fault_attr+0x200/0x200
[  428.504210]  ? lock_acquire+0x170/0x3c0
[  428.508164]  __should_failslab+0x115/0x180
[  428.512377]  should_failslab+0x5/0x10
[  428.516159]  kmem_cache_alloc+0x277/0x370
[  428.520336]  __d_alloc+0x2b/0xa10
[  428.523772]  d_alloc_pseudo+0x19/0x70
[  428.527651]  alloc_file_pseudo+0xc6/0x250
[  428.531775]  ? alloc_file+0x4d0/0x4d0
[  428.535553]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  428.541157]  ? shmem_get_inode+0x44c/0x8d0
[  428.545384]  __shmem_file_setup.part.0+0x102/0x2b0
[  428.550295]  shmem_file_setup+0x61/0x90
[  428.554253]  __se_sys_memfd_create+0x26b/0x440
[  428.558871]  ? memfd_file_seals_ptr+0x150/0x150
[  428.563542]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  428.568887]  ? trace_hardirqs_off_caller+0x6e/0x210
[  428.573888]  ? do_syscall_64+0x21/0x620
[  428.577938]  do_syscall_64+0xf9/0x620
[  428.581728]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  428.586892] RIP: 0033:0x4665d9
[  428.590067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  428.609041] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  428.616726] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665d9
[  428.623974] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00000000004bee66
[  428.631233] RBP: 0000000000000003 R08: 0000000000001000 R09: ffffffffffffffff
[  428.638476] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  428.645744] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020000040
07:08:38 executing program 5 (fault-call:0 fault-nth:3):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  428.683292] erofs: read_super, device -> /dev/loop4
[  428.683818] erofs: read_super, device -> /dev/loop0
[  428.694392] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  428.706978] erofs: options -> 
[  428.712553] erofs: options -> 
[  428.717291] erofs: blksize 1 isn't supported on this platform
07:08:38 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xd000000, 0x0, 0x0)

07:08:38 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="682b717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  428.794782] FAULT_INJECTION: forcing a failure.
[  428.794782] name failslab, interval 1, probability 0, space 0, times 0
[  428.812722] CPU: 1 PID: 27204 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  428.820629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  428.823170] erofs: read_super, device -> /dev/loop2
[  428.829980] Call Trace:
[  428.830002]  dump_stack+0x1fc/0x2ef
[  428.830020]  should_fail.cold+0xa/0xf
07:08:38 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  428.830038]  ? setup_fault_attr+0x200/0x200
[  428.830053]  ? lock_acquire+0x170/0x3c0
[  428.830070]  __should_failslab+0x115/0x180
[  428.830085]  should_failslab+0x5/0x10
[  428.861572]  kmem_cache_alloc+0x277/0x370
[  428.865729]  __alloc_file+0x21/0x330
[  428.869450]  alloc_empty_file+0x6d/0x170
[  428.873515]  alloc_file+0x5e/0x4d0
[  428.877060]  alloc_file_pseudo+0x165/0x250
[  428.881308]  ? alloc_file+0x4d0/0x4d0
[  428.885159]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  428.890571] erofs: options -> 
[  428.890781]  ? shmem_get_inode+0x44c/0x8d0
[  428.898191]  __shmem_file_setup.part.0+0x102/0x2b0
[  428.903142]  shmem_file_setup+0x61/0x90
[  428.907120]  __se_sys_memfd_create+0x26b/0x440
[  428.911721]  ? memfd_file_seals_ptr+0x150/0x150
[  428.916399]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  428.921749]  ? trace_hardirqs_off_caller+0x6e/0x210
[  428.926748]  ? do_syscall_64+0x21/0x620
[  428.930710]  do_syscall_64+0xf9/0x620
[  428.934496]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  428.939666] RIP: 0033:0x4665d9
[  428.942865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  428.961833] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  428.969521] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665d9
[  428.976788] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00000000004bee66
[  428.984036] RBP: 0000000000000003 R08: 0000000000001000 R09: ffffffffffffffff
07:08:38 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  428.991284] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  428.998532] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020000040
[  429.010303] erofs: unmounted for /dev/loop4
[  429.026438] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
07:08:38 executing program 5 (fault-call:0 fault-nth:4):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:38 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x19000080, 0x0, 0x0)

07:08:38 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  429.127564] erofs: read_super, device -> /dev/loop0
[  429.133806] erofs: options -> 
[  429.145042] erofs: unmounted for /dev/loop2
[  429.153350] FAULT_INJECTION: forcing a failure.
[  429.153350] name failslab, interval 1, probability 0, space 0, times 0
[  429.157996] erofs: blksize 1 isn't supported on this platform
[  429.169284] CPU: 0 PID: 27235 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  429.178439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  429.187785] Call Trace:
[  429.190378]  dump_stack+0x1fc/0x2ef
[  429.194005]  should_fail.cold+0xa/0xf
[  429.197792]  ? setup_fault_attr+0x200/0x200
[  429.202098]  ? lock_acquire+0x170/0x3c0
[  429.206057]  __should_failslab+0x115/0x180
[  429.210277]  should_failslab+0x5/0x10
[  429.214060]  kmem_cache_alloc_trace+0x284/0x380
[  429.218721]  apparmor_file_alloc_security+0x394/0xad0
[  429.223895]  ? apparmor_file_receive+0x160/0x160
[  429.228648]  ? __alloc_file+0x21/0x330
[  429.232521]  security_file_alloc+0x40/0x90
[  429.236740]  __alloc_file+0xc9/0x330
[  429.240437]  alloc_empty_file+0x6d/0x170
[  429.244887]  alloc_file+0x5e/0x4d0
[  429.248411]  alloc_file_pseudo+0x165/0x250
[  429.252626]  ? alloc_file+0x4d0/0x4d0
[  429.256407]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  429.262010]  ? shmem_get_inode+0x44c/0x8d0
[  429.266223]  __shmem_file_setup.part.0+0x102/0x2b0
[  429.271136]  shmem_file_setup+0x61/0x90
[  429.275092]  __se_sys_memfd_create+0x26b/0x440
[  429.279655]  ? memfd_file_seals_ptr+0x150/0x150
[  429.284315]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  429.289678]  ? trace_hardirqs_off_caller+0x6e/0x210
[  429.294685]  ? do_syscall_64+0x21/0x620
[  429.298638]  do_syscall_64+0xf9/0x620
[  429.302425]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  429.307592] RIP: 0033:0x4665d9
07:08:39 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="682d717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  429.310766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  429.329646] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  429.337335] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665d9
[  429.344592] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00000000004bee66
[  429.351857] RBP: 0000000000000003 R08: 0000000000001000 R09: ffffffffffffffff
[  429.359192] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  429.366437] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020000040
07:08:39 executing program 5 (fault-call:0 fault-nth:5):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x1a000080, 0x0, 0x0)

07:08:39 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  429.452580] erofs: read_super, device -> /dev/loop2
[  429.460192] erofs: read_super, device -> /dev/loop4
[  429.465224] erofs: options -> 
[  429.471121] erofs: options -> 
[  429.472329] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
07:08:39 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006100000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  429.511502] FAULT_INJECTION: forcing a failure.
[  429.511502] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  429.527915] erofs: unmounted for /dev/loop4
[  429.551789] CPU: 1 PID: 27260 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  429.559676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  429.569009] Call Trace:
[  429.571579]  dump_stack+0x1fc/0x2ef
[  429.575188]  should_fail.cold+0xa/0xf
[  429.578970]  ? lock_acquire+0x170/0x3c0
[  429.582931]  ? setup_fault_attr+0x200/0x200
[  429.587235]  __alloc_pages_nodemask+0x239/0x2890
[  429.591971]  ? __lock_acquire+0x6de/0x3ff0
[  429.596185]  ? static_obj+0x50/0x50
[  429.599793]  ? __lock_acquire+0x6de/0x3ff0
[  429.604010]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  429.608855]  ? __lock_acquire+0x6de/0x3ff0
[  429.613080]  ? mark_held_locks+0xf0/0xf0
[  429.617123]  ? unwind_next_frame+0xeee/0x1400
[  429.621599]  ? mark_held_locks+0xf0/0xf0
[  429.625637]  ? deref_stack_reg+0x134/0x1d0
[  429.629847]  ? get_reg+0x176/0x1f0
[  429.633364]  ? __read_once_size_nocheck.constprop.0+0x10/0x10
[  429.639229]  alloc_pages_vma+0xf2/0x780
[  429.643198]  shmem_alloc_page+0x11c/0x1f0
[  429.647325]  ? shmem_swapin+0x220/0x220
[  429.651292]  ? percpu_counter_add_batch+0x126/0x180
[  429.656288]  ? __vm_enough_memory+0x316/0x650
[  429.660778]  shmem_alloc_and_acct_page+0x15a/0x850
[  429.665696]  shmem_getpage_gfp+0x4e9/0x37f0
[  429.670003]  ? shmem_alloc_and_acct_page+0x850/0x850
[  429.675092]  ? mark_held_locks+0xa6/0xf0
[  429.679135]  ? ktime_get_coarse_real_ts64+0x1c7/0x290
[  429.684304]  ? iov_iter_fault_in_readable+0x1fc/0x3f0
[  429.689510]  shmem_write_begin+0xff/0x1e0
[  429.693639]  generic_perform_write+0x1f8/0x4d0
[  429.698203]  ? filemap_page_mkwrite+0x2f0/0x2f0
[  429.702851]  ? current_time+0x1c0/0x1c0
[  429.706808]  ? lock_acquire+0x170/0x3c0
[  429.710765]  __generic_file_write_iter+0x24b/0x610
[  429.715688]  generic_file_write_iter+0x3f8/0x730
[  429.720429]  __vfs_write+0x51b/0x770
[  429.724149]  ? kernel_read+0x110/0x110
[  429.728019]  ? check_preemption_disabled+0x41/0x280
[  429.733033]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  429.738029]  vfs_write+0x1f3/0x540
[  429.741553]  __x64_sys_pwrite64+0x1f7/0x250
[  429.745866]  ? ksys_pwrite64+0x1a0/0x1a0
[  429.749906]  ? trace_hardirqs_off_caller+0x6e/0x210
[  429.754897]  ? do_syscall_64+0x21/0x620
[  429.758862]  do_syscall_64+0xf9/0x620
[  429.762660]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  429.767831] RIP: 0033:0x419777
[  429.771008] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[  429.789888] RSP: 002b:00007f6d14269f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
07:08:39 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:39 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="682e717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  429.797578] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777
[  429.804827] RDX: 000000000000000f RSI: 0000000020010000 RDI: 0000000000000004
[  429.812072] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff
[  429.819316] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004
[  429.826648] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000
07:08:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x1d000080, 0x0, 0x0)

[  429.857190] erofs: unmounted for /dev/loop2
[  429.896247] erofs: read_super, device -> /dev/loop0
[  429.901556] erofs: options -> 
[  429.915938] erofs: read_super, device -> /dev/loop5
[  429.923768] erofs: blksize 1 isn't supported on this platform
[  429.925699] erofs: options -> 
[  429.931865] erofs: read_super, device -> /dev/loop4
[  429.944336] erofs: cannot find valid erofs superblock
[  429.956492] erofs: options -> 
[  429.963790] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
07:08:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x20000000, 0x0, 0x0)

07:08:39 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:39 executing program 5 (fault-call:0 fault-nth:6):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:39 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006200000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  430.056052] erofs: read_super, device -> /dev/loop2
[  430.061186] erofs: options -> 
[  430.116303] erofs: unmounted for /dev/loop4
[  430.141913] erofs: read_super, device -> /dev/loop0
[  430.147677] FAULT_INJECTION: forcing a failure.
[  430.147677] name failslab, interval 1, probability 0, space 0, times 0
[  430.159818] erofs: options -> 
[  430.163776] erofs: blksize 1 isn't supported on this platform
[  430.172367] CPU: 1 PID: 27322 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  430.180252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  430.189601] Call Trace:
[  430.192209]  dump_stack+0x1fc/0x2ef
[  430.195855]  should_fail.cold+0xa/0xf
[  430.199662]  ? setup_fault_attr+0x200/0x200
[  430.203986]  ? lock_acquire+0x170/0x3c0
[  430.207991]  __should_failslab+0x115/0x180
[  430.212223]  should_failslab+0x5/0x10
[  430.216006]  kmem_cache_alloc+0x277/0x370
[  430.220158]  getname_flags+0xce/0x590
[  430.223939]  do_sys_open+0x26c/0x520
[  430.227633]  ? filp_open+0x70/0x70
[  430.231157]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  430.236506]  ? trace_hardirqs_off_caller+0x6e/0x210
[  430.241504]  ? do_syscall_64+0x21/0x620
[  430.245459]  do_syscall_64+0xf9/0x620
[  430.249264]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  430.254436] RIP: 0033:0x4196c4
[  430.257607] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  430.276498] RSP: 002b:00007f6d14269ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  430.284183] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4
07:08:39 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:39 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6830717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x40000000, 0x0, 0x0)

07:08:40 executing program 5 (fault-call:0 fault-nth:7):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  430.291440] RDX: 0000000000000002 RSI: 00007f6d1426a000 RDI: 00000000ffffff9c
[  430.298690] RBP: 00007f6d1426a000 R08: 0000000000000000 R09: ffffffffffffffff
[  430.305952] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  430.313202] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  430.325694] erofs: unmounted for /dev/loop2
07:08:40 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  430.418224] FAULT_INJECTION: forcing a failure.
[  430.418224] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  430.420925] erofs: read_super, device -> /dev/loop4
[  430.430052] CPU: 1 PID: 27343 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  430.430062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  430.430066] Call Trace:
[  430.430088]  dump_stack+0x1fc/0x2ef
[  430.430106]  should_fail.cold+0xa/0xf
[  430.430125]  ? setup_fault_attr+0x200/0x200
[  430.430157]  ? lock_acquire+0x170/0x3c0
[  430.430173]  ? finish_task_switch+0x118/0x760
[  430.442985] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  430.443051]  ? _raw_spin_unlock_irq+0x24/0x80
[  430.462333] erofs: options -> 
[  430.490164]  __alloc_pages_nodemask+0x239/0x2890
[  430.494907]  ? finish_task_switch+0x146/0x760
[  430.499382]  ? finish_task_switch+0x118/0x760
[  430.503862]  ? switch_mm_irqs_off+0x764/0x1340
[  430.508423]  ? __schedule+0x88f/0x2040
[  430.512294]  ? io_schedule_timeout+0x140/0x140
[  430.516858]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  430.521605]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  430.526428]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  430.530998]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  430.535736]  ? retint_kernel+0x2d/0x2d
[  430.539610]  ? should_fail+0x90/0x7b0
[  430.543395]  cache_grow_begin+0xa4/0x8a0
[  430.547438]  ? setup_fault_attr+0x200/0x200
[  430.551743]  ? cache_alloc_pfmemalloc+0x1e/0x140
[  430.556481]  cache_alloc_refill+0x273/0x340
[  430.560787]  kmem_cache_alloc+0x346/0x370
[  430.564918]  getname_flags+0xce/0x590
[  430.568700]  do_sys_open+0x26c/0x520
[  430.572392]  ? filp_open+0x70/0x70
[  430.575910]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  430.581387]  ? trace_hardirqs_off_caller+0x6e/0x210
[  430.586385]  ? do_syscall_64+0x21/0x620
[  430.590345]  do_syscall_64+0xf9/0x620
[  430.594132]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  430.599303] RIP: 0033:0x4196c4
[  430.602489] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  430.621369] RSP: 002b:00007f6d14269ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  430.629056] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4
[  430.636306] RDX: 0000000000000002 RSI: 00007f6d1426a000 RDI: 00000000ffffff9c
[  430.643555] RBP: 00007f6d1426a000 R08: 0000000000000000 R09: ffffffffffffffff
[  430.650805] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  430.658054] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x40000001, 0x0, 0x0)

07:08:40 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006300000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  430.726729] erofs: read_super, device -> /dev/loop0
[  430.736452] erofs: read_super, device -> /dev/loop2
[  430.736503] erofs: unmounted for /dev/loop4
[  430.741464] erofs: options -> 
[  430.754907] erofs: read_super, device -> /dev/loop5
[  430.763237] erofs: options -> 
07:08:40 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:40 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6858717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:40 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  430.780484] erofs: bogus i_mode (0) @ nid 0
[  430.791660] erofs: options -> 
[  430.795028] erofs: unmounted for /dev/loop2
[  430.796998] erofs: root inode @ nid 36
[  430.803921] erofs: mounted on /dev/loop5 with opts: .
07:08:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x50000000, 0x0, 0x0)

07:08:40 executing program 5 (fault-call:0 fault-nth:8):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  430.905511] erofs: unmounted for /dev/loop5
[  430.905616] erofs: read_super, device -> /dev/loop4
[  430.914949] erofs: options -> 
07:08:40 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006400000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  430.957412] erofs: read_super, device -> /dev/loop0
[  430.971534] erofs: options -> 
[  430.983062] erofs: bogus i_mode (0) @ nid 0
[  430.989833] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  430.992426] FAULT_INJECTION: forcing a failure.
[  430.992426] name failslab, interval 1, probability 0, space 0, times 0
[  431.009329] erofs: unmounted for /dev/loop4
[  431.020258] CPU: 0 PID: 27401 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  431.028141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  431.037474] Call Trace:
[  431.040067]  dump_stack+0x1fc/0x2ef
[  431.043792]  should_fail.cold+0xa/0xf
[  431.047586]  ? setup_fault_attr+0x200/0x200
[  431.051886]  ? lock_acquire+0x170/0x3c0
[  431.055843]  __should_failslab+0x115/0x180
[  431.060061]  should_failslab+0x5/0x10
[  431.063851]  kmem_cache_alloc+0x277/0x370
[  431.067985]  __alloc_file+0x21/0x330
[  431.071678]  alloc_empty_file+0x6d/0x170
[  431.075719]  path_openat+0xe9/0x2df0
[  431.079431]  ? __lock_acquire+0x6de/0x3ff0
[  431.083662]  ? path_lookupat+0x8d0/0x8d0
[  431.087706]  ? mark_held_locks+0xf0/0xf0
[  431.091751]  do_filp_open+0x18c/0x3f0
[  431.095543]  ? may_open_dev+0xf0/0xf0
[  431.099323]  ? __alloc_fd+0x28d/0x570
[  431.103204]  ? lock_downgrade+0x720/0x720
[  431.107345]  ? lock_acquire+0x170/0x3c0
[  431.111305]  ? __alloc_fd+0x34/0x570
[  431.115003]  ? do_raw_spin_unlock+0x171/0x230
[  431.119526]  ? _raw_spin_unlock+0x29/0x40
[  431.123668]  ? __alloc_fd+0x28d/0x570
[  431.127468]  do_sys_open+0x3b3/0x520
[  431.131181]  ? filp_open+0x70/0x70
[  431.134703]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  431.140054]  ? trace_hardirqs_off_caller+0x6e/0x210
[  431.145046]  ? do_syscall_64+0x21/0x620
[  431.148995]  do_syscall_64+0xf9/0x620
[  431.152775]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  431.157953] RIP: 0033:0x4196c4
[  431.161125] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  431.180025] RSP: 002b:00007f6d14269ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  431.187716] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4
[  431.194969] RDX: 0000000000000002 RSI: 00007f6d1426a000 RDI: 00000000ffffff9c
07:08:41 executing program 5 (fault-call:0 fault-nth:9):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  431.202248] RBP: 00007f6d1426a000 R08: 0000000000000000 R09: ffffffffffffffff
[  431.209497] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  431.216942] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:41 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x80000007, 0x0, 0x0)

07:08:41 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:41 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x80000008, 0x0, 0x0)

07:08:41 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x800000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  431.321877] erofs: read_super, device -> /dev/loop2
[  431.328958] erofs: options -> 
07:08:41 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6863717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  431.362643] erofs: unmounted for /dev/loop2
[  431.377079] erofs: read_super, device -> /dev/loop0
[  431.382255] erofs: options -> 
[  431.389175] erofs: bogus i_mode (0) @ nid 0
07:08:41 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x80000019, 0x0, 0x0)

[  431.446932] FAULT_INJECTION: forcing a failure.
[  431.446932] name failslab, interval 1, probability 0, space 0, times 0
[  431.459613] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  431.461387] erofs: read_super, device -> /dev/loop4
[  431.467365] CPU: 0 PID: 27451 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  431.475688] erofs: options -> 
[  431.480197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  431.480204] Call Trace:
[  431.480230]  dump_stack+0x1fc/0x2ef
[  431.480254]  should_fail.cold+0xa/0xf
[  431.502745]  ? setup_fault_attr+0x200/0x200
[  431.507071]  ? lock_acquire+0x170/0x3c0
[  431.511055]  __should_failslab+0x115/0x180
[  431.515298]  should_failslab+0x5/0x10
[  431.519101]  kmem_cache_alloc_trace+0x284/0x380
[  431.523799]  apparmor_file_alloc_security+0x394/0xad0
[  431.528999]  ? apparmor_file_receive+0x160/0x160
[  431.533758]  ? __alloc_file+0x21/0x330
[  431.537652]  security_file_alloc+0x40/0x90
[  431.541884]  __alloc_file+0xc9/0x330
[  431.545612]  alloc_empty_file+0x6d/0x170
[  431.549668]  path_openat+0xe9/0x2df0
[  431.553367]  ? __lock_acquire+0x6de/0x3ff0
[  431.557586]  ? path_lookupat+0x8d0/0x8d0
[  431.561630]  ? mark_held_locks+0xf0/0xf0
[  431.565675]  do_filp_open+0x18c/0x3f0
[  431.569454]  ? may_open_dev+0xf0/0xf0
[  431.573232]  ? __alloc_fd+0x28d/0x570
[  431.577108]  ? lock_downgrade+0x720/0x720
[  431.581237]  ? lock_acquire+0x170/0x3c0
[  431.585194]  ? __alloc_fd+0x34/0x570
[  431.588895]  ? do_raw_spin_unlock+0x171/0x230
[  431.593371]  ? _raw_spin_unlock+0x29/0x40
[  431.597496]  ? __alloc_fd+0x28d/0x570
[  431.601290]  do_sys_open+0x3b3/0x520
[  431.604984]  ? filp_open+0x70/0x70
[  431.608506]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  431.613849]  ? trace_hardirqs_off_caller+0x6e/0x210
[  431.618846]  ? do_syscall_64+0x21/0x620
[  431.622798]  do_syscall_64+0xf9/0x620
[  431.626581]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  431.631748] RIP: 0033:0x4196c4
07:08:41 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006500000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:41 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  431.634919] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  431.653804] RSP: 002b:00007f6d14269ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  431.661509] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4
[  431.668777] RDX: 0000000000000002 RSI: 00007f6d1426a000 RDI: 00000000ffffff9c
[  431.676030] RBP: 00007f6d1426a000 R08: 0000000000000000 R09: ffffffffffffffff
[  431.683284] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  431.690540] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:41 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6864717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:41 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x8000001a, 0x0, 0x0)

[  431.714290] erofs: unmounted for /dev/loop4
[  431.719902] erofs: read_super, device -> /dev/loop2
[  431.740591] erofs: options -> 
07:08:41 executing program 5 (fault-call:0 fault-nth:10):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:41 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x900000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  431.806666] erofs: read_super, device -> /dev/loop4
[  431.815968] erofs: unmounted for /dev/loop2
[  431.820139] erofs: options -> 
07:08:41 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006600000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:41 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x8000001d, 0x0, 0x0)

[  431.866029] erofs: read_super, device -> /dev/loop0
[  431.879929] FAULT_INJECTION: forcing a failure.
[  431.879929] name failslab, interval 1, probability 0, space 0, times 0
[  431.893917] erofs: unmounted for /dev/loop4
[  431.904751] erofs: options -> 
[  431.909459] CPU: 0 PID: 27489 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  431.917332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  431.920572] erofs: cannot find valid erofs superblock
[  431.926662] Call Trace:
[  431.926695]  dump_stack+0x1fc/0x2ef
[  431.926713]  should_fail.cold+0xa/0xf
[  431.926727]  ? setup_fault_attr+0x200/0x200
[  431.926738]  ? lock_acquire+0x170/0x3c0
[  431.926754]  __should_failslab+0x115/0x180
[  431.954334]  should_failslab+0x5/0x10
[  431.958125]  kmem_cache_alloc_trace+0x284/0x380
[  431.962788]  ? loop_info64_to_compat+0x5e0/0x5e0
[  431.967522]  __kthread_create_on_node+0xd2/0x410
[  431.972254]  ? kthread_parkme+0xa0/0xa0
[  431.976205]  ? lo_ioctl+0x1bb/0x20e0
[  431.979900]  ? __mutex_lock+0x365/0x1200
[  431.983937]  ? lock_downgrade+0x720/0x720
[  431.988082]  ? loop_info64_to_compat+0x5e0/0x5e0
[  431.992827]  kthread_create_on_node+0xbb/0xf0
[  431.997303]  ? __kthread_create_on_node+0x410/0x410
[  432.002294]  ? __fget+0x356/0x510
[  432.005724]  ? do_dup2+0x450/0x450
[  432.009249]  ? __lockdep_init_map+0x100/0x5a0
[  432.013738]  ? __lockdep_init_map+0x100/0x5a0
[  432.018232]  lo_ioctl+0xae5/0x20e0
[  432.021760]  ? loop_set_status64+0x110/0x110
[  432.026147]  blkdev_ioctl+0x5cb/0x1a80
[  432.030014]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  432.035419]  ? blkpg_ioctl+0x9d0/0x9d0
[  432.039292]  ? mark_held_locks+0xf0/0xf0
[  432.043336]  ? mark_held_locks+0xf0/0xf0
[  432.047395]  ? debug_check_no_obj_freed+0x201/0x490
[  432.052397]  ? lock_downgrade+0x720/0x720
[  432.056529]  block_ioctl+0xe9/0x130
[  432.060189]  ? blkdev_fallocate+0x3f0/0x3f0
[  432.064494]  do_vfs_ioctl+0xcdb/0x12e0
[  432.068361]  ? lock_downgrade+0x720/0x720
[  432.072486]  ? check_preemption_disabled+0x41/0x280
[  432.077479]  ? ioctl_preallocate+0x200/0x200
[  432.081877]  ? __fget+0x356/0x510
[  432.085314]  ? do_dup2+0x450/0x450
[  432.088830]  ? do_sys_open+0x2bf/0x520
[  432.092701]  ksys_ioctl+0x9b/0xc0
[  432.096148]  __x64_sys_ioctl+0x6f/0xb0
[  432.100013]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  432.104595]  do_syscall_64+0xf9/0x620
[  432.108374]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  432.113626] RIP: 0033:0x466397
[  432.116795] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  432.135683] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  432.143366] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  432.150615] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  432.157864] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  432.165127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  432.172458] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:42 executing program 5 (fault-call:0 fault-nth:11):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:42 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xc0000000, 0x0, 0x0)

07:08:42 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  432.256967] erofs: read_super, device -> /dev/loop2
[  432.260414] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  432.262001] erofs: options -> 
[  432.277018] erofs: read_super, device -> /dev/loop4
[  432.282150] erofs: options -> 
07:08:42 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006700000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  432.311891] erofs: unmounted for /dev/loop2
07:08:42 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:42 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xc0000001, 0x0, 0x0)

[  432.350480] erofs: unmounted for /dev/loop4
07:08:42 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6869717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  432.436159] FAULT_INJECTION: forcing a failure.
[  432.436159] name failslab, interval 1, probability 0, space 0, times 0
[  432.449751] CPU: 0 PID: 27535 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  432.457627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  432.466971] Call Trace:
[  432.469556]  dump_stack+0x1fc/0x2ef
[  432.473242]  should_fail.cold+0xa/0xf
[  432.477065]  ? setup_fault_attr+0x200/0x200
[  432.481369]  ? lock_acquire+0x170/0x3c0
[  432.485325]  __should_failslab+0x115/0x180
[  432.489538]  should_failslab+0x5/0x10
[  432.493319]  kmem_cache_alloc+0x277/0x370
[  432.497449]  __kernfs_new_node+0xd2/0x680
[  432.501575]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  432.506344]  ? __cpu_to_node+0x7b/0xa0
[  432.510244]  ? account_entity_enqueue+0x2e5/0x440
[  432.515075]  ? mark_held_locks+0xf0/0xf0
[  432.519124]  ? enqueue_entity+0xf86/0x3850
[  432.523359]  ? set_user_nice.part.0+0x3b9/0xab0
[  432.528013]  kernfs_create_dir_ns+0x9e/0x230
[  432.532407]  internal_create_group+0x1c1/0xb20
[  432.536989]  ? sysfs_remove_link_from_group+0x70/0x70
[  432.542171]  ? lock_downgrade+0x720/0x720
[  432.546326]  lo_ioctl+0xf7c/0x20e0
[  432.549849]  ? loop_set_status64+0x110/0x110
[  432.554236]  blkdev_ioctl+0x5cb/0x1a80
[  432.558105]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  432.563451]  ? blkpg_ioctl+0x9d0/0x9d0
[  432.567318]  ? mark_held_locks+0xf0/0xf0
[  432.571367]  ? mark_held_locks+0xf0/0xf0
[  432.575419]  ? debug_check_no_obj_freed+0x201/0x490
[  432.580432]  ? lock_downgrade+0x720/0x720
[  432.584591]  block_ioctl+0xe9/0x130
[  432.588203]  ? blkdev_fallocate+0x3f0/0x3f0
[  432.592509]  do_vfs_ioctl+0xcdb/0x12e0
[  432.596386]  ? lock_downgrade+0x720/0x720
[  432.600516]  ? check_preemption_disabled+0x41/0x280
[  432.605522]  ? ioctl_preallocate+0x200/0x200
[  432.609918]  ? __fget+0x356/0x510
[  432.613348]  ? do_dup2+0x450/0x450
[  432.616868]  ? do_sys_open+0x2bf/0x520
[  432.620738]  ksys_ioctl+0x9b/0xc0
[  432.624226]  __x64_sys_ioctl+0x6f/0xb0
[  432.628153]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  432.632715]  do_syscall_64+0xf9/0x620
[  432.636513]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  432.641692] RIP: 0033:0x466397
[  432.644961] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  432.663839] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  432.671521] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  432.678767] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  432.686150] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  432.693394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  432.700696] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  432.741479] erofs: read_super, device -> /dev/loop5
[  432.746887] erofs: read_super, device -> /dev/loop2
[  432.747442] erofs: read_super, device -> /dev/loop0
[  432.752044] erofs: options -> 
[  432.766949] erofs: options -> 
[  432.778366] erofs: root inode @ nid 36
[  432.785482] erofs: options -> 
07:08:42 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  432.800328] erofs: cannot find valid erofs superblock
[  432.808312] erofs: mounted on /dev/loop5 with opts: .
[  432.838974] erofs: unmounted for /dev/loop2
[  432.861950] erofs: read_super, device -> /dev/loop4
07:08:42 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xf6ffffff, 0x0, 0x0)

07:08:42 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:42 executing program 5 (fault-call:0 fault-nth:12):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  432.905744] erofs: options -> 
[  432.919863] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  432.942695] erofs: read_super, device -> /dev/loop2
07:08:42 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006800000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  432.953223] erofs: options -> 
[  432.958206] erofs: unmounted for /dev/loop5
07:08:42 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="686c717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  432.998281] erofs: unmounted for /dev/loop4
07:08:42 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xfcfdffff, 0x0, 0x0)

07:08:42 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2300000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  433.076120] erofs: read_super, device -> /dev/loop0
[  433.093324] erofs: options -> 
[  433.113222] erofs: cannot find valid erofs superblock
07:08:42 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xfdfdffff, 0x0, 0x0)

[  433.122903] erofs: unmounted for /dev/loop2
[  433.166531] FAULT_INJECTION: forcing a failure.
[  433.166531] name failslab, interval 1, probability 0, space 0, times 0
[  433.178145] CPU: 0 PID: 27606 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  433.186014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  433.195352] Call Trace:
[  433.197936]  dump_stack+0x1fc/0x2ef
[  433.201631]  should_fail.cold+0xa/0xf
[  433.205408]  ? setup_fault_attr+0x200/0x200
[  433.209704]  ? lock_acquire+0x170/0x3c0
[  433.213654]  __should_failslab+0x115/0x180
[  433.217864]  should_failslab+0x5/0x10
[  433.221676]  kmem_cache_alloc+0x277/0x370
[  433.225840]  __kernfs_new_node+0xd2/0x680
[  433.229973]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  433.234739]  ? kernfs_activate+0x2c/0x1d0
[  433.238869]  ? lock_downgrade+0x720/0x720
[  433.242994]  ? kernfs_add_one+0x51/0x4c0
[  433.247049]  ? mutex_trylock+0x1a0/0x1a0
[  433.251090]  ? __mutex_unlock_slowpath+0xea/0x610
[  433.256100]  kernfs_new_node+0x92/0x120
[  433.260052]  __kernfs_create_file+0x51/0x340
[  433.264470]  sysfs_add_file_mode_ns+0x226/0x540
[  433.269116]  internal_create_group+0x355/0xb20
[  433.273676]  ? sysfs_remove_link_from_group+0x70/0x70
[  433.278844]  ? lock_downgrade+0x720/0x720
[  433.283040]  lo_ioctl+0xf7c/0x20e0
[  433.286561]  ? loop_set_status64+0x110/0x110
[  433.290946]  blkdev_ioctl+0x5cb/0x1a80
[  433.294810]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  433.300259]  ? blkpg_ioctl+0x9d0/0x9d0
[  433.304129]  ? mark_held_locks+0xf0/0xf0
[  433.308168]  ? mark_held_locks+0xf0/0xf0
[  433.312236]  ? debug_check_no_obj_freed+0x201/0x490
[  433.317239]  ? lock_downgrade+0x720/0x720
[  433.321400]  block_ioctl+0xe9/0x130
[  433.325007]  ? blkdev_fallocate+0x3f0/0x3f0
[  433.329305]  do_vfs_ioctl+0xcdb/0x12e0
[  433.333167]  ? lock_downgrade+0x720/0x720
[  433.337301]  ? check_preemption_disabled+0x41/0x280
[  433.342312]  ? ioctl_preallocate+0x200/0x200
[  433.346695]  ? __fget+0x356/0x510
[  433.350124]  ? do_dup2+0x450/0x450
[  433.353656]  ? do_sys_open+0x2bf/0x520
[  433.357520]  ksys_ioctl+0x9b/0xc0
[  433.360952]  __x64_sys_ioctl+0x6f/0xb0
[  433.364819]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  433.369378]  do_syscall_64+0xf9/0x620
[  433.373154]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  433.378336] RIP: 0033:0x466397
[  433.381503] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  433.400383] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  433.408086] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  433.415360] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  433.422603] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  433.429863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  433.437114] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  433.480738] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  433.485510] erofs: read_super, device -> /dev/loop5
[  433.494043] erofs: options -> 
[  433.497880] erofs: root inode @ nid 36
[  433.502103] erofs: mounted on /dev/loop5 with opts: .
[  433.522400] erofs: read_super, device -> /dev/loop4
07:08:43 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006900000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  433.531638] erofs: options -> 
[  433.551128] erofs: read_super, device -> /dev/loop2
[  433.557264] erofs: options -> 
07:08:43 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xffff8000, 0x0, 0x0)

07:08:43 executing program 5 (fault-call:0 fault-nth:13):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:43 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:43 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="686f717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xfffffdfc, 0x0, 0x0)

[  433.589259] erofs: unmounted for /dev/loop4
[  433.593713] erofs: unmounted for /dev/loop2
[  433.614351] erofs: unmounted for /dev/loop5
[  433.743637] erofs: read_super, device -> /dev/loop0
[  433.764127] erofs: options -> 
[  433.769519] erofs: root inode @ nid 36
[  433.774205] erofs: mounted on /dev/loop0 with opts: .
[  433.779649] FAULT_INJECTION: forcing a failure.
[  433.779649] name failslab, interval 1, probability 0, space 0, times 0
[  433.791870] CPU: 1 PID: 27669 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  433.799754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  433.809139] Call Trace:
07:08:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xfffffdfd, 0x0, 0x0)

[  433.811730]  dump_stack+0x1fc/0x2ef
[  433.815358]  should_fail.cold+0xa/0xf
[  433.819155]  ? setup_fault_attr+0x200/0x200
[  433.823467]  ? lock_acquire+0x170/0x3c0
[  433.827426]  __should_failslab+0x115/0x180
[  433.831641]  should_failslab+0x5/0x10
[  433.835429]  kmem_cache_alloc+0x277/0x370
[  433.839616]  __kernfs_new_node+0xd2/0x680
[  433.843755]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  433.848491]  ? __mutex_unlock_slowpath+0xea/0x610
[  433.853367]  ? wait_for_completion_io+0x10/0x10
[  433.858032]  ? kernfs_next_descendant_post+0x19c/0x290
[  433.863330]  kernfs_new_node+0x92/0x120
[  433.867291]  __kernfs_create_file+0x51/0x340
[  433.871681]  sysfs_add_file_mode_ns+0x226/0x540
[  433.876363]  internal_create_group+0x355/0xb20
[  433.880999]  ? sysfs_remove_link_from_group+0x70/0x70
[  433.886180]  ? lock_downgrade+0x720/0x720
[  433.890316]  lo_ioctl+0xf7c/0x20e0
[  433.893839]  ? loop_set_status64+0x110/0x110
[  433.898235]  blkdev_ioctl+0x5cb/0x1a80
[  433.902122]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  433.907476]  ? blkpg_ioctl+0x9d0/0x9d0
[  433.911344]  ? mark_held_locks+0xf0/0xf0
[  433.915392]  ? mark_held_locks+0xf0/0xf0
[  433.919454]  ? debug_check_no_obj_freed+0x201/0x490
[  433.924468]  ? lock_downgrade+0x720/0x720
[  433.928595]  block_ioctl+0xe9/0x130
[  433.932208]  ? blkdev_fallocate+0x3f0/0x3f0
[  433.936538]  do_vfs_ioctl+0xcdb/0x12e0
[  433.940415]  ? lock_downgrade+0x720/0x720
[  433.944550]  ? check_preemption_disabled+0x41/0x280
[  433.949593]  ? ioctl_preallocate+0x200/0x200
[  433.953980]  ? __fget+0x356/0x510
[  433.957427]  ? do_dup2+0x450/0x450
[  433.961014]  ? do_sys_open+0x2bf/0x520
[  433.964898]  ksys_ioctl+0x9b/0xc0
[  433.968371]  __x64_sys_ioctl+0x6f/0xb0
[  433.972281]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  433.976867]  do_syscall_64+0xf9/0x620
[  433.980713]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  433.985892] RIP: 0033:0x466397
[  433.989065] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  434.007969] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  434.015662] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  434.022960] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  434.030242] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  434.037501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  434.044763] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  434.059091] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  434.070534] erofs: read_super, device -> /dev/loop5
[  434.085519] erofs: read_super, device -> /dev/loop4
[  434.087420] erofs: read_super, device -> /dev/loop2
[  434.090633] erofs: options -> 
[  434.097129] erofs: options -> 
[  434.103451] erofs: options -> 
07:08:43 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

07:08:43 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006a00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  434.113935] erofs: root inode @ nid 36
[  434.124179] erofs: unmounted for /dev/loop0
[  434.128963] erofs: mounted on /dev/loop5 with opts: .
07:08:43 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6870717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:43 executing program 5 (fault-call:0 fault-nth:14):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  434.178439] erofs: unmounted for /dev/loop4
07:08:43 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xfffffff6, 0x0, 0x0)

[  434.201981] erofs: unmounted for /dev/loop5
[  434.207689] erofs: unmounted for /dev/loop2
07:08:44 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

[  434.280544] erofs: read_super, device -> /dev/loop4
[  434.291053] erofs: options -> 
[  434.359282] FAULT_INJECTION: forcing a failure.
[  434.359282] name failslab, interval 1, probability 0, space 0, times 0
[  434.373472] CPU: 1 PID: 27719 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  434.381388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  434.390730] Call Trace:
[  434.393306]  dump_stack+0x1fc/0x2ef
[  434.396913]  should_fail.cold+0xa/0xf
[  434.400699]  ? setup_fault_attr+0x200/0x200
[  434.405002]  ? lock_acquire+0x170/0x3c0
[  434.408979]  __should_failslab+0x115/0x180
[  434.413194]  should_failslab+0x5/0x10
[  434.416988]  kmem_cache_alloc+0x277/0x370
[  434.421249]  __kernfs_new_node+0xd2/0x680
[  434.425379]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  434.430141]  ? __mutex_unlock_slowpath+0xea/0x610
[  434.434964]  ? wait_for_completion_io+0x10/0x10
[  434.439617]  ? kernfs_next_descendant_post+0x19c/0x290
[  434.444881]  kernfs_new_node+0x92/0x120
[  434.448840]  __kernfs_create_file+0x51/0x340
[  434.453232]  sysfs_add_file_mode_ns+0x226/0x540
[  434.457884]  internal_create_group+0x355/0xb20
[  434.462445]  ? sysfs_remove_link_from_group+0x70/0x70
[  434.467616]  ? lock_downgrade+0x720/0x720
[  434.471752]  lo_ioctl+0xf7c/0x20e0
[  434.475271]  ? loop_set_status64+0x110/0x110
[  434.479657]  blkdev_ioctl+0x5cb/0x1a80
[  434.483532]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  434.488872]  ? blkpg_ioctl+0x9d0/0x9d0
[  434.492748]  ? mark_held_locks+0xf0/0xf0
[  434.496785]  ? mark_held_locks+0xf0/0xf0
[  434.500827]  ? debug_check_no_obj_freed+0x201/0x490
[  434.505825]  ? lock_downgrade+0x720/0x720
[  434.509951]  block_ioctl+0xe9/0x130
[  434.513555]  ? blkdev_fallocate+0x3f0/0x3f0
[  434.517860]  do_vfs_ioctl+0xcdb/0x12e0
[  434.521735]  ? lock_downgrade+0x720/0x720
[  434.525861]  ? check_preemption_disabled+0x41/0x280
[  434.530858]  ? ioctl_preallocate+0x200/0x200
[  434.535253]  ? __fget+0x356/0x510
[  434.538775]  ? do_dup2+0x450/0x450
[  434.542291]  ? do_sys_open+0x2bf/0x520
[  434.546161]  ksys_ioctl+0x9b/0xc0
[  434.549595]  __x64_sys_ioctl+0x6f/0xb0
[  434.553464]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  434.558037]  do_syscall_64+0xf9/0x620
[  434.561825]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  434.566993] RIP: 0033:0x466397
[  434.570166] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  434.589076] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  434.596763] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
07:08:44 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006b00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x4000000000, 0x0, 0x0)

[  434.604020] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  434.611279] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  434.618529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  434.625777] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  434.648273] erofs: unmounted for /dev/loop4
[  434.677035] erofs: read_super, device -> /dev/loop2
[  434.681878] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  434.690075] erofs: options -> 
[  434.706370] erofs: read_super, device -> /dev/loop5
[  434.711712] erofs: options -> 
[  434.720874] erofs: root inode @ nid 36
[  434.727125] erofs: mounted on /dev/loop5 with opts: .
07:08:44 executing program 5 (fault-call:0 fault-nth:15):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:44 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8000000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:44 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6872717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x8000000000, 0x0, 0x0)

07:08:44 executing program 0:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

[  434.796868] erofs: unmounted for /dev/loop2
[  434.801417] erofs: unmounted for /dev/loop5
07:08:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xc000000000, 0x0, 0x0)

[  434.920680] FAULT_INJECTION: forcing a failure.
[  434.920680] name failslab, interval 1, probability 0, space 0, times 0
[  434.932469] CPU: 1 PID: 27763 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  434.940338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  434.949673] Call Trace:
[  434.952244]  dump_stack+0x1fc/0x2ef
[  434.955899]  should_fail.cold+0xa/0xf
[  434.959683]  ? setup_fault_attr+0x200/0x200
[  434.963999]  ? lock_acquire+0x170/0x3c0
[  434.967982]  __should_failslab+0x115/0x180
[  434.972199]  should_failslab+0x5/0x10
[  434.975983]  kmem_cache_alloc+0x277/0x370
[  434.980118]  __kernfs_new_node+0xd2/0x680
[  434.984278]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  434.989016]  ? __mutex_unlock_slowpath+0xea/0x610
[  434.993851]  ? wait_for_completion_io+0x10/0x10
[  434.998502]  ? kernfs_next_descendant_post+0x19c/0x290
[  435.003760]  kernfs_new_node+0x92/0x120
[  435.007717]  __kernfs_create_file+0x51/0x340
[  435.012118]  sysfs_add_file_mode_ns+0x226/0x540
[  435.016795]  internal_create_group+0x355/0xb20
[  435.021358]  ? sysfs_remove_link_from_group+0x70/0x70
[  435.026535]  ? lock_downgrade+0x720/0x720
[  435.030691]  lo_ioctl+0xf7c/0x20e0
[  435.034222]  ? loop_set_status64+0x110/0x110
[  435.038607]  blkdev_ioctl+0x5cb/0x1a80
[  435.042487]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  435.047842]  ? blkpg_ioctl+0x9d0/0x9d0
[  435.051752]  ? mark_held_locks+0xf0/0xf0
[  435.055800]  ? mark_held_locks+0xf0/0xf0
[  435.059860]  ? debug_check_no_obj_freed+0x201/0x490
[  435.064861]  ? lock_downgrade+0x720/0x720
[  435.069004]  block_ioctl+0xe9/0x130
[  435.072640]  ? blkdev_fallocate+0x3f0/0x3f0
[  435.076966]  do_vfs_ioctl+0xcdb/0x12e0
[  435.080847]  ? lock_downgrade+0x720/0x720
[  435.084978]  ? check_preemption_disabled+0x41/0x280
[  435.089973]  ? ioctl_preallocate+0x200/0x200
[  435.094364]  ? __fget+0x356/0x510
[  435.097799]  ? do_dup2+0x450/0x450
[  435.101327]  ? do_sys_open+0x2bf/0x520
[  435.105207]  ksys_ioctl+0x9b/0xc0
[  435.108642]  __x64_sys_ioctl+0x6f/0xb0
[  435.112504]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  435.117062]  do_syscall_64+0xf9/0x620
[  435.120845]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  435.126013] RIP: 0033:0x466397
[  435.129186] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  435.148063] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  435.155744] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  435.162988] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  435.170245] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  435.177496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  435.184747] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  435.194476] erofs: read_super, device -> /dev/loop4
[  435.198776] erofs: read_super, device -> /dev/loop5
[  435.204584] erofs: options -> 
[  435.212313] erofs: options -> 
[  435.223526] erofs: root inode @ nid 36
[  435.223634] erofs: read_super, device -> /dev/loop2
[  435.232801] erofs: options -> 
[  435.232817] erofs: mounted on /dev/loop5 with opts: .
07:08:45 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006c00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:45 executing program 5 (fault-call:0 fault-nth:16):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:45 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6875717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  435.270239] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  435.304017] erofs: unmounted for /dev/loop4
[  435.308487] erofs: unmounted for /dev/loop5
07:08:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x1000000000000, 0x0, 0x0)

07:08:45 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8303000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  435.391900] erofs: unmounted for /dev/loop2
07:08:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x20000000000000, 0x0, 0x0)

[  435.442044] erofs: read_super, device -> /dev/loop4
[  435.447237] erofs: options -> 
07:08:45 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006d00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:45 executing program 0 (fault-call:0 fault-nth:0):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  435.492247] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  435.526459] erofs: unmounted for /dev/loop4
07:08:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x80ffff00000000, 0x0, 0x0)

[  435.627333] FAULT_INJECTION: forcing a failure.
[  435.627333] name failslab, interval 1, probability 0, space 0, times 0
[  435.638634] CPU: 1 PID: 27831 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  435.646519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  435.655860] Call Trace:
[  435.658435]  dump_stack+0x1fc/0x2ef
[  435.662048]  should_fail.cold+0xa/0xf
[  435.665848]  ? setup_fault_attr+0x200/0x200
[  435.670162]  ? lock_acquire+0x170/0x3c0
[  435.674122]  __should_failslab+0x115/0x180
[  435.678356]  should_failslab+0x5/0x10
[  435.682149]  kmem_cache_alloc+0x277/0x370
[  435.686295]  __kernfs_new_node+0xd2/0x680
[  435.690437]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  435.695191]  ? __mutex_unlock_slowpath+0xea/0x610
[  435.700026]  ? wait_for_completion_io+0x10/0x10
[  435.704682]  ? kernfs_next_descendant_post+0x19c/0x290
[  435.709960]  kernfs_new_node+0x92/0x120
[  435.713928]  __kernfs_create_file+0x51/0x340
[  435.718335]  sysfs_add_file_mode_ns+0x226/0x540
[  435.722996]  internal_create_group+0x355/0xb20
[  435.727588]  ? sysfs_remove_link_from_group+0x70/0x70
[  435.732788]  ? lock_downgrade+0x720/0x720
[  435.736925]  lo_ioctl+0xf7c/0x20e0
[  435.740461]  ? loop_set_status64+0x110/0x110
[  435.744872]  blkdev_ioctl+0x5cb/0x1a80
[  435.748758]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  435.754108]  ? blkpg_ioctl+0x9d0/0x9d0
[  435.757985]  ? mark_held_locks+0xf0/0xf0
[  435.762027]  ? mark_held_locks+0xf0/0xf0
[  435.766082]  ? debug_check_no_obj_freed+0x201/0x490
[  435.771111]  ? lock_downgrade+0x720/0x720
[  435.775251]  block_ioctl+0xe9/0x130
[  435.778865]  ? blkdev_fallocate+0x3f0/0x3f0
[  435.783184]  do_vfs_ioctl+0xcdb/0x12e0
[  435.787071]  ? lock_downgrade+0x720/0x720
[  435.791238]  ? check_preemption_disabled+0x41/0x280
[  435.796252]  ? ioctl_preallocate+0x200/0x200
[  435.800649]  ? __fget+0x356/0x510
[  435.804104]  ? do_dup2+0x450/0x450
[  435.807639]  ? do_sys_open+0x2bf/0x520
[  435.811622]  ksys_ioctl+0x9b/0xc0
[  435.815073]  __x64_sys_ioctl+0x6f/0xb0
[  435.819052]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  435.823631]  do_syscall_64+0xf9/0x620
[  435.827423]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  435.832605] RIP: 0033:0x466397
[  435.835833] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  435.854710] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  435.862394] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  435.869643] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  435.876904] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  435.884161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  435.891417] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  435.925054] erofs: read_super, device -> /dev/loop5
[  435.930410] erofs: read_super, device -> /dev/loop2
[  435.935814] erofs: options -> 
[  435.939202] erofs: options -> 
[  435.958002] erofs: root inode @ nid 36
07:08:45 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6878717307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:45 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8503000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  435.981069] erofs: mounted on /dev/loop5 with opts: .
[  435.995810] FAULT_INJECTION: forcing a failure.
[  435.995810] name failslab, interval 1, probability 0, space 0, times 0
[  436.001387] erofs: read_super, device -> /dev/loop4
[  436.012373] erofs: unmounted for /dev/loop2
[  436.012724] erofs: options -> 
[  436.031898] CPU: 0 PID: 27854 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  436.039796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  436.049231] Call Trace:
[  436.051808]  dump_stack+0x1fc/0x2ef
[  436.055430]  should_fail.cold+0xa/0xf
[  436.059212]  ? setup_fault_attr+0x200/0x200
[  436.063511]  ? lock_acquire+0x170/0x3c0
[  436.067467]  __should_failslab+0x115/0x180
[  436.071695]  should_failslab+0x5/0x10
[  436.075481]  __kmalloc+0x2ab/0x3c0
[  436.079000]  ? __se_sys_memfd_create+0xf8/0x440
[  436.083650]  __se_sys_memfd_create+0xf8/0x440
[  436.088124]  ? memfd_file_seals_ptr+0x150/0x150
[  436.092775]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  436.098117]  ? trace_hardirqs_off_caller+0x6e/0x210
[  436.103108]  ? do_syscall_64+0x21/0x620
[  436.107060]  do_syscall_64+0xf9/0x620
[  436.110848]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  436.116015] RIP: 0033:0x4665d9
07:08:45 executing program 5 (fault-call:0 fault-nth:17):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  436.119203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  436.138082] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  436.145772] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665d9
[  436.153023] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00000000004bee66
[  436.160287] RBP: 0000000000000003 R08: 0000000000001000 R09: ffffffffffffffff
[  436.167537] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  436.174788] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020000040
[  436.184575] erofs: unmounted for /dev/loop5
07:08:45 executing program 0 (fault-call:0 fault-nth:1):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x100000000000000, 0x0, 0x0)

07:08:46 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006e00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  436.250171] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  436.279723] erofs: unmounted for /dev/loop4
[  436.294876] FAULT_INJECTION: forcing a failure.
[  436.294876] name failslab, interval 1, probability 0, space 0, times 0
[  436.311045] CPU: 0 PID: 27881 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  436.318931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  436.328388] Call Trace:
[  436.330967]  dump_stack+0x1fc/0x2ef
[  436.334598]  should_fail.cold+0xa/0xf
[  436.338378]  ? setup_fault_attr+0x200/0x200
[  436.342677]  ? lock_acquire+0x170/0x3c0
[  436.346632]  __should_failslab+0x115/0x180
[  436.350847]  should_failslab+0x5/0x10
[  436.354629]  kmem_cache_alloc+0x277/0x370
[  436.358774]  ? shmem_destroy_callback+0xb0/0xb0
[  436.363421]  shmem_alloc_inode+0x18/0x40
[  436.367460]  ? shmem_destroy_callback+0xb0/0xb0
[  436.372120]  alloc_inode+0x5d/0x180
[  436.375728]  new_inode+0x1d/0xf0
[  436.379078]  shmem_get_inode+0x96/0x8d0
[  436.383046]  __shmem_file_setup.part.0+0x7a/0x2b0
[  436.387873]  shmem_file_setup+0x61/0x90
[  436.391825]  __se_sys_memfd_create+0x26b/0x440
[  436.396386]  ? memfd_file_seals_ptr+0x150/0x150
[  436.401041]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  436.406387]  ? trace_hardirqs_off_caller+0x6e/0x210
[  436.411380]  ? do_syscall_64+0x21/0x620
[  436.415348]  do_syscall_64+0xf9/0x620
[  436.419131]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  436.424303] RIP: 0033:0x4665d9
[  436.427476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
07:08:46 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873727307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:46 executing program 0 (fault-call:0 fault-nth:2):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  436.446354] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  436.454051] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665d9
[  436.461301] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00000000004bee66
[  436.468549] RBP: 0000000000000003 R08: 0000000000001000 R09: ffffffffffffffff
[  436.475796] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  436.483044] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020000040
[  436.531637] FAULT_INJECTION: forcing a failure.
[  436.531637] name failslab, interval 1, probability 0, space 0, times 0
[  436.552679] CPU: 0 PID: 27880 Comm: syz-executor.5 Not tainted 4.19.195-syzkaller #0
[  436.560578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  436.569919] Call Trace:
[  436.572497]  dump_stack+0x1fc/0x2ef
[  436.576110]  should_fail.cold+0xa/0xf
[  436.579893]  ? setup_fault_attr+0x200/0x200
[  436.584196]  ? lock_acquire+0x170/0x3c0
[  436.588282]  __should_failslab+0x115/0x180
[  436.592504]  should_failslab+0x5/0x10
[  436.596294]  kmem_cache_alloc+0x277/0x370
[  436.600425]  __kernfs_new_node+0xd2/0x680
[  436.604558]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  436.609297]  ? __mutex_unlock_slowpath+0xea/0x610
[  436.614121]  ? wait_for_completion_io+0x10/0x10
[  436.618773]  ? kernfs_next_descendant_post+0x19c/0x290
[  436.624030]  kernfs_new_node+0x92/0x120
[  436.627988]  __kernfs_create_file+0x51/0x340
[  436.632379]  sysfs_add_file_mode_ns+0x226/0x540
[  436.637033]  internal_create_group+0x355/0xb20
[  436.641599]  ? sysfs_remove_link_from_group+0x70/0x70
[  436.646764]  ? lock_downgrade+0x720/0x720
[  436.650901]  lo_ioctl+0xf7c/0x20e0
[  436.654425]  ? loop_set_status64+0x110/0x110
[  436.658810]  blkdev_ioctl+0x5cb/0x1a80
[  436.662679]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  436.668022]  ? blkpg_ioctl+0x9d0/0x9d0
[  436.671889]  ? mark_held_locks+0xf0/0xf0
[  436.675927]  ? mark_held_locks+0xf0/0xf0
[  436.679980]  ? debug_check_no_obj_freed+0x201/0x490
[  436.685070]  ? lock_downgrade+0x720/0x720
[  436.689199]  block_ioctl+0xe9/0x130
[  436.692809]  ? blkdev_fallocate+0x3f0/0x3f0
[  436.697110]  do_vfs_ioctl+0xcdb/0x12e0
[  436.700987]  ? lock_downgrade+0x720/0x720
[  436.705120]  ? check_preemption_disabled+0x41/0x280
[  436.710134]  ? ioctl_preallocate+0x200/0x200
[  436.714525]  ? __fget+0x356/0x510
[  436.717967]  ? do_dup2+0x450/0x450
[  436.721488]  ? do_sys_open+0x2bf/0x520
[  436.725359]  ksys_ioctl+0x9b/0xc0
[  436.728810]  __x64_sys_ioctl+0x6f/0xb0
[  436.732689]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  436.737248]  do_syscall_64+0xf9/0x620
[  436.741036]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  436.746206] RIP: 0033:0x466397
[  436.749388] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  436.768270] RSP: 002b:00007f6d14269f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  436.775959] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  436.783204] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  436.790450] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  436.797707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  436.804950] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x100004000000000, 0x0, 0x0)

[  436.872114] erofs: read_super, device -> /dev/loop4
[  436.875397] erofs: read_super, device -> /dev/loop5
[  436.880553] erofs: options -> 
[  436.882160] erofs: options -> 
[  436.882899] erofs: read_super, device -> /dev/loop2
[  436.897892] erofs: options -> 
[  436.904809] erofs: root inode @ nid 36
[  436.924789] erofs: mounted on /dev/loop5 with opts: .
07:08:46 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf006f00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  436.950593] FAULT_INJECTION: forcing a failure.
[  436.950593] name failslab, interval 1, probability 0, space 0, times 0
[  436.966803] erofs: unmounted for /dev/loop4
[  436.979824] CPU: 0 PID: 27909 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  436.987712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  436.997047] Call Trace:
[  436.999622]  dump_stack+0x1fc/0x2ef
[  437.003235]  should_fail.cold+0xa/0xf
[  437.007020]  ? setup_fault_attr+0x200/0x200
[  437.011326]  ? lock_acquire+0x170/0x3c0
[  437.015281]  __should_failslab+0x115/0x180
[  437.019496]  should_failslab+0x5/0x10
[  437.023275]  kmem_cache_alloc+0x277/0x370
[  437.027403]  __d_alloc+0x2b/0xa10
[  437.030854]  d_alloc_pseudo+0x19/0x70
[  437.034645]  alloc_file_pseudo+0xc6/0x250
[  437.038776]  ? alloc_file+0x4d0/0x4d0
[  437.042554]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  437.048154]  ? shmem_get_inode+0x44c/0x8d0
[  437.052369]  __shmem_file_setup.part.0+0x102/0x2b0
[  437.057277]  shmem_file_setup+0x61/0x90
[  437.061245]  __se_sys_memfd_create+0x26b/0x440
[  437.065813]  ? memfd_file_seals_ptr+0x150/0x150
[  437.070475]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  437.075821]  ? trace_hardirqs_off_caller+0x6e/0x210
[  437.080819]  ? do_syscall_64+0x21/0x620
[  437.084781]  do_syscall_64+0xf9/0x620
[  437.088568]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  437.093738] RIP: 0033:0x4665d9
[  437.096926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  437.115812] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  437.123498] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665d9
[  437.130748] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00000000004bee66
[  437.138000] RBP: 0000000000000003 R08: 0000000000001000 R09: ffffffffffffffff
07:08:46 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8603000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  437.145244] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  437.152487] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020000040
[  437.162259] erofs: unmounted for /dev/loop2
07:08:46 executing program 0 (fault-call:0 fault-nth:3):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  437.194708] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
07:08:47 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x100008000000000, 0x0, 0x0)

07:08:47 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873712307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  437.257925] erofs: unmounted for /dev/loop5
[  437.274667] FAULT_INJECTION: forcing a failure.
[  437.274667] name failslab, interval 1, probability 0, space 0, times 0
[  437.290694] CPU: 1 PID: 27929 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  437.298579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  437.307922] Call Trace:
[  437.310511]  dump_stack+0x1fc/0x2ef
[  437.314143]  should_fail.cold+0xa/0xf
[  437.317930]  ? setup_fault_attr+0x200/0x200
[  437.322228]  ? lock_acquire+0x170/0x3c0
[  437.326198]  __should_failslab+0x115/0x180
[  437.330421]  should_failslab+0x5/0x10
[  437.334204]  kmem_cache_alloc+0x277/0x370
[  437.338327]  __alloc_file+0x21/0x330
[  437.342012]  alloc_empty_file+0x6d/0x170
[  437.346057]  alloc_file+0x5e/0x4d0
[  437.349588]  alloc_file_pseudo+0x165/0x250
[  437.353794]  ? alloc_file+0x4d0/0x4d0
[  437.357569]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  437.363166]  ? shmem_get_inode+0x44c/0x8d0
[  437.367386]  __shmem_file_setup.part.0+0x102/0x2b0
[  437.372299]  shmem_file_setup+0x61/0x90
[  437.376247]  __se_sys_memfd_create+0x26b/0x440
[  437.380808]  ? memfd_file_seals_ptr+0x150/0x150
[  437.385466]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  437.390818]  ? trace_hardirqs_off_caller+0x6e/0x210
[  437.395815]  ? do_syscall_64+0x21/0x620
[  437.399767]  do_syscall_64+0xf9/0x620
[  437.403545]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  437.408717] RIP: 0033:0x4665d9
[  437.411950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  437.430829] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  437.438515] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665d9
[  437.445772] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00000000004bee66
07:08:47 executing program 0 (fault-call:0 fault-nth:4):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  437.453025] RBP: 0000000000000003 R08: 0000000000001000 R09: ffffffffffffffff
[  437.460271] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  437.467527] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020000040
[  437.520194] erofs: read_super, device -> /dev/loop2
[  437.525354] erofs: options -> 
[  437.552850] erofs: read_super, device -> /dev/loop4
[  437.552877] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  437.562693] erofs: options -> 
07:08:47 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8cffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  437.610264] FAULT_INJECTION: forcing a failure.
[  437.610264] name failslab, interval 1, probability 0, space 0, times 0
[  437.625976] erofs: unmounted for /dev/loop2
[  437.639271] erofs: read_super, device -> /dev/loop5
07:08:47 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  437.659075] erofs: options -> 
[  437.663429] erofs: unmounted for /dev/loop4
[  437.670382] CPU: 0 PID: 27946 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  437.671491] erofs: root inode @ nid 36
[  437.678273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  437.678279] Call Trace:
[  437.678300]  dump_stack+0x1fc/0x2ef
[  437.678320]  should_fail.cold+0xa/0xf
[  437.678338]  ? setup_fault_attr+0x200/0x200
[  437.678350]  ? lock_acquire+0x170/0x3c0
[  437.678375]  __should_failslab+0x115/0x180
[  437.691018] erofs: mounted on /dev/loop5 with opts: .
[  437.691594]  should_failslab+0x5/0x10
[  437.722938]  kmem_cache_alloc_trace+0x284/0x380
[  437.727594]  apparmor_file_alloc_security+0x394/0xad0
[  437.732766]  ? apparmor_file_receive+0x160/0x160
[  437.737501]  ? __alloc_file+0x21/0x330
[  437.741373]  security_file_alloc+0x40/0x90
[  437.745614]  __alloc_file+0xc9/0x330
[  437.749335]  alloc_empty_file+0x6d/0x170
[  437.753382]  alloc_file+0x5e/0x4d0
[  437.756929]  alloc_file_pseudo+0x165/0x250
[  437.761157]  ? alloc_file+0x4d0/0x4d0
[  437.764938]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  437.770545]  ? shmem_get_inode+0x44c/0x8d0
[  437.774764]  __shmem_file_setup.part.0+0x102/0x2b0
[  437.779688]  shmem_file_setup+0x61/0x90
[  437.783639]  __se_sys_memfd_create+0x26b/0x440
[  437.788201]  ? memfd_file_seals_ptr+0x150/0x150
[  437.792859]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  437.798196]  ? trace_hardirqs_off_caller+0x6e/0x210
[  437.803219]  ? do_syscall_64+0x21/0x620
[  437.807169]  do_syscall_64+0xf9/0x620
[  437.810953]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  437.816121] RIP: 0033:0x4665d9
[  437.819292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  437.838186] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  437.845886] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665d9
[  437.853140] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 00000000004bee66
07:08:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x10000c000000000, 0x0, 0x0)

07:08:47 executing program 0 (fault-call:0 fault-nth:5):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  437.860386] RBP: 0000000000000003 R08: 0000000000001000 R09: ffffffffffffffff
[  437.867634] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000008100000
[  437.874879] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020000040
07:08:47 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873712507000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  437.970128] erofs: read_super, device -> /dev/loop2
[  437.984214] erofs: options -> 
07:08:47 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  438.013315] FAULT_INJECTION: forcing a failure.
[  438.013315] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  438.026945] erofs: unmounted for /dev/loop5
[  438.048572] CPU: 1 PID: 27973 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  438.056447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  438.065777] Call Trace:
[  438.068346]  dump_stack+0x1fc/0x2ef
[  438.071973]  should_fail.cold+0xa/0xf
[  438.075753]  ? lock_acquire+0x170/0x3c0
[  438.079706]  ? setup_fault_attr+0x200/0x200
[  438.084020]  __alloc_pages_nodemask+0x239/0x2890
[  438.088755]  ? __lock_acquire+0x6de/0x3ff0
[  438.092970]  ? static_obj+0x50/0x50
[  438.096596]  ? __lock_acquire+0x6de/0x3ff0
[  438.100826]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  438.105663]  ? __lock_acquire+0x6de/0x3ff0
[  438.109883]  ? mark_held_locks+0xf0/0xf0
[  438.113931]  ? unwind_next_frame+0xeee/0x1400
[  438.118408]  ? mark_held_locks+0xf0/0xf0
[  438.122460]  ? deref_stack_reg+0x134/0x1d0
[  438.126682]  ? get_reg+0x176/0x1f0
[  438.130215]  ? __read_once_size_nocheck.constprop.0+0x10/0x10
[  438.136082]  alloc_pages_vma+0xf2/0x780
[  438.140062]  shmem_alloc_page+0x11c/0x1f0
[  438.144189]  ? shmem_swapin+0x220/0x220
[  438.148158]  ? percpu_counter_add_batch+0x126/0x180
[  438.153162]  ? __vm_enough_memory+0x316/0x650
[  438.157640]  shmem_alloc_and_acct_page+0x15a/0x850
[  438.162586]  shmem_getpage_gfp+0x4e9/0x37f0
[  438.166894]  ? shmem_alloc_and_acct_page+0x850/0x850
[  438.171977]  ? mark_held_locks+0xa6/0xf0
[  438.176103]  ? ktime_get_coarse_real_ts64+0x1c7/0x290
[  438.181277]  ? iov_iter_fault_in_readable+0x1fc/0x3f0
[  438.186455]  shmem_write_begin+0xff/0x1e0
[  438.190588]  generic_perform_write+0x1f8/0x4d0
[  438.195176]  ? filemap_page_mkwrite+0x2f0/0x2f0
[  438.199840]  ? current_time+0x1c0/0x1c0
[  438.203797]  ? lock_acquire+0x170/0x3c0
[  438.207750]  __generic_file_write_iter+0x24b/0x610
[  438.212660]  generic_file_write_iter+0x3f8/0x730
[  438.217394]  __vfs_write+0x51b/0x770
[  438.221090]  ? kernel_read+0x110/0x110
[  438.224967]  ? check_preemption_disabled+0x41/0x280
[  438.229983]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  438.234983]  vfs_write+0x1f3/0x540
[  438.238521]  __x64_sys_pwrite64+0x1f7/0x250
[  438.242839]  ? ksys_pwrite64+0x1a0/0x1a0
[  438.246892]  ? trace_hardirqs_off_caller+0x6e/0x210
[  438.251891]  ? do_syscall_64+0x21/0x620
[  438.255845]  do_syscall_64+0xf9/0x620
[  438.259644]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  438.264819] RIP: 0033:0x419777
[  438.267990] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[  438.286869] RSP: 002b:00007fd4abad3f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  438.294560] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777
[  438.301820] RDX: 000000000000000f RSI: 0000000020010000 RDI: 0000000000000004
07:08:48 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xac03000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  438.309082] RBP: 0000000000000003 R08: 0000000000000000 R09: ffffffffffffffff
[  438.316332] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000004
[  438.323580] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000
[  438.349023] erofs: unmounted for /dev/loop2
[  438.359295] erofs: read_super, device -> /dev/loop4
07:08:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x101000000000000, 0x0, 0x0)

[  438.364532] erofs: options -> 
[  438.403664] erofs: read_super, device -> /dev/loop0
[  438.437402] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  438.446590] erofs: options -> 
[  438.469774] erofs: cannot find valid erofs superblock
07:08:48 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007100000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  438.508793] erofs: read_super, device -> /dev/loop5
[  438.536808] erofs: unmounted for /dev/loop4
[  438.540248] erofs: options -> 
07:08:48 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873712a07000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:48 executing program 0 (fault-call:0 fault-nth:6):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  438.580595] erofs: root inode @ nid 36
[  438.627039] erofs: read_super, device -> /dev/loop2
[  438.640632] erofs: mounted on /dev/loop5 with opts: .
[  438.658900] erofs: options -> 
[  438.712671] FAULT_INJECTION: forcing a failure.
[  438.712671] name failslab, interval 1, probability 0, space 0, times 0
[  438.746600] erofs: read_super, device -> /dev/loop4
07:08:48 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xba03000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  438.761596] erofs: options -> 
[  438.768919] CPU: 0 PID: 28023 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  438.776822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  438.785165] erofs: unmounted for /dev/loop2
[  438.786168] Call Trace:
[  438.786187]  dump_stack+0x1fc/0x2ef
[  438.786205]  should_fail.cold+0xa/0xf
[  438.800479]  ? setup_fault_attr+0x200/0x200
[  438.804823]  ? lock_acquire+0x170/0x3c0
[  438.808812]  __should_failslab+0x115/0x180
[  438.813061]  should_failslab+0x5/0x10
[  438.816860]  kmem_cache_alloc+0x277/0x370
[  438.820995]  getname_flags+0xce/0x590
[  438.824778]  do_sys_open+0x26c/0x520
[  438.828471]  ? filp_open+0x70/0x70
[  438.831992]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  438.837343]  ? trace_hardirqs_off_caller+0x6e/0x210
[  438.842337]  ? do_syscall_64+0x21/0x620
[  438.846290]  do_syscall_64+0xf9/0x620
[  438.850074]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  438.855334] RIP: 0033:0x4196c4
[  438.858503] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  438.877377] RSP: 002b:00007fd4abad3ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  438.885062] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4
[  438.892309] RDX: 0000000000000002 RSI: 00007fd4abad4000 RDI: 00000000ffffff9c
[  438.899555] RBP: 00007fd4abad4000 R08: 0000000000000000 R09: ffffffffffffffff
07:08:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x200000000000000, 0x0, 0x0)

07:08:48 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:48 executing program 0 (fault-call:0 fault-nth:7):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  438.906800] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  438.914044] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  438.941681] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  438.956247] erofs: unmounted for /dev/loop5
07:08:48 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873712b07000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x400000000000000, 0x0, 0x0)

[  439.073997] erofs: read_super, device -> /dev/loop2
[  439.095021] erofs: options -> 
[  439.103876] FAULT_INJECTION: forcing a failure.
[  439.103876] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  439.113160] erofs: read_super, device -> /dev/loop5
[  439.115767] CPU: 1 PID: 28053 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  439.115777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  439.115782] Call Trace:
[  439.115800]  dump_stack+0x1fc/0x2ef
[  439.115819]  should_fail.cold+0xa/0xf
[  439.115843]  ? setup_fault_attr+0x200/0x200
[  439.115859]  ? do_writepages+0x290/0x290
[  439.115872]  ? unlock_page+0x13d/0x230
[  439.115889]  __alloc_pages_nodemask+0x239/0x2890
[  439.123789] erofs: options -> 
[  439.128768]  ? lock_downgrade+0x720/0x720
[  439.128785]  ? check_preemption_disabled+0x41/0x280
[  439.128802]  ? __lock_acquire+0x6de/0x3ff0
[  439.128821]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  439.128840]  ? lock_downgrade+0x720/0x720
[  439.128851]  ? lock_acquire+0x170/0x3c0
[  439.128870]  ? up_write+0x18/0x150
[  439.157657] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  439.160426]  ? generic_file_write_iter+0x381/0x730
[  439.160445]  ? iov_iter_init+0xb8/0x1d0
[  439.160464]  cache_grow_begin+0xa4/0x8a0
[  439.171746] erofs: root inode @ nid 36
[  439.172509]  ? setup_fault_attr+0x200/0x200
[  439.179871] erofs: mounted on /dev/loop5 with opts: .
[  439.181727]  ? cache_alloc_pfmemalloc+0x1e/0x140
[  439.181752]  cache_alloc_refill+0x273/0x340
[  439.181766]  kmem_cache_alloc+0x346/0x370
[  439.245028]  getname_flags+0xce/0x590
[  439.248822]  do_sys_open+0x26c/0x520
[  439.252524]  ? filp_open+0x70/0x70
[  439.256049]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  439.261394]  ? trace_hardirqs_off_caller+0x6e/0x210
[  439.266388]  ? do_syscall_64+0x21/0x620
[  439.270345]  do_syscall_64+0xf9/0x620
[  439.274143]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  439.279319] RIP: 0033:0x4196c4
07:08:49 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007200000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:49 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbb03000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  439.282490] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  439.301370] RSP: 002b:00007fd4abad3ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  439.309059] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4
[  439.316308] RDX: 0000000000000002 RSI: 00007fd4abad4000 RDI: 00000000ffffff9c
[  439.323570] RBP: 00007fd4abad4000 R08: 0000000000000000 R09: ffffffffffffffff
[  439.330819] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  439.338078] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:49 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:49 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873712d07000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x500000000000000, 0x0, 0x0)

[  439.366609] erofs: unmounted for /dev/loop4
[  439.371361] erofs: unmounted for /dev/loop2
[  439.392836] erofs: unmounted for /dev/loop5
[  439.480308] erofs: read_super, device -> /dev/loop0
[  439.485751] erofs: options -> 
[  439.492743] erofs: root inode @ nid 36
[  439.499145] erofs: mounted on /dev/loop0 with opts: .
[  439.509048] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  439.525232] erofs: read_super, device -> /dev/loop4
07:08:49 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbc03000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  439.530254] erofs: options -> 
[  439.536929] erofs: read_super, device -> /dev/loop2
[  439.560243] erofs: options -> 
07:08:49 executing program 0 (fault-call:0 fault-nth:8):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:49 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873712e07000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x600000000000000, 0x0, 0x0)

07:08:49 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007300000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  439.621612] erofs: unmounted for /dev/loop2
[  439.626895] erofs: unmounted for /dev/loop0
[  439.673596] erofs: unmounted for /dev/loop4
[  439.688432] FAULT_INJECTION: forcing a failure.
[  439.688432] name failslab, interval 1, probability 0, space 0, times 0
[  439.700017] CPU: 0 PID: 28108 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  439.707904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  439.717235] Call Trace:
[  439.719848]  dump_stack+0x1fc/0x2ef
[  439.723451]  should_fail.cold+0xa/0xf
[  439.727231]  ? setup_fault_attr+0x200/0x200
[  439.731530]  ? lock_acquire+0x170/0x3c0
[  439.735482]  __should_failslab+0x115/0x180
[  439.739693]  should_failslab+0x5/0x10
[  439.743468]  kmem_cache_alloc+0x277/0x370
[  439.747616]  __alloc_file+0x21/0x330
[  439.751308]  alloc_empty_file+0x6d/0x170
[  439.755445]  path_openat+0xe9/0x2df0
[  439.759154]  ? __lock_acquire+0x6de/0x3ff0
[  439.763368]  ? path_lookupat+0x8d0/0x8d0
[  439.767414]  ? mark_held_locks+0xf0/0xf0
[  439.771455]  do_filp_open+0x18c/0x3f0
[  439.775232]  ? may_open_dev+0xf0/0xf0
[  439.779032]  ? __alloc_fd+0x28d/0x570
[  439.782808]  ? lock_downgrade+0x720/0x720
[  439.786930]  ? lock_acquire+0x170/0x3c0
[  439.790896]  ? __alloc_fd+0x34/0x570
[  439.794591]  ? do_raw_spin_unlock+0x171/0x230
[  439.799063]  ? _raw_spin_unlock+0x29/0x40
[  439.803189]  ? __alloc_fd+0x28d/0x570
[  439.806973]  do_sys_open+0x3b3/0x520
[  439.810670]  ? filp_open+0x70/0x70
[  439.814190]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  439.819532]  ? trace_hardirqs_off_caller+0x6e/0x210
[  439.824526]  ? do_syscall_64+0x21/0x620
[  439.828474]  do_syscall_64+0xf9/0x620
[  439.832250]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  439.837414] RIP: 0033:0x4196c4
[  439.840587] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  439.859475] RSP: 002b:00007fd4abad3ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  439.867156] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4
07:08:49 executing program 0 (fault-call:0 fault-nth:9):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  439.874399] RDX: 0000000000000002 RSI: 00007fd4abad4000 RDI: 00000000ffffff9c
[  439.881643] RBP: 00007fd4abad4000 R08: 0000000000000000 R09: ffffffffffffffff
[  439.888887] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  439.896133] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  439.978602] erofs: read_super, device -> /dev/loop5
[  440.005548] erofs: options -> 
[  440.013153] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  440.022326] erofs: root inode @ nid 36
[  440.027024] erofs: mounted on /dev/loop5 with opts: .
07:08:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x700000000000000, 0x0, 0x0)

[  440.063327] FAULT_INJECTION: forcing a failure.
[  440.063327] name failslab, interval 1, probability 0, space 0, times 0
[  440.087352] erofs: read_super, device -> /dev/loop2
[  440.088625] CPU: 1 PID: 28135 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  440.100280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  440.109635] Call Trace:
[  440.111670] erofs: options -> 
[  440.112247]  dump_stack+0x1fc/0x2ef
[  440.119044]  should_fail.cold+0xa/0xf
[  440.122861]  ? setup_fault_attr+0x200/0x200
[  440.127183]  ? lock_acquire+0x170/0x3c0
[  440.131181]  __should_failslab+0x115/0x180
[  440.135417]  should_failslab+0x5/0x10
[  440.139213]  kmem_cache_alloc_trace+0x284/0x380
[  440.143884]  apparmor_file_alloc_security+0x394/0xad0
[  440.149080]  ? apparmor_file_receive+0x160/0x160
[  440.153836]  ? __alloc_file+0x21/0x330
[  440.157728]  security_file_alloc+0x40/0x90
[  440.161959]  __alloc_file+0xc9/0x330
[  440.165690]  alloc_empty_file+0x6d/0x170
[  440.169760]  path_openat+0xe9/0x2df0
[  440.173485]  ? __lock_acquire+0x6de/0x3ff0
[  440.177735]  ? path_lookupat+0x8d0/0x8d0
[  440.181806]  ? mark_held_locks+0xf0/0xf0
[  440.185883]  do_filp_open+0x18c/0x3f0
[  440.189687]  ? may_open_dev+0xf0/0xf0
[  440.193495]  ? __alloc_fd+0x28d/0x570
[  440.197303]  ? lock_downgrade+0x720/0x720
[  440.201442]  ? lock_acquire+0x170/0x3c0
[  440.205399]  ? __alloc_fd+0x34/0x570
[  440.209097]  ? do_raw_spin_unlock+0x171/0x230
[  440.213579]  ? _raw_spin_unlock+0x29/0x40
[  440.217704]  ? __alloc_fd+0x28d/0x570
[  440.221486]  do_sys_open+0x3b3/0x520
[  440.225178]  ? filp_open+0x70/0x70
[  440.228700]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  440.234057]  ? trace_hardirqs_off_caller+0x6e/0x210
[  440.239060]  ? do_syscall_64+0x21/0x620
[  440.243036]  do_syscall_64+0xf9/0x620
[  440.246824]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  440.251994] RIP: 0033:0x4196c4
[  440.255167] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[  440.274059] RSP: 002b:00007fd4abad3ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  440.281751] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4
[  440.289012] RDX: 0000000000000002 RSI: 00007fd4abad4000 RDI: 00000000ffffff9c
[  440.296261] RBP: 00007fd4abad4000 R08: 0000000000000000 R09: ffffffffffffffff
[  440.303510] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
07:08:49 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbd03000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:50 executing program 0 (fault-call:0 fault-nth:10):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  440.310761] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  440.318596] erofs: unmounted for /dev/loop2
[  440.380112] erofs: read_super, device -> /dev/loop4
07:08:50 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:50 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873713007000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x700008000000000, 0x0, 0x0)

[  440.407263] erofs: options -> 
[  440.413009] erofs: unmounted for /dev/loop5
07:08:50 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007400000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  440.482474] erofs: unmounted for /dev/loop4
[  440.483488] FAULT_INJECTION: forcing a failure.
[  440.483488] name failslab, interval 1, probability 0, space 0, times 0
[  440.500978] CPU: 0 PID: 28158 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  440.508965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  440.518297] Call Trace:
[  440.520868]  dump_stack+0x1fc/0x2ef
[  440.524476]  should_fail.cold+0xa/0xf
[  440.528271]  ? setup_fault_attr+0x200/0x200
[  440.532570]  ? lock_acquire+0x170/0x3c0
[  440.536528]  __should_failslab+0x115/0x180
[  440.540756]  should_failslab+0x5/0x10
[  440.544559]  kmem_cache_alloc+0x277/0x370
[  440.548688]  __kernfs_new_node+0xd2/0x680
[  440.552817]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  440.557574]  ? _raw_spin_unlock_irq+0x5a/0x80
[  440.562061]  ? __cpu_to_node+0x7b/0xa0
[  440.565927]  ? mark_held_locks+0xf0/0xf0
[  440.569966]  ? io_schedule_timeout+0x140/0x140
[  440.574557]  ? enqueue_entity+0xf86/0x3850
[  440.578766]  ? set_user_nice.part.0+0x3b9/0xab0
[  440.583433]  kernfs_create_dir_ns+0x9e/0x230
[  440.587819]  internal_create_group+0x1c1/0xb20
[  440.592378]  ? sysfs_remove_link_from_group+0x70/0x70
[  440.597542]  ? lock_downgrade+0x720/0x720
[  440.601670]  lo_ioctl+0xf7c/0x20e0
[  440.605207]  ? loop_set_status64+0x110/0x110
[  440.609628]  blkdev_ioctl+0x5cb/0x1a80
[  440.613500]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  440.618872]  ? blkpg_ioctl+0x9d0/0x9d0
[  440.622737]  ? mark_held_locks+0xf0/0xf0
[  440.626794]  ? mark_held_locks+0xf0/0xf0
[  440.630840]  ? debug_check_no_obj_freed+0x201/0x490
[  440.635848]  ? lock_downgrade+0x720/0x720
[  440.639977]  block_ioctl+0xe9/0x130
[  440.643589]  ? blkdev_fallocate+0x3f0/0x3f0
[  440.647921]  do_vfs_ioctl+0xcdb/0x12e0
[  440.651793]  ? lock_downgrade+0x720/0x720
[  440.655936]  ? check_preemption_disabled+0x41/0x280
[  440.660932]  ? ioctl_preallocate+0x200/0x200
[  440.665334]  ? __fget+0x356/0x510
[  440.668776]  ? do_dup2+0x450/0x450
[  440.672290]  ? do_sys_open+0x2bf/0x520
[  440.676154]  ksys_ioctl+0x9b/0xc0
[  440.679602]  __x64_sys_ioctl+0x6f/0xb0
[  440.683464]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  440.688026]  do_syscall_64+0xf9/0x620
[  440.691808]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  440.696977] RIP: 0033:0x466397
[  440.700192] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  440.719093] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  440.726780] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  440.734026] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  440.741290] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  440.748557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  440.755824] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  440.766718] ieee802154 phy1 wpan1: encryption failed: -22
[  440.784365] erofs: read_super, device -> /dev/loop2
[  440.797180] erofs: options -> 
[  440.827876] erofs: read_super, device -> /dev/loop0
[  440.833430] erofs: options -> 
[  440.837701] erofs: root inode @ nid 36
[  440.841806] erofs: mounted on /dev/loop0 with opts: .
07:08:50 executing program 0 (fault-call:0 fault-nth:11):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  440.870687] erofs: read_super, device -> /dev/loop5
[  440.884311] erofs: options -> 
[  440.889340] erofs: read_super, device -> /dev/loop4
[  440.894532] erofs: unmounted for /dev/loop0
[  440.895144] erofs: options -> 
[  440.903470] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
07:08:50 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbe03000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  440.919264] erofs: root inode @ nid 36
[  440.924467] erofs: mounted on /dev/loop5 with opts: .
[  440.933380] erofs: unmounted for /dev/loop2
07:08:50 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:50 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007500000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:50 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873715807000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x800008000000000, 0x0, 0x0)

[  441.011437] erofs: unmounted for /dev/loop5
[  441.016836] erofs: unmounted for /dev/loop4
[  441.165750] FAULT_INJECTION: forcing a failure.
[  441.165750] name failslab, interval 1, probability 0, space 0, times 0
[  441.177534] CPU: 1 PID: 28194 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  441.185414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  441.194752] Call Trace:
[  441.197349]  dump_stack+0x1fc/0x2ef
[  441.201000]  should_fail.cold+0xa/0xf
[  441.204796]  ? setup_fault_attr+0x200/0x200
[  441.209104]  ? lock_acquire+0x170/0x3c0
[  441.213108]  __should_failslab+0x115/0x180
[  441.217331]  should_failslab+0x5/0x10
[  441.221121]  kmem_cache_alloc+0x277/0x370
[  441.225263]  __kernfs_new_node+0xd2/0x680
[  441.229401]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  441.234138]  ? __cpu_to_node+0x7b/0xa0
[  441.238014]  ? account_entity_enqueue+0x2e5/0x440
[  441.242865]  ? mark_held_locks+0xf0/0xf0
[  441.246907]  ? enqueue_entity+0xf86/0x3850
[  441.251132]  ? set_user_nice.part.0+0x3b9/0xab0
[  441.255821]  kernfs_create_dir_ns+0x9e/0x230
[  441.260231]  internal_create_group+0x1c1/0xb20
[  441.264796]  ? sysfs_remove_link_from_group+0x70/0x70
[  441.269965]  ? lock_downgrade+0x720/0x720
[  441.274106]  lo_ioctl+0xf7c/0x20e0
[  441.277653]  ? loop_set_status64+0x110/0x110
[  441.282051]  blkdev_ioctl+0x5cb/0x1a80
[  441.285917]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  441.291258]  ? blkpg_ioctl+0x9d0/0x9d0
[  441.295137]  ? mark_held_locks+0xf0/0xf0
[  441.299193]  ? mark_held_locks+0xf0/0xf0
[  441.303238]  ? debug_check_no_obj_freed+0x201/0x490
[  441.308271]  ? lock_downgrade+0x720/0x720
[  441.312415]  block_ioctl+0xe9/0x130
[  441.316028]  ? blkdev_fallocate+0x3f0/0x3f0
[  441.320351]  do_vfs_ioctl+0xcdb/0x12e0
[  441.324220]  ? lock_downgrade+0x720/0x720
[  441.328358]  ? check_preemption_disabled+0x41/0x280
[  441.333356]  ? ioctl_preallocate+0x200/0x200
[  441.337757]  ? __fget+0x356/0x510
[  441.341206]  ? do_dup2+0x450/0x450
[  441.344728]  ? do_sys_open+0x2bf/0x520
[  441.348594]  ksys_ioctl+0x9b/0xc0
[  441.352051]  __x64_sys_ioctl+0x6f/0xb0
[  441.355926]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  441.360499]  do_syscall_64+0xf9/0x620
[  441.364281]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  441.369448] RIP: 0033:0x466397
[  441.372615] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  441.391492] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  441.399193] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  441.406442] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  441.413730] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  441.421072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  441.428345] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  441.487360] erofs: read_super, device -> /dev/loop0
[  441.492619] erofs: options -> 
[  441.497633] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  441.514211] erofs: root inode @ nid 36
[  441.546361] erofs: mounted on /dev/loop0 with opts: .
[  441.567790] erofs: read_super, device -> /dev/loop4
07:08:51 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873716307000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x900000000000000, 0x0, 0x0)

[  441.589820] erofs: options -> 
07:08:51 executing program 0 (fault-call:0 fault-nth:12):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  441.641597] erofs: read_super, device -> /dev/loop2
[  441.649762] erofs: options -> 
[  441.654040] erofs: unmounted for /dev/loop0
[  441.659745] erofs: read_super, device -> /dev/loop5
[  441.670248] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
07:08:51 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007600000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  441.690958] erofs: options -> 
[  441.709886] erofs: root inode @ nid 36
[  441.713928] erofs: unmounted for /dev/loop4
[  441.716138] erofs: mounted on /dev/loop5 with opts: .
[  441.738200] FAULT_INJECTION: forcing a failure.
[  441.738200] name failslab, interval 1, probability 0, space 0, times 0
[  441.750620] CPU: 0 PID: 28248 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  441.758505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  441.767842] Call Trace:
[  441.770419]  dump_stack+0x1fc/0x2ef
[  441.774030]  should_fail.cold+0xa/0xf
[  441.777817]  ? setup_fault_attr+0x200/0x200
[  441.782119]  ? lock_acquire+0x170/0x3c0
[  441.786094]  __should_failslab+0x115/0x180
[  441.790323]  should_failslab+0x5/0x10
[  441.794109]  kmem_cache_alloc+0x277/0x370
[  441.798243]  __kernfs_new_node+0xd2/0x680
[  441.802388]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  441.807141]  ? kernfs_activate+0x2c/0x1d0
[  441.811275]  ? lock_downgrade+0x720/0x720
[  441.815418]  ? kernfs_add_one+0x51/0x4c0
[  441.819474]  ? mutex_trylock+0x1a0/0x1a0
[  441.823517]  ? __mutex_unlock_slowpath+0xea/0x610
[  441.828342]  kernfs_new_node+0x92/0x120
[  441.832297]  __kernfs_create_file+0x51/0x340
[  441.836687]  sysfs_add_file_mode_ns+0x226/0x540
[  441.841357]  internal_create_group+0x355/0xb20
[  441.845923]  ? sysfs_remove_link_from_group+0x70/0x70
[  441.851093]  ? lock_downgrade+0x720/0x720
[  441.855230]  lo_ioctl+0xf7c/0x20e0
[  441.858755]  ? loop_set_status64+0x110/0x110
[  441.863143]  blkdev_ioctl+0x5cb/0x1a80
[  441.867013]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  441.872365]  ? blkpg_ioctl+0x9d0/0x9d0
[  441.876233]  ? mark_held_locks+0xf0/0xf0
[  441.880289]  ? mark_held_locks+0xf0/0xf0
[  441.884352]  ? debug_check_no_obj_freed+0x201/0x490
[  441.889359]  ? lock_downgrade+0x720/0x720
[  441.893493]  block_ioctl+0xe9/0x130
[  441.897119]  ? blkdev_fallocate+0x3f0/0x3f0
[  441.901422]  do_vfs_ioctl+0xcdb/0x12e0
[  441.905291]  ? lock_downgrade+0x720/0x720
[  441.909419]  ? check_preemption_disabled+0x41/0x280
[  441.914417]  ? ioctl_preallocate+0x200/0x200
[  441.918810]  ? __fget+0x356/0x510
[  441.922243]  ? do_dup2+0x450/0x450
[  441.925764]  ? do_sys_open+0x2bf/0x520
[  441.929635]  ksys_ioctl+0x9b/0xc0
[  441.933079]  __x64_sys_ioctl+0x6f/0xb0
[  441.936945]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  441.941503]  do_syscall_64+0xf9/0x620
[  441.945292]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  441.950472] RIP: 0033:0x466397
[  441.953658] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  441.972538] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  441.980248] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  441.987503] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  441.994750] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  442.002004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  442.009261] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xa00000000000000, 0x0, 0x0)

07:08:51 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:51 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xbf03000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  442.055639] erofs: read_super, device -> /dev/loop0
[  442.066428] erofs: options -> 
[  442.073306] erofs: root inode @ nid 36
[  442.080847] erofs: mounted on /dev/loop0 with opts: .
[  442.100873] erofs: unmounted for /dev/loop5
07:08:51 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873716407000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:51 executing program 0 (fault-call:0 fault-nth:13):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xb00000000000000, 0x0, 0x0)

[  442.111534] erofs: unmounted for /dev/loop2
[  442.124075] erofs: read_super, device -> /dev/loop4
[  442.140988] erofs: options -> 
[  442.149055] erofs: unmounted for /dev/loop0
07:08:52 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007700000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  442.272797] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  442.288743] erofs: unmounted for /dev/loop4
07:08:52 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xd00000000000000, 0x0, 0x0)

[  442.328629] FAULT_INJECTION: forcing a failure.
[  442.328629] name failslab, interval 1, probability 0, space 0, times 0
[  442.344384] CPU: 0 PID: 28291 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  442.352273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  442.361606] Call Trace:
[  442.364191]  dump_stack+0x1fc/0x2ef
[  442.367801]  should_fail.cold+0xa/0xf
[  442.371585]  ? setup_fault_attr+0x200/0x200
[  442.375888]  ? lock_acquire+0x170/0x3c0
[  442.379865]  __should_failslab+0x115/0x180
[  442.384091]  should_failslab+0x5/0x10
[  442.387880]  kmem_cache_alloc+0x277/0x370
[  442.392024]  __kernfs_new_node+0xd2/0x680
[  442.396153]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  442.400899]  ? __mutex_unlock_slowpath+0xea/0x610
[  442.405723]  ? wait_for_completion_io+0x10/0x10
[  442.410377]  ? kernfs_next_descendant_post+0x19c/0x290
[  442.415652]  kernfs_new_node+0x92/0x120
[  442.419616]  __kernfs_create_file+0x51/0x340
[  442.424008]  sysfs_add_file_mode_ns+0x226/0x540
[  442.428657]  internal_create_group+0x355/0xb20
[  442.433238]  ? sysfs_remove_link_from_group+0x70/0x70
[  442.438423]  ? lock_downgrade+0x720/0x720
[  442.442553]  lo_ioctl+0xf7c/0x20e0
[  442.446087]  ? loop_set_status64+0x110/0x110
[  442.450511]  blkdev_ioctl+0x5cb/0x1a80
[  442.454389]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  442.459727]  ? blkpg_ioctl+0x9d0/0x9d0
[  442.463592]  ? mark_held_locks+0xf0/0xf0
[  442.467630]  ? mark_held_locks+0xf0/0xf0
[  442.471674]  ? debug_check_no_obj_freed+0x201/0x490
[  442.476672]  ? lock_downgrade+0x720/0x720
[  442.480859]  block_ioctl+0xe9/0x130
[  442.484464]  ? blkdev_fallocate+0x3f0/0x3f0
[  442.488807]  do_vfs_ioctl+0xcdb/0x12e0
[  442.492673]  ? lock_downgrade+0x720/0x720
[  442.496850]  ? check_preemption_disabled+0x41/0x280
[  442.501855]  ? ioctl_preallocate+0x200/0x200
[  442.506245]  ? __fget+0x356/0x510
[  442.509679]  ? do_dup2+0x450/0x450
[  442.513199]  ? do_sys_open+0x2bf/0x520
[  442.517076]  ksys_ioctl+0x9b/0xc0
[  442.520517]  __x64_sys_ioctl+0x6f/0xb0
[  442.524385]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  442.529000]  do_syscall_64+0xf9/0x620
[  442.532820]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  442.538021] RIP: 0033:0x466397
[  442.541272] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  442.560193] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  442.567918] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  442.575168] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  442.582416] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  442.589670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  442.596946] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:52 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007800000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  442.669366] erofs: read_super, device -> /dev/loop4
[  442.671638] erofs: read_super, device -> /dev/loop0
[  442.674509] erofs: options -> 
[  442.683864] erofs: read_super, device -> /dev/loop5
[  442.692095] erofs: options -> 
[  442.701210] erofs: read_super, device -> /dev/loop2
[  442.707562] erofs: options -> 
[  442.713034] erofs: root inode @ nid 36
07:08:52 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873716907000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  442.721497] erofs: options -> 
[  442.725446] erofs: unmounted for /dev/loop4
[  442.728288] erofs: root inode @ nid 36
[  442.737805] erofs: mounted on /dev/loop5 with opts: .
[  442.740433] erofs: mounted on /dev/loop0 with opts: .
07:08:52 executing program 0 (fault-call:0 fault-nth:14):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:52 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:52 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc003000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  442.810526] erofs: unmounted for /dev/loop0
[  442.830166] erofs: unmounted for /dev/loop5
07:08:52 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x1900008000000000, 0x0, 0x0)

[  442.853275] erofs: unmounted for /dev/loop2
07:08:52 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007900000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  442.885004] erofs: read_super, device -> /dev/loop4
[  442.890112] erofs: options -> 
[  442.910232] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
07:08:52 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873716c07000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  442.945124] erofs: unmounted for /dev/loop4
[  442.990304] FAULT_INJECTION: forcing a failure.
[  442.990304] name failslab, interval 1, probability 0, space 0, times 0
[  443.002040] CPU: 0 PID: 28342 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  443.009919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  443.019254] Call Trace:
[  443.021830]  dump_stack+0x1fc/0x2ef
[  443.025449]  should_fail.cold+0xa/0xf
[  443.029233]  ? setup_fault_attr+0x200/0x200
[  443.033536]  ? lock_acquire+0x170/0x3c0
[  443.037501]  __should_failslab+0x115/0x180
[  443.041729]  should_failslab+0x5/0x10
[  443.045559]  kmem_cache_alloc+0x277/0x370
[  443.049703]  __kernfs_new_node+0xd2/0x680
[  443.053857]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  443.058606]  ? __mutex_unlock_slowpath+0xea/0x610
[  443.063426]  ? wait_for_completion_io+0x10/0x10
[  443.068083]  ? kernfs_next_descendant_post+0x19c/0x290
[  443.073340]  kernfs_new_node+0x92/0x120
[  443.077308]  __kernfs_create_file+0x51/0x340
[  443.081723]  sysfs_add_file_mode_ns+0x226/0x540
[  443.086390]  internal_create_group+0x355/0xb20
[  443.090962]  ? sysfs_remove_link_from_group+0x70/0x70
[  443.096138]  ? lock_downgrade+0x720/0x720
[  443.100275]  lo_ioctl+0xf7c/0x20e0
[  443.103805]  ? loop_set_status64+0x110/0x110
[  443.108195]  blkdev_ioctl+0x5cb/0x1a80
[  443.112065]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  443.117407]  ? blkpg_ioctl+0x9d0/0x9d0
[  443.121292]  ? mark_held_locks+0xf0/0xf0
[  443.125335]  ? mark_held_locks+0xf0/0xf0
[  443.129383]  ? debug_check_no_obj_freed+0x201/0x490
[  443.134384]  ? lock_downgrade+0x720/0x720
[  443.138514]  block_ioctl+0xe9/0x130
[  443.142121]  ? blkdev_fallocate+0x3f0/0x3f0
[  443.146421]  do_vfs_ioctl+0xcdb/0x12e0
[  443.150293]  ? lock_downgrade+0x720/0x720
[  443.154431]  ? check_preemption_disabled+0x41/0x280
[  443.159425]  ? ioctl_preallocate+0x200/0x200
[  443.163815]  ? __fget+0x356/0x510
[  443.167249]  ? do_dup2+0x450/0x450
[  443.170798]  ? do_sys_open+0x2bf/0x520
[  443.174674]  ksys_ioctl+0x9b/0xc0
[  443.178123]  __x64_sys_ioctl+0x6f/0xb0
[  443.182000]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  443.186562]  do_syscall_64+0xf9/0x620
[  443.190348]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  443.195520] RIP: 0033:0x466397
[  443.198715] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  443.217605] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  443.225294] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  443.232544] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
07:08:53 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x1a00008000000000, 0x0, 0x0)

[  443.239805] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  443.247055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  443.254304] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  443.317040] erofs: read_super, device -> /dev/loop0
[  443.322586] erofs: read_super, device -> /dev/loop2
[  443.328291] erofs: read_super, device -> /dev/loop5
[  443.332289] erofs: options -> 
[  443.333360] erofs: options -> 
[  443.333590] erofs: root inode @ nid 36
[  443.357997] erofs: options -> 
07:08:53 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc103000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:53 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  443.377379] erofs: mounted on /dev/loop5 with opts: .
[  443.383434] erofs: unmounted for /dev/loop2
[  443.384022] erofs: root inode @ nid 36
[  443.393576] erofs: mounted on /dev/loop0 with opts: .
[  443.432483] erofs: unmounted for /dev/loop5
07:08:53 executing program 0 (fault-call:0 fault-nth:15):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:53 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x1d00008000000000, 0x0, 0x0)

07:08:53 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873716f07000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  443.466529] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  443.475318] erofs: read_super, device -> /dev/loop4
[  443.482717] erofs: read_super, device -> /dev/loop2
[  443.488097] erofs: options -> 
[  443.494715] erofs: unmounted for /dev/loop0
[  443.506576] erofs: options -> 
07:08:53 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc203000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:53 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007a00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  443.588232] erofs: read_super, device -> /dev/loop5
[  443.593279] erofs: options -> 
[  443.608814] erofs: unmounted for /dev/loop2
[  443.617282] erofs: unmounted for /dev/loop4
[  443.620258] erofs: root inode @ nid 36
[  443.646469] erofs: mounted on /dev/loop5 with opts: .
[  443.694922] FAULT_INJECTION: forcing a failure.
[  443.694922] name failslab, interval 1, probability 0, space 0, times 0
[  443.706357] CPU: 1 PID: 28407 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  443.714235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  443.723574] Call Trace:
[  443.726189]  dump_stack+0x1fc/0x2ef
[  443.729806]  should_fail.cold+0xa/0xf
[  443.733592]  ? setup_fault_attr+0x200/0x200
[  443.737894]  ? lock_acquire+0x170/0x3c0
[  443.741891]  __should_failslab+0x115/0x180
[  443.746119]  should_failslab+0x5/0x10
[  443.749919]  kmem_cache_alloc+0x277/0x370
[  443.754055]  __kernfs_new_node+0xd2/0x680
[  443.758201]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  443.762948]  ? __mutex_unlock_slowpath+0xea/0x610
[  443.767771]  ? wait_for_completion_io+0x10/0x10
[  443.772434]  ? kernfs_next_descendant_post+0x19c/0x290
[  443.777798]  kernfs_new_node+0x92/0x120
[  443.781758]  __kernfs_create_file+0x51/0x340
[  443.786150]  sysfs_add_file_mode_ns+0x226/0x540
[  443.790805]  internal_create_group+0x355/0xb20
[  443.795373]  ? sysfs_remove_link_from_group+0x70/0x70
[  443.800542]  ? lock_downgrade+0x720/0x720
[  443.804678]  lo_ioctl+0xf7c/0x20e0
[  443.808201]  ? loop_set_status64+0x110/0x110
[  443.812595]  blkdev_ioctl+0x5cb/0x1a80
[  443.816465]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  443.821811]  ? blkpg_ioctl+0x9d0/0x9d0
[  443.825894]  ? mark_held_locks+0xf0/0xf0
[  443.830044]  ? mark_held_locks+0xf0/0xf0
[  443.834110]  ? debug_check_no_obj_freed+0x201/0x490
[  443.839212]  ? lock_downgrade+0x720/0x720
[  443.843345]  block_ioctl+0xe9/0x130
[  443.846953]  ? blkdev_fallocate+0x3f0/0x3f0
[  443.851264]  do_vfs_ioctl+0xcdb/0x12e0
[  443.855322]  ? lock_downgrade+0x720/0x720
[  443.859540]  ? check_preemption_disabled+0x41/0x280
[  443.864548]  ? ioctl_preallocate+0x200/0x200
[  443.868953]  ? __fget+0x356/0x510
[  443.872393]  ? do_dup2+0x450/0x450
[  443.876878]  ? do_sys_open+0x2bf/0x520
[  443.880754]  ksys_ioctl+0x9b/0xc0
[  443.884193]  __x64_sys_ioctl+0x6f/0xb0
[  443.888071]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  443.892658]  do_syscall_64+0xf9/0x620
[  443.896448]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  443.901619] RIP: 0033:0x466397
[  443.904800] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  443.923774] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  443.931471] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  443.938721] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
07:08:53 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x2000000000000000, 0x0, 0x0)

[  443.945984] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  443.953234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  443.960484] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  443.977672] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  444.004916] erofs: read_super, device -> /dev/loop0
[  444.009943] erofs: options -> 
[  444.011033] erofs: read_super, device -> /dev/loop2
[  444.020797] erofs: root inode @ nid 36
[  444.031699] erofs: options -> 
[  444.038434] erofs: mounted on /dev/loop0 with opts: .
07:08:53 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:53 executing program 0 (fault-call:0 fault-nth:16):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:53 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc303000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:53 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717007000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  444.077015] erofs: read_super, device -> /dev/loop4
[  444.082290] erofs: unmounted for /dev/loop5
[  444.094670] erofs: options -> 
[  444.106617] erofs: unmounted for /dev/loop0
[  444.111208] erofs: unmounted for /dev/loop2
07:08:53 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x5000000000000000, 0x0, 0x0)

[  444.190119] FAULT_INJECTION: forcing a failure.
[  444.190119] name failslab, interval 1, probability 0, space 0, times 0
[  444.204148] CPU: 0 PID: 28451 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  444.212043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  444.221376] Call Trace:
[  444.223955]  dump_stack+0x1fc/0x2ef
[  444.227574]  should_fail.cold+0xa/0xf
[  444.231361]  ? setup_fault_attr+0x200/0x200
[  444.235659]  ? lock_acquire+0x170/0x3c0
07:08:54 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007b00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  444.239616]  __should_failslab+0x115/0x180
[  444.243829]  should_failslab+0x5/0x10
[  444.247612]  kmem_cache_alloc+0x277/0x370
[  444.251744]  __kernfs_new_node+0xd2/0x680
[  444.255879]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  444.260626]  ? __mutex_unlock_slowpath+0xea/0x610
[  444.265461]  ? wait_for_completion_io+0x10/0x10
[  444.270132]  ? kernfs_next_descendant_post+0x19c/0x290
[  444.275872]  kernfs_new_node+0x92/0x120
[  444.279856]  __kernfs_create_file+0x51/0x340
[  444.284273]  sysfs_add_file_mode_ns+0x226/0x540
[  444.289127]  internal_create_group+0x355/0xb20
[  444.293708]  ? sysfs_remove_link_from_group+0x70/0x70
[  444.298880]  ? lock_downgrade+0x720/0x720
[  444.303019]  lo_ioctl+0xf7c/0x20e0
[  444.306541]  ? loop_set_status64+0x110/0x110
[  444.310929]  blkdev_ioctl+0x5cb/0x1a80
[  444.314797]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  444.320165]  ? blkpg_ioctl+0x9d0/0x9d0
[  444.324060]  ? mark_held_locks+0xf0/0xf0
[  444.328111]  ? mark_held_locks+0xf0/0xf0
[  444.332157]  ? debug_check_no_obj_freed+0x201/0x490
[  444.337197]  ? lock_downgrade+0x720/0x720
[  444.341338]  block_ioctl+0xe9/0x130
[  444.344945]  ? blkdev_fallocate+0x3f0/0x3f0
[  444.349244]  do_vfs_ioctl+0xcdb/0x12e0
[  444.353112]  ? lock_downgrade+0x720/0x720
[  444.357239]  ? check_preemption_disabled+0x41/0x280
[  444.362230]  ? ioctl_preallocate+0x200/0x200
[  444.366684]  ? __fget+0x356/0x510
[  444.370182]  ? do_dup2+0x450/0x450
[  444.373744]  ? do_sys_open+0x2bf/0x520
[  444.377614]  ksys_ioctl+0x9b/0xc0
[  444.381048]  __x64_sys_ioctl+0x6f/0xb0
[  444.384916]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  444.389485]  do_syscall_64+0xf9/0x620
[  444.393291]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  444.398454] RIP: 0033:0x466397
[  444.401649] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  444.420541] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  444.428239] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  444.435541] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  444.442786] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  444.450032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  444.457277] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  444.476459] erofs: unmounted for /dev/loop4
[  444.505078] erofs: read_super, device -> /dev/loop0
[  444.510108] erofs: options -> 
[  444.520395] erofs: root inode @ nid 36
[  444.532138] erofs: mounted on /dev/loop0 with opts: .
[  444.547251] erofs: read_super, device -> /dev/loop5
[  444.547277] erofs: read_super, device -> /dev/loop2
[  444.552536] erofs: options -> 
[  444.565020] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  444.578225] erofs: options -> 
[  444.581818] erofs: root inode @ nid 36
[  444.586913] erofs: mounted on /dev/loop5 with opts: .
07:08:54 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x8000000000000000, 0x0, 0x0)

07:08:54 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717207000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:54 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x13, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  444.662370] erofs: read_super, device -> /dev/loop4
07:08:54 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc826000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:54 executing program 0 (fault-call:0 fault-nth:17):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:54 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xf6ffffff00000000, 0x0, 0x0)

[  444.682589] erofs: unmounted for /dev/loop5
[  444.687201] erofs: options -> 
[  444.691775] erofs: unmounted for /dev/loop2
[  444.700610] erofs: unmounted for /dev/loop0
07:08:54 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007c00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  444.789900] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  444.849771] erofs: unmounted for /dev/loop4
07:08:54 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717507000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  444.892906] FAULT_INJECTION: forcing a failure.
[  444.892906] name failslab, interval 1, probability 0, space 0, times 0
[  444.914541] CPU: 1 PID: 28510 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  444.922428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  444.931769] Call Trace:
[  444.934349]  dump_stack+0x1fc/0x2ef
[  444.937962]  should_fail.cold+0xa/0xf
[  444.941748]  ? setup_fault_attr+0x200/0x200
[  444.946051]  ? lock_acquire+0x170/0x3c0
[  444.950008]  __should_failslab+0x115/0x180
[  444.954225]  should_failslab+0x5/0x10
[  444.958009]  kmem_cache_alloc+0x277/0x370
[  444.962139]  __kernfs_new_node+0xd2/0x680
[  444.966267]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  444.971005]  ? __mutex_unlock_slowpath+0xea/0x610
[  444.975830]  ? wait_for_completion_io+0x10/0x10
[  444.980483]  ? kernfs_next_descendant_post+0x19c/0x290
[  444.985748]  kernfs_new_node+0x92/0x120
[  444.989705]  __kernfs_create_file+0x51/0x340
[  444.994097]  sysfs_add_file_mode_ns+0x226/0x540
[  444.998753]  internal_create_group+0x355/0xb20
[  445.003319]  ? sysfs_remove_link_from_group+0x70/0x70
[  445.008489]  ? lock_downgrade+0x720/0x720
[  445.012627]  lo_ioctl+0xf7c/0x20e0
[  445.016153]  ? loop_set_status64+0x110/0x110
[  445.020544]  blkdev_ioctl+0x5cb/0x1a80
[  445.024413]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  445.029757]  ? blkpg_ioctl+0x9d0/0x9d0
[  445.033633]  ? mark_held_locks+0xf0/0xf0
[  445.037672]  ? mark_held_locks+0xf0/0xf0
[  445.041711]  ? debug_check_no_obj_freed+0x201/0x490
[  445.046706]  ? lock_downgrade+0x720/0x720
[  445.050858]  block_ioctl+0xe9/0x130
[  445.054464]  ? blkdev_fallocate+0x3f0/0x3f0
[  445.058777]  do_vfs_ioctl+0xcdb/0x12e0
[  445.062643]  ? lock_downgrade+0x720/0x720
[  445.066780]  ? check_preemption_disabled+0x41/0x280
[  445.071774]  ? ioctl_preallocate+0x200/0x200
[  445.076163]  ? __fget+0x356/0x510
[  445.079596]  ? do_dup2+0x450/0x450
[  445.083122]  ? do_sys_open+0x2bf/0x520
[  445.086991]  ksys_ioctl+0x9b/0xc0
[  445.090427]  __x64_sys_ioctl+0x6f/0xb0
[  445.094304]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  445.098862]  do_syscall_64+0xf9/0x620
[  445.102640]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  445.107803] RIP: 0033:0x466397
[  445.110978] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  445.129859] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  445.137545] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  445.144876] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  445.152126] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  445.159459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  445.166792] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:54 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xfcfdffff00000000, 0x0, 0x0)

[  445.195009] erofs: read_super, device -> /dev/loop5
[  445.200041] erofs: options -> 
[  445.208378] erofs: read_super, device -> /dev/loop0
[  445.213402] erofs: options -> 
[  445.218149] erofs: read_super, device -> /dev/loop2
[  445.223169] erofs: options -> 
[  445.230401] erofs: root inode @ nid 36
[  445.234448] erofs: mounted on /dev/loop0 with opts: .
[  445.240453] erofs: root inode @ nid 36
[  445.245247] erofs: mounted on /dev/loop5 with opts: .
07:08:55 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd800000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:55 executing program 0 (fault-call:0 fault-nth:18):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xfdfdffff00000000, 0x0, 0x0)

[  445.288300] erofs: unmounted for /dev/loop2
[  445.297922] erofs: read_super, device -> /dev/loop4
[  445.302944] erofs: options -> 
[  445.318794] erofs: unmounted for /dev/loop0
07:08:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xffffffff00000000, 0x0, 0x0)

07:08:55 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x23, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  445.414212] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
[  445.428328] erofs: unmounted for /dev/loop5
07:08:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x2)

07:08:55 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007d00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  445.499874] FAULT_INJECTION: forcing a failure.
[  445.499874] name failslab, interval 1, probability 0, space 0, times 0
[  445.526828] CPU: 1 PID: 28567 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  445.534736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  445.544080] Call Trace:
[  445.546656]  dump_stack+0x1fc/0x2ef
[  445.550268]  should_fail.cold+0xa/0xf
[  445.554051]  ? setup_fault_attr+0x200/0x200
[  445.558350]  ? lock_acquire+0x170/0x3c0
[  445.562303]  ? dev_uevent_filter+0xd0/0xd0
[  445.566519]  __should_failslab+0x115/0x180
[  445.570744]  should_failslab+0x5/0x10
[  445.574542]  kmem_cache_alloc_trace+0x284/0x380
[  445.579207]  ? dev_uevent_filter+0xd0/0xd0
[  445.583466]  kobject_uevent_env+0x236/0x1480
[  445.587869]  lo_ioctl+0xff9/0x20e0
[  445.591416]  ? loop_set_status64+0x110/0x110
[  445.595805]  blkdev_ioctl+0x5cb/0x1a80
[  445.599688]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  445.605036]  ? blkpg_ioctl+0x9d0/0x9d0
[  445.608907]  ? mark_held_locks+0xf0/0xf0
[  445.612946]  ? mark_held_locks+0xf0/0xf0
[  445.616993]  ? debug_check_no_obj_freed+0x201/0x490
[  445.621989]  ? lock_downgrade+0x720/0x720
[  445.626118]  block_ioctl+0xe9/0x130
[  445.629724]  ? blkdev_fallocate+0x3f0/0x3f0
[  445.634023]  do_vfs_ioctl+0xcdb/0x12e0
[  445.637892]  ? lock_downgrade+0x720/0x720
[  445.642022]  ? check_preemption_disabled+0x41/0x280
[  445.647017]  ? ioctl_preallocate+0x200/0x200
[  445.651419]  ? __fget+0x356/0x510
[  445.654871]  ? do_dup2+0x450/0x450
[  445.658407]  ? do_sys_open+0x2bf/0x520
[  445.662282]  ksys_ioctl+0x9b/0xc0
[  445.665715]  __x64_sys_ioctl+0x6f/0xb0
[  445.669582]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  445.674144]  do_syscall_64+0xf9/0x620
[  445.677931]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  445.683099] RIP: 0033:0x466397
[  445.686272] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  445.705179] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  445.712865] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  445.720114] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  445.727356] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  445.734598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  445.741845] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:55 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717807000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  445.753317] erofs: unmounted for /dev/loop4
[  445.781189] erofs: read_super, device -> /dev/loop0
[  445.786894] erofs: read_super, device -> /dev/loop2
[  445.797220] erofs: options -> 
[  445.805347] erofs: options -> 
[  445.813179] erofs: root inode @ nid 36
07:08:55 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xd900000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  445.834444] erofs: mounted on /dev/loop0 with opts: .
[  445.849111] erofs: read_super, device -> /dev/loop5
[  445.861146] erofs: options -> 
[  445.870801] erofs: root inode @ nid 36
[  445.875506] erofs: mounted on /dev/loop5 with opts: .
07:08:55 executing program 0 (fault-call:0 fault-nth:19):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  445.890887] erofs: unmounted for /dev/loop2
07:08:55 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x60, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x4)

[  445.912204] erofs: unmounted for /dev/loop0
[  445.920841] erofs: unmounted for /dev/loop5
[  445.935357] squashfs: SQUASHFS error: Can't find a SQUASHFS superblock on loop1
07:08:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x5)

07:08:55 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717308000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  446.008244] erofs: read_super, device -> /dev/loop4
[  446.013392] erofs: options -> 
[  446.045259] erofs: read_super, device -> /dev/loop2
[  446.050296] erofs: options -> 
07:08:55 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007e00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:55 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf0ffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  446.101925] erofs: unmounted for /dev/loop4
[  446.121191] erofs: unmounted for /dev/loop2
[  446.138371] FAULT_INJECTION: forcing a failure.
[  446.138371] name failslab, interval 1, probability 0, space 0, times 0
[  446.151000] CPU: 1 PID: 28631 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  446.158905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  446.168255] Call Trace:
[  446.170832]  dump_stack+0x1fc/0x2ef
[  446.174465]  should_fail.cold+0xa/0xf
[  446.178257]  ? setup_fault_attr+0x200/0x200
[  446.182559]  ? lock_acquire+0x170/0x3c0
[  446.186623]  __should_failslab+0x115/0x180
[  446.190844]  should_failslab+0x5/0x10
[  446.194640]  __kmalloc+0x2ab/0x3c0
[  446.198163]  ? kobject_get_path+0xbf/0x240
[  446.202388]  kobject_get_path+0xbf/0x240
[  446.206430]  kobject_uevent_env+0x25c/0x1480
[  446.210828]  lo_ioctl+0xff9/0x20e0
[  446.214350]  ? loop_set_status64+0x110/0x110
[  446.218744]  blkdev_ioctl+0x5cb/0x1a80
[  446.222609]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  446.227962]  ? blkpg_ioctl+0x9d0/0x9d0
[  446.231829]  ? mark_held_locks+0xf0/0xf0
[  446.235871]  ? mark_held_locks+0xf0/0xf0
[  446.239913]  ? debug_check_no_obj_freed+0x201/0x490
[  446.244909]  ? lock_downgrade+0x720/0x720
[  446.249048]  block_ioctl+0xe9/0x130
[  446.252657]  ? blkdev_fallocate+0x3f0/0x3f0
[  446.256960]  do_vfs_ioctl+0xcdb/0x12e0
[  446.260833]  ? lock_downgrade+0x720/0x720
[  446.264961]  ? check_preemption_disabled+0x41/0x280
[  446.269965]  ? ioctl_preallocate+0x200/0x200
[  446.274357]  ? __fget+0x356/0x510
[  446.277793]  ? do_dup2+0x450/0x450
[  446.281315]  ? do_sys_open+0x2bf/0x520
[  446.285187]  ksys_ioctl+0x9b/0xc0
[  446.288620]  __x64_sys_ioctl+0x6f/0xb0
[  446.292486]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  446.297046]  do_syscall_64+0xf9/0x620
[  446.300831]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  446.306002] RIP: 0033:0x466397
[  446.309235] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  446.328120] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  446.335819] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  446.343074] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
07:08:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x6)

[  446.350326] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  446.357580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  446.364836] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  446.430475] erofs: read_super, device -> /dev/loop0
[  446.433659] erofs: read_super, device -> /dev/loop5
[  446.436860] erofs: options -> 
[  446.451064] erofs: options -> 
[  446.452187] erofs: root inode @ nid 36
[  446.455470] SQUASHFS error: zlib decompression failed, data probably corrupt
[  446.466009] erofs: mounted on /dev/loop0 with opts: .
07:08:56 executing program 0 (fault-call:0 fault-nth:20):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  446.490951] erofs: root inode @ nid 36
[  446.498361] erofs: mounted on /dev/loop5 with opts: .
[  446.510344] SQUASHFS error: squashfs_read_data failed to read block 0x99
[  446.533350] erofs: read_super, device -> /dev/loop2
07:08:56 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  446.541870] erofs: unmounted for /dev/loop0
[  446.541899] SQUASHFS error: Unable to read metadata cache entry [99]
[  446.561006] SQUASHFS error: Unable to read inode 0x126
[  446.567619] erofs: options -> 
[  446.574101] erofs: unmounted for /dev/loop5
07:08:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x7)

[  446.662372] erofs: read_super, device -> /dev/loop4
[  446.667896] erofs: options -> 
[  446.671565] FAULT_INJECTION: forcing a failure.
[  446.671565] name failslab, interval 1, probability 0, space 0, times 0
[  446.683663] CPU: 1 PID: 28674 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  446.691552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  446.700915] Call Trace:
[  446.703502]  dump_stack+0x1fc/0x2ef
[  446.707158]  should_fail.cold+0xa/0xf
[  446.710943]  ? setup_fault_attr+0x200/0x200
[  446.715259]  ? lock_acquire+0x170/0x3c0
[  446.719234]  __should_failslab+0x115/0x180
[  446.723492]  should_failslab+0x5/0x10
[  446.727272]  kmem_cache_alloc_node+0x245/0x3b0
[  446.731837]  __alloc_skb+0x71/0x560
[  446.735463]  alloc_uevent_skb+0x7b/0x210
[  446.739567]  kobject_uevent_env+0xa90/0x1480
[  446.743963]  lo_ioctl+0xff9/0x20e0
[  446.747488]  ? loop_set_status64+0x110/0x110
[  446.751878]  blkdev_ioctl+0x5cb/0x1a80
[  446.755771]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  446.761136]  ? blkpg_ioctl+0x9d0/0x9d0
[  446.765005]  ? mark_held_locks+0xf0/0xf0
[  446.769044]  ? mark_held_locks+0xf0/0xf0
[  446.773103]  ? debug_check_no_obj_freed+0x201/0x490
[  446.778125]  ? lock_downgrade+0x720/0x720
[  446.782260]  block_ioctl+0xe9/0x130
[  446.785868]  ? blkdev_fallocate+0x3f0/0x3f0
[  446.790177]  do_vfs_ioctl+0xcdb/0x12e0
[  446.794060]  ? lock_downgrade+0x720/0x720
[  446.798197]  ? check_preemption_disabled+0x41/0x280
[  446.803205]  ? ioctl_preallocate+0x200/0x200
[  446.807668]  ? __fget+0x356/0x510
[  446.811110]  ? do_dup2+0x450/0x450
[  446.814641]  ? do_sys_open+0x2bf/0x520
[  446.818529]  ksys_ioctl+0x9b/0xc0
[  446.821965]  __x64_sys_ioctl+0x6f/0xb0
[  446.825872]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  446.830443]  do_syscall_64+0xf9/0x620
[  446.834282]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  446.839491] RIP: 0033:0x466397
[  446.842687] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  446.861574] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  446.869261] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  446.876520] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  446.883797] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  446.891059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  446.898316] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:56 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf5ffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:56 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf007f00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x9)

[  446.949253] erofs: read_super, device -> /dev/loop5
[  446.954289] erofs: options -> 
[  446.961322] erofs: read_super, device -> /dev/loop0
[  446.981941] erofs: options -> 
[  446.994489] erofs: unmounted for /dev/loop2
07:08:56 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="687371730b000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  447.005837] erofs: unmounted for /dev/loop4
[  447.016806] erofs: root inode @ nid 36
[  447.029911] erofs: root inode @ nid 36
[  447.041006] erofs: mounted on /dev/loop0 with opts: .
[  447.046151] erofs: mounted on /dev/loop5 with opts: .
07:08:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xa)

07:08:56 executing program 0 (fault-call:0 fault-nth:21):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  447.117641] erofs: unmounted for /dev/loop0
[  447.123187] erofs: read_super, device -> /dev/loop4
[  447.133213] erofs: options -> 
[  447.137328] SQUASHFS error: zlib decompression failed, data probably corrupt
[  447.144530] SQUASHFS error: squashfs_read_data failed to read block 0x99
[  447.156184] SQUASHFS error: Unable to read metadata cache entry [99]
[  447.162749] SQUASHFS error: Unable to read inode 0x126
07:08:56 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x386, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  447.170127] erofs: unmounted for /dev/loop5
07:08:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xb)

07:08:57 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008100000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:57 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717310000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  447.265126] erofs: read_super, device -> /dev/loop2
[  447.270275] erofs: options -> 
[  447.276471] FAULT_INJECTION: forcing a failure.
[  447.276471] name failslab, interval 1, probability 0, space 0, times 0
[  447.302512] erofs: unmounted for /dev/loop4
[  447.307917] CPU: 0 PID: 28731 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  447.315804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  447.325138] Call Trace:
[  447.327717]  dump_stack+0x1fc/0x2ef
[  447.331332]  should_fail.cold+0xa/0xf
[  447.335116]  ? setup_fault_attr+0x200/0x200
[  447.339415]  ? lock_acquire+0x170/0x3c0
[  447.343368]  __should_failslab+0x115/0x180
[  447.347579]  should_failslab+0x5/0x10
[  447.351357]  kmem_cache_alloc_node+0x245/0x3b0
[  447.355920]  __alloc_skb+0x71/0x560
[  447.359531]  alloc_uevent_skb+0x7b/0x210
[  447.363569]  kobject_uevent_env+0xa90/0x1480
[  447.367972]  lo_ioctl+0xff9/0x20e0
[  447.371494]  ? loop_set_status64+0x110/0x110
[  447.375883]  blkdev_ioctl+0x5cb/0x1a80
[  447.379746]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  447.385098]  ? blkpg_ioctl+0x9d0/0x9d0
[  447.388962]  ? mark_held_locks+0xf0/0xf0
[  447.392999]  ? mark_held_locks+0xf0/0xf0
[  447.397039]  ? debug_check_no_obj_freed+0x201/0x490
[  447.402030]  ? lock_downgrade+0x720/0x720
[  447.406154]  block_ioctl+0xe9/0x130
[  447.409778]  ? blkdev_fallocate+0x3f0/0x3f0
[  447.414076]  do_vfs_ioctl+0xcdb/0x12e0
[  447.417940]  ? lock_downgrade+0x720/0x720
[  447.422069]  ? check_preemption_disabled+0x41/0x280
[  447.427071]  ? ioctl_preallocate+0x200/0x200
[  447.431458]  ? __fget+0x356/0x510
[  447.434902]  ? do_dup2+0x450/0x450
[  447.438421]  ? do_sys_open+0x2bf/0x520
[  447.442299]  ksys_ioctl+0x9b/0xc0
[  447.445734]  __x64_sys_ioctl+0x6f/0xb0
[  447.449599]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  447.454177]  do_syscall_64+0xf9/0x620
[  447.457960]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  447.463130] RIP: 0033:0x466397
[  447.466304] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  447.485185] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  447.492869] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  447.500117] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  447.507367] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  447.514612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  447.521868] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
[  447.551090] erofs: read_super, device -> /dev/loop0
[  447.556752] erofs: options -> 
[  447.563494] erofs: read_super, device -> /dev/loop5
[  447.571902] erofs: options -> 
[  447.578655] erofs: root inode @ nid 36
[  447.583402] erofs: root inode @ nid 36
[  447.591688] erofs: mounted on /dev/loop0 with opts: .
07:08:57 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xf6ffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  447.645050] erofs: mounted on /dev/loop5 with opts: .
[  447.650455] erofs: unmounted for /dev/loop2
[  447.681787] SQUASHFS error: zlib decompression failed, data probably corrupt
07:08:57 executing program 0 (fault-call:0 fault-nth:22):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  447.699388] erofs: read_super, device -> /dev/loop4
07:08:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xd)

07:08:57 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x39e, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  447.725467] erofs: unmounted for /dev/loop0
[  447.741194] erofs: options -> 
[  447.746700] SQUASHFS error: squashfs_read_data failed to read block 0x99
[  447.761912] SQUASHFS error: Unable to read metadata cache entry [99]
[  447.774314] erofs: unmounted for /dev/loop5
[  447.775360] SQUASHFS error: Unable to read inode 0x126
[  447.826838] FAULT_INJECTION: forcing a failure.
[  447.826838] name failslab, interval 1, probability 0, space 0, times 0
[  447.838309] CPU: 1 PID: 28771 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  447.846280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  447.855625] Call Trace:
[  447.858207]  dump_stack+0x1fc/0x2ef
[  447.861838]  should_fail.cold+0xa/0xf
[  447.865632]  ? setup_fault_attr+0x200/0x200
[  447.869940]  ? lock_acquire+0x170/0x3c0
[  447.873899]  __should_failslab+0x115/0x180
[  447.878126]  should_failslab+0x5/0x10
[  447.881939]  kmem_cache_alloc+0x277/0x370
[  447.886078]  skb_clone+0x151/0x3d0
[  447.889644]  netlink_broadcast_filtered+0x8e5/0xbc0
[  447.894671]  netlink_broadcast+0x35/0x40
[  447.898721]  kobject_uevent_env+0xa56/0x1480
[  447.903159]  lo_ioctl+0xff9/0x20e0
[  447.906680]  ? loop_set_status64+0x110/0x110
[  447.911073]  blkdev_ioctl+0x5cb/0x1a80
[  447.914951]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  447.920323]  ? blkpg_ioctl+0x9d0/0x9d0
[  447.924205]  ? mark_held_locks+0xf0/0xf0
[  447.928249]  ? mark_held_locks+0xf0/0xf0
[  447.932290]  ? debug_check_no_obj_freed+0x201/0x490
[  447.937295]  ? lock_downgrade+0x720/0x720
[  447.941431]  block_ioctl+0xe9/0x130
[  447.945081]  ? blkdev_fallocate+0x3f0/0x3f0
[  447.949426]  do_vfs_ioctl+0xcdb/0x12e0
[  447.953292]  ? lock_downgrade+0x720/0x720
[  447.957444]  ? check_preemption_disabled+0x41/0x280
[  447.962445]  ? ioctl_preallocate+0x200/0x200
[  447.966832]  ? __fget+0x356/0x510
[  447.970304]  ? do_dup2+0x450/0x450
[  447.973849]  ? do_sys_open+0x2bf/0x520
[  447.977737]  ksys_ioctl+0x9b/0xc0
[  447.981191]  __x64_sys_ioctl+0x6f/0xb0
[  447.985056]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  447.989630]  do_syscall_64+0xf9/0x620
[  447.993421]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  447.998614] RIP: 0033:0x466397
[  448.001815] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
07:08:57 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008200000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  448.020706] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  448.028403] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  448.035753] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  448.043015] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  448.050269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  448.057535] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x50)

[  448.099778] erofs: unmounted for /dev/loop4
07:08:57 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717314000000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  448.127599] erofs: read_super, device -> /dev/loop2
[  448.132804] erofs: read_super, device -> /dev/loop0
[  448.138732] erofs: options -> 
[  448.141952] erofs: options -> 
[  448.153142] erofs: root inode @ nid 36
[  448.158240] erofs: mounted on /dev/loop0 with opts: .
07:08:58 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfcfdffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  448.204962] erofs: read_super, device -> /dev/loop5
[  448.212695] erofs: options -> 
[  448.221275] erofs: root inode @ nid 36
[  448.231982] erofs: mounted on /dev/loop5 with opts: .
[  448.238724] SQUASHFS error: zlib decompression failed, data probably corrupt
07:08:58 executing program 0 (fault-call:0 fault-nth:23):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xc0)

07:08:58 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x39f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  448.263091] erofs: unmounted for /dev/loop2
[  448.270466] erofs: unmounted for /dev/loop0
[  448.280402] SQUASHFS error: squashfs_read_data failed to read block 0x99
[  448.303267] SQUASHFS error: Unable to read metadata cache entry [99]
[  448.311446] erofs: unmounted for /dev/loop5
[  448.312812] SQUASHFS error: Unable to read inode 0x126
[  448.406125] FAULT_INJECTION: forcing a failure.
[  448.406125] name failslab, interval 1, probability 0, space 0, times 0
[  448.417551] CPU: 1 PID: 28817 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  448.425471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  448.434828] Call Trace:
[  448.437417]  dump_stack+0x1fc/0x2ef
[  448.441038]  should_fail.cold+0xa/0xf
[  448.444889]  ? setup_fault_attr+0x200/0x200
[  448.449193]  ? lock_acquire+0x170/0x3c0
[  448.453325]  __should_failslab+0x115/0x180
[  448.457560]  should_failslab+0x5/0x10
[  448.461369]  kmem_cache_alloc_node_trace+0x244/0x3b0
[  448.466558]  __kmalloc_node_track_caller+0x38/0x70
[  448.471474]  __alloc_skb+0xae/0x560
[  448.475096]  alloc_uevent_skb+0x7b/0x210
[  448.479147]  kobject_uevent_env+0xa90/0x1480
[  448.483561]  lo_ioctl+0xff9/0x20e0
[  448.487085]  ? loop_set_status64+0x110/0x110
[  448.491540]  blkdev_ioctl+0x5cb/0x1a80
[  448.495431]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  448.500794]  ? blkpg_ioctl+0x9d0/0x9d0
[  448.504671]  ? mark_held_locks+0xf0/0xf0
[  448.508729]  ? mark_held_locks+0xf0/0xf0
[  448.512812]  ? debug_check_no_obj_freed+0x201/0x490
[  448.517823]  ? lock_downgrade+0x720/0x720
[  448.521960]  block_ioctl+0xe9/0x130
[  448.525586]  ? blkdev_fallocate+0x3f0/0x3f0
[  448.529892]  do_vfs_ioctl+0xcdb/0x12e0
[  448.533762]  ? lock_downgrade+0x720/0x720
[  448.537914]  ? check_preemption_disabled+0x41/0x280
[  448.542923]  ? ioctl_preallocate+0x200/0x200
[  448.547312]  ? __fget+0x356/0x510
[  448.550748]  ? do_dup2+0x450/0x450
[  448.554273]  ? do_sys_open+0x2bf/0x520
[  448.558161]  ksys_ioctl+0x9b/0xc0
[  448.561606]  __x64_sys_ioctl+0x6f/0xb0
[  448.565474]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  448.570037]  do_syscall_64+0xf9/0x620
[  448.573817]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  448.578983] RIP: 0033:0x466397
[  448.582154] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  448.601036] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  448.608725] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  448.615984] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  448.623252] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  448.630503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  448.637763] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x500)

[  448.707939] erofs: read_super, device -> /dev/loop4
[  448.713297] erofs: read_super, device -> /dev/loop2
[  448.718552] erofs: options -> 
[  448.724842] erofs: read_super, device -> /dev/loop0
[  448.739554] erofs: read_super, device -> /dev/loop5
[  448.747256] erofs: options -> 
[  448.752168] erofs: options -> 
07:08:58 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfdfdffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:58 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717303010000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:58 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  448.755865] erofs: options -> 
[  448.759800] erofs: root inode @ nid 36
[  448.769340] erofs: root inode @ nid 36
[  448.780339] erofs: mounted on /dev/loop0 with opts: .
[  448.785579] erofs: mounted on /dev/loop5 with opts: .
[  448.803704] erofs: unmounted for /dev/loop2
07:08:58 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008300000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x600)

07:08:58 executing program 0 (fault-call:0 fault-nth:24):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  448.826850] erofs: unmounted for /dev/loop5
[  448.834091] erofs: unmounted for /dev/loop4
[  448.883615] erofs: unmounted for /dev/loop0
[  448.902574] erofs: read_super, device -> /dev/loop2
[  448.908537] erofs: options -> 
[  448.961599] erofs: read_super, device -> /dev/loop5
[  448.968066] SQUASHFS error: zlib decompression failed, data probably corrupt
[  448.976498] erofs: options -> 
07:08:58 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfeffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  449.006971] erofs: read_super, device -> /dev/loop4
[  449.008086] SQUASHFS error: squashfs_read_data failed to read block 0x99
[  449.022103] FAULT_INJECTION: forcing a failure.
[  449.022103] name failslab, interval 1, probability 0, space 0, times 0
[  449.022369] erofs: root inode @ nid 36
[  449.040906] erofs: options -> 
[  449.047940] erofs: unmounted for /dev/loop2
[  449.060974] CPU: 0 PID: 28879 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  449.068574] SQUASHFS error: Unable to read metadata cache entry [99]
[  449.068880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  449.077914] SQUASHFS error: Unable to read inode 0x126
[  449.084709] Call Trace:
[  449.084729]  dump_stack+0x1fc/0x2ef
[  449.084753]  should_fail.cold+0xa/0xf
[  449.084769]  ? setup_fault_attr+0x200/0x200
[  449.084785]  ? lock_acquire+0x170/0x3c0
[  449.093934] erofs: mounted on /dev/loop5 with opts: .
[  449.096402]  __should_failslab+0x115/0x180
[  449.096418]  should_failslab+0x5/0x10
[  449.096431]  kmem_cache_alloc_trace+0x284/0x380
[  449.096443]  ? wait_for_completion_io+0x10/0x10
[  449.096453]  ? kobj_ns_initial+0x90/0x90
[  449.096467]  call_usermodehelper_setup+0x84/0x300
[  449.139793]  kobject_uevent_env+0xe83/0x1480
[  449.144207]  lo_ioctl+0xff9/0x20e0
[  449.147732]  ? loop_set_status64+0x110/0x110
[  449.152138]  blkdev_ioctl+0x5cb/0x1a80
[  449.156004]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  449.161347]  ? blkpg_ioctl+0x9d0/0x9d0
[  449.165216]  ? mark_held_locks+0xf0/0xf0
[  449.169257]  ? mark_held_locks+0xf0/0xf0
[  449.173301]  ? debug_check_no_obj_freed+0x201/0x490
[  449.178299]  ? lock_downgrade+0x720/0x720
[  449.182431]  block_ioctl+0xe9/0x130
[  449.186039]  ? blkdev_fallocate+0x3f0/0x3f0
[  449.190474]  do_vfs_ioctl+0xcdb/0x12e0
[  449.194352]  ? lock_downgrade+0x720/0x720
[  449.198488]  ? check_preemption_disabled+0x41/0x280
[  449.203493]  ? ioctl_preallocate+0x200/0x200
[  449.207890]  ? __fget+0x356/0x510
[  449.211327]  ? do_dup2+0x450/0x450
[  449.214857]  ? do_sys_open+0x2bf/0x520
[  449.218732]  ksys_ioctl+0x9b/0xc0
[  449.222172]  __x64_sys_ioctl+0x6f/0xb0
[  449.226044]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  449.230615]  do_syscall_64+0xf9/0x620
[  449.234405]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  449.239597] RIP: 0033:0x466397
[  449.242775] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
07:08:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x700)

[  449.261657] RSP: 002b:00007fd4abad3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  449.269345] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397
[  449.276609] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  449.283888] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff
[  449.291138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  449.298392] R13: 0000000000000004 R14: 0000000020000248 R15: 0000000000000003
07:08:59 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008400000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  449.365890] erofs: read_super, device -> /dev/loop0
[  449.384654] erofs: options -> 
[  449.396305] erofs: root inode @ nid 36
07:08:59 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a1, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:59 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173e00f0000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x900)

[  449.415216] erofs: mounted on /dev/loop0 with opts: .
[  449.421744] erofs: unmounted for /dev/loop4
[  449.426538] erofs: unmounted for /dev/loop5
07:08:59 executing program 0 (fault-call:0 fault-nth:25):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  449.536834] erofs: read_super, device -> /dev/loop2
[  449.539870] erofs: read_super, device -> /dev/loop4
[  449.541955] erofs: options -> 
[  449.576530] erofs: options -> 
07:08:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xa00)

[  449.583796] erofs: unmounted for /dev/loop0
07:08:59 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xff0f000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:59 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008500000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  449.671327] squashfs: SQUASHFS error: unable to read inode lookup table
[  449.676941] erofs: read_super, device -> /dev/loop5
[  449.689456] erofs: unmounted for /dev/loop2
[  449.702606] erofs: options -> 
[  449.709008] erofs: unmounted for /dev/loop4
[  449.715959] erofs: root inode @ nid 36
07:08:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xb00)

[  449.721586] erofs: mounted on /dev/loop5 with opts: .
07:08:59 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  449.798682] FAULT_INJECTION: forcing a failure.
[  449.798682] name failslab, interval 1, probability 0, space 0, times 0
[  449.814761] CPU: 0 PID: 28939 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  449.822653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  449.831998] Call Trace:
[  449.834591]  dump_stack+0x1fc/0x2ef
[  449.838229]  should_fail.cold+0xa/0xf
[  449.842036]  ? setup_fault_attr+0x200/0x200
[  449.846359]  ? lock_acquire+0x170/0x3c0
[  449.850342]  __should_failslab+0x115/0x180
[  449.854588]  should_failslab+0x5/0x10
[  449.858388]  kmem_cache_alloc+0x277/0x370
[  449.862540]  __d_alloc+0x2b/0xa10
[  449.866006]  d_alloc+0x4a/0x230
[  449.869289]  __lookup_hash+0xc8/0x180
[  449.873089]  filename_create+0x186/0x490
[  449.877152]  ? kern_path_mountpoint+0x40/0x40
[  449.881651]  ? strncpy_from_user+0x2a2/0x350
[  449.886067]  ? getname_flags+0x25b/0x590
[  449.890161]  do_mkdirat+0xa0/0x2d0
[  449.893717]  ? __ia32_sys_mknod+0x120/0x120
[  449.898037]  ? trace_hardirqs_off_caller+0x6e/0x210
[  449.903046]  ? do_syscall_64+0x21/0x620
[  449.907025]  do_syscall_64+0xf9/0x620
[  449.910827]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  449.916018] RIP: 0033:0x4656e7
[  449.919290] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  449.938187] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  449.945886] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7
[  449.953138] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  449.960390] RBP: 00007fd4abad4040 R08: 0000000000000000 R09: ffffffffffffffff
[  449.967651] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[  449.974899] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  449.982769] erofs: unmounted for /dev/loop5
07:08:59 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307020000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:08:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xd00)

[  450.002746] erofs: read_super, device -> /dev/loop2
[  450.017795] erofs: options -> 
[  450.035526] erofs: read_super, device -> /dev/loop4
[  450.040928] erofs: options -> 
07:08:59 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008600000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:59 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffff1f0000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:08:59 executing program 0 (fault-call:0 fault-nth:26):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:08:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x2000)

[  450.109796] erofs: unmounted for /dev/loop4
[  450.126674] erofs: unmounted for /dev/loop2
[  450.192061] erofs: read_super, device -> /dev/loop5
[  450.206289] erofs: read_super, device -> /dev/loop4
[  450.210085] SQUASHFS error: zlib decompression failed, data probably corrupt
[  450.217004] erofs: options -> 
[  450.226770] FAULT_INJECTION: forcing a failure.
[  450.226770] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  450.238605] CPU: 0 PID: 29003 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  450.238644] erofs: options -> 
[  450.246516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  450.246522] Call Trace:
[  450.246542]  dump_stack+0x1fc/0x2ef
[  450.246560]  should_fail.cold+0xa/0xf
[  450.246581]  ? setup_fault_attr+0x200/0x200
[  450.246596]  ? wake_up_q+0x93/0xe0
[  450.276962]  ? __mutex_unlock_slowpath+0x2be/0x610
[  450.281879]  __alloc_pages_nodemask+0x239/0x2890
[  450.286632]  ? __lock_acquire+0x6de/0x3ff0
[  450.290860]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  450.295686]  ? blkdev_ioctl+0x11a/0x1a80
[  450.299727]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  450.305069]  ? blkpg_ioctl+0x9d0/0x9d0
[  450.308949]  ? debug_check_no_obj_freed+0x201/0x490
[  450.313955]  ? lock_downgrade+0x720/0x720
[  450.318104]  cache_grow_begin+0xa4/0x8a0
[  450.322152]  ? setup_fault_attr+0x200/0x200
[  450.326459]  ? cache_alloc_pfmemalloc+0x1e/0x140
[  450.331215]  cache_alloc_refill+0x273/0x340
[  450.335538]  kmem_cache_alloc+0x346/0x370
[  450.339673]  getname_flags+0xce/0x590
[  450.343491]  do_mkdirat+0x8d/0x2d0
[  450.347046]  ? __ia32_sys_mknod+0x120/0x120
[  450.351354]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  450.356702]  ? trace_hardirqs_off_caller+0x6e/0x210
[  450.361703]  ? do_syscall_64+0x21/0x620
[  450.365661]  do_syscall_64+0xf9/0x620
[  450.369536]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  450.374723] RIP: 0033:0x4656e7
[  450.377898] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  450.396779] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  450.404473] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7
[  450.411826] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  450.419076] RBP: 00007fd4abad4040 R08: 0000000000000000 R09: ffffffffffffffff
[  450.426329] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[  450.433596] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  450.447089] erofs: root inode @ nid 36
[  450.470719] erofs: read_super, device -> /dev/loop2
[  450.483664] erofs: mounted on /dev/loop5 with opts: .
07:09:00 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008700000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x5000)

07:09:00 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  450.516614] erofs: options -> 
[  450.527095] erofs: unmounted for /dev/loop4
[  450.531721] SQUASHFS error: squashfs_read_data failed to read block 0x99
[  450.553577] erofs: unmounted for /dev/loop5
[  450.554276] SQUASHFS error: Unable to read metadata cache entry [99]
[  450.565915] SQUASHFS error: Unable to read inode 0x126
[  450.584692] erofs: read_super, device -> /dev/loop0
[  450.598772] erofs: options -> 
[  450.606525] erofs: root inode @ nid 36
07:09:00 executing program 0 (fault-call:0 fault-nth:27):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  450.620132] erofs: mounted on /dev/loop0 with opts: .
07:09:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x200000)

07:09:00 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffff7f00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  450.655840] erofs: unmounted for /dev/loop0
[  450.674824] erofs: read_super, device -> /dev/loop4
[  450.686876] erofs: unmounted for /dev/loop2
[  450.689874] erofs: options -> 
[  450.700884] erofs: read_super, device -> /dev/loop5
07:09:00 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307030000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:00 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008800000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  450.708655] erofs: options -> 
[  450.720606] erofs: root inode @ nid 36
[  450.744047] erofs: mounted on /dev/loop5 with opts: .
[  450.769595] erofs: unmounted for /dev/loop4
07:09:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x80ffff)

07:09:00 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  450.820139] FAULT_INJECTION: forcing a failure.
[  450.820139] name failslab, interval 1, probability 0, space 0, times 0
[  450.844723] erofs: read_super, device -> /dev/loop2
[  450.849768] erofs: options -> 
[  450.863185] SQUASHFS error: zlib decompression failed, data probably corrupt
[  450.870637] erofs: unmounted for /dev/loop5
[  450.880817] SQUASHFS error: squashfs_read_data failed to read block 0x99
[  450.884151] CPU: 1 PID: 29056 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  450.891516] SQUASHFS error: Unable to read metadata cache entry [99]
[  450.895529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  450.895534] Call Trace:
[  450.895551]  dump_stack+0x1fc/0x2ef
[  450.895567]  should_fail.cold+0xa/0xf
[  450.895582]  ? setup_fault_attr+0x200/0x200
[  450.895593]  ? __lock_acquire+0x6de/0x3ff0
[  450.895612]  __should_failslab+0x115/0x180
[  450.895625]  should_failslab+0x5/0x10
[  450.895635]  __kmalloc+0x2ab/0x3c0
[  450.895647]  ? ext4_find_extent+0x9bb/0xc70
[  450.909938] SQUASHFS error: Unable to read inode 0x126
[  450.911469]  ext4_find_extent+0x9bb/0xc70
[  450.911491]  ext4_ext_map_blocks+0x1c0/0x7390
[  450.911508]  ? __lock_acquire+0x6de/0x3ff0
[  450.963834]  ? __lock_acquire+0x6de/0x3ff0
[  450.968076]  ? mark_held_locks+0xf0/0xf0
[  450.972132]  ? __ext4_handle_dirty_metadata+0x1e0/0x590
[  450.977487]  ? ext4_find_delalloc_cluster+0x1f0/0x1f0
[  450.982656]  ? mark_held_locks+0xf0/0xf0
[  450.986697]  ? ext4_mark_iloc_dirty+0x1b0d/0x2b30
[  450.991525]  ? ext4_es_lookup_extent+0x375/0xb60
[  450.996280]  ? lock_downgrade+0x720/0x720
[  451.000411]  ? lock_acquire+0x170/0x3c0
[  451.004369]  ? check_preemption_disabled+0x41/0x280
[  451.009400]  ? lock_acquire+0x170/0x3c0
[  451.013357]  ? ext4_map_blocks+0x33e/0x1a50
[  451.017669]  ext4_map_blocks+0xd88/0x1a50
[  451.021800]  ? check_preemption_disabled+0x41/0x280
[  451.026798]  ? ext4_issue_zeroout+0x160/0x160
[  451.031295]  ? __brelse+0x84/0xa0
[  451.034725]  ? __ext4_new_inode+0x2eb/0x5a20
[  451.039115]  ext4_getblk+0xad/0x4f0
[  451.042725]  ? ext4_iomap_begin+0xe00/0xe00
[  451.047028]  ? ext4_free_inode+0x1780/0x1780
[  451.051416]  ? debug_check_no_obj_freed+0x201/0x490
[  451.056412]  ? __dquot_initialize+0x298/0xb70
[  451.060892]  ext4_bread+0x7c/0x210
[  451.064416]  ? ext4_getblk+0x4f0/0x4f0
[  451.068295]  ? dquot_initialize_needed+0x290/0x290
[  451.073204]  ? trace_hardirqs_off+0x64/0x200
[  451.077597]  ext4_append+0x155/0x370
[  451.081302]  ext4_mkdir+0x5bd/0xe10
[  451.084914]  ? ext4_init_dot_dotdot+0x600/0x600
[  451.089569]  ? generic_permission+0x116/0x4d0
[  451.094064]  ? inode_permission.part.0+0x10c/0x450
[  451.098979]  vfs_mkdir+0x508/0x7a0
[  451.102516]  do_mkdirat+0x262/0x2d0
[  451.106125]  ? __ia32_sys_mknod+0x120/0x120
[  451.110432]  ? trace_hardirqs_off_caller+0x6e/0x210
[  451.115433]  ? do_syscall_64+0x21/0x620
[  451.119392]  do_syscall_64+0xf9/0x620
[  451.123176]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  451.128362] RIP: 0033:0x4656e7
[  451.131542] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  451.150610] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  451.158400] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7
[  451.165648] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  451.172896] RBP: 00007fd4abad4040 R08: 0000000000000000 R09: ffffffffffffffff
[  451.180164] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[  451.187434] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
07:09:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x1000000)

07:09:01 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  451.267510] erofs: read_super, device -> /dev/loop0
[  451.272926] erofs: options -> 
[  451.276527] erofs: read_super, device -> /dev/loop4
[  451.281549] erofs: options -> 
[  451.299281] erofs: unmounted for /dev/loop2
[  451.303871] erofs: root inode @ nid 36
07:09:01 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307040000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  451.312893] erofs: mounted on /dev/loop0 with opts: .
07:09:01 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008900000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  451.355006] erofs: read_super, device -> /dev/loop5
[  451.360044] erofs: options -> 
[  451.391484] erofs: root inode @ nid 36
[  451.397271] erofs: unmounted for /dev/loop4
07:09:01 executing program 0 (fault-call:0 fault-nth:28):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x1000040)

[  451.411133] erofs: mounted on /dev/loop5 with opts: .
[  451.417940] erofs: unmounted for /dev/loop0
07:09:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x1000080)

07:09:01 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  451.515402] erofs: read_super, device -> /dev/loop2
[  451.515464] erofs: read_super, device -> /dev/loop4
[  451.521514] erofs: options -> 
[  451.531794] squashfs: SQUASHFS error: unable to read inode lookup table
07:09:01 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307050000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  451.555902] erofs: unmounted for /dev/loop5
[  451.561505] erofs: options -> 
07:09:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x10000c0)

[  451.633252] FAULT_INJECTION: forcing a failure.
[  451.633252] name failslab, interval 1, probability 0, space 0, times 0
07:09:01 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008a00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:01 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  451.683385] erofs: read_super, device -> /dev/loop5
[  451.691694] CPU: 1 PID: 29137 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  451.699603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  451.708950] Call Trace:
[  451.711531]  dump_stack+0x1fc/0x2ef
[  451.715146]  should_fail.cold+0xa/0xf
[  451.718956]  ? setup_fault_attr+0x200/0x200
[  451.723258]  ? __lock_acquire+0x6de/0x3ff0
[  451.727483]  __should_failslab+0x115/0x180
[  451.731701]  should_failslab+0x5/0x10
[  451.735484]  __kmalloc+0x2ab/0x3c0
[  451.739022]  ? ext4_find_extent+0x9bb/0xc70
[  451.743323]  ext4_find_extent+0x9bb/0xc70
[  451.747470]  ext4_ext_map_blocks+0x1c0/0x7390
[  451.751956]  ? __lock_acquire+0x6de/0x3ff0
[  451.756178]  ? __lock_acquire+0x6de/0x3ff0
[  451.760401]  ? mark_held_locks+0xf0/0xf0
[  451.764448]  ? __ext4_handle_dirty_metadata+0x1e0/0x590
[  451.769817]  ? ext4_find_delalloc_cluster+0x1f0/0x1f0
[  451.774988]  ? mark_held_locks+0xf0/0xf0
[  451.779048]  ? ext4_mark_iloc_dirty+0x1b0d/0x2b30
[  451.783881]  ? ext4_es_lookup_extent+0x375/0xb60
[  451.788620]  ? lock_downgrade+0x720/0x720
[  451.792752]  ? lock_acquire+0x170/0x3c0
[  451.796711]  ? check_preemption_disabled+0x41/0x280
[  451.801709]  ? lock_acquire+0x170/0x3c0
[  451.805666]  ? ext4_map_blocks+0x33e/0x1a50
[  451.809972]  ext4_map_blocks+0xd88/0x1a50
[  451.814113]  ? check_preemption_disabled+0x41/0x280
[  451.819130]  ? ext4_issue_zeroout+0x160/0x160
[  451.823605]  ? __brelse+0x84/0xa0
[  451.827040]  ? __ext4_new_inode+0x2eb/0x5a20
[  451.831444]  ext4_getblk+0xad/0x4f0
[  451.835054]  ? ext4_iomap_begin+0xe00/0xe00
[  451.839359]  ? ext4_free_inode+0x1780/0x1780
[  451.843744]  ? debug_check_no_obj_freed+0x201/0x490
[  451.848748]  ? __dquot_initialize+0x298/0xb70
[  451.853222]  ext4_bread+0x7c/0x210
[  451.856743]  ? ext4_getblk+0x4f0/0x4f0
[  451.860611]  ? dquot_initialize_needed+0x290/0x290
[  451.865525]  ? trace_hardirqs_off+0x64/0x200
[  451.869914]  ext4_append+0x155/0x370
[  451.873606]  ext4_mkdir+0x5bd/0xe10
[  451.877215]  ? ext4_init_dot_dotdot+0x600/0x600
[  451.881864]  ? generic_permission+0x116/0x4d0
[  451.886340]  ? inode_permission.part.0+0x10c/0x450
[  451.891256]  vfs_mkdir+0x508/0x7a0
[  451.894780]  do_mkdirat+0x262/0x2d0
[  451.898384]  ? __ia32_sys_mknod+0x120/0x120
[  451.902687]  ? trace_hardirqs_off_caller+0x6e/0x210
[  451.907777]  ? do_syscall_64+0x21/0x620
[  451.911745]  do_syscall_64+0xf9/0x620
[  451.915545]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  451.920716] RIP: 0033:0x4656e7
[  451.923910] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  451.942792] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  451.950483] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7
[  451.957735] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  451.964988] RBP: 00007fd4abad4040 R08: 0000000000000000 R09: ffffffffffffffff
[  451.972242] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[  451.979495] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  451.987536] erofs: unmounted for /dev/loop2
[  451.994547] erofs: unmounted for /dev/loop4
[  452.000690] erofs: options -> 
[  452.011788] erofs: root inode @ nid 36
[  452.025041] erofs: mounted on /dev/loop5 with opts: .
07:09:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x1010000)

[  452.073678] squashfs: SQUASHFS error: unable to read inode lookup table
[  452.081513] erofs: read_super, device -> /dev/loop0
[  452.086908] erofs: options -> 
[  452.099109] erofs: root inode @ nid 36
[  452.106066] erofs: mounted on /dev/loop0 with opts: .
07:09:01 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307060000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:01 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:01 executing program 0 (fault-call:0 fault-nth:29):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  452.162004] erofs: read_super, device -> /dev/loop2
[  452.166883] erofs: read_super, device -> /dev/loop4
[  452.180653] erofs: options -> 
[  452.186483] erofs: options -> 
07:09:02 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008b00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:02 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x2000000)

[  452.220993] erofs: unmounted for /dev/loop5
[  452.225625] erofs: unmounted for /dev/loop0
[  452.243885] erofs: unmounted for /dev/loop4
[  452.260957] erofs: unmounted for /dev/loop2
[  452.395116] squashfs: SQUASHFS error: unable to read inode lookup table
[  452.398531] erofs: read_super, device -> /dev/loop5
07:09:02 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307070000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  452.438478] erofs: options -> 
[  452.443888] erofs: read_super, device -> /dev/loop2
[  452.454526] erofs: options -> 
[  452.457931] erofs: cannot read erofs superblock
[  452.463847] erofs: root inode @ nid 36
[  452.473950] erofs: mounted on /dev/loop5 with opts: .
[  452.481924] FAULT_INJECTION: forcing a failure.
[  452.481924] name failslab, interval 1, probability 0, space 0, times 0
[  452.515466] erofs: read_super, device -> /dev/loop2
[  452.520747] erofs: read_super, device -> /dev/loop4
[  452.528184] erofs: options -> 
[  452.537079] erofs: cannot read erofs superblock
[  452.541894] CPU: 1 PID: 29213 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  452.549773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  452.559117] Call Trace:
[  452.561706]  dump_stack+0x1fc/0x2ef
[  452.565336]  should_fail.cold+0xa/0xf
[  452.569144]  ? setup_fault_attr+0x200/0x200
[  452.573117] squashfs: SQUASHFS error: unable to read inode lookup table
[  452.573467]  ? lock_downgrade+0x720/0x720
[  452.573484]  __should_failslab+0x115/0x180
[  452.581472] erofs: options -> 
[  452.584363]  should_failslab+0x5/0x10
[  452.584376]  __kmalloc+0x2ab/0x3c0
[  452.584387]  ? ext4_find_extent+0x9bb/0xc70
[  452.584401]  ext4_find_extent+0x9bb/0xc70
[  452.584419]  ext4_ext_map_blocks+0x1c0/0x7390
[  452.584441]  ? __lock_acquire+0x6de/0x3ff0
[  452.584461]  ? mark_held_locks+0xf0/0xf0
[  452.620338]  ? __ext4_handle_dirty_metadata+0x1e0/0x590
[  452.625716]  ? ext4_find_delalloc_cluster+0x1f0/0x1f0
[  452.630904]  ? mark_held_locks+0xf0/0xf0
[  452.634954]  ? ext4_mark_iloc_dirty+0x1b0d/0x2b30
[  452.639894]  ? ext4_es_lookup_extent+0x375/0xb60
[  452.644680]  ? ext4_map_blocks+0x59f/0x1a50
[  452.649002]  ? lock_acquire+0x170/0x3c0
[  452.653151]  ? ext4_map_blocks+0x740/0x1a50
[  452.657474]  ext4_map_blocks+0x7a2/0x1a50
[  452.661622]  ? check_preemption_disabled+0x41/0x280
[  452.666621]  ? ext4_issue_zeroout+0x160/0x160
[  452.671102]  ? __brelse+0x84/0xa0
[  452.674554]  ? __ext4_new_inode+0x2eb/0x5a20
[  452.678965]  ext4_getblk+0xad/0x4f0
[  452.682580]  ? ext4_iomap_begin+0xe00/0xe00
[  452.686887]  ? ext4_free_inode+0x1780/0x1780
[  452.691278]  ? debug_check_no_obj_freed+0x201/0x490
[  452.696293]  ? __dquot_initialize+0x298/0xb70
[  452.700773]  ext4_bread+0x7c/0x210
[  452.704295]  ? ext4_getblk+0x4f0/0x4f0
[  452.708172]  ? dquot_initialize_needed+0x290/0x290
[  452.713092]  ? trace_hardirqs_off+0x64/0x200
[  452.717492]  ext4_append+0x155/0x370
[  452.721190]  ext4_mkdir+0x5bd/0xe10
[  452.724809]  ? ext4_init_dot_dotdot+0x600/0x600
[  452.729466]  ? generic_permission+0x116/0x4d0
[  452.733950]  ? inode_permission.part.0+0x10c/0x450
[  452.738865]  vfs_mkdir+0x508/0x7a0
[  452.742402]  do_mkdirat+0x262/0x2d0
[  452.746099]  ? __ia32_sys_mknod+0x120/0x120
[  452.750408]  ? trace_hardirqs_off_caller+0x6e/0x210
[  452.755409]  ? do_syscall_64+0x21/0x620
[  452.759367]  do_syscall_64+0xf9/0x620
[  452.763151]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  452.768325] RIP: 0033:0x4656e7
[  452.771502] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  452.790400] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  452.798091] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7
[  452.805341] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
07:09:02 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x4000000)

07:09:02 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307080000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  452.812591] RBP: 00007fd4abad4040 R08: 0000000000000000 R09: ffffffffffffffff
[  452.819842] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[  452.827109] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  452.841545] erofs: unmounted for /dev/loop5
07:09:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x5000000)

07:09:02 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:02 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008c00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  452.942542] erofs: unmounted for /dev/loop4
[  452.955097] erofs: read_super, device -> /dev/loop5
[  452.962216] erofs: options -> 
[  452.969410] erofs: root inode @ nid 36
[  452.974491] erofs: mounted on /dev/loop5 with opts: .
[  452.999474] squashfs: SQUASHFS error: unable to read inode lookup table
07:09:02 executing program 0 (fault-call:0 fault-nth:30):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  453.065254] erofs: read_super, device -> /dev/loop4
[  453.070874] erofs: options -> 
[  453.084642] erofs: read_super, device -> /dev/loop2
07:09:02 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:02 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008d00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:02 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307090000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x6000000)

[  453.108344] erofs: options -> 
[  453.122936] erofs: unmounted for /dev/loop5
[  453.142314] erofs: unmounted for /dev/loop4
[  453.247522] FAULT_INJECTION: forcing a failure.
[  453.247522] name failslab, interval 1, probability 0, space 0, times 0
07:09:03 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  453.307133] CPU: 0 PID: 29282 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  453.315046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  453.324401] Call Trace:
[  453.326991]  dump_stack+0x1fc/0x2ef
[  453.330628]  should_fail.cold+0xa/0xf
[  453.334441]  ? setup_fault_attr+0x200/0x200
[  453.338777]  ? lock_downgrade+0x720/0x720
[  453.342942]  __should_failslab+0x115/0x180
[  453.347180]  should_failslab+0x5/0x10
[  453.350985]  __kmalloc+0x2ab/0x3c0
[  453.354635]  ? ext4_find_extent+0x9bb/0xc70
[  453.358956]  ext4_find_extent+0x9bb/0xc70
[  453.359449] erofs: read_super, device -> /dev/loop4
[  453.363136]  ext4_ext_map_blocks+0x1c0/0x7390
[  453.372692]  ? __lock_acquire+0x6de/0x3ff0
[  453.376942]  ? mark_held_locks+0xf0/0xf0
[  453.381006]  ? __ext4_handle_dirty_metadata+0x1e0/0x590
[  453.384641] erofs: options -> 
[  453.386369]  ? ext4_find_delalloc_cluster+0x1f0/0x1f0
[  453.386385]  ? mark_held_locks+0xf0/0xf0
[  453.386400]  ? ext4_mark_iloc_dirty+0x1b0d/0x2b30
[  453.386417]  ? ext4_es_lookup_extent+0x375/0xb60
[  453.408501]  ? ext4_map_blocks+0x59f/0x1a50
[  453.412826]  ? lock_acquire+0x170/0x3c0
[  453.416805]  ? ext4_map_blocks+0x740/0x1a50
[  453.421125]  ext4_map_blocks+0x7a2/0x1a50
[  453.425282]  ? check_preemption_disabled+0x41/0x280
[  453.430302]  ? ext4_issue_zeroout+0x160/0x160
[  453.434784]  ? __brelse+0x84/0xa0
[  453.438224]  ? __ext4_new_inode+0x2eb/0x5a20
[  453.442622]  ext4_getblk+0xad/0x4f0
[  453.446250]  ? ext4_iomap_begin+0xe00/0xe00
[  453.450575]  ? ext4_free_inode+0x1780/0x1780
[  453.454969]  ? debug_check_no_obj_freed+0x201/0x490
[  453.459986]  ? __dquot_initialize+0x298/0xb70
[  453.464477]  ext4_bread+0x7c/0x210
[  453.468026]  ? ext4_getblk+0x4f0/0x4f0
[  453.471897]  ? dquot_initialize_needed+0x290/0x290
[  453.476814]  ? trace_hardirqs_off+0x64/0x200
[  453.481233]  ext4_append+0x155/0x370
[  453.484931]  ext4_mkdir+0x5bd/0xe10
[  453.488545]  ? ext4_init_dot_dotdot+0x600/0x600
[  453.493194]  ? generic_permission+0x116/0x4d0
[  453.497671]  ? inode_permission.part.0+0x10c/0x450
[  453.502582]  vfs_mkdir+0x508/0x7a0
[  453.506104]  do_mkdirat+0x262/0x2d0
[  453.509713]  ? __ia32_sys_mknod+0x120/0x120
[  453.514015]  ? trace_hardirqs_off_caller+0x6e/0x210
[  453.519024]  ? do_syscall_64+0x21/0x620
[  453.522992]  do_syscall_64+0xf9/0x620
[  453.526789]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  453.531959] RIP: 0033:0x4656e7
[  453.535136] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  453.554017] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  453.561719] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7
[  453.568998] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  453.576247] RBP: 00007fd4abad4040 R08: 0000000000000000 R09: ffffffffffffffff
[  453.583495] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[  453.590758] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  453.598414] erofs: unmounted for /dev/loop2
07:09:03 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008e00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  453.634626] erofs: read_super, device -> /dev/loop5
[  453.639743] erofs: options -> 
[  453.645297] squashfs: SQUASHFS error: unable to read inode lookup table
[  453.654825] erofs: root inode @ nid 36
[  453.658972] erofs: mounted on /dev/loop5 with opts: .
[  453.659239] erofs: unmounted for /dev/loop4
07:09:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x7000000)

07:09:03 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173070a0000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  453.709201] print_req_error: I/O error, dev loop0, sector 0
[  453.745977] print_req_error: I/O error, dev loop0, sector 0
07:09:03 executing program 0 (fault-call:0 fault-nth:31):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  453.754960] Buffer I/O error on dev loop0, logical block 0, async page read
[  453.808162] erofs: read_super, device -> /dev/loop4
[  453.813207] erofs: options -> 
07:09:03 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3a9, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  453.870908] erofs: read_super, device -> /dev/loop2
[  453.885711] erofs: unmounted for /dev/loop5
[  453.892004] FAULT_INJECTION: forcing a failure.
[  453.892004] name failslab, interval 1, probability 0, space 0, times 0
[  453.903832] CPU: 1 PID: 29346 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  453.909061] erofs: options -> 
07:09:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x7000080)

[  453.911706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  453.924413] Call Trace:
[  453.927008]  dump_stack+0x1fc/0x2ef
[  453.930652]  should_fail.cold+0xa/0xf
[  453.934485]  ? setup_fault_attr+0x200/0x200
[  453.938430] squashfs: SQUASHFS error: unable to read inode lookup table
[  453.938807]  ? __es_tree_search.isra.0+0x1af/0x210
[  453.938826]  __should_failslab+0x115/0x180
[  453.938841]  should_failslab+0x5/0x10
[  453.938855]  kmem_cache_alloc+0x3f/0x370
[  453.962590]  __es_insert_extent+0x39b/0x13b0
[  453.967006]  ext4_es_insert_extent+0x22e/0x5e0
[  453.971581]  ? ext4_map_blocks+0x59f/0x1a50
[  453.975894]  ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0
[  453.981704]  ext4_map_blocks+0xa2a/0x1a50
[  453.985850]  ? ext4_issue_zeroout+0x160/0x160
[  453.990344]  ? __brelse+0x84/0xa0
[  453.993793]  ? __ext4_new_inode+0x2eb/0x5a20
[  453.998188]  ext4_getblk+0xad/0x4f0
[  454.001797]  ? ext4_iomap_begin+0xe00/0xe00
[  454.006131]  ? ext4_free_inode+0x1780/0x1780
[  454.010532]  ? debug_check_no_obj_freed+0x201/0x490
[  454.015626]  ? __dquot_initialize+0x298/0xb70
[  454.020114]  ext4_bread+0x7c/0x210
[  454.023676]  ? ext4_getblk+0x4f0/0x4f0
[  454.027546]  ? dquot_initialize_needed+0x290/0x290
[  454.032578]  ? trace_hardirqs_off+0x64/0x200
[  454.037013]  ext4_append+0x155/0x370
[  454.040731]  ext4_mkdir+0x5bd/0xe10
[  454.044361]  ? ext4_init_dot_dotdot+0x600/0x600
[  454.049042]  ? generic_permission+0x116/0x4d0
[  454.053553]  ? inode_permission.part.0+0x10c/0x450
[  454.058478]  vfs_mkdir+0x508/0x7a0
[  454.062050]  do_mkdirat+0x262/0x2d0
[  454.065754]  ? __ia32_sys_mknod+0x120/0x120
[  454.070071]  ? trace_hardirqs_off_caller+0x6e/0x210
[  454.075095]  ? do_syscall_64+0x21/0x620
[  454.079073]  do_syscall_64+0xf9/0x620
[  454.082865]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  454.088035] RIP: 0033:0x4656e7
[  454.091231] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  454.110139] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  454.117863] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7
[  454.125128] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  454.132396] RBP: 00007fd4abad4040 R08: 0000000000000000 R09: ffffffffffffffff
[  454.139661] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[  454.146917] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
07:09:04 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  454.245890] erofs: read_super, device -> /dev/loop5
[  454.259575] erofs: options -> 
[  454.263055] erofs: root inode @ nid 36
[  454.268332] erofs: mounted on /dev/loop5 with opts: .
[  454.273865] erofs: unmounted for /dev/loop4
[  454.280357] erofs: unmounted for /dev/loop2
07:09:04 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf008f00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:04 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3aa, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x8000080)

07:09:04 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173070b0000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  454.292791] erofs: unmounted for /dev/loop5
07:09:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x9000000)

[  454.335357] erofs: read_super, device -> /dev/loop0
[  454.341522] erofs: options -> 
[  454.351330] erofs: root inode @ nid 36
[  454.356137] erofs: mounted on /dev/loop0 with opts: .
07:09:04 executing program 0 (fault-call:0 fault-nth:32):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  454.396076] squashfs: SQUASHFS error: unable to read inode lookup table
[  454.423863] erofs: unmounted for /dev/loop0
07:09:04 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173070c0000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xa000000)

[  454.445287] erofs: read_super, device -> /dev/loop4
[  454.450508] erofs: options -> 
[  454.485519] erofs: read_super, device -> /dev/loop5
07:09:04 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  454.493770] erofs: read_super, device -> /dev/loop2
[  454.506424] erofs: options -> 
[  454.512978] erofs: options -> 
[  454.526512] erofs: root inode @ nid 36
07:09:04 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x10, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xb000000)

[  454.543516] erofs: mounted on /dev/loop5 with opts: .
[  454.549944] erofs: unmounted for /dev/loop4
[  454.575079] erofs: unmounted for /dev/loop2
[  454.630550] FAULT_INJECTION: forcing a failure.
[  454.630550] name failslab, interval 1, probability 0, space 0, times 0
[  454.642049] CPU: 1 PID: 29418 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  454.649921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  454.659279] Call Trace:
[  454.661885]  dump_stack+0x1fc/0x2ef
[  454.665658]  should_fail.cold+0xa/0xf
[  454.669564]  ? setup_fault_attr+0x200/0x200
[  454.673890]  ? lock_acquire+0x170/0x3c0
[  454.677873]  __should_failslab+0x115/0x180
[  454.682239]  should_failslab+0x5/0x10
[  454.686132]  __kmalloc_track_caller+0x2a6/0x3c0
[  454.691304]  ? strndup_user+0x70/0x120
[  454.695197]  memdup_user+0x22/0xb0
[  454.698734]  strndup_user+0x70/0x120
[  454.702448]  ksys_mount+0x34/0x130
[  454.705997]  __x64_sys_mount+0xba/0x150
[  454.709955]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  454.714531]  do_syscall_64+0xf9/0x620
[  454.718360]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  454.723584] RIP: 0033:0x467afa
[  454.726769] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  454.745664] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  454.753350] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  454.760607] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  454.767860] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  454.775144] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  454.782404] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  454.806209] squashfs: SQUASHFS error: unable to read inode lookup table
07:09:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xd000000)

07:09:04 executing program 0 (fault-call:0 fault-nth:33):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:04 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x500, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  454.884457] erofs: read_super, device -> /dev/loop4
[  454.889499] erofs: options -> 
07:09:04 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173070d0000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:04 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009100000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  454.938235] erofs: unmounted for /dev/loop5
[  454.962930] erofs: unmounted for /dev/loop4
[  454.982651] FAULT_INJECTION: forcing a failure.
[  454.982651] name failslab, interval 1, probability 0, space 0, times 0
[  454.994017] CPU: 0 PID: 29463 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  455.001885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  455.011231] Call Trace:
[  455.013804]  dump_stack+0x1fc/0x2ef
[  455.017419]  should_fail.cold+0xa/0xf
[  455.021217]  ? setup_fault_attr+0x200/0x200
[  455.025519]  ? __es_tree_search.isra.0+0x1af/0x210
[  455.030434]  __should_failslab+0x115/0x180
[  455.034656]  should_failslab+0x5/0x10
[  455.038440]  kmem_cache_alloc+0x3f/0x370
[  455.042481]  __es_insert_extent+0x39b/0x13b0
[  455.047008]  ext4_es_insert_extent+0x22e/0x5e0
[  455.051583]  ? ext4_map_blocks+0x59f/0x1a50
[  455.055894]  ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0
[  455.061693]  ext4_map_blocks+0xa2a/0x1a50
[  455.065841]  ? ext4_issue_zeroout+0x160/0x160
[  455.070320]  ? __brelse+0x84/0xa0
[  455.073767]  ? __ext4_new_inode+0x2eb/0x5a20
[  455.078211]  ext4_getblk+0xad/0x4f0
[  455.081823]  ? ext4_iomap_begin+0xe00/0xe00
[  455.086128]  ? ext4_free_inode+0x1780/0x1780
[  455.090521]  ? debug_check_no_obj_freed+0x201/0x490
[  455.095523]  ? __dquot_initialize+0x298/0xb70
[  455.100011]  ext4_bread+0x7c/0x210
[  455.103530]  ? ext4_getblk+0x4f0/0x4f0
[  455.107394]  ? dquot_initialize_needed+0x290/0x290
[  455.112302]  ? trace_hardirqs_off+0x64/0x200
[  455.116700]  ext4_append+0x155/0x370
[  455.120399]  ext4_mkdir+0x5bd/0xe10
[  455.124015]  ? ext4_init_dot_dotdot+0x600/0x600
[  455.128669]  ? generic_permission+0x116/0x4d0
[  455.133158]  ? inode_permission.part.0+0x10c/0x450
[  455.138068]  vfs_mkdir+0x508/0x7a0
[  455.141610]  do_mkdirat+0x262/0x2d0
[  455.145222]  ? __ia32_sys_mknod+0x120/0x120
[  455.149542]  ? trace_hardirqs_off_caller+0x6e/0x210
[  455.154553]  ? do_syscall_64+0x21/0x620
[  455.158512]  do_syscall_64+0xf9/0x620
[  455.162302]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  455.167476] RIP: 0033:0x4656e7
[  455.170655] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  455.189550] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  455.197251] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004656e7
[  455.204508] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  455.211911] RBP: 00007fd4abad4040 R08: 0000000000000000 R09: ffffffffffffffff
[  455.219250] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000000
[  455.226501] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  455.265898] erofs: read_super, device -> /dev/loop0
[  455.271180] erofs: options -> 
[  455.284596] erofs: read_super, device -> /dev/loop5
[  455.286945] erofs: read_super, device -> /dev/loop2
[  455.293576] erofs: root inode @ nid 36
[  455.294783] erofs: options -> 
07:09:05 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x14, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x19000080)

[  455.319932] squashfs: SQUASHFS error: unable to read inode lookup table
[  455.323738] erofs: options -> 
[  455.337014] erofs: mounted on /dev/loop0 with opts: .
[  455.343233] erofs: root inode @ nid 36
[  455.347523] erofs: unmounted for /dev/loop2
[  455.354322] erofs: mounted on /dev/loop5 with opts: .
[  455.388487] erofs: read_super, device -> /dev/loop4
[  455.393514] erofs: options -> 
07:09:05 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009200000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:05 executing program 0 (fault-call:0 fault-nth:34):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:05 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x600, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:05 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173070e0000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  455.462759] erofs: unmounted for /dev/loop4
[  455.477124] erofs: unmounted for /dev/loop0
[  455.483316] erofs: unmounted for /dev/loop5
[  455.501985] erofs: read_super, device -> /dev/loop2
07:09:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x1a000080)

[  455.513566] erofs: options -> 
[  455.569909] erofs: read_super, device -> /dev/loop4
[  455.576220] erofs: options -> 
07:09:05 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x22, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:05 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009300000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x1d000080)

[  455.652111] squashfs: SQUASHFS error: unable to read inode lookup table
[  455.665727] erofs: unmounted for /dev/loop2
[  455.671825] erofs: unmounted for /dev/loop4
07:09:05 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173070f0000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  455.765676] erofs: read_super, device -> /dev/loop5
[  455.766531] erofs: read_super, device -> /dev/loop2
[  455.770720] erofs: options -> 
[  455.776196] FAULT_INJECTION: forcing a failure.
[  455.776196] name failslab, interval 1, probability 0, space 0, times 0
[  455.783296] erofs: options -> 
[  455.803066] erofs: root inode @ nid 36
[  455.808897] CPU: 0 PID: 29528 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  455.816794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  455.818611] erofs: mounted on /dev/loop5 with opts: .
[  455.826145] Call Trace:
[  455.826167]  dump_stack+0x1fc/0x2ef
[  455.826184]  should_fail.cold+0xa/0xf
[  455.826203]  ? setup_fault_attr+0x200/0x200
[  455.845658]  ? lock_acquire+0x170/0x3c0
[  455.849638]  __should_failslab+0x115/0x180
[  455.853904]  should_failslab+0x5/0x10
[  455.857751]  kmem_cache_alloc_trace+0x284/0x380
[  455.862418]  ? _copy_from_user+0xd2/0x130
[  455.866575]  copy_mount_options+0x59/0x380
[  455.870821]  ksys_mount+0x9b/0x130
[  455.874367]  __x64_sys_mount+0xba/0x150
[  455.877279] squashfs: SQUASHFS error: unable to read inode lookup table
[  455.878338]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  455.878352]  do_syscall_64+0xf9/0x620
[  455.878381]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  455.898646] RIP: 0033:0x467afa
[  455.901866] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  455.920857] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  455.928589] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  455.935846] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  455.943235] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  455.950490] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  455.957743] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
07:09:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x20000000)

07:09:05 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x700, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  455.970638] erofs: unmounted for /dev/loop5
07:09:05 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307100000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:05 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x37, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  456.065554] erofs: unmounted for /dev/loop2
07:09:05 executing program 0 (fault-call:0 fault-nth:35):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x40000000)

[  456.085868] erofs: read_super, device -> /dev/loop4
[  456.100476] erofs: options -> 
07:09:05 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009400000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  456.164939] erofs: read_super, device -> /dev/loop5
[  456.203841] squashfs: SQUASHFS error: unable to read inode lookup table
[  456.215368] erofs: options -> 
[  456.218814] erofs: unmounted for /dev/loop4
[  456.218849] erofs: read_super, device -> /dev/loop2
[  456.235227] erofs: options -> 
[  456.237503] erofs: root inode @ nid 36
[  456.251699] erofs: mounted on /dev/loop5 with opts: .
[  456.267643] FAULT_INJECTION: forcing a failure.
[  456.267643] name failslab, interval 1, probability 0, space 0, times 0
[  456.293061] CPU: 1 PID: 29595 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  456.300962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  456.310400] Call Trace:
[  456.312975]  dump_stack+0x1fc/0x2ef
[  456.316607]  should_fail.cold+0xa/0xf
[  456.320461]  ? setup_fault_attr+0x200/0x200
[  456.324943]  ? lock_acquire+0x170/0x3c0
[  456.328923]  __should_failslab+0x115/0x180
[  456.333164]  should_failslab+0x5/0x10
[  456.337003]  __kmalloc_track_caller+0x2a6/0x3c0
[  456.341756]  ? strndup_user+0x70/0x120
[  456.345635]  ? _copy_from_user+0xd2/0x130
[  456.349779]  memdup_user+0x22/0xb0
[  456.353441]  strndup_user+0x70/0x120
[  456.357163]  ksys_mount+0x6f/0x130
[  456.360693]  __x64_sys_mount+0xba/0x150
[  456.364660]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  456.369251]  do_syscall_64+0xf9/0x620
[  456.373035]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  456.378203] RIP: 0033:0x467afa
[  456.381385] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
07:09:06 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x63, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x40000001)

[  456.400386] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  456.408111] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  456.415397] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  456.422824] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  456.430310] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  456.437572] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  456.448777] erofs: unmounted for /dev/loop2
07:09:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x50000000)

07:09:06 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x900, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  456.553193] erofs: read_super, device -> /dev/loop4
07:09:06 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307110000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:06 executing program 0 (fault-call:0 fault-nth:36):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  456.592689] erofs: unmounted for /dev/loop5
[  456.605436] erofs: options -> 
07:09:06 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009500000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:06 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x223, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  456.672594] erofs: read_super, device -> /dev/loop2
[  456.690495] erofs: options -> 
[  456.699296] erofs: unmounted for /dev/loop4
[  456.725944] erofs: unmounted for /dev/loop2
[  456.747199] erofs: read_super, device -> /dev/loop5
[  456.751270] squashfs: SQUASHFS error: unable to read inode lookup table
[  456.752232] erofs: options -> 
[  456.762658] erofs: root inode @ nid 36
[  456.772435] FAULT_INJECTION: forcing a failure.
[  456.772435] name failslab, interval 1, probability 0, space 0, times 0
[  456.776141] erofs: mounted on /dev/loop5 with opts: .
07:09:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x80000007)

[  456.791180] CPU: 1 PID: 29646 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  456.799063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  456.808528] Call Trace:
[  456.811172]  dump_stack+0x1fc/0x2ef
[  456.814808]  should_fail.cold+0xa/0xf
[  456.818637]  ? setup_fault_attr+0x200/0x200
[  456.822954]  ? lock_acquire+0x170/0x3c0
[  456.826929]  __should_failslab+0x115/0x180
[  456.831161]  should_failslab+0x5/0x10
[  456.834947]  kmem_cache_alloc_trace+0x284/0x380
[  456.839615]  ? _copy_from_user+0xd2/0x130
[  456.843746]  copy_mount_options+0x59/0x380
[  456.847974]  ksys_mount+0x9b/0x130
[  456.851600]  __x64_sys_mount+0xba/0x150
[  456.855556]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  456.860158]  do_syscall_64+0xf9/0x620
[  456.863955]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  456.869135] RIP: 0033:0x467afa
[  456.872316] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  456.891203] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  456.898912] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  456.906256] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  456.913513] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  456.920765] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  456.928025] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
07:09:06 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:06 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307120000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:06 executing program 0 (fault-call:0 fault-nth:37):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  457.022811] erofs: read_super, device -> /dev/loop2
[  457.035779] erofs: read_super, device -> /dev/loop4
[  457.045802] erofs: unmounted for /dev/loop5
[  457.053839] erofs: options -> 
[  457.058861] erofs: options -> 
07:09:06 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f50c8a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:06 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009600000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x80000008)

[  457.155119] erofs: unmounted for /dev/loop2
[  457.159496] FAULT_INJECTION: forcing a failure.
[  457.159496] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  457.159516] CPU: 0 PID: 29687 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  457.179167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  457.188873] Call Trace:
[  457.191446]  dump_stack+0x1fc/0x2ef
[  457.195068]  should_fail.cold+0xa/0xf
[  457.198851]  ? setup_fault_attr+0x200/0x200
[  457.203161]  ? unwind_next_frame+0xeee/0x1400
[  457.207637]  ? __save_stack_trace+0x72/0x190
[  457.212036]  ? deref_stack_reg+0x134/0x1d0
[  457.216247]  ? get_reg+0x176/0x1f0
[  457.219770]  __alloc_pages_nodemask+0x239/0x2890
[  457.224508]  ? cmp_ex_search+0x87/0xb0
[  457.228380]  ? __lock_acquire+0x6de/0x3ff0
[  457.232614]  ? copy_mount_options+0x1e9/0x380
[  457.237094]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  457.241925]  ? ex_handler_default+0x14/0x90
[  457.246226]  ? phys_mem_access_encrypted+0x10/0x10
[  457.251142]  ? no_context+0xce/0x940
[  457.254863]  ? force_sig_info_fault.constprop.0+0x320/0x320
[  457.260571]  ? bad_area_access_error+0x23b/0x4a0
[  457.265336]  cache_grow_begin+0xa4/0x8a0
[  457.269403]  ? setup_fault_attr+0x200/0x200
[  457.273714]  ? cache_alloc_pfmemalloc+0x1e/0x140
[  457.278455]  cache_alloc_refill+0x273/0x340
[  457.282758]  kmem_cache_alloc+0x346/0x370
[  457.286903]  getname_flags+0xce/0x590
[  457.290708]  user_path_at_empty+0x2a/0x50
[  457.294862]  do_mount+0x147/0x2f10
[  457.298401]  ? cmp_ex_sort+0xc0/0xc0
[  457.302117]  ? __do_page_fault+0x180/0xd60
[  457.306336]  ? copy_mount_string+0x40/0x40
[  457.310564]  ? memset+0x20/0x40
[  457.313835]  ? copy_mount_options+0x26f/0x380
[  457.318416]  ksys_mount+0xcf/0x130
[  457.321945]  __x64_sys_mount+0xba/0x150
[  457.325916]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  457.330495]  do_syscall_64+0xf9/0x620
[  457.334284]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  457.339452] RIP: 0033:0x467afa
[  457.342624] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  457.361503] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  457.369195] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  457.376445] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  457.383693] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  457.390946] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  457.398232] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  457.416143] erofs: unmounted for /dev/loop4
07:09:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x80000019)

[  457.484947] erofs: read_super, device -> /dev/loop0
[  457.490086] erofs: options -> 
[  457.499352] erofs: read_super, device -> /dev/loop5
[  457.515094] squashfs: SQUASHFS error: unable to read inode lookup table
[  457.531412] erofs: root inode @ nid 36
07:09:07 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307130000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  457.534513] erofs: options -> 
[  457.537906] erofs: mounted on /dev/loop0 with opts: .
[  457.545169] erofs: root inode @ nid 36
[  457.552034] erofs: mounted on /dev/loop5 with opts: .
[  457.575169] erofs: read_super, device -> /dev/loop4
[  457.580203] erofs: options -> 
07:09:07 executing program 0 (fault-call:0 fault-nth:38):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:07 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009700000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x8000001a)

[  457.606983] erofs: read_super, device -> /dev/loop2
[  457.612024] erofs: options -> 
[  457.643986] erofs: unmounted for /dev/loop0
[  457.647806] erofs: cannot find valid erofs superblock
07:09:07 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x8000001d)

[  457.662805] erofs: unmounted for /dev/loop4
[  457.670350] erofs: unmounted for /dev/loop5
[  457.690688] squashfs: SQUASHFS error: unable to read inode lookup table
07:09:07 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307140000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:07 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f50d8a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  457.903809] FAULT_INJECTION: forcing a failure.
[  457.903809] name failslab, interval 1, probability 0, space 0, times 0
[  457.915895] erofs: read_super, device -> /dev/loop5
[  457.920935] erofs: options -> 
[  457.929237] CPU: 0 PID: 29761 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  457.936108] erofs: root inode @ nid 36
[  457.937118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  457.937124] Call Trace:
07:09:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xc0000000)

[  457.937143]  dump_stack+0x1fc/0x2ef
[  457.937161]  should_fail.cold+0xa/0xf
[  457.937178]  ? setup_fault_attr+0x200/0x200
[  457.941369] erofs: mounted on /dev/loop5 with opts: .
[  457.950398]  ? lock_acquire+0x170/0x3c0
[  457.950421]  __should_failslab+0x115/0x180
[  457.950439]  should_failslab+0x5/0x10
[  457.950451]  kmem_cache_alloc+0x277/0x370
[  457.950467]  alloc_vfsmnt+0x23/0x780
[  457.950481]  ? _raw_read_unlock+0x29/0x40
[  457.950494]  vfs_kern_mount.part.0+0x27/0x470
[  457.950510]  do_mount+0x113c/0x2f10
[  458.001985]  ? cmp_ex_sort+0xc0/0xc0
[  458.005680]  ? __do_page_fault+0x180/0xd60
[  458.009896]  ? copy_mount_string+0x40/0x40
[  458.014115]  ? memset+0x20/0x40
[  458.017386]  ? copy_mount_options+0x26f/0x380
[  458.021904]  ksys_mount+0xcf/0x130
[  458.025429]  __x64_sys_mount+0xba/0x150
[  458.029381]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  458.033944]  do_syscall_64+0xf9/0x620
[  458.037735]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  458.042907] RIP: 0033:0x467afa
[  458.046087] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  458.065033] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  458.072838] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  458.080095] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  458.087381] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  458.095070] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
07:09:07 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  458.102320] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  458.116037] erofs: read_super, device -> /dev/loop4
[  458.127605] erofs: options -> 
[  458.144888] squashfs: SQUASHFS error: unable to read inode lookup table
07:09:07 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009800000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:07 executing program 0 (fault-call:0 fault-nth:39):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xc0000001)

[  458.170552] erofs: unmounted for /dev/loop5
[  458.180377] erofs: unmounted for /dev/loop4
07:09:08 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307150000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  458.313453] erofs: read_super, device -> /dev/loop2
[  458.318654] erofs: options -> 
[  458.327501] erofs: cannot find valid erofs superblock
[  458.337203] FAULT_INJECTION: forcing a failure.
[  458.337203] name failslab, interval 1, probability 0, space 0, times 0
[  458.356086] erofs: read_super, device -> /dev/loop4
[  458.361114] erofs: options -> 
[  458.365128] CPU: 0 PID: 29809 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  458.373108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  458.382568] Call Trace:
[  458.385158]  dump_stack+0x1fc/0x2ef
[  458.388785]  should_fail.cold+0xa/0xf
[  458.392575]  ? setup_fault_attr+0x200/0x200
[  458.396881]  ? lock_acquire+0x170/0x3c0
[  458.400847]  __should_failslab+0x115/0x180
[  458.405075]  should_failslab+0x5/0x10
[  458.408857]  __kmalloc_track_caller+0x2a6/0x3c0
[  458.413506]  ? kstrdup_const+0x53/0x80
[  458.417377]  kstrdup+0x36/0x70
[  458.420567]  kstrdup_const+0x53/0x80
[  458.424354]  alloc_vfsmnt+0xb5/0x780
[  458.428064]  ? _raw_read_unlock+0x29/0x40
[  458.432209]  vfs_kern_mount.part.0+0x27/0x470
[  458.436688]  do_mount+0x113c/0x2f10
[  458.440302]  ? cmp_ex_sort+0xc0/0xc0
[  458.444004]  ? __do_page_fault+0x180/0xd60
[  458.448220]  ? copy_mount_string+0x40/0x40
[  458.452450]  ? memset+0x20/0x40
[  458.455710]  ? copy_mount_options+0x26f/0x380
[  458.460208]  ksys_mount+0xcf/0x130
[  458.463737]  __x64_sys_mount+0xba/0x150
[  458.467712]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  458.472275]  do_syscall_64+0xf9/0x620
[  458.476059]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  458.481245] RIP: 0033:0x467afa
[  458.484420] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  458.503301] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  458.510993] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  458.518260] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  458.525508] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  458.532768] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  458.540018] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
07:09:08 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009900000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:08 executing program 0 (fault-call:0 fault-nth:40):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  458.578283] erofs: read_super, device -> /dev/loop2
[  458.583328] erofs: options -> 
[  458.588729] erofs: read_super, device -> /dev/loop5
[  458.601414] erofs: cannot find valid erofs superblock
[  458.612707] erofs: unmounted for /dev/loop4
[  458.612780] erofs: options -> 
07:09:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xf6ffffff)

[  458.629565] erofs: root inode @ nid 36
[  458.634872] erofs: mounted on /dev/loop5 with opts: .
07:09:08 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a030fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  458.691378] squashfs: SQUASHFS error: unable to read inode lookup table
07:09:08 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x26c3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xfcfdffff)

[  458.763221] erofs: unmounted for /dev/loop5
[  458.788321] FAULT_INJECTION: forcing a failure.
[  458.788321] name failslab, interval 1, probability 0, space 0, times 0
[  458.803536] CPU: 1 PID: 29841 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  458.811516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  458.820939] Call Trace:
[  458.823555]  dump_stack+0x1fc/0x2ef
[  458.827166]  should_fail.cold+0xa/0xf
[  458.830972]  ? setup_fault_attr+0x200/0x200
[  458.835291]  ? lock_acquire+0x170/0x3c0
[  458.839247]  __should_failslab+0x115/0x180
[  458.843471]  should_failslab+0x5/0x10
[  458.847263]  __kmalloc_track_caller+0x2a6/0x3c0
[  458.851913]  ? kstrdup_const+0x53/0x80
[  458.855801]  kstrdup+0x36/0x70
[  458.859026]  kstrdup_const+0x53/0x80
[  458.862751]  alloc_vfsmnt+0xb5/0x780
[  458.866444]  ? _raw_read_unlock+0x29/0x40
[  458.870593]  vfs_kern_mount.part.0+0x27/0x470
[  458.875077]  do_mount+0x113c/0x2f10
[  458.878691]  ? cmp_ex_sort+0xc0/0xc0
[  458.882395]  ? __do_page_fault+0x180/0xd60
[  458.886612]  ? copy_mount_string+0x40/0x40
[  458.890834]  ? memset+0x20/0x40
[  458.894105]  ? copy_mount_options+0x26f/0x380
[  458.898586]  ksys_mount+0xcf/0x130
[  458.902110]  __x64_sys_mount+0xba/0x150
[  458.906085]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  458.910651]  do_syscall_64+0xf9/0x620
[  458.914438]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  458.919606] RIP: 0033:0x467afa
[  458.922779] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  458.941658] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  458.949354] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  458.956608] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  458.963869] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  458.971178] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  458.978429] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
07:09:08 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307160000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xfdfdffff)

[  459.041850] erofs: read_super, device -> /dev/loop2
[  459.054923] erofs: options -> 
[  459.059541] erofs: read_super, device -> /dev/loop4
[  459.068930] erofs: read_super, device -> /dev/loop5
[  459.079728] erofs: options -> 
[  459.084673] erofs: options -> 
07:09:08 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3e0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:08 executing program 0 (fault-call:0 fault-nth:41):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:08 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009a00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  459.102608] erofs: root inode @ nid 36
[  459.113869] erofs: unmounted for /dev/loop2
[  459.123783] erofs: mounted on /dev/loop5 with opts: .
[  459.156751] erofs: unmounted for /dev/loop4
[  459.163234] FAULT_INJECTION: forcing a failure.
[  459.163234] name failslab, interval 1, probability 0, space 0, times 0
[  459.183391] squashfs: SQUASHFS error: unable to read inode lookup table
07:09:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xffff8000)

[  459.199517] CPU: 1 PID: 29889 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  459.207397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  459.216745] Call Trace:
[  459.219327]  dump_stack+0x1fc/0x2ef
[  459.222944]  should_fail.cold+0xa/0xf
[  459.226747]  ? setup_fault_attr+0x200/0x200
[  459.231075]  ? lock_acquire+0x170/0x3c0
[  459.235060]  __should_failslab+0x115/0x180
[  459.239289]  should_failslab+0x5/0x10
[  459.243071]  __kmalloc_track_caller+0x2a6/0x3c0
[  459.247732]  ? kstrdup_const+0x53/0x80
[  459.251731]  kstrdup+0x36/0x70
[  459.254914]  kstrdup_const+0x53/0x80
[  459.258611]  alloc_vfsmnt+0xb5/0x780
[  459.262304]  ? _raw_read_unlock+0x29/0x40
[  459.266460]  vfs_kern_mount.part.0+0x27/0x470
[  459.270940]  do_mount+0x113c/0x2f10
[  459.274549]  ? cmp_ex_sort+0xc0/0xc0
[  459.278254]  ? __do_page_fault+0x180/0xd60
[  459.282474]  ? copy_mount_string+0x40/0x40
[  459.286737]  ? memset+0x20/0x40
[  459.290018]  ? copy_mount_options+0x26f/0x380
[  459.294526]  ksys_mount+0xcf/0x130
[  459.298061]  __x64_sys_mount+0xba/0x150
[  459.302037]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  459.306606]  do_syscall_64+0xf9/0x620
[  459.310402]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  459.315592] RIP: 0033:0x467afa
[  459.318778] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  459.337657] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  459.345345] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
07:09:09 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:09 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307170000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  459.352593] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  459.359868] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  459.367132] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  459.374388] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  459.384581] erofs: unmounted for /dev/loop5
07:09:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xfffffdfc)

07:09:09 executing program 0 (fault-call:0 fault-nth:42):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  459.535625] erofs: read_super, device -> /dev/loop2
[  459.540801] erofs: options -> 
[  459.555010] squashfs: SQUASHFS error: unable to read inode lookup table
[  459.555324] erofs: read_super, device -> /dev/loop5
[  459.567498] erofs: options -> 
[  459.572170] erofs: root inode @ nid 36
[  459.577856] erofs: mounted on /dev/loop5 with opts: .
[  459.589102] erofs: read_super, device -> /dev/loop4
[  459.607995] erofs: options -> 
07:09:09 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307180000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:09 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x6000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:09 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f10cf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  459.630563] FAULT_INJECTION: forcing a failure.
[  459.630563] name failslab, interval 1, probability 0, space 0, times 0
[  459.655668] erofs: unmounted for /dev/loop5
[  459.660330] erofs: unmounted for /dev/loop2
[  459.663597] CPU: 0 PID: 29944 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  459.672539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  459.681967] Call Trace:
[  459.684570]  dump_stack+0x1fc/0x2ef
[  459.688188]  should_fail.cold+0xa/0xf
[  459.691973]  ? setup_fault_attr+0x200/0x200
[  459.696276]  ? lock_acquire+0x170/0x3c0
[  459.700238]  __should_failslab+0x115/0x180
[  459.704474]  should_failslab+0x5/0x10
[  459.708255]  kmem_cache_alloc+0x277/0x370
[  459.712402]  getname_kernel+0x4e/0x370
[  459.716287]  kern_path+0x1b/0x40
[  459.719635]  lookup_bdev+0xfc/0x220
[  459.723241]  ? bd_acquire+0x440/0x440
[  459.727023]  blkdev_get_by_path+0x1b/0xd0
[  459.731155]  mount_bdev+0x5b/0x3b0
[  459.734712]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  459.739972]  erofs_mount+0x8c/0xc0
[  459.743493]  ? erofs_kill_sb+0x20/0x20
[  459.747366]  ? alloc_pages_current+0x19b/0x2a0
[  459.751940]  ? __lockdep_init_map+0x100/0x5a0
[  459.756418]  mount_fs+0xa3/0x310
[  459.759771]  vfs_kern_mount.part.0+0x68/0x470
[  459.764266]  do_mount+0x113c/0x2f10
[  459.767964]  ? cmp_ex_sort+0xc0/0xc0
[  459.771657]  ? __do_page_fault+0x180/0xd60
[  459.775887]  ? copy_mount_string+0x40/0x40
[  459.780116]  ? memset+0x20/0x40
[  459.783393]  ? copy_mount_options+0x26f/0x380
[  459.787887]  ksys_mount+0xcf/0x130
[  459.791429]  __x64_sys_mount+0xba/0x150
[  459.795410]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  459.799987]  do_syscall_64+0xf9/0x620
[  459.803772]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  459.808954] RIP: 0033:0x467afa
[  459.812138] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
07:09:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xfffffdfd)

[  459.831021] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  459.838711] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  459.846071] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  459.853328] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  459.860598] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  459.867852] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
07:09:09 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009b00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  459.895310] erofs: unmounted for /dev/loop4
07:09:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xfffffff6)

07:09:09 executing program 0 (fault-call:0 fault-nth:43):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  460.028323] squashfs: SQUASHFS error: unable to read inode lookup table
[  460.049481] erofs: read_super, device -> /dev/loop5
[  460.068229] erofs: options -> 
07:09:09 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173071a0000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  460.082271] erofs: root inode @ nid 36
[  460.087281] erofs: mounted on /dev/loop5 with opts: .
[  460.113667] erofs: read_super, device -> /dev/loop2
[  460.119145] erofs: options -> 
07:09:09 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8603, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x4000000000)

07:09:09 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f22cf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  460.130330] erofs: read_super, device -> /dev/loop4
[  460.145673] erofs: options -> 
[  460.151399] squashfs: SQUASHFS error: unable to read inode lookup table
[  460.176652] erofs: unmounted for /dev/loop5
07:09:09 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009c00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:09 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173071b0000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  460.213713] erofs: unmounted for /dev/loop2
[  460.222540] erofs: unmounted for /dev/loop4
[  460.228744] FAULT_INJECTION: forcing a failure.
[  460.228744] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  460.240550] CPU: 1 PID: 30003 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  460.248431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  460.257785] Call Trace:
[  460.260523]  dump_stack+0x1fc/0x2ef
[  460.264150]  should_fail.cold+0xa/0xf
[  460.267958]  ? setup_fault_attr+0x200/0x200
[  460.272287]  ? get_page_from_freelist+0x1d60/0x4170
[  460.277290]  __alloc_pages_nodemask+0x239/0x2890
[  460.282028]  ? get_page_from_freelist+0x1d60/0x4170
[  460.287032]  ? bad_range+0x260/0x3c0
[  460.291288]  ? __lock_acquire+0x6de/0x3ff0
[  460.295523]  ? preempt_count_add+0xaf/0x190
[  460.299841]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  460.304672]  ? mark_held_locks+0xf0/0xf0
[  460.308731]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  460.314101]  cache_grow_begin+0xa4/0x8a0
[  460.318169]  ? setup_fault_attr+0x200/0x200
[  460.322585]  ? cache_alloc_pfmemalloc+0x1e/0x140
[  460.327342]  cache_alloc_refill+0x273/0x340
[  460.331659]  kmem_cache_alloc+0x346/0x370
[  460.335789]  getname_kernel+0x4e/0x370
[  460.339655]  kern_path+0x1b/0x40
[  460.343004]  lookup_bdev+0xfc/0x220
[  460.346614]  ? bd_acquire+0x440/0x440
[  460.350408]  blkdev_get_by_path+0x1b/0xd0
[  460.354554]  mount_bdev+0x5b/0x3b0
[  460.358089]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  460.363348]  erofs_mount+0x8c/0xc0
[  460.366872]  ? erofs_kill_sb+0x20/0x20
[  460.370750]  ? alloc_pages_current+0x19b/0x2a0
[  460.375317]  ? __lockdep_init_map+0x100/0x5a0
[  460.379793]  mount_fs+0xa3/0x310
[  460.383142]  vfs_kern_mount.part.0+0x68/0x470
[  460.387625]  do_mount+0x113c/0x2f10
[  460.391248]  ? cmp_ex_sort+0xc0/0xc0
[  460.394958]  ? __do_page_fault+0x180/0xd60
[  460.399172]  ? copy_mount_string+0x40/0x40
[  460.403392]  ? memset+0x20/0x40
[  460.406652]  ? copy_mount_options+0x26f/0x380
[  460.411137]  ksys_mount+0xcf/0x130
[  460.414663]  __x64_sys_mount+0xba/0x150
[  460.418619]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  460.423180]  do_syscall_64+0xf9/0x620
[  460.426963]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  460.432132] RIP: 0033:0x467afa
[  460.435319] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  460.454389] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
07:09:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x8000000000)

[  460.462087] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  460.469333] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  460.476580] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  460.483825] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  460.491074] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  460.561498] erofs: read_super, device -> /dev/loop0
[  460.573224] erofs: options -> 
[  460.577131] erofs: root inode @ nid 36
[  460.585751] erofs: mounted on /dev/loop0 with opts: .
07:09:10 executing program 0 (fault-call:0 fault-nth:44):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xc000000000)

[  460.614958] squashfs: SQUASHFS error: unable to read inode lookup table
[  460.638167] erofs: read_super, device -> /dev/loop2
[  460.645933] erofs: options -> 
[  460.656003] erofs: unmounted for /dev/loop0
[  460.724640] erofs: read_super, device -> /dev/loop4
[  460.724696] erofs: read_super, device -> /dev/loop5
[  460.755816] erofs: options -> 
[  460.756038] erofs: options -> 
07:09:10 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f37cf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:10 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173071c0000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:10 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009d00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  460.773184] erofs: root inode @ nid 36
[  460.789241] erofs: unmounted for /dev/loop2
[  460.800056] erofs: mounted on /dev/loop5 with opts: .
[  460.805362] erofs: unmounted for /dev/loop4
07:09:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x1000000000000)

[  460.866959] FAULT_INJECTION: forcing a failure.
[  460.866959] name failslab, interval 1, probability 0, space 0, times 0
[  460.882404] CPU: 1 PID: 30055 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  460.890299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  460.899655] Call Trace:
[  460.902245]  dump_stack+0x1fc/0x2ef
[  460.905983]  should_fail.cold+0xa/0xf
[  460.906771] erofs: read_super, device -> /dev/loop2
07:09:10 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9e03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  460.909794]  ? setup_fault_attr+0x200/0x200
[  460.909815]  ? lock_acquire+0x170/0x3c0
[  460.909835]  __should_failslab+0x115/0x180
[  460.909853]  should_failslab+0x5/0x10
[  460.931167]  __kmalloc+0x2ab/0x3c0
[  460.934728]  ? prealloc_shrinker+0x15d/0x340
[  460.939141]  prealloc_shrinker+0x15d/0x340
[  460.941647] erofs: options -> 
[  460.943372]  sget_userns+0x7b4/0xcd0
[  460.943384]  ? set_bdev_super+0x110/0x110
[  460.943399]  ? ns_test_super+0x50/0x50
[  460.943412]  ? set_bdev_super+0x110/0x110
[  460.943421]  ? ns_test_super+0x50/0x50
[  460.943435]  sget+0x102/0x140
[  460.969448]  mount_bdev+0xf8/0x3b0
[  460.972995]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  460.975984] erofs: read_super, device -> /dev/loop4
[  460.978287]  erofs_mount+0x8c/0xc0
[  460.978299]  ? erofs_kill_sb+0x20/0x20
[  460.978316]  ? alloc_pages_current+0x19b/0x2a0
[  460.978333]  ? __lockdep_init_map+0x100/0x5a0
[  460.978349]  mount_fs+0xa3/0x310
[  460.990687] erofs: options -> 
[  460.990760]  vfs_kern_mount.part.0+0x68/0x470
[  461.010818]  do_mount+0x113c/0x2f10
07:09:10 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf020000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  461.014452]  ? cmp_ex_sort+0xc0/0xc0
[  461.018167]  ? __do_page_fault+0x180/0xd60
[  461.022533]  ? copy_mount_string+0x40/0x40
[  461.026862]  ? memset+0x20/0x40
[  461.030156]  ? copy_mount_options+0x26f/0x380
[  461.034674]  ksys_mount+0xcf/0x130
[  461.038217]  __x64_sys_mount+0xba/0x150
[  461.042193]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  461.046778]  do_syscall_64+0xf9/0x620
[  461.050589]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  461.055777] RIP: 0033:0x467afa
[  461.059060] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  461.078054] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  461.085764] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  461.093013] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  461.100268] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  461.107536] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
07:09:10 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009e00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:10 executing program 0 (fault-call:0 fault-nth:45):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  461.114802] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  461.124063] erofs: unmounted for /dev/loop5
[  461.129583] squashfs: SQUASHFS error: unable to read inode lookup table
[  461.141566] erofs: unmounted for /dev/loop2
[  461.158797] erofs: unmounted for /dev/loop4
07:09:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x20000000000000)

07:09:11 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307230000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  461.341784] erofs: read_super, device -> /dev/loop2
[  461.343398] erofs: read_super, device -> /dev/loop4
[  461.346976] erofs: read_super, device -> /dev/loop5
[  461.357423] FAULT_INJECTION: forcing a failure.
[  461.357423] name failslab, interval 1, probability 0, space 0, times 0
[  461.361672] erofs: options -> 
[  461.369370] CPU: 0 PID: 30106 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  461.380116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  461.389481] Call Trace:
[  461.389583] erofs: options -> 
[  461.392068]  dump_stack+0x1fc/0x2ef
[  461.392085]  should_fail.cold+0xa/0xf
[  461.392101]  ? setup_fault_attr+0x200/0x200
[  461.392114]  ? lock_acquire+0x170/0x3c0
[  461.392130]  __should_failslab+0x115/0x180
[  461.403261] erofs: options -> 
[  461.406998]  should_failslab+0x5/0x10
[  461.407012]  kmem_cache_alloc_trace+0x284/0x380
[  461.407028]  ? set_bdev_super+0x110/0x110
[  461.407040]  ? ns_test_super+0x50/0x50
[  461.407051]  sget_userns+0x122/0xcd0
[  461.407063]  ? set_bdev_super+0x110/0x110
[  461.407078]  ? ns_test_super+0x50/0x50
[  461.407096]  ? set_bdev_super+0x110/0x110
[  461.425377] erofs: root inode @ nid 36
[  461.426986]  ? ns_test_super+0x50/0x50
[  461.426999]  sget+0x102/0x140
[  461.427013]  mount_bdev+0xf8/0x3b0
[  461.427027]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  461.427043]  erofs_mount+0x8c/0xc0
[  461.427052]  ? erofs_kill_sb+0x20/0x20
[  461.427069]  ? alloc_pages_current+0x19b/0x2a0
[  461.442573] erofs: mounted on /dev/loop5 with opts: .
[  461.442899]  ? __lockdep_init_map+0x100/0x5a0
[  461.492153]  mount_fs+0xa3/0x310
[  461.495547]  vfs_kern_mount.part.0+0x68/0x470
[  461.500043]  do_mount+0x113c/0x2f10
[  461.503672]  ? cmp_ex_sort+0xc0/0xc0
[  461.507389]  ? __do_page_fault+0x180/0xd60
[  461.511625]  ? copy_mount_string+0x40/0x40
[  461.515896]  ? memset+0x20/0x40
[  461.516338] squashfs: SQUASHFS error: unable to read inode lookup table
[  461.519167]  ? copy_mount_options+0x26f/0x380
[  461.519184]  ksys_mount+0xcf/0x130
[  461.519200]  __x64_sys_mount+0xba/0x150
[  461.519215]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  461.519226]  do_syscall_64+0xf9/0x620
[  461.519243]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  461.551471] RIP: 0033:0x467afa
[  461.554676] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  461.573578] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  461.581282] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
07:09:11 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf009f00000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:11 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x9f03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:11 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf030000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  461.588536] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  461.595787] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  461.603046] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  461.610297] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  461.622428] erofs: unmounted for /dev/loop4
[  461.628817] erofs: unmounted for /dev/loop5
[  461.633295] erofs: unmounted for /dev/loop2
07:09:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x80ffff00000000)

07:09:11 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307600000911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x100000000000000)

07:09:11 executing program 0 (fault-call:0 fault-nth:46):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  461.847133] erofs: read_super, device -> /dev/loop4
[  461.852175] erofs: options -> 
07:09:11 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf00a000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  461.912242] erofs: unmounted for /dev/loop4
07:09:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x100004000000000)

[  461.982737] erofs: read_super, device -> /dev/loop2
[  461.990058] erofs: options -> 
07:09:11 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf040000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  462.039682] erofs: unmounted for /dev/loop2
[  462.159597] erofs: read_super, device -> /dev/loop4
[  462.168190] squashfs: SQUASHFS error: unable to read inode lookup table
[  462.198596] erofs: options -> 
[  462.264714] erofs: read_super, device -> /dev/loop2
[  462.267454] erofs: read_super, device -> /dev/loop5
[  462.288577] FAULT_INJECTION: forcing a failure.
[  462.288577] name failslab, interval 1, probability 0, space 0, times 0
07:09:12 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcfd90ce0720c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:12 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307000300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  462.312894] erofs: options -> 
[  462.329525] CPU: 0 PID: 30192 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  462.337411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  462.338897] erofs: options -> 
[  462.346755] Call Trace:
[  462.346807]  dump_stack+0x1fc/0x2ef
[  462.346825]  should_fail.cold+0xa/0xf
[  462.346840]  ? setup_fault_attr+0x200/0x200
[  462.346856]  ? lock_acquire+0x170/0x3c0
[  462.368344]  __should_failslab+0x115/0x180
[  462.372584]  should_failslab+0x5/0x10
[  462.374119] erofs: root inode @ nid 36
[  462.376387]  kmem_cache_alloc+0x277/0x370
[  462.376409]  radix_tree_node_alloc.constprop.0+0x7c/0x320
[  462.376424]  idr_get_free+0x50e/0xa10
[  462.376444]  idr_alloc_u32+0x1a5/0x320
[  462.394924] erofs: mounted on /dev/loop5 with opts: .
[  462.397629]  ? __fprop_inc_percpu_max+0x210/0x210
[  462.397641]  ? __mutex_unlock_slowpath+0xea/0x610
[  462.397656]  ? should_fail+0x142/0x7b0
[  462.397669]  ? fs_reclaim_release+0xd0/0x110
[  462.420768]  ? setup_fault_attr+0x200/0x200
[  462.425092]  ? lock_acquire+0x170/0x3c0
[  462.429070]  idr_alloc+0xc2/0x130
[  462.432523]  ? idr_alloc_u32+0x320/0x320
[  462.436590]  prealloc_shrinker+0x193/0x340
[  462.440831]  sget_userns+0x7b4/0xcd0
[  462.444548]  ? set_bdev_super+0x110/0x110
[  462.448718]  ? ns_test_super+0x50/0x50
[  462.452712]  ? set_bdev_super+0x110/0x110
[  462.456859]  ? ns_test_super+0x50/0x50
[  462.460750]  sget+0x102/0x140
[  462.463861]  mount_bdev+0xf8/0x3b0
[  462.467408]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  462.472692]  erofs_mount+0x8c/0xc0
[  462.476258]  ? erofs_kill_sb+0x20/0x20
[  462.480185]  ? alloc_pages_current+0x19b/0x2a0
[  462.484772]  ? __lockdep_init_map+0x100/0x5a0
[  462.489268]  mount_fs+0xa3/0x310
[  462.492644]  vfs_kern_mount.part.0+0x68/0x470
[  462.497145]  do_mount+0x113c/0x2f10
[  462.500780]  ? cmp_ex_sort+0xc0/0xc0
[  462.504499]  ? __do_page_fault+0x180/0xd60
[  462.508734]  ? copy_mount_string+0x40/0x40
[  462.512974]  ? memset+0x20/0x40
[  462.516259]  ? copy_mount_options+0x26f/0x380
[  462.520766]  ksys_mount+0xcf/0x130
[  462.524311]  __x64_sys_mount+0xba/0x150
[  462.528293]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  462.532887]  do_syscall_64+0xf9/0x620
[  462.536702]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  462.541890] RIP: 0033:0x467afa
[  462.545087] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
07:09:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x100008000000000)

[  462.563981] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  462.571683] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  462.578950] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  462.586217] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  462.593484] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  462.600751] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
07:09:12 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa003, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:12 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf050000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  462.720182] erofs: unmounted for /dev/loop4
[  462.724727] erofs: unmounted for /dev/loop5
[  462.731740] squashfs: SQUASHFS error: unable to read inode lookup table
[  462.744638] erofs: unmounted for /dev/loop2
07:09:12 executing program 0 (fault-call:0 fault-nth:47):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x10000c000000000)

07:09:12 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307860300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  462.908800] erofs: read_super, device -> /dev/loop4
[  462.914431] erofs: options -> 
[  462.919421] erofs: read_super, device -> /dev/loop5
[  462.934176] erofs: read_super, device -> /dev/loop2
[  462.939208] erofs: options -> 
[  462.946329] erofs: options -> 
07:09:12 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcfdf0ce0720c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:12 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf070000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  462.960961] erofs: root inode @ nid 36
[  462.977590] erofs: mounted on /dev/loop5 with opts: .
[  462.985533] erofs: unmounted for /dev/loop4
[  463.024905] erofs: unmounted for /dev/loop2
[  463.049894] squashfs: SQUASHFS error: unable to read inode lookup table
[  463.058861] FAULT_INJECTION: forcing a failure.
[  463.058861] name failslab, interval 1, probability 0, space 0, times 0
[  463.104660] CPU: 0 PID: 30250 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  463.112559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  463.121916] Call Trace:
[  463.124524]  dump_stack+0x1fc/0x2ef
[  463.128180]  should_fail.cold+0xa/0xf
[  463.131995]  ? setup_fault_attr+0x200/0x200
[  463.136325]  ? lock_acquire+0x170/0x3c0
[  463.140312]  __should_failslab+0x115/0x180
[  463.144549]  should_failslab+0x5/0x10
[  463.148344]  kmem_cache_alloc_node_trace+0x244/0x3b0
[  463.153452]  __kmalloc_node+0x38/0x70
[  463.157259]  kvmalloc_node+0x61/0xf0
[  463.160983]  __list_lru_init+0x4c6/0x7f0
[  463.165054]  ? up_write+0x13/0x150
[  463.168600]  sget_userns+0x7e2/0xcd0
[  463.172320]  ? set_bdev_super+0x110/0x110
[  463.176565]  ? ns_test_super+0x50/0x50
[  463.180464]  ? set_bdev_super+0x110/0x110
[  463.184725]  ? ns_test_super+0x50/0x50
[  463.188619]  sget+0x102/0x140
[  463.191311] erofs: read_super, device -> /dev/loop2
[  463.191723]  mount_bdev+0xf8/0x3b0
[  463.200317]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  463.205601]  erofs_mount+0x8c/0xc0
[  463.209145]  ? erofs_kill_sb+0x20/0x20
[  463.213146]  ? alloc_pages_current+0x19b/0x2a0
[  463.216577] erofs: options -> 
[  463.217723]  ? __lockdep_init_map+0x100/0x5a0
[  463.217739]  mount_fs+0xa3/0x310
[  463.217756]  vfs_kern_mount.part.0+0x68/0x470
[  463.217771]  do_mount+0x113c/0x2f10
[  463.236879]  ? cmp_ex_sort+0xc0/0xc0
[  463.240602]  ? __do_page_fault+0x180/0xd60
[  463.244842]  ? copy_mount_string+0x40/0x40
[  463.249086]  ? memset+0x20/0x40
[  463.252367]  ? copy_mount_options+0x26f/0x380
[  463.256869]  ksys_mount+0xcf/0x130
[  463.260417]  __x64_sys_mount+0xba/0x150
[  463.264395]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  463.268979]  do_syscall_64+0xf9/0x620
[  463.272783]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  463.277966] RIP: 0033:0x467afa
[  463.281156] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
07:09:12 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173079a0300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:13 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf080000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:13 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173079b0300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:13 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa103, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  463.300159] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  463.307885] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  463.315154] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  463.322423] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  463.329691] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  463.336963] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  463.347851] erofs: unmounted for /dev/loop2
07:09:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x101000000000000)

[  463.362751] erofs: unmounted for /dev/loop5
07:09:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x200000000000000)

[  463.483272] erofs: read_super, device -> /dev/loop4
[  463.494723] erofs: read_super, device -> /dev/loop2
[  463.497720] squashfs: SQUASHFS error: unable to read inode lookup table
[  463.499812] erofs: options -> 
[  463.530199] erofs: options -> 
07:09:13 executing program 0 (fault-call:0 fault-nth:48):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:13 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf0f0000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:13 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173079c0300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:13 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf1fffffff0c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  463.608929] erofs: unmounted for /dev/loop2
[  463.647990] erofs: unmounted for /dev/loop4
07:09:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x400000000000000)

[  463.674304] erofs: read_super, device -> /dev/loop5
[  463.679431] erofs: options -> 
[  463.692048] erofs: root inode @ nid 36
[  463.697384] erofs: mounted on /dev/loop5 with opts: .
[  463.709678] FAULT_INJECTION: forcing a failure.
[  463.709678] name failslab, interval 1, probability 0, space 0, times 0
[  463.759157] CPU: 1 PID: 30308 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  463.767151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  463.776507] Call Trace:
[  463.779105]  dump_stack+0x1fc/0x2ef
[  463.782762]  should_fail.cold+0xa/0xf
[  463.786571]  ? setup_fault_attr+0x200/0x200
[  463.790898]  ? lock_acquire+0x170/0x3c0
[  463.794889]  __should_failslab+0x115/0x180
[  463.799127]  should_failslab+0x5/0x10
[  463.802930]  kmem_cache_alloc_node_trace+0x244/0x3b0
[  463.808044]  __kmalloc_node+0x38/0x70
[  463.811856]  kvmalloc_node+0x61/0xf0
[  463.815574]  __list_lru_init+0x4c6/0x7f0
[  463.819649]  ? up_write+0x13/0x150
[  463.823204]  sget_userns+0x7e2/0xcd0
[  463.826923]  ? set_bdev_super+0x110/0x110
[  463.831084]  ? ns_test_super+0x50/0x50
[  463.834980]  ? set_bdev_super+0x110/0x110
[  463.839139]  ? ns_test_super+0x50/0x50
[  463.843021]  sget+0x102/0x140
[  463.846130]  mount_bdev+0xf8/0x3b0
[  463.849228] erofs: read_super, device -> /dev/loop4
[  463.849670]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  463.859926]  erofs_mount+0x8c/0xc0
[  463.863466]  ? erofs_kill_sb+0x20/0x20
[  463.867361]  ? alloc_pages_current+0x19b/0x2a0
[  463.871945]  ? __lockdep_init_map+0x100/0x5a0
[  463.876443]  mount_fs+0xa3/0x310
[  463.879814]  vfs_kern_mount.part.0+0x68/0x470
[  463.881679] erofs: options -> 
[  463.884311]  do_mount+0x113c/0x2f10
[  463.884325]  ? cmp_ex_sort+0xc0/0xc0
[  463.884338]  ? __do_page_fault+0x180/0xd60
[  463.884350]  ? copy_mount_string+0x40/0x40
[  463.884369]  ? memset+0x20/0x40
[  463.884380]  ? copy_mount_options+0x26f/0x380
[  463.884395]  ksys_mount+0xcf/0x130
[  463.884408]  __x64_sys_mount+0xba/0x150
[  463.884423]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  463.923357]  do_syscall_64+0xf9/0x620
[  463.927252]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  463.932444] RIP: 0033:0x467afa
[  463.935637] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
07:09:13 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa203, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  463.954536] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  463.962330] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  463.967014] squashfs: SQUASHFS error: unable to read inode lookup table
[  463.969594] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  463.969602] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  463.969610] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  463.969617] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  463.978461] erofs: unmounted for /dev/loop5
07:09:13 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010200000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x500000000000000)

[  464.003513] erofs: read_super, device -> /dev/loop2
[  464.026428] erofs: options -> 
[  464.034911] erofs: unmounted for /dev/loop4
07:09:13 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf100000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:14 executing program 0 (fault-call:0 fault-nth:49):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:14 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173079d0300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  464.242002] erofs: unmounted for /dev/loop2
07:09:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x600000000000000)

[  464.287086] erofs: read_super, device -> /dev/loop5
[  464.292130] erofs: options -> 
[  464.295605] erofs: read_super, device -> /dev/loop4
[  464.306509] erofs: options -> 
[  464.320022] erofs: root inode @ nid 36
07:09:14 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010300000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:14 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa303, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  464.340449] erofs: mounted on /dev/loop5 with opts: .
[  464.351874] erofs: read_super, device -> /dev/loop0
[  464.374122] erofs: unmounted for /dev/loop4
[  464.384801] erofs: unmounted for /dev/loop5
[  464.387113] erofs: options -> 
[  464.393277] FAULT_INJECTION: forcing a failure.
[  464.393277] name failslab, interval 1, probability 0, space 0, times 0
[  464.404874] CPU: 1 PID: 30379 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  464.412747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  464.422095] Call Trace:
[  464.424668]  dump_stack+0x1fc/0x2ef
[  464.428287]  should_fail.cold+0xa/0xf
[  464.432073]  ? setup_fault_attr+0x200/0x200
[  464.436382]  __should_failslab+0x115/0x180
[  464.440600]  should_failslab+0x5/0x10
[  464.444383]  kmem_cache_alloc+0x3f/0x370
[  464.448432]  ? mempool_alloc+0x350/0x350
[  464.452469]  mempool_alloc+0x146/0x350
[  464.456338]  ? mempool_resize+0x790/0x790
[  464.460587]  ? lock_downgrade+0x720/0x720
[  464.464738]  ? mark_held_locks+0xa6/0xf0
[  464.468784]  bio_alloc_bioset+0x389/0x5e0
[  464.472922]  ? __find_get_block+0x314/0xde0
[  464.477222]  ? bvec_alloc+0x2f0/0x2f0
[  464.481006]  ? __getblk_slow+0x6a3/0x9e0
[  464.485051]  submit_bh_wbc+0x141/0x760
[  464.488928]  __bread_gfp+0x14e/0x300
[  464.492622]  erofs_fill_super+0x207/0x12cc
[  464.496849]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  464.502105]  ? vsprintf+0x30/0x30
[  464.505553]  ? wait_for_completion_io+0x10/0x10
[  464.510207]  ? set_blocksize+0x163/0x3f0
[  464.514254]  mount_bdev+0x2fc/0x3b0
[  464.517868]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  464.523130]  erofs_mount+0x8c/0xc0
[  464.526659]  ? erofs_kill_sb+0x20/0x20
[  464.530539]  ? alloc_pages_current+0x19b/0x2a0
[  464.535112]  ? __lockdep_init_map+0x100/0x5a0
[  464.539587]  mount_fs+0xa3/0x310
[  464.542934]  vfs_kern_mount.part.0+0x68/0x470
[  464.547424]  do_mount+0x113c/0x2f10
[  464.551048]  ? cmp_ex_sort+0xc0/0xc0
[  464.554755]  ? __do_page_fault+0x180/0xd60
[  464.558971]  ? copy_mount_string+0x40/0x40
[  464.563189]  ? memset+0x20/0x40
[  464.566458]  ? copy_mount_options+0x26f/0x380
[  464.570939]  ksys_mount+0xcf/0x130
[  464.574461]  __x64_sys_mount+0xba/0x150
[  464.578414]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  464.583073]  do_syscall_64+0xf9/0x620
[  464.586859]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  464.592027] RIP: 0033:0x467afa
[  464.595218] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  464.614096] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  464.621783] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  464.629042] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
07:09:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x700000000000000)

[  464.636293] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  464.643542] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  464.650805] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  464.661779] erofs: root inode @ nid 36
[  464.666114] erofs: mounted on /dev/loop0 with opts: .
07:09:14 executing program 0 (fault-call:0 fault-nth:50):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  464.739438] erofs: read_super, device -> /dev/loop2
[  464.741046] squashfs: SQUASHFS error: unable to read inode lookup table
[  464.744790] erofs: read_super, device -> /dev/loop4
[  464.756710] erofs: options -> 
[  464.767510] erofs: options -> 
[  464.770975] erofs: unmounted for /dev/loop0
07:09:14 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173079e0300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x700008000000000)

07:09:14 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010400000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  464.849516] erofs: read_super, device -> /dev/loop5
[  464.859316] erofs: options -> 
[  464.862779] erofs: root inode @ nid 36
[  464.885975] erofs: mounted on /dev/loop5 with opts: .
07:09:14 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf140000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  464.902961] erofs: unmounted for /dev/loop4
[  464.916173] erofs: unmounted for /dev/loop2
07:09:14 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa403, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  464.984079] squashfs: SQUASHFS error: unable to read inode lookup table
07:09:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x800008000000000)

[  465.026528] erofs: unmounted for /dev/loop5
[  465.037759] FAULT_INJECTION: forcing a failure.
[  465.037759] name failslab, interval 1, probability 0, space 0, times 0
[  465.039631] erofs: read_super, device -> /dev/loop4
[  465.063553] erofs: options -> 
[  465.069078] CPU: 1 PID: 30432 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  465.076994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  465.086339] Call Trace:
[  465.088926]  dump_stack+0x1fc/0x2ef
[  465.092538]  should_fail.cold+0xa/0xf
[  465.096322]  ? setup_fault_attr+0x200/0x200
[  465.100630]  ? lock_acquire+0x170/0x3c0
[  465.104596]  __should_failslab+0x115/0x180
[  465.108813]  should_failslab+0x5/0x10
[  465.112590]  kmem_cache_alloc_node_trace+0x244/0x3b0
[  465.117677]  __kmalloc_node+0x38/0x70
[  465.121457]  kvmalloc_node+0x61/0xf0
[  465.125172]  __list_lru_init+0x4c6/0x7f0
[  465.129213]  ? up_write+0x13/0x150
[  465.132738]  sget_userns+0x810/0xcd0
[  465.136479]  ? set_bdev_super+0x110/0x110
[  465.140612]  ? ns_test_super+0x50/0x50
[  465.144483]  ? set_bdev_super+0x110/0x110
[  465.148609]  ? ns_test_super+0x50/0x50
[  465.152488]  sget+0x102/0x140
[  465.155576]  mount_bdev+0xf8/0x3b0
[  465.159096]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  465.164350]  erofs_mount+0x8c/0xc0
[  465.167872]  ? erofs_kill_sb+0x20/0x20
[  465.171748]  ? alloc_pages_current+0x19b/0x2a0
[  465.176307]  ? __lockdep_init_map+0x100/0x5a0
[  465.180798]  mount_fs+0xa3/0x310
[  465.184151]  vfs_kern_mount.part.0+0x68/0x470
[  465.188630]  do_mount+0x113c/0x2f10
[  465.192278]  ? cmp_ex_sort+0xc0/0xc0
[  465.195979]  ? __do_page_fault+0x180/0xd60
[  465.200219]  ? copy_mount_string+0x40/0x40
[  465.204454]  ? memset+0x20/0x40
[  465.207718]  ? copy_mount_options+0x26f/0x380
[  465.212198]  ksys_mount+0xcf/0x130
[  465.215725]  __x64_sys_mount+0xba/0x150
[  465.219687]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  465.224268]  do_syscall_64+0xf9/0x620
[  465.228057]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  465.233237] RIP: 0033:0x467afa
[  465.236409] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  465.255292] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  465.262985] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  465.270242] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
07:09:15 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="68737173079f0300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  465.277495] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  465.284743] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  465.292003] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
07:09:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x900000000000000)

07:09:15 executing program 0 (fault-call:0 fault-nth:51):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  465.373225] erofs: read_super, device -> /dev/loop2
07:09:15 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010500000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  465.395794] erofs: options -> 
07:09:15 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf220000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  465.419682] erofs: unmounted for /dev/loop4
07:09:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xa00000000000000)

[  465.455037] erofs: unmounted for /dev/loop2
[  465.495167] erofs: read_super, device -> /dev/loop0
[  465.500239] erofs: options -> 
[  465.504179] erofs: read_super, device -> /dev/loop5
[  465.511444] squashfs: SQUASHFS error: unable to read inode lookup table
[  465.518297] erofs: options -> 
[  465.528311] erofs: root inode @ nid 36
[  465.532607] FAULT_INJECTION: forcing a failure.
[  465.532607] name failslab, interval 1, probability 0, space 0, times 0
[  465.550232] erofs: mounted on /dev/loop5 with opts: .
[  465.556971] CPU: 1 PID: 30469 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  465.562604] erofs: read_super, device -> /dev/loop4
[  465.564859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  465.564865] Call Trace:
[  465.564883]  dump_stack+0x1fc/0x2ef
[  465.564901]  should_fail.cold+0xa/0xf
[  465.564915]  ? do_mount+0x113c/0x2f10
[  465.564930]  ? setup_fault_attr+0x200/0x200
[  465.564942]  ? blk_queue_enter+0x40b/0xb70
[  465.564959]  __should_failslab+0x115/0x180
[  465.564974]  should_failslab+0x5/0x10
[  465.564987]  kmem_cache_alloc_node+0x54/0x3b0
[  465.565003]  create_task_io_context+0x2c/0x430
[  465.565017]  generic_make_request_checks+0x1c4f/0x22e0
[  465.565036]  ? should_fail_bio.isra.0+0xa0/0xa0
[  465.565050]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  465.565060]  ? kmem_cache_alloc+0x315/0x370
[  465.565075]  generic_make_request+0x23f/0xdf0
[  465.642247]  ? blk_put_request+0x110/0x110
[  465.646472]  ? lock_downgrade+0x720/0x720
[  465.650604]  submit_bio+0xb1/0x430
[  465.654132]  ? generic_make_request+0xdf0/0xdf0
[  465.658793]  ? check_preemption_disabled+0x41/0x280
[  465.663806]  ? guard_bio_eod+0x2a0/0x650
[  465.667855]  submit_bh_wbc+0x5a7/0x760
[  465.671729]  __bread_gfp+0x14e/0x300
[  465.675426]  erofs_fill_super+0x207/0x12cc
[  465.679645]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  465.684904]  ? vsprintf+0x30/0x30
[  465.688341]  ? wait_for_completion_io+0x10/0x10
[  465.692999]  ? set_blocksize+0x163/0x3f0
[  465.697045]  mount_bdev+0x2fc/0x3b0
[  465.700657]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  465.705921]  erofs_mount+0x8c/0xc0
[  465.709442]  ? erofs_kill_sb+0x20/0x20
[  465.713323]  ? alloc_pages_current+0x19b/0x2a0
[  465.717893]  ? __lockdep_init_map+0x100/0x5a0
[  465.722371]  mount_fs+0xa3/0x310
[  465.725719]  vfs_kern_mount.part.0+0x68/0x470
[  465.730199]  do_mount+0x113c/0x2f10
[  465.733815]  ? cmp_ex_sort+0xc0/0xc0
[  465.737513]  ? __do_page_fault+0x180/0xd60
[  465.741730]  ? copy_mount_string+0x40/0x40
[  465.745958]  ? memset+0x20/0x40
[  465.749227]  ? copy_mount_options+0x26f/0x380
[  465.753714]  ksys_mount+0xcf/0x130
[  465.757235]  __x64_sys_mount+0xba/0x150
[  465.761189]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  465.765769]  do_syscall_64+0xf9/0x620
[  465.769573]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  465.774747] RIP: 0033:0x467afa
[  465.777926] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  465.796808] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  465.804493] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  465.811744] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  465.819010] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  465.826259] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  465.833521] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  465.848357] erofs: options -> 
07:09:15 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa503, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  465.861046] erofs: read_super, device -> /dev/loop2
[  465.876081] erofs: options -> 
07:09:15 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010600000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  465.908924] erofs: unmounted for /dev/loop5
07:09:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xb00000000000000)

07:09:15 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf250000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:15 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307a00300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:15 executing program 0 (fault-call:0 fault-nth:52):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  465.936034] erofs: unmounted for /dev/loop4
[  465.937470] erofs: root inode @ nid 36
[  465.951371] erofs: unmounted for /dev/loop2
[  465.954284] erofs: mounted on /dev/loop0 with opts: .
[  465.987594] erofs: unmounted for /dev/loop0
07:09:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0xd00000000000000)

[  466.068262] erofs: read_super, device -> /dev/loop5
[  466.074373] erofs: options -> 
[  466.078380] squashfs: SQUASHFS error: unable to read inode lookup table
[  466.087164] erofs: root inode @ nid 36
[  466.102588] erofs: mounted on /dev/loop5 with opts: .
07:09:15 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307a10300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:15 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa603, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  466.161308] erofs: read_super, device -> /dev/loop2
[  466.169339] erofs: read_super, device -> /dev/loop4
[  466.170618] erofs: options -> 
[  466.174848] erofs: read_super, device -> /dev/loop0
[  466.182982] erofs: options -> 
[  466.194356] erofs: options -> 
[  466.199931] erofs: root inode @ nid 36
[  466.238280] erofs: unmounted for /dev/loop5
[  466.239167] FAULT_INJECTION: forcing a failure.
[  466.239167] name failslab, interval 1, probability 0, space 0, times 0
[  466.270922] CPU: 0 PID: 30541 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  466.278817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  466.288167] Call Trace:
[  466.290759]  dump_stack+0x1fc/0x2ef
[  466.294400]  should_fail.cold+0xa/0xf
[  466.298209]  ? setup_fault_attr+0x200/0x200
[  466.302526]  ? lock_acquire+0x170/0x3c0
[  466.306487]  __should_failslab+0x115/0x180
[  466.310709]  should_failslab+0x5/0x10
[  466.314494]  kmem_cache_alloc+0x277/0x370
[  466.318624]  ? destroy_inode+0x20/0x20
[  466.322490]  alloc_inode+0x18/0x50
[  466.326008]  ? destroy_inode+0x20/0x20
[  466.329882]  alloc_inode+0x5d/0x180
[  466.333487]  iget_locked+0x193/0x480
[  466.337188]  erofs_iget+0x27/0x2720
[  466.340972]  ? do_raw_spin_unlock+0x171/0x230
[  466.345461]  erofs_fill_super+0xf65/0x12cc
[  466.349683]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  466.354939]  ? vsprintf+0x30/0x30
[  466.358374]  ? wait_for_completion_io+0x10/0x10
[  466.363020]  ? set_blocksize+0x163/0x3f0
[  466.367069]  mount_bdev+0x2fc/0x3b0
[  466.370680]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  466.375938]  erofs_mount+0x8c/0xc0
[  466.379458]  ? erofs_kill_sb+0x20/0x20
[  466.383327]  ? alloc_pages_current+0x19b/0x2a0
[  466.387901]  ? __lockdep_init_map+0x100/0x5a0
[  466.392387]  mount_fs+0xa3/0x310
[  466.395739]  vfs_kern_mount.part.0+0x68/0x470
[  466.400223]  do_mount+0x113c/0x2f10
[  466.403836]  ? cmp_ex_sort+0xc0/0xc0
[  466.407535]  ? __do_page_fault+0x180/0xd60
[  466.411752]  ? copy_mount_string+0x40/0x40
[  466.415973]  ? memset+0x20/0x40
[  466.419238]  ? copy_mount_options+0x26f/0x380
[  466.423717]  ksys_mount+0xcf/0x130
[  466.427242]  __x64_sys_mount+0xba/0x150
[  466.431202]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  466.435788]  do_syscall_64+0xf9/0x620
[  466.439575]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  466.444743] RIP: 0033:0x467afa
[  466.447933] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  466.466816] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  466.474525] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  466.481948] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
07:09:16 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010700000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:16 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf370000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  466.489205] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  466.496452] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  466.503710] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  466.525508] erofs: unmounted for /dev/loop2
[  466.530120] erofs: unmounted for /dev/loop4
07:09:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x1900008000000000)

[  466.630375] squashfs: SQUASHFS error: unable to read inode lookup table
[  466.638826] erofs: read_super, device -> /dev/loop5
[  466.654134] erofs: options -> 
[  466.680527] erofs: root inode @ nid 36
07:09:16 executing program 0 (fault-call:0 fault-nth:53):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  466.717022] erofs: mounted on /dev/loop5 with opts: .
07:09:16 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307a20300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:16 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa703, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x1a00008000000000)

[  466.809306] erofs: unmounted for /dev/loop5
[  466.812603] erofs: read_super, device -> /dev/loop4
[  466.819042] erofs: options -> 
[  466.856151] erofs: read_super, device -> /dev/loop2
[  466.857651] erofs: read_super, device -> /dev/loop0
[  466.861193] erofs: options -> 
[  466.866380] erofs: options -> 
[  466.873032] FAULT_INJECTION: forcing a failure.
[  466.873032] name failslab, interval 1, probability 0, space 0, times 0
[  466.890095] CPU: 0 PID: 30596 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  466.897978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  466.907326] Call Trace:
[  466.909917]  dump_stack+0x1fc/0x2ef
[  466.910183] squashfs: SQUASHFS error: unable to read inode lookup table
[  466.913542]  should_fail.cold+0xa/0xf
[  466.913556]  ? setup_fault_attr+0x200/0x200
[  466.913575]  __should_failslab+0x115/0x180
[  466.932633]  should_failslab+0x5/0x10
[  466.936443]  kmem_cache_alloc+0x3f/0x370
[  466.940514]  ? mempool_alloc+0x350/0x350
[  466.944580]  mempool_alloc+0x146/0x350
[  466.948473]  ? mempool_resize+0x790/0x790
[  466.952645]  ? lock_downgrade+0x720/0x720
[  466.956816]  ? mark_held_locks+0xa6/0xf0
[  466.960886]  bio_alloc_bioset+0x389/0x5e0
[  466.965050]  ? __find_get_block+0x314/0xde0
[  466.969372]  ? bvec_alloc+0x2f0/0x2f0
[  466.973202]  ? __getblk_slow+0x6a3/0x9e0
[  466.977266]  submit_bh_wbc+0x141/0x760
[  466.981156]  __bread_gfp+0x14e/0x300
[  466.984862]  erofs_fill_super+0x207/0x12cc
[  466.989085]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  466.994344]  ? vsprintf+0x30/0x30
[  466.997781]  ? wait_for_completion_io+0x10/0x10
[  467.002552]  ? set_blocksize+0x163/0x3f0
[  467.006738]  mount_bdev+0x2fc/0x3b0
[  467.010479]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  467.015863]  erofs_mount+0x8c/0xc0
[  467.019411]  ? erofs_kill_sb+0x20/0x20
[  467.023285]  ? alloc_pages_current+0x19b/0x2a0
[  467.027852]  ? __lockdep_init_map+0x100/0x5a0
[  467.032333]  mount_fs+0xa3/0x310
[  467.035683]  vfs_kern_mount.part.0+0x68/0x470
[  467.040167]  do_mount+0x113c/0x2f10
[  467.043806]  ? cmp_ex_sort+0xc0/0xc0
[  467.047507]  ? __do_page_fault+0x180/0xd60
[  467.051736]  ? copy_mount_string+0x40/0x40
[  467.055958]  ? memset+0x20/0x40
[  467.059220]  ? copy_mount_options+0x26f/0x380
[  467.063698]  ksys_mount+0xcf/0x130
[  467.067224]  __x64_sys_mount+0xba/0x150
[  467.071199]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  467.075892]  do_syscall_64+0xf9/0x620
[  467.079681]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  467.084852] RIP: 0033:0x467afa
[  467.088100] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
07:09:16 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010800000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:16 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf440000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  467.106983] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  467.114678] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  467.121939] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  467.129188] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  467.136446] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  467.143722] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  467.154326] erofs: unmounted for /dev/loop2
[  467.158876] erofs: unmounted for /dev/loop4
[  467.166680] erofs: root inode @ nid 36
[  467.170810] erofs: mounted on /dev/loop0 with opts: .
07:09:17 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307a30300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

07:09:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x1d00008000000000)

[  467.219943] erofs: read_super, device -> /dev/loop5
[  467.228166] erofs: options -> 
[  467.246700] erofs: root inode @ nid 36
[  467.254899] erofs: mounted on /dev/loop5 with opts: .
07:09:17 executing program 0 (fault-call:0 fault-nth:54):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

[  467.267486] erofs: read_super, device -> /dev/loop2
[  467.285162] erofs: options -> 
[  467.299417] erofs: unmounted for /dev/loop0
[  467.313698] erofs: read_super, device -> /dev/loop4
[  467.318821] erofs: options -> 
07:09:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x2000000000000000)

07:09:17 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcfd80000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:17 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf016000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:17 executing program 5:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xa803, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000040))

07:09:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000018000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x5000000000000000)

[  467.388917] squashfs: SQUASHFS error: unable to read inode lookup table
[  467.405542] erofs: unmounted for /dev/loop2
[  467.420240] erofs: unmounted for /dev/loop4
[  467.432735] erofs: unmounted for /dev/loop5
[  467.575471] erofs: read_super, device -> /dev/loop0
[  467.580514] erofs: options -> 
[  467.594004] erofs: root inode @ nid 36
[  467.600626] FAULT_INJECTION: forcing a failure.
[  467.600626] name failslab, interval 1, probability 0, space 0, times 0
[  467.601764] erofs: read_super, device -> /dev/loop2
[  467.613225] CPU: 0 PID: 30654 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  467.624726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  467.627526] erofs: read_super, device -> /dev/loop4
[  467.634065] Call Trace:
[  467.634083]  dump_stack+0x1fc/0x2ef
[  467.634100]  should_fail.cold+0xa/0xf
[  467.634115]  ? setup_fault_attr+0x200/0x200
[  467.634127]  ? lock_acquire+0x170/0x3c0
[  467.634143]  __should_failslab+0x115/0x180
[  467.650504] erofs: options -> 
[  467.653401]  should_failslab+0x5/0x10
[  467.653415]  kmem_cache_alloc+0x277/0x370
[  467.653431]  erofs_fill_super+0x10a1/0x12cc
[  467.653447]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  467.653458]  ? vsprintf+0x30/0x30
[  467.653478]  ? wait_for_completion_io+0x10/0x10
[  467.673257] erofs: options -> 
[  467.677043]  ? set_blocksize+0x163/0x3f0
[  467.677060]  mount_bdev+0x2fc/0x3b0
[  467.677074]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  467.677090]  erofs_mount+0x8c/0xc0
[  467.677101]  ? erofs_kill_sb+0x20/0x20
[  467.677116]  ? alloc_pages_current+0x19b/0x2a0
[  467.718479]  ? __lockdep_init_map+0x100/0x5a0
[  467.722960]  mount_fs+0xa3/0x310
[  467.726312]  vfs_kern_mount.part.0+0x68/0x470
[  467.730795]  do_mount+0x113c/0x2f10
[  467.734406]  ? cmp_ex_sort+0xc0/0xc0
[  467.738100]  ? __do_page_fault+0x180/0xd60
[  467.742315]  ? copy_mount_string+0x40/0x40
[  467.746536]  ? memset+0x20/0x40
[  467.749805]  ? copy_mount_options+0x26f/0x380
[  467.754282]  ksys_mount+0xcf/0x130
[  467.757805]  __x64_sys_mount+0xba/0x150
[  467.761760]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  467.766324]  do_syscall_64+0xf9/0x620
[  467.770123]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  467.775309] RIP: 0033:0x467afa
[  467.778478] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  467.797357] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  467.805043] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  467.812303] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  467.819563] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
07:09:17 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000b, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000000001003, 0x1, &(0x7f0000000200)=[{&(0x7f00000005c0)="6873717307a40300911d675f001000000000000001000c00d00002000400000026010000000000000602000000000000b501000000000000ee0100000000000099000000000000003e010000000000008501000000000000a30100000000000078da2baeacca4eccc9492d2aa61d030085492b1f78da2baeacca4eccc9492d2a1e618c324619a30c1803005565c4a273797a6b616c6c657273a30078da636278cbc8c0c0c830d6363d1ec8604800e2ff4000a41852805804889990d43003f925486aa4581818a4813433c37fb81aa01003c82c3520d62fc92dd02faeacd2cdcc4d4c4f4d4fcd3331b434373733b634d24fcbcc493580908c48363031400088d604627620e644926705f2fba16ab81850012392cba0f28cc87ad9806233a1721acaa87a9990f4229b0131f700dc0c76a818282442807ee400d2018b6a3509450078da63648000662056016226061686b4cc9c54030f0646a0208463c80255c508a5991838c0127ac9f939296d40614698b6654006cc0cc3470cac708e1132c71800421f11fb1c0078da636080803628ad02a53da0f43228fd084aab3142680046df02a2850100000000000008805cf90100535f0100ab010000000000001d0078da63606063a8482c29293264636080b21860624656312300b5bc09ab108000000000000000000200000024000000bd010000000000000100000000000040dc01", 0x200}], 0x0, &(0x7f0000000080)=ANY=[])

[  467.826821] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  467.834083] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  467.876938] erofs: read_super, device -> /dev/loop5
[  467.902611] BUG: Dentry 000000001d051f15{i=0,n=/}  still in use (-128) [unmount of erofs loop0]
[  467.910866] erofs: options -> 
[  467.912265] ------------[ cut here ]------------
[  467.920427] WARNING: CPU: 1 PID: 30654 at fs/dcache.c:1518 umount_check.cold+0xf2/0x116
[  467.928571] Kernel panic - not syncing: panic_on_warn set ...
[  467.928571] 
[  467.935931] CPU: 1 PID: 30654 Comm: syz-executor.0 Not tainted 4.19.195-syzkaller #0
[  467.943802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  467.953147] Call Trace:
[  467.955740]  dump_stack+0x1fc/0x2ef
[  467.959371]  panic+0x26a/0x50e
[  467.962566]  ? __warn_printk+0xf3/0xf3
[  467.966461]  ? umount_check.cold+0xf2/0x116
[  467.970788]  ? __probe_kernel_read+0x130/0x1b0
[  467.975383]  ? __warn.cold+0x5/0x5a
[  467.979018]  ? umount_check.cold+0xf2/0x116
[  467.983333]  __warn.cold+0x20/0x5a
[  467.986884]  ? umount_check.cold+0xf2/0x116
[  467.991238]  report_bug+0x262/0x2b0
[  467.994882]  do_error_trap+0x1d7/0x310
[  467.998771]  ? math_error+0x310/0x310
[  468.002574]  ? __irq_work_queue_local+0x101/0x160
[  468.007425]  ? irq_work_queue+0x29/0x80
[  468.011426]  ? error_entry+0x72/0xd0
[  468.015141]  ? trace_hardirqs_off_caller+0x6e/0x210
[  468.020252]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  468.025197]  invalid_op+0x14/0x20
[  468.028662] RIP: 0010:umount_check.cold+0xf2/0x116
[  468.033589] Code: f9 4d 89 f1 45 89 e0 48 89 e9 41 55 4c 89 fa 48 89 ee 48 c7 c7 40 a6 74 88 e8 3b f0 fe ff 48 c7 c7 40 a5 74 88 e8 2f f0 fe ff <0f> 0b 58 e9 f0 b6 b4 f9 e8 1c 65 a4 f9 e9 22 ff ff ff 48 89 df e8
07:09:17 executing program 2:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcfd90000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

07:09:17 executing program 4:
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a3f0fcf019300000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x808002, &(0x7f0000000040))

[  468.048084] erofs: root inode @ nid 36
[  468.052495] RSP: 0018:ffff888034427a98 EFLAGS: 00010286
[  468.061730] RAX: 0000000000000024 RBX: 0000000000000000 RCX: 0000000000000000
[  468.068988] RDX: 0000000000040000 RSI: ffffffff814dfc91 RDI: ffffed1006884f45
[  468.076242] RBP: ffff88808e5af9a0 R08: 0000000000000024 R09: 0000000000000000
[  468.083592] R10: 0000000000000005 R11: 0000000000000000 R12: 00000000ffffff80
[  468.090845] R13: ffff888042b50750 R14: ffffffff893f91a0 R15: 0000000000000000
[  468.098111]  ? vprintk_func+0x81/0x180
[  468.101983]  ? umount_check.cold+0xf2/0x116
[  468.106308]  d_walk+0x196/0x990
[  468.109572]  ? shrink_dcache_parent+0x120/0x120
[  468.114311]  ? debug_check_no_obj_freed+0x201/0x490
[  468.119315]  shrink_dcache_for_umount+0x87/0x330
[  468.124062]  generic_shutdown_super+0x68/0x370
[  468.128635]  kill_block_super+0x97/0xf0
[  468.132607]  deactivate_locked_super+0x94/0x160
[  468.137260]  mount_bdev+0x373/0x3b0
[  468.140889]  ? gb_gbphy_register_driver.cold+0x39/0x39
[  468.146152]  erofs_mount+0x8c/0xc0
[  468.149692]  ? erofs_kill_sb+0x20/0x20
[  468.153564]  ? alloc_pages_current+0x19b/0x2a0
[  468.158131]  ? __lockdep_init_map+0x100/0x5a0
[  468.162604]  mount_fs+0xa3/0x310
[  468.165960]  vfs_kern_mount.part.0+0x68/0x470
[  468.170443]  do_mount+0x113c/0x2f10
[  468.174058]  ? cmp_ex_sort+0xc0/0xc0
[  468.177756]  ? __do_page_fault+0x180/0xd60
[  468.181972]  ? copy_mount_string+0x40/0x40
[  468.186193]  ? memset+0x20/0x40
[  468.189461]  ? copy_mount_options+0x26f/0x380
[  468.193956]  ksys_mount+0xcf/0x130
[  468.197480]  __x64_sys_mount+0xba/0x150
[  468.201437]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  468.206002]  do_syscall_64+0xf9/0x620
[  468.209825]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  468.215014] RIP: 0033:0x467afa
[  468.218188] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  468.237078] RSP: 002b:00007fd4abad3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  468.244766] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000467afa
[  468.252030] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fd4abad4000
[  468.259291] RBP: 00007fd4abad4040 R08: 00007fd4abad4040 R09: 0000000020000000
[  468.266558] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  468.273821] R13: 0000000020000100 R14: 00007fd4abad4000 R15: 0000000020000040
[  468.282436] Kernel Offset: disabled
[  468.286516] Rebooting in 86400 seconds..