0000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:34 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  221.602386] erofs: unmounted for /dev/loop1
[  221.602391] erofs: unmounted for /dev/loop2
21:34:35 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:35 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:35 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  221.728192] erofs: read_super, device -> /dev/loop4
[  221.742293] erofs: read_super, device -> /dev/loop2
[  221.747639] erofs: options -> 
[  221.749337] erofs: options -> 
[  221.756369] erofs: root inode @ nid 36
[  221.759573] erofs: read_super, device -> /dev/loop1
[  221.773632] erofs: root inode @ nid 36
21:34:35 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  221.782156] erofs: options -> 
[  221.787219] erofs: root inode @ nid 36
[  221.791550] erofs: mounted on /dev/loop1 with opts: .
21:34:35 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:35 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:35 executing program 1:
r0 = socket$packet(0x11, 0x0, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:35 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  221.886605] erofs: unmounted for /dev/loop1
21:34:35 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:35 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  221.961134] erofs: read_super, device -> /dev/loop2
[  221.969560] erofs: options -> 
[  221.979968] erofs: root inode @ nid 36
[  221.984017] erofs: read_super, device -> /dev/loop4
[  221.989062] erofs: options -> 
[  221.990456] erofs: read_super, device -> /dev/loop1
[  222.002159] erofs: options -> 
21:34:35 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  222.008687] erofs: root inode @ nid 36
[  222.009510] erofs: root inode @ nid 36
[  222.015019] erofs: mounted on /dev/loop1 with opts: .
21:34:35 executing program 1:
socket$packet(0x11, 0x3, 0x300)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:35 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e803000000000000000000000100"/63, 0x3f, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  222.130326] erofs: unmounted for /dev/loop1
[  222.146168] erofs: read_super, device -> /dev/loop2
[  222.160000] erofs: options -> 
[  222.171011] erofs: root inode @ nid 36
21:34:35 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  222.241149] erofs: read_super, device -> /dev/loop1
[  222.252450] erofs: read_super, device -> /dev/loop4
[  222.258823] erofs: options -> 
[  222.265079] erofs: options -> 
[  222.272837] erofs: root inode @ nid 36
[  222.279130] erofs: root inode @ nid 36
21:34:35 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e803000000000000000000000100"/63, 0x3f, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  222.291896] erofs: mounted on /dev/loop4 with opts: .
[  222.302914] erofs: mounted on /dev/loop1 with opts: .
21:34:35 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:35 executing program 1:
socket$packet(0x11, 0x3, 0x300)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  222.351682] erofs: read_super, device -> /dev/loop2
[  222.371685] erofs: unmounted for /dev/loop4
[  222.383336] erofs: options -> 
[  222.394551] erofs: root inode @ nid 36
21:34:35 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  222.398699] erofs: unmounted for /dev/loop1
[  222.428218] erofs: mounted on /dev/loop2 with opts: .
21:34:35 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:35 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  222.507131] erofs: read_super, device -> /dev/loop4
[  222.514174] erofs: unmounted for /dev/loop2
[  222.538382] erofs: read_super, device -> /dev/loop1
[  222.560539] erofs: options -> 
[  222.568235] erofs: options -> 
[  222.587599] erofs: root inode @ nid 36
[  222.592514] erofs: root inode @ nid 36
[  222.609427] erofs: mounted on /dev/loop1 with opts: .
21:34:35 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:36 executing program 1:
socket$packet(0x11, 0x3, 0x300)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  222.670412] erofs: unmounted for /dev/loop1
[  222.705222] erofs: read_super, device -> /dev/loop2
[  222.712899] erofs: options -> 
[  222.721419] erofs: root inode @ nid 36
21:34:36 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  222.836906] erofs: read_super, device -> /dev/loop1
[  222.843817] erofs: options -> 
[  222.847309] erofs: root inode @ nid 36
[  222.854531] erofs: mounted on /dev/loop1 with opts: .
[  222.863747] erofs: read_super, device -> /dev/loop4
[  222.874896] erofs: options -> 
21:34:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  222.907634] erofs: root inode @ nid 36
[  222.921640] erofs: unmounted for /dev/loop1
21:34:36 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:36 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  223.040714] erofs: read_super, device -> /dev/loop2
[  223.050707] erofs: read_super, device -> /dev/loop1
[  223.055701] erofs: options -> 
[  223.057691] erofs: options -> 
[  223.064603] erofs: root inode @ nid 36
[  223.069041] erofs: mounted on /dev/loop1 with opts: .
[  223.103912] erofs: unmounted for /dev/loop1
[  223.110331] erofs: root inode @ nid 36
[  223.184756] erofs: read_super, device -> /dev/loop4
[  223.189844] erofs: options -> 
[  223.217963] erofs: read_super, device -> /dev/loop1
[  223.227298] erofs: root inode @ nid 36
21:34:36 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  223.248015] erofs: options -> 
[  223.253237] erofs: root inode @ nid 36
[  223.258130] erofs: mounted on /dev/loop1 with opts: .
21:34:36 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:34:36 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:36 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  223.368764] erofs: read_super, device -> /dev/loop2
[  223.390424] erofs: unmounted for /dev/loop1
[  223.393533] erofs: options -> 
[  223.398500] erofs: root inode @ nid 36
[  223.468196] erofs: read_super, device -> /dev/loop4
[  223.484799] erofs: read_super, device -> /dev/loop1
[  223.495240] erofs: options -> 
[  223.503108] erofs: options -> 
[  223.510261] erofs: root inode @ nid 36
[  223.513566] erofs: root inode @ nid 36
21:34:36 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  223.524282] erofs: mounted on /dev/loop1 with opts: .
21:34:36 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  223.559993] erofs: mounted on /dev/loop4 with opts: .
[  223.580362] erofs: unmounted for /dev/loop1
[  223.588671] erofs: read_super, device -> /dev/loop2
[  223.598978] erofs: options -> 
[  223.603888] erofs: root inode @ nid 36
[  223.613900] erofs: mounted on /dev/loop2 with opts: .
21:34:36 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:36 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  223.633212] erofs: unmounted for /dev/loop4
[  223.682014] erofs: read_super, device -> /dev/loop1
[  223.690648] erofs: options -> 
[  223.718055] erofs: root inode @ nid 36
21:34:37 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:37 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  223.735565] erofs: mounted on /dev/loop1 with opts: .
[  223.755092] erofs: read_super, device -> /dev/loop4
[  223.763137] erofs: unmounted for /dev/loop2
21:34:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:37 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  223.788314] erofs: options -> 
[  223.792282] erofs: root inode @ nid 36
[  223.821413] erofs: unmounted for /dev/loop1
[  223.905253] erofs: read_super, device -> /dev/loop1
[  223.910661] erofs: options -> 
[  223.916688] erofs: root inode @ nid 36
[  223.920978] erofs: mounted on /dev/loop1 with opts: .
[  223.925657] erofs: read_super, device -> /dev/loop2
[  223.935128] erofs: options -> 
[  223.946818] erofs: root inode @ nid 36
[  223.978101] erofs: unmounted for /dev/loop1
21:34:37 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:34:37 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:37 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:37 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:37 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  224.273447] erofs: read_super, device -> /dev/loop4
[  224.278810] erofs: read_super, device -> /dev/loop1
[  224.283690] erofs: read_super, device -> /dev/loop2
[  224.288862] erofs: options -> 
[  224.298262] erofs: options -> 
[  224.304961] erofs: options -> 
[  224.315797] erofs: root inode @ nid 36
[  224.317369] erofs: root inode @ nid 36
[  224.325268] erofs: root inode @ nid 36
21:34:37 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  224.345860] erofs: mounted on /dev/loop1 with opts: .
21:34:37 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:37 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:37 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  224.460605] erofs: unmounted for /dev/loop1
21:34:37 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:37 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  224.643017] erofs: read_super, device -> /dev/loop2
[  224.643026] erofs: read_super, device -> /dev/loop4
[  224.643041] erofs: options -> 
[  224.648113] erofs: options -> 
[  224.648557] erofs: root inode @ nid 36
[  224.666248] erofs: root inode @ nid 36
21:34:38 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:34:38 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:38 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:38 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ff", 0x11, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:38 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ff", 0x11, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:38 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  225.058963] erofs: read_super, device -> /dev/loop4
[  225.071699] erofs: read_super, device -> /dev/loop2
[  225.084917] erofs: options -> 
[  225.099579] erofs: root inode @ nid 36
[  225.101044] erofs: options -> 
21:34:38 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:38 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

21:34:38 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  225.115440] erofs: mounted on /dev/loop4 with opts: .
[  225.121171] erofs: root inode @ nid 36
[  225.137810] erofs: mounted on /dev/loop2 with opts: .
21:34:38 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="0500", 0x2, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:38 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="0500", 0x2, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  225.246881] erofs: unmounted for /dev/loop4
21:34:38 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  225.272817] erofs: unmounted for /dev/loop2
[  225.328726] erofs: read_super, device -> /dev/loop4
[  225.336280] erofs: options -> 
[  225.346583] erofs: root inode @ nid 36
[  225.412764] erofs: read_super, device -> /dev/loop2
[  225.421592] erofs: options -> 
[  225.428714] erofs: root inode @ nid 36
21:34:38 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:34:38 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

21:34:38 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:38 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="0500", 0x2, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:38 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="0500", 0x2, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:39 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:34:39 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  225.670779] erofs: read_super, device -> /dev/loop4
[  225.682886] erofs: read_super, device -> /dev/loop2
[  225.687963] erofs: options -> 
[  225.700908] erofs: options -> 
[  225.708098] erofs: root inode @ nid 36
[  225.715881] erofs: root inode @ nid 36
21:34:39 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="0500", 0x2, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:39 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="0500", 0x2, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:39 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  225.874290] erofs: read_super, device -> /dev/loop2
[  225.879350] erofs: options -> 
[  225.887095] erofs: root inode @ nid 36
[  225.952816] erofs: read_super, device -> /dev/loop4
[  225.976618] erofs: options -> 
[  225.980131] erofs: root inode @ nid 36
21:34:39 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:39 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400", 0xa, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', 0x0, 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:39 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:39 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400", 0xa, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:39 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  226.150946] erofs: read_super, device -> /dev/loop2
[  226.156519] erofs: read_super, device -> /dev/loop4
[  226.163380] erofs: options -> 
[  226.166804] erofs: options -> 
[  226.170761] erofs: root inode @ nid 36
[  226.177505] erofs: root inode @ nid 36
[  226.184244] erofs: mounted on /dev/loop4 with opts: .
[  226.212012] erofs: mounted on /dev/loop2 with opts: .
21:34:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00))

21:34:39 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:39 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00))

[  226.288518] erofs: unmounted for /dev/loop2
[  226.304879] erofs: unmounted for /dev/loop4
[  226.401857] erofs: read_super, device -> /dev/loop2
21:34:39 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000010a00))

[  226.423156] erofs: options -> 
[  226.436414] erofs: root inode @ nid 36
21:34:39 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  226.489576] erofs: read_super, device -> /dev/loop4
[  226.498837] erofs: options -> 
[  226.506016] erofs: root inode @ nid 36
[  226.608201] erofs: read_super, device -> /dev/loop2
[  226.622340] erofs: options -> 
[  226.628040] erofs: root inode @ nid 36
21:34:40 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:40 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}], 0x0, &(0x7f0000010a00))

21:34:40 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:40 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:40 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  226.759292] erofs: read_super, device -> /dev/loop2
[  226.764589] erofs: options -> 
[  226.768630] erofs: root inode @ nid 36
[  226.803053] erofs: read_super, device -> /dev/loop4
[  226.803058] erofs: read_super, device -> /dev/loop1
[  226.803071] erofs: options -> 
[  226.830330] erofs: options -> 
[  226.832090] erofs: cannot read erofs superblock
[  226.849675] erofs: root inode @ nid 36
21:34:40 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:40 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100", 0x7, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:40 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:40 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}], 0x0, &(0x7f0000010a00))

21:34:40 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:40 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  227.028600] erofs: read_super, device -> /dev/loop2
[  227.049882] erofs: options -> 
[  227.064855] erofs: root inode @ nid 36
[  227.073124] erofs: read_super, device -> /dev/loop1
[  227.080298] erofs: mounted on /dev/loop2 with opts: .
[  227.088529] erofs: options -> 
[  227.093348] erofs: cannot read erofs superblock
21:34:40 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:40 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}], 0x0, &(0x7f0000010a00))

[  227.133314] erofs: read_super, device -> /dev/loop4
[  227.146766] erofs: options -> 
[  227.151874] erofs: root inode @ nid 36
[  227.171188] erofs: unmounted for /dev/loop2
21:34:40 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100", 0x7, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  227.292790] erofs: read_super, device -> /dev/loop2
[  227.293999] erofs: read_super, device -> /dev/loop1
[  227.300113] erofs: options -> 
[  227.309617] erofs: options -> 
[  227.314433] erofs: cannot read erofs superblock
[  227.321098] erofs: root inode @ nid 36
21:34:40 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:40 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0}], 0x0, &(0x7f0000010a00))

21:34:40 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  227.413575] erofs: read_super, device -> /dev/loop4
[  227.421084] erofs: options -> 
[  227.433859] erofs: root inode @ nid 36
[  227.440821] erofs: mounted on /dev/loop4 with opts: .
[  227.508815] erofs: read_super, device -> /dev/loop1
[  227.513795] erofs: read_super, device -> /dev/loop2
[  227.519801] erofs: unmounted for /dev/loop4
[  227.524517] erofs: options -> 
[  227.531582] erofs: cannot read erofs superblock
[  227.540377] erofs: options -> 
[  227.549830] erofs: root inode @ nid 36
21:34:41 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:41 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:41 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:41 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0}], 0x0, &(0x7f0000010a00))

21:34:41 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  227.886683] erofs: read_super, device -> /dev/loop4
[  227.892286] erofs: read_super, device -> /dev/loop1
[  227.901935] erofs: options -> 
[  227.908119] erofs: read_super, device -> /dev/loop2
[  227.915147] erofs: options -> 
[  227.924237] erofs: cannot read erofs superblock
21:34:41 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  227.936880] erofs: root inode @ nid 36
[  227.947903] erofs: options -> 
[  227.963971] erofs: root inode @ nid 36
21:34:41 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0}], 0x0, &(0x7f0000010a00))

21:34:41 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:41 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:41 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  228.132216] erofs: read_super, device -> /dev/loop1
[  228.137512] erofs: options -> 
[  228.139960] erofs: read_super, device -> /dev/loop4
[  228.141366] erofs: cannot read erofs superblock
[  228.163770] erofs: options -> 
[  228.167496] erofs: root inode @ nid 36
21:34:41 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  228.232231] erofs: read_super, device -> /dev/loop2
[  228.237291] erofs: options -> 
[  228.254196] erofs: root inode @ nid 36
[  228.274161] erofs: mounted on /dev/loop2 with opts: .
[  228.288902] erofs: read_super, device -> /dev/loop1
[  228.299007] erofs: options -> 
[  228.308619] erofs: root inode @ nid 36
[  228.325783] erofs: read_super, device -> /dev/loop4
21:34:41 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  228.337512] erofs: options -> 
[  228.341169] erofs: root inode @ nid 36
[  228.377225] erofs: unmounted for /dev/loop2
21:34:42 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:42 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:42 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:42 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  228.768617] erofs: read_super, device -> /dev/loop4
[  228.775324] erofs: options -> 
[  228.780730] erofs: read_super, device -> /dev/loop2
[  228.786534] erofs: root inode @ nid 36
[  228.797164] erofs: read_super, device -> /dev/loop1
[  228.804082] erofs: options -> 
[  228.808109] erofs: mounted on /dev/loop4 with opts: .
[  228.814952] erofs: options -> 
[  228.820849] erofs: root inode @ nid 36
[  228.824269] erofs: root inode @ nid 36
21:34:42 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  228.868056] erofs: unmounted for /dev/loop4
21:34:42 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:42 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  228.983368] erofs: read_super, device -> /dev/loop2
[  228.991344] erofs: options -> 
[  229.003619] erofs: root inode @ nid 36
[  229.010542] erofs: read_super, device -> /dev/loop1
[  229.027681] erofs: options -> 
21:34:42 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:42 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  229.037121] erofs: read_super, device -> /dev/loop4
[  229.041116] erofs: root inode @ nid 36
[  229.053878] erofs: options -> 
[  229.057680] erofs: root inode @ nid 36
21:34:42 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:42 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:42 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  229.216753] erofs: read_super, device -> /dev/loop2
[  229.222175] erofs: options -> 
[  229.227564] erofs: root inode @ nid 36
[  229.273183] erofs: read_super, device -> /dev/loop1
[  229.278857] erofs: options -> 
[  229.287832] erofs: root inode @ nid 36
[  229.339083] erofs: read_super, device -> /dev/loop4
[  229.359878] erofs: options -> 
[  229.364772] erofs: root inode @ nid 36
21:34:42 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

21:34:42 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:42 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:42 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:43 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  229.650341] erofs: read_super, device -> /dev/loop1
[  229.666919] erofs: read_super, device -> /dev/loop2
[  229.672533] erofs: options -> 
[  229.676374] erofs: root inode @ nid 36
[  229.679026] erofs: read_super, device -> /dev/loop4
[  229.680581] erofs: options -> 
[  229.692312] erofs: root inode @ nid 36
[  229.726184] erofs: options -> 
21:34:43 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {0x0, 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:43 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

21:34:43 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  229.755276] erofs: root inode @ nid 36
21:34:43 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:43 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:43 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  229.881108] erofs: read_super, device -> /dev/loop1
[  229.892161] erofs: options -> 
[  229.897829] erofs: read_super, device -> /dev/loop2
[  229.913919] erofs: root inode @ nid 36
[  229.919015] erofs: options -> 
21:34:43 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
getpeername$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040))
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

[  229.930656] erofs: root inode @ nid 36
21:34:43 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  230.004963] erofs: read_super, device -> /dev/loop4
21:34:43 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  230.025336] erofs: options -> 
[  230.038279] erofs: root inode @ nid 36
21:34:43 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:43 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  230.122000] erofs: read_super, device -> /dev/loop1
[  230.127060] erofs: options -> 
[  230.146002] erofs: root inode @ nid 36
21:34:43 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:43 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:43 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  230.208589] erofs: read_super, device -> /dev/loop4
[  230.212236] erofs: read_super, device -> /dev/loop2
[  230.218751] erofs: options -> 
[  230.219714] erofs: options -> 
[  230.227978] erofs: root inode @ nid 36
[  230.234047] erofs: root inode @ nid 36
21:34:43 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  230.380682] erofs: read_super, device -> /dev/loop2
21:34:43 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:43 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  230.408853] erofs: options -> 
[  230.419205] erofs: cannot find valid erofs superblock
21:34:43 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  230.464989] erofs: read_super, device -> /dev/loop1
[  230.475150] erofs: options -> 
[  230.492761] erofs: read_super, device -> /dev/loop4
[  230.503196] erofs: root inode @ nid 36
21:34:43 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  230.529237] erofs: options -> 
[  230.538231] erofs: root inode @ nid 36
[  230.626654] erofs: read_super, device -> /dev/loop2
[  230.631715] erofs: options -> 
21:34:44 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  230.673432] erofs: cannot find valid erofs superblock
21:34:44 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:44 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:44 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:44 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  230.832053] erofs: read_super, device -> /dev/loop4
[  230.833151] erofs: read_super, device -> /dev/loop1
[  230.850267] erofs: options -> 
[  230.864338] erofs: options -> 
[  230.864536] erofs: cannot find valid erofs superblock
[  230.876543] erofs: root inode @ nid 36
[  230.923647] erofs: read_super, device -> /dev/loop2
[  230.929095] erofs: options -> 
[  230.937074] erofs: cannot find valid erofs superblock
21:34:44 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:44 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c6530", 0x1f8, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  231.057143] erofs: read_super, device -> /dev/loop4
[  231.066064] erofs: options -> 
[  231.105131] erofs: cannot find valid erofs superblock
[  231.166219] erofs: read_super, device -> /dev/loop1
[  231.171278] erofs: options -> 
[  231.191361] erofs: root inode @ nid 36
[  231.200924] erofs: mounted on /dev/loop1 with opts: .
21:34:44 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:44 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:44 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:44 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:44 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:44 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  231.282437] erofs: unmounted for /dev/loop1
[  231.320248] erofs: read_super, device -> /dev/loop2
[  231.328646] erofs: options -> 
[  231.338761] erofs: cannot find valid erofs superblock
21:34:44 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:44 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  231.378577] erofs: read_super, device -> /dev/loop4
[  231.385026] erofs: options -> 
[  231.390055] erofs: cannot find valid erofs superblock
21:34:44 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  231.445504] erofs: read_super, device -> /dev/loop1
[  231.450646] erofs: options -> 
[  231.466330] erofs: root inode @ nid 36
[  231.522874] erofs: read_super, device -> /dev/loop2
[  231.527966] erofs: options -> 
[  231.544158] erofs: cannot find valid erofs superblock
[  231.547490] erofs: read_super, device -> /dev/loop4
[  231.556800] erofs: options -> 
[  231.560209] erofs: cannot find valid erofs superblock
21:34:44 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:44 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  231.626065] erofs: read_super, device -> /dev/loop1
[  231.631353] erofs: options -> 
[  231.635906] erofs: root inode @ nid 36
21:34:45 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  231.703778] erofs: read_super, device -> /dev/loop2
[  231.718766] erofs: options -> 
[  231.730934] erofs: cannot find valid erofs superblock
[  231.771236] erofs: read_super, device -> /dev/loop4
[  231.778770] erofs: options -> 
[  231.784397] erofs: cannot find valid erofs superblock
[  231.857172] erofs: read_super, device -> /dev/loop1
[  231.873026] erofs: options -> 
[  231.880031] erofs: root inode @ nid 36
21:34:45 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:45 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:45 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:45 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e803000000000000000000000100"/252, 0xfc, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:45 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:45 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  232.156832] erofs: read_super, device -> /dev/loop2
[  232.173747] erofs: read_super, device -> /dev/loop1
[  232.189234] erofs: options -> 
[  232.194266] erofs: read_super, device -> /dev/loop4
[  232.203560] erofs: options -> 
[  232.215041] erofs: cannot find valid erofs superblock
[  232.218641] erofs: options -> 
[  232.252485] erofs: cannot find valid erofs superblock
[  232.257872] erofs: root inode @ nid 36
[  232.265062] erofs: mounted on /dev/loop1 with opts: .
21:34:45 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  232.311875] erofs: unmounted for /dev/loop1
21:34:45 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:45 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  232.404310] erofs: read_super, device -> /dev/loop1
[  232.409529] erofs: options -> 
[  232.413575] erofs: root inode @ nid 36
21:34:45 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  232.447146] erofs: read_super, device -> /dev/loop2
[  232.454716] erofs: options -> 
[  232.463105] erofs: cannot find valid erofs superblock
[  232.496042] erofs: read_super, device -> /dev/loop4
[  232.501105] erofs: options -> 
[  232.519618] erofs: read_super, device -> /dev/loop1
[  232.526388] erofs: options -> 
[  232.538334] erofs: root inode @ nid 36
21:34:45 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:45 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  232.558296] erofs: cannot find valid erofs superblock
[  232.650899] erofs: read_super, device -> /dev/loop1
[  232.661104] erofs: options -> 
[  232.675187] erofs: read_super, device -> /dev/loop2
[  232.704553] erofs: root inode @ nid 36
[  232.730965] erofs: options -> 
[  232.749349] erofs: cannot find valid erofs superblock
21:34:46 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:46 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:46 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f00", 0x7e, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:46 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:46 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:46 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000", 0x20, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  233.014609] erofs: read_super, device -> /dev/loop4
[  233.028599] erofs: options -> 
[  233.041124] erofs: cannot find valid erofs superblock
[  233.052752] erofs: read_super, device -> /dev/loop2
[  233.057902] erofs: options -> 
[  233.061492] erofs: root inode @ nid 36
[  233.062004] erofs: read_super, device -> /dev/loop1
[  233.068094] erofs: mounted on /dev/loop2 with opts: .
21:34:46 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:46 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  233.106707] erofs: options -> 
[  233.123414] erofs: root inode @ nid 36
[  233.130953] erofs: unmounted for /dev/loop2
[  233.145181] erofs: mounted on /dev/loop1 with opts: .
21:34:46 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  233.205722] erofs: unmounted for /dev/loop1
[  233.253976] erofs: read_super, device -> /dev/loop4
[  233.288248] erofs: options -> 
[  233.299999] erofs: read_super, device -> /dev/loop2
[  233.304653] erofs: read_super, device -> /dev/loop1
[  233.311435] erofs: options -> 
[  233.317430] erofs: root inode @ nid 36
[  233.325247] erofs: cannot find valid erofs superblock
[  233.328553] erofs: options -> 
21:34:46 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  233.351947] erofs: cannot find valid erofs superblock
[  233.476763] erofs: read_super, device -> /dev/loop1
21:34:46 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000", 0x20, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:46 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  233.512471] erofs: options -> 
[  233.528381] erofs: root inode @ nid 36
[  233.596498] erofs: read_super, device -> /dev/loop2
[  233.608813] erofs: options -> 
[  233.612910] erofs: cannot find valid erofs superblock
[  233.654165] erofs: read_super, device -> /dev/loop4
[  233.663590] erofs: options -> 
[  233.668071] erofs: root inode @ nid 36
[  233.678447] erofs: mounted on /dev/loop4 with opts: .
[  233.720540] erofs: unmounted for /dev/loop4
21:34:47 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

21:34:47 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:47 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:47 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:47 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:47 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  233.941010] erofs: read_super, device -> /dev/loop1
[  233.942688] erofs: read_super, device -> /dev/loop4
[  233.951197] erofs: options -> 
[  233.959763] erofs: cannot find valid erofs superblock
[  233.969777] erofs: read_super, device -> /dev/loop2
[  233.977198] erofs: options -> 
[  233.983705] erofs: options -> 
[  233.987041] erofs: root inode @ nid 36
21:34:47 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

[  233.991456] erofs: cannot find valid erofs superblock
21:34:47 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

21:34:47 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c002400", 0x10, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:47 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e803000000000000000000000100"/63, 0x3f, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:47 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:47 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:47 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  234.265230] erofs: read_super, device -> /dev/loop2
[  234.271448] erofs: options -> 
[  234.286263] erofs: read_super, device -> /dev/loop1
[  234.305195] erofs: options -> 
[  234.309277] erofs: root inode @ nid 36
[  234.329877] erofs: read_super, device -> /dev/loop4
[  234.337785] erofs: root inode @ nid 36
[  234.348583] erofs: mounted on /dev/loop2 with opts: .
[  234.355821] erofs: options -> 
[  234.369857] erofs: cannot find valid erofs superblock
21:34:47 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

21:34:47 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  234.382571] erofs: mounted on /dev/loop1 with opts: .
[  234.422392] erofs: unmounted for /dev/loop2
21:34:47 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:47 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:47 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  234.453703] erofs: unmounted for /dev/loop1
[  234.519131] erofs: read_super, device -> /dev/loop2
[  234.530972] erofs: options -> 
[  234.553669] erofs: read_super, device -> /dev/loop4
[  234.557782] erofs: cannot find valid erofs superblock
21:34:47 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

21:34:47 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  234.566750] erofs: options -> 
[  234.576103] erofs: cannot find valid erofs superblock
[  234.640524] erofs: read_super, device -> /dev/loop1
21:34:48 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c002400", 0x10, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:48 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  234.665530] erofs: options -> 
[  234.684320] erofs: root inode @ nid 36
21:34:48 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  234.767190] erofs: read_super, device -> /dev/loop2
[  234.772649] erofs: read_super, device -> /dev/loop4
[  234.775167] erofs: options -> 
[  234.783554] erofs: options -> 
[  234.792404] erofs: root inode @ nid 36
[  234.811854] erofs: cannot find valid erofs superblock
[  234.815223] erofs: mounted on /dev/loop4 with opts: .
[  234.887157] erofs: read_super, device -> /dev/loop1
[  234.911860] erofs: options -> 
[  234.916879] erofs: root inode @ nid 36
[  234.924389] erofs: unmounted for /dev/loop4
21:34:48 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:48 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:48 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:48 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:48 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:48 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100), 0x0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  235.177117] erofs: read_super, device -> /dev/loop2
[  235.189761] erofs: read_super, device -> /dev/loop1
[  235.198811] erofs: options -> 
[  235.206483] erofs: options -> 
[  235.211548] erofs: read_super, device -> /dev/loop4
21:34:48 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  235.228928] erofs: cannot find valid erofs superblock
[  235.234289] erofs: root inode @ nid 36
[  235.239841] erofs: options -> 
[  235.245490] erofs: cannot find valid erofs superblock
21:34:48 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000", 0x20, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:48 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:48 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:48 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  235.413491] erofs: read_super, device -> /dev/loop1
[  235.418564] erofs: options -> 
[  235.443764] erofs: read_super, device -> /dev/loop2
[  235.447217] erofs: read_super, device -> /dev/loop4
[  235.457916] erofs: root inode @ nid 36
21:34:48 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  235.474783] erofs: mounted on /dev/loop1 with opts: .
[  235.477177] erofs: options -> 
[  235.490185] erofs: options -> 
[  235.512481] erofs: cannot find valid erofs superblock
[  235.524915] erofs: blksize 1 isn't supported on this platform
[  235.534446] erofs: unmounted for /dev/loop1
21:34:49 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:49 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:49 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:49 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:49 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:49 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  235.960768] erofs: read_super, device -> /dev/loop1
[  235.980461] erofs: read_super, device -> /dev/loop4
[  235.987778] erofs: options -> 
[  236.000081] erofs: root inode @ nid 36
21:34:49 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:34:49 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  236.007750] erofs: read_super, device -> /dev/loop2
[  236.014006] erofs: options -> 
[  236.021098] erofs: cannot find valid erofs superblock
[  236.031877] erofs: options -> 
[  236.042698] erofs: blksize 1 isn't supported on this platform
21:34:49 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:49 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  236.188734] erofs: read_super, device -> /dev/loop4
[  236.194507] erofs: options -> 
[  236.198166] erofs: blksize 1 isn't supported on this platform
21:34:49 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  236.262252] erofs: read_super, device -> /dev/loop1
[  236.267610] erofs: options -> 
[  236.280427] erofs: root inode @ nid 36
[  236.338341] erofs: read_super, device -> /dev/loop2
[  236.343641] erofs: options -> 
[  236.347580] erofs: blksize 1 isn't supported on this platform
21:34:49 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05", 0x1, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  236.392813] erofs: read_super, device -> /dev/loop4
[  236.404422] erofs: options -> 
[  236.410969] erofs: blksize 1 isn't supported on this platform
[  236.505972] erofs: read_super, device -> /dev/loop1
[  236.518503] erofs: options -> 
[  236.528503] erofs: root inode @ nid 36
21:34:50 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:50 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:50 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:50 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:50 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:34:50 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ff", 0x11, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  236.833569] erofs: read_super, device -> /dev/loop2
[  236.834785] erofs: read_super, device -> /dev/loop1
[  236.844038] erofs: read_super, device -> /dev/loop3
[  236.849327] erofs: read_super, device -> /dev/loop4
[  236.857950] erofs: options -> 
[  236.865573] erofs: options -> 
[  236.868522] erofs: blksize 1 isn't supported on this platform
[  236.869060] erofs: options -> 
21:34:50 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  236.886195] erofs: blksize 1 isn't supported on this platform
[  236.901470] erofs: blksize 1 isn't supported on this platform
[  236.914555] erofs: options -> 
[  236.918870] erofs: root inode @ nid 36
[  236.939652] erofs: mounted on /dev/loop1 with opts: .
21:34:50 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:50 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  237.030408] erofs: read_super, device -> /dev/loop2
21:34:50 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="0500", 0x2, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:50 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:50 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  237.073301] erofs: options -> 
[  237.081354] erofs: blksize 1 isn't supported on this platform
[  237.104412] erofs: unmounted for /dev/loop1
21:34:50 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  237.206760] erofs: read_super, device -> /dev/loop4
[  237.212682] erofs: options -> 
[  237.218625] erofs: read_super, device -> /dev/loop1
[  237.225654] erofs: blksize 1 isn't supported on this platform
[  237.229903] erofs: options -> 
[  237.236789] erofs: root inode @ nid 36
21:34:50 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  237.277754] erofs: read_super, device -> /dev/loop2
[  237.289987] erofs: options -> 
[  237.295179] erofs: blksize 1 isn't supported on this platform
21:34:50 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:50 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="0500", 0x2, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:50 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  237.411191] erofs: read_super, device -> /dev/loop4
[  237.417028] erofs: options -> 
[  237.420738] erofs: blksize 1 isn't supported on this platform
21:34:50 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="0500", 0x2, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  237.468507] erofs: read_super, device -> /dev/loop1
[  237.476667] erofs: options -> 
[  237.480384] erofs: root inode @ nid 36
21:34:50 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  237.546951] erofs: read_super, device -> /dev/loop2
[  237.559480] erofs: read_super, device -> /dev/loop4
[  237.569641] erofs: options -> 
[  237.576461] erofs: options -> 
[  237.581553] erofs: root inode @ nid 0
[  237.608407] erofs: blksize 1 isn't supported on this platform
[  237.684775] erofs: read_super, device -> /dev/loop1
[  237.689866] erofs: options -> 
[  237.728341] erofs: root inode @ nid 36
21:34:51 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:51 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:51 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:51 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:51 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400", 0xa, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:51 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  237.970705] erofs: read_super, device -> /dev/loop4
[  237.983743] erofs: read_super, device -> /dev/loop2
[  237.988896] erofs: options -> 
[  237.994822] erofs: options -> 
[  238.006528] erofs: read_super, device -> /dev/loop1
[  238.015448] erofs: root inode @ nid 0
21:34:51 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:51 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  238.019493] erofs: root inode @ nid 0
[  238.036027] erofs: options -> 
[  238.046691] erofs: root inode @ nid 36
[  238.053070] erofs: mounted on /dev/loop1 with opts: .
21:34:51 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:51 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:51 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  238.187764] erofs: unmounted for /dev/loop1
21:34:51 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  238.264240] erofs: read_super, device -> /dev/loop4
[  238.269299] erofs: options -> 
[  238.274625] erofs: root inode @ nid 0
[  238.287817] erofs: read_super, device -> /dev/loop2
[  238.294951] erofs: options -> 
[  238.298862] erofs: root inode @ nid 0
[  238.383256] erofs: read_super, device -> /dev/loop1
[  238.388319] erofs: options -> 
[  238.403390] erofs: root inode @ nid 36
21:34:52 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:52 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:52 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:52 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:52 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:52 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  238.844735] erofs: read_super, device -> /dev/loop1
[  238.849886] erofs: options -> 
[  238.865537] erofs: root inode @ nid 36
21:34:52 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  238.887531] erofs: read_super, device -> /dev/loop4
[  238.891599] erofs: read_super, device -> /dev/loop2
[  238.896140] erofs: options -> 
[  238.898887] erofs: options -> 
[  238.912123] erofs: root inode @ nid 36
[  238.912511] erofs: root inode @ nid 0
[  238.923861] erofs: mounted on /dev/loop2 with opts: .
21:34:52 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="050000", 0x3, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:52 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:52 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:52 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  239.049786] erofs: unmounted for /dev/loop2
21:34:52 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100", 0x7, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  239.116946] erofs: read_super, device -> /dev/loop1
[  239.131429] erofs: options -> 
[  239.138471] erofs: root inode @ nid 36
[  239.148410] erofs: read_super, device -> /dev/loop2
[  239.154340] erofs: options -> 
[  239.160489] erofs: root inode @ nid 0
[  239.221400] erofs: read_super, device -> /dev/loop4
[  239.230528] erofs: options -> 
[  239.249919] erofs: root inode @ nid 36
[  239.256642] erofs: read_super, device -> /dev/loop1
[  239.265586] erofs: mounted on /dev/loop4 with opts: .
[  239.276902] erofs: options -> 
[  239.281620] erofs: root inode @ nid 36
[  239.288661] erofs: mounted on /dev/loop1 with opts: .
[  239.335483] erofs: unmounted for /dev/loop4
[  239.347770] erofs: unmounted for /dev/loop1
21:34:53 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

21:34:53 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:53 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:53 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:53 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:53 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:53 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

[  239.744759] erofs: read_super, device -> /dev/loop4
[  239.750550] erofs: read_super, device -> /dev/loop2
[  239.770114] erofs: read_super, device -> /dev/loop1
[  239.780167] erofs: options -> 
21:34:53 executing program 0:
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  239.795889] erofs: options -> 
[  239.805545] erofs: root inode @ nid 0
[  239.807561] erofs: options -> 
[  239.817339] erofs: root inode @ nid 0
[  239.827469] erofs: root inode @ nid 36
21:34:53 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

21:34:53 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:53 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:53 executing program 0:
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:34:53 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  240.037024] erofs: read_super, device -> /dev/loop2
21:34:53 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  240.061571] erofs: options -> 
21:34:53 executing program 0:
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  240.084588] erofs: root inode @ nid 0
21:34:53 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  240.143170] erofs: read_super, device -> /dev/loop1
[  240.148358] erofs: options -> 
[  240.155770] erofs: root inode @ nid 36
21:34:53 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  240.194245] erofs: read_super, device -> /dev/loop4
[  240.200387] erofs: options -> 
[  240.215391] erofs: root inode @ nid 0
21:34:53 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:53 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:53 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:53 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000", 0x4, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:53 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:53 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x0, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  240.595542] erofs: read_super, device -> /dev/loop2
[  240.601018] erofs: read_super, device -> /dev/loop4
[  240.606549] erofs: options -> 
[  240.620540] erofs: read_super, device -> /dev/loop1
[  240.625736] erofs: options -> 
[  240.631407] erofs: cannot find valid erofs superblock
[  240.642199] erofs: root inode @ nid 0
21:34:54 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x0, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  240.650948] erofs: options -> 
[  240.659564] erofs: root inode @ nid 36
21:34:54 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  240.782498] erofs: read_super, device -> /dev/loop2
[  240.794483] erofs: options -> 
[  240.798909] erofs: cannot find valid erofs superblock
21:34:54 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:54 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x0, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:54 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:54 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  241.062098] erofs: read_super, device -> /dev/loop1
[  241.067155] erofs: options -> 
[  241.068501] erofs: read_super, device -> /dev/loop4
[  241.081067] erofs: root inode @ nid 36
[  241.081910] erofs: options -> 
[  241.099680] erofs: cannot find valid erofs superblock
[  241.101302] erofs: mounted on /dev/loop1 with opts: .
[  241.185408] erofs: unmounted for /dev/loop1
21:34:54 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:54 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:54 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:54 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:54 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  241.461115] erofs: read_super, device -> /dev/loop2
21:34:54 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  241.489233] erofs: options -> 
[  241.496023] erofs: read_super, device -> /dev/loop4
[  241.504277] erofs: read_super, device -> /dev/loop1
[  241.512668] erofs: cannot find valid erofs superblock
[  241.524514] erofs: options -> 
21:34:54 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:54 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  241.540518] erofs: options -> 
[  241.554808] erofs: cannot find valid erofs superblock
[  241.560738] erofs: root inode @ nid 36
21:34:54 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:54 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

21:34:54 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:55 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:55 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:55 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:55 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

21:34:55 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:55 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:55 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  241.875822] erofs: read_super, device -> /dev/loop1
[  241.884729] erofs: read_super, device -> /dev/loop4
[  241.889968] erofs: options -> 
[  241.895160] erofs: options -> 
[  241.899311] erofs: root inode @ nid 36
[  241.904995] erofs: cannot find valid erofs superblock
21:34:55 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:55 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c0", 0x5, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:55 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:55 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

21:34:55 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

21:34:55 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:55 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:55 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:34:55 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

[  242.582314] erofs: read_super, device -> /dev/loop1
[  242.592211] erofs: options -> 
[  242.596372] erofs: root inode @ nid 36
21:34:56 executing program 2:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:56 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

21:34:56 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  242.930332] erofs: read_super, device -> /dev/loop1
[  242.935846] erofs: options -> 
[  242.939743] erofs: root inode @ nid 36
21:34:56 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

21:34:56 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:34:56 executing program 4:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:56 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:56 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  243.336162] erofs: read_super, device -> /dev/loop1
[  243.342060] erofs: options -> 
[  243.348083] erofs: root inode @ nid 36
21:34:56 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:56 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:56 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

21:34:56 executing program 2:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  243.598329] erofs: read_super, device -> /dev/loop1
21:34:56 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  243.619340] erofs: options -> 
[  243.624495] erofs: root inode @ nid 36
21:34:57 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:57 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  243.728662] erofs: read_super, device -> /dev/loop1
21:34:57 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  243.751661] erofs: options -> 
[  243.759388] erofs: cannot find valid erofs superblock
21:34:57 executing program 0:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:34:57 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000000000000200000000000000000000001044f1c438274d2bb03fd9fc450db859", 0x40, 0x400}, {&(0x7f0000010100)="05000000c04100007400000000000000ffffffff000000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000002400000000000000540002002400000000000000550002002a00000000000000570001003000000000000000600002005b00000000000000650001005f000000000000006a0001005f000000000000006f0001002e2e2e66696c652e636f6c6466696c653066696c653166696c653266696c653300000000000000000000000005000000ed8100006400000000000000ffffffff010000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572730000000000000000000000000000000000000000000000000000000005000000ed4100003d00000000000000ffffffff020000005cf90000535f0000e8030000000000000000000001000000000000000000000000000000000000003000000000000000300002002400000000000000310002003400000000000000330001005700000000000000380007002e2e2e66696c653066696c653100000005000000ed8100001a04000000000000ffffffff030000005cf90000535f0000e80300000000000000000000010000000000000000000000000000000000000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c6572", 0x3f0, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:57 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:57 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  244.145312] erofs: read_super, device -> /dev/loop1
[  244.154752] erofs: options -> 
[  244.160929] erofs: cannot find valid erofs superblock
[  244.175963] erofs: read_super, device -> /dev/loop4
21:34:57 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  244.205077] erofs: options -> 
[  244.214490] erofs: root inode @ nid 36
[  244.218539] erofs: mounted on /dev/loop4 with opts: .
[  244.290559] erofs: unmounted for /dev/loop4
21:34:57 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:57 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:57 executing program 2 (fault-call:3 fault-nth:0):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:57 executing program 4:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:57 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  244.419957] erofs: read_super, device -> /dev/loop1
[  244.428940] erofs: options -> 
[  244.433117] erofs: cannot find valid erofs superblock
[  244.508671] FAULT_INJECTION: forcing a failure.
[  244.508671] name failslab, interval 1, probability 0, space 0, times 1
[  244.526706] CPU: 1 PID: 14126 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  244.534654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  244.544023] Call Trace:
[  244.546631]  dump_stack+0x1fc/0x2fe
[  244.550315]  should_fail.cold+0xa/0x14
[  244.554239]  ? setup_fault_attr+0x200/0x200
[  244.558571]  ? lock_acquire+0x170/0x3c0
[  244.562590]  __should_failslab+0x115/0x180
[  244.566841]  should_failslab+0x5/0xf
[  244.570565]  __kmalloc+0x2ab/0x3c0
[  244.574128]  ? __se_sys_memfd_create+0xf8/0x440
[  244.576019] erofs: read_super, device -> /dev/loop1
[  244.578811]  __se_sys_memfd_create+0xf8/0x440
[  244.578831]  ? memfd_file_seals_ptr+0x150/0x150
[  244.578846]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  244.578867]  ? trace_hardirqs_off_caller+0x6e/0x210
[  244.593100] erofs: options -> 
21:34:57 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:57 executing program 5:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  244.598391]  ? do_syscall_64+0x21/0x620
[  244.598411]  do_syscall_64+0xf9/0x620
[  244.598430]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  244.598448] RIP: 0033:0x45e159
[  244.604892] erofs: cannot find valid erofs superblock
[  244.606637] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  244.606646] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
21:34:58 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:58 executing program 2 (fault-call:3 fault-nth:1):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  244.606661] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  244.606670] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  244.606679] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
[  244.606686] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  244.606700] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:34:58 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  244.751139] FAULT_INJECTION: forcing a failure.
[  244.751139] name failslab, interval 1, probability 0, space 0, times 0
[  244.765275] CPU: 1 PID: 14140 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  244.773179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  244.782543] Call Trace:
[  244.785143]  dump_stack+0x1fc/0x2fe
[  244.788785]  should_fail.cold+0xa/0x14
[  244.792688]  ? setup_fault_attr+0x200/0x200
[  244.797025]  ? lock_acquire+0x170/0x3c0
[  244.801224]  __should_failslab+0x115/0x180
[  244.805469]  should_failslab+0x5/0xf
[  244.809212]  kmem_cache_alloc+0x277/0x370
[  244.813370]  ? shmem_destroy_callback+0xb0/0xb0
[  244.818307]  shmem_alloc_inode+0x18/0x40
[  244.822377]  ? shmem_destroy_callback+0xb0/0xb0
[  244.827055]  alloc_inode+0x5d/0x180
[  244.830695]  new_inode+0x1d/0xf0
[  244.834069]  shmem_get_inode+0x96/0x8d0
[  244.838067]  __shmem_file_setup.part.0+0x7a/0x2b0
[  244.842922]  shmem_file_setup+0x61/0x90
[  244.846910]  __se_sys_memfd_create+0x26b/0x440
[  244.851506]  ? memfd_file_seals_ptr+0x150/0x150
[  244.856187]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  244.861578]  ? trace_hardirqs_off_caller+0x6e/0x210
[  244.866602]  ? do_syscall_64+0x21/0x620
[  244.870585]  do_syscall_64+0xf9/0x620
[  244.874396]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  244.879588] RIP: 0033:0x45e159
[  244.882788] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  244.884603] erofs: read_super, device -> /dev/loop1
[  244.901695] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  244.901710] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  244.901717] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  244.901723] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
[  244.901731] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  244.901740] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  244.958360] erofs: options -> 
21:34:58 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:34:58 executing program 2 (fault-call:3 fault-nth:2):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  244.980463] erofs: cannot find valid erofs superblock
[  245.072633] FAULT_INJECTION: forcing a failure.
[  245.072633] name failslab, interval 1, probability 0, space 0, times 0
[  245.093666] CPU: 0 PID: 14160 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  245.101574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  245.110937] Call Trace:
[  245.113538]  dump_stack+0x1fc/0x2fe
[  245.117176]  should_fail.cold+0xa/0x14
[  245.121083]  ? setup_fault_attr+0x200/0x200
[  245.125416]  ? lock_acquire+0x170/0x3c0
[  245.129407]  __should_failslab+0x115/0x180
[  245.133652]  should_failslab+0x5/0xf
[  245.137368]  kmem_cache_alloc+0x277/0x370
[  245.141532]  __d_alloc+0x2b/0xa10
[  245.145001]  d_alloc_pseudo+0x19/0x70
[  245.148816]  alloc_file_pseudo+0xc6/0x250
[  245.152974]  ? alloc_file+0x4d0/0x4d0
[  245.156781]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  245.162412]  ? shmem_get_inode+0x44c/0x8d0
[  245.166647]  __shmem_file_setup.part.0+0x102/0x2b0
[  245.171766]  shmem_file_setup+0x61/0x90
[  245.175749]  __se_sys_memfd_create+0x26b/0x440
[  245.180448]  ? memfd_file_seals_ptr+0x150/0x150
[  245.185151]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  245.190513]  ? trace_hardirqs_off_caller+0x6e/0x210
[  245.195666]  ? do_syscall_64+0x21/0x620
[  245.199652]  do_syscall_64+0xf9/0x620
[  245.203469]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  245.208696] RIP: 0033:0x45e159
[  245.211979] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  245.230888] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  245.238608] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  245.245975] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  245.253264] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
[  245.260553] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
21:34:58 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:58 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:58 executing program 5:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  245.267843] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:34:58 executing program 4 (fault-call:3 fault-nth:0):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:58 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  245.366553] erofs: read_super, device -> /dev/loop1
[  245.378874] erofs: options -> 
[  245.384578] erofs: cannot find valid erofs superblock
21:34:58 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  245.408037] FAULT_INJECTION: forcing a failure.
[  245.408037] name failslab, interval 1, probability 0, space 0, times 0
[  245.442182] CPU: 0 PID: 14178 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
21:34:58 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  245.450108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  245.459478] Call Trace:
[  245.462089]  dump_stack+0x1fc/0x2fe
[  245.465768]  should_fail.cold+0xa/0x14
[  245.469670]  ? setup_fault_attr+0x200/0x200
[  245.474003]  ? lock_acquire+0x170/0x3c0
[  245.478002]  __should_failslab+0x115/0x180
[  245.482257]  should_failslab+0x5/0xf
[  245.485988]  __kmalloc+0x2ab/0x3c0
[  245.489546]  ? __se_sys_memfd_create+0xf8/0x440
[  245.494248]  __se_sys_memfd_create+0xf8/0x440
[  245.498753]  ? memfd_file_seals_ptr+0x150/0x150
21:34:58 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  245.503426]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  245.508808]  ? trace_hardirqs_off_caller+0x6e/0x210
[  245.513837]  ? do_syscall_64+0x21/0x620
[  245.517841]  do_syscall_64+0xf9/0x620
[  245.521743]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  245.526936] RIP: 0033:0x45e159
[  245.530135] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  245.543975] erofs: read_super, device -> /dev/loop1
[  245.549044] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  245.549059] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  245.549068] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  245.549076] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
[  245.549085] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  245.549093] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  245.605020] erofs: options -> 
21:34:58 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  245.608414] erofs: cannot find valid erofs superblock
21:34:58 executing program 2 (fault-call:3 fault-nth:3):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:59 executing program 4 (fault-call:3 fault-nth:1):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:59 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:59 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  245.736634] FAULT_INJECTION: forcing a failure.
[  245.736634] name failslab, interval 1, probability 0, space 0, times 0
[  245.739643] FAULT_INJECTION: forcing a failure.
[  245.739643] name failslab, interval 1, probability 0, space 0, times 0
[  245.760126] CPU: 0 PID: 14200 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  245.768027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  245.777417] Call Trace:
[  245.780044]  dump_stack+0x1fc/0x2fe
[  245.783717]  should_fail.cold+0xa/0x14
[  245.787621]  ? setup_fault_attr+0x200/0x200
[  245.791953]  ? lock_acquire+0x170/0x3c0
[  245.795943]  __should_failslab+0x115/0x180
[  245.800186]  should_failslab+0x5/0xf
[  245.803907]  kmem_cache_alloc+0x277/0x370
[  245.808064]  ? shmem_destroy_callback+0xb0/0xb0
[  245.809914] erofs: read_super, device -> /dev/loop1
[  245.812743]  shmem_alloc_inode+0x18/0x40
[  245.812758]  ? shmem_destroy_callback+0xb0/0xb0
[  245.812771]  alloc_inode+0x5d/0x180
[  245.812785]  new_inode+0x1d/0xf0
[  245.812798]  shmem_get_inode+0x96/0x8d0
[  245.812816]  __shmem_file_setup.part.0+0x7a/0x2b0
[  245.812832]  shmem_file_setup+0x61/0x90
[  245.812850]  __se_sys_memfd_create+0x26b/0x440
[  245.812870]  ? memfd_file_seals_ptr+0x150/0x150
[  245.829775] erofs: options -> 
[  245.830237]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  245.851122] erofs: cannot find valid erofs superblock
[  245.855558]  ? trace_hardirqs_off_caller+0x6e/0x210
[  245.855581]  ? do_syscall_64+0x21/0x620
[  245.855599]  do_syscall_64+0xf9/0x620
21:34:59 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  245.855617]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  245.855629] RIP: 0033:0x45e159
[  245.855643] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  245.855650] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  245.855664] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  245.855671] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  245.855677] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
[  245.855684] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  245.855691] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  245.890238] CPU: 0 PID: 14202 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  245.962543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  245.971910] Call Trace:
[  245.974508]  dump_stack+0x1fc/0x2fe
[  245.978175]  should_fail.cold+0xa/0x14
[  245.982050]  ? setup_fault_attr+0x200/0x200
[  245.986380]  ? lock_acquire+0x170/0x3c0
[  245.990352]  __should_failslab+0x115/0x180
[  245.994592]  should_failslab+0x5/0xf
[  245.998300]  kmem_cache_alloc+0x277/0x370
[  246.002455]  __alloc_file+0x21/0x330
[  246.006173]  alloc_empty_file+0x6d/0x170
[  246.010234]  alloc_file+0x5e/0x4d0
[  246.013788]  alloc_file_pseudo+0x165/0x250
[  246.018021]  ? alloc_file+0x4d0/0x4d0
[  246.021831]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  246.027448]  ? shmem_get_inode+0x44c/0x8d0
[  246.031690]  __shmem_file_setup.part.0+0x102/0x2b0
[  246.036614]  shmem_file_setup+0x61/0x90
[  246.040604]  __se_sys_memfd_create+0x26b/0x440
[  246.045185]  ? memfd_file_seals_ptr+0x150/0x150
[  246.049869]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  246.055242]  ? trace_hardirqs_off_caller+0x6e/0x210
[  246.060244]  ? do_syscall_64+0x21/0x620
[  246.064212]  do_syscall_64+0xf9/0x620
[  246.068017]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  246.073200] RIP: 0033:0x45e159
[  246.076399] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  246.095308] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  246.103018] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  246.110274] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  246.117544] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
[  246.124805] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  246.132071] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:34:59 executing program 5:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:34:59 executing program 4 (fault-call:3 fault-nth:2):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:59 executing program 2 (fault-call:3 fault-nth:4):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:34:59 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:34:59 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  246.241427] FAULT_INJECTION: forcing a failure.
[  246.241427] name failslab, interval 1, probability 0, space 0, times 0
[  246.296720] FAULT_INJECTION: forcing a failure.
[  246.296720] name failslab, interval 1, probability 0, space 0, times 0
[  246.305556] CPU: 0 PID: 14219 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  246.316070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  246.325431] Call Trace:
[  246.328034]  dump_stack+0x1fc/0x2fe
[  246.331678]  should_fail.cold+0xa/0x14
[  246.335625]  ? setup_fault_attr+0x200/0x200
[  246.339981]  ? lock_acquire+0x170/0x3c0
[  246.343974]  __should_failslab+0x115/0x180
[  246.348225]  should_failslab+0x5/0xf
[  246.351951]  kmem_cache_alloc+0x277/0x370
[  246.356115]  __d_alloc+0x2b/0xa10
[  246.360021]  d_alloc_pseudo+0x19/0x70
[  246.363938]  alloc_file_pseudo+0xc6/0x250
[  246.365786] erofs: read_super, device -> /dev/loop1
[  246.368097]  ? alloc_file+0x4d0/0x4d0
[  246.368116]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  246.368133]  ? shmem_get_inode+0x44c/0x8d0
[  246.386808]  __shmem_file_setup.part.0+0x102/0x2b0
[  246.391754]  shmem_file_setup+0x61/0x90
21:34:59 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  246.395740]  __se_sys_memfd_create+0x26b/0x440
[  246.400330]  ? memfd_file_seals_ptr+0x150/0x150
[  246.401320] erofs: options -> 
[  246.405017]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  246.405034]  ? trace_hardirqs_off_caller+0x6e/0x210
[  246.405048]  ? do_syscall_64+0x21/0x620
[  246.405065]  do_syscall_64+0xf9/0x620
[  246.405081]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  246.405092] RIP: 0033:0x45e159
[  246.405105] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  246.405113] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  246.405125] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  246.405133] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  246.405140] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
[  246.405147] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  246.405154] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  246.412006] CPU: 0 PID: 14226 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  246.486442] erofs: cannot find valid erofs superblock
[  246.491187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  246.491194] Call Trace:
[  246.491230]  dump_stack+0x1fc/0x2fe
[  246.491257]  should_fail.cold+0xa/0x14
[  246.531030]  ? setup_fault_attr+0x200/0x200
[  246.535361]  ? lock_acquire+0x170/0x3c0
[  246.539352]  __should_failslab+0x115/0x180
[  246.543595]  should_failslab+0x5/0xf
21:34:59 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  246.547324]  kmem_cache_alloc_trace+0x284/0x380
[  246.552013]  apparmor_file_alloc_security+0x394/0xad0
[  246.557206]  ? apparmor_file_receive+0x160/0x160
[  246.561962]  ? __alloc_file+0x21/0x330
[  246.565954]  security_file_alloc+0x40/0x90
[  246.570214]  __alloc_file+0xc9/0x330
[  246.573934]  alloc_empty_file+0x6d/0x170
[  246.577987]  alloc_file+0x5e/0x4d0
[  246.581517]  alloc_file_pseudo+0x165/0x250
[  246.585750]  ? alloc_file+0x4d0/0x4d0
[  246.589548]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  246.595177]  ? shmem_get_inode+0x44c/0x8d0
[  246.599399]  __shmem_file_setup.part.0+0x102/0x2b0
[  246.604331]  shmem_file_setup+0x61/0x90
[  246.608304]  __se_sys_memfd_create+0x26b/0x440
[  246.612872]  ? memfd_file_seals_ptr+0x150/0x150
[  246.617539]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  246.622909]  ? trace_hardirqs_off_caller+0x6e/0x210
[  246.627920]  ? do_syscall_64+0x21/0x620
[  246.631927]  do_syscall_64+0xf9/0x620
[  246.635735]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  246.640934] RIP: 0033:0x45e159
[  246.644136] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  246.663050] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  246.670759] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  246.678040] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  246.685662] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
21:35:00 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:00 executing program 4 (fault-call:3 fault-nth:3):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  246.692933] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  246.700189] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:00 executing program 2 (fault-call:3 fault-nth:5):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:00 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024000000000000000000e803000000000000", 0x20, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  246.821219] FAULT_INJECTION: forcing a failure.
[  246.821219] name failslab, interval 1, probability 0, space 0, times 0
[  246.834734] FAULT_INJECTION: forcing a failure.
[  246.834734] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  246.839195] CPU: 0 PID: 14246 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  246.854637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  246.863993] Call Trace:
[  246.866596]  dump_stack+0x1fc/0x2fe
[  246.870240]  should_fail.cold+0xa/0x14
[  246.874144]  ? setup_fault_attr+0x200/0x200
[  246.878476]  ? lock_acquire+0x170/0x3c0
[  246.882471]  __should_failslab+0x115/0x180
[  246.886719]  should_failslab+0x5/0xf
[  246.890460]  kmem_cache_alloc+0x277/0x370
[  246.894638]  __alloc_file+0x21/0x330
[  246.898366]  alloc_empty_file+0x6d/0x170
[  246.902563]  alloc_file+0x5e/0x4d0
[  246.906118]  alloc_file_pseudo+0x165/0x250
[  246.910364]  ? alloc_file+0x4d0/0x4d0
[  246.914200]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  246.919953]  ? shmem_get_inode+0x44c/0x8d0
[  246.924205]  __shmem_file_setup.part.0+0x102/0x2b0
[  246.929149]  shmem_file_setup+0x61/0x90
[  246.933161]  __se_sys_memfd_create+0x26b/0x440
[  246.937754]  ? memfd_file_seals_ptr+0x150/0x150
[  246.942432]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  246.947811]  ? trace_hardirqs_off_caller+0x6e/0x210
[  246.952965]  ? do_syscall_64+0x21/0x620
[  246.956981]  do_syscall_64+0xf9/0x620
[  246.962012]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  246.967208] RIP: 0033:0x45e159
[  246.970404] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  246.989486] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  246.997223] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  247.004501] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  247.011772] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
21:35:00 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  247.019048] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  247.026347] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  247.048146] CPU: 1 PID: 14248 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  247.056067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  247.065315] erofs: read_super, device -> /dev/loop1
[  247.065428] Call Trace:
[  247.071685] erofs: options -> 
[  247.073071]  dump_stack+0x1fc/0x2fe
[  247.073091]  should_fail.cold+0xa/0x14
[  247.073105]  ? lock_acquire+0x170/0x3c0
[  247.073119]  ? setup_fault_attr+0x200/0x200
[  247.073143]  __alloc_pages_nodemask+0x239/0x2890
[  247.073160]  ? __lock_acquire+0x6de/0x3ff0
[  247.081254] erofs: root inode @ nid 36
[  247.084077]  ? static_obj+0x50/0x50
[  247.084098]  ? __lock_acquire+0x6de/0x3ff0
[  247.084122]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  247.084139]  ? __lock_acquire+0x6de/0x3ff0
[  247.090716] erofs: mounted on /dev/loop1 with opts: .
[  247.092457]  ? deref_stack_reg+0x134/0x1d0
[  247.092474]  ? mark_held_locks+0xf0/0xf0
[  247.092489]  ? mark_held_locks+0xf0/0xf0
[  247.092503]  ? unwind_next_frame+0x10a9/0x1c60
[  247.092520]  alloc_pages_vma+0xf2/0x780
[  247.148355]  shmem_alloc_page+0x11c/0x1f0
[  247.152516]  ? shmem_swapin+0x220/0x220
[  247.156525]  ? percpu_counter_add_batch+0x126/0x180
[  247.161555]  ? __vm_enough_memory+0x316/0x650
[  247.166067]  shmem_alloc_and_acct_page+0x15a/0x850
[  247.171018]  shmem_getpage_gfp+0x4e9/0x37f0
[  247.175370]  ? shmem_alloc_and_acct_page+0x850/0x850
[  247.180490]  ? mark_held_locks+0xa6/0xf0
[  247.184564]  ? ktime_get_coarse_real_ts64+0x1c7/0x290
[  247.189770]  ? iov_iter_fault_in_readable+0x1fc/0x3f0
[  247.195005]  shmem_write_begin+0xff/0x1e0
[  247.199167]  generic_perform_write+0x1f8/0x4d0
[  247.203767]  ? filemap_page_mkwrite+0x2f0/0x2f0
[  247.208453]  ? current_time+0x1c0/0x1c0
[  247.212440]  ? lock_acquire+0x170/0x3c0
[  247.216431]  __generic_file_write_iter+0x24b/0x610
[  247.221374]  generic_file_write_iter+0x3f8/0x729
[  247.226147]  __vfs_write+0x51b/0x770
[  247.229991]  ? kernel_read+0x110/0x110
[  247.233907]  ? check_preemption_disabled+0x41/0x280
[  247.238941]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  247.243975]  vfs_write+0x1f3/0x540
[  247.247535]  __x64_sys_pwrite64+0x1f7/0x250
[  247.251868]  ? ksys_pwrite64+0x1a0/0x1a0
[  247.255944]  ? trace_hardirqs_off_caller+0x6e/0x210
[  247.260972]  ? do_syscall_64+0x21/0x620
[  247.264965]  do_syscall_64+0xf9/0x620
[  247.268820]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  247.274008] RIP: 0033:0x417cb7
[  247.277203] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a1 18 00 00 c3 48 83 ec 08 e8 07 fa ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 4d fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  247.296501] RSP: 002b:00007fc4b3b73a10 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  247.304220] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000417cb7
[  247.311528] RDX: 000000000000000f RSI: 0000000020010000 RDI: 0000000000000006
21:35:00 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:00 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:00 executing program 3:
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  247.318786] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  247.326041] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000003
[  247.333406] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000210
[  247.347123] erofs: read_super, device -> /dev/loop2
[  247.352308] erofs: options -> 
[  247.355872] erofs: cannot find valid erofs superblock
21:35:00 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:00 executing program 2 (fault-call:3 fault-nth:6):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:00 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:00 executing program 4 (fault-call:3 fault-nth:4):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  247.444717] erofs: unmounted for /dev/loop1
21:35:00 executing program 3:
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:00 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  247.509610] FAULT_INJECTION: forcing a failure.
[  247.509610] name failslab, interval 1, probability 0, space 0, times 0
[  247.510134] FAULT_INJECTION: forcing a failure.
[  247.510134] name failslab, interval 1, probability 0, space 0, times 0
[  247.553033] CPU: 1 PID: 14285 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  247.556621] erofs: read_super, device -> /dev/loop1
[  247.560955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  247.560963] Call Trace:
[  247.560989]  dump_stack+0x1fc/0x2fe
[  247.561013]  should_fail.cold+0xa/0x14
[  247.561034]  ? setup_fault_attr+0x200/0x200
[  247.576840] erofs: options -> 
[  247.578113]  ? lock_acquire+0x170/0x3c0
[  247.578139]  __should_failslab+0x115/0x180
[  247.578156]  should_failslab+0x5/0xf
[  247.587980] erofs: cannot find valid erofs superblock
[  247.589961]  kmem_cache_alloc_trace+0x284/0x380
[  247.589985]  apparmor_file_alloc_security+0x394/0xad0
[  247.590002]  ? apparmor_file_receive+0x160/0x160
[  247.624851]  ? __alloc_file+0x21/0x330
[  247.628759]  security_file_alloc+0x40/0x90
[  247.633012]  __alloc_file+0xc9/0x330
[  247.636741]  alloc_empty_file+0x6d/0x170
[  247.640815]  alloc_file+0x5e/0x4d0
[  247.644394]  alloc_file_pseudo+0x165/0x250
[  247.648638]  ? alloc_file+0x4d0/0x4d0
[  247.652443]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  247.658094]  ? shmem_get_inode+0x44c/0x8d0
[  247.662380]  __shmem_file_setup.part.0+0x102/0x2b0
[  247.667332]  shmem_file_setup+0x61/0x90
[  247.671317]  __se_sys_memfd_create+0x26b/0x440
[  247.675907]  ? memfd_file_seals_ptr+0x150/0x150
[  247.680582]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  247.685967]  ? trace_hardirqs_off_caller+0x6e/0x210
[  247.690991]  ? do_syscall_64+0x21/0x620
[  247.694979]  do_syscall_64+0xf9/0x620
[  247.698791]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  247.703992] RIP: 0033:0x45e159
[  247.707199] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  247.726133] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  247.733856] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  247.741157] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
21:35:01 executing program 3:
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  247.748434] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
[  247.755712] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  247.762993] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  247.770384] CPU: 0 PID: 14283 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  247.778468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  247.787836] Call Trace:
[  247.790458]  dump_stack+0x1fc/0x2fe
[  247.794118]  should_fail.cold+0xa/0x14
[  247.798020]  ? setup_fault_attr+0x200/0x200
[  247.802381]  ? lock_acquire+0x170/0x3c0
[  247.806452]  __should_failslab+0x115/0x180
[  247.811028]  should_failslab+0x5/0xf
[  247.814743]  kmem_cache_alloc+0x277/0x370
[  247.818889]  getname_flags+0xce/0x590
[  247.822684]  do_sys_open+0x26c/0x520
[  247.826407]  ? filp_open+0x70/0x70
[  247.829937]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  247.835292]  ? trace_hardirqs_off_caller+0x6e/0x210
[  247.840318]  ? do_syscall_64+0x21/0x620
[  247.844285]  do_syscall_64+0xf9/0x620
[  247.848087]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  247.853378] RIP: 0033:0x417c51
[  247.856560] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 6a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  247.875448] RSP: 002b:00007fc4b3b73a10 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  247.883375] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000417c51
[  247.890662] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007fc4b3b73ad0
[  247.897936] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  247.905192] R10: 0000000000001000 R11: 0000000000000293 R12: 0000000000000003
[  247.912447] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:01 executing program 4 (fault-call:3 fault-nth:5):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:01 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:01 executing program 2 (fault-call:3 fault-nth:7):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  248.031631] FAULT_INJECTION: forcing a failure.
[  248.031631] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  248.054765] erofs: read_super, device -> /dev/loop1
[  248.062216] erofs: options -> 
[  248.065827] FAULT_INJECTION: forcing a failure.
[  248.065827] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  248.077742] CPU: 0 PID: 14306 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  248.085634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  248.095006] Call Trace:
[  248.097606]  dump_stack+0x1fc/0x2fe
[  248.101244]  should_fail.cold+0xa/0x14
[  248.105145]  ? setup_fault_attr+0x200/0x200
[  248.109480]  ? do_writepages+0x290/0x290
[  248.113557]  ? unlock_page+0x13d/0x230
[  248.117458]  __alloc_pages_nodemask+0x239/0x2890
[  248.122231]  ? lock_downgrade+0x720/0x720
[  248.126382]  ? check_preemption_disabled+0x41/0x280
[  248.131411]  ? __lock_acquire+0x6de/0x3ff0
[  248.135673]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  248.140574]  ? lock_downgrade+0x720/0x720
[  248.144740]  ? lock_acquire+0x170/0x3c0
[  248.148848]  ? up_write+0x18/0x150
[  248.152398]  ? generic_file_write_iter+0x381/0x729
[  248.157352]  ? iov_iter_init+0xb8/0x1d0
[  248.161344]  cache_grow_begin+0xa4/0x8a0
[  248.165425]  ? setup_fault_attr+0x200/0x200
[  248.169756]  ? lock_acquire+0x170/0x3c0
[  248.173783]  cache_alloc_refill+0x273/0x340
[  248.178378]  kmem_cache_alloc+0x346/0x370
[  248.182548]  getname_flags+0xce/0x590
[  248.186357]  do_sys_open+0x26c/0x520
[  248.190080]  ? filp_open+0x70/0x70
[  248.193633]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  248.199019]  ? trace_hardirqs_off_caller+0x6e/0x210
[  248.204043]  ? do_syscall_64+0x21/0x620
[  248.208025]  do_syscall_64+0xf9/0x620
[  248.211841]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  248.217208] RIP: 0033:0x417c51
[  248.220407] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 6a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  248.239318] RSP: 002b:00007fc4b3b73a10 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  248.247123] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000417c51
[  248.254396] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007fc4b3b73ad0
[  248.261674] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  248.265883] erofs: cannot find valid erofs superblock
[  248.268947] R10: 0000000000001000 R11: 0000000000000293 R12: 0000000000000003
[  248.268957] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  248.295687] CPU: 1 PID: 14302 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  248.304378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  248.313782] Call Trace:
[  248.316410]  dump_stack+0x1fc/0x2fe
[  248.320059]  should_fail.cold+0xa/0x14
[  248.324060]  ? lock_acquire+0x170/0x3c0
[  248.328059]  ? setup_fault_attr+0x200/0x200
21:35:01 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:01 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:01 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  248.332421]  __alloc_pages_nodemask+0x239/0x2890
[  248.337188]  ? __lock_acquire+0x6de/0x3ff0
[  248.341432]  ? static_obj+0x50/0x50
[  248.345078]  ? __lock_acquire+0x6de/0x3ff0
[  248.349325]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  248.354193]  ? __lock_acquire+0x6de/0x3ff0
[  248.358444]  ? deref_stack_reg+0x134/0x1d0
[  248.362695]  ? mark_held_locks+0xf0/0xf0
[  248.366763]  ? mark_held_locks+0xf0/0xf0
[  248.370827]  ? unwind_next_frame+0x10a9/0x1c60
[  248.375415]  alloc_pages_vma+0xf2/0x780
[  248.379407]  shmem_alloc_page+0x11c/0x1f0
[  248.383556]  ? shmem_swapin+0x220/0x220
[  248.387638]  ? percpu_counter_add_batch+0x126/0x180
[  248.392659]  ? __vm_enough_memory+0x316/0x650
[  248.397155]  shmem_alloc_and_acct_page+0x15a/0x850
[  248.402093]  shmem_getpage_gfp+0x4e9/0x37f0
[  248.406430]  ? shmem_alloc_and_acct_page+0x850/0x850
[  248.411551]  ? mark_held_locks+0xa6/0xf0
[  248.415635]  ? ktime_get_coarse_real_ts64+0x1c7/0x290
[  248.420831]  ? iov_iter_fault_in_readable+0x1fc/0x3f0
[  248.426031]  shmem_write_begin+0xff/0x1e0
[  248.430204]  generic_perform_write+0x1f8/0x4d0
[  248.434815]  ? filemap_page_mkwrite+0x2f0/0x2f0
[  248.439484]  ? current_time+0x1c0/0x1c0
[  248.443469]  ? lock_acquire+0x170/0x3c0
[  248.447452]  __generic_file_write_iter+0x24b/0x610
[  248.452393]  generic_file_write_iter+0x3f8/0x729
[  248.457182]  __vfs_write+0x51b/0x770
[  248.460905]  ? kernel_read+0x110/0x110
[  248.464976]  ? check_preemption_disabled+0x41/0x280
[  248.470033]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  248.475063]  vfs_write+0x1f3/0x540
[  248.478701]  __x64_sys_pwrite64+0x1f7/0x250
[  248.483031]  ? ksys_pwrite64+0x1a0/0x1a0
[  248.487114]  ? trace_hardirqs_off_caller+0x6e/0x210
[  248.492147]  ? do_syscall_64+0x21/0x620
[  248.496152]  do_syscall_64+0xf9/0x620
[  248.499960]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  248.505149] RIP: 0033:0x417cb7
[  248.508342] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a1 18 00 00 c3 48 83 ec 08 e8 07 fa ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 4d fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  248.527251] RSP: 002b:00007f86da993a10 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  248.534969] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000417cb7
[  248.542844] RDX: 000000000000000f RSI: 0000000020010000 RDI: 0000000000000006
[  248.550110] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  248.557396] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000003
[  248.564693] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000210
[  248.600155] erofs: read_super, device -> /dev/loop2
21:35:01 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:01 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  248.625807] erofs: read_super, device -> /dev/loop4
[  248.641267] erofs: options -> 
[  248.645181] erofs: options -> 
[  248.663203] erofs: root inode @ nid 36
[  248.668353] erofs: cannot find valid erofs superblock
21:35:02 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  248.680554] erofs: mounted on /dev/loop2 with opts: .
21:35:02 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:02 executing program 2 (fault-call:3 fault-nth:8):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:02 executing program 4 (fault-call:3 fault-nth:6):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:02 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:02 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  248.796256] erofs: unmounted for /dev/loop2
21:35:02 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  248.829411] FAULT_INJECTION: forcing a failure.
[  248.829411] name failslab, interval 1, probability 0, space 0, times 0
[  248.846277] CPU: 1 PID: 14340 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  248.854231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  248.863601] Call Trace:
[  248.866215]  dump_stack+0x1fc/0x2fe
[  248.869863]  should_fail.cold+0xa/0x14
[  248.873766]  ? setup_fault_attr+0x200/0x200
[  248.878093]  ? lock_acquire+0x170/0x3c0
[  248.882085]  __should_failslab+0x115/0x180
[  248.886350]  should_failslab+0x5/0xf
[  248.890070]  kmem_cache_alloc+0x277/0x370
[  248.894232]  getname_flags+0xce/0x590
[  248.898049]  do_sys_open+0x26c/0x520
[  248.902137]  ? filp_open+0x70/0x70
[  248.905689]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  248.911075]  ? trace_hardirqs_off_caller+0x6e/0x210
[  248.916099]  ? do_syscall_64+0x21/0x620
[  248.920084]  do_syscall_64+0xf9/0x620
[  248.923897]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
21:35:02 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x0, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:02 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  248.929711] RIP: 0033:0x417c51
[  248.932908] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 6a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  248.952023] RSP: 002b:00007f86da993a10 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  248.959739] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000417c51
[  248.967016] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007f86da993ad0
21:35:02 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  248.974312] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  248.981602] R10: 0000000000001000 R11: 0000000000000293 R12: 0000000000000003
[  248.988882] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:02 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  249.032010] erofs: read_super, device -> /dev/loop1
[  249.037072] erofs: options -> 
[  249.040329] erofs: cannot find valid erofs superblock
21:35:02 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x0, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  249.098224] FAULT_INJECTION: forcing a failure.
[  249.098224] name failslab, interval 1, probability 0, space 0, times 0
21:35:02 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c002400", 0x10, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:02 executing program 4 (fault-call:3 fault-nth:7):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  249.183169] CPU: 0 PID: 14359 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  249.193916] FAULT_INJECTION: forcing a failure.
[  249.193916] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  249.195204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  249.216733] Call Trace:
[  249.219345]  dump_stack+0x1fc/0x2fe
[  249.223005]  should_fail.cold+0xa/0x14
[  249.226919]  ? setup_fault_attr+0x200/0x200
[  249.231247]  ? lock_acquire+0x170/0x3c0
[  249.235240]  __should_failslab+0x115/0x180
[  249.239493]  should_failslab+0x5/0xf
[  249.243220]  kmem_cache_alloc+0x277/0x370
[  249.247388]  __alloc_file+0x21/0x330
[  249.251108]  alloc_empty_file+0x6d/0x170
[  249.255204]  path_openat+0xe9/0x2df0
[  249.258922]  ? __lock_acquire+0x6de/0x3ff0
[  249.263173]  ? path_lookupat+0x8d0/0x8d0
[  249.267237]  ? mark_held_locks+0xf0/0xf0
[  249.271308]  do_filp_open+0x18c/0x3f0
[  249.275116]  ? may_open_dev+0xf0/0xf0
[  249.278921]  ? __alloc_fd+0x28d/0x570
[  249.282729]  ? lock_downgrade+0x720/0x720
[  249.286877]  ? lock_acquire+0x170/0x3c0
[  249.290860]  ? __alloc_fd+0x34/0x570
[  249.294583]  ? do_raw_spin_unlock+0x171/0x230
[  249.299093]  ? _raw_spin_unlock+0x29/0x40
[  249.303248]  ? __alloc_fd+0x28d/0x570
[  249.307064]  do_sys_open+0x3b3/0x520
[  249.310808]  ? filp_open+0x70/0x70
[  249.314381]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  249.319758]  ? trace_hardirqs_off_caller+0x6e/0x210
[  249.324783]  ? do_syscall_64+0x21/0x620
[  249.328764]  do_syscall_64+0xf9/0x620
[  249.332569]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  249.337816] RIP: 0033:0x417c51
[  249.341012] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 6a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  249.360049] RSP: 002b:00007fc4b3b73a10 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  249.367788] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000417c51
[  249.375066] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007fc4b3b73ad0
[  249.382338] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  249.389611] R10: 0000000000001000 R11: 0000000000000293 R12: 0000000000000003
[  249.396884] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  249.404192] CPU: 1 PID: 14367 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  249.412094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  249.421451] Call Trace:
[  249.424055]  dump_stack+0x1fc/0x2fe
[  249.427696]  should_fail.cold+0xa/0x14
[  249.431595]  ? setup_fault_attr+0x200/0x200
[  249.435927]  ? do_writepages+0x290/0x290
[  249.439999]  ? unlock_page+0x13d/0x230
[  249.441872] erofs: read_super, device -> /dev/loop1
[  249.443905]  __alloc_pages_nodemask+0x239/0x2890
[  249.443926]  ? lock_downgrade+0x720/0x720
[  249.443940]  ? check_preemption_disabled+0x41/0x280
[  249.443962]  ? __lock_acquire+0x6de/0x3ff0
[  249.456749] erofs: options -> 
[  249.457895]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  249.457913]  ? lock_downgrade+0x720/0x720
[  249.457924]  ? lock_acquire+0x170/0x3c0
[  249.457943]  ? up_write+0x18/0x150
[  249.471235] erofs: root inode @ nid 36
[  249.475215]  ? generic_file_write_iter+0x381/0x729
[  249.475234]  ? iov_iter_init+0xb8/0x1d0
[  249.475253]  cache_grow_begin+0xa4/0x8a0
[  249.475270]  ? setup_fault_attr+0x200/0x200
[  249.475284]  ? lock_acquire+0x170/0x3c0
[  249.475300]  cache_alloc_refill+0x273/0x340
[  249.475317]  kmem_cache_alloc+0x346/0x370
[  249.485517] erofs: mounted on /dev/loop1 with opts: .
[  249.487040]  getname_flags+0xce/0x590
[  249.487061]  do_sys_open+0x26c/0x520
[  249.487075]  ? filp_open+0x70/0x70
[  249.487094]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  249.542557]  ? trace_hardirqs_off_caller+0x6e/0x210
[  249.547601]  ? do_syscall_64+0x21/0x620
[  249.551620]  do_syscall_64+0xf9/0x620
[  249.555437]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  249.560632] RIP: 0033:0x417c51
[  249.563834] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 6a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  249.582759] RSP: 002b:00007f86da993a10 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  249.590483] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000417c51
[  249.597762] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007f86da993ad0
[  249.605034] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  249.612396] R10: 0000000000001000 R11: 0000000000000293 R12: 0000000000000003
[  249.619678] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:03 executing program 2 (fault-call:3 fault-nth:9):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:03 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:03 executing program 5:
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

21:35:03 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  249.670670] erofs: read_super, device -> /dev/loop4
[  249.701976] erofs: unmounted for /dev/loop1
[  249.707381] erofs: options -> 
[  249.725209] erofs: root inode @ nid 36
[  249.737700] erofs: mounted on /dev/loop4 with opts: .
21:35:03 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x0, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  249.761116] FAULT_INJECTION: forcing a failure.
[  249.761116] name failslab, interval 1, probability 0, space 0, times 0
[  249.791874] CPU: 1 PID: 14393 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  249.799826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  249.809193] Call Trace:
21:35:03 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:03 executing program 4 (fault-call:3 fault-nth:8):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  249.811793]  dump_stack+0x1fc/0x2fe
[  249.815437]  should_fail.cold+0xa/0x14
[  249.819330]  ? setup_fault_attr+0x200/0x200
[  249.823654]  ? lock_acquire+0x170/0x3c0
[  249.827645]  __should_failslab+0x115/0x180
[  249.831890]  should_failslab+0x5/0xf
[  249.835603]  kmem_cache_alloc_trace+0x284/0x380
[  249.840283]  ? loop_info64_to_compat+0x5e0/0x5e0
[  249.845048]  __kthread_create_on_node+0xd2/0x410
[  249.849830]  ? kthread_parkme+0xa0/0xa0
[  249.853881]  ? lo_ioctl+0x1bb/0x20e0
[  249.858716]  ? __mutex_lock+0x3a8/0x1260
[  249.862775]  ? lock_downgrade+0x720/0x720
[  249.866923]  ? loop_info64_to_compat+0x5e0/0x5e0
[  249.871695]  kthread_create_on_node+0xbb/0xf0
[  249.876215]  ? __kthread_create_on_node+0x410/0x410
[  249.881228]  ? __fget+0x356/0x510
[  249.884670]  ? do_dup2+0x450/0x450
[  249.888205]  ? __lockdep_init_map+0x100/0x5a0
[  249.892697]  ? __lockdep_init_map+0x100/0x5a0
[  249.897288]  lo_ioctl+0xae5/0x20e0
[  249.900831]  ? loop_set_status64+0x110/0x110
[  249.905241]  blkdev_ioctl+0x5cb/0x1a7e
[  249.909166]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  249.914547]  ? blkpg_ioctl+0x9d0/0x9d0
[  249.918441]  ? mark_held_locks+0xf0/0xf0
[  249.922499]  ? mark_held_locks+0xf0/0xf0
[  249.926563]  ? debug_check_no_obj_freed+0x201/0x482
[  249.931568]  ? lock_downgrade+0x720/0x720
[  249.935705]  block_ioctl+0xe9/0x130
[  249.939317]  ? blkdev_fallocate+0x3f0/0x3f0
[  249.943642]  do_vfs_ioctl+0xcdb/0x12e0
[  249.947533]  ? lock_downgrade+0x720/0x720
[  249.951696]  ? check_preemption_disabled+0x41/0x280
[  249.956707]  ? ioctl_preallocate+0x200/0x200
[  249.961133]  ? __fget+0x356/0x510
[  249.964591]  ? do_dup2+0x450/0x450
[  249.968125]  ? do_sys_open+0x2bf/0x520
[  249.972006]  ksys_ioctl+0x9b/0xc0
[  249.975444]  __x64_sys_ioctl+0x6f/0xb0
[  249.979315]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  249.983883]  do_syscall_64+0xf9/0x620
[  249.987687]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  249.992861] RIP: 0033:0x45dfc7
[  249.996054] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  250.014950] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  250.022905] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  250.030157] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  250.037408] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  250.044658] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  250.052027] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:03 executing program 5:
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  250.060174] erofs: unmounted for /dev/loop4
21:35:03 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:03 executing program 2 (fault-call:3 fault-nth:10):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:03 executing program 5:
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  250.148420] erofs: read_super, device -> /dev/loop1
21:35:03 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  250.184092] FAULT_INJECTION: forcing a failure.
[  250.184092] name failslab, interval 1, probability 0, space 0, times 0
[  250.189300] erofs: options -> 
[  250.206469] CPU: 1 PID: 14409 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  250.214379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  250.223742] Call Trace:
[  250.226346]  dump_stack+0x1fc/0x2fe
[  250.229992]  should_fail.cold+0xa/0x14
[  250.233900]  ? setup_fault_attr+0x200/0x200
[  250.238235]  ? lock_acquire+0x170/0x3c0
[  250.242233]  __should_failslab+0x115/0x180
[  250.246567]  should_failslab+0x5/0xf
[  250.250289]  kmem_cache_alloc_trace+0x284/0x380
[  250.254970]  apparmor_file_alloc_security+0x394/0xad0
[  250.260173]  ? apparmor_file_receive+0x160/0x160
[  250.264948]  ? __alloc_file+0x21/0x330
[  250.268852]  security_file_alloc+0x40/0x90
[  250.273129]  __alloc_file+0xc9/0x330
[  250.276858]  alloc_empty_file+0x6d/0x170
[  250.280935]  path_openat+0xe9/0x2df0
[  250.284661]  ? __lock_acquire+0x6de/0x3ff0
[  250.288914]  ? path_lookupat+0x8d0/0x8d0
[  250.292985]  ? mark_held_locks+0xf0/0xf0
[  250.297059]  ? mark_held_locks+0xf0/0xf0
[  250.301148]  do_filp_open+0x18c/0x3f0
[  250.305009]  ? may_open_dev+0xf0/0xf0
[  250.308824]  ? __alloc_fd+0x28d/0x570
[  250.312642]  ? lock_downgrade+0x720/0x720
[  250.316801]  ? lock_acquire+0x170/0x3c0
[  250.320787]  ? __alloc_fd+0x34/0x570
[  250.324520]  ? do_raw_spin_unlock+0x171/0x230
[  250.329041]  ? _raw_spin_unlock+0x29/0x40
[  250.333203]  ? __alloc_fd+0x28d/0x570
[  250.337059]  do_sys_open+0x3b3/0x520
[  250.340792]  ? filp_open+0x70/0x70
[  250.344343]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  250.349719]  ? trace_hardirqs_off_caller+0x6e/0x210
[  250.354750]  ? do_syscall_64+0x21/0x620
[  250.358737]  do_syscall_64+0xf9/0x620
[  250.362587]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  250.367785] RIP: 0033:0x417c51
[  250.370991] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 6a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  250.389913] RSP: 002b:00007f86da993a10 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  250.397662] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000417c51
[  250.400582] erofs: cannot find valid erofs superblock
[  250.404934] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007f86da993ad0
[  250.404943] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  250.404951] R10: 0000000000001000 R11: 0000000000000293 R12: 0000000000000003
21:35:03 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:03 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  250.404958] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  250.435996] FAULT_INJECTION: forcing a failure.
[  250.435996] name failslab, interval 1, probability 0, space 0, times 0
[  250.488101] CPU: 1 PID: 14422 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  250.496024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  250.505389] Call Trace:
[  250.507991]  dump_stack+0x1fc/0x2fe
[  250.511659]  should_fail.cold+0xa/0x14
[  250.515542]  ? setup_fault_attr+0x200/0x200
[  250.519897]  ? lock_acquire+0x170/0x3c0
[  250.523900]  __should_failslab+0x115/0x180
[  250.528415]  should_failslab+0x5/0xf
[  250.532147]  kmem_cache_alloc_trace+0x284/0x380
[  250.536806]  ? loop_info64_to_compat+0x5e0/0x5e0
[  250.541556]  __kthread_create_on_node+0xd2/0x410
[  250.546402]  ? kthread_parkme+0xa0/0xa0
[  250.550370]  ? lo_ioctl+0x1bb/0x20e0
[  250.554102]  ? __mutex_lock+0x3a8/0x1260
[  250.558173]  ? lock_downgrade+0x720/0x720
[  250.562332]  ? loop_info64_to_compat+0x5e0/0x5e0
[  250.567091]  kthread_create_on_node+0xbb/0xf0
[  250.571574]  ? __kthread_create_on_node+0x410/0x410
[  250.576596]  ? __fget+0x356/0x510
[  250.580037]  ? do_dup2+0x450/0x450
[  250.583563]  ? __lockdep_init_map+0x100/0x5a0
[  250.588043]  ? __lockdep_init_map+0x100/0x5a0
[  250.592537]  lo_ioctl+0xae5/0x20e0
[  250.596079]  ? loop_set_status64+0x110/0x110
[  250.600477]  blkdev_ioctl+0x5cb/0x1a7e
[  250.604357]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  250.609708]  ? blkpg_ioctl+0x9d0/0x9d0
[  250.613581]  ? mark_held_locks+0xf0/0xf0
[  250.617643]  ? mark_held_locks+0xf0/0xf0
[  250.621704]  ? debug_check_no_obj_freed+0x201/0x482
[  250.626729]  ? lock_downgrade+0x720/0x720
[  250.630864]  block_ioctl+0xe9/0x130
[  250.634491]  ? blkdev_fallocate+0x3f0/0x3f0
[  250.638814]  do_vfs_ioctl+0xcdb/0x12e0
[  250.642703]  ? lock_downgrade+0x720/0x720
[  250.646842]  ? check_preemption_disabled+0x41/0x280
[  250.651849]  ? ioctl_preallocate+0x200/0x200
[  250.656276]  ? __fget+0x356/0x510
[  250.659733]  ? do_dup2+0x450/0x450
[  250.663279]  ? do_sys_open+0x2bf/0x520
[  250.667182]  ksys_ioctl+0x9b/0xc0
[  250.670625]  __x64_sys_ioctl+0x6f/0xb0
[  250.674545]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  250.679115]  do_syscall_64+0xf9/0x620
[  250.682928]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  250.688121] RIP: 0033:0x45dfc7
[  250.691309] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  250.710300] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  250.718017] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  250.725294] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
21:35:04 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  250.732571] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  250.739943] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  250.747198] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:04 executing program 2 (fault-call:3 fault-nth:11):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:04 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:04 executing program 4 (fault-call:3 fault-nth:9):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:04 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:04 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  250.925341] FAULT_INJECTION: forcing a failure.
[  250.925341] name failslab, interval 1, probability 0, space 0, times 0
[  250.947965] FAULT_INJECTION: forcing a failure.
[  250.947965] name failslab, interval 1, probability 0, space 0, times 0
[  250.961333] CPU: 1 PID: 14439 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  250.969238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  250.978590] Call Trace:
[  250.981187]  dump_stack+0x1fc/0x2fe
[  250.984834]  should_fail.cold+0xa/0x14
[  250.988733]  ? setup_fault_attr+0x200/0x200
[  250.993059]  ? lock_acquire+0x170/0x3c0
[  250.997048]  __should_failslab+0x115/0x180
[  251.001289]  should_failslab+0x5/0xf
[  251.005360]  kmem_cache_alloc+0x277/0x370
[  251.009512]  __kernfs_new_node+0xd2/0x680
[  251.013687]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  251.018445]  ? _raw_spin_unlock_irq+0x5a/0x80
[  251.023308]  ? __cpu_to_node+0x7b/0xa0
[  251.027203]  ? mark_held_locks+0xf0/0xf0
[  251.031265]  ? io_schedule_timeout+0x140/0x140
[  251.035847]  ? enqueue_entity+0xf86/0x3850
[  251.040259]  ? set_user_nice.part.0+0x3b9/0xab0
[  251.044944]  kernfs_create_dir_ns+0x9e/0x230
[  251.049359]  internal_create_group+0x1c1/0xb20
[  251.053976]  ? sysfs_remove_link_from_group+0x70/0x70
[  251.059171]  ? lock_downgrade+0x720/0x720
[  251.063334]  lo_ioctl+0xf7c/0x20e0
[  251.066883]  ? loop_set_status64+0x110/0x110
[  251.071297]  blkdev_ioctl+0x5cb/0x1a7e
[  251.075189]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  251.080730]  ? blkpg_ioctl+0x9d0/0x9d0
[  251.084658]  ? mark_held_locks+0xf0/0xf0
[  251.088719]  ? mark_held_locks+0xf0/0xf0
[  251.092785]  ? debug_check_no_obj_freed+0x201/0x482
[  251.097840]  ? lock_downgrade+0x720/0x720
[  251.101990]  block_ioctl+0xe9/0x130
[  251.105623]  ? blkdev_fallocate+0x3f0/0x3f0
[  251.109947]  do_vfs_ioctl+0xcdb/0x12e0
[  251.113843]  ? lock_downgrade+0x720/0x720
[  251.117998]  ? check_preemption_disabled+0x41/0x280
[  251.123025]  ? ioctl_preallocate+0x200/0x200
[  251.127438]  ? __fget+0x356/0x510
[  251.130895]  ? do_dup2+0x450/0x450
[  251.134456]  ? do_sys_open+0x2bf/0x520
[  251.138355]  ksys_ioctl+0x9b/0xc0
[  251.141816]  __x64_sys_ioctl+0x6f/0xb0
[  251.145704]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  251.150286]  do_syscall_64+0xf9/0x620
[  251.154094]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  251.159289] RIP: 0033:0x45dfc7
[  251.162485] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  251.181416] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  251.189141] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  251.196413] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  251.203681] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  251.210977] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  251.218251] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  251.225548] CPU: 0 PID: 14444 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  251.233449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  251.234484] erofs: read_super, device -> /dev/loop2
[  251.242809] Call Trace:
[  251.242835]  dump_stack+0x1fc/0x2fe
[  251.242856]  should_fail.cold+0xa/0x14
[  251.242870]  ? setup_fault_attr+0x200/0x200
[  251.242883]  ? lock_acquire+0x170/0x3c0
[  251.242904]  __should_failslab+0x115/0x180
[  251.242918]  should_failslab+0x5/0xf
[  251.242930]  kmem_cache_alloc_trace+0x284/0x380
[  251.242949]  apparmor_file_alloc_security+0x394/0xad0
[  251.242967]  ? apparmor_file_receive+0x160/0x160
[  251.248149] erofs: options -> 
[  251.250569]  ? __alloc_file+0x21/0x330
[  251.250592]  security_file_alloc+0x40/0x90
[  251.250607]  __alloc_file+0xc9/0x330
[  251.250624]  alloc_empty_file+0x6d/0x170
[  251.254679] erofs: root inode @ nid 36
[  251.258122]  path_openat+0xe9/0x2df0
[  251.258139]  ? __lock_acquire+0x6de/0x3ff0
[  251.258161]  ? path_lookupat+0x8d0/0x8d0
21:35:04 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:04 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  251.262880] erofs: mounted on /dev/loop2 with opts: .
[  251.266449]  ? mark_held_locks+0xf0/0xf0
[  251.266476]  do_filp_open+0x18c/0x3f0
[  251.266494]  ? may_open_dev+0xf0/0xf0
[  251.341311]  ? __alloc_fd+0x28d/0x570
[  251.345140]  ? lock_downgrade+0x720/0x720
[  251.349305]  ? lock_acquire+0x170/0x3c0
[  251.353301]  ? __alloc_fd+0x34/0x570
[  251.357034]  ? do_raw_spin_unlock+0x171/0x230
[  251.361553]  ? _raw_spin_unlock+0x29/0x40
[  251.365717]  ? __alloc_fd+0x28d/0x570
[  251.369558]  do_sys_open+0x3b3/0x520
[  251.373282]  ? filp_open+0x70/0x70
[  251.376835]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  251.382210]  ? trace_hardirqs_off_caller+0x6e/0x210
[  251.387332]  ? do_syscall_64+0x21/0x620
[  251.391321]  do_syscall_64+0xf9/0x620
[  251.395132]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  251.400325] RIP: 0033:0x417c51
[  251.403528] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 6a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
21:35:04 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:04 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  251.422448] RSP: 002b:00007f86da993a10 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  251.430164] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000417c51
[  251.430254] erofs: read_super, device -> /dev/loop1
[  251.437432] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007f86da993ad0
[  251.437441] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  251.437448] R10: 0000000000001000 R11: 0000000000000293 R12: 0000000000000003
[  251.437455] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:04 executing program 2 (fault-call:3 fault-nth:12):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  251.513254] erofs: unmounted for /dev/loop2
21:35:04 executing program 4 (fault-call:3 fault-nth:10):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:04 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x0, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  251.639045] erofs: options -> 
[  251.648893] FAULT_INJECTION: forcing a failure.
[  251.648893] name failslab, interval 1, probability 0, space 0, times 0
[  251.660431] erofs: cannot find valid erofs superblock
[  251.669104] CPU: 1 PID: 14469 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  251.677009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  251.686374] Call Trace:
[  251.688976]  dump_stack+0x1fc/0x2fe
[  251.692617]  should_fail.cold+0xa/0x14
[  251.696826]  ? setup_fault_attr+0x200/0x200
[  251.701181]  ? lock_acquire+0x170/0x3c0
[  251.705179]  __should_failslab+0x115/0x180
[  251.709431]  should_failslab+0x5/0xf
[  251.713158]  kmem_cache_alloc+0x277/0x370
[  251.717409]  __kernfs_new_node+0xd2/0x680
[  251.721544]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  251.726286]  ? kernfs_activate+0x2c/0x1d0
[  251.730426]  ? lock_downgrade+0x720/0x720
[  251.734585]  ? kernfs_add_one+0x51/0x4c0
[  251.738662]  ? __mutex_add_waiter+0x160/0x160
[  251.743193]  ? __mutex_unlock_slowpath+0xea/0x610
[  251.748047]  kernfs_new_node+0x92/0x120
[  251.752012]  __kernfs_create_file+0x51/0x33f
[  251.756408]  sysfs_add_file_mode_ns+0x226/0x540
[  251.761086]  internal_create_group+0x355/0xb20
[  251.765687]  ? sysfs_remove_link_from_group+0x70/0x70
[  251.770868]  ? lock_downgrade+0x720/0x720
[  251.775014]  lo_ioctl+0xf7c/0x20e0
[  251.778570]  ? loop_set_status64+0x110/0x110
[  251.782979]  blkdev_ioctl+0x5cb/0x1a7e
[  251.786851]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  251.792202]  ? blkpg_ioctl+0x9d0/0x9d0
[  251.796097]  ? mark_held_locks+0xf0/0xf0
[  251.800161]  ? mark_held_locks+0xf0/0xf0
[  251.804210]  ? debug_check_no_obj_freed+0x201/0x482
[  251.809229]  ? lock_downgrade+0x720/0x720
[  251.813398]  block_ioctl+0xe9/0x130
[  251.817011]  ? blkdev_fallocate+0x3f0/0x3f0
[  251.821355]  do_vfs_ioctl+0xcdb/0x12e0
[  251.825238]  ? lock_downgrade+0x720/0x720
[  251.829381]  ? check_preemption_disabled+0x41/0x280
[  251.834404]  ? ioctl_preallocate+0x200/0x200
[  251.838801]  ? __fget+0x356/0x510
[  251.842243]  ? do_dup2+0x450/0x450
[  251.845769]  ? do_sys_open+0x2bf/0x520
[  251.849667]  ksys_ioctl+0x9b/0xc0
[  251.853129]  __x64_sys_ioctl+0x6f/0xb0
[  251.857020]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  251.861596]  do_syscall_64+0xf9/0x620
[  251.865412]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  251.870598] RIP: 0033:0x45dfc7
[  251.873784] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  251.892687] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  251.900418] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  251.907700] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  251.915059] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  251.922320] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  251.929588] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  251.941416] FAULT_INJECTION: forcing a failure.
[  251.941416] name failslab, interval 1, probability 0, space 0, times 0
[  251.969747] CPU: 0 PID: 14468 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  251.977676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  251.987042] Call Trace:
[  251.989622]  dump_stack+0x1fc/0x2fe
[  251.993344]  should_fail.cold+0xa/0x14
[  251.997336]  ? setup_fault_attr+0x200/0x200
[  252.001661]  ? lock_acquire+0x170/0x3c0
[  252.005635]  __should_failslab+0x115/0x180
[  252.009871]  should_failslab+0x5/0xf
[  252.013605]  kmem_cache_alloc_trace+0x284/0x380
[  252.018262]  ? loop_info64_to_compat+0x5e0/0x5e0
[  252.023033]  __kthread_create_on_node+0xd2/0x410
[  252.027949]  ? kthread_parkme+0xa0/0xa0
[  252.032048]  ? lo_ioctl+0x1bb/0x20e0
[  252.035778]  ? __mutex_lock+0x3a8/0x1260
[  252.039931]  ? lock_downgrade+0x720/0x720
[  252.044070]  ? loop_info64_to_compat+0x5e0/0x5e0
[  252.048831]  kthread_create_on_node+0xbb/0xf0
[  252.053332]  ? __kthread_create_on_node+0x410/0x410
[  252.058334]  ? __fget+0x356/0x510
[  252.061784]  ? do_dup2+0x450/0x450
[  252.065319]  ? __lockdep_init_map+0x100/0x5a0
[  252.069798]  ? __lockdep_init_map+0x100/0x5a0
[  252.074283]  lo_ioctl+0xae5/0x20e0
[  252.077811]  ? loop_set_status64+0x110/0x110
[  252.082382]  blkdev_ioctl+0x5cb/0x1a7e
[  252.086271]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  252.091624]  ? blkpg_ioctl+0x9d0/0x9d0
[  252.095679]  ? mark_held_locks+0xf0/0xf0
[  252.099729]  ? mark_held_locks+0xf0/0xf0
[  252.103793]  ? debug_check_no_obj_freed+0x201/0x482
[  252.108807]  ? lock_downgrade+0x720/0x720
[  252.112959]  block_ioctl+0xe9/0x130
[  252.116570]  ? blkdev_fallocate+0x3f0/0x3f0
[  252.120876]  do_vfs_ioctl+0xcdb/0x12e0
[  252.124750]  ? lock_downgrade+0x720/0x720
[  252.128894]  ? check_preemption_disabled+0x41/0x280
[  252.133911]  ? ioctl_preallocate+0x200/0x200
[  252.138334]  ? __fget+0x356/0x510
[  252.141894]  ? do_dup2+0x450/0x450
[  252.145449]  ? do_sys_open+0x2bf/0x520
[  252.149338]  ksys_ioctl+0x9b/0xc0
[  252.152813]  __x64_sys_ioctl+0x6f/0xb0
[  252.156709]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  252.161453]  do_syscall_64+0xf9/0x620
[  252.165246]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  252.170455] RIP: 0033:0x45dfc7
[  252.173645] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  252.192604] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  252.200350] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  252.207628] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  252.214895] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  252.222297] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  252.229575] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:05 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:05 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:05 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:05 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x0, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:05 executing program 4 (fault-call:3 fault-nth:11):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  252.246357] erofs: read_super, device -> /dev/loop2
[  252.251409] erofs: options -> 
[  252.283597] erofs: root inode @ nid 36
21:35:05 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  252.316501] erofs: mounted on /dev/loop2 with opts: .
21:35:05 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x0, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:05 executing program 2 (fault-call:3 fault-nth:13):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  252.401699] erofs: read_super, device -> /dev/loop1
[  252.407636] FAULT_INJECTION: forcing a failure.
[  252.407636] name failslab, interval 1, probability 0, space 0, times 0
[  252.419595] erofs: options -> 
[  252.428687] erofs: unmounted for /dev/loop2
[  252.430522] erofs: cannot find valid erofs superblock
[  252.443593] CPU: 0 PID: 14494 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  252.451493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  252.460841] Call Trace:
[  252.463467]  dump_stack+0x1fc/0x2fe
[  252.467105]  should_fail.cold+0xa/0x14
[  252.471018]  ? setup_fault_attr+0x200/0x200
[  252.475346]  ? lock_acquire+0x170/0x3c0
[  252.479837]  __should_failslab+0x115/0x180
[  252.484164]  should_failslab+0x5/0xf
[  252.487977]  kmem_cache_alloc+0x277/0x370
[  252.492139]  __kernfs_new_node+0xd2/0x680
[  252.496329]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  252.501073]  ? _raw_spin_unlock_irq+0x5a/0x80
[  252.505559]  ? __cpu_to_node+0x7b/0xa0
[  252.509456]  ? mark_held_locks+0xf0/0xf0
[  252.513522]  ? io_schedule_timeout+0x140/0x140
[  252.518110]  ? enqueue_entity+0xf86/0x3850
[  252.522361]  ? set_user_nice.part.0+0x3b9/0xab0
[  252.527036]  kernfs_create_dir_ns+0x9e/0x230
[  252.531437]  internal_create_group+0x1c1/0xb20
[  252.536070]  ? sysfs_remove_link_from_group+0x70/0x70
[  252.541244]  ? lock_downgrade+0x720/0x720
[  252.545424]  lo_ioctl+0xf7c/0x20e0
[  252.548956]  ? loop_set_status64+0x110/0x110
[  252.553370]  blkdev_ioctl+0x5cb/0x1a7e
[  252.557266]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  252.562637]  ? blkpg_ioctl+0x9d0/0x9d0
[  252.566519]  ? mark_held_locks+0xf0/0xf0
[  252.570562]  ? mark_held_locks+0xf0/0xf0
[  252.574610]  ? debug_check_no_obj_freed+0x201/0x482
[  252.579611]  ? lock_downgrade+0x720/0x720
[  252.583758]  block_ioctl+0xe9/0x130
[  252.587377]  ? blkdev_fallocate+0x3f0/0x3f0
[  252.591692]  do_vfs_ioctl+0xcdb/0x12e0
[  252.595566]  ? lock_downgrade+0x720/0x720
[  252.599704]  ? check_preemption_disabled+0x41/0x280
[  252.604713]  ? ioctl_preallocate+0x200/0x200
[  252.609139]  ? __fget+0x356/0x510
[  252.612604]  ? do_dup2+0x450/0x450
[  252.616144]  ? do_sys_open+0x2bf/0x520
[  252.620037]  ksys_ioctl+0x9b/0xc0
[  252.623506]  __x64_sys_ioctl+0x6f/0xb0
[  252.627398]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  252.631977]  do_syscall_64+0xf9/0x620
[  252.635795]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  252.640969] RIP: 0033:0x45dfc7
[  252.644164] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  252.663070] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  252.671121] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  252.678414] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  252.685668] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  252.692928] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
21:35:06 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  252.700205] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:06 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:06 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  252.792220] erofs: read_super, device -> /dev/loop4
[  252.797357] erofs: options -> 
[  252.808757] erofs: root inode @ nid 36
[  252.829800] erofs: mounted on /dev/loop4 with opts: .
[  252.863098] FAULT_INJECTION: forcing a failure.
[  252.863098] name failslab, interval 1, probability 0, space 0, times 0
[  252.875344] CPU: 0 PID: 14511 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  252.883236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  252.892590] Call Trace:
[  252.895215]  dump_stack+0x1fc/0x2fe
[  252.898856]  should_fail.cold+0xa/0x14
[  252.902752]  ? setup_fault_attr+0x200/0x200
[  252.907243]  ? lock_acquire+0x170/0x3c0
[  252.911213]  __should_failslab+0x115/0x180
[  252.915437]  should_failslab+0x5/0xf
[  252.919155]  kmem_cache_alloc+0x277/0x370
[  252.923299]  __kernfs_new_node+0xd2/0x680
[  252.927470]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  252.932228]  ? __mutex_unlock_slowpath+0xea/0x610
[  252.937068]  ? wait_for_completion_io+0x10/0x10
[  252.941722]  ? kernfs_next_descendant_post+0x19c/0x290
[  252.946999]  kernfs_new_node+0x92/0x120
[  252.950961]  __kernfs_create_file+0x51/0x33f
[  252.955356]  sysfs_add_file_mode_ns+0x226/0x540
[  252.960028]  internal_create_group+0x355/0xb20
[  252.964705]  ? sysfs_remove_link_from_group+0x70/0x70
[  252.969894]  ? lock_downgrade+0x720/0x720
[  252.974055]  lo_ioctl+0xf7c/0x20e0
[  252.977593]  ? loop_set_status64+0x110/0x110
[  252.982002]  blkdev_ioctl+0x5cb/0x1a7e
[  252.985885]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  252.991236]  ? blkpg_ioctl+0x9d0/0x9d0
[  252.995137]  ? mark_held_locks+0xf0/0xf0
[  252.999181]  ? mark_held_locks+0xf0/0xf0
[  253.003241]  ? debug_check_no_obj_freed+0x201/0x482
[  253.008254]  ? lock_downgrade+0x720/0x720
[  253.012399]  block_ioctl+0xe9/0x130
[  253.016023]  ? blkdev_fallocate+0x3f0/0x3f0
[  253.020332]  do_vfs_ioctl+0xcdb/0x12e0
[  253.024223]  ? lock_downgrade+0x720/0x720
[  253.028366]  ? check_preemption_disabled+0x41/0x280
[  253.033378]  ? ioctl_preallocate+0x200/0x200
[  253.037797]  ? __fget+0x356/0x510
[  253.041247]  ? do_dup2+0x450/0x450
[  253.045032]  ? do_sys_open+0x2bf/0x520
[  253.048923]  ksys_ioctl+0x9b/0xc0
[  253.052409]  __x64_sys_ioctl+0x6f/0xb0
[  253.056298]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  253.060886]  do_syscall_64+0xf9/0x620
[  253.064686]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  253.069878] RIP: 0033:0x45dfc7
[  253.073093] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  253.092001] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  253.099705] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  253.106975] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
21:35:06 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:06 executing program 4 (fault-call:3 fault-nth:12):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  253.114236] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  253.121500] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  253.128839] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  253.143947] erofs: unmounted for /dev/loop4
[  253.154789] erofs: read_super, device -> /dev/loop2
21:35:06 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:06 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  253.166861] erofs: read_super, device -> /dev/loop1
[  253.173562] erofs: options -> 
[  253.181331] erofs: options -> 
[  253.182868] erofs: root inode @ nid 36
[  253.191656] erofs: mounted on /dev/loop2 with opts: .
[  253.200746] erofs: blksize 1 isn't supported on this platform
21:35:06 executing program 2 (fault-call:3 fault-nth:14):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  253.265217] erofs: unmounted for /dev/loop2
21:35:06 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  253.297760] FAULT_INJECTION: forcing a failure.
[  253.297760] name failslab, interval 1, probability 0, space 0, times 0
[  253.313541] CPU: 1 PID: 14526 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  253.321453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  253.330814] Call Trace:
[  253.333415]  dump_stack+0x1fc/0x2fe
[  253.337093]  should_fail.cold+0xa/0x14
[  253.340968]  ? setup_fault_attr+0x200/0x200
[  253.345285]  ? lock_acquire+0x170/0x3c0
[  253.349261]  __should_failslab+0x115/0x180
[  253.353544]  should_failslab+0x5/0xf
[  253.357286]  kmem_cache_alloc+0x277/0x370
[  253.361425]  __kernfs_new_node+0xd2/0x680
[  253.365566]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  253.370334]  ? kernfs_activate+0x2c/0x1d0
[  253.374469]  ? lock_downgrade+0x720/0x720
[  253.378612]  ? kernfs_add_one+0x51/0x4c0
[  253.382659]  ? __mutex_add_waiter+0x160/0x160
[  253.387158]  ? __mutex_unlock_slowpath+0xea/0x610
[  253.391997]  kernfs_new_node+0x92/0x120
[  253.395960]  __kernfs_create_file+0x51/0x33f
[  253.400366]  sysfs_add_file_mode_ns+0x226/0x540
[  253.405022]  internal_create_group+0x355/0xb20
[  253.409614]  ? sysfs_remove_link_from_group+0x70/0x70
[  253.414786]  ? lock_downgrade+0x720/0x720
[  253.418943]  lo_ioctl+0xf7c/0x20e0
[  253.422482]  ? loop_set_status64+0x110/0x110
[  253.426876]  blkdev_ioctl+0x5cb/0x1a7e
[  253.430748]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  253.436098]  ? blkpg_ioctl+0x9d0/0x9d0
[  253.439988]  ? mark_held_locks+0xf0/0xf0
[  253.444062]  ? mark_held_locks+0xf0/0xf0
[  253.448114]  ? debug_check_no_obj_freed+0x201/0x482
[  253.453117]  ? lock_downgrade+0x720/0x720
[  253.457269]  block_ioctl+0xe9/0x130
[  253.460896]  ? blkdev_fallocate+0x3f0/0x3f0
[  253.465200]  do_vfs_ioctl+0xcdb/0x12e0
[  253.469085]  ? lock_downgrade+0x720/0x720
[  253.473247]  ? check_preemption_disabled+0x41/0x280
[  253.478267]  ? ioctl_preallocate+0x200/0x200
[  253.482665]  ? __fget+0x356/0x510
[  253.486120]  ? do_dup2+0x450/0x450
[  253.489654]  ? do_sys_open+0x2bf/0x520
[  253.493550]  ksys_ioctl+0x9b/0xc0
[  253.497003]  __x64_sys_ioctl+0x6f/0xb0
[  253.500880]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  253.505475]  do_syscall_64+0xf9/0x620
[  253.509266]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  253.514461] RIP: 0033:0x45dfc7
[  253.517656] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  253.536562] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
21:35:06 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  253.544271] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  253.551558] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  253.558839] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  253.566115] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  253.573406] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:07 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  253.642060] erofs: read_super, device -> /dev/loop4
[  253.647169] erofs: options -> 
[  253.661822] erofs: root inode @ nid 36
[  253.671399] erofs: mounted on /dev/loop4 with opts: .
21:35:07 executing program 4 (fault-call:3 fault-nth:13):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  253.730585] erofs: unmounted for /dev/loop4
[  253.831334] FAULT_INJECTION: forcing a failure.
[  253.831334] name failslab, interval 1, probability 0, space 0, times 0
[  253.848068] CPU: 1 PID: 14545 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  253.855967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  253.865328] Call Trace:
[  253.867926]  dump_stack+0x1fc/0x2fe
[  253.871567]  should_fail.cold+0xa/0x14
[  253.875469]  ? setup_fault_attr+0x200/0x200
21:35:07 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  253.879797]  ? lock_acquire+0x170/0x3c0
[  253.883789]  __should_failslab+0x115/0x180
[  253.888028]  should_failslab+0x5/0xf
[  253.891745]  kmem_cache_alloc+0x277/0x370
[  253.895907]  __kernfs_new_node+0xd2/0x680
[  253.900056]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  253.904809]  ? __mutex_unlock_slowpath+0xea/0x610
[  253.909805]  ? wait_for_completion_io+0x10/0x10
[  253.914507]  ? kernfs_next_descendant_post+0x19c/0x290
[  253.919796]  kernfs_new_node+0x92/0x120
[  253.923767]  __kernfs_create_file+0x51/0x33f
[  253.928165]  sysfs_add_file_mode_ns+0x226/0x540
[  253.932822]  internal_create_group+0x355/0xb20
[  253.937392]  ? sysfs_remove_link_from_group+0x70/0x70
[  253.942567]  ? lock_downgrade+0x720/0x720
[  253.946717]  lo_ioctl+0xf7c/0x20e0
[  253.950247]  ? loop_set_status64+0x110/0x110
[  253.954663]  blkdev_ioctl+0x5cb/0x1a7e
[  253.958553]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  253.963911]  ? blkpg_ioctl+0x9d0/0x9d0
[  253.967842]  ? mark_held_locks+0xf0/0xf0
[  253.971920]  ? mark_held_locks+0xf0/0xf0
[  253.976012]  ? debug_check_no_obj_freed+0x201/0x482
[  253.981021]  ? lock_downgrade+0x720/0x720
[  253.985159]  block_ioctl+0xe9/0x130
[  253.988780]  ? blkdev_fallocate+0x3f0/0x3f0
[  253.993087]  do_vfs_ioctl+0xcdb/0x12e0
[  253.997078]  ? lock_downgrade+0x720/0x720
[  254.001298]  ? check_preemption_disabled+0x41/0x280
[  254.006371]  ? ioctl_preallocate+0x200/0x200
[  254.010768]  ? __fget+0x356/0x510
[  254.014209]  ? do_dup2+0x450/0x450
[  254.017741]  ? do_sys_open+0x2bf/0x520
[  254.021664]  ksys_ioctl+0x9b/0xc0
[  254.025364]  __x64_sys_ioctl+0x6f/0xb0
[  254.029257]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  254.033842]  do_syscall_64+0xf9/0x620
[  254.037655]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  254.042831] RIP: 0033:0x45dfc7
[  254.046008] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  254.064920] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  254.072796] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  254.080079] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  254.087355] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  254.094637] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  254.101910] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  254.125990] FAULT_INJECTION: forcing a failure.
21:35:07 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  254.125990] name failslab, interval 1, probability 0, space 0, times 0
[  254.146844] CPU: 0 PID: 14549 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  254.154767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  254.164241] Call Trace:
[  254.166831]  dump_stack+0x1fc/0x2fe
[  254.170467]  should_fail.cold+0xa/0x14
[  254.174341]  ? setup_fault_attr+0x200/0x200
[  254.178666]  ? lock_acquire+0x170/0x3c0
[  254.182633]  __should_failslab+0x115/0x180
[  254.186886]  should_failslab+0x5/0xf
[  254.190599]  kmem_cache_alloc+0x277/0x370
[  254.194747]  __kernfs_new_node+0xd2/0x680
[  254.198911]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  254.203665]  ? kernfs_activate+0x2c/0x1d0
[  254.207984]  ? lock_downgrade+0x720/0x720
[  254.212134]  ? kernfs_add_one+0x51/0x4c0
[  254.216200]  ? __mutex_add_waiter+0x160/0x160
[  254.220684]  ? __mutex_unlock_slowpath+0xea/0x610
[  254.225550]  kernfs_new_node+0x92/0x120
[  254.229553]  __kernfs_create_file+0x51/0x33f
[  254.233964]  sysfs_add_file_mode_ns+0x226/0x540
[  254.238652]  internal_create_group+0x355/0xb20
[  254.243260]  ? sysfs_remove_link_from_group+0x70/0x70
[  254.248440]  ? lock_downgrade+0x720/0x720
[  254.252589]  lo_ioctl+0xf7c/0x20e0
[  254.256133]  ? loop_set_status64+0x110/0x110
[  254.260532]  blkdev_ioctl+0x5cb/0x1a7e
[  254.264419]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  254.269795]  ? blkpg_ioctl+0x9d0/0x9d0
[  254.273707]  ? mark_held_locks+0xf0/0xf0
[  254.277769]  ? mark_held_locks+0xf0/0xf0
[  254.281843]  ? debug_check_no_obj_freed+0x201/0x482
[  254.286874]  ? lock_downgrade+0x720/0x720
[  254.291019]  block_ioctl+0xe9/0x130
[  254.294627]  ? blkdev_fallocate+0x3f0/0x3f0
[  254.298958]  do_vfs_ioctl+0xcdb/0x12e0
[  254.302978]  ? lock_downgrade+0x720/0x720
[  254.307130]  ? check_preemption_disabled+0x41/0x280
[  254.312147]  ? ioctl_preallocate+0x200/0x200
[  254.316564]  ? __fget+0x356/0x510
[  254.320068]  ? do_dup2+0x450/0x450
[  254.323595]  ? do_sys_open+0x2bf/0x520
[  254.327515]  ksys_ioctl+0x9b/0xc0
[  254.330984]  __x64_sys_ioctl+0x6f/0xb0
[  254.334884]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  254.339463]  do_syscall_64+0xf9/0x620
[  254.343273]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  254.348468] RIP: 0033:0x45dfc7
[  254.351656] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  254.370553] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  254.378247] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  254.385533] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  254.392805] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  254.400063] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  254.407330] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  254.431099] erofs: read_super, device -> /dev/loop2
[  254.437186] erofs: options -> 
[  254.448081] erofs: read_super, device -> /dev/loop1
[  254.448086] erofs: read_super, device -> /dev/loop4
[  254.448104] erofs: options -> 
[  254.453578] erofs: options -> 
[  254.467849] erofs: root inode @ nid 36
[  254.484953] erofs: root inode @ nid 36
[  254.495154] erofs: blksize 1 isn't supported on this platform
[  254.498906] erofs: mounted on /dev/loop2 with opts: .
[  254.519703] erofs: mounted on /dev/loop4 with opts: .
21:35:07 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add", 0x8, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:07 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:07 executing program 2 (fault-call:3 fault-nth:15):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:07 executing program 4 (fault-call:3 fault-nth:14):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:08 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  254.625198] erofs: unmounted for /dev/loop2
[  254.641279] erofs: unmounted for /dev/loop4
21:35:08 executing program 5:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  254.715596] erofs: read_super, device -> /dev/loop1
[  254.720681] erofs: options -> 
[  254.737526] FAULT_INJECTION: forcing a failure.
[  254.737526] name failslab, interval 1, probability 0, space 0, times 0
[  254.749980] erofs: blksize 1 isn't supported on this platform
[  254.755661] CPU: 1 PID: 14587 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  254.763802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  254.773163] Call Trace:
[  254.775764]  dump_stack+0x1fc/0x2fe
[  254.779408]  should_fail.cold+0xa/0x14
[  254.783307]  ? setup_fault_attr+0x200/0x200
[  254.787628]  ? lock_acquire+0x170/0x3c0
[  254.791594]  __should_failslab+0x115/0x180
[  254.795837]  should_failslab+0x5/0xf
[  254.799547]  kmem_cache_alloc+0x277/0x370
[  254.803715]  __kernfs_new_node+0xd2/0x680
[  254.807850]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  254.812598]  ? __mutex_unlock_slowpath+0xea/0x610
[  254.817427]  ? wait_for_completion_io+0x10/0x10
[  254.822108]  ? kernfs_next_descendant_post+0x19c/0x290
[  254.827377]  kernfs_new_node+0x92/0x120
[  254.831342]  __kernfs_create_file+0x51/0x33f
[  254.835740]  sysfs_add_file_mode_ns+0x226/0x540
[  254.840400]  internal_create_group+0x355/0xb20
[  254.844972]  ? sysfs_remove_link_from_group+0x70/0x70
[  254.850157]  ? lock_downgrade+0x720/0x720
[  254.854297]  lo_ioctl+0xf7c/0x20e0
[  254.857859]  ? loop_set_status64+0x110/0x110
[  254.862271]  blkdev_ioctl+0x5cb/0x1a7e
[  254.866153]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  254.871589]  ? blkpg_ioctl+0x9d0/0x9d0
[  254.875497]  ? mark_held_locks+0xf0/0xf0
[  254.879562]  ? mark_held_locks+0xf0/0xf0
[  254.883632]  ? debug_check_no_obj_freed+0x201/0x482
[  254.888653]  ? lock_downgrade+0x720/0x720
[  254.892813]  block_ioctl+0xe9/0x130
[  254.896450]  ? blkdev_fallocate+0x3f0/0x3f0
[  254.900771]  do_vfs_ioctl+0xcdb/0x12e0
[  254.904669]  ? lock_downgrade+0x720/0x720
[  254.908844]  ? check_preemption_disabled+0x41/0x280
21:35:08 executing program 5:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  254.913868]  ? ioctl_preallocate+0x200/0x200
[  254.918286]  ? __fget+0x356/0x510
[  254.921745]  ? do_dup2+0x450/0x450
[  254.925290]  ? do_sys_open+0x2bf/0x520
[  254.929191]  ksys_ioctl+0x9b/0xc0
[  254.932637]  __x64_sys_ioctl+0x6f/0xb0
[  254.936513]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  254.941081]  do_syscall_64+0xf9/0x620
[  254.944887]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  254.950060] RIP: 0033:0x45dfc7
[  254.953265] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  254.972433] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  254.980148] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  254.987408] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  254.994695] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  255.001948] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  255.009206] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  255.020165] erofs: read_super, device -> /dev/loop2
[  255.025467] erofs: options -> 
[  255.029117] erofs: root inode @ nid 36
[  255.033783] erofs: mounted on /dev/loop2 with opts: .
[  255.039314] FAULT_INJECTION: forcing a failure.
[  255.039314] name failslab, interval 1, probability 0, space 0, times 0
[  255.051996] CPU: 0 PID: 14589 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  255.059894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  255.069280] Call Trace:
[  255.071904]  dump_stack+0x1fc/0x2fe
[  255.075543]  should_fail.cold+0xa/0x14
[  255.079443]  ? setup_fault_attr+0x200/0x200
[  255.083797]  ? lock_acquire+0x170/0x3c0
[  255.087785]  __should_failslab+0x115/0x180
[  255.092038]  should_failslab+0x5/0xf
[  255.095758]  kmem_cache_alloc+0x277/0x370
[  255.099905]  __kernfs_new_node+0xd2/0x680
[  255.104050]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  255.108822]  ? __mutex_unlock_slowpath+0xea/0x610
[  255.113664]  ? wait_for_completion_io+0x10/0x10
[  255.118337]  ? kernfs_next_descendant_post+0x19c/0x290
[  255.123615]  kernfs_new_node+0x92/0x120
[  255.127587]  __kernfs_create_file+0x51/0x33f
[  255.131994]  sysfs_add_file_mode_ns+0x226/0x540
[  255.136662]  internal_create_group+0x355/0xb20
[  255.141240]  ? sysfs_remove_link_from_group+0x70/0x70
[  255.146414]  ? lock_downgrade+0x720/0x720
[  255.150574]  lo_ioctl+0xf7c/0x20e0
[  255.154128]  ? loop_set_status64+0x110/0x110
[  255.158576]  blkdev_ioctl+0x5cb/0x1a7e
[  255.162471]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  255.167919]  ? blkpg_ioctl+0x9d0/0x9d0
[  255.171804]  ? mark_held_locks+0xf0/0xf0
[  255.175869]  ? mark_held_locks+0xf0/0xf0
[  255.179923]  ? debug_check_no_obj_freed+0x201/0x482
[  255.184938]  ? lock_downgrade+0x720/0x720
[  255.189097]  block_ioctl+0xe9/0x130
[  255.192764]  ? blkdev_fallocate+0x3f0/0x3f0
[  255.197093]  do_vfs_ioctl+0xcdb/0x12e0
[  255.200981]  ? lock_downgrade+0x720/0x720
[  255.205121]  ? check_preemption_disabled+0x41/0x280
[  255.210158]  ? ioctl_preallocate+0x200/0x200
[  255.214592]  ? __fget+0x356/0x510
[  255.218054]  ? do_dup2+0x450/0x450
[  255.221598]  ? do_sys_open+0x2bf/0x520
[  255.225495]  ksys_ioctl+0x9b/0xc0
[  255.228978]  __x64_sys_ioctl+0x6f/0xb0
[  255.232865]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  255.237455]  do_syscall_64+0xf9/0x620
[  255.241255]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  255.246435] RIP: 0033:0x45dfc7
[  255.249626] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
21:35:08 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  255.268538] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  255.276252] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  255.283548] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  255.290822] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  255.298087] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  255.305365] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  255.357586] erofs: read_super, device -> /dev/loop4
21:35:08 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  255.388883] erofs: options -> 
21:35:08 executing program 2 (fault-call:3 fault-nth:16):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  255.411939] erofs: root inode @ nid 36
[  255.427851] erofs: unmounted for /dev/loop2
[  255.430583] erofs: mounted on /dev/loop4 with opts: .
21:35:08 executing program 4 (fault-call:3 fault-nth:15):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:08 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  255.509971] erofs: read_super, device -> /dev/loop1
[  255.518206] FAULT_INJECTION: forcing a failure.
[  255.518206] name failslab, interval 1, probability 0, space 0, times 0
[  255.532370] erofs: unmounted for /dev/loop4
[  255.537439] erofs: options -> 
[  255.546094] CPU: 1 PID: 14608 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  255.553991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  255.558448] erofs: blksize 1 isn't supported on this platform
[  255.563342] Call Trace:
[  255.563366]  dump_stack+0x1fc/0x2fe
[  255.563387]  should_fail.cold+0xa/0x14
[  255.563404]  ? setup_fault_attr+0x200/0x200
[  255.563418]  ? lock_acquire+0x170/0x3c0
[  255.563438]  __should_failslab+0x115/0x180
[  255.563456]  should_failslab+0x5/0xf
[  255.595918]  kmem_cache_alloc+0x277/0x370
[  255.600066]  __kernfs_new_node+0xd2/0x680
[  255.604233]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  255.609017]  ? __mutex_unlock_slowpath+0xea/0x610
[  255.613847]  ? wait_for_completion_io+0x10/0x10
[  255.618519]  ? kernfs_next_descendant_post+0x19c/0x290
[  255.623798]  kernfs_new_node+0x92/0x120
[  255.627778]  __kernfs_create_file+0x51/0x33f
[  255.632190]  sysfs_add_file_mode_ns+0x226/0x540
[  255.636845]  internal_create_group+0x355/0xb20
[  255.641434]  ? sysfs_remove_link_from_group+0x70/0x70
[  255.646610]  ? lock_downgrade+0x720/0x720
[  255.650881]  lo_ioctl+0xf7c/0x20e0
[  255.654436]  ? loop_set_status64+0x110/0x110
[  255.658850]  blkdev_ioctl+0x5cb/0x1a7e
[  255.662732]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  255.668096]  ? blkpg_ioctl+0x9d0/0x9d0
[  255.671968]  ? mark_held_locks+0xf0/0xf0
[  255.676029]  ? mark_held_locks+0xf0/0xf0
[  255.680078]  ? debug_check_no_obj_freed+0x201/0x482
[  255.685092]  ? lock_downgrade+0x720/0x720
[  255.689238]  block_ioctl+0xe9/0x130
[  255.692850]  ? blkdev_fallocate+0x3f0/0x3f0
[  255.697160]  do_vfs_ioctl+0xcdb/0x12e0
[  255.701054]  ? lock_downgrade+0x720/0x720
[  255.705205]  ? check_preemption_disabled+0x41/0x280
[  255.710211]  ? ioctl_preallocate+0x200/0x200
[  255.714619]  ? __fget+0x356/0x510
[  255.718077]  ? do_dup2+0x450/0x450
[  255.721603]  ? do_sys_open+0x2bf/0x520
[  255.725740]  ksys_ioctl+0x9b/0xc0
[  255.729183]  __x64_sys_ioctl+0x6f/0xb0
[  255.733055]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  255.737622]  do_syscall_64+0xf9/0x620
[  255.741410]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  255.746669] RIP: 0033:0x45dfc7
[  255.749874] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  255.768783] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  255.776479] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  255.783732] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  255.790985] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  255.798245] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  255.805508] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  255.862388] erofs: read_super, device -> /dev/loop2
[  255.867503] erofs: options -> 
[  255.870817] erofs: root inode @ nid 36
21:35:09 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  255.916044] erofs: mounted on /dev/loop2 with opts: .
21:35:09 executing program 2 (fault-call:3 fault-nth:17):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  255.990259] FAULT_INJECTION: forcing a failure.
[  255.990259] name failslab, interval 1, probability 0, space 0, times 0
[  256.004224] erofs: unmounted for /dev/loop2
[  256.009190] CPU: 0 PID: 14619 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  256.017079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  256.026431] Call Trace:
[  256.029022]  dump_stack+0x1fc/0x2fe
[  256.032643]  should_fail.cold+0xa/0x14
[  256.036521]  ? setup_fault_attr+0x200/0x200
[  256.040827]  ? lock_acquire+0x170/0x3c0
[  256.044893]  __should_failslab+0x115/0x180
[  256.049145]  should_failslab+0x5/0xf
[  256.052843]  kmem_cache_alloc+0x277/0x370
[  256.056992]  __kernfs_new_node+0xd2/0x680
[  256.061128]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  256.065890]  ? __mutex_unlock_slowpath+0xea/0x610
[  256.070733]  ? wait_for_completion_io+0x10/0x10
[  256.075387]  ? kernfs_next_descendant_post+0x19c/0x290
[  256.080664]  kernfs_new_node+0x92/0x120
[  256.084655]  __kernfs_create_file+0x51/0x33f
[  256.089082]  sysfs_add_file_mode_ns+0x226/0x540
[  256.093740]  internal_create_group+0x355/0xb20
[  256.098326]  ? sysfs_remove_link_from_group+0x70/0x70
[  256.103511]  ? lock_downgrade+0x720/0x720
[  256.107677]  lo_ioctl+0xf7c/0x20e0
[  256.111228]  ? loop_set_status64+0x110/0x110
[  256.115655]  blkdev_ioctl+0x5cb/0x1a7e
[  256.119555]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  256.124916]  ? blkpg_ioctl+0x9d0/0x9d0
[  256.128799]  ? mark_held_locks+0xf0/0xf0
[  256.132949]  ? mark_held_locks+0xf0/0xf0
[  256.137019]  ? debug_check_no_obj_freed+0x201/0x482
[  256.142042]  ? lock_downgrade+0x720/0x720
[  256.146194]  block_ioctl+0xe9/0x130
[  256.149817]  ? blkdev_fallocate+0x3f0/0x3f0
[  256.154132]  do_vfs_ioctl+0xcdb/0x12e0
[  256.158033]  ? lock_downgrade+0x720/0x720
[  256.162175]  ? check_preemption_disabled+0x41/0x280
[  256.167196]  ? ioctl_preallocate+0x200/0x200
[  256.171616]  ? __fget+0x356/0x510
[  256.175071]  ? do_dup2+0x450/0x450
[  256.178607]  ? do_sys_open+0x2bf/0x520
[  256.182510]  ksys_ioctl+0x9b/0xc0
[  256.185978]  __x64_sys_ioctl+0x6f/0xb0
[  256.189878]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  256.194447]  do_syscall_64+0xf9/0x620
[  256.198254]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  256.203436] RIP: 0033:0x45dfc7
[  256.206632] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  256.225975] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  256.233694] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  256.240957] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  256.248214] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  256.255473] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  256.262739] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:09 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:09 executing program 5:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)

[  256.287145] erofs: read_super, device -> /dev/loop4
[  256.298990] erofs: options -> 
[  256.304650] erofs: root inode @ nid 36
[  256.309466] erofs: mounted on /dev/loop4 with opts: .
[  256.342010] erofs: read_super, device -> /dev/loop1
[  256.347450] erofs: options -> 
[  256.350833] erofs: blksize 1 isn't supported on this platform
21:35:09 executing program 4 (fault-call:3 fault-nth:16):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:09 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add01000000", 0xc, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  256.419939] erofs: unmounted for /dev/loop4
[  256.455747] FAULT_INJECTION: forcing a failure.
[  256.455747] name failslab, interval 1, probability 0, space 0, times 0
[  256.467747] CPU: 0 PID: 14636 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  256.475719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  256.485078] Call Trace:
[  256.487683]  dump_stack+0x1fc/0x2fe
[  256.491392]  should_fail.cold+0xa/0x14
[  256.495291]  ? setup_fault_attr+0x200/0x200
[  256.499606]  ? lock_acquire+0x170/0x3c0
[  256.503604]  __should_failslab+0x115/0x180
[  256.507946]  should_failslab+0x5/0xf
[  256.511666]  kmem_cache_alloc+0x277/0x370
[  256.515848]  __kernfs_new_node+0xd2/0x680
[  256.520013]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  256.524771]  ? __mutex_unlock_slowpath+0xea/0x610
[  256.529614]  ? wait_for_completion_io+0x10/0x10
[  256.534286]  ? kernfs_next_descendant_post+0x19c/0x290
[  256.539583]  kernfs_new_node+0x92/0x120
[  256.543563]  __kernfs_create_file+0x51/0x33f
[  256.547973]  sysfs_add_file_mode_ns+0x226/0x540
[  256.552655]  internal_create_group+0x355/0xb20
[  256.557262]  ? sysfs_remove_link_from_group+0x70/0x70
[  256.562452]  ? lock_downgrade+0x720/0x720
[  256.566624]  lo_ioctl+0xf7c/0x20e0
[  256.570153]  ? loop_set_status64+0x110/0x110
[  256.574570]  blkdev_ioctl+0x5cb/0x1a7e
[  256.578464]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  256.583857]  ? blkpg_ioctl+0x9d0/0x9d0
[  256.587758]  ? mark_held_locks+0xf0/0xf0
[  256.591817]  ? mark_held_locks+0xf0/0xf0
[  256.595878]  ? debug_check_no_obj_freed+0x201/0x482
[  256.600881]  ? lock_downgrade+0x720/0x720
[  256.605114]  block_ioctl+0xe9/0x130
[  256.608769]  ? blkdev_fallocate+0x3f0/0x3f0
[  256.613089]  do_vfs_ioctl+0xcdb/0x12e0
[  256.616980]  ? lock_downgrade+0x720/0x720
[  256.621124]  ? check_preemption_disabled+0x41/0x280
[  256.626129]  ? ioctl_preallocate+0x200/0x200
[  256.630526]  ? __fget+0x356/0x510
[  256.633970]  ? do_dup2+0x450/0x450
[  256.637517]  ? do_sys_open+0x2bf/0x520
[  256.641515]  ksys_ioctl+0x9b/0xc0
[  256.644968]  __x64_sys_ioctl+0x6f/0xb0
[  256.648857]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  256.653439]  do_syscall_64+0xf9/0x620
[  256.657253]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  256.662438] RIP: 0033:0x45dfc7
[  256.665646] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  256.685614] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  256.693322] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  256.700597] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  256.707875] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  256.715149] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  256.722415] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  256.759999] erofs: read_super, device -> /dev/loop2
21:35:10 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  256.790349] erofs: options -> 
[  256.805990] erofs: root inode @ nid 36
[  256.810360] FAULT_INJECTION: forcing a failure.
[  256.810360] name failslab, interval 1, probability 0, space 0, times 0
[  256.828036] erofs: mounted on /dev/loop2 with opts: .
[  256.830272] CPU: 1 PID: 14644 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  256.841164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  256.850521] Call Trace:
[  256.853120]  dump_stack+0x1fc/0x2fe
[  256.856925]  should_fail.cold+0xa/0x14
[  256.860820]  ? setup_fault_attr+0x200/0x200
[  256.865128]  ? lock_acquire+0x170/0x3c0
[  256.869105]  __should_failslab+0x115/0x180
[  256.873334]  should_failslab+0x5/0xf
[  256.877061]  kmem_cache_alloc+0x277/0x370
[  256.881229]  __kernfs_new_node+0xd2/0x680
[  256.885474]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  256.890320]  ? __mutex_unlock_slowpath+0xea/0x610
[  256.895164]  ? wait_for_completion_io+0x10/0x10
[  256.899867]  ? kernfs_next_descendant_post+0x19c/0x290
[  256.905156]  kernfs_new_node+0x92/0x120
[  256.909132]  __kernfs_create_file+0x51/0x33f
[  256.913553]  sysfs_add_file_mode_ns+0x226/0x540
[  256.918218]  internal_create_group+0x355/0xb20
[  256.922804]  ? sysfs_remove_link_from_group+0x70/0x70
[  256.927994]  ? lock_downgrade+0x720/0x720
[  256.932153]  lo_ioctl+0xf7c/0x20e0
[  256.935690]  ? loop_set_status64+0x110/0x110
[  256.940101]  blkdev_ioctl+0x5cb/0x1a7e
[  256.943986]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  256.949352]  ? blkpg_ioctl+0x9d0/0x9d0
[  256.953246]  ? mark_held_locks+0xf0/0xf0
[  256.957324]  ? mark_held_locks+0xf0/0xf0
[  256.961388]  ? debug_check_no_obj_freed+0x201/0x482
[  256.966413]  ? lock_downgrade+0x720/0x720
[  256.970559]  block_ioctl+0xe9/0x130
[  256.974201]  ? blkdev_fallocate+0x3f0/0x3f0
[  256.978509]  do_vfs_ioctl+0xcdb/0x12e0
[  256.982394]  ? lock_downgrade+0x720/0x720
[  256.986540]  ? check_preemption_disabled+0x41/0x280
[  256.991555]  ? ioctl_preallocate+0x200/0x200
[  256.995973]  ? __fget+0x356/0x510
[  256.999445]  ? do_dup2+0x450/0x450
[  257.003031]  ? do_sys_open+0x2bf/0x520
[  257.006937]  ksys_ioctl+0x9b/0xc0
[  257.010412]  __x64_sys_ioctl+0x6f/0xb0
[  257.014303]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  257.018896]  do_syscall_64+0xf9/0x620
[  257.022697]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  257.027895] RIP: 0033:0x45dfc7
[  257.031089] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  257.049980] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  257.057698] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  257.064954] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  257.072208] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  257.079463] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  257.086732] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  257.097693] erofs: read_super, device -> /dev/loop4
[  257.111574] erofs: options -> 
[  257.120106] erofs: read_super, device -> /dev/loop1
[  257.127945] erofs: options -> 
[  257.131358] erofs: root inode @ nid 36
21:35:10 executing program 2 (fault-call:3 fault-nth:18):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:10 executing program 4 (fault-call:3 fault-nth:17):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  257.136932] erofs: blksize 1 isn't supported on this platform
[  257.144186] erofs: mounted on /dev/loop4 with opts: .
[  257.181722] erofs: unmounted for /dev/loop2
21:35:10 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:10 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  257.204552] erofs: unmounted for /dev/loop4
21:35:10 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  257.307576] erofs: read_super, device -> /dev/loop1
[  257.315802] FAULT_INJECTION: forcing a failure.
[  257.315802] name failslab, interval 1, probability 0, space 0, times 0
[  257.327497] erofs: options -> 
[  257.331400] erofs: root inode @ nid 0
[  257.342835] CPU: 0 PID: 14659 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  257.350871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  257.360240] Call Trace:
[  257.362846]  dump_stack+0x1fc/0x2fe
[  257.366485]  should_fail.cold+0xa/0x14
[  257.370382]  ? setup_fault_attr+0x200/0x200
[  257.374824]  ? lock_acquire+0x170/0x3c0
[  257.378835]  ? dev_uevent_filter+0xd0/0xd0
[  257.383067]  __should_failslab+0x115/0x180
[  257.387313]  should_failslab+0x5/0xf
[  257.391032]  kmem_cache_alloc_trace+0x284/0x380
[  257.395714]  ? dev_uevent_filter+0xd0/0xd0
[  257.399947]  kobject_uevent_env+0x236/0x14a0
[  257.404371]  lo_ioctl+0xff9/0x20e0
[  257.407907]  ? loop_set_status64+0x110/0x110
[  257.412326]  blkdev_ioctl+0x5cb/0x1a7e
[  257.416263]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  257.421649]  ? blkpg_ioctl+0x9d0/0x9d0
[  257.425548]  ? mark_held_locks+0xf0/0xf0
[  257.429608]  ? mark_held_locks+0xf0/0xf0
[  257.433659]  ? debug_check_no_obj_freed+0x201/0x482
[  257.438689]  ? lock_downgrade+0x720/0x720
[  257.442840]  block_ioctl+0xe9/0x130
[  257.446506]  ? blkdev_fallocate+0x3f0/0x3f0
[  257.450873]  do_vfs_ioctl+0xcdb/0x12e0
[  257.454758]  ? lock_downgrade+0x720/0x720
[  257.458910]  ? check_preemption_disabled+0x41/0x280
[  257.463925]  ? ioctl_preallocate+0x200/0x200
[  257.468424]  ? __fget+0x356/0x510
[  257.471875]  ? do_dup2+0x450/0x450
[  257.475414]  ? do_sys_open+0x2bf/0x520
[  257.479315]  ksys_ioctl+0x9b/0xc0
[  257.482777]  __x64_sys_ioctl+0x6f/0xb0
[  257.486675]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  257.492393]  do_syscall_64+0xf9/0x620
[  257.496382]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  257.501621] RIP: 0033:0x45dfc7
[  257.504811] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  257.523897] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  257.531634] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  257.538900] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  257.546168] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
21:35:10 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  257.553438] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  257.560755] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  257.608794] FAULT_INJECTION: forcing a failure.
[  257.608794] name failslab, interval 1, probability 0, space 0, times 0
[  257.620602] CPU: 1 PID: 14669 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  257.628497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  257.637890] Call Trace:
[  257.640581]  dump_stack+0x1fc/0x2fe
[  257.644244]  should_fail.cold+0xa/0x14
[  257.648117]  ? setup_fault_attr+0x200/0x200
[  257.652424]  ? lock_acquire+0x170/0x3c0
[  257.656403]  __should_failslab+0x115/0x180
[  257.660646]  should_failslab+0x5/0xf
[  257.664355]  kmem_cache_alloc+0x277/0x370
[  257.668511]  __kernfs_new_node+0xd2/0x680
[  257.672753]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  257.677596]  ? __mutex_unlock_slowpath+0xea/0x610
[  257.682716]  ? wait_for_completion_io+0x10/0x10
[  257.687492]  ? kernfs_next_descendant_post+0x19c/0x290
[  257.692757]  kernfs_new_node+0x92/0x120
[  257.696739]  __kernfs_create_file+0x51/0x33f
[  257.702724]  sysfs_add_file_mode_ns+0x226/0x540
[  257.707396]  internal_create_group+0x355/0xb20
[  257.712048]  ? sysfs_remove_link_from_group+0x70/0x70
[  257.717224]  ? lock_downgrade+0x720/0x720
[  257.721368]  lo_ioctl+0xf7c/0x20e0
[  257.724954]  ? loop_set_status64+0x110/0x110
[  257.729365]  blkdev_ioctl+0x5cb/0x1a7e
[  257.733240]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  257.738600]  ? blkpg_ioctl+0x9d0/0x9d0
[  257.742503]  ? mark_held_locks+0xf0/0xf0
[  257.746560]  ? mark_held_locks+0xf0/0xf0
[  257.750612]  ? debug_check_no_obj_freed+0x201/0x482
[  257.755635]  ? lock_downgrade+0x720/0x720
[  257.759873]  block_ioctl+0xe9/0x130
[  257.763520]  ? blkdev_fallocate+0x3f0/0x3f0
[  257.767841]  do_vfs_ioctl+0xcdb/0x12e0
[  257.771725]  ? lock_downgrade+0x720/0x720
[  257.775871]  ? check_preemption_disabled+0x41/0x280
[  257.780886]  ? ioctl_preallocate+0x200/0x200
[  257.785295]  ? __fget+0x356/0x510
[  257.788753]  ? do_dup2+0x450/0x450
[  257.792291]  ? do_sys_open+0x2bf/0x520
[  257.796179]  ksys_ioctl+0x9b/0xc0
[  257.799622]  __x64_sys_ioctl+0x6f/0xb0
[  257.803611]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  257.808204]  do_syscall_64+0xf9/0x620
[  257.812002]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  257.817186] RIP: 0033:0x45dfc7
[  257.820371] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  257.839631] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  257.847353] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
21:35:11 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  257.854713] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  257.861971] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  257.869231] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  257.876486] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  257.936128] erofs: read_super, device -> /dev/loop4
[  257.942120] erofs: read_super, device -> /dev/loop2
[  257.947156] erofs: options -> 
[  257.950421] erofs: root inode @ nid 36
[  257.954308] erofs: options -> 
[  257.954723] erofs: root inode @ nid 36
[  257.977658] erofs: mounted on /dev/loop4 with opts: .
[  258.014366] erofs: mounted on /dev/loop2 with opts: .
21:35:11 executing program 4 (fault-call:3 fault-nth:18):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:11 executing program 2 (fault-call:3 fault-nth:19):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:11 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:11 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  258.041701] erofs: read_super, device -> /dev/loop1
[  258.057864] erofs: options -> 
[  258.068525] erofs: root inode @ nid 0
[  258.075506] erofs: unmounted for /dev/loop4
[  258.086984] erofs: unmounted for /dev/loop2
21:35:11 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  258.186299] FAULT_INJECTION: forcing a failure.
[  258.186299] name failslab, interval 1, probability 0, space 0, times 0
[  258.199258] CPU: 1 PID: 14691 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  258.207162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  258.216530] Call Trace:
[  258.219140]  dump_stack+0x1fc/0x2fe
[  258.222790]  should_fail.cold+0xa/0x14
[  258.226691]  ? setup_fault_attr+0x200/0x200
[  258.231049]  ? lock_acquire+0x170/0x3c0
21:35:11 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  258.235039]  __should_failslab+0x115/0x180
[  258.239284]  should_failslab+0x5/0xf
[  258.243020]  __kmalloc+0x2ab/0x3c0
[  258.246603]  ? kobject_get_path+0xbf/0x240
[  258.250832]  kobject_get_path+0xbf/0x240
[  258.254898]  kobject_uevent_env+0x25c/0x14a0
[  258.259324]  lo_ioctl+0xff9/0x20e0
[  258.262864]  ? loop_set_status64+0x110/0x110
[  258.267273]  blkdev_ioctl+0x5cb/0x1a7e
[  258.271169]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  258.276523]  ? blkpg_ioctl+0x9d0/0x9d0
[  258.280419]  ? mark_held_locks+0xf0/0xf0
[  258.284469]  ? mark_held_locks+0xf0/0xf0
[  258.288532]  ? debug_check_no_obj_freed+0x201/0x482
[  258.293551]  ? lock_downgrade+0x720/0x720
[  258.297707]  block_ioctl+0xe9/0x130
[  258.301330]  ? blkdev_fallocate+0x3f0/0x3f0
[  258.305650]  do_vfs_ioctl+0xcdb/0x12e0
[  258.309556]  ? lock_downgrade+0x720/0x720
[  258.313705]  ? check_preemption_disabled+0x41/0x280
[  258.318729]  ? ioctl_preallocate+0x200/0x200
[  258.323129]  ? __fget+0x356/0x510
[  258.326570]  ? do_dup2+0x450/0x450
[  258.330107]  ? do_sys_open+0x2bf/0x520
[  258.334013]  ksys_ioctl+0x9b/0xc0
[  258.337470]  __x64_sys_ioctl+0x6f/0xb0
[  258.341367]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  258.345957]  do_syscall_64+0xf9/0x620
[  258.349758]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  258.354947] RIP: 0033:0x45dfc7
[  258.358146] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  258.377039] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  258.384750] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  258.392005] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  258.399288] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  258.406541] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  258.413826] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  258.441655] FAULT_INJECTION: forcing a failure.
[  258.441655] name failslab, interval 1, probability 0, space 0, times 0
[  258.453286] CPU: 1 PID: 14687 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  258.461195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  258.470561] Call Trace:
[  258.473163]  dump_stack+0x1fc/0x2fe
[  258.476936]  should_fail.cold+0xa/0x14
[  258.480838]  ? setup_fault_attr+0x200/0x200
[  258.485167]  ? lock_acquire+0x170/0x3c0
[  258.489133]  __should_failslab+0x115/0x180
[  258.493366]  should_failslab+0x5/0xf
[  258.497078]  __kmalloc+0x2ab/0x3c0
[  258.500615]  ? kobject_get_path+0xbf/0x240
[  258.504839]  kobject_get_path+0xbf/0x240
[  258.508912]  kobject_uevent_env+0x25c/0x14a0
[  258.513319]  lo_ioctl+0xff9/0x20e0
[  258.517023]  ? loop_set_status64+0x110/0x110
[  258.521525]  blkdev_ioctl+0x5cb/0x1a7e
[  258.525402]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  258.530780]  ? blkpg_ioctl+0x9d0/0x9d0
[  258.534675]  ? mark_held_locks+0xf0/0xf0
[  258.538720]  ? mark_held_locks+0xf0/0xf0
[  258.542797]  ? debug_check_no_obj_freed+0x201/0x482
[  258.547899]  ? lock_downgrade+0x720/0x720
[  258.552042]  block_ioctl+0xe9/0x130
[  258.555653]  ? blkdev_fallocate+0x3f0/0x3f0
[  258.559989]  do_vfs_ioctl+0xcdb/0x12e0
[  258.563894]  ? lock_downgrade+0x720/0x720
[  258.568042]  ? check_preemption_disabled+0x41/0x280
[  258.573044]  ? ioctl_preallocate+0x200/0x200
[  258.577438]  ? __fget+0x356/0x510
[  258.580874]  ? do_dup2+0x450/0x450
[  258.584400]  ? do_sys_open+0x2bf/0x520
[  258.588275]  ksys_ioctl+0x9b/0xc0
[  258.591729]  __x64_sys_ioctl+0x6f/0xb0
[  258.595626]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  258.600249]  do_syscall_64+0xf9/0x620
[  258.604039]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  258.609254] RIP: 0033:0x45dfc7
[  258.612431] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  258.631544] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  258.639280] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  258.647057] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  258.654328] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  258.661605] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  258.668878] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  258.688664] erofs: read_super, device -> /dev/loop2
[  258.694034] erofs: options -> 
[  258.701041] erofs: root inode @ nid 36
[  258.709916] erofs: read_super, device -> /dev/loop4
[  258.711591] erofs: read_super, device -> /dev/loop1
[  258.715451] erofs: options -> 
[  258.726286] erofs: mounted on /dev/loop2 with opts: .
[  258.737042] erofs: options -> 
21:35:12 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:12 executing program 2 (fault-call:3 fault-nth:20):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  258.745161] erofs: root inode @ nid 36
[  258.754698] erofs: root inode @ nid 0
[  258.764729] erofs: mounted on /dev/loop4 with opts: .
[  258.797406] erofs: unmounted for /dev/loop2
21:35:12 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

21:35:12 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:12 executing program 4 (fault-call:3 fault-nth:19):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:12 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  258.866128] erofs: unmounted for /dev/loop4
21:35:12 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  258.930059] FAULT_INJECTION: forcing a failure.
[  258.930059] name failslab, interval 1, probability 0, space 0, times 0
[  258.944072] CPU: 1 PID: 14720 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  258.951982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  258.961381] Call Trace:
[  258.963992]  dump_stack+0x1fc/0x2fe
[  258.967625]  should_fail.cold+0xa/0x14
[  258.971530]  ? setup_fault_attr+0x200/0x200
[  258.975854]  ? lock_acquire+0x170/0x3c0
[  258.979840]  __should_failslab+0x115/0x180
[  258.984062]  should_failslab+0x5/0xf
[  258.987778]  __kmalloc+0x2ab/0x3c0
[  258.991304]  ? kobject_get_path+0xbf/0x240
[  258.995525]  kobject_get_path+0xbf/0x240
[  258.999607]  kobject_uevent_env+0x25c/0x14a0
[  259.004034]  lo_ioctl+0xff9/0x20e0
[  259.007593]  ? loop_set_status64+0x110/0x110
[  259.012250]  blkdev_ioctl+0x5cb/0x1a7e
[  259.016155]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  259.021534]  ? blkpg_ioctl+0x9d0/0x9d0
[  259.025449]  ? mark_held_locks+0xf0/0xf0
[  259.029507]  ? mark_held_locks+0xf0/0xf0
[  259.033575]  ? debug_check_no_obj_freed+0x201/0x482
[  259.038601]  ? lock_downgrade+0x720/0x720
[  259.042747]  block_ioctl+0xe9/0x130
[  259.046360]  ? blkdev_fallocate+0x3f0/0x3f0
[  259.050676]  do_vfs_ioctl+0xcdb/0x12e0
[  259.054552]  ? lock_downgrade+0x720/0x720
[  259.058685]  ? check_preemption_disabled+0x41/0x280
[  259.063695]  ? ioctl_preallocate+0x200/0x200
[  259.068091]  ? __fget+0x356/0x510
[  259.071531]  ? do_dup2+0x450/0x450
[  259.075055]  ? do_sys_open+0x2bf/0x520
[  259.078963]  ksys_ioctl+0x9b/0xc0
[  259.082406]  __x64_sys_ioctl+0x6f/0xb0
[  259.086295]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  259.090865]  do_syscall_64+0xf9/0x620
[  259.094651]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  259.099832] RIP: 0033:0x45dfc7
[  259.103010] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  259.121930] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  259.129643] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  259.136900] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  259.144161] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  259.151451] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  259.158734] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  259.188313] FAULT_INJECTION: forcing a failure.
[  259.188313] name failslab, interval 1, probability 0, space 0, times 0
[  259.199994] CPU: 0 PID: 14715 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  259.207922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  259.217277] Call Trace:
[  259.219876]  dump_stack+0x1fc/0x2fe
[  259.223508]  should_fail.cold+0xa/0x14
[  259.227399]  ? setup_fault_attr+0x200/0x200
[  259.231733]  ? lock_acquire+0x170/0x3c0
[  259.235706]  __should_failslab+0x115/0x180
[  259.239933]  should_failslab+0x5/0xf
[  259.243644]  __kmalloc+0x2ab/0x3c0
[  259.247203]  ? kobject_get_path+0xbf/0x240
[  259.251431]  kobject_get_path+0xbf/0x240
[  259.255502]  kobject_uevent_env+0x25c/0x14a0
[  259.259934]  lo_ioctl+0xff9/0x20e0
[  259.263482]  ? loop_set_status64+0x110/0x110
[  259.267913]  blkdev_ioctl+0x5cb/0x1a7e
[  259.271879]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  259.277239]  ? blkpg_ioctl+0x9d0/0x9d0
[  259.281113]  ? mark_held_locks+0xf0/0xf0
[  259.285191]  ? mark_held_locks+0xf0/0xf0
[  259.289248]  ? debug_check_no_obj_freed+0x201/0x482
[  259.294272]  ? lock_downgrade+0x720/0x720
[  259.298430]  block_ioctl+0xe9/0x130
[  259.302052]  ? blkdev_fallocate+0x3f0/0x3f0
[  259.306370]  do_vfs_ioctl+0xcdb/0x12e0
[  259.310262]  ? lock_downgrade+0x720/0x720
[  259.314403]  ? check_preemption_disabled+0x41/0x280
[  259.319520]  ? ioctl_preallocate+0x200/0x200
[  259.323938]  ? __fget+0x356/0x510
[  259.327385]  ? do_dup2+0x450/0x450
[  259.330916]  ? do_sys_open+0x2bf/0x520
[  259.334851]  ksys_ioctl+0x9b/0xc0
[  259.338403]  __x64_sys_ioctl+0x6f/0xb0
[  259.343240]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  259.347821]  do_syscall_64+0xf9/0x620
[  259.351645]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  259.356845] RIP: 0033:0x45dfc7
[  259.360059] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  259.379054] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
21:35:12 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  259.386749] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  259.394031] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  259.401287] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  259.408543] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  259.415803] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:12 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  259.455607] erofs: read_super, device -> /dev/loop4
[  259.462850] erofs: read_super, device -> /dev/loop1
[  259.470332] erofs: options -> 
[  259.472292] erofs: read_super, device -> /dev/loop2
[  259.478426] erofs: options -> 
[  259.485527] erofs: root inode @ nid 36
[  259.494211] erofs: options -> 
[  259.494609] erofs: root inode @ nid 36
21:35:12 executing program 2 (fault-call:3 fault-nth:21):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  259.505994] erofs: root inode @ nid 36
[  259.506037] erofs: mounted on /dev/loop4 with opts: .
[  259.517715] erofs: mounted on /dev/loop2 with opts: .
[  259.527657] erofs: mounted on /dev/loop1 with opts: .
21:35:12 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  259.580065] erofs: unmounted for /dev/loop2
21:35:12 executing program 4 (fault-call:3 fault-nth:20):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  259.603871] erofs: unmounted for /dev/loop1
[  259.609516] erofs: unmounted for /dev/loop4
21:35:13 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  259.702562] FAULT_INJECTION: forcing a failure.
[  259.702562] name failslab, interval 1, probability 0, space 0, times 0
[  259.714523] CPU: 0 PID: 14738 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  259.722684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  259.732036] Call Trace:
[  259.734621]  dump_stack+0x1fc/0x2fe
[  259.738275]  should_fail.cold+0xa/0x14
[  259.742160]  ? setup_fault_attr+0x200/0x200
[  259.746504]  ? lock_acquire+0x170/0x3c0
[  259.750478]  __should_failslab+0x115/0x180
[  259.754710]  should_failslab+0x5/0xf
[  259.758440]  kmem_cache_alloc_node_trace+0x244/0x3b0
[  259.763543]  __kmalloc_node_track_caller+0x38/0x70
[  259.768508]  __alloc_skb+0xae/0x560
[  259.772145]  alloc_uevent_skb+0x7b/0x210
[  259.776211]  kobject_uevent_env+0xa83/0x14a0
[  259.780644]  lo_ioctl+0xff9/0x20e0
[  259.784200]  ? loop_set_status64+0x110/0x110
[  259.788616]  blkdev_ioctl+0x5cb/0x1a7e
[  259.792500]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  259.797851]  ? blkpg_ioctl+0x9d0/0x9d0
[  259.801745]  ? mark_held_locks+0xf0/0xf0
[  259.805809]  ? mark_held_locks+0xf0/0xf0
[  259.810167]  ? debug_check_no_obj_freed+0x201/0x482
[  259.815183]  ? lock_downgrade+0x720/0x720
[  259.819333]  block_ioctl+0xe9/0x130
[  259.823043]  ? blkdev_fallocate+0x3f0/0x3f0
[  259.827370]  do_vfs_ioctl+0xcdb/0x12e0
[  259.831253]  ? lock_downgrade+0x720/0x720
[  259.835399]  ? check_preemption_disabled+0x41/0x280
[  259.840430]  ? ioctl_preallocate+0x200/0x200
[  259.844849]  ? __fget+0x356/0x510
[  259.848310]  ? do_dup2+0x450/0x450
[  259.851855]  ? do_sys_open+0x2bf/0x520
[  259.855751]  ksys_ioctl+0x9b/0xc0
[  259.859192]  __x64_sys_ioctl+0x6f/0xb0
[  259.863075]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  259.867685]  do_syscall_64+0xf9/0x620
[  259.871532]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  259.876720] RIP: 0033:0x45dfc7
[  259.879897] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  259.898790] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  259.906495] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  259.913790] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  259.921057] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  259.928352] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  259.935612] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  259.979242] erofs: read_super, device -> /dev/loop2
[  260.002755] erofs: options -> 
[  260.006026] erofs: root inode @ nid 36
[  260.018415] erofs: mounted on /dev/loop2 with opts: .
[  260.037935] erofs: read_super, device -> /dev/loop1
[  260.054223] erofs: options -> 
[  260.058462] FAULT_INJECTION: forcing a failure.
[  260.058462] name failslab, interval 1, probability 0, space 0, times 0
[  260.059832] erofs: root inode @ nid 0
[  260.077580] CPU: 0 PID: 14748 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  260.085578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  260.095021] Call Trace:
[  260.097621]  dump_stack+0x1fc/0x2fe
[  260.101279]  should_fail.cold+0xa/0x14
[  260.105183]  ? setup_fault_attr+0x200/0x200
[  260.109513]  ? lock_acquire+0x170/0x3c0
[  260.113505]  __should_failslab+0x115/0x180
[  260.117753]  should_failslab+0x5/0xf
[  260.121475]  kmem_cache_alloc_node_trace+0x244/0x3b0
[  260.126623]  __kmalloc_node_track_caller+0x38/0x70
[  260.131558]  __alloc_skb+0xae/0x560
[  260.135205]  alloc_uevent_skb+0x7b/0x210
[  260.139278]  kobject_uevent_env+0xa83/0x14a0
[  260.143707]  lo_ioctl+0xff9/0x20e0
[  260.147263]  ? loop_set_status64+0x110/0x110
[  260.151678]  blkdev_ioctl+0x5cb/0x1a7e
[  260.155560]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  260.160929]  ? blkpg_ioctl+0x9d0/0x9d0
[  260.164815]  ? mark_held_locks+0xf0/0xf0
[  260.168884]  ? mark_held_locks+0xf0/0xf0
[  260.172954]  ? debug_check_no_obj_freed+0x201/0x482
[  260.178414]  ? lock_downgrade+0x720/0x720
[  260.182581]  block_ioctl+0xe9/0x130
[  260.186204]  ? blkdev_fallocate+0x3f0/0x3f0
[  260.190521]  do_vfs_ioctl+0xcdb/0x12e0
[  260.194414]  ? lock_downgrade+0x720/0x720
[  260.198567]  ? check_preemption_disabled+0x41/0x280
[  260.203591]  ? ioctl_preallocate+0x200/0x200
[  260.207985]  ? __fget+0x356/0x510
[  260.211425]  ? do_dup2+0x450/0x450
[  260.214964]  ? do_sys_open+0x2bf/0x520
[  260.218875]  ksys_ioctl+0x9b/0xc0
[  260.222360]  __x64_sys_ioctl+0x6f/0xb0
[  260.226255]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  260.230857]  do_syscall_64+0xf9/0x620
[  260.234843]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  260.240042] RIP: 0033:0x45dfc7
[  260.243229] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  260.262136] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  260.269853] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  260.277134] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  260.284414] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  260.291690] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  260.298967] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:13 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:13 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:13 executing program 2 (fault-call:3 fault-nth:22):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  260.359391] erofs: read_super, device -> /dev/loop4
[  260.376386] erofs: options -> 
[  260.389750] erofs: root inode @ nid 36
[  260.396902] erofs: mounted on /dev/loop4 with opts: .
21:35:13 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:13 executing program 4 (fault-call:3 fault-nth:21):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  260.424877] erofs: unmounted for /dev/loop2
[  260.446589] erofs: unmounted for /dev/loop4
[  260.519375] erofs: read_super, device -> /dev/loop1
[  260.530736] erofs: options -> 
[  260.536478] FAULT_INJECTION: forcing a failure.
[  260.536478] name failslab, interval 1, probability 0, space 0, times 0
[  260.548051] erofs: root inode @ nid 0
[  260.552784] CPU: 0 PID: 14767 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  260.560684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  260.570035] Call Trace:
[  260.572630]  dump_stack+0x1fc/0x2fe
[  260.576267]  should_fail.cold+0xa/0x14
[  260.580163]  ? setup_fault_attr+0x200/0x200
[  260.584488]  ? lock_acquire+0x170/0x3c0
[  260.588520]  __should_failslab+0x115/0x180
[  260.592757]  should_failslab+0x5/0xf
[  260.596464]  kmem_cache_alloc+0x277/0x370
[  260.600597]  skb_clone+0x151/0x3d0
[  260.604141]  netlink_broadcast_filtered+0x8df/0xbc0
[  260.609278]  netlink_broadcast+0x35/0x40
[  260.613343]  kobject_uevent_env+0xa49/0x14a0
[  260.617800]  lo_ioctl+0xff9/0x20e0
[  260.621335]  ? loop_set_status64+0x110/0x110
[  260.625745]  blkdev_ioctl+0x5cb/0x1a7e
[  260.629625]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  260.635042]  ? blkpg_ioctl+0x9d0/0x9d0
[  260.638944]  ? mark_held_locks+0xf0/0xf0
[  260.643000]  ? mark_held_locks+0xf0/0xf0
[  260.647096]  ? debug_check_no_obj_freed+0x201/0x482
[  260.652130]  ? lock_downgrade+0x720/0x720
[  260.656295]  block_ioctl+0xe9/0x130
[  260.659907]  ? blkdev_fallocate+0x3f0/0x3f0
[  260.664226]  do_vfs_ioctl+0xcdb/0x12e0
[  260.668198]  ? lock_downgrade+0x720/0x720
[  260.672343]  ? check_preemption_disabled+0x41/0x280
[  260.677359]  ? ioctl_preallocate+0x200/0x200
[  260.681784]  ? __fget+0x356/0x510
[  260.685269]  ? do_dup2+0x450/0x450
[  260.688825]  ? do_sys_open+0x2bf/0x520
[  260.692724]  ksys_ioctl+0x9b/0xc0
[  260.696175]  __x64_sys_ioctl+0x6f/0xb0
[  260.700062]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  260.704666]  do_syscall_64+0xf9/0x620
[  260.708464]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  260.713657] RIP: 0033:0x45dfc7
[  260.716860] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  260.735747] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  260.743454] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  260.750819] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  260.758073] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
21:35:14 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  260.765356] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  260.772629] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  260.824434] FAULT_INJECTION: forcing a failure.
[  260.824434] name failslab, interval 1, probability 0, space 0, times 0
[  260.836378] CPU: 0 PID: 14774 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  260.844268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  260.853622] Call Trace:
[  260.856222]  dump_stack+0x1fc/0x2fe
[  260.859864]  should_fail.cold+0xa/0x14
[  260.863742]  ? setup_fault_attr+0x200/0x200
[  260.868060]  ? lock_acquire+0x170/0x3c0
[  260.872054]  __should_failslab+0x115/0x180
[  260.876294]  should_failslab+0x5/0xf
[  260.880010]  kmem_cache_alloc_node_trace+0x244/0x3b0
[  260.885120]  __kmalloc_node_track_caller+0x38/0x70
[  260.890049]  __alloc_skb+0xae/0x560
[  260.893697]  alloc_uevent_skb+0x7b/0x210
[  260.897771]  kobject_uevent_env+0xa83/0x14a0
[  260.902206]  lo_ioctl+0xff9/0x20e0
[  260.905760]  ? loop_set_status64+0x110/0x110
[  260.910192]  blkdev_ioctl+0x5cb/0x1a7e
[  260.914091]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  260.919470]  ? blkpg_ioctl+0x9d0/0x9d0
[  260.923371]  ? mark_held_locks+0xf0/0xf0
[  260.927422]  ? mark_held_locks+0xf0/0xf0
[  260.931487]  ? debug_check_no_obj_freed+0x201/0x482
[  260.936518]  ? lock_downgrade+0x720/0x720
[  260.940666]  block_ioctl+0xe9/0x130
[  260.944283]  ? blkdev_fallocate+0x3f0/0x3f0
[  260.948589]  do_vfs_ioctl+0xcdb/0x12e0
[  260.952479]  ? lock_downgrade+0x720/0x720
[  260.956633]  ? check_preemption_disabled+0x41/0x280
[  260.961664]  ? ioctl_preallocate+0x200/0x200
[  260.966081]  ? __fget+0x356/0x510
[  260.969537]  ? do_dup2+0x450/0x450
[  260.973092]  ? do_sys_open+0x2bf/0x520
[  260.977000]  ksys_ioctl+0x9b/0xc0
[  260.980456]  __x64_sys_ioctl+0x6f/0xb0
[  260.984341]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  260.988933]  do_syscall_64+0xf9/0x620
[  260.992737]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  260.997932] RIP: 0033:0x45dfc7
[  261.001124] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  261.020051] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  261.027771] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  261.035040] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  261.042420] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  261.049691] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  261.056966] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  261.068887] erofs: read_super, device -> /dev/loop2
[  261.085843] erofs: options -> 
[  261.093768] erofs: read_super, device -> /dev/loop4
[  261.100146] erofs: options -> 
[  261.115627] erofs: root inode @ nid 36
[  261.125584] erofs: mounted on /dev/loop2 with opts: .
21:35:14 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c00", 0xe, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  261.135413] erofs: root inode @ nid 36
[  261.146467] erofs: mounted on /dev/loop4 with opts: .
21:35:14 executing program 2 (fault-call:3 fault-nth:23):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:14 executing program 4 (fault-call:3 fault-nth:22):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  261.213292] erofs: unmounted for /dev/loop2
21:35:14 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:14 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  261.249155] erofs: unmounted for /dev/loop4
[  261.313955] erofs: read_super, device -> /dev/loop1
[  261.314896] FAULT_INJECTION: forcing a failure.
[  261.314896] name failslab, interval 1, probability 0, space 0, times 0
[  261.330526] erofs: options -> 
[  261.336065] erofs: root inode @ nid 0
[  261.336842] CPU: 1 PID: 14795 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  261.348007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  261.357345] Call Trace:
[  261.359936]  dump_stack+0x1fc/0x2fe
[  261.363560]  should_fail.cold+0xa/0x14
[  261.367553]  ? setup_fault_attr+0x200/0x200
[  261.371868]  ? lock_acquire+0x170/0x3c0
[  261.375857]  __should_failslab+0x115/0x180
[  261.380119]  should_failslab+0x5/0xf
[  261.383829]  kmem_cache_alloc+0x277/0x370
[  261.387973]  skb_clone+0x151/0x3d0
[  261.391517]  netlink_broadcast_filtered+0x8df/0xbc0
[  261.396536]  netlink_broadcast+0x35/0x40
[  261.400583]  kobject_uevent_env+0xa49/0x14a0
[  261.404995]  lo_ioctl+0xff9/0x20e0
[  261.408535]  ? loop_set_status64+0x110/0x110
[  261.412943]  blkdev_ioctl+0x5cb/0x1a7e
[  261.416814]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  261.422164]  ? blkpg_ioctl+0x9d0/0x9d0
[  261.426036]  ? mark_held_locks+0xf0/0xf0
[  261.430099]  ? mark_held_locks+0xf0/0xf0
[  261.434182]  ? debug_check_no_obj_freed+0x201/0x482
[  261.439196]  ? lock_downgrade+0x720/0x720
[  261.443349]  block_ioctl+0xe9/0x130
[  261.447024]  ? blkdev_fallocate+0x3f0/0x3f0
[  261.451349]  do_vfs_ioctl+0xcdb/0x12e0
[  261.455249]  ? lock_downgrade+0x720/0x720
[  261.459423]  ? check_preemption_disabled+0x41/0x280
[  261.464443]  ? ioctl_preallocate+0x200/0x200
[  261.468856]  ? __fget+0x356/0x510
[  261.472296]  ? do_dup2+0x450/0x450
[  261.475842]  ? do_sys_open+0x2bf/0x520
[  261.479721]  ksys_ioctl+0x9b/0xc0
[  261.483175]  __x64_sys_ioctl+0x6f/0xb0
[  261.487077]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  261.491682]  do_syscall_64+0xf9/0x620
[  261.495489]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  261.500685] RIP: 0033:0x45dfc7
[  261.503880] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  261.522872] RSP: 002b:00007fc4b3b73a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  261.530735] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  261.538031] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  261.545302] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  261.552575] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  261.559848] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  261.570188] erofs: read_super, device -> /dev/loop2
[  261.575619] erofs: options -> 
[  261.579322] erofs: root inode @ nid 36
[  261.586945] erofs: mounted on /dev/loop2 with opts: .
[  261.615489] FAULT_INJECTION: forcing a failure.
[  261.615489] name failslab, interval 1, probability 0, space 0, times 0
[  261.631465] CPU: 1 PID: 14802 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  261.639465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  261.648837] Call Trace:
[  261.651439]  dump_stack+0x1fc/0x2fe
[  261.655076]  should_fail.cold+0xa/0x14
[  261.658969]  ? setup_fault_attr+0x200/0x200
21:35:15 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  261.663301]  ? lock_acquire+0x170/0x3c0
[  261.667293]  __should_failslab+0x115/0x180
[  261.671561]  should_failslab+0x5/0xf
[  261.675283]  kmem_cache_alloc+0x277/0x370
[  261.679438]  skb_clone+0x151/0x3d0
[  261.682989]  netlink_broadcast_filtered+0x8df/0xbc0
[  261.688025]  netlink_broadcast+0x35/0x40
[  261.692097]  kobject_uevent_env+0xa49/0x14a0
[  261.696529]  lo_ioctl+0xff9/0x20e0
[  261.700183]  ? loop_set_status64+0x110/0x110
[  261.704591]  blkdev_ioctl+0x5cb/0x1a7e
[  261.708481]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  261.713832]  ? blkpg_ioctl+0x9d0/0x9d0
[  261.717722]  ? mark_held_locks+0xf0/0xf0
[  261.721775]  ? mark_held_locks+0xf0/0xf0
[  261.725854]  ? debug_check_no_obj_freed+0x201/0x482
[  261.730856]  ? lock_downgrade+0x720/0x720
[  261.734988]  block_ioctl+0xe9/0x130
[  261.738603]  ? blkdev_fallocate+0x3f0/0x3f0
[  261.742969]  do_vfs_ioctl+0xcdb/0x12e0
[  261.746860]  ? lock_downgrade+0x720/0x720
[  261.751007]  ? check_preemption_disabled+0x41/0x280
[  261.756035]  ? ioctl_preallocate+0x200/0x200
[  261.760458]  ? __fget+0x356/0x510
[  261.763924]  ? do_dup2+0x450/0x450
[  261.767484]  ? do_sys_open+0x2bf/0x520
[  261.771360]  ksys_ioctl+0x9b/0xc0
[  261.774818]  __x64_sys_ioctl+0x6f/0xb0
[  261.778691]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  261.783285]  do_syscall_64+0xf9/0x620
[  261.787100]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  261.792275] RIP: 0033:0x45dfc7
[  261.795492] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  261.814499] RSP: 002b:00007f86da993a18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  261.822238] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  261.829513] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  261.836774] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  261.844032] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  261.851321] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  261.862093] erofs: unmounted for /dev/loop2
21:35:15 executing program 2 (fault-call:3 fault-nth:24):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  261.871448] erofs: read_super, device -> /dev/loop4
[  261.878026] erofs: options -> 
[  261.881732] erofs: root inode @ nid 36
[  261.886051] erofs: mounted on /dev/loop4 with opts: .
21:35:15 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:15 executing program 4 (fault-call:3 fault-nth:23):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:15 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:15 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:15 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  261.984317] erofs: read_super, device -> /dev/loop1
[  262.001248] erofs: options -> 
[  262.010929] erofs: cannot find valid erofs superblock
[  262.016869] erofs: unmounted for /dev/loop4
[  262.055871] FAULT_INJECTION: forcing a failure.
[  262.055871] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  262.067718] CPU: 1 PID: 14816 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  262.075598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  262.084975] Call Trace:
[  262.087559]  dump_stack+0x1fc/0x2fe
[  262.091179]  should_fail.cold+0xa/0x14
[  262.095062]  ? setup_fault_attr+0x200/0x200
[  262.099377]  ? wake_up_q+0x93/0xe0
[  262.102909]  ? __mutex_unlock_slowpath+0x2be/0x610
[  262.107845]  __alloc_pages_nodemask+0x239/0x2890
[  262.112607]  ? __lock_acquire+0x6de/0x3ff0
[  262.116861]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  262.121717]  ? blkdev_ioctl+0x11a/0x1a7e
[  262.125869]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  262.131228]  ? blkpg_ioctl+0x9d0/0x9d0
[  262.135112]  ? debug_check_no_obj_freed+0x201/0x482
[  262.140150]  ? lock_downgrade+0x720/0x720
[  262.144289]  cache_grow_begin+0xa4/0x8a0
[  262.148349]  ? setup_fault_attr+0x200/0x200
[  262.152671]  ? lock_acquire+0x170/0x3c0
[  262.156647]  cache_alloc_refill+0x273/0x340
[  262.160956]  kmem_cache_alloc+0x346/0x370
[  262.165099]  getname_flags+0xce/0x590
[  262.168889]  do_mkdirat+0x8d/0x2d0
[  262.172431]  ? __ia32_sys_mknod+0x120/0x120
[  262.176738]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  262.182106]  ? trace_hardirqs_off_caller+0x6e/0x210
[  262.187195]  ? do_syscall_64+0x21/0x620
[  262.191155]  do_syscall_64+0xf9/0x620
[  262.194957]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  262.200143] RIP: 0033:0x45d577
[  262.203336] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  262.222225] RSP: 002b:00007fc4b3b73a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  262.229925] RAX: ffffffffffffffda RBX: 00007fc4b3b73b10 RCX: 000000000045d577
[  262.237196] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  262.244461] RBP: 00007fc4b3b73ad0 R08: 0000000020000248 R09: 0000000000000000
[  262.251742] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  262.259008] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  262.291996] erofs: read_super, device -> /dev/loop2
[  262.297052] erofs: options -> 
[  262.328265] erofs: root inode @ nid 36
21:35:15 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:15 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  262.363067] erofs: mounted on /dev/loop2 with opts: .
[  262.378636] FAULT_INJECTION: forcing a failure.
[  262.378636] name failslab, interval 1, probability 0, space 0, times 0
21:35:15 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:15 executing program 2 (fault-call:3 fault-nth:25):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:15 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  262.428501] CPU: 1 PID: 14828 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  262.436447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  262.445809] Call Trace:
[  262.448410]  dump_stack+0x1fc/0x2fe
[  262.452234]  should_fail.cold+0xa/0x14
[  262.456139]  ? setup_fault_attr+0x200/0x200
[  262.460474]  ? lock_acquire+0x170/0x3c0
[  262.464470]  __should_failslab+0x115/0x180
[  262.468718]  should_failslab+0x5/0xf
[  262.472438]  kmem_cache_alloc+0x277/0x370
[  262.476601]  getname_flags+0xce/0x590
[  262.480429]  do_mkdirat+0x8d/0x2d0
[  262.484049]  ? __ia32_sys_mknod+0x120/0x120
[  262.488390]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  262.493780]  ? trace_hardirqs_off_caller+0x6e/0x210
[  262.498816]  ? do_syscall_64+0x21/0x620
[  262.502803]  do_syscall_64+0xf9/0x620
[  262.506617]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  262.511816] RIP: 0033:0x45d577
21:35:15 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  262.515022] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  262.533936] RSP: 002b:00007f86da993a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  262.541655] RAX: ffffffffffffffda RBX: 00007f86da993b10 RCX: 000000000045d577
[  262.548934] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  262.556211] RBP: 00007f86da993ad0 R08: 0000000020000248 R09: 0000000000000000
[  262.563502] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  262.570811] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  262.578245] erofs: unmounted for /dev/loop2
21:35:15 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:15 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:16 executing program 4 (fault-call:3 fault-nth:24):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  262.662291] erofs: read_super, device -> /dev/loop1
[  262.680407] erofs: options -> 
[  262.698431] erofs: cannot find valid erofs superblock
21:35:16 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:16 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  262.767674] FAULT_INJECTION: forcing a failure.
[  262.767674] name failslab, interval 1, probability 0, space 0, times 0
[  262.768648] FAULT_INJECTION: forcing a failure.
[  262.768648] name failslab, interval 1, probability 0, space 0, times 0
[  262.782769] CPU: 1 PID: 14858 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  262.798336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  262.807690] Call Trace:
[  262.810289]  dump_stack+0x1fc/0x2fe
[  262.813921]  should_fail.cold+0xa/0x14
[  262.817818]  ? setup_fault_attr+0x200/0x200
[  262.822255]  __should_failslab+0x115/0x180
[  262.826493]  should_failslab+0x5/0xf
[  262.830229]  kmem_cache_alloc+0x277/0x370
[  262.834399]  ? ext4_sync_fs+0x8d0/0x8d0
[  262.838395]  ext4_alloc_inode+0x1a/0x630
[  262.842462]  ? ext4_sync_fs+0x8d0/0x8d0
[  262.846451]  alloc_inode+0x5d/0x180
[  262.850097]  new_inode+0x1d/0xf0
[  262.853472]  __ext4_new_inode+0x400/0x5a20
[  262.857728]  ? putname+0xe1/0x120
[  262.861177]  ? do_mkdirat+0xa0/0x2d0
[  262.864903]  ? ext4_free_inode+0x1780/0x1780
[  262.869314]  ? debug_check_no_obj_freed+0x201/0x482
[  262.874327]  ? __dquot_initialize+0x298/0xb70
[  262.878829]  ? lock_acquire+0x170/0x3c0
[  262.882805]  ? dquot_initialize_needed+0x290/0x290
[  262.887739]  ? trace_hardirqs_off+0x64/0x200
[  262.892152]  ? common_perm+0x4be/0x800
[  262.896136]  ext4_mkdir+0x396/0xe10
[  262.899774]  ? putname+0xe1/0x120
[  262.903236]  ? ext4_init_dot_dotdot+0x600/0x600
[  262.907911]  ? generic_permission+0x116/0x4d0
[  262.912422]  ? security_inode_permission+0xc5/0xf0
[  262.917365]  ? inode_permission.part.0+0x10c/0x450
[  262.922299]  vfs_mkdir+0x508/0x7a0
[  262.925865]  do_mkdirat+0x262/0x2d0
[  262.929497]  ? __ia32_sys_mknod+0x120/0x120
[  262.933932]  ? trace_hardirqs_off_caller+0x6e/0x210
[  262.938975]  ? do_syscall_64+0x21/0x620
[  262.942958]  do_syscall_64+0xf9/0x620
[  262.946782]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  262.951968] RIP: 0033:0x45d577
[  262.955162] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  262.974090] RSP: 002b:00007fc4b3b73a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  262.981814] RAX: ffffffffffffffda RBX: 00007fc4b3b73b10 RCX: 000000000045d577
[  262.989087] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  262.996369] RBP: 00007fc4b3b73ad0 R08: 0000000020000248 R09: 0000000000000000
[  263.003696] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  263.010966] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  263.018258] CPU: 0 PID: 14860 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  263.026158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  263.039365] Call Trace:
[  263.041971]  dump_stack+0x1fc/0x2fe
[  263.045614]  should_fail.cold+0xa/0x14
[  263.049515]  ? setup_fault_attr+0x200/0x200
[  263.053845]  ? lock_acquire+0x170/0x3c0
[  263.057836]  __should_failslab+0x115/0x180
[  263.062087]  should_failslab+0x5/0xf
[  263.065808]  kmem_cache_alloc+0x277/0x370
[  263.069965]  getname_flags+0xce/0x590
[  263.073783]  do_mkdirat+0x8d/0x2d0
[  263.077341]  ? __ia32_sys_mknod+0x120/0x120
[  263.081675]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  263.087075]  ? trace_hardirqs_off_caller+0x6e/0x210
[  263.092109]  ? do_syscall_64+0x21/0x620
[  263.096103]  do_syscall_64+0xf9/0x620
[  263.099932]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  263.105336] RIP: 0033:0x45d577
[  263.108527] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  263.127429] RSP: 002b:00007f86da993a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  263.135155] RAX: ffffffffffffffda RBX: 00007f86da993b10 RCX: 000000000045d577
[  263.142427] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  263.149732] RBP: 00007f86da993ad0 R08: 0000000020000248 R09: 0000000000000000
[  263.157006] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  263.164310] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:16 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:16 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:16 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:16 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:16 executing program 2 (fault-call:3 fault-nth:26):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:16 executing program 4 (fault-call:3 fault-nth:25):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  263.376045] FAULT_INJECTION: forcing a failure.
[  263.376045] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  263.387898] CPU: 1 PID: 14886 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  263.395787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  263.405754] Call Trace:
[  263.408390]  dump_stack+0x1fc/0x2fe
[  263.408491] erofs: read_super, device -> /dev/loop1
[  263.412111]  should_fail.cold+0xa/0x14
[  263.412130]  ? setup_fault_attr+0x200/0x200
[  263.412145]  ? wake_up_q+0x93/0xe0
[  263.412162]  ? __mutex_unlock_slowpath+0x2be/0x610
[  263.412182]  __alloc_pages_nodemask+0x239/0x2890
[  263.412204]  ? __lock_acquire+0x6de/0x3ff0
[  263.418454] FAULT_INJECTION: forcing a failure.
[  263.418454] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  263.421094]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  263.459415]  ? blkdev_ioctl+0x11a/0x1a7e
[  263.463482]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  263.468863]  ? blkpg_ioctl+0x9d0/0x9d0
[  263.472763]  ? debug_check_no_obj_freed+0x201/0x482
[  263.477787]  ? lock_downgrade+0x720/0x720
[  263.481942]  cache_grow_begin+0xa4/0x8a0
[  263.486015]  ? setup_fault_attr+0x200/0x200
[  263.490337]  ? lock_acquire+0x170/0x3c0
[  263.494328]  cache_alloc_refill+0x273/0x340
[  263.498659]  kmem_cache_alloc+0x346/0x370
[  263.502818]  getname_flags+0xce/0x590
[  263.506619]  do_mkdirat+0x8d/0x2d0
[  263.510162]  ? __ia32_sys_mknod+0x120/0x120
[  263.514482]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  263.519844]  ? trace_hardirqs_off_caller+0x6e/0x210
[  263.524860]  ? do_syscall_64+0x21/0x620
[  263.528829]  do_syscall_64+0xf9/0x620
[  263.532634]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  263.537820] RIP: 0033:0x45d577
[  263.541009] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  263.559908] RSP: 002b:00007f86da993a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  263.567640] RAX: ffffffffffffffda RBX: 00007f86da993b10 RCX: 000000000045d577
21:35:16 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  263.574903] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  263.582168] RBP: 00007f86da993ad0 R08: 0000000020000248 R09: 0000000000000000
[  263.589434] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  263.596708] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  263.603998] CPU: 0 PID: 14892 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  263.611889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  263.621244] Call Trace:
[  263.623843]  dump_stack+0x1fc/0x2fe
[  263.627484]  should_fail.cold+0xa/0x14
[  263.631471]  ? setup_fault_attr+0x200/0x200
[  263.635811]  ? __mutex_unlock_slowpath+0xea/0x610
[  263.640676]  __alloc_pages_nodemask+0x239/0x2890
[  263.645452]  ? __lock_acquire+0x6de/0x3ff0
[  263.649711]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  263.654563]  ? blkdev_ioctl+0x11a/0x1a7e
[  263.658629]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  263.664004]  ? blkpg_ioctl+0x9d0/0x9d0
[  263.667913]  ? debug_check_no_obj_freed+0x201/0x482
[  263.672945]  ? lock_downgrade+0x720/0x720
21:35:17 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  263.677104]  cache_grow_begin+0xa4/0x8a0
[  263.681176]  ? setup_fault_attr+0x200/0x200
[  263.685547]  ? lock_acquire+0x170/0x3c0
[  263.689538]  cache_alloc_refill+0x273/0x340
[  263.693872]  kmem_cache_alloc+0x346/0x370
[  263.698035]  getname_flags+0xce/0x590
[  263.701849]  do_mkdirat+0x8d/0x2d0
[  263.705402]  ? __ia32_sys_mknod+0x120/0x120
[  263.709741]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  263.715117]  ? trace_hardirqs_off_caller+0x6e/0x210
[  263.720143]  ? do_syscall_64+0x21/0x620
21:35:17 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  263.724138]  do_syscall_64+0xf9/0x620
[  263.727954]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  263.733150] RIP: 0033:0x45d577
[  263.736359] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  263.755269] RSP: 002b:00007fc4b3b73a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  263.762991] RAX: ffffffffffffffda RBX: 00007fc4b3b73b10 RCX: 000000000045d577
[  263.770274] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  263.777549] RBP: 00007fc4b3b73ad0 R08: 0000000020000248 R09: 0000000000000000
[  263.782790] erofs: options -> 
[  263.784818] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  263.784828] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  263.808358] erofs: read_super, device -> /dev/loop2
[  263.819515] erofs: options -> 
[  263.823311] erofs: root inode @ nid 36
21:35:17 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:17 executing program 2 (fault-call:3 fault-nth:27):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  263.830032] erofs: mounted on /dev/loop2 with opts: .
[  263.854985] erofs: read_super, device -> /dev/loop4
21:35:17 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  263.880507] erofs: options -> 
[  263.885497] erofs: unmounted for /dev/loop2
[  263.890279] erofs: cannot find valid erofs superblock
[  263.897155] erofs: root inode @ nid 36
[  263.901679] erofs: mounted on /dev/loop4 with opts: .
[  263.985589] erofs: unmounted for /dev/loop4
[  263.994501] FAULT_INJECTION: forcing a failure.
[  263.994501] name failslab, interval 1, probability 0, space 0, times 0
[  264.023314] CPU: 1 PID: 14912 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
21:35:17 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:17 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

21:35:17 executing program 4 (fault-call:3 fault-nth:26):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  264.031213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  264.040557] Call Trace:
[  264.043264]  dump_stack+0x1fc/0x2fe
[  264.046880]  should_fail.cold+0xa/0x14
[  264.050771]  ? setup_fault_attr+0x200/0x200
[  264.055099]  __should_failslab+0x115/0x180
[  264.059425]  should_failslab+0x5/0xf
[  264.063135]  kmem_cache_alloc+0x277/0x370
[  264.067301]  ? ext4_sync_fs+0x8d0/0x8d0
[  264.071276]  ext4_alloc_inode+0x1a/0x630
[  264.075335]  ? ext4_sync_fs+0x8d0/0x8d0
[  264.079320]  alloc_inode+0x5d/0x180
[  264.082954]  new_inode+0x1d/0xf0
[  264.086306]  __ext4_new_inode+0x400/0x5a20
[  264.090552]  ? putname+0xe1/0x120
[  264.094021]  ? do_mkdirat+0xa0/0x2d0
[  264.097743]  ? ext4_free_inode+0x1780/0x1780
[  264.102136]  ? debug_check_no_obj_freed+0x201/0x482
[  264.107135]  ? __dquot_initialize+0x298/0xb70
[  264.111643]  ? lock_acquire+0x170/0x3c0
[  264.115628]  ? dquot_initialize_needed+0x290/0x290
[  264.120572]  ? trace_hardirqs_off+0x64/0x200
[  264.124973]  ? common_perm+0x4be/0x800
[  264.128855]  ext4_mkdir+0x396/0xe10
[  264.132476]  ? putname+0xe1/0x120
[  264.135926]  ? ext4_init_dot_dotdot+0x600/0x600
[  264.140586]  ? generic_permission+0x116/0x4d0
[  264.145077]  ? security_inode_permission+0xc5/0xf0
[  264.150018]  ? inode_permission.part.0+0x10c/0x450
[  264.154967]  vfs_mkdir+0x508/0x7a0
[  264.158512]  do_mkdirat+0x262/0x2d0
[  264.162152]  ? __ia32_sys_mknod+0x120/0x120
[  264.166478]  ? trace_hardirqs_off_caller+0x6e/0x210
[  264.171482]  ? do_syscall_64+0x21/0x620
[  264.175443]  do_syscall_64+0xf9/0x620
[  264.179235]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  264.184408] RIP: 0033:0x45d577
[  264.187591] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  264.206501] RSP: 002b:00007fc4b3b73a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  264.214223] RAX: ffffffffffffffda RBX: 00007fc4b3b73b10 RCX: 000000000045d577
[  264.221492] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  264.228772] RBP: 00007fc4b3b73ad0 R08: 0000000020000248 R09: 0000000000000000
21:35:17 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  264.236027] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  264.243302] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:17 executing program 2 (fault-call:3 fault-nth:28):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:17 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  264.339505] FAULT_INJECTION: forcing a failure.
[  264.339505] name failslab, interval 1, probability 0, space 0, times 0
[  264.351073] CPU: 1 PID: 14926 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  264.358990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  264.368348] Call Trace:
[  264.370948]  dump_stack+0x1fc/0x2fe
[  264.374587]  should_fail.cold+0xa/0x14
[  264.378489]  ? setup_fault_attr+0x200/0x200
[  264.382867]  ? lock_acquire+0x170/0x3c0
[  264.386834]  __should_failslab+0x115/0x180
[  264.391058]  should_failslab+0x5/0xf
[  264.394789]  kmem_cache_alloc+0x277/0x370
[  264.398924]  __d_alloc+0x2b/0xa10
[  264.402366]  d_alloc+0x4a/0x230
[  264.405631]  __lookup_hash+0xc8/0x180
[  264.409417]  filename_create+0x186/0x490
[  264.413463]  ? kern_path_mountpoint+0x40/0x40
[  264.417950]  ? strncpy_from_user+0x2a2/0x350
[  264.422361]  ? getname_flags+0x25b/0x590
[  264.426449]  do_mkdirat+0xa0/0x2d0
[  264.429991]  ? __ia32_sys_mknod+0x120/0x120
[  264.434310]  ? trace_hardirqs_off_caller+0x6e/0x210
[  264.439321]  ? do_syscall_64+0x21/0x620
[  264.443293]  do_syscall_64+0xf9/0x620
[  264.447088]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  264.452282] RIP: 0033:0x45d577
[  264.455458] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  264.474349] RSP: 002b:00007f86da993a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  264.482501] RAX: ffffffffffffffda RBX: 00007f86da993b10 RCX: 000000000045d577
21:35:17 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

[  264.489766] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  264.497051] RBP: 00007f86da993ad0 R08: 0000000020000248 R09: 0000000000000000
[  264.504304] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  264.511577] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:17 executing program 4 (fault-call:3 fault-nth:27):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:17 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  264.586382] FAULT_INJECTION: forcing a failure.
[  264.586382] name failslab, interval 1, probability 0, space 0, times 0
[  264.601238] CPU: 1 PID: 14936 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  264.610943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  264.620287] Call Trace:
[  264.623059]  dump_stack+0x1fc/0x2fe
[  264.626715]  should_fail.cold+0xa/0x14
[  264.630615]  ? setup_fault_attr+0x200/0x200
[  264.634944]  ? __lock_acquire+0x6de/0x3ff0
[  264.639186]  __should_failslab+0x115/0x180
[  264.643409]  should_failslab+0x5/0xf
[  264.647141]  __kmalloc+0x2ab/0x3c0
[  264.650679]  ? ext4_find_extent+0x9bb/0xc70
[  264.655424]  ext4_find_extent+0x9bb/0xc70
[  264.659572]  ext4_ext_map_blocks+0x1c0/0x7390
[  264.664054]  ? __lock_acquire+0x6de/0x3ff0
[  264.668278]  ? __lock_acquire+0x6de/0x3ff0
[  264.672499]  ? mark_held_locks+0xf0/0xf0
[  264.676593]  ? __ext4_handle_dirty_metadata+0x1e0/0x590
[  264.681962]  ? ext4_find_delalloc_cluster+0x1f0/0x1f0
[  264.687143]  ? mark_held_locks+0xf0/0xf0
[  264.691209]  ? ext4_mark_iloc_dirty+0x1af6/0x2b10
[  264.696061]  ? ext4_es_lookup_extent+0x375/0xb60
[  264.700823]  ? lock_downgrade+0x720/0x720
[  264.704951]  ? lock_acquire+0x170/0x3c0
[  264.708909]  ? check_preemption_disabled+0x41/0x280
[  264.713931]  ? lock_acquire+0x170/0x3c0
[  264.717908]  ? ext4_map_blocks+0x33e/0x1a50
[  264.722221]  ext4_map_blocks+0xd88/0x1a50
[  264.726378]  ? check_preemption_disabled+0x41/0x280
[  264.731381]  ? ext4_issue_zeroout+0x160/0x160
[  264.735863]  ? __brelse+0x84/0xa0
[  264.739307]  ? __ext4_new_inode+0x2eb/0x5a20
[  264.743717]  ext4_getblk+0xad/0x4f0
[  264.747349]  ? ext4_iomap_begin+0xe00/0xe00
[  264.751657]  ? ext4_free_inode+0x1780/0x1780
[  264.756084]  ? debug_check_no_obj_freed+0x201/0x482
[  264.761087]  ? __dquot_initialize+0x298/0xb70
[  264.765591]  ext4_bread+0x7c/0x210
[  264.769250]  ? ext4_getblk+0x4f0/0x4f0
[  264.773140]  ? dquot_initialize_needed+0x290/0x290
[  264.778064]  ? trace_hardirqs_off+0x64/0x200
[  264.782461]  ext4_append+0x155/0x370
[  264.786173]  ext4_mkdir+0x5bd/0xe10
[  264.789803]  ? ext4_init_dot_dotdot+0x600/0x600
[  264.794457]  ? generic_permission+0x116/0x4d0
[  264.798947]  ? inode_permission.part.0+0x10c/0x450
[  264.803860]  vfs_mkdir+0x508/0x7a0
[  264.807394]  do_mkdirat+0x262/0x2d0
[  264.811020]  ? __ia32_sys_mknod+0x120/0x120
[  264.815355]  ? trace_hardirqs_off_caller+0x6e/0x210
[  264.820379]  ? do_syscall_64+0x21/0x620
[  264.824339]  do_syscall_64+0xf9/0x620
[  264.828140]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  264.833326] RIP: 0033:0x45d577
[  264.836505] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  264.855408] RSP: 002b:00007fc4b3b73a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  264.863115] RAX: ffffffffffffffda RBX: 00007fc4b3b73b10 RCX: 000000000045d577
[  264.870390] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  264.877651] RBP: 00007fc4b3b73ad0 R08: 0000000020000248 R09: 0000000000000000
[  264.884912] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  264.892163] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:18 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  264.931446] erofs: read_super, device -> /dev/loop2
[  264.942830] erofs: options -> 
[  264.954827] erofs: root inode @ nid 36
[  264.973479] erofs: mounted on /dev/loop2 with opts: .
[  265.011312] FAULT_INJECTION: forcing a failure.
[  265.011312] name failslab, interval 1, probability 0, space 0, times 0
[  265.023487] CPU: 0 PID: 14949 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  265.032080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  265.041433] Call Trace:
[  265.044028]  dump_stack+0x1fc/0x2fe
[  265.047667]  should_fail.cold+0xa/0x14
[  265.051548]  ? setup_fault_attr+0x200/0x200
[  265.055882]  __should_failslab+0x115/0x180
[  265.060148]  should_failslab+0x5/0xf
[  265.063856]  kmem_cache_alloc+0x277/0x370
[  265.068025]  ? ext4_sync_fs+0x8d0/0x8d0
[  265.071996]  ext4_alloc_inode+0x1a/0x630
[  265.076062]  ? ext4_sync_fs+0x8d0/0x8d0
[  265.080060]  alloc_inode+0x5d/0x180
[  265.083696]  new_inode+0x1d/0xf0
[  265.087069]  __ext4_new_inode+0x400/0x5a20
[  265.091348]  ? putname+0xe1/0x120
[  265.094816]  ? do_mkdirat+0xa0/0x2d0
[  265.098536]  ? ext4_free_inode+0x1780/0x1780
[  265.102942]  ? debug_check_no_obj_freed+0x201/0x482
[  265.107958]  ? __dquot_initialize+0x298/0xb70
[  265.112457]  ? lock_acquire+0x170/0x3c0
[  265.116433]  ? dquot_initialize_needed+0x290/0x290
[  265.122332]  ? trace_hardirqs_off+0x64/0x200
[  265.126747]  ? common_perm+0x4be/0x800
[  265.130653]  ext4_mkdir+0x396/0xe10
[  265.134297]  ? putname+0xe1/0x120
[  265.137738]  ? ext4_init_dot_dotdot+0x600/0x600
[  265.142423]  ? generic_permission+0x116/0x4d0
[  265.146930]  ? security_inode_permission+0xc5/0xf0
[  265.151875]  ? inode_permission.part.0+0x10c/0x450
[  265.156817]  vfs_mkdir+0x508/0x7a0
[  265.160377]  do_mkdirat+0x262/0x2d0
[  265.164012]  ? __ia32_sys_mknod+0x120/0x120
[  265.168333]  ? trace_hardirqs_off_caller+0x6e/0x210
[  265.173347]  ? do_syscall_64+0x21/0x620
[  265.177318]  do_syscall_64+0xf9/0x620
[  265.181107]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  265.186280] RIP: 0033:0x45d577
[  265.189457] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
21:35:18 executing program 2 (fault-call:3 fault-nth:29):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  265.208349] RSP: 002b:00007f86da993a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  265.216057] RAX: ffffffffffffffda RBX: 00007f86da993b10 RCX: 000000000045d577
[  265.223340] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  265.230608] RBP: 00007f86da993ad0 R08: 0000000020000248 R09: 0000000000000000
[  265.238145] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  265.245756] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  265.263432] erofs: unmounted for /dev/loop2
21:35:18 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, 0x0)

21:35:18 executing program 4 (fault-call:3 fault-nth:28):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:18 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  265.449788] FAULT_INJECTION: forcing a failure.
[  265.449788] name failslab, interval 1, probability 0, space 0, times 0
[  265.477138] FAULT_INJECTION: forcing a failure.
[  265.477138] name failslab, interval 1, probability 0, space 0, times 0
[  265.493011] CPU: 0 PID: 14964 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  265.500914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  265.510272] Call Trace:
[  265.512869]  dump_stack+0x1fc/0x2fe
[  265.516510]  should_fail.cold+0xa/0x14
[  265.520436]  ? setup_fault_attr+0x200/0x200
[  265.524762]  ? __lock_acquire+0x6de/0x3ff0
[  265.529011]  __should_failslab+0x115/0x180
[  265.533250]  should_failslab+0x5/0xf
[  265.536969]  __kmalloc+0x2ab/0x3c0
[  265.540799]  ? ext4_find_extent+0x9bb/0xc70
[  265.545130]  ext4_find_extent+0x9bb/0xc70
[  265.549299]  ext4_ext_map_blocks+0x1c0/0x7390
[  265.553834]  ? __lock_acquire+0x6de/0x3ff0
[  265.558080]  ? __lock_acquire+0x6de/0x3ff0
[  265.562330]  ? mark_held_locks+0xf0/0xf0
[  265.566427]  ? __ext4_handle_dirty_metadata+0x1e0/0x590
[  265.571801]  ? ext4_find_delalloc_cluster+0x1f0/0x1f0
[  265.577003]  ? mark_held_locks+0xf0/0xf0
[  265.581078]  ? ext4_mark_iloc_dirty+0x1af6/0x2b10
[  265.585938]  ? ext4_es_lookup_extent+0x375/0xb60
[  265.590704]  ? lock_downgrade+0x720/0x720
[  265.594855]  ? lock_acquire+0x170/0x3c0
[  265.598832]  ? check_preemption_disabled+0x41/0x280
[  265.603855]  ? lock_acquire+0x170/0x3c0
[  265.607854]  ? ext4_map_blocks+0x33e/0x1a50
[  265.612197]  ext4_map_blocks+0xd88/0x1a50
[  265.616357]  ? check_preemption_disabled+0x41/0x280
[  265.621383]  ? ext4_issue_zeroout+0x160/0x160
[  265.625981]  ? __brelse+0x84/0xa0
[  265.629444]  ? __ext4_new_inode+0x2eb/0x5a20
[  265.633867]  ext4_getblk+0xad/0x4f0
[  265.637505]  ? ext4_iomap_begin+0xe00/0xe00
[  265.641836]  ? ext4_free_inode+0x1780/0x1780
[  265.646252]  ? debug_check_no_obj_freed+0x201/0x482
[  265.651277]  ? __dquot_initialize+0x298/0xb70
[  265.655785]  ext4_bread+0x7c/0x210
[  265.659335]  ? ext4_getblk+0x4f0/0x4f0
[  265.663243]  ? dquot_initialize_needed+0x290/0x290
[  265.668191]  ? trace_hardirqs_off+0x64/0x200
[  265.672647]  ext4_append+0x155/0x370
[  265.676396]  ext4_mkdir+0x5bd/0xe10
[  265.680038]  ? ext4_init_dot_dotdot+0x600/0x600
[  265.684723]  ? generic_permission+0x116/0x4d0
[  265.689235]  ? inode_permission.part.0+0x10c/0x450
[  265.694215]  vfs_mkdir+0x508/0x7a0
[  265.697773]  do_mkdirat+0x262/0x2d0
[  265.701414]  ? __ia32_sys_mknod+0x120/0x120
[  265.705748]  ? trace_hardirqs_off_caller+0x6e/0x210
[  265.710860]  ? do_syscall_64+0x21/0x620
[  265.714848]  do_syscall_64+0xf9/0x620
[  265.718660]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  265.723852] RIP: 0033:0x45d577
[  265.727048] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  265.745987] RSP: 002b:00007f86da993a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  265.753710] RAX: ffffffffffffffda RBX: 00007f86da993b10 RCX: 000000000045d577
[  265.760986] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  265.768263] RBP: 00007f86da993ad0 R08: 0000000020000248 R09: 0000000000000000
[  265.775543] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  265.782819] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  265.792329] CPU: 1 PID: 14961 Comm: syz-executor.2 Not tainted 4.19.163-syzkaller #0
[  265.800317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  265.804751] erofs: read_super, device -> /dev/loop4
[  265.809673] Call Trace:
[  265.809754]  dump_stack+0x1fc/0x2fe
[  265.809774]  should_fail.cold+0xa/0x14
[  265.815060] erofs: options -> 
[  265.817372]  ? setup_fault_attr+0x200/0x200
[  265.817387]  ? __lock_acquire+0x6de/0x3ff0
[  265.817412]  __should_failslab+0x115/0x180
[  265.817428]  should_failslab+0x5/0xf
[  265.817440]  __kmalloc+0x2ab/0x3c0
[  265.817458]  ? ext4_find_extent+0x9bb/0xc70
[  265.821282] erofs: root inode @ nid 36
[  265.824962]  ext4_find_extent+0x9bb/0xc70
[  265.824983]  ext4_ext_map_blocks+0x1c0/0x7390
[  265.824999]  ? __lock_acquire+0x6de/0x3ff0
[  265.825025]  ? __lock_acquire+0x6de/0x3ff0
[  265.825046]  ? mark_held_locks+0xf0/0xf0
[  265.825061]  ? __ext4_handle_dirty_metadata+0x1e0/0x590
[  265.825076]  ? ext4_find_delalloc_cluster+0x1f0/0x1f0
[  265.825092]  ? mark_held_locks+0xf0/0xf0
[  265.828612] erofs: mounted on /dev/loop4 with opts: .
[  265.832663]  ? ext4_mark_iloc_dirty+0x1af6/0x2b10
[  265.832684]  ? ext4_es_lookup_extent+0x375/0xb60
[  265.832703]  ? lock_downgrade+0x720/0x720
[  265.832715]  ? lock_acquire+0x170/0x3c0
[  265.832728]  ? check_preemption_disabled+0x41/0x280
[  265.832746]  ? lock_acquire+0x170/0x3c0
[  265.832760]  ? ext4_map_blocks+0x33e/0x1a50
[  265.832782]  ext4_map_blocks+0xd88/0x1a50
[  265.933739]  ? check_preemption_disabled+0x41/0x280
[  265.938770]  ? ext4_issue_zeroout+0x160/0x160
[  265.943265]  ? __brelse+0x84/0xa0
[  265.946723]  ? __ext4_new_inode+0x2eb/0x5a20
[  265.951152]  ext4_getblk+0xad/0x4f0
[  265.954797]  ? ext4_iomap_begin+0xe00/0xe00
[  265.959216]  ? ext4_free_inode+0x1780/0x1780
[  265.963620]  ? debug_check_no_obj_freed+0x201/0x482
[  265.968636]  ? __dquot_initialize+0x298/0xb70
[  265.973161]  ext4_bread+0x7c/0x210
[  265.976879]  ? ext4_getblk+0x4f0/0x4f0
[  265.980776]  ? dquot_initialize_needed+0x290/0x290
[  265.985811]  ? trace_hardirqs_off+0x64/0x200
[  265.990210]  ext4_append+0x155/0x370
[  265.993983]  ext4_mkdir+0x5bd/0xe10
[  265.997622]  ? ext4_init_dot_dotdot+0x600/0x600
[  266.002292]  ? generic_permission+0x116/0x4d0
[  266.006823]  ? inode_permission.part.0+0x10c/0x450
[  266.011761]  vfs_mkdir+0x508/0x7a0
[  266.015318]  do_mkdirat+0x262/0x2d0
[  266.018935]  ? __ia32_sys_mknod+0x120/0x120
[  266.023259]  ? trace_hardirqs_off_caller+0x6e/0x210
[  266.028282]  ? do_syscall_64+0x21/0x620
[  266.032247]  do_syscall_64+0xf9/0x620
[  266.036049]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  266.041252] RIP: 0033:0x45d577
[  266.044428] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  266.063405] RSP: 002b:00007fc4b3b73a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  266.071206] RAX: ffffffffffffffda RBX: 00007fc4b3b73b10 RCX: 000000000045d577
[  266.078501] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  266.085778] RBP: 00007fc4b3b73ad0 R08: 0000000020000248 R09: 0000000000000000
[  266.093054] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
21:35:19 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:19 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:19 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:19 executing program 4 (fault-call:3 fault-nth:29):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  266.100335] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  266.139599] erofs: unmounted for /dev/loop4
21:35:19 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:19 executing program 1 (fault-call:3 fault-nth:0):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  266.344563] FAULT_INJECTION: forcing a failure.
[  266.344563] name failslab, interval 1, probability 0, space 0, times 0
[  266.356267] CPU: 1 PID: 14992 Comm: syz-executor.4 Not tainted 4.19.163-syzkaller #0
[  266.364162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  266.373541] Call Trace:
[  266.376162]  dump_stack+0x1fc/0x2fe
[  266.379808]  should_fail.cold+0xa/0x14
[  266.383733]  ? setup_fault_attr+0x200/0x200
[  266.384272] FAULT_INJECTION: forcing a failure.
[  266.384272] name failslab, interval 1, probability 0, space 0, times 0
[  266.388063]  ? __es_tree_search.isra.0+0x1af/0x210
[  266.388142]  __should_failslab+0x115/0x180
[  266.408551]  should_failslab+0x5/0xf
[  266.412274]  kmem_cache_alloc+0x3f/0x370
[  266.416351]  __es_insert_extent+0x39b/0x13b0
[  266.420772]  ? lock_acquire+0x170/0x3c0
[  266.424761]  ? ext4_es_insert_extent+0x17e/0x5e0
[  266.429533]  ext4_es_insert_extent+0x22e/0x5e0
[  266.434132]  ? lock_downgrade+0x720/0x720
[  266.438294]  ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0
[  266.444133]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  266.449173]  ? ext4_es_find_delayed_extent_range+0x7d9/0x9f0
[  266.454982]  ext4_ext_map_blocks+0x2129/0x7390
[  266.459575]  ? __lock_acquire+0x6de/0x3ff0
[  266.463816]  ? __lock_acquire+0x6de/0x3ff0
[  266.468062]  ? mark_held_locks+0xf0/0xf0
[  266.472127]  ? __ext4_handle_dirty_metadata+0x1e0/0x590
[  266.477494]  ? ext4_find_delalloc_cluster+0x1f0/0x1f0
[  266.482690]  ? mark_held_locks+0xf0/0xf0
[  266.486763]  ? ext4_mark_iloc_dirty+0x1af6/0x2b10
[  266.491623]  ? ext4_es_lookup_extent+0x375/0xb60
[  266.496388]  ? check_preemption_disabled+0x41/0x280
[  266.501414]  ? lock_acquire+0x170/0x3c0
[  266.505393]  ? ext4_map_blocks+0x33e/0x1a50
[  266.509724]  ext4_map_blocks+0xd88/0x1a50
[  266.513885]  ? check_preemption_disabled+0x41/0x280
[  266.518909]  ? ext4_issue_zeroout+0x160/0x160
[  266.523406]  ? __brelse+0x84/0xa0
[  266.526863]  ? __ext4_new_inode+0x2eb/0x5a20
[  266.531283]  ext4_getblk+0xad/0x4f0
[  266.534915]  ? ext4_iomap_begin+0xe00/0xe00
[  266.539244]  ? ext4_free_inode+0x1780/0x1780
[  266.543655]  ? debug_check_no_obj_freed+0x201/0x482
[  266.548669]  ? __dquot_initialize+0x298/0xb70
[  266.553170]  ext4_bread+0x7c/0x210
[  266.556713]  ? ext4_getblk+0x4f0/0x4f0
[  266.560601]  ? dquot_initialize_needed+0x290/0x290
[  266.565537]  ? trace_hardirqs_off+0x64/0x200
[  266.569952]  ext4_append+0x155/0x370
[  266.573704]  ext4_mkdir+0x5bd/0xe10
[  266.577349]  ? ext4_init_dot_dotdot+0x600/0x600
[  266.582028]  ? generic_permission+0x116/0x4d0
[  266.586535]  ? inode_permission.part.0+0x10c/0x450
[  266.591490]  vfs_mkdir+0x508/0x7a0
[  266.595049]  do_mkdirat+0x262/0x2d0
[  266.598701]  ? __ia32_sys_mknod+0x120/0x120
[  266.603039]  ? trace_hardirqs_off_caller+0x6e/0x210
[  266.608077]  ? do_syscall_64+0x21/0x620
[  266.612069]  do_syscall_64+0xf9/0x620
[  266.615895]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  266.621085] RIP: 0033:0x45d577
[  266.624275] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  266.643181] RSP: 002b:00007f86da993a78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  266.650890] RAX: ffffffffffffffda RBX: 00007f86da993b10 RCX: 000000000045d577
[  266.658332] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  266.665603] RBP: 00007f86da993ad0 R08: 0000000020000248 R09: 0000000000000000
[  266.672879] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  266.680148] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  266.687460] CPU: 0 PID: 14999 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  266.695361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  266.704715] Call Trace:
[  266.706116] erofs: read_super, device -> /dev/loop4
[  266.707310]  dump_stack+0x1fc/0x2fe
[  266.707332]  should_fail.cold+0xa/0x14
[  266.707351]  ? setup_fault_attr+0x200/0x200
[  266.713435] erofs: options -> 
[  266.716603]  ? lock_acquire+0x170/0x3c0
[  266.716628]  __should_failslab+0x115/0x180
[  266.716644]  should_failslab+0x5/0xf
[  266.716656]  __kmalloc+0x2ab/0x3c0
[  266.716675]  ? __se_sys_memfd_create+0xf8/0x440
[  266.720796] erofs: root inode @ nid 36
[  266.724884]  __se_sys_memfd_create+0xf8/0x440
[  266.724902]  ? memfd_file_seals_ptr+0x150/0x150
[  266.724916]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  266.724931]  ? trace_hardirqs_off_caller+0x6e/0x210
[  266.724945]  ? do_syscall_64+0x21/0x620
[  266.724961]  do_syscall_64+0xf9/0x620
[  266.724976]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  266.724988] RIP: 0033:0x45e159
[  266.725003] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  266.725010] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  266.728455] erofs: mounted on /dev/loop4 with opts: .
[  266.732181] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  266.732190] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  266.732198] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
21:35:20 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

21:35:20 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  266.732207] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  266.732215] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  266.867812] erofs: read_super, device -> /dev/loop2
[  266.873699] erofs: options -> 
[  266.877559] erofs: root inode @ nid 36
[  266.881950] erofs: mounted on /dev/loop2 with opts: .
21:35:20 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:20 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

[  266.920763] erofs: unmounted for /dev/loop2
21:35:20 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  267.007251] erofs: read_super, device -> /dev/loop2
[  267.018833] erofs: options -> 
[  267.028439] erofs: root inode @ nid 36
[  267.040376] erofs: mounted on /dev/loop2 with opts: .
21:35:20 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)

21:35:20 executing program 1 (fault-call:3 fault-nth:1):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:20 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:20 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:20 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  267.138830] erofs: unmounted for /dev/loop2
[  267.156033] FAULT_INJECTION: forcing a failure.
[  267.156033] name failslab, interval 1, probability 0, space 0, times 0
[  267.193253] erofs: unmounted for /dev/loop4
[  267.205808] CPU: 1 PID: 15030 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  267.213706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  267.223082] Call Trace:
[  267.225684]  dump_stack+0x1fc/0x2fe
[  267.229321]  should_fail.cold+0xa/0x14
[  267.233220]  ? setup_fault_attr+0x200/0x200
[  267.237557]  ? lock_acquire+0x170/0x3c0
[  267.241540]  __should_failslab+0x115/0x180
[  267.245762]  should_failslab+0x5/0xf
[  267.249470]  kmem_cache_alloc+0x277/0x370
[  267.253646]  ? shmem_destroy_callback+0xb0/0xb0
[  267.258306]  shmem_alloc_inode+0x18/0x40
[  267.262384]  ? shmem_destroy_callback+0xb0/0xb0
[  267.267055]  alloc_inode+0x5d/0x180
[  267.270670]  new_inode+0x1d/0xf0
[  267.274022]  shmem_get_inode+0x96/0x8d0
[  267.278000]  __shmem_file_setup.part.0+0x7a/0x2b0
[  267.282895]  shmem_file_setup+0x61/0x90
[  267.286868]  __se_sys_memfd_create+0x26b/0x440
[  267.291460]  ? memfd_file_seals_ptr+0x150/0x150
[  267.296117]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  267.301483]  ? trace_hardirqs_off_caller+0x6e/0x210
[  267.306514]  ? do_syscall_64+0x21/0x620
[  267.310479]  do_syscall_64+0xf9/0x620
[  267.314295]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  267.319480] RIP: 0033:0x45e159
[  267.322691] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
21:35:20 executing program 1 (fault-call:3 fault-nth:2):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  267.341602] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  267.349331] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  267.356591] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  267.363845] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
[  267.371119] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  267.378374] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  267.444744] erofs: read_super, device -> /dev/loop2
[  267.464491] erofs: options -> 
[  267.476779] erofs: root inode @ nid 36
[  267.483468] erofs: mounted on /dev/loop2 with opts: .
[  267.491716] FAULT_INJECTION: forcing a failure.
[  267.491716] name failslab, interval 1, probability 0, space 0, times 0
[  267.504713] CPU: 1 PID: 15044 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  267.512615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  267.521973] Call Trace:
[  267.524615]  dump_stack+0x1fc/0x2fe
[  267.528260]  should_fail.cold+0xa/0x14
[  267.531525] erofs: read_super, device -> /dev/loop4
[  267.532262]  ? setup_fault_attr+0x200/0x200
[  267.532277]  ? lock_acquire+0x170/0x3c0
[  267.532300]  __should_failslab+0x115/0x180
[  267.532321]  should_failslab+0x5/0xf
[  267.553546]  kmem_cache_alloc+0x277/0x370
[  267.556138] erofs: options -> 
[  267.557703]  __d_alloc+0x2b/0xa10
[  267.557725]  d_alloc_pseudo+0x19/0x70
[  267.557744]  alloc_file_pseudo+0xc6/0x250
[  267.571402] erofs: root inode @ nid 36
[  267.572474]  ? alloc_file+0x4d0/0x4d0
[  267.572495]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  267.572510]  ? shmem_get_inode+0x44c/0x8d0
[  267.572528]  __shmem_file_setup.part.0+0x102/0x2b0
[  267.572551]  shmem_file_setup+0x61/0x90
[  267.579950] erofs: mounted on /dev/loop4 with opts: .
[  267.580228]  __se_sys_memfd_create+0x26b/0x440
[  267.608718]  ? memfd_file_seals_ptr+0x150/0x150
[  267.613399]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  267.618775]  ? trace_hardirqs_off_caller+0x6e/0x210
[  267.623791]  ? do_syscall_64+0x21/0x620
[  267.627764]  do_syscall_64+0xf9/0x620
[  267.631570]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  267.636772] RIP: 0033:0x45e159
[  267.640042] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  267.658966] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  267.666662] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  267.673933] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  267.681184] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
[  267.688436] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
21:35:21 executing program 1 (fault-call:3 fault-nth:3):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  267.695689] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:21 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x2, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  267.750690] FAULT_INJECTION: forcing a failure.
[  267.750690] name failslab, interval 1, probability 0, space 0, times 0
[  267.779357] erofs: unmounted for /dev/loop4
21:35:21 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:21 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:21 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  267.809459] erofs: unmounted for /dev/loop2
[  267.815145] CPU: 0 PID: 15053 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  267.823046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  267.832406] Call Trace:
[  267.835032]  dump_stack+0x1fc/0x2fe
[  267.838701]  should_fail.cold+0xa/0x14
[  267.842604]  ? setup_fault_attr+0x200/0x200
[  267.846936]  ? lock_acquire+0x170/0x3c0
[  267.850959]  __should_failslab+0x115/0x180
[  267.855220]  should_failslab+0x5/0xf
[  267.858944]  kmem_cache_alloc+0x277/0x370
[  267.863107]  __alloc_file+0x21/0x330
[  267.866850]  alloc_empty_file+0x6d/0x170
[  267.870922]  alloc_file+0x5e/0x4d0
[  267.874472]  alloc_file_pseudo+0x165/0x250
[  267.878754]  ? alloc_file+0x4d0/0x4d0
[  267.882569]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  267.888208]  ? shmem_get_inode+0x44c/0x8d0
[  267.892454]  __shmem_file_setup.part.0+0x102/0x2b0
[  267.897415]  shmem_file_setup+0x61/0x90
[  267.901410]  __se_sys_memfd_create+0x26b/0x440
21:35:21 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  267.906014]  ? memfd_file_seals_ptr+0x150/0x150
[  267.910734]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  267.916120]  ? trace_hardirqs_off_caller+0x6e/0x210
[  267.921155]  ? do_syscall_64+0x21/0x620
[  267.925148]  do_syscall_64+0xf9/0x620
[  267.929394]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  267.934589] RIP: 0033:0x45e159
[  267.937793] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
21:35:21 executing program 1 (fault-call:3 fault-nth:4):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  267.956741] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  267.965071] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  267.972354] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  267.979638] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
[  267.986918] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  267.994204] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  268.056439] erofs: read_super, device -> /dev/loop4
[  268.083975] erofs: options -> 
[  268.097932] erofs: root inode @ nid 36
[  268.114728] erofs: mounted on /dev/loop4 with opts: .
21:35:21 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  268.134181] erofs: read_super, device -> /dev/loop2
[  268.139641] erofs: options -> 
[  268.145531] erofs: root inode @ nid 36
[  268.150878] erofs: mounted on /dev/loop2 with opts: .
[  268.151046] FAULT_INJECTION: forcing a failure.
[  268.151046] name failslab, interval 1, probability 0, space 0, times 0
[  268.196611] erofs: unmounted for /dev/loop4
[  268.205352] CPU: 1 PID: 15077 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  268.213344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  268.222804] Call Trace:
[  268.225394]  dump_stack+0x1fc/0x2fe
[  268.229033]  should_fail.cold+0xa/0x14
[  268.232906]  ? setup_fault_attr+0x200/0x200
[  268.237245]  ? lock_acquire+0x170/0x3c0
[  268.241211]  __should_failslab+0x115/0x180
[  268.245445]  should_failslab+0x5/0xf
[  268.249154]  kmem_cache_alloc_trace+0x284/0x380
[  268.253848]  apparmor_file_alloc_security+0x394/0xad0
[  268.259059]  ? apparmor_file_receive+0x160/0x160
[  268.263817]  ? __alloc_file+0x21/0x330
[  268.267696]  security_file_alloc+0x40/0x90
[  268.271923]  __alloc_file+0xc9/0x330
[  268.275676]  alloc_empty_file+0x6d/0x170
[  268.279737]  alloc_file+0x5e/0x4d0
[  268.283282]  alloc_file_pseudo+0x165/0x250
[  268.287678]  ? alloc_file+0x4d0/0x4d0
[  268.291481]  ? lockdep_annotate_inode_mutex_key+0x43/0x130
[  268.297104]  ? shmem_get_inode+0x44c/0x8d0
[  268.301327]  __shmem_file_setup.part.0+0x102/0x2b0
[  268.306630]  shmem_file_setup+0x61/0x90
[  268.310593]  __se_sys_memfd_create+0x26b/0x440
[  268.315258]  ? memfd_file_seals_ptr+0x150/0x150
[  268.319923]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  268.325273]  ? trace_hardirqs_off_caller+0x6e/0x210
[  268.330320]  ? do_syscall_64+0x21/0x620
[  268.334308]  do_syscall_64+0xf9/0x620
[  268.338117]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  268.343315] RIP: 0033:0x45e159
[  268.346506] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  268.365487] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  268.373199] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045e159
[  268.380471] RDX: 0000000020000248 RSI: 0000000000000000 RDI: 00000000004c2bc7
[  268.387733] RBP: 0000000000002000 R08: 0000000020000248 R09: 0000000000000000
21:35:21 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:21 executing program 1 (fault-call:3 fault-nth:5):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  268.394991] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  268.402249] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  268.425285] erofs: unmounted for /dev/loop2
21:35:21 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  268.502264] erofs: read_super, device -> /dev/loop4
[  268.514038] erofs: options -> 
[  268.530063] erofs: root inode @ nid 36
[  268.536370] erofs: mounted on /dev/loop4 with opts: .
21:35:21 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x4, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  268.584770] FAULT_INJECTION: forcing a failure.
[  268.584770] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  268.599164] erofs: read_super, device -> /dev/loop2
[  268.605282] erofs: unmounted for /dev/loop4
[  268.616373] erofs: options -> 
[  268.625202] erofs: root inode @ nid 36
[  268.630204] CPU: 1 PID: 15096 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  268.630775] erofs: mounted on /dev/loop2 with opts: .
[  268.638099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  268.638106] Call Trace:
[  268.638130]  dump_stack+0x1fc/0x2fe
[  268.638154]  should_fail.cold+0xa/0x14
[  268.638170]  ? lock_acquire+0x170/0x3c0
[  268.638188]  ? setup_fault_attr+0x200/0x200
[  268.638216]  __alloc_pages_nodemask+0x239/0x2890
[  268.638230]  ? __lock_acquire+0x6de/0x3ff0
[  268.638252]  ? static_obj+0x50/0x50
21:35:22 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  268.638274]  ? __lock_acquire+0x6de/0x3ff0
[  268.638291]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  268.638304]  ? __lock_acquire+0x6de/0x3ff0
[  268.638321]  ? deref_stack_reg+0x134/0x1d0
[  268.638336]  ? mark_held_locks+0xf0/0xf0
[  268.638353]  ? mark_held_locks+0xf0/0xf0
[  268.638368]  ? unwind_next_frame+0x10a9/0x1c60
[  268.638386]  alloc_pages_vma+0xf2/0x780
[  268.638406]  shmem_alloc_page+0x11c/0x1f0
[  268.638430]  ? shmem_swapin+0x220/0x220
[  268.726774]  ? percpu_counter_add_batch+0x126/0x180
[  268.731805]  ? __vm_enough_memory+0x316/0x650
[  268.736313]  shmem_alloc_and_acct_page+0x15a/0x850
[  268.741289]  shmem_getpage_gfp+0x4e9/0x37f0
[  268.745722]  ? shmem_alloc_and_acct_page+0x850/0x850
[  268.750835]  ? mark_held_locks+0xa6/0xf0
[  268.754909]  ? ktime_get_coarse_real_ts64+0x1c7/0x290
[  268.760124]  ? iov_iter_fault_in_readable+0x1fc/0x3f0
[  268.765418]  shmem_write_begin+0xff/0x1e0
[  268.769580]  generic_perform_write+0x1f8/0x4d0
[  268.774183]  ? filemap_page_mkwrite+0x2f0/0x2f0
[  268.778949]  ? current_time+0x1c0/0x1c0
[  268.782937]  ? lock_acquire+0x170/0x3c0
[  268.786923]  __generic_file_write_iter+0x24b/0x610
[  268.791870]  generic_file_write_iter+0x3f8/0x729
[  268.796650]  __vfs_write+0x51b/0x770
[  268.800375]  ? kernel_read+0x110/0x110
[  268.804289]  ? check_preemption_disabled+0x41/0x280
[  268.809322]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  268.814358]  vfs_write+0x1f3/0x540
[  268.817913]  __x64_sys_pwrite64+0x1f7/0x250
[  268.822238]  ? ksys_pwrite64+0x1a0/0x1a0
[  268.826328]  ? trace_hardirqs_off_caller+0x6e/0x210
[  268.831347]  ? do_syscall_64+0x21/0x620
[  268.835330]  do_syscall_64+0xf9/0x620
[  268.839143]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  268.844339] RIP: 0033:0x417cb7
[  268.847538] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a1 18 00 00 c3 48 83 ec 08 e8 07 fa ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 4d fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  268.866809] RSP: 002b:00007f45360aba10 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  268.874551] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000417cb7
21:35:22 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  268.881825] RDX: 000000000000000f RSI: 0000000020010000 RDI: 0000000000000006
[  268.889103] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  268.896386] R10: 0000000000000400 R11: 0000000000000293 R12: 0000000000000003
[  268.903660] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000210
21:35:22 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:22 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

21:35:22 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  268.998286] erofs: read_super, device -> /dev/loop4
[  269.000068] erofs: unmounted for /dev/loop2
[  269.019520] erofs: options -> 
[  269.028323] erofs: root inode @ nid 36
[  269.038584] erofs: mounted on /dev/loop4 with opts: .
21:35:22 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  269.069781] erofs: read_super, device -> /dev/loop1
[  269.077405] erofs: options -> 
[  269.081558] erofs: read_super, device -> /dev/loop2
[  269.097229] erofs: cannot find valid erofs superblock
[  269.105655] erofs: options -> 
[  269.115192] erofs: root inode @ nid 36
[  269.119780] erofs: unmounted for /dev/loop4
[  269.125085] erofs: mounted on /dev/loop2 with opts: .
21:35:22 executing program 1 (fault-call:3 fault-nth:6):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:22 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  269.220996] erofs: unmounted for /dev/loop2
[  269.242728] FAULT_INJECTION: forcing a failure.
[  269.242728] name failslab, interval 1, probability 0, space 0, times 0
[  269.254167] CPU: 0 PID: 15144 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  269.262070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  269.271859] Call Trace:
[  269.274460]  dump_stack+0x1fc/0x2fe
[  269.278086]  should_fail.cold+0xa/0x14
[  269.281971]  ? setup_fault_attr+0x200/0x200
[  269.286297]  ? lock_acquire+0x170/0x3c0
[  269.290282]  __should_failslab+0x115/0x180
[  269.294517]  should_failslab+0x5/0xf
[  269.298218]  kmem_cache_alloc+0x277/0x370
[  269.302371]  getname_flags+0xce/0x590
[  269.306179]  do_sys_open+0x26c/0x520
[  269.309904]  ? filp_open+0x70/0x70
[  269.313491]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  269.318892]  ? trace_hardirqs_off_caller+0x6e/0x210
[  269.323942]  ? do_syscall_64+0x21/0x620
[  269.327926]  do_syscall_64+0xf9/0x620
[  269.331734]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  269.336912] RIP: 0033:0x417c51
[  269.340104] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 6a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  269.359033] RSP: 002b:00007f45360aba10 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  269.366753] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000417c51
[  269.374037] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007f45360abad0
[  269.381317] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
21:35:22 executing program 1 (fault-call:3 fault-nth:7):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:22 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  269.388598] R10: 0000000000001000 R11: 0000000000000293 R12: 0000000000000003
[  269.396152] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  269.428287] erofs: read_super, device -> /dev/loop4
[  269.435846] erofs: options -> 
[  269.460168] erofs: root inode @ nid 36
[  269.480441] FAULT_INJECTION: forcing a failure.
[  269.480441] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  269.483725] erofs: read_super, device -> /dev/loop2
[  269.492384] CPU: 1 PID: 15153 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  269.492394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  269.492399] Call Trace:
[  269.492429]  dump_stack+0x1fc/0x2fe
[  269.492451]  should_fail.cold+0xa/0x14
[  269.492470]  ? setup_fault_attr+0x200/0x200
[  269.492485]  ? do_writepages+0x290/0x290
[  269.492499]  ? unlock_page+0x13d/0x230
[  269.492531]  __alloc_pages_nodemask+0x239/0x2890
[  269.497828] erofs: mounted on /dev/loop4 with opts: .
[  269.505431]  ? lock_downgrade+0x720/0x720
[  269.505446]  ? check_preemption_disabled+0x41/0x280
[  269.505463]  ? __lock_acquire+0x6de/0x3ff0
[  269.505488]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  269.505502]  ? lock_downgrade+0x720/0x720
[  269.505513]  ? lock_acquire+0x170/0x3c0
[  269.505530]  ? up_write+0x18/0x150
[  269.505544]  ? generic_file_write_iter+0x381/0x729
[  269.505566]  ? iov_iter_init+0xb8/0x1d0
[  269.531070] erofs: options -> 
[  269.533374]  cache_grow_begin+0xa4/0x8a0
[  269.533393]  ? setup_fault_attr+0x200/0x200
[  269.533406]  ? lock_acquire+0x170/0x3c0
[  269.533423]  cache_alloc_refill+0x273/0x340
[  269.533442]  kmem_cache_alloc+0x346/0x370
[  269.533462]  getname_flags+0xce/0x590
[  269.533479]  do_sys_open+0x26c/0x520
[  269.533495]  ? filp_open+0x70/0x70
[  269.620977]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  269.626363]  ? trace_hardirqs_off_caller+0x6e/0x210
[  269.631424]  ? do_syscall_64+0x21/0x620
[  269.635412]  do_syscall_64+0xf9/0x620
[  269.639228]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  269.644425] RIP: 0033:0x417c51
[  269.647614] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 6a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  269.666523] RSP: 002b:00007f45360aba10 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  269.674275] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000417c51
[  269.681552] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007f45360abad0
[  269.684568] erofs: root inode @ nid 36
[  269.688823] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  269.688832] R10: 0000000000001000 R11: 0000000000000293 R12: 0000000000000003
[  269.688841] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  269.717300] erofs: mounted on /dev/loop2 with opts: .
21:35:23 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:23 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  269.740860] erofs: read_super, device -> /dev/loop1
[  269.748571] erofs: options -> 
[  269.757961] erofs: root inode @ nid 36
[  269.766665] erofs: mounted on /dev/loop1 with opts: .
[  269.772142] erofs: unmounted for /dev/loop4
[  269.791131] erofs: unmounted for /dev/loop2
21:35:23 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0)

21:35:23 executing program 1 (fault-call:3 fault-nth:8):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:23 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

[  269.878701] erofs: unmounted for /dev/loop1
[  269.941784] FAULT_INJECTION: forcing a failure.
[  269.941784] name failslab, interval 1, probability 0, space 0, times 0
[  269.958020] erofs: read_super, device -> /dev/loop4
[  269.960776] CPU: 1 PID: 15179 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  269.964312] erofs: options -> 
[  269.970936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  269.970942] Call Trace:
[  269.970964]  dump_stack+0x1fc/0x2fe
[  269.970984]  should_fail.cold+0xa/0x14
[  269.971004]  ? setup_fault_attr+0x200/0x200
[  269.980721] erofs: root inode @ nid 36
[  269.983548]  ? lock_acquire+0x170/0x3c0
[  269.983573]  __should_failslab+0x115/0x180
[  269.983589]  should_failslab+0x5/0xf
[  269.983602]  kmem_cache_alloc_trace+0x284/0x380
[  269.983623]  apparmor_file_alloc_security+0x394/0xad0
[  269.983641]  ? apparmor_file_receive+0x160/0x160
[  269.989603] erofs: mounted on /dev/loop4 with opts: .
[  269.989876]  ? __alloc_file+0x21/0x330
[  270.037455]  security_file_alloc+0x40/0x90
[  270.041710]  __alloc_file+0xc9/0x330
[  270.044176] erofs: read_super, device -> /dev/loop2
[  270.045430]  alloc_empty_file+0x6d/0x170
[  270.045450]  path_openat+0xe9/0x2df0
[  270.045465]  ? __lock_acquire+0x6de/0x3ff0
[  270.045485]  ? path_lookupat+0x8d0/0x8d0
[  270.050589] erofs: options -> 
[  270.054572]  ? mark_held_locks+0xf0/0xf0
[  270.054586]  ? mark_held_locks+0xf0/0xf0
[  270.054611]  do_filp_open+0x18c/0x3f0
[  270.054626]  ? may_open_dev+0xf0/0xf0
[  270.054642]  ? __alloc_fd+0x28d/0x570
[  270.054659]  ? lock_downgrade+0x720/0x720
[  270.063308] erofs: root inode @ nid 36
[  270.066626]  ? lock_acquire+0x170/0x3c0
[  270.066643]  ? __alloc_fd+0x34/0x570
[  270.066662]  ? do_raw_spin_unlock+0x171/0x230
[  270.066681]  ? _raw_spin_unlock+0x29/0x40
[  270.081957] erofs: mounted on /dev/loop2 with opts: .
[  270.085549]  ? __alloc_fd+0x28d/0x570
[  270.085574]  do_sys_open+0x3b3/0x520
[  270.085590]  ? filp_open+0x70/0x70
[  270.129990]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  270.135402]  ? trace_hardirqs_off_caller+0x6e/0x210
[  270.140433]  ? do_syscall_64+0x21/0x620
[  270.144424]  do_syscall_64+0xf9/0x620
[  270.148236]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  270.153429] RIP: 0033:0x417c51
[  270.156631] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 6a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  270.175541] RSP: 002b:00007f45360aba10 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  270.183252] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000417c51
21:35:23 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

21:35:23 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x9, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  270.190520] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007f45360abad0
[  270.197797] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  270.205084] R10: 0000000000001000 R11: 0000000000000293 R12: 0000000000000003
[  270.212358] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:23 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

[  270.256526] erofs: unmounted for /dev/loop2
21:35:23 executing program 1 (fault-call:3 fault-nth:9):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:23 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  270.323603] erofs: unmounted for /dev/loop4
21:35:23 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  270.359467] FAULT_INJECTION: forcing a failure.
[  270.359467] name failslab, interval 1, probability 0, space 0, times 0
[  270.403446] erofs: read_super, device -> /dev/loop2
[  270.415700] erofs: options -> 
[  270.426514] CPU: 1 PID: 15202 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  270.434532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  270.439360] erofs: root inode @ nid 36
[  270.443914] Call Trace:
[  270.443939]  dump_stack+0x1fc/0x2fe
[  270.443958]  should_fail.cold+0xa/0x14
[  270.443974]  ? setup_fault_attr+0x200/0x200
[  270.443988]  ? lock_acquire+0x170/0x3c0
[  270.444014]  __should_failslab+0x115/0x180
[  270.452109] erofs: mounted on /dev/loop2 with opts: .
[  270.454190]  should_failslab+0x5/0xf
[  270.454205]  kmem_cache_alloc_trace+0x284/0x380
[  270.454230]  apparmor_file_alloc_security+0x394/0xad0
[  270.489657]  ? apparmor_file_receive+0x160/0x160
[  270.494464]  ? __alloc_file+0x21/0x330
[  270.498377]  security_file_alloc+0x40/0x90
[  270.502887]  __alloc_file+0xc9/0x330
[  270.506627]  alloc_empty_file+0x6d/0x170
[  270.510726]  path_openat+0xe9/0x2df0
[  270.514540]  ? __lock_acquire+0x6de/0x3ff0
[  270.518812]  ? path_lookupat+0x8d0/0x8d0
[  270.522889]  ? mark_held_locks+0xf0/0xf0
[  270.526976]  do_filp_open+0x18c/0x3f0
[  270.530787]  ? may_open_dev+0xf0/0xf0
[  270.534601]  ? __alloc_fd+0x28d/0x570
[  270.538451]  ? lock_downgrade+0x720/0x720
[  270.542613]  ? lock_acquire+0x170/0x3c0
[  270.546596]  ? __alloc_fd+0x34/0x570
[  270.551114]  ? do_raw_spin_unlock+0x171/0x230
[  270.555630]  ? _raw_spin_unlock+0x29/0x40
[  270.559785]  ? __alloc_fd+0x28d/0x570
[  270.563630]  do_sys_open+0x3b3/0x520
[  270.567353]  ? filp_open+0x70/0x70
[  270.570908]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  270.575715] erofs: read_super, device -> /dev/loop4
[  270.576286]  ? trace_hardirqs_off_caller+0x6e/0x210
[  270.581390] erofs: options -> 
[  270.586299]  ? do_syscall_64+0x21/0x620
[  270.586316]  do_syscall_64+0xf9/0x620
[  270.586334]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  270.586347] RIP: 0033:0x417c51
[  270.586361] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 6a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 b3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  270.586374] RSP: 002b:00007f45360aba10 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  270.593264] erofs: root inode @ nid 36
[  270.593554] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000417c51
[  270.602100] erofs: mounted on /dev/loop4 with opts: .
21:35:24 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x5, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  270.602521] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007f45360abad0
[  270.656202] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  270.663493] R10: 0000000000001000 R11: 0000000000000293 R12: 0000000000000003
[  270.670780] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:24 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0)

21:35:24 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x10, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:24 executing program 1 (fault-call:3 fault-nth:10):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  270.712595] erofs: unmounted for /dev/loop2
21:35:24 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  270.770001] erofs: read_super, device -> /dev/loop0
[  270.781307] erofs: unmounted for /dev/loop4
[  270.794110] erofs: options -> 
[  270.805602] erofs: root inode @ nid 36
[  270.809902] erofs: mounted on /dev/loop0 with opts: .
[  270.821528] FAULT_INJECTION: forcing a failure.
[  270.821528] name failslab, interval 1, probability 0, space 0, times 0
[  270.840401] CPU: 1 PID: 15235 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  270.848303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  270.857728] Call Trace:
[  270.860315]  dump_stack+0x1fc/0x2fe
[  270.863935]  should_fail.cold+0xa/0x14
[  270.867817]  ? setup_fault_attr+0x200/0x200
[  270.872142]  ? lock_acquire+0x170/0x3c0
[  270.876212]  __should_failslab+0x115/0x180
[  270.880469]  should_failslab+0x5/0xf
[  270.884193]  kmem_cache_alloc_trace+0x284/0x380
[  270.888850]  ? loop_info64_to_compat+0x5e0/0x5e0
[  270.893618]  __kthread_create_on_node+0xd2/0x410
[  270.898369]  ? kthread_parkme+0xa0/0xa0
[  270.902352]  ? lo_ioctl+0x1bb/0x20e0
[  270.906069]  ? __mutex_lock+0x3a8/0x1260
[  270.910129]  ? lock_downgrade+0x720/0x720
[  270.914284]  ? loop_info64_to_compat+0x5e0/0x5e0
[  270.919082]  kthread_create_on_node+0xbb/0xf0
[  270.923565]  ? __kthread_create_on_node+0x410/0x410
[  270.928577]  ? __fget+0x356/0x510
[  270.932056]  ? do_dup2+0x450/0x450
[  270.935602]  ? __lockdep_init_map+0x100/0x5a0
[  270.940108]  ? __lockdep_init_map+0x100/0x5a0
[  270.944606]  lo_ioctl+0xae5/0x20e0
[  270.948158]  ? loop_set_status64+0x110/0x110
[  270.952557]  blkdev_ioctl+0x5cb/0x1a7e
[  270.956431]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  270.961867]  ? blkpg_ioctl+0x9d0/0x9d0
[  270.965750]  ? mark_held_locks+0xf0/0xf0
[  270.969811]  ? mark_held_locks+0xf0/0xf0
[  270.973860]  ? debug_check_no_obj_freed+0x201/0x482
[  270.978865]  ? lock_downgrade+0x720/0x720
[  270.983019]  block_ioctl+0xe9/0x130
[  270.986631]  ? blkdev_fallocate+0x3f0/0x3f0
[  270.990947]  do_vfs_ioctl+0xcdb/0x12e0
[  270.994844]  ? lock_downgrade+0x720/0x720
[  270.999008]  ? check_preemption_disabled+0x41/0x280
[  271.004011]  ? ioctl_preallocate+0x200/0x200
[  271.008413]  ? __fget+0x356/0x510
[  271.011857]  ? do_dup2+0x450/0x450
[  271.015408]  ? do_sys_open+0x2bf/0x520
[  271.019297]  ksys_ioctl+0x9b/0xc0
[  271.022742]  __x64_sys_ioctl+0x6f/0xb0
[  271.026634]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  271.031208]  do_syscall_64+0xf9/0x620
[  271.035030]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  271.040234] RIP: 0033:0x45dfc7
[  271.043409] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  271.062313] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  271.070041] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  271.077308] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  271.084566] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  271.091832] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  271.099111] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:24 executing program 1 (fault-call:3 fault-nth:11):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  271.140826] erofs: read_super, device -> /dev/loop2
[  271.140977] erofs: read_super, device -> /dev/loop4
[  271.154958] erofs: options -> 
[  271.159583] erofs: options -> 
[  271.163270] erofs: root inode @ nid 36
[  271.177782] erofs: root inode @ nid 36
[  271.184622] erofs: mounted on /dev/loop4 with opts: .
21:35:24 executing program 0 (fault-call:8 fault-nth:0):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  271.203911] erofs: mounted on /dev/loop2 with opts: .
21:35:24 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  271.230627] erofs: unmounted for /dev/loop0
21:35:24 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x60, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:24 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x13, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  271.274342] erofs: unmounted for /dev/loop4
[  271.285573] FAULT_INJECTION: forcing a failure.
[  271.285573] name failslab, interval 1, probability 0, space 0, times 0
[  271.297756] erofs: unmounted for /dev/loop2
[  271.298082] CPU: 1 PID: 15251 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  271.309970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  271.319325] Call Trace:
[  271.321922]  dump_stack+0x1fc/0x2fe
[  271.325565]  should_fail.cold+0xa/0x14
[  271.329493]  ? setup_fault_attr+0x200/0x200
[  271.333828]  ? lock_acquire+0x170/0x3c0
[  271.337898]  __should_failslab+0x115/0x180
[  271.342135]  should_failslab+0x5/0xf
[  271.345844]  kmem_cache_alloc+0x277/0x370
[  271.356633]  __kernfs_new_node+0xd2/0x680
[  271.360797]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  271.365586]  ? __cpu_to_node+0x7b/0xa0
[  271.369479]  ? account_entity_enqueue+0x2e5/0x440
[  271.374362]  ? mark_held_locks+0xf0/0xf0
[  271.378426]  ? enqueue_entity+0xf86/0x3850
[  271.382667]  ? set_user_nice.part.0+0x3b9/0xab0
[  271.387359]  kernfs_create_dir_ns+0x9e/0x230
[  271.391788]  internal_create_group+0x1c1/0xb20
[  271.396381]  ? sysfs_remove_link_from_group+0x70/0x70
[  271.401568]  ? lock_downgrade+0x720/0x720
[  271.405727]  lo_ioctl+0xf7c/0x20e0
[  271.409275]  ? loop_set_status64+0x110/0x110
[  271.413691]  blkdev_ioctl+0x5cb/0x1a7e
[  271.417579]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  271.422963]  ? blkpg_ioctl+0x9d0/0x9d0
[  271.426849]  ? mark_held_locks+0xf0/0xf0
[  271.430908]  ? mark_held_locks+0xf0/0xf0
[  271.434972]  ? debug_check_no_obj_freed+0x201/0x482
[  271.440007]  ? lock_downgrade+0x720/0x720
[  271.444169]  block_ioctl+0xe9/0x130
[  271.447798]  ? blkdev_fallocate+0x3f0/0x3f0
[  271.452129]  do_vfs_ioctl+0xcdb/0x12e0
[  271.456123]  ? lock_downgrade+0x720/0x720
[  271.460273]  ? check_preemption_disabled+0x41/0x280
[  271.465296]  ? ioctl_preallocate+0x200/0x200
[  271.469708]  ? __fget+0x356/0x510
[  271.473182]  ? do_dup2+0x450/0x450
[  271.476722]  ? do_sys_open+0x2bf/0x520
[  271.480627]  ksys_ioctl+0x9b/0xc0
[  271.484092]  __x64_sys_ioctl+0x6f/0xb0
[  271.488457]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  271.493050]  do_syscall_64+0xf9/0x620
[  271.496858]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  271.502050] RIP: 0033:0x45dfc7
[  271.505242] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  271.524149] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  271.531890] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  271.539177] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  271.546445] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  271.553728] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  271.560999] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:24 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0)

[  271.623171] erofs: read_super, device -> /dev/loop1
[  271.628809] erofs: options -> 
[  271.633540] FAULT_INJECTION: forcing a failure.
[  271.633540] name failslab, interval 1, probability 0, space 0, times 0
[  271.647173] erofs: root inode @ nid 36
[  271.674104] erofs: mounted on /dev/loop1 with opts: .
[  271.679842] CPU: 0 PID: 15263 Comm: syz-executor.0 Not tainted 4.19.163-syzkaller #0
[  271.685553] erofs: read_super, device -> /dev/loop4
[  271.687749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  271.702109] Call Trace:
[  271.704714]  dump_stack+0x1fc/0x2fe
[  271.708490]  should_fail.cold+0xa/0x14
[  271.709196] erofs: options -> 
[  271.712396]  ? setup_fault_attr+0x200/0x200
[  271.712412]  ? lock_acquire+0x170/0x3c0
[  271.712436]  __should_failslab+0x115/0x180
[  271.712450]  should_failslab+0x5/0xf
[  271.712462]  kmem_cache_alloc_trace+0x284/0x380
[  271.712481]  snd_pcm_oss_change_params_locked+0x1a2/0x3960
[  271.712504]  ? __mutex_lock+0x3a8/0x1260
[  271.712526]  ? lock_downgrade+0x720/0x720
[  271.723977] erofs: root inode @ nid 36
[  271.724005]  ? lock_acquire+0x170/0x3c0
[  271.737780] erofs: mounted on /dev/loop4 with opts: .
[  271.742238]  ? mark_held_locks+0xf0/0xf0
[  271.742256]  ? snd_pcm_plugin_append+0x190/0x190
[  271.742270]  ? snd_pcm_oss_make_ready+0xc7/0x1b0
[  271.742286]  ? __mutex_add_waiter+0x160/0x160
[  271.742304]  ? __pollwait+0x255/0x430
[  271.742321]  ? snd_pcm_stream_unlock_irq+0xa8/0xd0
[  271.742340]  snd_pcm_oss_make_ready+0xe7/0x1b0
[  271.742359]  snd_pcm_oss_set_trigger.isra.0+0x30f/0x6e0
[  271.742376]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  271.804909]  snd_pcm_oss_poll+0x661/0xb10
[  271.809073]  ? poll_initwait+0x170/0x170
[  271.813150]  ? snd_pcm_oss_set_trigger.isra.0+0x6e0/0x6e0
[  271.818697]  ? check_preemption_disabled+0x41/0x280
[  271.823733]  ? snd_pcm_oss_set_trigger.isra.0+0x6e0/0x6e0
[  271.829287]  do_select+0x8e1/0x1610
[  271.832977]  ? select_estimate_accuracy+0x320/0x320
[  271.838005]  ? __lock_acquire+0x6de/0x3ff0
[  271.842272]  ? poll_initwait+0x170/0x170
[  271.847041]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  271.852854]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  271.858667]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  271.864478]  ? __lock_acquire+0x6de/0x3ff0
[  271.868735]  ? mark_held_locks+0xf0/0xf0
[  271.872803]  ? __lock_acquire+0x6de/0x3ff0
[  271.877052]  ? mark_held_locks+0xf0/0xf0
[  271.881158]  ? _parse_integer+0x132/0x180
[  271.885316]  ? __might_fault+0x11f/0x1d0
[  271.889391]  ? lock_downgrade+0x720/0x720
[  271.893547]  ? lock_acquire+0x170/0x3c0
[  271.896076] erofs: read_super, device -> /dev/loop2
[  271.897531]  ? __might_fault+0xef/0x1d0
[  271.906511]  ? __might_fault+0x192/0x1d0
[  271.906813] erofs: options -> 
[  271.910594]  core_sys_select+0x3ac/0x7e0
[  271.910614]  ? __se_compat_sys_pselect6+0x4a0/0x4a0
[  271.910633]  ? __might_fault+0x11f/0x1d0
[  271.910651]  ? poll_select_set_timeout+0xd4/0x130
[  271.910670]  ? poll_select_set_timeout+0xd4/0x130
[  271.919172] erofs: root inode @ nid 36
[  271.922904]  ? timespec64_add_safe+0x189/0x210
[  271.922920]  ? nsec_to_clock_t+0x30/0x30
[  271.922938]  ? ktime_get_ts64+0x2c3/0x3e0
[  271.922961]  __se_sys_pselect6+0x419/0x480
[  271.922979]  ? kern_select+0x1c0/0x1c0
[  271.923001]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  271.923016]  ? trace_hardirqs_off_caller+0x6e/0x210
[  271.923031]  ? do_syscall_64+0x21/0x620
[  271.923050]  do_syscall_64+0xf9/0x620
[  271.932297] erofs: mounted on /dev/loop2 with opts: .
[  271.936793]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  271.936805] RIP: 0033:0x45e159
[  271.936820] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  271.936828] RSP: 002b:00007efd542bbc68 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
21:35:25 executing program 1 (fault-call:3 fault-nth:12):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  271.936847] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000000045e159
[  272.028166] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000040
[  272.035441] RBP: 00007efd542bbca0 R08: 0000000020000200 R09: 0000000000000000
[  272.042694] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000000
[  272.049952] R13: 00007ffd61510e7f R14: 00007efd542bc9c0 R15: 000000000119bf8c
21:35:25 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:25 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x23, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  272.093191] erofs: unmounted for /dev/loop1
[  272.109291] erofs: unmounted for /dev/loop4
[  272.123155] erofs: unmounted for /dev/loop2
[  272.228867] FAULT_INJECTION: forcing a failure.
[  272.228867] name failslab, interval 1, probability 0, space 0, times 0
[  272.242344] CPU: 0 PID: 15289 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  272.250238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  272.259588] Call Trace:
[  272.262191]  dump_stack+0x1fc/0x2fe
[  272.265830]  should_fail.cold+0xa/0x14
[  272.269716]  ? setup_fault_attr+0x200/0x200
[  272.274042]  ? lock_acquire+0x170/0x3c0
[  272.278009]  __should_failslab+0x115/0x180
[  272.282242]  should_failslab+0x5/0xf
[  272.285955]  kmem_cache_alloc+0x277/0x370
[  272.290124]  __kernfs_new_node+0xd2/0x680
[  272.294298]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  272.299039]  ? kernfs_activate+0x2c/0x1d0
[  272.303182]  ? lock_downgrade+0x720/0x720
[  272.307346]  ? kernfs_add_one+0x51/0x4c0
[  272.311416]  ? __mutex_add_waiter+0x160/0x160
[  272.315910]  ? __mutex_unlock_slowpath+0xea/0x610
[  272.320753]  kernfs_new_node+0x92/0x120
[  272.324728]  __kernfs_create_file+0x51/0x33f
[  272.329146]  sysfs_add_file_mode_ns+0x226/0x540
[  272.333811]  internal_create_group+0x355/0xb20
[  272.338395]  ? sysfs_remove_link_from_group+0x70/0x70
[  272.343578]  ? lock_downgrade+0x720/0x720
[  272.347746]  lo_ioctl+0xf7c/0x20e0
[  272.351417]  ? loop_set_status64+0x110/0x110
[  272.355819]  blkdev_ioctl+0x5cb/0x1a7e
[  272.359749]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  272.365111]  ? blkpg_ioctl+0x9d0/0x9d0
[  272.368995]  ? mark_held_locks+0xf0/0xf0
[  272.373059]  ? mark_held_locks+0xf0/0xf0
[  272.377108]  ? debug_check_no_obj_freed+0x201/0x482
[  272.382131]  ? lock_downgrade+0x720/0x720
[  272.386284]  block_ioctl+0xe9/0x130
[  272.389911]  ? blkdev_fallocate+0x3f0/0x3f0
[  272.394229]  do_vfs_ioctl+0xcdb/0x12e0
[  272.398132]  ? lock_downgrade+0x720/0x720
[  272.402272]  ? check_preemption_disabled+0x41/0x280
[  272.407289]  ? ioctl_preallocate+0x200/0x200
[  272.411687]  ? __fget+0x356/0x510
[  272.415144]  ? do_dup2+0x450/0x450
[  272.418669]  ? do_sys_open+0x2bf/0x520
[  272.422569]  ksys_ioctl+0x9b/0xc0
[  272.426057]  __x64_sys_ioctl+0x6f/0xb0
[  272.429942]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  272.434519]  do_syscall_64+0xf9/0x620
[  272.438328]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  272.443509] RIP: 0033:0x45dfc7
[  272.446726] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  272.465633] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  272.473459] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  272.480741] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  272.488009] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  272.495363] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  272.502638] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:25 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:25 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), 0x0, 0x0)

[  272.556693] erofs: read_super, device -> /dev/loop2
[  272.561753] erofs: options -> 
[  272.574943] erofs: read_super, device -> /dev/loop4
[  272.580163] erofs: read_super, device -> /dev/loop1
[  272.582661] erofs: options -> 
[  272.585837] erofs: options -> 
21:35:25 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  272.605257] erofs: root inode @ nid 36
[  272.609242] erofs: mounted on /dev/loop1 with opts: .
[  272.610438] erofs: root inode @ nid 36
[  272.642846] erofs: root inode @ nid 36
21:35:26 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
r1 = socket(0x15, 0x80005, 0x0)
r2 = timerfd_create(0x0, 0x0)
setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000040)={0x91f3}, 0x4)
r3 = socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
r4 = fcntl$dupfd(r3, 0x0, r2)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, &(0x7f0000001540)={0x0, 0x6}, &(0x7f0000001580)=0x8)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x1)
setsockopt$inet6_mreq(r5, 0x29, 0x1b, &(0x7f0000000100)={@dev={0xfe, 0x80, [], 0x41}}, 0x14)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r6=>0x0})
chroot(&(0x7f0000000000)='./file0\x00')
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0)

[  272.661221] erofs: mounted on /dev/loop4 with opts: .
[  272.667195] erofs: mounted on /dev/loop2 with opts: .
21:35:26 executing program 1 (fault-call:3 fault-nth:13):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  272.748008] erofs: unmounted for /dev/loop1
21:35:26 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x60, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:26 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x500, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  272.771570] audit: type=1326 audit(1607808926.095:11): auid=0 uid=0 gid=0 ses=4 subj==unconfined pid=15315 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x460fba code=0x0
[  272.793661] erofs: unmounted for /dev/loop2
[  272.801501] erofs: unmounted for /dev/loop4
21:35:26 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  272.904502] FAULT_INJECTION: forcing a failure.
[  272.904502] name failslab, interval 1, probability 0, space 0, times 0
[  272.916091] CPU: 1 PID: 15324 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  272.923985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  272.933342] Call Trace:
[  272.935942]  dump_stack+0x1fc/0x2fe
[  272.939569]  should_fail.cold+0xa/0x14
[  272.943450]  ? setup_fault_attr+0x200/0x200
[  272.947794]  ? lock_acquire+0x170/0x3c0
[  272.951811]  __should_failslab+0x115/0x180
[  272.956072]  should_failslab+0x5/0xf
[  272.959789]  kmem_cache_alloc+0x277/0x370
[  272.963966]  __kernfs_new_node+0xd2/0x680
[  272.968122]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  272.972893]  ? kernfs_activate+0x2c/0x1d0
[  272.977040]  ? lock_downgrade+0x720/0x720
[  272.981192]  ? kernfs_add_one+0x51/0x4c0
[  272.985260]  ? __mutex_add_waiter+0x160/0x160
[  272.989761]  ? __mutex_unlock_slowpath+0xea/0x610
[  272.994610]  kernfs_new_node+0x92/0x120
[  272.998579]  __kernfs_create_file+0x51/0x33f
[  273.002975]  sysfs_add_file_mode_ns+0x226/0x540
[  273.007635]  internal_create_group+0x355/0xb20
[  273.012222]  ? sysfs_remove_link_from_group+0x70/0x70
[  273.017439]  ? lock_downgrade+0x720/0x720
[  273.021597]  lo_ioctl+0xf7c/0x20e0
[  273.025174]  ? loop_set_status64+0x110/0x110
[  273.029606]  blkdev_ioctl+0x5cb/0x1a7e
[  273.033485]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  273.038840]  ? blkpg_ioctl+0x9d0/0x9d0
[  273.042713]  ? mark_held_locks+0xf0/0xf0
[  273.046759]  ? mark_held_locks+0xf0/0xf0
[  273.050824]  ? debug_check_no_obj_freed+0x201/0x482
[  273.055854]  ? lock_downgrade+0x720/0x720
[  273.059988]  block_ioctl+0xe9/0x130
[  273.063599]  ? blkdev_fallocate+0x3f0/0x3f0
[  273.067904]  do_vfs_ioctl+0xcdb/0x12e0
[  273.071789]  ? lock_downgrade+0x720/0x720
[  273.075931]  ? check_preemption_disabled+0x41/0x280
[  273.080934]  ? ioctl_preallocate+0x200/0x200
[  273.085335]  ? __fget+0x356/0x510
[  273.088775]  ? do_dup2+0x450/0x450
[  273.092300]  ? do_sys_open+0x2bf/0x520
[  273.096189]  ksys_ioctl+0x9b/0xc0
[  273.099753]  __x64_sys_ioctl+0x6f/0xb0
[  273.103627]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  273.108210]  do_syscall_64+0xf9/0x620
[  273.112018]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  273.117206] RIP: 0033:0x45dfc7
[  273.120404] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  273.139313] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  273.147016] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  273.154294] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  273.161572] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  273.168835] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  273.176103] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  273.196136] erofs: read_super, device -> /dev/loop1
21:35:26 executing program 1 (fault-call:3 fault-nth:14):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  273.197748] erofs: read_super, device -> /dev/loop2
[  273.201320] erofs: options -> 
[  273.210312] erofs: root inode @ nid 36
[  273.214992] erofs: mounted on /dev/loop1 with opts: .
[  273.240204] erofs: read_super, device -> /dev/loop4
[  273.249700] erofs: unmounted for /dev/loop1
[  273.249988] erofs: options -> 
[  273.273797] erofs: options -> 
[  273.277377] erofs: root inode @ nid 36
[  273.281313] erofs: root inode @ nid 36
[  273.302962] erofs: mounted on /dev/loop4 with opts: .
[  273.319408] erofs: mounted on /dev/loop2 with opts: .
21:35:26 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x600, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:26 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x104, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  273.382679] erofs: unmounted for /dev/loop4
[  273.393143] FAULT_INJECTION: forcing a failure.
[  273.393143] name failslab, interval 1, probability 0, space 0, times 0
[  273.406999] erofs: unmounted for /dev/loop2
[  273.413680] CPU: 1 PID: 15345 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  273.421559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  273.430921] Call Trace:
[  273.433515]  dump_stack+0x1fc/0x2fe
[  273.437134]  should_fail.cold+0xa/0x14
[  273.441025]  ? setup_fault_attr+0x200/0x200
[  273.445345]  ? lock_acquire+0x170/0x3c0
[  273.449499]  __should_failslab+0x115/0x180
[  273.453720]  should_failslab+0x5/0xf
[  273.457416]  kmem_cache_alloc+0x277/0x370
[  273.461588]  __kernfs_new_node+0xd2/0x680
[  273.465844]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  273.470632]  ? __mutex_unlock_slowpath+0xea/0x610
[  273.475482]  ? wait_for_completion_io+0x10/0x10
[  273.480143]  ? kernfs_next_descendant_post+0x19c/0x290
[  273.485420]  kernfs_new_node+0x92/0x120
[  273.489402]  __kernfs_create_file+0x51/0x33f
[  273.493806]  sysfs_add_file_mode_ns+0x226/0x540
[  273.498587]  internal_create_group+0x355/0xb20
[  273.503167]  ? sysfs_remove_link_from_group+0x70/0x70
[  273.508345]  ? lock_downgrade+0x720/0x720
[  273.512496]  lo_ioctl+0xf7c/0x20e0
[  273.516114]  ? loop_set_status64+0x110/0x110
[  273.520526]  blkdev_ioctl+0x5cb/0x1a7e
[  273.524409]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  273.529773]  ? blkpg_ioctl+0x9d0/0x9d0
[  273.533954]  ? mark_held_locks+0xf0/0xf0
[  273.538000]  ? mark_held_locks+0xf0/0xf0
[  273.542238]  ? debug_check_no_obj_freed+0x201/0x482
[  273.547251]  ? lock_downgrade+0x720/0x720
[  273.551408]  block_ioctl+0xe9/0x130
[  273.555035]  ? blkdev_fallocate+0x3f0/0x3f0
[  273.555838] audit: type=1326 audit(1607808926.745:12): auid=0 uid=0 gid=0 ses=4 subj==unconfined pid=15315 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x460fba code=0x0
[  273.559364]  do_vfs_ioctl+0xcdb/0x12e0
[  273.559381]  ? lock_downgrade+0x720/0x720
[  273.559399]  ? check_preemption_disabled+0x41/0x280
[  273.592127]  ? ioctl_preallocate+0x200/0x200
[  273.596553]  ? __fget+0x356/0x510
[  273.600628]  ? do_dup2+0x450/0x450
[  273.604175]  ? do_sys_open+0x2bf/0x520
[  273.608077]  ksys_ioctl+0x9b/0xc0
[  273.611516]  __x64_sys_ioctl+0x6f/0xb0
[  273.615392]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  273.619960]  do_syscall_64+0xf9/0x620
[  273.623763]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  273.628953] RIP: 0033:0x45dfc7
[  273.632145] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  273.651041] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  273.658797] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  273.666058] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  273.673331] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
21:35:27 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), 0x0, 0x0)

[  273.680589] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  273.687845] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:27 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
r1 = socket(0x15, 0x80005, 0x0)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000040)=@int=0xaa, 0x4)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x21000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xfffffffffffffffc}, 0x0, 0x80, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="200027bd7000ffdbdf250a00000008002b003f0000001e0037000100000005002a000000000008003c0005000000bdd0fe3a91c1377fa052c5755624948839e303df08d0a7c1666945b279694b571f9201cb50"], 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0x5840)

[  273.729536] erofs: read_super, device -> /dev/loop1
[  273.741581] erofs: options -> 
[  273.750741] erofs: root inode @ nid 36
[  273.757986] erofs: mounted on /dev/loop1 with opts: .
21:35:27 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000000)=0x2, 0x4)

21:35:27 executing program 1 (fault-call:3 fault-nth:15):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  273.840683] erofs: unmounted for /dev/loop1
[  273.850120] erofs: read_super, device -> /dev/loop4
[  273.855916] erofs: read_super, device -> /dev/loop2
[  273.861076] erofs: options -> 
[  273.866073] erofs: options -> 
[  273.872958] erofs: root inode @ nid 36
[  273.877456] erofs: root inode @ nid 36
[  273.881723] erofs: mounted on /dev/loop2 with opts: .
[  273.887654] erofs: mounted on /dev/loop4 with opts: .
21:35:27 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:27 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x700, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  273.960400] erofs: unmounted for /dev/loop2
[  273.981136] erofs: unmounted for /dev/loop4
[  274.008873] FAULT_INJECTION: forcing a failure.
[  274.008873] name failslab, interval 1, probability 0, space 0, times 0
[  274.022574] CPU: 0 PID: 15379 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  274.030476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  274.039834] Call Trace:
[  274.042422]  dump_stack+0x1fc/0x2fe
[  274.046076]  should_fail.cold+0xa/0x14
[  274.049981]  ? setup_fault_attr+0x200/0x200
[  274.054323]  ? lock_acquire+0x170/0x3c0
[  274.058316]  __should_failslab+0x115/0x180
[  274.062556]  should_failslab+0x5/0xf
[  274.066308]  kmem_cache_alloc+0x277/0x370
[  274.070543]  __kernfs_new_node+0xd2/0x680
[  274.074699]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  274.079444]  ? __mutex_unlock_slowpath+0xea/0x610
[  274.084287]  ? wait_for_completion_io+0x10/0x10
[  274.088959]  ? kernfs_next_descendant_post+0x19c/0x290
[  274.094241]  kernfs_new_node+0x92/0x120
[  274.098216]  __kernfs_create_file+0x51/0x33f
[  274.102625]  sysfs_add_file_mode_ns+0x226/0x540
[  274.107316]  internal_create_group+0x355/0xb20
[  274.111910]  ? sysfs_remove_link_from_group+0x70/0x70
[  274.111923]  ? lock_downgrade+0x720/0x720
[  274.111947]  lo_ioctl+0xf7c/0x20e0
[  274.111967]  ? loop_set_status64+0x110/0x110
[  274.111985]  blkdev_ioctl+0x5cb/0x1a7e
[  274.111999]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  274.112013]  ? blkpg_ioctl+0x9d0/0x9d0
[  274.112026]  ? mark_held_locks+0xf0/0xf0
[  274.112052]  ? mark_held_locks+0xf0/0xf0
[  274.150641]  ? debug_check_no_obj_freed+0x201/0x482
[  274.155658]  ? lock_downgrade+0x720/0x720
[  274.159804]  block_ioctl+0xe9/0x130
[  274.163429]  ? blkdev_fallocate+0x3f0/0x3f0
[  274.167858]  do_vfs_ioctl+0xcdb/0x12e0
[  274.171738]  ? lock_downgrade+0x720/0x720
[  274.175881]  ? check_preemption_disabled+0x41/0x280
[  274.181515]  ? ioctl_preallocate+0x200/0x200
[  274.186144]  ? __fget+0x356/0x510
[  274.189607]  ? do_dup2+0x450/0x450
[  274.193151]  ? do_sys_open+0x2bf/0x520
[  274.197042]  ksys_ioctl+0x9b/0xc0
[  274.200488]  __x64_sys_ioctl+0x6f/0xb0
[  274.204373]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  274.208954]  do_syscall_64+0xf9/0x620
[  274.212765]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  274.217968] RIP: 0033:0x45dfc7
[  274.221244] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  274.241028] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  274.248731] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  274.255995] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  274.263257] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  274.270632] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  274.277887] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:27 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  274.343609] erofs: read_super, device -> /dev/loop1
[  274.346109] erofs: read_super, device -> /dev/loop2
[  274.349411] erofs: options -> 
[  274.387217] erofs: options -> 
[  274.395490] erofs: root inode @ nid 36
[  274.405336] erofs: root inode @ nid 36
[  274.415960] erofs: mounted on /dev/loop1 with opts: .
[  274.425894] erofs: mounted on /dev/loop2 with opts: .
21:35:27 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3f7, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:27 executing program 1 (fault-call:3 fault-nth:16):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  274.495890] erofs: read_super, device -> /dev/loop4
[  274.502913] erofs: unmounted for /dev/loop2
21:35:27 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00')
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_BEARER_ENABLE(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="6ffe000000000000000003000000580001800d0001007564703a73797a310000000044000400200001"], 0x6c}}, 0x0)
sendmsg$TIPC_NL_BEARER_ADD(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000040)={&(0x7f0000000340)={0x154, r3, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x64, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @multicast1}}, {0x14, 0x2, @in={0x2, 0x4e21, @loopback}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe9a4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xeac1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10000001}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5b}]}, @TIPC_NLA_NET={0x40, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x401}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xc3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x17a0}]}, @TIPC_NLA_SOCK={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x401}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfff}]}, @TIPC_NLA_LINK={0x28, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffffffc}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3ff}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}]}]}, 0x154}}, 0x20000894)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r5=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0)

[  274.536078] erofs: unmounted for /dev/loop1
[  274.556073] erofs: options -> 
21:35:27 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140), 0x0, 0x0)

[  274.587260] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  274.595971] erofs: root inode @ nid 36
[  274.626206] erofs: mounted on /dev/loop4 with opts: .
[  274.627314] Invalid UDP bearer configuration
[  274.627345] Enabling of bearer <udp:syz1> rejected, failed to enable media
21:35:28 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x2000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:28 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$SOUND_PCM_READ_BITS(r0, 0x80045005, &(0x7f0000000040))
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000000)={0x1, [0x6]})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  274.692286] FAULT_INJECTION: forcing a failure.
[  274.692286] name failslab, interval 1, probability 0, space 0, times 0
[  274.721695] erofs: unmounted for /dev/loop4
[  274.735353] CPU: 1 PID: 15413 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  274.743279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  274.752618] Call Trace:
[  274.755223]  dump_stack+0x1fc/0x2fe
[  274.758841]  should_fail.cold+0xa/0x14
[  274.762750]  ? setup_fault_attr+0x200/0x200
[  274.767067]  ? lock_acquire+0x170/0x3c0
[  274.771045]  __should_failslab+0x115/0x180
[  274.775293]  should_failslab+0x5/0xf
[  274.778997]  kmem_cache_alloc+0x277/0x370
[  274.783145]  __kernfs_new_node+0xd2/0x680
[  274.787294]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  274.792036]  ? __mutex_unlock_slowpath+0xea/0x610
[  274.796877]  ? wait_for_completion_io+0x10/0x10
[  274.801557]  ? kernfs_next_descendant_post+0x19c/0x290
[  274.806836]  kernfs_new_node+0x92/0x120
[  274.810807]  __kernfs_create_file+0x51/0x33f
[  274.815226]  sysfs_add_file_mode_ns+0x226/0x540
[  274.819909]  internal_create_group+0x355/0xb20
[  274.824490]  ? sysfs_remove_link_from_group+0x70/0x70
[  274.829665]  ? lock_downgrade+0x720/0x720
[  274.833815]  lo_ioctl+0xf7c/0x20e0
[  274.837358]  ? loop_set_status64+0x110/0x110
[  274.841766]  blkdev_ioctl+0x5cb/0x1a7e
[  274.845673]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  274.851022]  ? blkpg_ioctl+0x9d0/0x9d0
[  274.854910]  ? mark_held_locks+0xf0/0xf0
[  274.858980]  ? mark_held_locks+0xf0/0xf0
[  274.863041]  ? debug_check_no_obj_freed+0x201/0x482
[  274.868043]  ? lock_downgrade+0x720/0x720
[  274.872176]  block_ioctl+0xe9/0x130
[  274.875789]  ? blkdev_fallocate+0x3f0/0x3f0
[  274.880096]  do_vfs_ioctl+0xcdb/0x12e0
[  274.883968]  ? lock_downgrade+0x720/0x720
[  274.888100]  ? check_preemption_disabled+0x41/0x280
[  274.894326]  ? ioctl_preallocate+0x200/0x200
[  274.898746]  ? __fget+0x356/0x510
[  274.902212]  ? do_dup2+0x450/0x450
[  274.905756]  ? do_sys_open+0x2bf/0x520
[  274.909649]  ksys_ioctl+0x9b/0xc0
[  274.913143]  __x64_sys_ioctl+0x6f/0xb0
[  274.917039]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  274.921659]  do_syscall_64+0xf9/0x620
[  274.925474]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  274.930659] RIP: 0033:0x45dfc7
[  274.934291] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  274.953286] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  274.961009] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  274.968276] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  274.975538] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  274.982803] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  274.990085] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  275.052899] erofs: read_super, device -> /dev/loop1
[  275.058104] erofs: options -> 
[  275.060473] erofs: read_super, device -> /dev/loop2
[  275.069301] erofs: options -> 
[  275.077487] erofs: root inode @ nid 36
[  275.083683] erofs: mounted on /dev/loop2 with opts: .
[  275.097106] erofs: root inode @ nid 36
21:35:28 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3f8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:28 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  275.122298] erofs: mounted on /dev/loop1 with opts: .
[  275.134253] erofs: read_super, device -> /dev/loop4
[  275.136014] erofs: unmounted for /dev/loop2
[  275.139903] erofs: options -> 
[  275.150514] erofs: root inode @ nid 36
[  275.156170] erofs: mounted on /dev/loop4 with opts: .
[  275.185758] erofs: unmounted for /dev/loop4
21:35:28 executing program 1 (fault-call:3 fault-nth:17):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:28 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)

[  275.237175] erofs: unmounted for /dev/loop1
[  275.295582] erofs: read_super, device -> /dev/loop2
[  275.301149] erofs: options -> 
[  275.306804] erofs: root inode @ nid 36
[  275.313948] erofs: read_super, device -> /dev/loop4
[  275.318983] erofs: options -> 
[  275.327608] FAULT_INJECTION: forcing a failure.
[  275.327608] name failslab, interval 1, probability 0, space 0, times 0
[  275.340429] erofs: mounted on /dev/loop2 with opts: .
[  275.347734] erofs: root inode @ nid 36
[  275.354096] CPU: 0 PID: 15445 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  275.362099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  275.371537] Call Trace:
[  275.374140]  dump_stack+0x1fc/0x2fe
[  275.377782]  should_fail.cold+0xa/0x14
[  275.381673]  ? setup_fault_attr+0x200/0x200
[  275.385311] erofs: mounted on /dev/loop4 with opts: .
[  275.386009]  ? lock_acquire+0x170/0x3c0
[  275.395183]  __should_failslab+0x115/0x180
[  275.399424]  should_failslab+0x5/0xf
[  275.403142]  kmem_cache_alloc+0x277/0x370
[  275.407304]  __kernfs_new_node+0xd2/0x680
[  275.411448]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[  275.416207]  ? __mutex_unlock_slowpath+0xea/0x610
[  275.421181]  ? wait_for_completion_io+0x10/0x10
[  275.425847]  ? kernfs_next_descendant_post+0x19c/0x290
[  275.431135]  kernfs_new_node+0x92/0x120
[  275.435146]  __kernfs_create_file+0x51/0x33f
[  275.443497]  sysfs_add_file_mode_ns+0x226/0x540
[  275.448245]  internal_create_group+0x355/0xb20
[  275.452847]  ? sysfs_remove_link_from_group+0x70/0x70
[  275.458099]  ? lock_downgrade+0x720/0x720
[  275.462259]  lo_ioctl+0xf7c/0x20e0
[  275.465812]  ? loop_set_status64+0x110/0x110
[  275.470226]  blkdev_ioctl+0x5cb/0x1a7e
[  275.474120]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  275.479488]  ? blkpg_ioctl+0x9d0/0x9d0
[  275.483382]  ? mark_held_locks+0xf0/0xf0
[  275.487466]  ? mark_held_locks+0xf0/0xf0
[  275.491537]  ? debug_check_no_obj_freed+0x201/0x482
[  275.496568]  ? lock_downgrade+0x720/0x720
[  275.500718]  block_ioctl+0xe9/0x130
[  275.504370]  ? blkdev_fallocate+0x3f0/0x3f0
[  275.508695]  do_vfs_ioctl+0xcdb/0x12e0
[  275.512587]  ? lock_downgrade+0x720/0x720
[  275.516742]  ? check_preemption_disabled+0x41/0x280
[  275.521759]  ? ioctl_preallocate+0x200/0x200
[  275.526172]  ? __fget+0x356/0x510
[  275.529629]  ? do_dup2+0x450/0x450
[  275.533168]  ? do_sys_open+0x2bf/0x520
[  275.537065]  ksys_ioctl+0x9b/0xc0
[  275.540521]  __x64_sys_ioctl+0x6f/0xb0
[  275.544415]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  275.549001]  do_syscall_64+0xf9/0x620
[  275.552808]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  275.557996] RIP: 0033:0x45dfc7
[  275.561191] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  275.580096] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  275.587811] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  275.595107] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  275.602466] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  275.609740] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  275.617011] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:29 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x6000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  275.661688] erofs: read_super, device -> /dev/loop1
[  275.680467] erofs: options -> 
[  275.689584] erofs: root inode @ nid 36
[  275.698715] erofs: mounted on /dev/loop1 with opts: .
21:35:29 executing program 1 (fault-call:3 fault-nth:18):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:29 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3f9, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:29 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
syz_mount_image$vxfs(&(0x7f0000000000)='vxfs\x00', &(0x7f0000000040)='./file0\x00', 0x7, 0xa, &(0x7f0000000740)=[{&(0x7f0000000100)="75f505d367174f402e276bd5b15e22b6ed1770799d5b162f826fdee7335518861481921cf3dac7f6278c7f64eb12efc911fa41254c74917d18", 0x39, 0x4}, {&(0x7f0000000240)="4f523f2a09281c5eb07b7e98feff804285e12104959942a848d1f706e061bbb5b7650d17d294e61f1e69feae62bcb1863fe6f4d640689788fe1474482f442b502088293c824d74b373947ba8eae3eed06b048106f1fdaf2dc8cb07", 0x5b, 0x7fffffff}, {&(0x7f0000000340)="9151f5bf22becfe9077afb08ba0d0ddd3de99007151dd59fef23f912145b24a8d4d2eb484772c06c0b0ed752b930edee1d10e838889bd9cdf9a12495373845086ae10613072e", 0x46, 0x1}, {&(0x7f00000003c0)="f48dfd1f346b2d33ff359b2d29373361ba7278defeb0c073bdee13f445fc6a6e1d77c5a2e285bcd933d4c794da6c64bd883bdd7b47ae5e7be30d876348d7dc0964e1f178007a28b06b2c93619cc698d82a17ee0aa93f64b419430487fc81c214416388231ecb7255395b7ee3249fb08ad2c03ecadea3f7644ed4c9fbce7132762755b3755b5359b84599e98d9505f4b471766a1d781805fadd1909afae275e17e9ca4822b93b6f2d6ca97ccdc61495d80ce23241a3d50a84f3d31f05e0", 0xbd, 0x6}, {&(0x7f00000001c0)="0e40afc50a9a9d669793aa6cbc48", 0xe, 0xfffffffffffffff9}, {&(0x7f0000000480)="c02bcab1ffade237e1e74820bffc152a110a3f34941579eecf50017dc9b504a8a4aa69b31679d010144604e22aa945bb221ab6786c235304e71ca1c1fd726534d23a2117769759833dba76b703584017fd8d9922c647f5c3a330129703b1aa983eac14b4f828fc0df655e7088a70", 0x6e, 0x2}, {&(0x7f0000000500)="587f71f26145b2", 0x7, 0x7}, {&(0x7f0000000540)="cdd55a638d341e8206cd952831933efcf187957c58b3c95145364807977d34d13b102a272dd66d4c4e81df98a4ec50104f044e69021daa9ce8d2bda35788b29f8f471901e508e8357b42978bed8565fe0167882111e6a6d335ba072c6c2abe52a7369a6ea524db8974cc1064558ed4bc46f78bcd8f6a822c783f5e27c64b23a57d8880ac25e0f1a80102ffe4ff9a114c53db3c", 0x93, 0x200}, {&(0x7f0000000600)="f819e27643b69a06779efc19cd84bd274eff5ee32f2f5c0b2106d369c2b113b1bfb72bd4c38649613d94ee31bf979d61892de54e7c3b1f6c2b6f8602e9776f634fee4f47ca0fb46506abdbb9ae71d1aa4bbcd4e44dfa0093de13095c16ce2c4e97aef6211e37fbe57c9027cd73e675f7203feb0bc72e90ccdc6b32cf427a8b843b26d93a675fa40c41fa954e0e1f691dce2c58a135f9996505a91e1babca64ec20083528ed5968305a7a1d25c5983dea37b9257937677230eff0b1279a305cda907481e6c115a8eca9350471458af362aa504f5e0331085aac6f027e80d91be52e515d46efbc1e", 0xe7, 0x6}, {&(0x7f0000000700)="85f71054e0299931f9f71743590aaefbe019eeaf4938aa6ac406785265d0ca0b081263c6e0f60c1cc27c38b841d12351", 0x30, 0x4}], 0x20, &(0x7f0000000840)={[{'/dev/audio\x00'}, {}, {'/dev/audio\x00'}], [{@appraise_type='appraise_type=imasig'}, {@fowner_eq={'fowner'}}, {@uid_gt={'uid>', 0xee00}}, {@subj_user={'subj_user', 0x3d, '/dev/audio\x00'}}]})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  275.721596] erofs: unmounted for /dev/loop4
[  275.730441] erofs: unmounted for /dev/loop1
[  275.742361] erofs: unmounted for /dev/loop2
21:35:29 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000000)=0x2, 0x4)

[  275.906770] erofs: read_super, device -> /dev/loop4
[  275.914957] erofs: read_super, device -> /dev/loop2
[  275.922950] erofs: options -> 
[  275.925823] erofs: options -> 
[  275.929299] erofs: root inode @ nid 36
[  275.933995] erofs: root inode @ nid 36
[  275.943954] erofs: mounted on /dev/loop2 with opts: .
[  275.950048] erofs: mounted on /dev/loop4 with opts: .
21:35:29 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xedc0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:29 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3fa, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  276.012298] FAULT_INJECTION: forcing a failure.
[  276.012298] name failslab, interval 1, probability 0, space 0, times 0
[  276.026431] erofs: unmounted for /dev/loop4
[  276.038348] erofs: unmounted for /dev/loop2
[  276.044221] CPU: 1 PID: 15484 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  276.052104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  276.061455] Call Trace:
[  276.064101]  dump_stack+0x1fc/0x2fe
[  276.067736]  should_fail.cold+0xa/0x14
[  276.071608]  ? setup_fault_attr+0x200/0x200
[  276.075913]  ? lock_acquire+0x170/0x3c0
[  276.079881]  __should_failslab+0x115/0x180
[  276.084105]  should_failslab+0x5/0xf
[  276.087810]  __kmalloc+0x2ab/0x3c0
[  276.091346]  ? kobject_get_path+0xbf/0x240
[  276.095597]  kobject_get_path+0xbf/0x240
[  276.099668]  kobject_uevent_env+0x25c/0x14a0
[  276.104090]  lo_ioctl+0xff9/0x20e0
[  276.107644]  ? loop_set_status64+0x110/0x110
21:35:29 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

[  276.112053]  blkdev_ioctl+0x5cb/0x1a7e
[  276.115926]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  276.121287]  ? blkpg_ioctl+0x9d0/0x9d0
[  276.125176]  ? mark_held_locks+0xf0/0xf0
[  276.129237]  ? mark_held_locks+0xf0/0xf0
[  276.133300]  ? debug_check_no_obj_freed+0x201/0x482
[  276.146992]  ? lock_downgrade+0x720/0x720
[  276.151138]  block_ioctl+0xe9/0x130
[  276.154774]  ? blkdev_fallocate+0x3f0/0x3f0
[  276.159106]  do_vfs_ioctl+0xcdb/0x12e0
[  276.162993]  ? lock_downgrade+0x720/0x720
[  276.167126]  ? check_preemption_disabled+0x41/0x280
[  276.173515]  ? ioctl_preallocate+0x200/0x200
[  276.177908]  ? __fget+0x356/0x510
[  276.181352]  ? do_dup2+0x450/0x450
[  276.184880]  ? do_sys_open+0x2bf/0x520
[  276.188763]  ksys_ioctl+0x9b/0xc0
[  276.192207]  __x64_sys_ioctl+0x6f/0xb0
[  276.196096]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  276.200674]  do_syscall_64+0xf9/0x620
[  276.204488]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  276.209668] RIP: 0033:0x45dfc7
[  276.212872] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  276.231758] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  276.239455] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  276.246728] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  276.254007] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  276.261273] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  276.268541] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:29 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
r1 = socket(0x15, 0x80005, 0x0)
timerfd_create(0x8, 0x80800)
socket$inet(0x2, 0x80001, 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nvram\x00', 0x26583, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, &(0x7f0000000400)={0x4d, 0xc, [0x7a06, 0x9, 0x4]})
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
getsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000000)=0x2, &(0x7f0000000040)=0x4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
clock_gettime(0x0, &(0x7f00000001c0)={<r3=>0x0, <r4=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0xfffffffffffffffe}, &(0x7f0000000200)={r3, r4+60000000}, 0x0)
r5 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0xff, 0x143600)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r5, 0xc08c5335, &(0x7f0000000340)={0x8000, 0x8001, 0x1, 'queue1\x00', 0x82000000})
write$cgroup_freezer_state(r5, &(0x7f0000000240)='FREEZING\x00', 0x9)

21:35:29 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000000)=0x2, 0x4)

[  276.366205] erofs: read_super, device -> /dev/loop1
[  276.371282] erofs: options -> 
[  276.376114] erofs: root inode @ nid 36
[  276.380194] erofs: mounted on /dev/loop1 with opts: .
[  276.385845] erofs: read_super, device -> /dev/loop4
[  276.390870] erofs: options -> 
[  276.408388] erofs: root inode @ nid 36
[  276.427963] erofs: mounted on /dev/loop4 with opts: .
21:35:29 executing program 1 (fault-call:3 fault-nth:19):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:29 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  276.483541] erofs: unmounted for /dev/loop1
21:35:29 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

[  276.517946] erofs: unmounted for /dev/loop4
[  276.524139] erofs: read_super, device -> /dev/loop2
[  276.534271] erofs: options -> 
[  276.541533] erofs: root inode @ nid 36
[  276.545946] erofs: mounted on /dev/loop2 with opts: .
21:35:30 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3fb, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  276.634631] FAULT_INJECTION: forcing a failure.
[  276.634631] name failslab, interval 1, probability 0, space 0, times 0
[  276.658651] CPU: 1 PID: 15519 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  276.666564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  276.675921] Call Trace:
[  276.678522]  dump_stack+0x1fc/0x2fe
[  276.682164]  should_fail.cold+0xa/0x14
[  276.686043]  ? setup_fault_attr+0x200/0x200
[  276.690360]  ? lock_acquire+0x170/0x3c0
[  276.694323]  __should_failslab+0x115/0x180
[  276.698557]  should_failslab+0x5/0xf
[  276.702252]  __kmalloc+0x2ab/0x3c0
[  276.705775]  ? kobject_get_path+0xbf/0x240
[  276.710008]  kobject_get_path+0xbf/0x240
[  276.714055]  kobject_uevent_env+0x25c/0x14a0
[  276.718452]  lo_ioctl+0xff9/0x20e0
[  276.721993]  ? loop_set_status64+0x110/0x110
[  276.726390]  blkdev_ioctl+0x5cb/0x1a7e
[  276.730262]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  276.735627]  ? blkpg_ioctl+0x9d0/0x9d0
[  276.739521]  ? mark_held_locks+0xf0/0xf0
[  276.743574]  ? mark_held_locks+0xf0/0xf0
[  276.747671]  ? debug_check_no_obj_freed+0x201/0x482
[  276.752693]  ? lock_downgrade+0x720/0x720
[  276.756842]  block_ioctl+0xe9/0x130
[  276.760470]  ? blkdev_fallocate+0x3f0/0x3f0
[  276.764799]  do_vfs_ioctl+0xcdb/0x12e0
[  276.768685]  ? lock_downgrade+0x720/0x720
[  276.772834]  ? check_preemption_disabled+0x41/0x280
[  276.777846]  ? ioctl_preallocate+0x200/0x200
[  276.782259]  ? __fget+0x356/0x510
[  276.785708]  ? do_dup2+0x450/0x450
[  276.789410]  ? do_sys_open+0x2bf/0x520
[  276.793294]  ksys_ioctl+0x9b/0xc0
[  276.796739]  __x64_sys_ioctl+0x6f/0xb0
[  276.800612]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  276.805179]  do_syscall_64+0xf9/0x620
[  276.808990]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  276.814167] RIP: 0033:0x45dfc7
[  276.817359] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  276.836261] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  276.843956] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  276.852180] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  276.859439] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  276.866703] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  276.873973] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
21:35:30 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, 0x0}, 0x0)

[  276.882525] erofs: unmounted for /dev/loop2
[  276.912048] erofs: read_super, device -> /dev/loop1
[  276.919713] erofs: options -> 
[  276.926115] erofs: read_super, device -> /dev/loop4
[  276.931145] erofs: options -> 
[  276.931456] erofs: root inode @ nid 36
[  276.945342] erofs: root inode @ nid 36
[  276.948935] erofs: mounted on /dev/loop1 with opts: .
[  276.981405] erofs: mounted on /dev/loop4 with opts: .
21:35:30 executing program 5 (fault-call:8 fault-nth:0):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:30 executing program 1 (fault-call:3 fault-nth:20):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:30 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x1fffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  277.038404] erofs: unmounted for /dev/loop1
[  277.050914] FAULT_INJECTION: forcing a failure.
[  277.050914] name failslab, interval 1, probability 0, space 0, times 0
[  277.063765] erofs: unmounted for /dev/loop4
[  277.065353] CPU: 1 PID: 15536 Comm: syz-executor.5 Not tainted 4.19.163-syzkaller #0
[  277.076004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  277.085361] Call Trace:
[  277.087946]  dump_stack+0x1fc/0x2fe
[  277.091561]  should_fail.cold+0xa/0x14
[  277.095448]  ? setup_fault_attr+0x200/0x200
[  277.099774]  ? lock_acquire+0x170/0x3c0
[  277.103746]  __should_failslab+0x115/0x180
[  277.107967]  should_failslab+0x5/0xf
[  277.111662]  kmem_cache_alloc_trace+0x284/0x380
[  277.116317]  snd_pcm_oss_change_params_locked+0x1a2/0x3960
[  277.121941]  ? __mutex_lock+0x3a8/0x1260
[  277.125986]  ? lock_downgrade+0x720/0x720
[  277.130116]  ? lock_acquire+0x170/0x3c0
[  277.134076]  ? mark_held_locks+0xf0/0xf0
[  277.138125]  ? snd_pcm_plugin_append+0x190/0x190
[  277.142876]  ? snd_pcm_oss_make_ready+0xc7/0x1b0
[  277.147617]  ? __mutex_add_waiter+0x160/0x160
[  277.152119]  ? __pollwait+0x255/0x430
[  277.155920]  ? snd_pcm_stream_unlock_irq+0xa8/0xd0
[  277.160846]  snd_pcm_oss_make_ready+0xe7/0x1b0
[  277.165415]  snd_pcm_oss_set_trigger.isra.0+0x30f/0x6e0
[  277.170794]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  277.175376]  snd_pcm_oss_poll+0x661/0xb10
[  277.179533]  ? poll_initwait+0x170/0x170
[  277.183595]  ? snd_pcm_oss_set_trigger.isra.0+0x6e0/0x6e0
[  277.189133]  ? check_preemption_disabled+0x41/0x280
[  277.194141]  ? snd_pcm_oss_set_trigger.isra.0+0x6e0/0x6e0
[  277.199663]  do_select+0x8e1/0x1610
[  277.203286]  ? select_estimate_accuracy+0x320/0x320
[  277.208394]  ? __lock_acquire+0x6de/0x3ff0
[  277.212614]  ? poll_initwait+0x170/0x170
[  277.216662]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  277.222459]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  277.228274]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  277.234075]  ? __lock_acquire+0x6de/0x3ff0
[  277.238344]  ? mark_held_locks+0xf0/0xf0
[  277.242413]  ? __lock_acquire+0x6de/0x3ff0
[  277.246647]  ? mark_held_locks+0xf0/0xf0
[  277.250717]  ? _parse_integer+0x132/0x180
[  277.254856]  ? __might_fault+0x11f/0x1d0
[  277.258910]  ? lock_downgrade+0x720/0x720
[  277.263077]  ? lock_acquire+0x170/0x3c0
[  277.267048]  ? __might_fault+0xef/0x1d0
[  277.271031]  ? __might_fault+0x192/0x1d0
[  277.275103]  core_sys_select+0x3ac/0x7e0
[  277.279174]  ? __se_compat_sys_pselect6+0x4a0/0x4a0
[  277.284212]  ? __might_fault+0x11f/0x1d0
[  277.288296]  ? poll_select_set_timeout+0xd4/0x130
[  277.293129]  ? poll_select_set_timeout+0xd4/0x130
[  277.297978]  ? timespec64_add_safe+0x189/0x210
[  277.302546]  ? nsec_to_clock_t+0x30/0x30
[  277.306604]  ? ktime_get_ts64+0x2c3/0x3e0
[  277.310748]  __se_sys_pselect6+0x419/0x480
[  277.314968]  ? kern_select+0x1c0/0x1c0
[  277.318844]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  277.324211]  ? trace_hardirqs_off_caller+0x6e/0x210
[  277.329239]  ? do_syscall_64+0x21/0x620
[  277.333219]  do_syscall_64+0xf9/0x620
[  277.337036]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  277.342217] RIP: 0033:0x45e159
[  277.345454] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  277.364348] RSP: 002b:00007fbbfb2cec68 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  277.372063] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000000045e159
[  277.379340] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000040
[  277.386599] RBP: 00007fbbfb2ceca0 R08: 0000000020000200 R09: 0000000000000000
[  277.393855] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000000
[  277.401107] R13: 00007ffcd25b3def R14: 00007fbbfb2cf9c0 R15: 000000000119bf8c
[  277.472728] erofs: read_super, device -> /dev/loop2
[  277.479083] erofs: options -> 
[  277.489469] FAULT_INJECTION: forcing a failure.
[  277.489469] name failslab, interval 1, probability 0, space 0, times 0
[  277.501207] erofs: root inode @ nid 36
[  277.513615] CPU: 1 PID: 15542 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
21:35:30 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000000)=0x2, 0x4)

[  277.521531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  277.530886] Call Trace:
[  277.533482]  dump_stack+0x1fc/0x2fe
[  277.537120]  should_fail.cold+0xa/0x14
[  277.541014]  ? setup_fault_attr+0x200/0x200
[  277.545341]  ? lock_acquire+0x170/0x3c0
[  277.549332]  __should_failslab+0x115/0x180
[  277.553581]  should_failslab+0x5/0xf
[  277.556297] erofs: mounted on /dev/loop2 with opts: .
[  277.557328]  kmem_cache_alloc_node+0x245/0x3b0
[  277.567092]  __alloc_skb+0x71/0x560
[  277.570734]  alloc_uevent_skb+0x7b/0x210
[  277.574793]  kobject_uevent_env+0xa83/0x14a0
[  277.579208]  lo_ioctl+0xff9/0x20e0
[  277.582733]  ? loop_set_status64+0x110/0x110
[  277.587126]  blkdev_ioctl+0x5cb/0x1a7e
[  277.591024]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  277.596373]  ? blkpg_ioctl+0x9d0/0x9d0
[  277.600263]  ? mark_held_locks+0xf0/0xf0
[  277.604328]  ? mark_held_locks+0xf0/0xf0
[  277.608373]  ? debug_check_no_obj_freed+0x201/0x482
[  277.613372]  ? lock_downgrade+0x720/0x720
[  277.617503]  block_ioctl+0xe9/0x130
[  277.621112]  ? blkdev_fallocate+0x3f0/0x3f0
[  277.625441]  do_vfs_ioctl+0xcdb/0x12e0
[  277.629312]  ? lock_downgrade+0x720/0x720
[  277.633557]  ? check_preemption_disabled+0x41/0x280
[  277.638577]  ? ioctl_preallocate+0x200/0x200
[  277.642975]  ? __fget+0x356/0x510
[  277.646417]  ? do_dup2+0x450/0x450
[  277.649963]  ? do_sys_open+0x2bf/0x520
[  277.653839]  ksys_ioctl+0x9b/0xc0
[  277.657278]  __x64_sys_ioctl+0x6f/0xb0
[  277.661149]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  277.665717]  do_syscall_64+0xf9/0x620
[  277.669507]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  277.674703] RIP: 0033:0x45dfc7
[  277.677905] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  277.696807] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  277.704521] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  277.711773] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
21:35:31 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000), 0x0, 0x800, 0x0, <r2=>0xffffffffffffffff})
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r1)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r3=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0)

21:35:31 executing program 5 (fault-call:8 fault-nth:1):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  277.719050] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  277.726305] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  277.733561] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  277.752554] erofs: read_super, device -> /dev/loop1
[  277.765514] erofs: options -> 
[  277.768812] erofs: root inode @ nid 36
[  277.779768] erofs: mounted on /dev/loop1 with opts: .
[  277.784163] erofs: read_super, device -> /dev/loop4
[  277.792032] erofs: options -> 
[  277.817567] erofs: root inode @ nid 36
[  277.835761] erofs: mounted on /dev/loop4 with opts: .
21:35:31 executing program 1 (fault-call:3 fault-nth:21):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:31 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:31 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3fc, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  277.870961] FAULT_INJECTION: forcing a failure.
[  277.870961] name failslab, interval 1, probability 0, space 0, times 0
[  277.890393] erofs: unmounted for /dev/loop1
[  277.925253] erofs: unmounted for /dev/loop2
[  277.929688] CPU: 1 PID: 15558 Comm: syz-executor.5 Not tainted 4.19.163-syzkaller #0
[  277.937588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  277.946948] Call Trace:
[  277.949541]  dump_stack+0x1fc/0x2fe
[  277.953176]  should_fail.cold+0xa/0x14
[  277.957077]  ? setup_fault_attr+0x200/0x200
[  277.961397]  ? lock_acquire+0x170/0x3c0
[  277.965380]  __should_failslab+0x115/0x180
[  277.969612]  should_failslab+0x5/0xf
[  277.973325]  kmem_cache_alloc_trace+0x284/0x380
[  277.978001]  snd_pcm_oss_change_params_locked+0x1d8/0x3960
[  277.983633]  ? __mutex_lock+0x3a8/0x1260
[  277.987690]  ? lock_downgrade+0x720/0x720
[  277.991837]  ? lock_acquire+0x170/0x3c0
[  277.995811]  ? mark_held_locks+0xf0/0xf0
[  277.999877]  ? snd_pcm_plugin_append+0x190/0x190
[  278.004630]  ? snd_pcm_oss_make_ready+0xc7/0x1b0
[  278.009388]  ? __mutex_add_waiter+0x160/0x160
[  278.013894]  ? __pollwait+0x255/0x430
[  278.017701]  ? snd_pcm_stream_unlock_irq+0xa8/0xd0
[  278.022643]  snd_pcm_oss_make_ready+0xe7/0x1b0
[  278.027246]  snd_pcm_oss_set_trigger.isra.0+0x30f/0x6e0
[  278.032617]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  278.037211]  snd_pcm_oss_poll+0x661/0xb10
[  278.041370]  ? poll_initwait+0x170/0x170
[  278.045434]  ? snd_pcm_oss_set_trigger.isra.0+0x6e0/0x6e0
[  278.050971]  ? check_preemption_disabled+0x41/0x280
[  278.056016]  ? snd_pcm_oss_set_trigger.isra.0+0x6e0/0x6e0
[  278.061557]  do_select+0x8e1/0x1610
[  278.065233]  ? select_estimate_accuracy+0x320/0x320
[  278.070255]  ? __lock_acquire+0x6de/0x3ff0
[  278.074498]  ? poll_initwait+0x170/0x170
[  278.078591]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  278.084397]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  278.090210]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  278.096017]  ? __lock_acquire+0x6de/0x3ff0
[  278.100260]  ? mark_held_locks+0xf0/0xf0
[  278.104325]  ? __lock_acquire+0x6de/0x3ff0
[  278.108564]  ? mark_held_locks+0xf0/0xf0
[  278.112648]  ? _parse_integer+0x132/0x180
[  278.116799]  ? __might_fault+0x11f/0x1d0
[  278.120866]  ? lock_downgrade+0x720/0x720
[  278.125015]  ? lock_acquire+0x170/0x3c0
[  278.128988]  ? __might_fault+0xef/0x1d0
[  278.132969]  ? __might_fault+0x192/0x1d0
[  278.137036]  core_sys_select+0x3ac/0x7e0
[  278.141105]  ? __se_compat_sys_pselect6+0x4a0/0x4a0
[  278.146128]  ? __might_fault+0x11f/0x1d0
[  278.150205]  ? poll_select_set_timeout+0xd4/0x130
[  278.155144]  ? poll_select_set_timeout+0xd4/0x130
[  278.159988]  ? timespec64_add_safe+0x189/0x210
[  278.164573]  ? nsec_to_clock_t+0x30/0x30
[  278.168636]  ? ktime_get_ts64+0x2c3/0x3e0
[  278.172795]  __se_sys_pselect6+0x419/0x480
[  278.177037]  ? kern_select+0x1c0/0x1c0
[  278.180951]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  278.186321]  ? trace_hardirqs_off_caller+0x6e/0x210
[  278.191343]  ? do_syscall_64+0x21/0x620
[  278.195323]  do_syscall_64+0xf9/0x620
[  278.199132]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  278.204321] RIP: 0033:0x45e159
[  278.207513] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
21:35:31 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x1000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  278.226413] RSP: 002b:00007fbbfb2cec68 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  278.234126] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000000045e159
[  278.241393] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000040
[  278.248674] RBP: 00007fbbfb2ceca0 R08: 0000000020000200 R09: 0000000000000000
[  278.255939] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[  278.263205] R13: 00007ffcd25b3def R14: 00007fbbfb2cf9c0 R15: 000000000119bf8c
21:35:31 executing program 5 (fault-call:8 fault-nth:2):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  278.313218] erofs: unmounted for /dev/loop4
21:35:31 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0xa10040, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  278.383266] FAULT_INJECTION: forcing a failure.
[  278.383266] name failslab, interval 1, probability 0, space 0, times 0
[  278.395390] CPU: 0 PID: 15570 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  278.405026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  278.414658] Call Trace:
[  278.417267]  dump_stack+0x1fc/0x2fe
[  278.420900]  should_fail.cold+0xa/0x14
[  278.424774]  ? setup_fault_attr+0x200/0x200
[  278.429137]  ? lock_acquire+0x170/0x3c0
[  278.433122]  __should_failslab+0x115/0x180
[  278.437441]  should_failslab+0x5/0xf
[  278.441167]  kmem_cache_alloc_node_trace+0x244/0x3b0
[  278.446463]  __kmalloc_node_track_caller+0x38/0x70
[  278.451380]  __alloc_skb+0xae/0x560
[  278.455007]  alloc_uevent_skb+0x7b/0x210
[  278.459081]  kobject_uevent_env+0xa83/0x14a0
[  278.463496]  lo_ioctl+0xff9/0x20e0
[  278.467057]  ? loop_set_status64+0x110/0x110
[  278.471488]  blkdev_ioctl+0x5cb/0x1a7e
[  278.475386]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  278.480762]  ? blkpg_ioctl+0x9d0/0x9d0
[  278.484652]  ? mark_held_locks+0xf0/0xf0
[  278.488741]  ? mark_held_locks+0xf0/0xf0
[  278.492827]  ? debug_check_no_obj_freed+0x201/0x482
[  278.497885]  ? lock_downgrade+0x720/0x720
[  278.502035]  block_ioctl+0xe9/0x130
[  278.505662]  ? blkdev_fallocate+0x3f0/0x3f0
[  278.510007]  do_vfs_ioctl+0xcdb/0x12e0
[  278.513917]  ? lock_downgrade+0x720/0x720
[  278.518058]  ? check_preemption_disabled+0x41/0x280
[  278.523075]  ? ioctl_preallocate+0x200/0x200
[  278.527513]  ? __fget+0x356/0x510
[  278.531008]  ? do_dup2+0x450/0x450
[  278.534551]  ? do_sys_open+0x2bf/0x520
[  278.538435]  ksys_ioctl+0x9b/0xc0
[  278.541886]  __x64_sys_ioctl+0x6f/0xb0
[  278.545783]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  278.550390]  do_syscall_64+0xf9/0x620
[  278.554190]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  278.559388] RIP: 0033:0x45dfc7
[  278.562578] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  278.581491] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  278.589198] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  278.596463] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  278.603726] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  278.612214] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  278.619531] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  278.637874] erofs: read_super, device -> /dev/loop1
[  278.650758] erofs: options -> 
[  278.661946] erofs: root inode @ nid 36
[  278.669310] erofs: read_super, device -> /dev/loop2
[  278.674772] erofs: mounted on /dev/loop1 with opts: .
[  278.693662] erofs: options -> 
[  278.711033] erofs: root inode @ nid 36
[  278.716901] FAULT_INJECTION: forcing a failure.
[  278.716901] name failslab, interval 1, probability 0, space 0, times 0
[  278.738617] erofs: mounted on /dev/loop2 with opts: .
21:35:32 executing program 1 (fault-call:3 fault-nth:22):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  278.748080] erofs: read_super, device -> /dev/loop4
[  278.766579] erofs: options -> 
[  278.770212] CPU: 0 PID: 15580 Comm: syz-executor.5 Not tainted 4.19.163-syzkaller #0
[  278.772343] erofs: unmounted for /dev/loop1
[  278.778104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  278.778111] Call Trace:
[  278.778136]  dump_stack+0x1fc/0x2fe
[  278.778160]  should_fail.cold+0xa/0x14
[  278.778180]  ? setup_fault_attr+0x200/0x200
[  278.778204]  __should_failslab+0x115/0x180
[  278.810487]  should_failslab+0x5/0xf
[  278.814203]  kmem_cache_alloc_trace+0x284/0x380
[  278.818907]  snd_pcm_oss_change_params_locked+0x20e/0x3960
[  278.824564]  ? __mutex_lock+0x3a8/0x1260
[  278.828630]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  278.833232]  ? mark_held_locks+0xf0/0xf0
[  278.837294]  ? snd_pcm_plugin_append+0x190/0x190
[  278.842051]  ? snd_pcm_oss_make_ready+0xc7/0x1b0
[  278.846830]  ? __mutex_add_waiter+0x160/0x160
[  278.851326]  ? retint_kernel+0x2d/0x2d
[  278.855243]  ? __pollwait+0x255/0x430
[  278.859048]  ? snd_pcm_stream_unlock_irq+0xa8/0xd0
[  278.863985]  snd_pcm_oss_make_ready+0xe7/0x1b0
[  278.868575]  snd_pcm_oss_set_trigger.isra.0+0x30f/0x6e0
[  278.873964]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  278.878573]  snd_pcm_oss_poll+0x661/0xb10
[  278.882726]  ? poll_initwait+0x170/0x170
[  278.886789]  ? snd_pcm_oss_set_trigger.isra.0+0x6e0/0x6e0
[  278.892335]  ? snd_pcm_oss_set_trigger.isra.0+0x6e0/0x6e0
[  278.897900]  do_select+0x8e1/0x1610
[  278.901577]  ? select_estimate_accuracy+0x320/0x320
[  278.906607]  ? perf_event_update_userpage+0x516/0x7b0
[  278.911797]  ? poll_initwait+0x170/0x170
[  278.915865]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  278.921677]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  278.927502]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  278.933303]  ? __lock_acquire+0x6de/0x3ff0
[  278.937545]  ? mark_held_locks+0xa6/0xf0
[  278.941627]  ? mark_held_locks+0xf0/0xf0
[  278.945690]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  278.950270]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  278.955040]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  278.959812]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  278.964572]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  278.969155]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  278.973910]  ? rcu_nmi_exit+0xb3/0x180
[  278.977798]  ? retint_kernel+0x2d/0x2d
[  278.981707]  ? copy_user_generic_unrolled+0x89/0xc0
[  278.986748]  core_sys_select+0x3ac/0x7e0
[  278.990816]  ? __se_compat_sys_pselect6+0x4a0/0x4a0
[  278.996181]  ? __might_fault+0x11f/0x1d0
[  279.000246]  ? poll_select_set_timeout+0xd4/0x130
[  279.005094]  ? poll_select_set_timeout+0xd4/0x130
[  279.009955]  ? timespec64_add_safe+0x189/0x210
[  279.014537]  ? nsec_to_clock_t+0x30/0x30
[  279.018608]  ? ktime_get_ts64+0x2c3/0x3e0
[  279.022769]  __se_sys_pselect6+0x419/0x480
[  279.027007]  ? kern_select+0x1c0/0x1c0
[  279.030900]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  279.036273]  ? trace_hardirqs_off_caller+0x6e/0x210
[  279.041311]  ? do_syscall_64+0x21/0x620
[  279.045289]  do_syscall_64+0xf9/0x620
[  279.049092]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  279.054282] RIP: 0033:0x45e159
[  279.057473] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  279.076381] RSP: 002b:00007fbbfb2cec68 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  279.084093] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000000045e159
[  279.091361] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000040
[  279.098645] RBP: 00007fbbfb2ceca0 R08: 0000000020000200 R09: 0000000000000000
[  279.105930] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000002
[  279.113197] R13: 00007ffcd25b3def R14: 00007fbbfb2cf9c0 R15: 000000000119bf8c
21:35:32 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:32 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3fd, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:32 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
r1 = socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$TIOCL_GETSHIFTSTATE(0xffffffffffffffff, 0x541c, &(0x7f0000000380)={0x6, 0xbf})
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
socketpair(0x2c, 0x5, 0x6, &(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$nl_route(r5, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)=@ipv4_delrule={0x64, 0x21, 0x4, 0x70bd29, 0x25dfdbff, {0x2, 0x14, 0x14, 0x5, 0xff, 0x0, 0x0, 0x5, 0x10}, [@FRA_DST={0x8, 0x1, @broadcast}, @FRA_GENERIC_POLICY=@FRA_TABLE={0x8, 0xf, 0x7ff}, @FRA_SRC={0x8, 0x2, @multicast1}, @FRA_FLOW={0x8, 0xb, 0x401}, @FRA_TUN_ID={0xc}, @FRA_SRC={0x8, 0x2, @multicast2}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x10}, @FRA_DST={0x8, 0x1, @rand_addr=0x64010100}]}, 0x64}, 0x1, 0x0, 0x0, 0x4800}, 0x20000000)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r1, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, 0x7, 0x1, 0x3, 0x0, 0x0, {0xc, 0x0, 0x8}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x24000001}, 0x20000001)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000040)="c7442400fa1f0000c744240200000000c7442406000000000f0114240f20e035000002000f22e066ba420066b8489566efc4c3156c4e89a8b8010000000f01d966b824010f00d866baf80cb8ece18a88ef66bafc0cb80a5e6c46efc4c105e8751dc686050000009a66b8db000f00d0", 0x6f}], 0x1, 0x0, 0x0, 0x0)
setsockopt$inet6_udp_int(r4, 0x11, 0x65, &(0x7f0000000540)=0xffff7fff, 0x4)
ioctl$KVM_SET_BOOT_CPU_ID(r3, 0xae78, &(0x7f0000000000))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r7=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r7+30000000}, 0x0)

[  279.149056] erofs: root inode @ nid 36
[  279.165394] erofs: mounted on /dev/loop4 with opts: .
[  279.180127] erofs: unmounted for /dev/loop2
21:35:32 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:32 executing program 5 (fault-call:8 fault-nth:3):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  279.260559] erofs: read_super, device -> /dev/loop2
[  279.267387] erofs: options -> 
[  279.272308] erofs: root inode @ nid 36
[  279.273638] erofs: unmounted for /dev/loop4
[  279.277309] erofs: mounted on /dev/loop2 with opts: .
21:35:32 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3fe, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  279.386838] erofs: read_super, device -> /dev/loop4
[  279.393522] erofs: unmounted for /dev/loop2
[  279.415696] erofs: options -> 
[  279.427923] FAULT_INJECTION: forcing a failure.
[  279.427923] name failslab, interval 1, probability 0, space 0, times 0
[  279.439324] erofs: root inode @ nid 36
[  279.439562] erofs: mounted on /dev/loop4 with opts: .
[  279.459056] CPU: 0 PID: 15614 Comm: syz-executor.5 Not tainted 4.19.163-syzkaller #0
[  279.466973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  279.476368] Call Trace:
[  279.478970]  dump_stack+0x1fc/0x2fe
[  279.482651]  should_fail.cold+0xa/0x14
[  279.486548]  ? setup_fault_attr+0x200/0x200
[  279.491003]  ? lock_acquire+0x170/0x3c0
[  279.495000]  __should_failslab+0x115/0x180
[  279.499251]  should_failslab+0x5/0xf
[  279.502971]  __kmalloc+0x2ab/0x3c0
[  279.514334]  ? constrain_params_by_rules+0x10e/0x10b0
[  279.519537]  constrain_params_by_rules+0x10e/0x10b0
[  279.524605]  ? mark_held_locks+0xa6/0xf0
[  279.528685]  ? io_schedule_timeout+0x140/0x140
[  279.533283]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  279.537878]  ? snd_pcm_hw_convert_to_old_params+0x570/0x570
[  279.543602]  ? rcu_nmi_exit+0xb3/0x180
[  279.547502]  ? retint_kernel+0x2d/0x2d
[  279.551411]  ? snd_interval_refine+0x376/0x560
[  279.556173]  ? snd_interval_refine+0x2c8/0x560
[  279.560765]  ? __sanitizer_cov_trace_pc+0x14/0x50
[  279.565617]  ? snd_interval_refine+0x2c8/0x560
[  279.570211]  snd_pcm_hw_refine+0xb9b/0xed0
[  279.574462]  ? snd_pcm_do_prepare+0xa0/0xa0
[  279.578798]  ? retint_kernel+0x2d/0x2d
[  279.582789]  ? _snd_pcm_hw_param_any+0x4a/0x280
[  279.587466]  ? _snd_pcm_hw_param_any+0xd4/0x280
[  279.592141]  ? _snd_pcm_hw_param_min+0x24f/0x4c0
[  279.596936]  snd_pcm_oss_change_params_locked+0xf2a/0x3960
[  279.602583]  ? mark_held_locks+0xf0/0xf0
[  279.606684]  ? snd_pcm_plugin_append+0x190/0x190
[  279.611449]  ? snd_pcm_oss_make_ready+0xc7/0x1b0
[  279.616216]  ? __mutex_add_waiter+0x160/0x160
[  279.620753]  ? __pollwait+0x255/0x430
[  279.624556]  ? snd_pcm_stream_unlock_irq+0xa8/0xd0
[  279.629546]  snd_pcm_oss_make_ready+0xe7/0x1b0
[  279.634148]  snd_pcm_oss_set_trigger.isra.0+0x30f/0x6e0
[  279.639519]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  279.644114]  snd_pcm_oss_poll+0x661/0xb10
[  279.648260]  ? poll_initwait+0x170/0x170
[  279.652319]  ? snd_pcm_oss_set_trigger.isra.0+0x6e0/0x6e0
[  279.657849]  ? pipe_poll+0x90/0x310
[  279.661463]  ? snd_pcm_oss_set_trigger.isra.0+0x6e0/0x6e0
[  279.667003]  do_select+0x8e1/0x1610
[  279.670631]  ? select_estimate_accuracy+0x320/0x320
[  279.675646]  ? __lock_acquire+0x6de/0x3ff0
[  279.679886]  ? poll_initwait+0x170/0x170
[  279.683959]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  279.689771]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  279.695580]  ? poll_schedule_timeout.constprop.0+0x1e0/0x1e0
[  279.701372]  ? __lock_acquire+0x6de/0x3ff0
[  279.705630]  ? mark_held_locks+0xf0/0xf0
[  279.709697]  ? __lock_acquire+0x6de/0x3ff0
[  279.713941]  ? mark_held_locks+0xf0/0xf0
[  279.718005]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  279.722758]  ? __might_fault+0x11f/0x1d0
[  279.726817]  ? lock_downgrade+0x720/0x720
[  279.730948]  ? lock_acquire+0x170/0x3c0
[  279.735009]  ? __might_fault+0xef/0x1d0
[  279.738984]  ? __might_fault+0x192/0x1d0
[  279.743047]  core_sys_select+0x3ac/0x7e0
[  279.747110]  ? __se_compat_sys_pselect6+0x4a0/0x4a0
[  279.752128]  ? __might_fault+0x11f/0x1d0
[  279.756204]  ? poll_select_set_timeout+0xd4/0x130
[  279.761086]  ? poll_select_set_timeout+0xd4/0x130
[  279.765940]  ? timespec64_add_safe+0x189/0x210
[  279.770522]  ? nsec_to_clock_t+0x30/0x30
[  279.774604]  ? ktime_get_ts64+0x2c3/0x3e0
[  279.778847]  __se_sys_pselect6+0x419/0x480
[  279.783093]  ? kern_select+0x1c0/0x1c0
[  279.786996]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  279.792460]  ? trace_hardirqs_off_caller+0x6e/0x210
[  279.797491]  ? do_syscall_64+0x21/0x620
[  279.801478]  do_syscall_64+0xf9/0x620
[  279.805302]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  279.810510] RIP: 0033:0x45e159
[  279.813709] Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  279.832968] RSP: 002b:00007fbbfb2cec68 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  279.840677] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000000045e159
[  279.847945] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000040
[  279.855413] RBP: 00007fbbfb2ceca0 R08: 0000000020000200 R09: 0000000000000000
[  279.862680] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000003
[  279.869963] R13: 00007ffcd25b3def R14: 00007fbbfb2cf9c0 R15: 000000000119bf8c
21:35:33 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
dup(r2)

[  279.928865] erofs: read_super, device -> /dev/loop2
[  279.944420] erofs: options -> 
[  279.955623] erofs: root inode @ nid 36
[  279.973886] erofs: mounted on /dev/loop2 with opts: .
21:35:33 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  279.990789] FAULT_INJECTION: forcing a failure.
[  279.990789] name failslab, interval 1, probability 0, space 0, times 0
[  280.002619] CPU: 0 PID: 15629 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  280.010527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  280.019920] Call Trace:
[  280.022525]  dump_stack+0x1fc/0x2fe
[  280.026191]  should_fail.cold+0xa/0x14
[  280.030081]  ? setup_fault_attr+0x200/0x200
[  280.034426]  ? lock_acquire+0x170/0x3c0
[  280.038400]  __should_failslab+0x115/0x180
[  280.042631]  should_failslab+0x5/0xf
[  280.046350]  kmem_cache_alloc_trace+0x284/0x380
[  280.051006]  ? wait_for_completion_io+0x10/0x10
[  280.055675]  ? kobject_init_and_add.cold+0x16/0x16
[  280.060635]  call_usermodehelper_setup+0x84/0x300
[  280.065468]  kobject_uevent_env+0xe87/0x14a0
[  280.069870]  lo_ioctl+0xff9/0x20e0
[  280.073411]  ? loop_set_status64+0x110/0x110
[  280.077832]  blkdev_ioctl+0x5cb/0x1a7e
[  280.081720]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  280.087070]  ? blkpg_ioctl+0x9d0/0x9d0
[  280.090943]  ? mark_held_locks+0xf0/0xf0
[  280.095004]  ? mark_held_locks+0xf0/0xf0
[  280.099063]  ? debug_check_no_obj_freed+0x201/0x482
[  280.104076]  ? lock_downgrade+0x720/0x720
[  280.108300]  block_ioctl+0xe9/0x130
[  280.111931]  ? blkdev_fallocate+0x3f0/0x3f0
[  280.116277]  do_vfs_ioctl+0xcdb/0x12e0
[  280.120168]  ? lock_downgrade+0x720/0x720
[  280.124328]  ? check_preemption_disabled+0x41/0x280
[  280.129339]  ? ioctl_preallocate+0x200/0x200
[  280.133766]  ? __fget+0x356/0x510
[  280.137241]  ? do_dup2+0x450/0x450
[  280.140791]  ? do_sys_open+0x2bf/0x520
[  280.144669]  ksys_ioctl+0x9b/0xc0
[  280.148133]  __x64_sys_ioctl+0x6f/0xb0
[  280.152016]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  280.156608]  do_syscall_64+0xf9/0x620
[  280.160439]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  280.165634] RIP: 0033:0x45dfc7
[  280.168822] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  280.187727] RSP: 002b:00007f45360aba18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  280.195438] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dfc7
[  280.202903] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[  280.210175] RBP: 0000000000000000 R08: 0000000020000248 R09: 0000000000000000
[  280.217458] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000003
[  280.224740] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000258
[  280.235380] erofs: unmounted for /dev/loop4
21:35:33 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:33 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x5, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(0xffffffffffffffff, 0x7b0, &(0x7f0000000000)={@my=0x1, 0x4})
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000041c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$P9_RCREATE(r2, &(0x7f0000000040)={0x18, 0x73, 0x2, {{0x4, 0x0, 0x3}, 0x1}}, 0x18)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r3=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0)

[  280.264185] erofs: read_super, device -> /dev/loop1
[  280.279656] erofs: options -> 
[  280.292408] erofs: root inode @ nid 36
[  280.306961] erofs: mounted on /dev/loop1 with opts: .
21:35:33 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x500, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:33 executing program 1 (fault-call:3 fault-nth:23):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  280.356267] erofs: unmounted for /dev/loop2
21:35:33 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
dup(r2)

[  280.384307] erofs: unmounted for /dev/loop1
[  280.408697] erofs: read_super, device -> /dev/loop4
[  280.430719] erofs: options -> 
[  280.478995] erofs: root inode @ nid 36
[  280.487424] erofs: read_super, device -> /dev/loop2
[  280.492902] erofs: mounted on /dev/loop4 with opts: .
[  280.500065] erofs: options -> 
[  280.511614] erofs: root inode @ nid 36
[  280.516803] erofs: mounted on /dev/loop2 with opts: .
21:35:33 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  280.526077] FAULT_INJECTION: forcing a failure.
[  280.526077] name failslab, interval 1, probability 0, space 0, times 0
[  280.545223] erofs: unmounted for /dev/loop4
[  280.551289] CPU: 0 PID: 15660 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  280.559212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  280.568572] Call Trace:
[  280.571182]  dump_stack+0x1fc/0x2fe
[  280.574824]  should_fail.cold+0xa/0x14
[  280.578706]  ? setup_fault_attr+0x200/0x200
[  280.583029]  ? lock_acquire+0x170/0x3c0
[  280.586999]  __should_failslab+0x115/0x180
[  280.591238]  should_failslab+0x5/0xf
[  280.594947]  kmem_cache_alloc+0x277/0x370
[  280.599101]  getname_flags+0xce/0x590
[  280.602894]  do_mkdirat+0x8d/0x2d0
[  280.606448]  ? __ia32_sys_mknod+0x120/0x120
[  280.610755]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  280.616106]  ? trace_hardirqs_off_caller+0x6e/0x210
[  280.621113]  ? do_syscall_64+0x21/0x620
[  280.625077]  do_syscall_64+0xf9/0x620
[  280.628881]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  280.634071] RIP: 0033:0x45d577
[  280.637259] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  280.656146] RSP: 002b:00007f45360aba78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  280.663842] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 000000000045d577
[  280.671115] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
21:35:34 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x600, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  280.678388] RBP: 00007f45360abad0 R08: 0000000020000248 R09: 0000000000000000
[  280.685657] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  280.692955] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  280.727295] erofs: unmounted for /dev/loop2
21:35:34 executing program 1 (fault-call:3 fault-nth:24):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  280.846584] erofs: read_super, device -> /dev/loop4
[  280.859217] erofs: options -> 
[  280.876513] erofs: read_super, device -> /dev/loop2
[  280.876618] erofs: root inode @ nid 36
[  280.886627] erofs: options -> 
[  280.906934] erofs: root inode @ nid 36
[  280.908768] erofs: mounted on /dev/loop4 with opts: .
[  280.915532] FAULT_INJECTION: forcing a failure.
[  280.915532] name failslab, interval 1, probability 0, space 0, times 0
[  280.954953] erofs: mounted on /dev/loop2 with opts: .
[  280.991001] CPU: 1 PID: 15681 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  280.998931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  281.008318] Call Trace:
[  281.010912]  dump_stack+0x1fc/0x2fe
[  281.014550]  should_fail.cold+0xa/0x14
[  281.018454]  ? setup_fault_attr+0x200/0x200
[  281.025076]  ? lock_acquire+0x170/0x3c0
[  281.029101]  __should_failslab+0x115/0x180
[  281.033383]  should_failslab+0x5/0xf
[  281.037103]  kmem_cache_alloc+0x277/0x370
[  281.041264]  __d_alloc+0x2b/0xa10
[  281.044731]  d_alloc+0x4a/0x230
[  281.048024]  __lookup_hash+0xc8/0x180
[  281.051837]  filename_create+0x186/0x490
[  281.055912]  ? kern_path_mountpoint+0x40/0x40
[  281.060418]  ? strncpy_from_user+0x2a2/0x350
[  281.064927]  ? getname_flags+0x25b/0x590
[  281.069000]  do_mkdirat+0xa0/0x2d0
[  281.072555]  ? __ia32_sys_mknod+0x120/0x120
[  281.076887]  ? trace_hardirqs_off_caller+0x6e/0x210
[  281.081908]  ? do_syscall_64+0x21/0x620
[  281.085892]  do_syscall_64+0xf9/0x620
[  281.089735]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  281.094930] RIP: 0033:0x45d577
[  281.098132] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  281.117032] RSP: 002b:00007f45360aba78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  281.124761] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 000000000045d577
[  281.132132] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
21:35:34 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x5000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  281.139388] RBP: 00007f45360abad0 R08: 0000000020000248 R09: 0000000000000000
[  281.146652] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  281.153918] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  281.169723] erofs: unmounted for /dev/loop4
21:35:34 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
dup(r2)

21:35:34 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x8, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:34 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000000)={0x7f, 0x8, 0xf75e, 0x1dfe, 0x100, 0x3})
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)

21:35:34 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x700, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:34 executing program 1 (fault-call:3 fault-nth:25):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  281.249420] erofs: unmounted for /dev/loop2
[  281.314552] erofs: read_super, device -> /dev/loop4
[  281.326683] erofs: options -> 
[  281.327498] FAULT_INJECTION: forcing a failure.
[  281.327498] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  281.341718] CPU: 0 PID: 15698 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  281.349712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  281.357990] erofs: root inode @ nid 36
[  281.359068] Call Trace:
[  281.359091]  dump_stack+0x1fc/0x2fe
[  281.359111]  should_fail.cold+0xa/0x14
[  281.359129]  ? setup_fault_attr+0x200/0x200
[  281.359152]  ? __mutex_unlock_slowpath+0xea/0x610
[  281.380243] erofs: mounted on /dev/loop4 with opts: .
[  281.382331]  __alloc_pages_nodemask+0x239/0x2890
[  281.382358]  ? __lock_acquire+0x6de/0x3ff0
[  281.382379]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  281.382394]  ? blkdev_ioctl+0x11a/0x1a7e
[  281.382407]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  281.382422]  ? blkpg_ioctl+0x9d0/0x9d0
[  281.382442]  ? debug_check_no_obj_freed+0x201/0x482
[  281.382460]  ? lock_downgrade+0x720/0x720
[  281.382478]  cache_grow_begin+0xa4/0x8a0
[  281.410557] erofs: read_super, device -> /dev/loop2
[  281.410874]  ? setup_fault_attr+0x200/0x200
[  281.431227] erofs: options -> 
[  281.432947]  ? lock_acquire+0x170/0x3c0
[  281.432966]  cache_alloc_refill+0x273/0x340
[  281.432984]  kmem_cache_alloc+0x346/0x370
[  281.433003]  getname_flags+0xce/0x590
[  281.433024]  do_mkdirat+0x8d/0x2d0
[  281.433043]  ? __ia32_sys_mknod+0x120/0x120
[  281.433057]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  281.433072]  ? trace_hardirqs_off_caller+0x6e/0x210
[  281.433086]  ? do_syscall_64+0x21/0x620
[  281.433101]  do_syscall_64+0xf9/0x620
[  281.433116]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  281.433127] RIP: 0033:0x45d577
[  281.433142] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  281.433150] RSP: 002b:00007f45360aba78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  281.433163] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 000000000045d577
[  281.433177] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  281.473345] erofs: root inode @ nid 36
[  281.475096] RBP: 00007f45360abad0 R08: 0000000020000248 R09: 0000000000000000
[  281.475106] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  281.475115] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  281.481573] erofs: read_super, device -> /dev/loop1
[  281.530985] erofs: mounted on /dev/loop2 with opts: .
[  281.534730] erofs: options -> 
21:35:34 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x6000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:34 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x900, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:34 executing program 1 (fault-call:3 fault-nth:26):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  281.613838] erofs: root inode @ nid 36
[  281.618110] erofs: mounted on /dev/loop1 with opts: .
[  281.621139] erofs: unmounted for /dev/loop4
[  281.636500] erofs: unmounted for /dev/loop2
[  281.663515] erofs: unmounted for /dev/loop1
[  281.763779] erofs: read_super, device -> /dev/loop4
[  281.776252] erofs: options -> 
[  281.780368] erofs: root inode @ nid 36
[  281.785697] erofs: mounted on /dev/loop4 with opts: .
[  281.799752] erofs: read_super, device -> /dev/loop2
21:35:35 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x7000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  281.821408] erofs: options -> 
[  281.829071] erofs: unmounted for /dev/loop4
[  281.849487] erofs: root inode @ nid 36
[  281.859131] FAULT_INJECTION: forcing a failure.
[  281.859131] name failslab, interval 1, probability 0, space 0, times 0
[  281.865938] erofs: mounted on /dev/loop2 with opts: .
[  281.874984] CPU: 1 PID: 15737 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  281.883569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  281.893013] Call Trace:
[  281.895611]  dump_stack+0x1fc/0x2fe
[  281.899268]  should_fail.cold+0xa/0x14
[  281.903161]  ? setup_fault_attr+0x200/0x200
[  281.907489]  ? lock_acquire+0x170/0x3c0
[  281.911477]  __should_failslab+0x115/0x180
[  281.915718]  should_failslab+0x5/0xf
[  281.919430]  kmem_cache_alloc+0x277/0x370
[  281.923585]  __d_alloc+0x2b/0xa10
[  281.927044]  d_alloc+0x4a/0x230
[  281.930323]  __lookup_hash+0xc8/0x180
[  281.934157]  filename_create+0x186/0x490
[  281.938223]  ? kern_path_mountpoint+0x40/0x40
[  281.942720]  ? strncpy_from_user+0x2a2/0x350
[  281.947134]  ? getname_flags+0x25b/0x590
[  281.951205]  do_mkdirat+0xa0/0x2d0
[  281.954750]  ? __ia32_sys_mknod+0x120/0x120
[  281.959077]  ? trace_hardirqs_off_caller+0x6e/0x210
[  281.964093]  ? do_syscall_64+0x21/0x620
[  281.968099]  do_syscall_64+0xf9/0x620
[  281.971905]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  281.977095] RIP: 0033:0x45d577
[  281.980288] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  281.999197] RSP: 002b:00007f45360aba78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  282.007004] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 000000000045d577
[  282.014976] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  282.022250] RBP: 00007f45360abad0 R08: 0000000020000248 R09: 0000000000000000
[  282.029547] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  282.036825] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:35 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

21:35:35 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x1300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  282.108600] erofs: read_super, device -> /dev/loop4
[  282.115100] erofs: options -> 
[  282.124356] erofs: root inode @ nid 36
[  282.135851] erofs: mounted on /dev/loop4 with opts: .
[  282.154196] erofs: unmounted for /dev/loop2
21:35:35 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x10, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:35 executing program 1 (fault-call:3 fault-nth:27):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:35 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10000, 0x0, 0xffff0000, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r2 = socket(0xa, 0x1, 0x0)
close(r2)
r3 = socket(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1}], 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000900)={0x1, [<r5=>0x0]}, &(0x7f0000000940)=0x8)
sendmmsg$inet_sctp(r3, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, r5}}], 0x30}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000140)={r5, 0xa3, "428b6757764b594f825d952ef05e8b3611be75e1a7af15f91b84bcfacd61219810dccff11f9e0074fdec2d3ea3efb81ca60bf8efa9bddcd7a8cd524d21ac2408fcda81f4ccefcf6ebc5d9fe70cf87ea3a8a117a7e89bef68a05696dcd6232d6f37f43656eb6845822f0e8233dc3ad4da8fe44368f0ff07d7b1602a85ae6ce45a6f9d16ce86d6e9d6ac560b237d4a91d9b99bad81847296bd8c663853afdf1b7f44006b"}, &(0x7f0000000200)=0xab)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000000)=@sack_info={r5, 0xfffffffb, 0xff}, &(0x7f0000000040)=0xc)

21:35:35 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x8000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  282.281201] FAULT_INJECTION: forcing a failure.
[  282.281201] name failslab, interval 1, probability 0, space 0, times 0
[  282.301510] erofs: unmounted for /dev/loop4
[  282.311506] CPU: 1 PID: 15760 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  282.319421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  282.320730] erofs: read_super, device -> /dev/loop2
[  282.328775] Call Trace:
[  282.328798]  dump_stack+0x1fc/0x2fe
[  282.328816]  should_fail.cold+0xa/0x14
[  282.328833]  ? setup_fault_attr+0x200/0x200
[  282.328855]  __should_failslab+0x115/0x180
[  282.334087] erofs: options -> 
[  282.336482]  should_failslab+0x5/0xf
[  282.336497]  kmem_cache_alloc+0x277/0x370
[  282.336511]  ? ext4_sync_fs+0x8d0/0x8d0
[  282.336527]  ext4_alloc_inode+0x1a/0x630
[  282.340541] erofs: root inode @ nid 36
[  282.344034]  ? ext4_sync_fs+0x8d0/0x8d0
[  282.344050]  alloc_inode+0x5d/0x180
[  282.344065]  new_inode+0x1d/0xf0
[  282.344080]  __ext4_new_inode+0x400/0x5a20
[  282.344106]  ? putname+0xe1/0x120
[  282.344125]  ? do_mkdirat+0xa0/0x2d0
[  282.344148]  ? ext4_free_inode+0x1780/0x1780
[  282.344167]  ? debug_check_no_obj_freed+0x201/0x482
[  282.355956] erofs: mounted on /dev/loop2 with opts: .
[  282.420823]  ? __dquot_initialize+0x298/0xb70
[  282.425314]  ? lock_acquire+0x170/0x3c0
[  282.429292]  ? dquot_initialize_needed+0x290/0x290
[  282.434226]  ? trace_hardirqs_off+0x64/0x200
[  282.438632]  ? common_perm+0x4be/0x800
[  282.442527]  ext4_mkdir+0x396/0xe10
[  282.446191]  ? putname+0xe1/0x120
[  282.449639]  ? ext4_init_dot_dotdot+0x600/0x600
[  282.454311]  ? generic_permission+0x116/0x4d0
[  282.458808]  ? security_inode_permission+0xc5/0xf0
[  282.463748]  ? inode_permission.part.0+0x10c/0x450
[  282.468707]  vfs_mkdir+0x508/0x7a0
[  282.472243]  do_mkdirat+0x262/0x2d0
[  282.475885]  ? __ia32_sys_mknod+0x120/0x120
[  282.481259]  ? trace_hardirqs_off_caller+0x6e/0x210
[  282.486279]  ? do_syscall_64+0x21/0x620
[  282.490253]  do_syscall_64+0xf9/0x620
[  282.494045]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  282.499237] RIP: 0033:0x45d577
[  282.502430] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  282.521317] RSP: 002b:00007f45360aba78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  282.529009] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 000000000045d577
[  282.536265] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  282.543520] RBP: 00007f45360abad0 R08: 0000000020000248 R09: 0000000000000000
[  282.550837] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  282.558108] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:35 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x2000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:35 executing program 1 (fault-call:3 fault-nth:28):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  282.628725] erofs: unmounted for /dev/loop2
[  282.693618] erofs: read_super, device -> /dev/loop4
[  282.710544] erofs: options -> 
[  282.727869] erofs: read_super, device -> /dev/loop2
[  282.733559] erofs: options -> 
[  282.737241] erofs: root inode @ nid 36
[  282.741677] erofs: mounted on /dev/loop2 with opts: .
[  282.758630] FAULT_INJECTION: forcing a failure.
[  282.758630] name failslab, interval 1, probability 0, space 0, times 0
[  282.759203] erofs: root inode @ nid 36
[  282.771016] CPU: 1 PID: 15783 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  282.781773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  282.791130] Call Trace:
[  282.793735]  dump_stack+0x1fc/0x2fe
[  282.797380]  should_fail.cold+0xa/0x14
[  282.801283]  ? setup_fault_attr+0x200/0x200
[  282.805613]  ? __lock_acquire+0x6de/0x3ff0
[  282.809866]  __should_failslab+0x115/0x180
[  282.814124]  should_failslab+0x5/0xf
[  282.817850]  __kmalloc+0x2ab/0x3c0
[  282.821416]  ? ext4_find_extent+0x9bb/0xc70
[  282.825751]  ext4_find_extent+0x9bb/0xc70
[  282.826584] erofs: mounted on /dev/loop4 with opts: .
[  282.829911]  ext4_ext_map_blocks+0x1c0/0x7390
[  282.829930]  ? __lock_acquire+0x6de/0x3ff0
[  282.829948]  ? __lock_acquire+0x6de/0x3ff0
[  282.829966]  ? mark_held_locks+0xf0/0xf0
[  282.852165]  ? __ext4_handle_dirty_metadata+0x1e0/0x590
[  282.857536]  ? ext4_find_delalloc_cluster+0x1f0/0x1f0
[  282.862736]  ? mark_held_locks+0xf0/0xf0
[  282.866808]  ? ext4_mark_iloc_dirty+0x1af6/0x2b10
[  282.871709]  ? ext4_es_lookup_extent+0x375/0xb60
[  282.876480]  ? lock_downgrade+0x720/0x720
[  282.880643]  ? lock_acquire+0x170/0x3c0
[  282.884626]  ? check_preemption_disabled+0x41/0x280
[  282.889657]  ? lock_acquire+0x170/0x3c0
[  282.893651]  ? ext4_map_blocks+0x33e/0x1a50
[  282.897993]  ext4_map_blocks+0xd88/0x1a50
[  282.902156]  ? check_preemption_disabled+0x41/0x280
[  282.907192]  ? ext4_issue_zeroout+0x160/0x160
[  282.911696]  ? __brelse+0x84/0xa0
[  282.915151]  ? __ext4_new_inode+0x2eb/0x5a20
[  282.919583]  ext4_getblk+0xad/0x4f0
[  282.923225]  ? ext4_iomap_begin+0xe00/0xe00
[  282.927565]  ? ext4_free_inode+0x1780/0x1780
[  282.931984]  ? debug_check_no_obj_freed+0x201/0x482
[  282.937014]  ? __dquot_initialize+0x298/0xb70
[  282.941563]  ext4_bread+0x7c/0x210
[  282.945118]  ? ext4_getblk+0x4f0/0x4f0
[  282.949015]  ? dquot_initialize_needed+0x290/0x290
[  282.953953]  ? trace_hardirqs_off+0x64/0x200
[  282.958379]  ext4_append+0x155/0x370
[  282.962154]  ext4_mkdir+0x5bd/0xe10
[  282.965782]  ? ext4_init_dot_dotdot+0x600/0x600
[  282.970873]  ? generic_permission+0x116/0x4d0
[  282.975380]  ? inode_permission.part.0+0x10c/0x450
[  282.980835]  vfs_mkdir+0x508/0x7a0
[  282.984380]  do_mkdirat+0x262/0x2d0
[  282.988011]  ? __ia32_sys_mknod+0x120/0x120
[  282.992320]  ? trace_hardirqs_off_caller+0x6e/0x210
[  282.997323]  ? do_syscall_64+0x21/0x620
[  283.001297]  do_syscall_64+0xf9/0x620
[  283.005106]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  283.010297] RIP: 0033:0x45d577
[  283.013481] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  283.032369] RSP: 002b:00007f45360aba78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
21:35:36 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x2300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  283.040066] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 000000000045d577
[  283.047327] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  283.054597] RBP: 00007f45360abad0 R08: 0000000020000248 R09: 0000000000000000
[  283.061871] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  283.069129] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  283.103772] erofs: read_super, device -> /dev/loop1
[  283.109205] erofs: options -> 
[  283.112767] erofs: root inode @ nid 36
[  283.122410] erofs: unmounted for /dev/loop2
21:35:36 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

21:35:36 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x30, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  283.160401] erofs: mounted on /dev/loop1 with opts: .
21:35:36 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x20000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:36 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
r1 = syz_open_dev$vcsu(&(0x7f0000000000)='/dev/vcsu#\x00', 0x8, 0x80)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x38, 0x1411, 0x1, 0x70bd28, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
timerfd_gettime(r3, &(0x7f0000000100))
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000040))
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
r4 = openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_MEASURE_VERITY(r4, 0xc0046686, &(0x7f0000000240)={0x0, 0x67, "0df1949f992600d043c868b79f6b051c390397ec30f0e30ada231059316712bbd2f4fb1917f514dae22a3f3d1b354986cf9aca86cff7a9f7b3be66429f67b41c0e86f6c69ede1793ec8024972d5eab0d340cea2aa7b1fbb7597797ec3a7040ae1f5aed65676bd2"})
r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-control\x00', 0x204440, 0x0)
getsockopt$inet_int(r5, 0x0, 0xf, &(0x7f0000000340), &(0x7f0000000380)=0x4)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r6=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x3}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0)

21:35:36 executing program 1 (fault-call:3 fault-nth:29):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  283.220398] erofs: unmounted for /dev/loop4
[  283.248942] erofs: unmounted for /dev/loop1
[  283.258933] erofs: read_super, device -> /dev/loop2
[  283.266578] erofs: options -> 
[  283.270822] erofs: root inode @ nid 36
[  283.277318] erofs: mounted on /dev/loop2 with opts: .
21:35:36 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x26ab, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  283.356193] erofs: read_super, device -> /dev/loop4
[  283.364713] erofs: unmounted for /dev/loop2
[  283.364861] FAULT_INJECTION: forcing a failure.
[  283.364861] name failslab, interval 1, probability 0, space 0, times 0
[  283.380633] CPU: 1 PID: 15821 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  283.388524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  283.397902] Call Trace:
[  283.400530]  dump_stack+0x1fc/0x2fe
[  283.404192]  should_fail.cold+0xa/0x14
[  283.408124]  ? setup_fault_attr+0x200/0x200
[  283.412819]  ? __es_tree_search.isra.0+0x1af/0x210
[  283.417752]  __should_failslab+0x115/0x180
[  283.422020]  should_failslab+0x5/0xf
[  283.425727]  kmem_cache_alloc+0x3f/0x370
[  283.429782]  __es_insert_extent+0x39b/0x13b0
[  283.434176]  ? lock_acquire+0x170/0x3c0
[  283.438149]  ? ext4_es_insert_extent+0x17e/0x5e0
[  283.442934]  ext4_es_insert_extent+0x22e/0x5e0
[  283.447530]  ? lock_downgrade+0x720/0x720
[  283.451671]  ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0
[  283.457464]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  283.462574]  ? ext4_es_find_delayed_extent_range+0x7d9/0x9f0
[  283.468387]  ext4_ext_map_blocks+0x2129/0x7390
[  283.472996]  ? __lock_acquire+0x6de/0x3ff0
[  283.477240]  ? __lock_acquire+0x6de/0x3ff0
[  283.481483]  ? mark_held_locks+0xf0/0xf0
[  283.485538]  ? __ext4_handle_dirty_metadata+0x1e0/0x590
[  283.490914]  ? ext4_find_delalloc_cluster+0x1f0/0x1f0
[  283.496582]  ? mark_held_locks+0xf0/0xf0
[  283.500638]  ? ext4_mark_iloc_dirty+0x1af6/0x2b10
[  283.505484]  ? ext4_es_lookup_extent+0x375/0xb60
[  283.510232]  ? check_preemption_disabled+0x41/0x280
[  283.515269]  ? lock_acquire+0x170/0x3c0
[  283.519323]  ? ext4_map_blocks+0x33e/0x1a50
[  283.523646]  ext4_map_blocks+0xd88/0x1a50
[  283.527882]  ? check_preemption_disabled+0x41/0x280
[  283.532917]  ? ext4_issue_zeroout+0x160/0x160
[  283.537515]  ? __brelse+0x84/0xa0
[  283.540987]  ? __ext4_new_inode+0x2eb/0x5a20
[  283.545405]  ext4_getblk+0xad/0x4f0
[  283.549038]  ? ext4_iomap_begin+0xe00/0xe00
[  283.553366]  ? ext4_free_inode+0x1780/0x1780
[  283.557771]  ? debug_check_no_obj_freed+0x201/0x482
[  283.562803]  ? __dquot_initialize+0x298/0xb70
[  283.567291]  ext4_bread+0x7c/0x210
[  283.570835]  ? ext4_getblk+0x4f0/0x4f0
[  283.574718]  ? dquot_initialize_needed+0x290/0x290
[  283.579663]  ? trace_hardirqs_off+0x64/0x200
[  283.584168]  ext4_append+0x155/0x370
[  283.587888]  ext4_mkdir+0x5bd/0xe10
[  283.591504]  ? ext4_init_dot_dotdot+0x600/0x600
[  283.596183]  ? generic_permission+0x116/0x4d0
[  283.600719]  ? inode_permission.part.0+0x10c/0x450
[  283.605647]  vfs_mkdir+0x508/0x7a0
[  283.609198]  do_mkdirat+0x262/0x2d0
[  283.612811]  ? __ia32_sys_mknod+0x120/0x120
[  283.617122]  ? trace_hardirqs_off_caller+0x6e/0x210
[  283.622137]  ? do_syscall_64+0x21/0x620
[  283.626115]  do_syscall_64+0xf9/0x620
[  283.629918]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  283.635124] RIP: 0033:0x45d577
[  283.638301] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  283.657202] RSP: 002b:00007f45360aba78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  283.664940] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 000000000045d577
[  283.672204] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  283.679573] RBP: 00007f45360abad0 R08: 0000000020000248 R09: 0000000000000000
[  283.687566] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  283.694826] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  283.720592] erofs: options -> 
[  283.739102] erofs: root inode @ nid 36
[  283.746371] erofs: read_super, device -> /dev/loop1
[  283.757041] erofs: options -> 
[  283.763893] erofs: mounted on /dev/loop4 with opts: .
[  283.771629] erofs: root inode @ nid 36
[  283.789939] erofs: mounted on /dev/loop1 with opts: .
[  283.818761] erofs: read_super, device -> /dev/loop2
[  283.844297] erofs: options -> 
21:35:37 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3f000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:37 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

21:35:37 executing program 1 (fault-call:3 fault-nth:30):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  283.866108] erofs: root inode @ nid 36
[  283.885844] erofs: unmounted for /dev/loop4
[  283.895041] erofs: mounted on /dev/loop2 with opts: .
21:35:37 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x2000, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  283.923083] erofs: unmounted for /dev/loop1
[  284.009044] erofs: read_super, device -> /dev/loop4
[  284.020598] erofs: options -> 
[  284.034736] erofs: root inode @ nid 36
[  284.053300] erofs: mounted on /dev/loop4 with opts: .
[  284.066840] FAULT_INJECTION: forcing a failure.
[  284.066840] name failslab, interval 1, probability 0, space 0, times 0
[  284.079438] CPU: 1 PID: 15853 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  284.087339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  284.096702] Call Trace:
[  284.099304]  dump_stack+0x1fc/0x2fe
[  284.103036]  should_fail.cold+0xa/0x14
[  284.107026]  ? setup_fault_attr+0x200/0x200
[  284.111358]  ? lock_downgrade+0x720/0x720
[  284.115690]  __should_failslab+0x115/0x180
[  284.119921]  should_failslab+0x5/0xf
[  284.123643]  __kmalloc+0x2ab/0x3c0
[  284.127202]  ? ext4_find_extent+0x9bb/0xc70
[  284.131542]  ext4_find_extent+0x9bb/0xc70
[  284.135713]  ext4_ext_map_blocks+0x1c0/0x7390
[  284.140241]  ? __lock_acquire+0x6de/0x3ff0
[  284.144530]  ? mark_held_locks+0xf0/0xf0
[  284.148863]  ? __ext4_handle_dirty_metadata+0x1e0/0x590
[  284.154235]  ? ext4_find_delalloc_cluster+0x1f0/0x1f0
[  284.159421]  ? mark_held_locks+0xf0/0xf0
[  284.163472]  ? ext4_mark_iloc_dirty+0x1af6/0x2b10
[  284.168316]  ? ext4_es_lookup_extent+0x375/0xb60
[  284.173179]  ? ext4_map_blocks+0x59f/0x1a50
[  284.177509]  ? lock_acquire+0x170/0x3c0
[  284.181496]  ? ext4_map_blocks+0x740/0x1a50
[  284.185836]  ext4_map_blocks+0x7a2/0x1a50
[  284.189994]  ? check_preemption_disabled+0x41/0x280
[  284.195026]  ? ext4_issue_zeroout+0x160/0x160
[  284.199522]  ? __brelse+0x84/0xa0
[  284.202974]  ? __ext4_new_inode+0x2eb/0x5a20
[  284.207399]  ext4_getblk+0xad/0x4f0
[  284.211041]  ? ext4_iomap_begin+0xe00/0xe00
[  284.215378]  ? ext4_free_inode+0x1780/0x1780
[  284.219785]  ? debug_check_no_obj_freed+0x201/0x482
[  284.224787]  ? __dquot_initialize+0x298/0xb70
[  284.229293]  ext4_bread+0x7c/0x210
[  284.232824]  ? ext4_getblk+0x4f0/0x4f0
[  284.236697]  ? dquot_initialize_needed+0x290/0x290
[  284.241630]  ? trace_hardirqs_off+0x64/0x200
[  284.246043]  ext4_append+0x155/0x370
[  284.249787]  ext4_mkdir+0x5bd/0xe10
[  284.253433]  ? ext4_init_dot_dotdot+0x600/0x600
[  284.258101]  ? generic_permission+0x116/0x4d0
[  284.262603]  ? inode_permission.part.0+0x10c/0x450
[  284.267523]  vfs_mkdir+0x508/0x7a0
[  284.271086]  do_mkdirat+0x262/0x2d0
[  284.274716]  ? __ia32_sys_mknod+0x120/0x120
[  284.279078]  ? trace_hardirqs_off_caller+0x6e/0x210
[  284.284126]  ? do_syscall_64+0x21/0x620
[  284.288109]  do_syscall_64+0xf9/0x620
[  284.291898]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  284.297123] RIP: 0033:0x45d577
21:35:37 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x26c8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  284.300315] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  284.319219] RSP: 002b:00007f45360aba78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  284.326951] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 000000000045d577
[  284.334238] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  284.341495] RBP: 00007f45360abad0 R08: 0000000020000248 R09: 0000000000000000
[  284.348755] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  284.356184] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:37 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x60000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:37 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

[  284.392169] erofs: unmounted for /dev/loop2
21:35:37 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x7fffffff}, &(0x7f0000000200), 0x0)

[  284.427147] erofs: unmounted for /dev/loop4
21:35:37 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
r1 = syz_mount_image$fuse(&(0x7f0000000000)='fuse\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x8000, &(0x7f0000000840)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYBLOB="197cc9f0de1baf9930e58136a0c8e297f743f287945ad3e2147832dbf969fde8ed6f89387f575b45fca4b040a3b34be0bdf14a05b8d0ba50748ea604477cad01eef5637e4a1f41b6c4a5f06739d0d4f37a8ddb727819eb8c9f14bd348faf83ed96a3493214ece9f82a90c038cf93320fb8bcc17c9394d7ab06ce2eb75308702f024bbe2fc1837c5b5304ec4e849ccb9d4154f0b12e33eb7c2fe2", @ANYBLOB="2c67726fd7643d000000", @ANYRESDEC=0xee01, @ANYBLOB="2c616c6c6f775f6f746865724464656661756c745f7065726d697373696f6e732c626c6b73697a653d3078303030303030303030303030323830302c6d61785f726561643d3078303030303030303030303030303030312c6d61785f7265e6db3d307830303030700e3bfa3030303030303030307d30382c6d61785f726561643d3078303030303030303030303030303030322c616c6c6f775f6f746865722c6d61785f726561643d3078303030303030303030303030303030332c616c6c6f775f6c6f775f6f746865722c6f626ac7464d39653d245d282c66756e633d43524544535f434845434b2c66736e616d653d2f6465762f6d4953444e74696d6572002c6f626a5f757365723d2f6465762f6d4953444e74696d6572002c686173682c666f776e65723edacf4514cabbaa000e401aa7994ecac920f2ae521965cfdd8be8319628c2ff1613782d3e9859879c154e6b4915141b5a5a85a2914c08f4d9617d58242206e41eced9b7a6c7ecb962ed40424fbd9705f156a13b3213aed1efa74fc8b1aa61bd6a88f66a873e55cbc24337717e064ed02ef2b8e0256037a18f3d81aff129179f072762fb7aa216726d00f2a4e0c2805fd2bdb81c3ffa8acfa947fb32efe93026906b5f1934204c075ed76868f75853fcb52f5c6d8bf287dd0000000000000000", @ANYRESDEC=0xee00, @ANYBLOB=',\x00'])
ioctl$BTRFS_IOC_BALANCE_CTL(r1, 0x40049421, 0x2)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)

21:35:37 executing program 1 (fault-call:3 fault-nth:31):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  284.535349] erofs: read_super, device -> /dev/loop2
[  284.554939] erofs: options -> 
[  284.563979] erofs: root inode @ nid 36
21:35:37 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x2100, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  284.580978] erofs: read_super, device -> /dev/loop4
[  284.589599] erofs: mounted on /dev/loop2 with opts: .
[  284.598330] erofs: options -> 
[  284.609070] FAULT_INJECTION: forcing a failure.
[  284.609070] name failslab, interval 1, probability 0, space 0, times 0
[  284.630007] erofs: root inode @ nid 36
[  284.634562] CPU: 1 PID: 15880 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  284.642456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  284.651812] Call Trace:
[  284.654412]  dump_stack+0x1fc/0x2fe
[  284.658059]  should_fail.cold+0xa/0x14
[  284.662015]  ? setup_fault_attr+0x200/0x200
[  284.666377]  ? lock_downgrade+0x720/0x720
[  284.670536]  ? check_preemption_disabled+0x41/0x280
[  284.675575]  __should_failslab+0x115/0x180
[  284.679830]  should_failslab+0x5/0xf
[  284.683554]  kmem_cache_alloc+0x277/0x370
[  284.687715]  ext4_mb_new_blocks+0x60a/0x4370
[  284.692147]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  284.697175]  ? ext4_cache_extents+0x68/0x2d0
[  284.701595]  ? ext4_find_extent+0x9bb/0xc70
[  284.705932]  ? ext4_discard_preallocations+0xfb0/0xfb0
[  284.711220]  ? ext4_ext_search_right+0x2c7/0xb60
[  284.715987]  ? ext4_inode_to_goal_block+0x2d2/0x3e0
[  284.721033]  ext4_ext_map_blocks+0x2aa2/0x7390
[  284.725671]  ? __lock_acquire+0x6de/0x3ff0
[  284.729927]  ? mark_held_locks+0xf0/0xf0
[  284.734031]  ? __ext4_handle_dirty_metadata+0x1e0/0x590
[  284.739434]  ? ext4_find_delalloc_cluster+0x1f0/0x1f0
[  284.744642]  ? mark_held_locks+0xf0/0xf0
[  284.748713]  ? ext4_mark_iloc_dirty+0x1af6/0x2b10
[  284.753571]  ? ext4_es_lookup_extent+0x375/0xb60
[  284.758347]  ? ext4_map_blocks+0x59f/0x1a50
[  284.762785]  ext4_map_blocks+0x7a2/0x1a50
[  284.766946]  ? check_preemption_disabled+0x41/0x280
[  284.770589] erofs: mounted on /dev/loop4 with opts: .
[  284.771971]  ? ext4_issue_zeroout+0x160/0x160
[  284.771990]  ? __brelse+0x84/0xa0
[  284.772005]  ? __ext4_new_inode+0x2eb/0x5a20
[  284.772035]  ext4_getblk+0xad/0x4f0
[  284.772053]  ? ext4_iomap_begin+0xe00/0xe00
[  284.772073]  ? ext4_free_inode+0x1780/0x1780
[  284.801983]  ? debug_check_no_obj_freed+0x201/0x482
[  284.807103]  ? __dquot_initialize+0x298/0xb70
[  284.811644]  ext4_bread+0x7c/0x210
[  284.815191]  ? ext4_getblk+0x4f0/0x4f0
[  284.819088]  ? dquot_initialize_needed+0x290/0x290
[  284.824041]  ? trace_hardirqs_off+0x64/0x200
[  284.828468]  ext4_append+0x155/0x370
[  284.832198]  ext4_mkdir+0x5bd/0xe10
[  284.836031]  ? ext4_init_dot_dotdot+0x600/0x600
[  284.840712]  ? generic_permission+0x116/0x4d0
[  284.845219]  ? inode_permission.part.0+0x10c/0x450
[  284.850164]  vfs_mkdir+0x508/0x7a0
[  284.853721]  do_mkdirat+0x262/0x2d0
[  284.857368]  ? __ia32_sys_mknod+0x120/0x120
[  284.861704]  ? trace_hardirqs_off_caller+0x6e/0x210
[  284.866726]  ? do_syscall_64+0x21/0x620
[  284.870709]  do_syscall_64+0xf9/0x620
[  284.874523]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  284.879718] RIP: 0033:0x45d577
21:35:38 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0xfffffffe, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  284.882921] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  284.901836] RSP: 002b:00007f45360aba78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  284.909566] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 000000000045d577
[  284.916847] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  284.924130] RBP: 00007f45360abad0 R08: 0000000020000248 R09: 0000000000000000
21:35:38 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:38 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x3000000000000000, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  284.931408] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  284.938677] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  284.950879] Bluetooth: hci0: command 0x0406 tx timeout
[  284.956397] Bluetooth: hci2: command 0x0406 tx timeout
[  284.965093] Bluetooth: hci3: command 0x0406 tx timeout
[  284.972654] Bluetooth: hci4: command 0x0406 tx timeout
21:35:38 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x8cffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  285.002094] erofs: unmounted for /dev/loop2
21:35:38 executing program 1 (fault-call:3 fault-nth:32):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  285.041502] erofs: unmounted for /dev/loop4
[  285.095770] FAULT_INJECTION: forcing a failure.
[  285.095770] name failslab, interval 1, probability 0, space 0, times 0
[  285.107165] CPU: 1 PID: 15909 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  285.115061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  285.124447] Call Trace:
[  285.127046]  dump_stack+0x1fc/0x2fe
[  285.129396] erofs: read_super, device -> /dev/loop2
[  285.130689]  should_fail.cold+0xa/0x14
[  285.136828] erofs: options -> 
[  285.139599]  ? setup_fault_attr+0x200/0x200
[  285.139617]  ? __es_tree_search.isra.0+0x1af/0x210
[  285.139640]  __should_failslab+0x115/0x180
[  285.139656]  should_failslab+0x5/0xf
[  285.139669]  kmem_cache_alloc+0x3f/0x370
[  285.139686]  __es_insert_extent+0x39b/0x13b0
[  285.139710]  ext4_es_insert_extent+0x22e/0x5e0
[  285.150651] erofs: root inode @ nid 36
[  285.152111]  ? ext4_map_blocks+0x59f/0x1a50
[  285.152129]  ? ext4_es_find_delayed_extent_range+0x9f0/0x9f0
[  285.152160]  ext4_map_blocks+0xa2a/0x1a50
[  285.152183]  ? ext4_issue_zeroout+0x160/0x160
[  285.152200]  ? __brelse+0x84/0xa0
[  285.152215]  ? __ext4_new_inode+0x2eb/0x5a20
[  285.152239]  ext4_getblk+0xad/0x4f0
[  285.161457] erofs: mounted on /dev/loop2 with opts: .
[  285.164395]  ? ext4_iomap_begin+0xe00/0xe00
[  285.164414]  ? ext4_free_inode+0x1780/0x1780
[  285.164429]  ? debug_check_no_obj_freed+0x201/0x482
[  285.164442]  ? __dquot_initialize+0x298/0xb70
[  285.164461]  ext4_bread+0x7c/0x210
[  285.164477]  ? ext4_getblk+0x4f0/0x4f0
[  285.164491]  ? dquot_initialize_needed+0x290/0x290
[  285.164514]  ? trace_hardirqs_off+0x64/0x200
[  285.164532]  ext4_append+0x155/0x370
[  285.186815] erofs: read_super, device -> /dev/loop4
[  285.187603]  ext4_mkdir+0x5bd/0xe10
[  285.187628]  ? ext4_init_dot_dotdot+0x600/0x600
[  285.187647]  ? generic_permission+0x116/0x4d0
[  285.187665]  ? inode_permission.part.0+0x10c/0x450
[  285.187682]  vfs_mkdir+0x508/0x7a0
[  285.187699]  do_mkdirat+0x262/0x2d0
[  285.211871] erofs: options -> 
[  285.212991]  ? __ia32_sys_mknod+0x120/0x120
[  285.213010]  ? trace_hardirqs_off_caller+0x6e/0x210
[  285.213026]  ? do_syscall_64+0x21/0x620
[  285.213043]  do_syscall_64+0xf9/0x620
[  285.213062]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  285.213074] RIP: 0033:0x45d577
[  285.213088] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  285.213100] RSP: 002b:00007f45360aba78 EFLAGS: 00000213 ORIG_RAX: 0000000000000053
[  285.223457] erofs: root inode @ nid 36
21:35:38 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

[  285.226814] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 000000000045d577
[  285.226823] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100
[  285.226832] RBP: 00007f45360abad0 R08: 0000000020000248 R09: 0000000000000000
[  285.226841] R10: 0000000000001000 R11: 0000000000000213 R12: 0000000020000000
[  285.226850] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  285.262611] erofs: read_super, device -> /dev/loop1
[  285.278381] erofs: mounted on /dev/loop4 with opts: .
[  285.283357] erofs: options -> 
21:35:38 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x4000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:38 executing program 1 (fault-call:3 fault-nth:33):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  285.417123] erofs: root inode @ nid 36
[  285.421303] erofs: mounted on /dev/loop1 with opts: .
[  285.422833] erofs: unmounted for /dev/loop2
21:35:38 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xc0ed0000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:38 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
r1 = socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
getsockopt$sock_buf(r2, 0x1, 0x37, &(0x7f0000000000)=""/3, &(0x7f0000000040)=0x3)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r3=>0x0})
sendmsg$TIPC_NL_LINK_RESET_STATS(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)={0x18c, 0x0, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0x134, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x5, @mcast2, 0xfffff000}}, {0x14, 0x2, @in={0x2, 0x4e20, @broadcast}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x14, 0x2, @in={0x2, 0x4e20, @remote}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x19}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'eth', 0x3a, 'hsr0\x00'}}, @TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'eth', 0x3a, 'veth0_to_hsr\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xfffffff8}}, {0x14, 0x2, @in={0x2, 0x4e22, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'ib', 0x3a, 'xfrm0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x0, @remote, 0x4}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x3ff, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x6b}}}}]}, @TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}]}]}, 0x18c}, 0x1, 0x0, 0x0, 0x4040}, 0x4044800)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0)

[  285.477214] erofs: unmounted for /dev/loop1
21:35:38 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0xbfffffffffffff7f, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  285.497534] erofs: unmounted for /dev/loop4
[  285.573151] erofs: read_super, device -> /dev/loop2
[  285.580630] erofs: options -> 
[  285.592673] erofs: root inode @ nid 36
[  285.602960] erofs: mounted on /dev/loop2 with opts: .
21:35:39 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x2}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:39 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x6000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  285.630741] erofs: read_super, device -> /dev/loop4
[  285.636180] erofs: options -> 
[  285.639805] erofs: root inode @ nid 36
[  285.646929] erofs: mounted on /dev/loop4 with opts: .
[  285.679190] FAULT_INJECTION: forcing a failure.
[  285.679190] name failslab, interval 1, probability 0, space 0, times 0
[  285.691564] erofs: unmounted for /dev/loop2
[  285.701286] CPU: 0 PID: 15955 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  285.709204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  285.718569] Call Trace:
[  285.721174]  dump_stack+0x1fc/0x2fe
[  285.724819]  should_fail.cold+0xa/0x14
[  285.728724]  ? setup_fault_attr+0x200/0x200
[  285.733186]  ? lock_acquire+0x170/0x3c0
[  285.737165]  __should_failslab+0x115/0x180
[  285.741404]  should_failslab+0x5/0xf
[  285.745119]  __kmalloc_track_caller+0x2a6/0x3c0
[  285.749776]  ? strndup_user+0x70/0x120
[  285.753662]  ? _copy_from_user+0xd2/0x130
[  285.757838]  memdup_user+0x22/0xb0
[  285.761386]  strndup_user+0x70/0x120
[  285.765112]  ksys_mount+0x6f/0x130
[  285.769086]  __x64_sys_mount+0xba/0x150
[  285.773064]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  285.777657]  do_syscall_64+0xf9/0x620
[  285.781488]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  285.786698] RIP: 0033:0x460baa
[  285.789877] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  285.808785] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  285.816508] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
21:35:39 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xf6ffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:39 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x3}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  285.823792] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  285.831079] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  285.838336] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  285.845615] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  285.855244] erofs: unmounted for /dev/loop4
21:35:39 executing program 1 (fault-call:3 fault-nth:34):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  285.958262] erofs: read_super, device -> /dev/loop2
[  285.969510] erofs: options -> 
[  286.007240] erofs: root inode @ nid 36
[  286.018977] erofs: mounted on /dev/loop2 with opts: .
[  286.022355] erofs: read_super, device -> /dev/loop4
[  286.029908] erofs: options -> 
[  286.049069] erofs: root inode @ nid 36
21:35:39 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x4}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  286.064203] erofs: mounted on /dev/loop4 with opts: .
[  286.100550] FAULT_INJECTION: forcing a failure.
[  286.100550] name failslab, interval 1, probability 0, space 0, times 0
[  286.137383] erofs: unmounted for /dev/loop2
[  286.154008] CPU: 1 PID: 15981 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  286.161925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  286.171310] Call Trace:
[  286.173935]  dump_stack+0x1fc/0x2fe
[  286.178362]  should_fail.cold+0xa/0x14
[  286.182287]  ? setup_fault_attr+0x200/0x200
[  286.186616]  ? lock_acquire+0x170/0x3c0
[  286.190604]  __should_failslab+0x115/0x180
[  286.194850]  should_failslab+0x5/0xf
[  286.198567]  __kmalloc_track_caller+0x2a6/0x3c0
[  286.203236]  ? strndup_user+0x70/0x120
[  286.207126]  ? _copy_from_user+0xd2/0x130
[  286.211280]  memdup_user+0x22/0xb0
[  286.214826]  strndup_user+0x70/0x120
[  286.218543]  ksys_mount+0x6f/0x130
[  286.222086]  __x64_sys_mount+0xba/0x150
[  286.226092]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  286.230676]  do_syscall_64+0xf9/0x620
[  286.234481]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  286.239671] RIP: 0033:0x460baa
[  286.242873] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  286.261781] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  286.269502] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  286.276788] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  286.284080] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  286.291352] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
21:35:39 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

21:35:39 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xab26, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:39 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xffff1f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  286.298641] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  286.313237] erofs: unmounted for /dev/loop4
21:35:39 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4}, 0x0, &(0x7f0000000140)={0x1ff, 0x4}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x1a4f606dd6835969, 0x164)

[  286.477458] erofs: read_super, device -> /dev/loop4
[  286.499973] erofs: options -> 
21:35:39 executing program 1 (fault-call:3 fault-nth:35):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  286.531271] erofs: root inode @ nid 36
[  286.546646] erofs: read_super, device -> /dev/loop2
[  286.552800] erofs: options -> 
[  286.557192] erofs: root inode @ nid 36
[  286.563149] erofs: mounted on /dev/loop4 with opts: .
[  286.564412] erofs: mounted on /dev/loop2 with opts: .
[  286.614618] FAULT_INJECTION: forcing a failure.
[  286.614618] name failslab, interval 1, probability 0, space 0, times 0
[  286.626276] CPU: 0 PID: 16013 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  286.634173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  286.643534] Call Trace:
[  286.646135]  dump_stack+0x1fc/0x2fe
[  286.649781]  should_fail.cold+0xa/0x14
[  286.653723]  ? setup_fault_attr+0x200/0x200
[  286.658056]  ? lock_acquire+0x170/0x3c0
[  286.662057]  __should_failslab+0x115/0x180
[  286.666311]  should_failslab+0x5/0xf
[  286.670037]  kmem_cache_alloc_trace+0x284/0x380
[  286.674719]  ? _copy_from_user+0xd2/0x130
[  286.678883]  copy_mount_options+0x59/0x380
[  286.683138]  ksys_mount+0x9b/0x130
[  286.686709]  __x64_sys_mount+0xba/0x150
[  286.690697]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  286.695292]  do_syscall_64+0xf9/0x620
[  286.699113]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  286.704309] RIP: 0033:0x460baa
21:35:40 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xc826, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  286.707511] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  286.726424] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  286.734150] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  286.741517] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  286.748798] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  286.756085] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
21:35:40 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xffffff7f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:40 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x5}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  286.763370] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  286.770807] erofs: unmounted for /dev/loop2
[  286.802567] erofs: unmounted for /dev/loop4
21:35:40 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x6}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  286.914121] erofs: read_super, device -> /dev/loop2
[  286.934405] erofs: options -> 
[  286.937991] erofs: root inode @ nid 36
[  286.942521] erofs: mounted on /dev/loop2 with opts: .
21:35:40 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xedc0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:40 executing program 1 (fault-call:3 fault-nth:36):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  286.991381] erofs: unmounted for /dev/loop2
[  287.050609] erofs: read_super, device -> /dev/loop4
[  287.051325] FAULT_INJECTION: forcing a failure.
[  287.051325] name failslab, interval 1, probability 0, space 0, times 0
[  287.073698] CPU: 1 PID: 16039 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  287.081604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  287.083445] erofs: options -> 
[  287.090962] Call Trace:
[  287.090987]  dump_stack+0x1fc/0x2fe
[  287.091008]  should_fail.cold+0xa/0x14
[  287.091025]  ? setup_fault_attr+0x200/0x200
[  287.091039]  ? lock_acquire+0x170/0x3c0
[  287.091060]  __should_failslab+0x115/0x180
[  287.091081]  should_failslab+0x5/0xf
[  287.120588]  kmem_cache_alloc+0x277/0x370
[  287.124784]  getname_flags+0xce/0x590
[  287.128600]  user_path_at_empty+0x2a/0x50
[  287.132765]  do_mount+0x147/0x2f10
[  287.136322]  ? setup_fault_attr+0x200/0x200
[  287.140660]  ? lock_acquire+0x170/0x3c0
[  287.144651]  ? check_preemption_disabled+0x41/0x280
[  287.149687]  ? copy_mount_string+0x40/0x40
[  287.152980] erofs: read_super, device -> /dev/loop2
[  287.153938]  ? copy_mount_options+0x59/0x380
[  287.153957]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  287.153971]  ? kmem_cache_alloc_trace+0x323/0x380
[  287.153989]  ? copy_mount_options+0x26f/0x380
[  287.159871] erofs: options -> 
[  287.163409]  ksys_mount+0xcf/0x130
[  287.163430]  __x64_sys_mount+0xba/0x150
[  287.163446]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  287.163460]  do_syscall_64+0xf9/0x620
[  287.163478]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  287.163490] RIP: 0033:0x460baa
[  287.163504] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  287.163512] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  287.163532] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  287.163546] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
21:35:40 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

[  287.199642] erofs: root inode @ nid 36
[  287.202111] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  287.202120] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  287.202130] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  287.266707] erofs: root inode @ nid 36
[  287.268721] erofs: mounted on /dev/loop2 with opts: .
21:35:40 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xf703, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:40 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x0)
sendto$inet(r1, &(0x7f0000000000)="16aac23295b98729825845b1ea6b2886349a0b314f2b96ecb293f0ba9a8407dd14266971de83aa9484eb6a28fd6388ef5529b1b0298fb8ad7f7e4ca97e1aba2bfd614d7f00e6b4acf849e63dad33b01b2c", 0x51, 0x80, &(0x7f0000000100)={0x2, 0x4e23, @multicast2}, 0x10)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)
ioctl$SNAPSHOT_UNFREEZE(0xffffffffffffffff, 0x3302)

[  287.343193] erofs: mounted on /dev/loop4 with opts: .
21:35:40 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

21:35:40 executing program 1 (fault-call:3 fault-nth:37):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  287.391681] erofs: unmounted for /dev/loop2
21:35:40 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xffffff8c, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:40 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x7}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  287.456034] erofs: unmounted for /dev/loop4
21:35:40 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000040)="c7442400fa1f0000c744240200000000c7442406000000000f0114240f20e035000002000f22e066ba420066b8489566efc4c3156c4e89a8b8010000000f01d966b824010f00d866baf80cb8ece18a88ef66bafc0cb80a5e6c46efc4c105e8751dc686050000009a66b8db000f00d0", 0x6f}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r3, 0x942e, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
r4 = socket$inet_sctp(0x2, 0x0, 0x84)
getsockopt$IPT_SO_GET_REVISION_MATCH(r4, 0x0, 0x42, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000040)=0x1e)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
ptrace$peek(0x1, 0xffffffffffffffff, &(0x7f0000000100))
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f00000001c0)='NETMAP\x00')
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r6=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0)

[  287.510803] FAULT_INJECTION: forcing a failure.
[  287.510803] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  287.522643] CPU: 0 PID: 16069 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  287.530554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  287.539913] Call Trace:
[  287.542510]  dump_stack+0x1fc/0x2fe
[  287.546190]  should_fail.cold+0xa/0x14
[  287.550092]  ? setup_fault_attr+0x200/0x200
[  287.554436]  __alloc_pages_nodemask+0x239/0x2890
21:35:40 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x8}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:40 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

[  287.559211]  ? __read_once_size_nocheck.constprop.0+0x10/0x10
[  287.565126]  ? is_bpf_text_address+0xd5/0x1b0
[  287.569629]  ? __lock_acquire+0x6de/0x3ff0
[  287.573973]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  287.578823]  ? is_bpf_text_address+0xfc/0x1b0
[  287.583325]  ? unwind_get_return_address+0x51/0x90
[  287.588289]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  287.593670]  ? __save_stack_trace+0xaf/0x190
[  287.599327]  cache_grow_begin+0xa4/0x8a0
[  287.603402]  ? setup_fault_attr+0x200/0x200
21:35:40 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x9}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  287.607738]  ? lock_acquire+0x170/0x3c0
[  287.611741]  cache_alloc_refill+0x273/0x340
[  287.616076]  kmem_cache_alloc+0x346/0x370
[  287.620233]  getname_flags+0xce/0x590
[  287.624045]  user_path_at_empty+0x2a/0x50
[  287.628215]  do_mount+0x147/0x2f10
[  287.631765]  ? rcu_nmi_exit+0xb3/0x180
[  287.635666]  ? retint_kernel+0x2d/0x2d
[  287.639661]  ? copy_mount_string+0x40/0x40
[  287.643906]  ? copy_mount_options+0x1da/0x380
[  287.648434]  ? __sanitizer_cov_trace_pc+0x47/0x50
[  287.653286]  ? copy_mount_options+0x26f/0x380
[  287.657810]  ksys_mount+0xcf/0x130
21:35:41 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xa}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  287.661361]  __x64_sys_mount+0xba/0x150
[  287.665353]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  287.669957]  do_syscall_64+0xf9/0x620
[  287.673796]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  287.678990] RIP: 0033:0x460baa
[  287.682195] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  287.701112] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
21:35:41 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xb}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  287.708834] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  287.716128] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  287.723501] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  287.730976] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  287.745983] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  287.787832] erofs: read_super, device -> /dev/loop4
[  287.792153] erofs: read_super, device -> /dev/loop2
[  287.797906] erofs: options -> 
[  287.798860] erofs: options -> 
[  287.801154] erofs: root inode @ nid 36
[  287.812317] erofs: root inode @ nid 36
[  287.845868] erofs: mounted on /dev/loop2 with opts: .
[  287.845996] erofs: mounted on /dev/loop4 with opts: .
[  287.875927] erofs: read_super, device -> /dev/loop1
[  287.899203] erofs: options -> 
[  287.915615] erofs: root inode @ nid 36
[  287.929536] erofs: unmounted for /dev/loop4
[  287.935087] erofs: mounted on /dev/loop1 with opts: .
21:35:41 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xf803, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:41 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:41 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xfffffff6, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  287.949457] erofs: unmounted for /dev/loop2
21:35:41 executing program 1 (fault-call:3 fault-nth:38):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:41 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xc}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:41 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  288.000174] erofs: unmounted for /dev/loop1
[  288.077435] erofs: read_super, device -> /dev/loop4
[  288.085493] erofs: options -> 
[  288.089381] erofs: root inode @ nid 36
[  288.099625] erofs: read_super, device -> /dev/loop2
[  288.106456] erofs: options -> 
[  288.109456] erofs: mounted on /dev/loop4 with opts: .
[  288.116513] erofs: root inode @ nid 36
[  288.120936] erofs: mounted on /dev/loop2 with opts: .
[  288.165314] FAULT_INJECTION: forcing a failure.
[  288.165314] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  288.194632] erofs: unmounted for /dev/loop4
[  288.207633] CPU: 0 PID: 16132 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  288.215549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  288.224913] Call Trace:
[  288.227523]  dump_stack+0x1fc/0x2fe
[  288.231159]  should_fail.cold+0xa/0x14
[  288.235047]  ? lock_acquire+0x170/0x3c0
[  288.239030]  ? setup_fault_attr+0x200/0x200
[  288.243374]  __alloc_pages_nodemask+0x239/0x2890
[  288.248228]  ? pcpu_alloc+0x91f/0x1190
[  288.252114]  ? mark_held_locks+0xf0/0xf0
[  288.256169]  ? pcpu_alloc+0xe78/0x1190
[  288.260069]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  288.264933]  ? check_preemption_disabled+0x41/0x280
[  288.269950]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  288.274953]  ? pcpu_alloc+0xc9/0x1190
[  288.278743]  alloc_pages_current+0x193/0x2a0
[  288.283146]  ? __lockdep_init_map+0x100/0x5a0
[  288.287638]  get_zeroed_page+0x10/0x40
[  288.291522]  mount_fs+0x203/0x30c
[  288.294974]  vfs_kern_mount.part.0+0x68/0x470
[  288.299457]  do_mount+0x113c/0x2f10
[  288.303114]  ? lock_acquire+0x170/0x3c0
[  288.307086]  ? check_preemption_disabled+0x41/0x280
[  288.312114]  ? copy_mount_string+0x40/0x40
[  288.316357]  ? copy_mount_options+0x59/0x380
[  288.320776]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  288.325784]  ? kmem_cache_alloc_trace+0x323/0x380
[  288.330621]  ? copy_mount_options+0x26f/0x380
[  288.335113]  ksys_mount+0xcf/0x130
[  288.338652]  __x64_sys_mount+0xba/0x150
[  288.342636]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  288.347223]  do_syscall_64+0xf9/0x620
[  288.351105]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  288.356280] RIP: 0033:0x460baa
[  288.359483] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  288.378402] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  288.386105] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  288.393367] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  288.400639] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  288.407906] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  288.415511] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  288.463093] erofs: unmounted for /dev/loop2
21:35:41 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000340)={{0x3000, 0x0, 0xb, 0x6, 0x5, 0x40, 0x0, 0x3, 0x55, 0x4, 0x9, 0xff}, {0x6000, 0xd000, 0x17, 0xff, 0x5, 0x9d, 0x52, 0x7f, 0x0, 0x5, 0xac, 0x3}, {0x100000, 0x6000, 0x13, 0x3f, 0x1, 0x1f, 0x77, 0x3f, 0x3, 0x5, 0x1, 0x40}, {0xd000, 0x2, 0x10, 0x4, 0x7f, 0x8, 0xf8, 0xb8, 0xbd, 0x1, 0x4, 0x7}, {0x0, 0x2000, 0xf, 0xff, 0x4, 0x2e, 0xb9, 0x34, 0x3f, 0x1, 0x6, 0x1}, {0x5000, 0xf000, 0xd, 0x1, 0x4, 0x3f, 0x6, 0x4, 0x1d, 0x4, 0x5, 0x8}, {0x100000, 0x10000, 0xc, 0xc0, 0x7, 0xf7, 0x7, 0x3, 0x21, 0x9, 0x2, 0x6}, {0x4000, 0x6000, 0x4, 0x2, 0x0, 0xff, 0xe1, 0xfc, 0xaf, 0x6, 0x1, 0x75}, {0x10000, 0x7ff}, {0x0, 0x4}, 0x40000, 0x0, 0x0, 0x10, 0xa, 0x2000, 0x10000, [0x8770, 0x3, 0x0, 0x2]})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
getsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f0000000000), &(0x7f0000000040)=0x4)

21:35:41 executing program 1 (fault-call:3 fault-nth:39):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:41 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xd}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:41 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:41 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xedc000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:41 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xf903, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  288.670084] erofs: read_super, device -> /dev/loop4
[  288.682833] FAULT_INJECTION: forcing a failure.
[  288.682833] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  288.706681] erofs: options -> 
21:35:42 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x10}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  288.717730] erofs: read_super, device -> /dev/loop2
[  288.733320] erofs: root inode @ nid 36
[  288.744137] erofs: options -> 
[  288.752463] erofs: mounted on /dev/loop4 with opts: .
[  288.764474] erofs: root inode @ nid 36
[  288.770203] CPU: 0 PID: 16159 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  288.778104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  288.787466] Call Trace:
[  288.790080]  dump_stack+0x1fc/0x2fe
[  288.793729]  should_fail.cold+0xa/0x14
[  288.797670]  ? lock_acquire+0x170/0x3c0
[  288.801658]  ? setup_fault_attr+0x200/0x200
[  288.806005]  __alloc_pages_nodemask+0x239/0x2890
[  288.810775]  ? pcpu_alloc+0x91f/0x1190
[  288.814688]  ? mark_held_locks+0xf0/0xf0
[  288.818789]  ? pcpu_alloc+0xe78/0x1190
[  288.822704]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  288.827564]  ? check_preemption_disabled+0x41/0x280
[  288.832606]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  288.836490] erofs: mounted on /dev/loop2 with opts: .
[  288.837627]  ? pcpu_alloc+0xc9/0x1190
[  288.837649]  alloc_pages_current+0x193/0x2a0
[  288.837663]  ? __lockdep_init_map+0x100/0x5a0
[  288.837682]  get_zeroed_page+0x10/0x40
[  288.837697]  mount_fs+0x203/0x30c
[  288.837716]  vfs_kern_mount.part.0+0x68/0x470
[  288.867422]  do_mount+0x113c/0x2f10
[  288.871077]  ? retint_kernel+0x2d/0x2d
[  288.874984]  ? copy_mount_string+0x40/0x40
[  288.879235]  ? copy_mount_options+0x1f9/0x380
[  288.883753]  ? audit_add_tree_rule.cold+0x2f/0x2f
[  288.888614]  ? copy_mount_options+0x26f/0x380
[  288.893129]  ksys_mount+0xcf/0x130
[  288.896684]  __x64_sys_mount+0xba/0x150
[  288.900671]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  288.905269]  do_syscall_64+0xf9/0x620
[  288.909097]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  288.914298] RIP: 0033:0x460baa
[  288.917497] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  288.936408] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  288.944138] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  288.953545] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  288.960846] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
21:35:42 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  288.968113] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  288.975384] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:42 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x1, 0x8, 0x0, 0x0, 0x10000}, &(0x7f0000000200)={0x0, 0x989680}, 0x0)

21:35:42 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x4000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:42 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xfa03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:42 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:42 executing program 1 (fault-call:3 fault-nth:40):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  289.053954] erofs: unmounted for /dev/loop4
[  289.059120] erofs: unmounted for /dev/loop2
21:35:42 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
r1 = socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000000)={<r4=>0x0, 0x8}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000100)={r4, 0x8}, &(0x7f00000001c0)=0x8)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r5=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0)

[  289.209507] FAULT_INJECTION: forcing a failure.
[  289.209507] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  289.227738] erofs: read_super, device -> /dev/loop4
[  289.235410] CPU: 0 PID: 16204 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  289.243320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  289.248718] erofs: options -> 
[  289.252678] Call Trace:
[  289.252704]  dump_stack+0x1fc/0x2fe
[  289.252725]  should_fail.cold+0xa/0x14
[  289.252739]  ? lock_acquire+0x170/0x3c0
[  289.252752]  ? setup_fault_attr+0x200/0x200
[  289.252777]  __alloc_pages_nodemask+0x239/0x2890
[  289.252789]  ? pcpu_alloc+0x91f/0x1190
[  289.252803]  ? mark_held_locks+0xf0/0xf0
[  289.252815]  ? pcpu_alloc+0xe78/0x1190
[  289.252838]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  289.252861]  ? check_preemption_disabled+0x41/0x280
[  289.252884]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  289.280558] erofs: root inode @ nid 36
[  289.283083]  ? pcpu_alloc+0xc9/0x1190
[  289.283104]  alloc_pages_current+0x193/0x2a0
[  289.283118]  ? __lockdep_init_map+0x100/0x5a0
[  289.283134]  get_zeroed_page+0x10/0x40
[  289.283149]  mount_fs+0x203/0x30c
[  289.283168]  vfs_kern_mount.part.0+0x68/0x470
[  289.283185]  do_mount+0x113c/0x2f10
[  289.283201]  ? lock_acquire+0x170/0x3c0
[  289.283214]  ? check_preemption_disabled+0x41/0x280
[  289.283230]  ? copy_mount_string+0x40/0x40
[  289.283243]  ? copy_mount_options+0x59/0x380
21:35:42 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x11}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  289.283260]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  289.283277]  ? kmem_cache_alloc_trace+0x323/0x380
[  289.336428] erofs: mounted on /dev/loop4 with opts: .
[  289.338079]  ? copy_mount_options+0x26f/0x380
[  289.338100]  ksys_mount+0xcf/0x130
[  289.338118]  __x64_sys_mount+0xba/0x150
[  289.338136]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  289.387360]  do_syscall_64+0xf9/0x620
[  289.391177]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  289.396393] RIP: 0033:0x460baa
[  289.399606] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  289.418524] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  289.426257] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  289.433558] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  289.440846] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  289.448129] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  289.455451] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  289.475967] erofs: read_super, device -> /dev/loop2
[  289.481043] erofs: options -> 
21:35:42 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  289.510714] erofs: root inode @ nid 36
21:35:42 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x13}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  289.537511] erofs: mounted on /dev/loop2 with opts: .
21:35:42 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x100000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  289.577810] erofs: unmounted for /dev/loop4
21:35:42 executing program 1 (fault-call:3 fault-nth:41):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:42 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xfb03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:42 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

[  289.645730] erofs: unmounted for /dev/loop2
21:35:43 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x14}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  289.729994] erofs: read_super, device -> /dev/loop4
[  289.731133] FAULT_INJECTION: forcing a failure.
[  289.731133] name failslab, interval 1, probability 0, space 0, times 0
[  289.738183] erofs: options -> 
[  289.770980] erofs: read_super, device -> /dev/loop2
[  289.783573] erofs: options -> 
[  289.797610] erofs: root inode @ nid 36
[  289.801715] erofs: root inode @ nid 36
[  289.810793] CPU: 1 PID: 16240 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  289.818706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  289.820198] erofs: mounted on /dev/loop2 with opts: .
[  289.828068] Call Trace:
[  289.828092]  dump_stack+0x1fc/0x2fe
[  289.828114]  should_fail.cold+0xa/0x14
[  289.828130]  ? setup_fault_attr+0x200/0x200
[  289.828149]  ? lock_acquire+0x170/0x3c0
[  289.828171]  __should_failslab+0x115/0x180
[  289.828186]  should_failslab+0x5/0xf
[  289.828199]  __kmalloc_track_caller+0x2a6/0x3c0
[  289.828216]  ? kstrdup_const+0x53/0x80
[  289.838916] erofs: mounted on /dev/loop4 with opts: .
[  289.839629]  kstrdup+0x36/0x70
[  289.876611]  kstrdup_const+0x53/0x80
[  289.880341]  alloc_vfsmnt+0xb5/0x780
[  289.884062]  ? _raw_read_unlock+0x29/0x40
[  289.888224]  vfs_kern_mount.part.0+0x27/0x470
[  289.892734]  do_mount+0x113c/0x2f10
[  289.896387]  ? do_raw_spin_unlock+0x171/0x230
[  289.900889]  ? check_preemption_disabled+0x41/0x280
[  289.905916]  ? copy_mount_string+0x40/0x40
[  289.910187]  ? copy_mount_options+0x59/0x380
[  289.914611]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  289.919650]  ? kmem_cache_alloc_trace+0x323/0x380
[  289.924510]  ? copy_mount_options+0x26f/0x380
[  289.929021]  ksys_mount+0xcf/0x130
[  289.932574]  __x64_sys_mount+0xba/0x150
[  289.936663]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  289.941259]  do_syscall_64+0xf9/0x620
[  289.945071]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  289.950269] RIP: 0033:0x460baa
21:35:43 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
r1 = socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80800)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000340)={{0x9, 0x7, 0x7fffffff, 0x10000, '\x00', 0x9}, 0x2, 0x20000000, 0xb, 0xffffffffffffffff, 0x2, 0x800, 'syz0\x00', &(0x7f00000001c0)=[').!]!({@(\xed,%^-,-+(\x00', '/dev/mISDNtimer\x00'], 0x23, [], [0x8001, 0x0, 0x0, 0x5]})
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
accept$phonet_pipe(r1, &(0x7f0000000000), &(0x7f0000000040)=0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r3=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0xfffffffffffffffc}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0)

[  289.953467] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  289.972382] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  289.980105] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  289.987386] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  289.994665] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  290.001976] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  290.009259] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:43 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

21:35:43 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x200000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:43 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xfc03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:43 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x15}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  290.095839] erofs: unmounted for /dev/loop4
[  290.100603] erofs: unmounted for /dev/loop2
21:35:43 executing program 1 (fault-call:3 fault-nth:42):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  290.224441] erofs: read_super, device -> /dev/loop4
[  290.229497] erofs: options -> 
[  290.235238] FAULT_INJECTION: forcing a failure.
[  290.235238] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  290.239658] erofs: root inode @ nid 36
[  290.247058] CPU: 0 PID: 16276 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  290.247069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  290.247074] Call Trace:
[  290.247097]  dump_stack+0x1fc/0x2fe
[  290.247120]  should_fail.cold+0xa/0x14
[  290.247139]  ? setup_fault_attr+0x200/0x200
[  290.247160]  ? get_page_from_freelist+0x1d60/0x4170
[  290.247182]  __alloc_pages_nodemask+0x239/0x2890
[  290.247210]  ? get_page_from_freelist+0x1d60/0x4170
[  290.247232]  ? bad_range+0x260/0x3c0
[  290.259592] erofs: mounted on /dev/loop4 with opts: .
[  290.268346]  ? __lock_acquire+0x6de/0x3ff0
[  290.268368]  ? preempt_count_add+0xaf/0x190
[  290.268386]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  290.268407]  ? mark_held_locks+0xf0/0xf0
[  290.268421]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  290.268445]  cache_grow_begin+0xa4/0x8a0
[  290.268462]  ? setup_fault_attr+0x200/0x200
[  290.268474]  ? lock_acquire+0x170/0x3c0
[  290.268495]  cache_alloc_refill+0x273/0x340
[  290.346444]  kmem_cache_alloc+0x346/0x370
[  290.350612]  getname_kernel+0x4e/0x370
[  290.352495] erofs: read_super, device -> /dev/loop2
[  290.354511]  kern_path+0x1b/0x40
[  290.354527]  lookup_bdev+0xfc/0x220
[  290.354541]  ? bd_acquire+0x440/0x440
[  290.354563]  blkdev_get_by_path+0x1b/0xd0
[  290.354581]  mount_bdev+0x5b/0x3b0
[  290.354598]  ? init_once+0x13/0x13
[  290.364153] erofs: options -> 
[  290.366601]  erofs_mount+0x8c/0xc0
[  290.366619]  ? erofs_kill_sb+0x20/0x20
[  290.366638]  ? alloc_pages_current+0x19b/0x2a0
[  290.366651]  ? __lockdep_init_map+0x100/0x5a0
[  290.366674]  mount_fs+0xa3/0x30c
[  290.403715] erofs: root inode @ nid 36
[  290.404724]  vfs_kern_mount.part.0+0x68/0x470
[  290.404746]  do_mount+0x113c/0x2f10
[  290.404764]  ? lock_acquire+0x170/0x3c0
[  290.404778]  ? check_preemption_disabled+0x41/0x280
[  290.404795]  ? copy_mount_string+0x40/0x40
[  290.417991] erofs: mounted on /dev/loop2 with opts: .
[  290.420742]  ? copy_mount_options+0x59/0x380
[  290.420761]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  290.420777]  ? kmem_cache_alloc_trace+0x323/0x380
[  290.420796]  ? copy_mount_options+0x26f/0x380
[  290.420814]  ksys_mount+0xcf/0x130
[  290.420830]  __x64_sys_mount+0xba/0x150
[  290.462185]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  290.466778]  do_syscall_64+0xf9/0x620
[  290.470593]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  290.475789] RIP: 0033:0x460baa
[  290.478990] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  290.497902] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  290.505622] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  290.512906] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
21:35:43 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x64}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  290.520189] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  290.527466] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  290.534751] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:43 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
r1 = socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r2=>0x0})
ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x8905, &(0x7f0000000000))
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)

21:35:43 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

21:35:43 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x300000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:44 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xfd03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:44 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x119}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  290.655411] erofs: unmounted for /dev/loop4
[  290.669276] erofs: unmounted for /dev/loop2
21:35:44 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000000)={0x1000}, 0x4)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x480, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0xffffffffffffffff}, 0x484b, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0x10000000000000, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)

[  290.711046] erofs: read_super, device -> /dev/loop1
[  290.724508] erofs: options -> 
[  290.738646] erofs: root inode @ nid 36
[  290.746888] erofs: mounted on /dev/loop1 with opts: .
[  290.763380] erofs: read_super, device -> /dev/loop4
21:35:44 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x14d}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  290.807368] erofs: options -> 
21:35:44 executing program 1 (fault-call:3 fault-nth:43):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  290.834370] erofs: root inode @ nid 36
21:35:44 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  290.855222] erofs: read_super, device -> /dev/loop2
[  290.855363] erofs: mounted on /dev/loop4 with opts: .
[  290.861748] erofs: options -> 
[  290.867314] erofs: unmounted for /dev/loop1
[  290.886921] erofs: root inode @ nid 36
[  290.891173] erofs: mounted on /dev/loop2 with opts: .
21:35:44 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xfe03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:44 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:44 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x29a}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:44 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  290.975671] erofs: unmounted for /dev/loop2
[  290.999185] erofs: unmounted for /dev/loop4
[  291.038583] FAULT_INJECTION: forcing a failure.
[  291.038583] name failslab, interval 1, probability 0, space 0, times 0
[  291.060287] CPU: 0 PID: 16332 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  291.068218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  291.077571] Call Trace:
[  291.080176]  dump_stack+0x1fc/0x2fe
[  291.083830]  should_fail.cold+0xa/0x14
[  291.087713]  ? setup_fault_attr+0x200/0x200
[  291.092067]  ? lock_acquire+0x170/0x3c0
[  291.096037]  __should_failslab+0x115/0x180
[  291.100265]  should_failslab+0x5/0xf
[  291.103969]  kmem_cache_alloc_trace+0x284/0x380
[  291.108630]  ? set_bdev_super+0x110/0x110
[  291.112774]  ? ns_test_super+0x50/0x50
[  291.116675]  sget_userns+0x122/0xcd0
[  291.120388]  ? set_bdev_super+0x110/0x110
[  291.124536]  ? ns_test_super+0x50/0x50
[  291.128414]  ? set_bdev_super+0x110/0x110
[  291.133353]  ? ns_test_super+0x50/0x50
[  291.137256]  sget+0x102/0x140
[  291.140376]  mount_bdev+0xf8/0x3b0
[  291.143926]  ? init_once+0x13/0x13
[  291.147476]  erofs_mount+0x8c/0xc0
[  291.151011]  ? erofs_kill_sb+0x20/0x20
[  291.154891]  ? alloc_pages_current+0x19b/0x2a0
[  291.159477]  ? __lockdep_init_map+0x100/0x5a0
[  291.163971]  mount_fs+0xa3/0x30c
[  291.167348]  vfs_kern_mount.part.0+0x68/0x470
[  291.171844]  do_mount+0x113c/0x2f10
[  291.175477]  ? retint_kernel+0x2d/0x2d
[  291.179350]  ? copy_mount_string+0x40/0x40
[  291.183604]  ? copy_mount_options+0x1da/0x380
[  291.188083]  ? __sanitizer_cov_trace_pc+0x44/0x50
[  291.192930]  ? copy_mount_options+0x26f/0x380
[  291.197421]  ksys_mount+0xcf/0x130
[  291.200947]  __x64_sys_mount+0xba/0x150
[  291.204924]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  291.209501]  do_syscall_64+0xf9/0x620
[  291.213316]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  291.218487] RIP: 0033:0x460baa
[  291.221697] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  291.240674] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  291.248377] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  291.255648] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  291.262901] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  291.270173] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  291.277450] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:44 executing program 1 (fault-call:3 fault-nth:44):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:44 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045542, &(0x7f0000000000)=0x8)

[  291.363179] erofs: read_super, device -> /dev/loop2
[  291.368937] erofs: options -> 
[  291.381334] erofs: root inode @ nid 36
[  291.400145] erofs: mounted on /dev/loop2 with opts: .
[  291.421542] erofs: read_super, device -> /dev/loop4
[  291.443398] erofs: options -> 
[  291.453564] FAULT_INJECTION: forcing a failure.
[  291.453564] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  291.465416] CPU: 0 PID: 16361 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  291.473303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  291.482659] Call Trace:
[  291.485266]  dump_stack+0x1fc/0x2fe
[  291.488911]  should_fail.cold+0xa/0x14
[  291.492812]  ? setup_fault_attr+0x200/0x200
[  291.497411]  ? mark_held_locks+0xf0/0xf0
[  291.501491]  __alloc_pages_nodemask+0x239/0x2890
[  291.506267]  ? __lock_acquire+0x6de/0x3ff0
[  291.510515]  ? __lock_acquire+0x6de/0x3ff0
[  291.514769]  ? __lock_acquire+0x6de/0x3ff0
[  291.519014]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  291.523872]  ? mark_held_locks+0xf0/0xf0
[  291.527949]  ? mark_held_locks+0xf0/0xf0
[  291.532021]  ? lock_downgrade+0x720/0x720
[  291.536210]  ? blkdev_get+0x4ce/0x940
[  291.540048]  cache_grow_begin+0xa4/0x8a0
[  291.544128]  ? setup_fault_attr+0x200/0x200
[  291.548459]  ? lock_acquire+0x170/0x3c0
[  291.552446]  cache_alloc_refill+0x273/0x340
[  291.556783]  kmem_cache_alloc_trace+0x354/0x380
[  291.561493]  ? set_bdev_super+0x110/0x110
[  291.565671]  ? ns_test_super+0x50/0x50
[  291.569568]  sget_userns+0x122/0xcd0
[  291.573289]  ? set_bdev_super+0x110/0x110
[  291.576830] erofs: root inode @ nid 36
[  291.577443]  ? ns_test_super+0x50/0x50
[  291.577473]  ? set_bdev_super+0x110/0x110
[  291.577486]  ? ns_test_super+0x50/0x50
21:35:44 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  291.577504]  sget+0x102/0x140
[  291.596366]  mount_bdev+0xf8/0x3b0
[  291.599919]  ? init_once+0x13/0x13
[  291.603470]  erofs_mount+0x8c/0xc0
[  291.607017]  ? erofs_kill_sb+0x20/0x20
[  291.610922]  ? alloc_pages_current+0x19b/0x2a0
[  291.615510]  ? __lockdep_init_map+0x100/0x5a0
[  291.620016]  mount_fs+0xa3/0x30c
[  291.623402]  vfs_kern_mount.part.0+0x68/0x470
[  291.626290] erofs: mounted on /dev/loop4 with opts: .
[  291.627907]  do_mount+0x113c/0x2f10
[  291.627926]  ? lock_acquire+0x170/0x3c0
[  291.627941]  ? check_preemption_disabled+0x41/0x280
[  291.627958]  ? copy_mount_string+0x40/0x40
[  291.650811]  ? copy_mount_options+0x59/0x380
[  291.655230]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  291.660256]  ? kmem_cache_alloc_trace+0x323/0x380
[  291.665109]  ? copy_mount_options+0x26f/0x380
[  291.669618]  ksys_mount+0xcf/0x130
[  291.673176]  __x64_sys_mount+0xba/0x150
[  291.677161]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  291.681750]  do_syscall_64+0xf9/0x620
[  291.685558]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  291.690753] RIP: 0033:0x460baa
[  291.693958] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  291.712864] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  291.720578] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  291.727855] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  291.735141] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
21:35:45 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xff03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:45 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x300}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:45 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  291.742410] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  291.749691] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  291.762772] erofs: unmounted for /dev/loop2
[  291.784767] erofs: read_super, device -> /dev/loop1
[  291.789976] erofs: options -> 
[  291.793390] erofs: root inode @ nid 36
[  291.797415] erofs: mounted on /dev/loop1 with opts: .
21:35:45 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x500000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:45 executing program 1 (fault-call:3 fault-nth:45):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:45 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x500}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:45 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  291.871448] erofs: unmounted for /dev/loop4
[  291.886389] erofs: unmounted for /dev/loop1
[  291.966510] erofs: read_super, device -> /dev/loop2
[  291.989459] erofs: options -> 
[  291.997129] erofs: root inode @ nid 36
[  292.004668] erofs: mounted on /dev/loop2 with opts: .
[  292.007461] erofs: read_super, device -> /dev/loop4
[  292.031744] FAULT_INJECTION: forcing a failure.
[  292.031744] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  292.043611] CPU: 0 PID: 16396 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  292.049896] erofs: options -> 
[  292.051496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  292.051502] Call Trace:
[  292.051527]  dump_stack+0x1fc/0x2fe
[  292.051551]  should_fail.cold+0xa/0x14
[  292.051576]  ? setup_fault_attr+0x200/0x200
[  292.078501]  ? mark_held_locks+0xf0/0xf0
[  292.082587]  __alloc_pages_nodemask+0x239/0x2890
[  292.087372]  ? __lock_acquire+0x6de/0x3ff0
[  292.091621]  ? __lock_acquire+0x6de/0x3ff0
[  292.095868]  ? __lock_acquire+0x6de/0x3ff0
[  292.100140]  ? gfp_pfmemalloc_allowed+0x150/0x150
[  292.104990]  ? mark_held_locks+0xf0/0xf0
[  292.109068]  ? mark_held_locks+0xf0/0xf0
[  292.113219]  ? lock_downgrade+0x720/0x720
[  292.117375]  ? blkdev_get+0x4ce/0x940
[  292.121198]  cache_grow_begin+0xa4/0x8a0
[  292.125266]  ? setup_fault_attr+0x200/0x200
[  292.129602]  ? lock_acquire+0x170/0x3c0
[  292.133624]  cache_alloc_refill+0x273/0x340
[  292.137983]  kmem_cache_alloc_trace+0x354/0x380
[  292.142667]  ? set_bdev_super+0x110/0x110
[  292.146823]  ? ns_test_super+0x50/0x50
[  292.150715]  sget_userns+0x122/0xcd0
[  292.154437]  ? set_bdev_super+0x110/0x110
[  292.158605]  ? ns_test_super+0x50/0x50
[  292.162501]  ? set_bdev_super+0x110/0x110
[  292.166679]  ? ns_test_super+0x50/0x50
[  292.170575]  sget+0x102/0x140
[  292.173700]  mount_bdev+0xf8/0x3b0
[  292.177248]  ? init_once+0x13/0x13
[  292.180825]  erofs_mount+0x8c/0xc0
[  292.184376]  ? erofs_kill_sb+0x20/0x20
[  292.188274]  ? alloc_pages_current+0x19b/0x2a0
[  292.192862]  ? __lockdep_init_map+0x100/0x5a0
[  292.197365]  mount_fs+0xa3/0x30c
[  292.200745]  vfs_kern_mount.part.0+0x68/0x470
[  292.205253]  do_mount+0x113c/0x2f10
[  292.208897]  ? do_raw_spin_unlock+0x171/0x230
[  292.213402]  ? check_preemption_disabled+0x41/0x280
[  292.218426]  ? copy_mount_string+0x40/0x40
[  292.221617] erofs: root inode @ nid 36
[  292.222667]  ? copy_mount_options+0x59/0x380
[  292.222684]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  292.222699]  ? kmem_cache_alloc_trace+0x323/0x380
[  292.222718]  ? copy_mount_options+0x26f/0x380
[  292.222735]  ksys_mount+0xcf/0x130
[  292.222753]  __x64_sys_mount+0xba/0x150
[  292.222768]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  292.222781]  do_syscall_64+0xf9/0x620
[  292.222799]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  292.222810] RIP: 0033:0x460baa
[  292.222825] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
21:35:45 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xff0f, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  292.222837] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  292.254310] erofs: mounted on /dev/loop4 with opts: .
[  292.257527] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  292.257537] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  292.257546] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  292.257554] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  292.257567] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:45 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x600}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  292.344731] erofs: unmounted for /dev/loop2
21:35:45 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x700}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:45 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:45 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:45 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x600000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  292.390684] erofs: read_super, device -> /dev/loop1
[  292.408214] erofs: options -> 
[  292.424795] erofs: root inode @ nid 36
[  292.452611] erofs: mounted on /dev/loop1 with opts: .
[  292.458888] erofs: unmounted for /dev/loop4
[  292.502881] erofs: read_super, device -> /dev/loop2
[  292.540521] erofs: options -> 
[  292.553407] erofs: root inode @ nid 36
21:35:45 executing program 1 (fault-call:3 fault-nth:46):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:45 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:45 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x900}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:45 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
restart_syscall()
r1 = socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
r2 = accept(r1, &(0x7f0000000000)=@can, &(0x7f0000000100)=0x80)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00'})
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vcsa\x00', 0x446440, 0x0)
ioctl$PPPIOCSFLAGS(r3, 0x40047459, &(0x7f0000000280)=0x40)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x88, 0x0, 0x0, 0x41c1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = dup(r4)
signalfd4(r0, &(0x7f0000000380)={[0xff]}, 0x8, 0x80000)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$TIOCL_GETKMSGREDIRECT(r5, 0x541c, &(0x7f0000000340))
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r6=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0)

[  292.586143] erofs: mounted on /dev/loop2 with opts: .
[  292.617417] erofs: unmounted for /dev/loop1
21:35:46 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  292.674910] erofs: read_super, device -> /dev/loop4
[  292.680107] erofs: unmounted for /dev/loop2
[  292.682609] erofs: options -> 
[  292.690197] erofs: root inode @ nid 36
21:35:46 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  292.730406] FAULT_INJECTION: forcing a failure.
[  292.730406] name failslab, interval 1, probability 0, space 0, times 0
[  292.752747] erofs: mounted on /dev/loop4 with opts: .
[  292.764522] CPU: 0 PID: 16446 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  292.772430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
21:35:46 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xa00}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  292.781792] Call Trace:
[  292.784414]  dump_stack+0x1fc/0x2fe
[  292.788059]  should_fail.cold+0xa/0x14
[  292.791963]  ? setup_fault_attr+0x200/0x200
[  292.796302]  ? lock_acquire+0x170/0x3c0
[  292.800382]  __should_failslab+0x115/0x180
[  292.804630]  should_failslab+0x5/0xf
[  292.808357]  kmem_cache_alloc_node_trace+0x244/0x3b0
[  292.813478]  __kmalloc_node+0x38/0x70
[  292.817281] erofs: read_super, device -> /dev/loop2
[  292.817317]  kvmalloc_node+0x61/0xf0
[  292.826038]  __list_lru_init+0x4c6/0x7f0
[  292.830117]  ? up_read+0x63/0x110
[  292.833609]  sget_userns+0x7e2/0xcd0
[  292.837331]  ? set_bdev_super+0x110/0x110
[  292.841491]  ? ns_test_super+0x50/0x50
[  292.845387]  ? set_bdev_super+0x110/0x110
[  292.849587]  ? ns_test_super+0x50/0x50
[  292.849906] erofs: options -> 
[  292.853502]  sget+0x102/0x140
[  292.853522]  mount_bdev+0xf8/0x3b0
[  292.853535]  ? init_once+0x13/0x13
[  292.853551]  erofs_mount+0x8c/0xc0
[  292.853566]  ? erofs_kill_sb+0x20/0x20
[  292.853584]  ? alloc_pages_current+0x19b/0x2a0
[  292.853597]  ? __lockdep_init_map+0x100/0x5a0
[  292.853613]  mount_fs+0xa3/0x30c
[  292.853632]  vfs_kern_mount.part.0+0x68/0x470
[  292.853651]  do_mount+0x113c/0x2f10
[  292.853680]  ? do_raw_spin_unlock+0x171/0x230
[  292.884689] erofs: root inode @ nid 36
[  292.887439]  ? check_preemption_disabled+0x41/0x280
[  292.887459]  ? copy_mount_string+0x40/0x40
[  292.887473]  ? copy_mount_options+0x59/0x380
[  292.887491]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  292.913507] erofs: mounted on /dev/loop2 with opts: .
[  292.913765]  ? kmem_cache_alloc_trace+0x323/0x380
[  292.913786]  ? copy_mount_options+0x26f/0x380
[  292.913803]  ksys_mount+0xcf/0x130
[  292.941248]  __x64_sys_mount+0xba/0x150
[  292.945239]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  292.949835]  do_syscall_64+0xf9/0x620
[  292.953647]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  292.958847] RIP: 0033:0x460baa
[  292.962046] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  292.981000] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  292.988724] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  292.996003] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  293.003299] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  293.010665] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  293.017955] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:46 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xb00}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:46 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:46 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000380))
rt_sigqueueinfo(r1, 0x29, &(0x7f0000000140)={0x17, 0x80000000, 0x3f})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)
syz_mount_image$jffs2(&(0x7f0000000040)='jffs2\x00', &(0x7f0000000100)='./file0\x00', 0x9, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000340)="3250cb8f577f04c786e5e7ca6ae99e1ff55a7ee9d4dd74c5f79775a9c736031d72e9f8e043480f687da38492314b79e03fb2d9fc39c8106ada15c032038da387aeb15c795efebe22f92e77f0bd044688029e25caeefec57922118e08312cbaaed361e2cf3af328e4a47128c7cb7f212a131fabe51ee49c4ba4fdb1ad8166db6c7cbf553abced9570bba401e3515943914da88401b794aa2ffcac68231d2ed6efd8dcf1c34299ac80aedc7685886775c6423bba2fa5f12185f843c333680d1e60acb628e9fb210409917f4a11987d30abd447fc3a6c7361dcf48bc8f7d35ce79ed577297c6f840533ea0b5cce45d868e0e52ba7ee98", 0xf5, 0x7}], 0x880000, &(0x7f0000000240)=ANY=[@ANYBLOB='rp_size=00000000000000000031,rp_size=00000000000105747132,compr=zlib,smackfsdef=,uid=', @ANYRESDEC, @ANYBLOB="2c000000000000000100"])

21:35:46 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x700000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:46 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x100000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:46 executing program 1 (fault-call:3 fault-nth:47):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:46 executing program 3:
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

[  293.147233] erofs: unmounted for /dev/loop4
[  293.154817] erofs: unmounted for /dev/loop2
21:35:46 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xc00}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  293.261285] FAULT_INJECTION: forcing a failure.
[  293.261285] name failslab, interval 1, probability 0, space 0, times 0
[  293.274495] erofs: read_super, device -> /dev/loop2
[  293.281771] erofs: read_super, device -> /dev/loop4
[  293.293853] erofs: options -> 
[  293.297592] erofs: root inode @ nid 36
[  293.300309] erofs: options -> 
[  293.306772] erofs: mounted on /dev/loop4 with opts: .
[  293.321429] CPU: 1 PID: 16481 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  293.329347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  293.338792] Call Trace:
[  293.341392]  dump_stack+0x1fc/0x2fe
[  293.345035]  should_fail.cold+0xa/0x14
[  293.348937]  ? setup_fault_attr+0x200/0x200
[  293.353394]  ? lock_acquire+0x170/0x3c0
[  293.356434] erofs: root inode @ nid 36
21:35:46 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xd00}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:46 executing program 3:
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

[  293.357389]  __should_failslab+0x115/0x180
[  293.357408]  should_failslab+0x5/0xf
[  293.357426]  __kmalloc+0x2ab/0x3c0
[  293.361699] erofs: mounted on /dev/loop2 with opts: .
[  293.366061]  ? __list_lru_init+0xd3/0x7f0
[  293.366080]  __list_lru_init+0xd3/0x7f0
[  293.366094]  ? up_write+0x18/0x150
[  293.366113]  sget_userns+0x7e2/0xcd0
[  293.366127]  ? set_bdev_super+0x110/0x110
[  293.366145]  ? ns_test_super+0x50/0x50
[  293.366161]  ? set_bdev_super+0x110/0x110
[  293.406176]  ? ns_test_super+0x50/0x50
[  293.410082]  sget+0x102/0x140
[  293.413207]  mount_bdev+0xf8/0x3b0
[  293.416756]  ? init_once+0x13/0x13
[  293.420314]  erofs_mount+0x8c/0xc0
[  293.423866]  ? erofs_kill_sb+0x20/0x20
[  293.427768]  ? alloc_pages_current+0x19b/0x2a0
[  293.432393]  ? __lockdep_init_map+0x100/0x5a0
[  293.436906]  mount_fs+0xa3/0x30c
[  293.440317]  vfs_kern_mount.part.0+0x68/0x470
[  293.444833]  do_mount+0x113c/0x2f10
[  293.448504]  ? do_raw_spin_unlock+0x171/0x230
[  293.453011]  ? check_preemption_disabled+0x41/0x280
[  293.458042]  ? copy_mount_string+0x40/0x40
[  293.462297]  ? copy_mount_options+0x59/0x380
[  293.466719]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  293.471748]  ? kmem_cache_alloc_trace+0x323/0x380
[  293.476608]  ? copy_mount_options+0x26f/0x380
[  293.481133]  ksys_mount+0xcf/0x130
[  293.484733]  __x64_sys_mount+0xba/0x150
[  293.488722]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  293.493317]  do_syscall_64+0xf9/0x620
[  293.497161]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  293.502371] RIP: 0033:0x460baa
[  293.505570] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  293.524504] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  293.532234] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  293.539598] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  293.547311] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  293.554586] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  293.561860] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:46 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x1fffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:46 executing program 3:
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

[  293.614897] erofs: unmounted for /dev/loop2
21:35:46 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xfa0}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:46 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x800000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  293.660628] erofs: unmounted for /dev/loop4
[  293.783473] erofs: read_super, device -> /dev/loop2
[  293.788701] erofs: options -> 
[  293.794058] erofs: root inode @ nid 36
[  293.798257] erofs: mounted on /dev/loop2 with opts: .
[  293.850973] erofs: read_super, device -> /dev/loop4
[  293.871732] erofs: unmounted for /dev/loop2
[  293.880050] erofs: options -> 
[  293.897155] erofs: root inode @ nid 36
[  293.901197] erofs: mounted on /dev/loop4 with opts: .
21:35:47 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x1, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:47 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:47 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x1100}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:47 executing program 1 (fault-call:3 fault-nth:48):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:47 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x400000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:47 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x2000000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  293.949670] erofs: unmounted for /dev/loop4
21:35:47 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  294.032429] erofs: read_super, device -> /dev/loop2
[  294.044809] FAULT_INJECTION: forcing a failure.
[  294.044809] name failslab, interval 1, probability 0, space 0, times 0
[  294.047249] erofs: options -> 
[  294.073098] CPU: 1 PID: 16550 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  294.081022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  294.090384] Call Trace:
[  294.093016]  dump_stack+0x1fc/0x2fe
[  294.096687]  should_fail.cold+0xa/0x14
[  294.100593]  ? setup_fault_attr+0x200/0x200
[  294.104921]  ? lock_acquire+0x170/0x3c0
[  294.105944] erofs: root inode @ nid 36
[  294.108909]  __should_failslab+0x115/0x180
[  294.108926]  should_failslab+0x5/0xf
[  294.108939]  __kmalloc+0x2ab/0x3c0
[  294.108953]  ? __list_lru_init+0xd3/0x7f0
[  294.108970]  __list_lru_init+0xd3/0x7f0
[  294.132431]  ? up_read+0x63/0x110
[  294.135898]  sget_userns+0x810/0xcd0
[  294.139619]  ? set_bdev_super+0x110/0x110
[  294.143781]  ? ns_test_super+0x50/0x50
[  294.147679]  ? set_bdev_super+0x110/0x110
[  294.148087] erofs: mounted on /dev/loop2 with opts: .
[  294.151829]  ? ns_test_super+0x50/0x50
[  294.151843]  sget+0x102/0x140
[  294.151864]  mount_bdev+0xf8/0x3b0
[  294.151876]  ? init_once+0x13/0x13
[  294.151893]  erofs_mount+0x8c/0xc0
[  294.151908]  ? erofs_kill_sb+0x20/0x20
[  294.151929]  ? alloc_pages_current+0x19b/0x2a0
[  294.182430] erofs: read_super, device -> /dev/loop4
[  294.183184]  ? __lockdep_init_map+0x100/0x5a0
[  294.183206]  mount_fs+0xa3/0x30c
[  294.183231]  vfs_kern_mount.part.0+0x68/0x470
[  294.188241] erofs: options -> 
[  294.192741]  do_mount+0x113c/0x2f10
[  294.192761]  ? do_raw_spin_unlock+0x171/0x230
[  294.192774]  ? check_preemption_disabled+0x41/0x280
[  294.192791]  ? copy_mount_string+0x40/0x40
[  294.221154]  ? copy_mount_options+0x59/0x380
[  294.225586]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  294.230614]  ? kmem_cache_alloc_trace+0x323/0x380
[  294.235581]  ? copy_mount_options+0x26f/0x380
[  294.240092]  ksys_mount+0xcf/0x130
[  294.243647]  __x64_sys_mount+0xba/0x150
[  294.247631]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  294.252222]  do_syscall_64+0xf9/0x620
[  294.256038]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  294.261238] RIP: 0033:0x460baa
[  294.264437] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
21:35:47 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x9, 0x440c42)
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r1, 0x7af, &(0x7f0000000040)={@hyper, 0x7})
r2 = socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
recvfrom$rxrpc(r2, &(0x7f0000000340)=""/221, 0xdd, 0x40000042, &(0x7f0000000240)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e21, 0x9, @private1, 0x81}}, 0x24)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x100, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RREADDIR(r1, &(0x7f0000000100)={0xb, 0x29, 0x2, {0x288}}, 0xb)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r3=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0)

21:35:47 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x1300}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  294.283376] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  294.291094] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  294.298374] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  294.305653] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  294.312931] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  294.320247] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  294.342300] erofs: root inode @ nid 36
[  294.370463] erofs: mounted on /dev/loop4 with opts: .
21:35:47 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:47 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x1400}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:47 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x1000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  294.452793] erofs: unmounted for /dev/loop2
21:35:47 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3f00000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  294.502361] erofs: unmounted for /dev/loop4
21:35:47 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x0, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:47 executing program 1 (fault-call:3 fault-nth:49):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  294.552751] erofs: read_super, device -> /dev/loop2
[  294.574992] erofs: options -> 
[  294.584660] erofs: root inode @ nid 36
[  294.610331] erofs: mounted on /dev/loop2 with opts: .
21:35:47 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x1500}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  294.637375] erofs: read_super, device -> /dev/loop4
[  294.639320] FAULT_INJECTION: forcing a failure.
[  294.639320] name failslab, interval 1, probability 0, space 0, times 0
[  294.663956] CPU: 1 PID: 16602 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  294.668521] erofs: options -> 
[  294.671853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  294.671859] Call Trace:
[  294.671881]  dump_stack+0x1fc/0x2fe
[  294.671902]  should_fail.cold+0xa/0x14
[  294.671920]  ? setup_fault_attr+0x200/0x200
[  294.671934]  ? lock_acquire+0x170/0x3c0
[  294.671957]  __should_failslab+0x115/0x180
[  294.671973]  should_failslab+0x5/0xf
[  294.671986]  kmem_cache_alloc_node_trace+0x244/0x3b0
[  294.672004]  __kmalloc_node+0x38/0x70
[  294.672019]  kvmalloc_node+0x61/0xf0
[  294.672035]  __list_lru_init+0x4c6/0x7f0
[  294.672048]  ? up_read+0x63/0x110
[  294.672067]  sget_userns+0x810/0xcd0
[  294.672080]  ? set_bdev_super+0x110/0x110
[  294.672098]  ? ns_test_super+0x50/0x50
[  294.672113]  ? set_bdev_super+0x110/0x110
[  294.672126]  ? ns_test_super+0x50/0x50
[  294.672143]  sget+0x102/0x140
[  294.753903]  mount_bdev+0xf8/0x3b0
[  294.757457]  ? init_once+0x13/0x13
[  294.761014]  erofs_mount+0x8c/0xc0
[  294.764682]  ? erofs_kill_sb+0x20/0x20
[  294.768591]  ? alloc_pages_current+0x19b/0x2a0
[  294.773181]  ? __lockdep_init_map+0x100/0x5a0
[  294.777716]  mount_fs+0xa3/0x30c
[  294.781121]  vfs_kern_mount.part.0+0x68/0x470
[  294.785636]  do_mount+0x113c/0x2f10
[  294.789485]  ? do_raw_spin_unlock+0x171/0x230
[  294.793990]  ? check_preemption_disabled+0x41/0x280
[  294.799016]  ? copy_mount_string+0x40/0x40
[  294.803282]  ? copy_mount_options+0x59/0x380
[  294.807699]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  294.812741]  ? kmem_cache_alloc_trace+0x323/0x380
[  294.817598]  ? copy_mount_options+0x26f/0x380
[  294.822106]  ksys_mount+0xcf/0x130
[  294.825655]  __x64_sys_mount+0xba/0x150
[  294.829810]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  294.834403]  do_syscall_64+0xf9/0x620
[  294.838211]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  294.843407] RIP: 0033:0x460baa
[  294.846605] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  294.865522] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  294.873425] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  294.880705] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
21:35:48 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x157c}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:48 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x1901}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:48 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x1f40}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  294.887982] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  294.895256] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  294.902535] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  294.913518] erofs: root inode @ nid 36
[  294.933369] erofs: mounted on /dev/loop4 with opts: .
[  295.024450] erofs: unmounted for /dev/loop4
[  295.041346] erofs: unmounted for /dev/loop2
21:35:48 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x26, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:48 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x0, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:48 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x2000}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:48 executing program 1 (fault-call:3 fault-nth:50):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:48 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x6000000000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:48 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x1040000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  295.283665] erofs: read_super, device -> /dev/loop1
[  295.290964] erofs: read_super, device -> /dev/loop4
[  295.310032] erofs: read_super, device -> /dev/loop2
[  295.313395] erofs: options -> 
[  295.321690] erofs: options -> 
[  295.333671] FAULT_INJECTION: forcing a failure.
[  295.333671] name failslab, interval 1, probability 0, space 0, times 0
[  295.351277] erofs: options -> 
[  295.357925] erofs: root inode @ nid 36
[  295.373552] erofs: root inode @ nid 36
21:35:48 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x4000}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  295.379568] erofs: mounted on /dev/loop4 with opts: .
[  295.391627] erofs: mounted on /dev/loop2 with opts: .
[  295.397996] CPU: 1 PID: 16640 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  295.405903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  295.415270] Call Trace:
[  295.417876]  dump_stack+0x1fc/0x2fe
[  295.421521]  should_fail.cold+0xa/0x14
[  295.425423]  ? setup_fault_attr+0x200/0x200
[  295.429761]  ? lock_acquire+0x170/0x3c0
[  295.433754]  __should_failslab+0x115/0x180
[  295.438007]  should_failslab+0x5/0xf
[  295.441791]  kmem_cache_alloc_trace+0x284/0x380
[  295.446523]  erofs_fill_super+0x167/0x12cc
[  295.450776]  ? init_once+0x13/0x13
[  295.454335]  ? vsprintf+0x30/0x30
[  295.457810]  ? wait_for_completion_io+0x10/0x10
[  295.462526]  ? set_blocksize+0x163/0x3f0
[  295.466616]  mount_bdev+0x2fc/0x3b0
[  295.470251]  ? init_once+0x13/0x13
[  295.474064]  erofs_mount+0x8c/0xc0
[  295.477618]  ? erofs_kill_sb+0x20/0x20
[  295.481543]  ? alloc_pages_current+0x19b/0x2a0
[  295.486140]  ? __lockdep_init_map+0x100/0x5a0
[  295.490655]  mount_fs+0xa3/0x30c
[  295.494040]  vfs_kern_mount.part.0+0x68/0x470
[  295.498557]  do_mount+0x113c/0x2f10
[  295.502227]  ? copy_mount_string+0x40/0x40
[  295.506478]  ? copy_mount_options+0x190/0x380
[  295.510983]  ? copy_mount_options+0x1bf/0x380
[  295.515498]  ? copy_mount_options+0x26f/0x380
[  295.520007]  ksys_mount+0xcf/0x130
[  295.523567]  __x64_sys_mount+0xba/0x150
[  295.527558]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  295.532152]  do_syscall_64+0xf9/0x620
[  295.535967]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  295.541162] RIP: 0033:0x460baa
[  295.544364] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  295.563302] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  295.571031] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
21:35:48 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x401f}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:48 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x0, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  295.578404] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  295.585688] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  295.592973] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  295.600249] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:49 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:49 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x8cffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:49 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x4d01}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  295.669837] erofs: unmounted for /dev/loop2
[  295.678081] erofs: unmounted for /dev/loop4
[  295.832134] erofs: read_super, device -> /dev/loop2
[  295.841856] erofs: options -> 
[  295.853497] erofs: root inode @ nid 36
[  295.867323] erofs: mounted on /dev/loop2 with opts: .
[  295.875604] erofs: read_super, device -> /dev/loop4
[  295.883111] erofs: options -> 
[  295.887671] erofs: root inode @ nid 36
[  295.894864] erofs: mounted on /dev/loop4 with opts: .
21:35:49 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x42000, 0x0)
getsockopt$PNPIPE_IFINDEX(r1, 0x113, 0x2, &(0x7f0000000040), &(0x7f0000000100)=0x4)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r2=>0x0})
openat$dlm_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-control\x00', 0x101000, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)

21:35:49 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:49 executing program 1 (fault-call:3 fault-nth:51):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:49 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x6400}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:49 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x3000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:49 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xf6ffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  295.940779] erofs: unmounted for /dev/loop2
[  295.951945] erofs: unmounted for /dev/loop4
[  296.004150] erofs: read_super, device -> /dev/loop1
21:35:49 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  296.030357] erofs: options -> 
[  296.045992] FAULT_INJECTION: forcing a failure.
[  296.045992] name failslab, interval 1, probability 0, space 0, times 0
[  296.083784] erofs: read_super, device -> /dev/loop2
[  296.089566] CPU: 1 PID: 16702 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  296.097461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  296.106810] Call Trace:
[  296.109403]  dump_stack+0x1fc/0x2fe
[  296.113034]  should_fail.cold+0xa/0x14
[  296.116923]  ? do_mount+0x113c/0x2f10
[  296.120732]  ? setup_fault_attr+0x200/0x200
[  296.125055]  ? blk_queue_enter+0x40b/0xb70
[  296.129304]  __should_failslab+0x115/0x180
[  296.133540]  should_failslab+0x5/0xf
[  296.137256]  kmem_cache_alloc_node+0x54/0x3b0
[  296.141757]  create_task_io_context+0x2c/0x430
[  296.146374]  generic_make_request_checks+0x1c4f/0x22e0
[  296.151661]  ? should_fail_bio.isra.0+0xa0/0xa0
[  296.156373]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  296.161392]  ? kmem_cache_alloc+0x315/0x370
[  296.165724]  generic_make_request+0x23f/0xdf0
[  296.170232]  ? blk_put_request+0x110/0x110
[  296.174473]  ? lock_downgrade+0x720/0x720
[  296.178630]  submit_bio+0xb1/0x430
[  296.182185]  ? generic_make_request+0xdf0/0xdf0
[  296.186853]  ? check_preemption_disabled+0x41/0x280
[  296.191879]  ? guard_bio_eod+0x2a0/0x640
[  296.195944]  submit_bh_wbc+0x5a7/0x760
[  296.199842]  __bread_gfp+0x14e/0x300
[  296.203567]  erofs_fill_super+0x207/0x12cc
[  296.207806]  ? init_once+0x13/0x13
[  296.211349]  ? vsprintf+0x30/0x30
[  296.214806]  ? wait_for_completion_io+0x10/0x10
[  296.219473]  ? set_blocksize+0x163/0x3f0
[  296.223560]  mount_bdev+0x2fc/0x3b0
[  296.227188]  ? init_once+0x13/0x13
[  296.230735]  erofs_mount+0x8c/0xc0
[  296.234278]  ? erofs_kill_sb+0x20/0x20
[  296.238175]  ? alloc_pages_current+0x19b/0x2a0
[  296.242754]  ? __lockdep_init_map+0x100/0x5a0
[  296.247258]  mount_fs+0xa3/0x30c
[  296.250632]  vfs_kern_mount.part.0+0x68/0x470
[  296.255135]  do_mount+0x113c/0x2f10
[  296.259024]  ? lock_acquire+0x170/0x3c0
[  296.263000]  ? check_preemption_disabled+0x41/0x280
[  296.268040]  ? copy_mount_string+0x40/0x40
[  296.272296]  ? copy_mount_options+0x59/0x380
[  296.276727]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  296.281760]  ? kmem_cache_alloc_trace+0x323/0x380
[  296.286611]  ? copy_mount_options+0x26f/0x380
[  296.291111]  ksys_mount+0xcf/0x130
[  296.294679]  __x64_sys_mount+0xba/0x150
[  296.298658]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  296.303266]  do_syscall_64+0xf9/0x620
[  296.307091]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  296.312286] RIP: 0033:0x460baa
[  296.315509] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  296.334418] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  296.342217] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  296.349484] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  296.356764] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  296.364035] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  296.371307] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:49 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x7c15}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  296.382791] erofs: options -> 
[  296.390545] erofs: root inode @ nid 36
[  296.396597] erofs: mounted on /dev/loop2 with opts: .
[  296.429923] erofs: root inode @ nid 36
21:35:49 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xffff1f0000000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  296.459741] erofs: mounted on /dev/loop1 with opts: .
21:35:49 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x0, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:49 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x4000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:49 executing program 1 (fault-call:3 fault-nth:52):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  296.527184] erofs: unmounted for /dev/loop2
[  296.545879] erofs: unmounted for /dev/loop1
[  296.575326] erofs: read_super, device -> /dev/loop4
[  296.580475] erofs: options -> 
[  296.590769] erofs: root inode @ nid 36
[  296.595523] erofs: mounted on /dev/loop4 with opts: .
[  296.649858] erofs: read_super, device -> /dev/loop2
[  296.659232] erofs: options -> 
[  296.663558] erofs: unmounted for /dev/loop4
[  296.665888] erofs: root inode @ nid 36
[  296.675928] erofs: mounted on /dev/loop2 with opts: .
[  296.717391] erofs: read_super, device -> /dev/loop1
[  296.740817] erofs: options -> 
[  296.751069] FAULT_INJECTION: forcing a failure.
[  296.751069] name failslab, interval 1, probability 0, space 0, times 0
[  296.764544] erofs: unmounted for /dev/loop2
[  296.772446] CPU: 1 PID: 16745 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  296.780435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  296.789775] Call Trace:
[  296.792371]  dump_stack+0x1fc/0x2fe
[  296.795988]  should_fail.cold+0xa/0x14
[  296.799879]  ? setup_fault_attr+0x200/0x200
[  296.804189]  ? lock_acquire+0x170/0x3c0
[  296.808176]  __should_failslab+0x115/0x180
[  296.812400]  should_failslab+0x5/0xf
[  296.816114]  kmem_cache_alloc_trace+0x284/0x380
[  296.820945]  erofs_fill_super+0x167/0x12cc
[  296.825180]  ? init_once+0x13/0x13
[  296.828730]  ? vsprintf+0x30/0x30
[  296.832171]  ? wait_for_completion_io+0x10/0x10
[  296.836865]  ? set_blocksize+0x163/0x3f0
[  296.840944]  mount_bdev+0x2fc/0x3b0
[  296.844577]  ? init_once+0x13/0x13
[  296.848121]  erofs_mount+0x8c/0xc0
[  296.851743]  ? erofs_kill_sb+0x20/0x20
[  296.855641]  ? alloc_pages_current+0x19b/0x2a0
[  296.860230]  ? __lockdep_init_map+0x100/0x5a0
[  296.864740]  mount_fs+0xa3/0x30c
[  296.868120]  vfs_kern_mount.part.0+0x68/0x470
[  296.872627]  do_mount+0x113c/0x2f10
[  296.876280]  ? retint_kernel+0x2d/0x2d
[  296.880175]  ? copy_mount_string+0x40/0x40
[  296.884418]  ? copy_mount_options+0x1f9/0x380
[  296.888923]  ? write_comp_data+0x3/0x70
[  296.892907]  ? copy_mount_options+0x26f/0x380
[  296.897387]  ksys_mount+0xcf/0x130
[  296.900937]  __x64_sys_mount+0xba/0x150
[  296.904915]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  296.909567]  do_syscall_64+0xf9/0x620
[  296.913365]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  296.918553] RIP: 0033:0x460baa
[  296.921728] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
21:35:50 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
r1 = socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
prctl$PR_SET_KEEPCAPS(0x8, 0x0)
socket$inet(0x2, 0x5, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r1, 0x111, 0x1, 0x800, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000040)={0xfffffffd}, 0x4)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
recvfrom$x25(r3, &(0x7f0000000340)=""/134, 0x86, 0x0, &(0x7f0000000000)={0x9, @remote={[], 0x0}}, 0x12)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r4=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0)

21:35:50 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x9a02}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:50 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:50 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xffffff7f00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:50 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x5000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  296.940625] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  296.948332] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  296.955609] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  296.962891] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  296.970184] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  296.977448] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  297.068962] erofs: read_super, device -> /dev/loop4
21:35:50 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xa00f}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  297.117814] erofs: options -> 
[  297.132646] erofs: read_super, device -> /dev/loop2
21:35:50 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x1a000}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:50 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:50 executing program 1 (fault-call:3 fault-nth:53):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  297.160153] erofs: root inode @ nid 36
[  297.160813] erofs: options -> 
[  297.170034] erofs: mounted on /dev/loop4 with opts: .
[  297.176265] erofs: root inode @ nid 36
[  297.194081] erofs: mounted on /dev/loop2 with opts: .
21:35:50 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x2000b}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:50 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x6000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  297.293097] erofs: read_super, device -> /dev/loop1
21:35:50 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xffffffff00000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  297.318389] erofs: unmounted for /dev/loop2
[  297.323164] erofs: options -> 
[  297.327037] erofs: unmounted for /dev/loop4
[  297.332848] FAULT_INJECTION: forcing a failure.
[  297.332848] name failslab, interval 1, probability 0, space 0, times 0
[  297.358064] CPU: 0 PID: 16788 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  297.365993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  297.375382] Call Trace:
[  297.377977]  dump_stack+0x1fc/0x2fe
[  297.381629]  should_fail.cold+0xa/0x14
[  297.385530]  ? do_mount+0x113c/0x2f10
[  297.389331]  ? setup_fault_attr+0x200/0x200
[  297.394056]  ? blk_queue_enter+0x40b/0xb70
[  297.398314]  __should_failslab+0x115/0x180
[  297.402549]  should_failslab+0x5/0xf
[  297.406257]  kmem_cache_alloc_node+0x54/0x3b0
[  297.410749]  create_task_io_context+0x2c/0x430
[  297.415328]  generic_make_request_checks+0x1c4f/0x22e0
[  297.420626]  ? should_fail_bio.isra.0+0xa0/0xa0
[  297.425287]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  297.430312]  ? kmem_cache_alloc+0x315/0x370
[  297.434636]  generic_make_request+0x23f/0xdf0
[  297.439126]  ? blk_put_request+0x110/0x110
[  297.443358]  ? lock_downgrade+0x720/0x720
[  297.447497]  submit_bio+0xb1/0x430
[  297.451048]  ? generic_make_request+0xdf0/0xdf0
[  297.455717]  ? check_preemption_disabled+0x41/0x280
[  297.460831]  ? guard_bio_eod+0x2a0/0x640
[  297.464900]  submit_bh_wbc+0x5a7/0x760
[  297.468783]  __bread_gfp+0x14e/0x300
[  297.472497]  erofs_fill_super+0x207/0x12cc
[  297.476737]  ? init_once+0x13/0x13
[  297.480269]  ? vsprintf+0x30/0x30
[  297.483714]  ? wait_for_completion_io+0x10/0x10
[  297.488372]  ? set_blocksize+0x163/0x3f0
[  297.492433]  mount_bdev+0x2fc/0x3b0
[  297.496066]  ? init_once+0x13/0x13
[  297.499612]  erofs_mount+0x8c/0xc0
[  297.503161]  ? erofs_kill_sb+0x20/0x20
[  297.507050]  ? alloc_pages_current+0x19b/0x2a0
[  297.511647]  ? __lockdep_init_map+0x100/0x5a0
[  297.516395]  mount_fs+0xa3/0x30c
[  297.519769]  vfs_kern_mount.part.0+0x68/0x470
[  297.524278]  do_mount+0x113c/0x2f10
[  297.527899]  ? lock_acquire+0x170/0x3c0
[  297.531876]  ? check_preemption_disabled+0x41/0x280
[  297.536897]  ? copy_mount_string+0x40/0x40
[  297.541133]  ? copy_mount_options+0x59/0x380
[  297.545555]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  297.550573]  ? kmem_cache_alloc_trace+0x323/0x380
[  297.555408]  ? copy_mount_options+0x26f/0x380
[  297.559895]  ksys_mount+0xcf/0x130
[  297.563424]  __x64_sys_mount+0xba/0x150
[  297.567388]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  297.571957]  do_syscall_64+0xf9/0x620
[  297.575749]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  297.581029] RIP: 0033:0x460baa
[  297.584227] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  297.603116] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  297.610812] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  297.618080] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  297.625366] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  297.632649] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  297.639904] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  297.662170] erofs: root inode @ nid 36
[  297.667373] erofs: mounted on /dev/loop1 with opts: .
[  297.712987] erofs: read_super, device -> /dev/loop2
[  297.721711] erofs: options -> 
[  297.741786] erofs: root inode @ nid 36
[  297.751317] erofs: unmounted for /dev/loop1
[  297.755775] erofs: mounted on /dev/loop2 with opts: .
[  297.764172] erofs: read_super, device -> /dev/loop4
[  297.772077] erofs: options -> 
[  297.779773] erofs: root inode @ nid 36
[  297.788302] erofs: mounted on /dev/loop4 with opts: .
[  297.806368] erofs: unmounted for /dev/loop2
21:35:51 executing program 3:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

21:35:51 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x400000}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

21:35:51 executing program 1 (fault-call:3 fault-nth:54):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:51 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x7000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  297.835695] erofs: unmounted for /dev/loop4
21:35:51 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:51 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
r1 = socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
socket$inet6_icmp(0xa, 0x2, 0x3a)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = dup(r2)
r4 = openat$incfs(r3, &(0x7f0000000000)='.pending_reads\x00', 0x218000, 0xa5)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendto$x25(r3, &(0x7f0000000240)="73675705b7f5634e24060dd2770c1424e90dd06cf0ab7963770bec9e23de1728c27428ab0b4968fc18c0d8140ce7b41ec336e65e8755040f2f04b6356d9ba9a89be1610b7e62717075f15c16a021d983b776606f350c7f0c4af4", 0x5a, 0x40011, &(0x7f0000000100)={0x9, @null='               \x00'}, 0x12)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r5=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0)
recvfrom$l2tp6(r1, &(0x7f00000001c0)=""/20, 0x14, 0x40000040, &(0x7f0000000040)={0xa, 0x0, 0x0, @local}, 0x20)
sendmsg$NL80211_CMD_START_P2P_DEVICE(r3, &(0x7f0000000400)={&(0x7f0000000340), 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, 0x0, 0x800, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xff, 0x15}}}}, ["", "", "", ""]}, 0x20}}, 0x0)

[  297.927289] erofs: read_super, device -> /dev/loop1
[  297.950648] erofs: options -> 
[  297.968902] erofs: root inode @ nid 36
[  297.986051] erofs: read_super, device -> /dev/loop2
[  297.998612] erofs: options -> 
[  298.010249] erofs: read_super, device -> /dev/loop4
[  298.013917] FAULT_INJECTION: forcing a failure.
[  298.013917] name failslab, interval 1, probability 0, space 0, times 0
[  298.021272] erofs: options -> 
[  298.035971] erofs: root inode @ nid 36
[  298.043727] erofs: root inode @ nid 36
21:35:51 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

21:35:51 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xa00100}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  298.048100] erofs: mounted on /dev/loop4 with opts: .
[  298.062209] erofs: mounted on /dev/loop2 with opts: .
[  298.069597] CPU: 1 PID: 16822 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  298.077494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  298.086854] Call Trace:
[  298.089456]  dump_stack+0x1fc/0x2fe
[  298.093101]  should_fail.cold+0xa/0x14
[  298.097038]  ? setup_fault_attr+0x200/0x200
[  298.101372]  ? lock_acquire+0x170/0x3c0
[  298.105363]  __should_failslab+0x115/0x180
[  298.109610]  should_failslab+0x5/0xf
[  298.113331]  kmem_cache_alloc+0x277/0x370
[  298.117492]  ? destroy_inode+0x20/0x20
[  298.121395]  alloc_inode+0x18/0x50
[  298.124948]  ? destroy_inode+0x20/0x20
[  298.128845]  alloc_inode+0x5d/0x180
[  298.132484]  new_inode+0x1d/0xf0
[  298.135862]  erofs_fill_super+0xde9/0x12cc
[  298.140116]  ? init_once+0x13/0x13
[  298.143762]  ? vsprintf+0x30/0x30
[  298.147234]  ? wait_for_completion_io+0x10/0x10
[  298.151917]  ? set_blocksize+0x163/0x3f0
[  298.156000]  mount_bdev+0x2fc/0x3b0
[  298.159650]  ? init_once+0x13/0x13
[  298.163205]  erofs_mount+0x8c/0xc0
[  298.166755]  ? erofs_kill_sb+0x20/0x20
[  298.170657]  ? alloc_pages_current+0x19b/0x2a0
[  298.175248]  ? __lockdep_init_map+0x100/0x5a0
[  298.179761]  mount_fs+0xa3/0x30c
[  298.183147]  vfs_kern_mount.part.0+0x68/0x470
[  298.187661]  do_mount+0x113c/0x2f10
[  298.191304]  ? do_raw_spin_unlock+0x171/0x230
[  298.195809]  ? check_preemption_disabled+0x41/0x280
[  298.200844]  ? copy_mount_string+0x40/0x40
[  298.205114]  ? copy_mount_options+0x59/0x380
[  298.209561]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  298.214594]  ? kmem_cache_alloc_trace+0x323/0x380
[  298.219457]  ? copy_mount_options+0x26f/0x380
[  298.223971]  ksys_mount+0xcf/0x130
[  298.227533]  __x64_sys_mount+0xba/0x150
[  298.231520]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  298.236117]  do_syscall_64+0xf9/0x620
[  298.239930]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  298.245128] RIP: 0033:0x460baa
[  298.248355] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  298.267298] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  298.275030] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  298.282320] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  298.290296] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  298.297578] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  298.304860] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
21:35:51 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x8000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:51 executing program 1 (fault-call:3 fault-nth:55):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

[  298.455528] erofs: unmounted for /dev/loop2
21:35:51 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="e2e1f5e08a1f5add010000000c0024", 0xf, 0x400}, {&(0x7f0000010100)="05000000c041", 0x6, 0x480}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000010a00))

21:35:51 executing program 0:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
getsockopt$IP_SET_OP_GET_FNAME(r1, 0x1, 0x53, &(0x7f0000000400)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000440)=0x2c)
socket$inet(0x2, 0x80001, 0x0)
r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x40201, 0x0)
sendmsg$TIPC_CMD_SET_LINK_TOL(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x68, 0x0, 0x4, 0x70bd29, 0x25dfdbfc, {{}, {}, {0x4c, 0x18, {0x4, @link='syz0\x00'}}}, ["", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x10)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
r4 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000380)='/dev/btrfs-control\x00', 0x400000, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r5, @ANYBLOB="0c0023800500130012"], 0x28}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x20, 0x0, 0x4, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_DISABLE_HT={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
ioctl$KVM_PPC_ALLOCATE_HTAB(r4, 0xc004aea7, &(0x7f00000003c0)=0x5)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$bt_rfcomm_RFCOMM_LM(r3, 0x12, 0x3, &(0x7f0000000340)=0x1, 0x4)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r6=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0)

21:35:51 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x1000000}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  298.550457] erofs: unmounted for /dev/loop4
21:35:51 executing program 3:
openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

[  298.615658] erofs: read_super, device -> /dev/loop1
[  298.621198] erofs: options -> 
[  298.627050] erofs: root inode @ nid 36
[  298.631177] FAULT_INJECTION: forcing a failure.
[  298.631177] name failslab, interval 1, probability 0, space 0, times 0
[  298.651011] erofs: read_super, device -> /dev/loop2
[  298.664338] erofs: read_super, device -> /dev/loop4
[  298.677532] CPU: 1 PID: 16859 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  298.680901] erofs: options -> 
[  298.685430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  298.685435] Call Trace:
[  298.685458]  dump_stack+0x1fc/0x2fe
[  298.685479]  should_fail.cold+0xa/0x14
[  298.685496]  ? setup_fault_attr+0x200/0x200
[  298.685509]  ? lock_acquire+0x170/0x3c0
[  298.685532]  __should_failslab+0x115/0x180
[  298.685547]  should_failslab+0x5/0xf
[  298.685559]  kmem_cache_alloc+0x277/0x370
[  298.685576]  erofs_fill_super+0x10a1/0x12cc
[  298.685593]  ? init_once+0x13/0x13
[  298.685607]  ? vsprintf+0x30/0x30
[  298.685628]  ? wait_for_completion_io+0x10/0x10
[  298.685642]  ? set_blocksize+0x163/0x3f0
[  298.685665]  mount_bdev+0x2fc/0x3b0
[  298.685680]  ? init_once+0x13/0x13
[  298.713502] erofs: options -> 
[  298.716668]  erofs_mount+0x8c/0xc0
[  298.716686]  ? erofs_kill_sb+0x20/0x20
[  298.716705]  ? alloc_pages_current+0x19b/0x2a0
[  298.716719]  ? __lockdep_init_map+0x100/0x5a0
[  298.716737]  mount_fs+0xa3/0x30c
[  298.716756]  vfs_kern_mount.part.0+0x68/0x470
[  298.739582] erofs: root inode @ nid 36
[  298.740141]  do_mount+0x113c/0x2f10
[  298.745372] erofs: cannot read erofs superblock
[  298.748864]  ? lock_acquire+0x170/0x3c0
[  298.748880]  ? check_preemption_disabled+0x41/0x280
[  298.748898]  ? copy_mount_string+0x40/0x40
[  298.748913]  ? copy_mount_options+0x59/0x380
21:35:52 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
socket(0x15, 0x80005, 0x0)
timerfd_create(0x0, 0x0)
socket$inet(0x2, 0x80001, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mISDNtimer\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x2000000}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  298.748930]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  298.748948]  ? kmem_cache_alloc_trace+0x323/0x380
[  298.784789] erofs: mounted on /dev/loop2 with opts: .
[  298.787558]  ? copy_mount_options+0x26f/0x380
[  298.787578]  ksys_mount+0xcf/0x130
[  298.787597]  __x64_sys_mount+0xba/0x150
[  298.787612]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  298.787632]  do_syscall_64+0xf9/0x620
[  298.849374]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  298.854571] RIP: 0033:0x460baa
[  298.857761] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  298.876678] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  298.884375] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  298.891649] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  298.898905] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  298.906158] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  298.913411] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  298.925283] BUG: Dentry 00000000f20134b0{i=0,n=/}  still in use (-128) [unmount of erofs loop1]
[  298.935077] ------------[ cut here ]------------
[  298.940034] WARNING: CPU: 1 PID: 16859 at fs/dcache.c:1518 umount_check.cold+0xf2/0x116
[  298.948174] Kernel panic - not syncing: panic_on_warn set ...
[  298.948174] 
[  298.955559] CPU: 1 PID: 16859 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
[  298.963449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  298.972800] Call Trace:
[  298.975395]  dump_stack+0x1fc/0x2fe
[  298.979135]  panic+0x26a/0x50e
[  298.982345]  ? __warn_printk+0xf3/0xf3
[  298.986237]  ? umount_check.cold+0xf2/0x116
[  298.990566]  ? __probe_kernel_read+0x130/0x1b0
[  298.995151]  ? __warn.cold+0x5/0x61
[  298.998781]  ? umount_check.cold+0xf2/0x116
[  299.003102]  __warn.cold+0x20/0x61
[  299.006642]  ? umount_check.cold+0xf2/0x116
[  299.010962]  report_bug+0x262/0x2b0
[  299.014608]  do_error_trap+0x1d7/0x310
[  299.018494]  ? math_error+0x310/0x310
[  299.022294]  ? irq_work_claim+0xa6/0xc0
[  299.026287]  ? irq_work_queue+0x29/0x80
[  299.030261]  ? error_entry+0x72/0xd0
[  299.033986]  ? trace_hardirqs_off_caller+0x6e/0x210
[  299.039005]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  299.043861]  invalid_op+0x14/0x20
[  299.047320] RIP: 0010:umount_check.cold+0xf2/0x116
[  299.052258] Code: ff 4d 89 f1 45 89 e0 48 89 e9 41 55 4c 89 fa 48 89 ee 48 c7 c7 c0 a2 74 88 e8 82 00 a4 ff 48 c7 c7 c0 a1 74 88 e8 76 00 a4 ff <0f> 0b 58 e9 fe 9a ff ff e8 9a 2f ef ff e9 22 ff ff ff 48 89 df e8
[  299.071252] RSP: 0018:ffff88804cb77a98 EFLAGS: 00010286
[  299.076634] RAX: 0000000000000024 RBX: 0000000000000000 RCX: 0000000000000000
[  299.083924] RDX: 0000000000040000 RSI: ffffffff814fdbb1 RDI: ffffed100996ef45
[  299.091195] RBP: ffff88808e08fb40 R08: 0000000000000024 R09: 0000000000000000
[  299.098488] R10: 0000000000000005 R11: 0000000000000000 R12: 00000000ffffff80
[  299.105852] R13: ffff88804e732710 R14: ffffffff893f5040 R15: 0000000000000000
[  299.113164]  ? vprintk_func+0x81/0x17e
[  299.117068]  ? umount_check.cold+0xf2/0x116
[  299.121403]  d_walk+0x196/0x990
[  299.124685]  ? shrink_dcache_parent+0x120/0x120
[  299.129381]  ? debug_check_no_obj_freed+0x201/0x482
[  299.134427]  shrink_dcache_for_umount+0x87/0x330
[  299.139198]  generic_shutdown_super+0x68/0x370
[  299.143792]  kill_block_super+0x97/0xf0
[  299.147770]  deactivate_locked_super+0x94/0x160
[  299.152444]  mount_bdev+0x373/0x3b0
[  299.156069]  ? init_once+0x13/0x13
[  299.159612]  erofs_mount+0x8c/0xc0
[  299.163153]  ? erofs_kill_sb+0x20/0x20
[  299.167045]  ? alloc_pages_current+0x19b/0x2a0
[  299.171646]  ? __lockdep_init_map+0x100/0x5a0
[  299.176149]  mount_fs+0xa3/0x30c
[  299.179542]  vfs_kern_mount.part.0+0x68/0x470
[  299.184058]  do_mount+0x113c/0x2f10
[  299.187690]  ? lock_acquire+0x170/0x3c0
[  299.191674]  ? check_preemption_disabled+0x41/0x280
[  299.196701]  ? copy_mount_string+0x40/0x40
[  299.200938]  ? copy_mount_options+0x59/0x380
[  299.205356]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  299.210383]  ? kmem_cache_alloc_trace+0x323/0x380
[  299.215240]  ? copy_mount_options+0x26f/0x380
[  299.219764]  ksys_mount+0xcf/0x130
[  299.223334]  __x64_sys_mount+0xba/0x150
[  299.227312]  ? lockdep_hardirqs_on+0x3a8/0x5c0
[  299.231917]  do_syscall_64+0xf9/0x620
[  299.235721]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  299.240909] RIP: 0033:0x460baa
[  299.244103] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  299.263011] RSP: 002b:00007f45360aba78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[  299.270727] RAX: ffffffffffffffda RBX: 00007f45360abb10 RCX: 0000000000460baa
[  299.278000] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f45360abad0
[  299.285272] RBP: 00007f45360abad0 R08: 00007f45360abb10 R09: 0000000020000000
[  299.292560] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000
[  299.299825] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020010a00
[  299.308080] Kernel Offset: disabled
[  299.312010] Rebooting in 86400 seconds..