erofs: (device loop1): z_erofs_lz4_decompress: failed to decompress -11 in[46, 0] out[8192]
BUG: unable to handle page fault for address: fffff521000e1f03
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 23ffef067 P4D 23ffef067 PUD 0 
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 96 Comm: kworker/u5:0 Not tainted 5.10.161-syzkaller-00019-g416c4356f372 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
Workqueue: erofs_unzipd z_erofs_decompressqueue_work
RIP: 0010:z_erofs_decompress_pcluster+0x7a0/0x1d70 fs/erofs/zdata.c:914
Code: 00 e8 d4 1d 85 ff 41 8a 04 1e 84 c0 0f 85 13 02 00 00 41 8b 07 c1 f8 02 89 c0 48 8b 4c 24 58 4c 8d 34 c1 4d 89 f7 49 c1 ef 03 <41> 80 3c 1f 00 74 08 4c 89 f7 e8 b1 1b 85 ff 4d 8b 26 4d 85 e4 0f
RSP: 0018:ffffc9000070f740 EFLAGS: 00010a06
RAX: 00000000ffffffff RBX: dffffc0000000000 RCX: ffffc9000070f820
RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffea0004e36da8
RBP: ffffc9000070fc50 R08: dffffc0000000000 R09: fffff940009c6db6
R10: fffff940009c6db6 R11: 1ffffd40009c6db5 R12: ffffea0004e36d80
R13: 0000000000000000 R14: ffffc9080070f818 R15: 1ffff921000e1f03
FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: fffff521000e1f03 CR3: 00000001542c8000 CR4: 00000000003506a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 z_erofs_decompress_queue fs/erofs/zdata.c:1059 [inline]
 z_erofs_decompressqueue_work+0x120/0x190 fs/erofs/zdata.c:1070
 process_one_work+0x726/0xc10 kernel/workqueue.c:2296
 worker_thread+0xb27/0x1550 kernel/workqueue.c:2442
 kthread+0x349/0x3d0 kernel/kthread.c:313
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:299
Modules linked in:
CR2: fffff521000e1f03
---[ end trace be1d91b2b6189a9f ]---
RIP: 0010:z_erofs_decompress_pcluster+0x7a0/0x1d70 fs/erofs/zdata.c:914
Code: 00 e8 d4 1d 85 ff 41 8a 04 1e 84 c0 0f 85 13 02 00 00 41 8b 07 c1 f8 02 89 c0 48 8b 4c 24 58 4c 8d 34 c1 4d 89 f7 49 c1 ef 03 <41> 80 3c 1f 00 74 08 4c 89 f7 e8 b1 1b 85 ff 4d 8b 26 4d 85 e4 0f
RSP: 0018:ffffc9000070f740 EFLAGS: 00010a06

RAX: 00000000ffffffff RBX: dffffc0000000000 RCX: ffffc9000070f820
RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffea0004e36da8
RBP: ffffc9000070fc50 R08: dffffc0000000000 R09: fffff940009c6db6
R10: fffff940009c6db6 R11: 1ffffd40009c6db5 R12: ffffea0004e36d80
R13: 0000000000000000 R14: ffffc9080070f818 R15: 1ffff921000e1f03
FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: fffff521000e1f03 CR3: 00000001542c8000 CR4: 00000000003506a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess), 1 bytes skipped:
   0:	e8 d4 1d 85 ff       	callq  0xff851dd9
   5:	41 8a 04 1e          	mov    (%r14,%rbx,1),%al
   9:	84 c0                	test   %al,%al
   b:	0f 85 13 02 00 00    	jne    0x224
  11:	41 8b 07             	mov    (%r15),%eax
  14:	c1 f8 02             	sar    $0x2,%eax
  17:	89 c0                	mov    %eax,%eax
  19:	48 8b 4c 24 58       	mov    0x58(%rsp),%rcx
  1e:	4c 8d 34 c1          	lea    (%rcx,%rax,8),%r14
  22:	4d 89 f7             	mov    %r14,%r15
  25:	49 c1 ef 03          	shr    $0x3,%r15
* 29:	41 80 3c 1f 00       	cmpb   $0x0,(%r15,%rbx,1) <-- trapping instruction
  2e:	74 08                	je     0x38
  30:	4c 89 f7             	mov    %r14,%rdi
  33:	e8 b1 1b 85 ff       	callq  0xff851be9
  38:	4d 8b 26             	mov    (%r14),%r12
  3b:	4d 85 e4             	test   %r12,%r12
  3e:	0f                   	.byte 0xf