program: io_setup(0x4, &(0x7f0000000080)=0x0) syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x90, &(0x7f0000003280)=ANY=[@ANYRES16=r0], 0x1, 0xdc2, &(0x7f0000001f40)="$eJzs3UtvXNUdAPBzx3acVxsnMY2bpklKSnEfsUmwSnc1UrpArVAlPgFKAw019BFYgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNQEi0jVrBVLbPGc/87dGdcWyPx/P7SXfO3Ps/c885M3fu3Lmvk4CR1Vh5XFiYqVJ66/abl+6fGf/P8pQzrRxnVx7H89hiSmmi9bqUpsL8FidX088+uX65Pf08p1W6mKpUtaanp++1XnsopXQjnU130lR65uMTt154/6mld4/fPH7p9dm729N6AAAYLfd/+M4v//roD64f/e/vTi+mydb0sn2+mMcP5+3+xWp1PCet/wFVW1q1jRf7Qr7xPDRCvrEN8rWXMxHyjXcpf1+Y70SXfJM15Y+1Tduo3TDM1v7HV425jvFGY25u9T/5sg/G9lVzL11deu7agCoKbLlPz+RdfAaDYeSG5pFBr4EAVsXjhuvciHsWHkxrbuO9lX/vycbGr4ctsNPLv/KHq/x3blrjsHX26tJU2lW+R4fzeDyOMB5e1+/3v8wvHo+Y6LGe3Y4jDMvxhW71HNvhemxWt/rH5WKv+mpOy/twOsTbvz/xMx2WzxjY2H37/w2GkR2ag14BAbtWPG+umZV4PK8vxidr4vtr4gdq4gdr4odq4jDKfv/yb9Ktau1/fvxP3+/+sLKf7Qs5/WKf9Yn7I/stP573268HLT+eTwy72uy/T336yp2/xfP/Pw/n/5/Lv6VTeQVR9hfG/eqtc//DhcGNLvmOdeT6X2u90Z5/5fl05/yq6bX5pLb1zLp6zHS+7ki3fKc6802FfAfztsj+zmzrtk8OhteV7Y+yXi3vV9m/XNo7EdqxL9SjfDJHc7o/tOdot3aFHdn7OvO1DlMcD+2aDu16KMz/S6Fd1Uxnu+L+81KfE2F6PE5S8oWPbd3vUvws4nUZD+f0jZy+ndP3cvrhBuWOorI8djv/vyyfM2mieu7q0pXH8nhZTu+OTUwuT7+ww/UGHlyv1//MpM7rfw63pk802tcLR9amV+3rhakw/WKX6Y/n8fJ79tOxAyvT5y7/fOknW914GHHXXn3tZ88uLV35lSdb+6SZt1h3S3088aSvJ4NeMwHbbf7lF38xf+3V185fffHZ5688f+WlC49977uPP/HEwvzKVv18+7Y9sLes/egPuiYAAAAAAAAAAABAz6oDG0/Oad39bcv15OX69Hh9PMOhfG5laSj3MSjXf3a7r0u5fvPoDtSRrbcTlxMNuo3Axj5y/1+DYWSHZtNd/IHdYdD9/5X7Hpb08Pl/HF0eSrZ7T3auL49taW0Ydbu9/znl763+/1r9X/W8/gs9Zk1trtw/3D/w97Zi08ley4/tL/eBne6v/D/m8ktrHkm9ld/8bSg/3qi0R38K5R/ssfx17T+1ufL/nMsvb9vsuV7LX61x1eisR9xvXO4DGPcbF38J7S/39uuz/Qc221Hb7Vw+jLJh6WeyX8PS/2c3Zb5lPZhXz63jdOX+27G/g37rX+77XX4HHgrzr2p+3/T/Odzq+v8sy9+8/j9hz/nA8T/DXhte2QV1aA0frX3ZBl6X9UOz2Rxo1yej2u/KbjHo93/z25BbU/NBb8MO+v2vE/v/jP+XYv+fMR77/4zx2P9njMf+tWI89v8Z38/Y/2eMnwjzjf2DztTEv1wTP1kT/0pN/FRNPP5/i/GzNfHTNfEzNfFjNfGHa+LnauJfr4k/UhN/tCY+WxPf676W01FtP4yylQNrP1rrpdf3H0ZHOf7T7fd/uiYODK/Yr3P8fn+jJg4Mr3Keh+83jKBq4zt2xP3tZT/uGzl9O6fv5fTDbasgO+GbOf1WTr+d0+/k9HxO53I6n1N9Qw63X//z5Olb1dp5fkdCvNfzSeP1APE+MRd6rE88Ptfv+awneixnu8rf5OUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEOjsfK4sDBTpfTW7Tcv/Wv6+z9ennKmlePsyuN4HltMKU2klKo8Ph7md2NyNf3sk+uXN0qrdHHlsYynp++1Xnto+fXpbLqTptIzH5+49cL7Ty29e/zm8Uuvz97dntYDAADAaPh/AAAA//9GOuW3") (async) r1 = syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x90, &(0x7f0000003280)=ANY=[@ANYRES16=r0], 0x1, 0xdc2, &(0x7f0000001f40)="$eJzs3UtvXNUdAPBzx3acVxsnMY2bpklKSnEfsUmwSnc1UrpArVAlPgFKAw019BFYgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNQEi0jVrBVLbPGc/87dGdcWyPx/P7SXfO3Ps/c885M3fu3Lmvk4CR1Vh5XFiYqVJ66/abl+6fGf/P8pQzrRxnVx7H89hiSmmi9bqUpsL8FidX088+uX65Pf08p1W6mKpUtaanp++1XnsopXQjnU130lR65uMTt154/6mld4/fPH7p9dm729N6AAAYLfd/+M4v//roD64f/e/vTi+mydb0sn2+mMcP5+3+xWp1PCet/wFVW1q1jRf7Qr7xPDRCvrEN8rWXMxHyjXcpf1+Y70SXfJM15Y+1Tduo3TDM1v7HV425jvFGY25u9T/5sg/G9lVzL11deu7agCoKbLlPz+RdfAaDYeSG5pFBr4EAVsXjhuvciHsWHkxrbuO9lX/vycbGr4ctsNPLv/KHq/x3blrjsHX26tJU2lW+R4fzeDyOMB5e1+/3v8wvHo+Y6LGe3Y4jDMvxhW71HNvhemxWt/rH5WKv+mpOy/twOsTbvz/xMx2WzxjY2H37/w2GkR2ag14BAbtWPG+umZV4PK8vxidr4vtr4gdq4gdr4odq4jDKfv/yb9Ktau1/fvxP3+/+sLKf7Qs5/WKf9Yn7I/stP573268HLT+eTwy72uy/T336yp2/xfP/Pw/n/5/Lv6VTeQVR9hfG/eqtc//DhcGNLvmOdeT6X2u90Z5/5fl05/yq6bX5pLb1zLp6zHS+7ki3fKc6802FfAfztsj+zmzrtk8OhteV7Y+yXi3vV9m/XNo7EdqxL9SjfDJHc7o/tOdot3aFHdn7OvO1DlMcD+2aDu16KMz/S6Fd1Uxnu+L+81KfE2F6PE5S8oWPbd3vUvws4nUZD+f0jZy+ndP3cvrhBuWOorI8djv/vyyfM2mieu7q0pXH8nhZTu+OTUwuT7+ww/UGHlyv1//MpM7rfw63pk802tcLR9amV+3rhakw/WKX6Y/n8fJ79tOxAyvT5y7/fOknW914GHHXXn3tZ88uLV35lSdb+6SZt1h3S3088aSvJ4NeMwHbbf7lF38xf+3V185fffHZ5688f+WlC49977uPP/HEwvzKVv18+7Y9sLes/egPuiYAAAAAAAAAAABAz6oDG0/Oad39bcv15OX69Hh9PMOhfG5laSj3MSjXf3a7r0u5fvPoDtSRrbcTlxMNuo3Axj5y/1+DYWSHZtNd/IHdYdD9/5X7Hpb08Pl/HF0eSrZ7T3auL49taW0Ydbu9/znl763+/1r9X/W8/gs9Zk1trtw/3D/w97Zi08ley4/tL/eBne6v/D/m8ktrHkm9ld/8bSg/3qi0R38K5R/ssfx17T+1ufL/nMsvb9vsuV7LX61x1eisR9xvXO4DGPcbF38J7S/39uuz/Qc221Hb7Vw+jLJh6WeyX8PS/2c3Zb5lPZhXz63jdOX+27G/g37rX+77XX4HHgrzr2p+3/T/Odzq+v8sy9+8/j9hz/nA8T/DXhte2QV1aA0frX3ZBl6X9UOz2Rxo1yej2u/KbjHo93/z25BbU/NBb8MO+v2vE/v/jP+XYv+fMR77/4zx2P9njMf+tWI89v8Z38/Y/2eMnwjzjf2DztTEv1wTP1kT/0pN/FRNPP5/i/GzNfHTNfEzNfFjNfGHa+LnauJfr4k/UhN/tCY+WxPf676W01FtP4yylQNrP1rrpdf3H0ZHOf7T7fd/uiYODK/Yr3P8fn+jJg4Mr3Keh+83jKBq4zt2xP3tZT/uGzl9O6fv5fTDbasgO+GbOf1WTr+d0+/k9HxO53I6n1N9Qw63X//z5Olb1dp5fkdCvNfzSeP1APE+MRd6rE88Ptfv+awneixnu8rf5OUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEOjsfK4sDBTpfTW7Tcv/Wv6+z9ennKmlePsyuN4HltMKU2klKo8Ph7md2NyNf3sk+uXN0qrdHHlsYynp++1Xnto+fXpbLqTptIzH5+49cL7Ty29e/zm8Uuvz97dntYDAADAaPh/AAAA//9GOuW3") perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x71, 0x5, 0x8, 0x8, 0x0, 0x1f, 0x1369a, 0x8, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x1}, 0xb06, 0x3, 0x8, 0x1, 0x7f, 0x8800, 0x5, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_bp={0x0, 0x8}, 0x4010, 0x0, 0x0, 0x0, 0x3, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) (async) r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) r3 = syz_init_net_socket$ax25(0x3, 0x3, 0x7) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000)) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x1, 0x0, [{0x0, 0x2}]}, @enum]}}, 0x0, 0x3e}, 0x20) bind$ax25(r3, &(0x7f0000000540)={{0x3, @default}, [@bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) connect$ax25(r3, &(0x7f00000000c0)={{0x3, @null}, [@default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x48) (async) connect$ax25(r3, &(0x7f00000000c0)={{0x3, @null}, [@default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x48) write$UHID_INPUT(r3, 0x0, 0x0) (async) write$UHID_INPUT(r3, 0x0, 0x0) ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(r2, 0x40786e88, &(0x7f0000000640)={{0x0, 0x0, 0x40, 0xd, 0xe2}, {0x0, 0x0, 0x10, 0x20c, 0xfffffffffffffff8}, {0x0, 0x0, 0x8, 0x4, 0x2}, {&(0x7f00000004c0)=[{0x400, 0x6, 0x6, 0x9, 0xf}, {0x2, 0x6, 0x9, 0x1, 0x25}], 0x2, 0x28, 0x0, 0xffffffffffffff2d}, {&(0x7f00000003c0)=[0x9], 0x1, 0x8, 0x98f, 0xffff}}) (async) ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(r2, 0x40786e88, &(0x7f0000000640)={{0x0, 0x0, 0x40, 0xd, 0xe2}, {0x0, 0x0, 0x10, 0x20c, 0xfffffffffffffff8}, {0x0, 0x0, 0x8, 0x4, 0x2}, {&(0x7f00000004c0)=[{0x400, 0x6, 0x6, 0x9, 0xf}, {0x2, 0x6, 0x9, 0x1, 0x25}], 0x2, 0x28, 0x0, 0xffffffffffffff2d}, {&(0x7f00000003c0)=[0x9], 0x1, 0x8, 0x98f, 0xffff}}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x64) (async) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x64) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0f00000004000000040000000108000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000001f00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000fbffffff00"/28], 0x48) openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0) (async) r6 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) (async) r7 = socket$nl_route(0x10, 0x3, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f00000005c0), 0x191000, 0x0) (async) r8 = openat$tun(0xffffffffffffff9c, &(0x7f00000005c0), 0x191000, 0x0) ioctl$TUNSETPERSIST(r8, 0x400454cb, 0x0) r9 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt(r9, 0x28, 0x2, &(0x7f0000000000)=""/75, &(0x7f0000000280)=0x4b) ioctl$PPPIOCSCOMPRESS(r2, 0x4010744d) sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="5c00000010002104000000000000000000000000529feccb7a3cf06b38b31ebcd0cfb365ffdadce1756b6ecb2aee2339e0029b32d0a93ce235f62a9c532cfb9c29905a001de4e4984fbb1c53cce993b2d385a72416940c06f7abd25d61dd176fbfeabf496f69a807f547d9fd88c44cbeb076c03855656dc887936ec0e4ca5d799d47c02b1505d16061721bf68d44b3b83c60c0bcb23fd7b61cbdac7e826e92359c97efda6040f977df41ee52524bc95c0fe83dfb4d1a2244e44301cbda39eeafa9d6a017dbc681f7473b6b4e9750593ac6ee7c2c9016efc717e010335fa3abad40cff7ff0c96b441121272463bf4fcaec303a4cc9e1eb9984a31b781528e0a3b8574778fcaa2fd9d160b62d63acbe61d461f255406682fd193a26a6e8aa4", @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800c0001006d6163766c616e002c00028018000400aaaaaaaaaa0000001c0005800a000400aaaaaaaaaa0000000a000400ffffffffffff0000"], 0x5c}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e00000004000000080000000800000000000000", @ANYRES32=r6, @ANYBLOB="00000000000600"/20, @ANYRES32, @ANYRES16=r1, @ANYBLOB="000000000300006f050000000000000000000000000000000060ded41c00000048b4e253b273482743b9e8eceaca2c14cc5b0710eeb60b1d27477cd97feced0d2fcb13f41f7839cfe247d0a960a7564c6744942a2e73a65f401ea111ead576910c868a30972b257df0f5c3fdb10bc10c231278c3a070c3b1d416c05baac6ca61921c7b65d58a3abb993edfba30dfcdcc35464c642c0c5fce7f692d976be11929ae7218689b1335179a6cc8ffb6b1550211408c75d6f1830d9750913b43e704f07f32e9b106cd5e9fda67fbf454714ada755b1e87515da8abe83084bc8514aa7218259b5c84c115995b740837f9789b52ad8762dc5072ba26b8ac88d9918610950b53f4ef722a6a6e11131caf6f484e693c0e"], 0x50) getsockname$packet(r6, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000480)=0x14) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f0000000000)={0x20}, 0x1) ioctl$EVIOCGLED(r6, 0x80404519, &(0x7f00000002c0)=""/254) [ 104.431622][ T4666] Bluetooth: hci0: command tx timeout [ 104.668417][ T5326] loop0: detected capacity change from 0 to 4096 [ 104.720844][ T5326] NILFS (loop0): invalid segment: Checksum error in segment payload [ 104.761413][ T5326] NILFS (loop0): trying rollback from an earlier position [ 104.818662][ T5326] NILFS (loop0): recovery complete [ 104.832575][ T5332] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 104.884160][ T5325] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] SMP KASAN NOPTI [ 104.892471][ T5325] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] [ 104.900848][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 104.908660][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 104.919234][ T5325] RIP: 0010:nilfs_mdt_save_to_shadow_map+0x141/0x1c0 [ 104.923694][ T5325] Code: 3f 4c 8d 63 d8 4c 89 e0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 e7 e8 9e 6f 84 fe 4d 8b 24 24 49 83 c4 30 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 80 6f 84 fe 49 8b 34 24 4c 89 ff [ 104.937109][ T5325] RSP: 0018:ffffc9000daef708 EFLAGS: 00010206 [ 104.940251][ T5325] RAX: 0000000000000006 RBX: ffff8880118e47a8 RCX: 0000000000000000 [ 104.944940][ T5325] RDX: ffff88801ccea4c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 104.949816][ T5325] RBP: 0000000000000000 R08: ffff88801ccea4c0 R09: 0000000000000003 [ 104.954048][ T5325] R10: 0000000000000406 R11: 0000000000000000 R12: 0000000000000030 [ 104.958399][ T5325] R13: dffffc0000000000 R14: ffff888012021940 R15: ffff8880118e3c48 [ 104.962618][ T5325] FS: 00007f184f5306c0(0000) GS:ffff88808ca49000(0000) knlGS:0000000000000000 [ 104.966616][ T5325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.970106][ T5325] CR2: 00007f184f4ecfe8 CR3: 000000001277d000 CR4: 0000000000352ef0 [ 104.974834][ T5325] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 104.978859][ T5325] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000602 [ 104.983382][ T5325] Call Trace: [ 104.985337][ T5325] [ 104.987085][ T5325] nilfs_clean_segments+0x162/0xa50 [ 104.989782][ T5325] ? nilfs_ioctl_move_blocks+0x94b/0xda0 [ 104.992556][ T5325] ? __pfx_nilfs_clean_segments+0x10/0x10 [ 104.995950][ T5325] ? _copy_from_user+0x94/0xb0 [ 104.999013][ T5325] nilfs_ioctl+0x261f/0x2780 [ 105.002755][ T5325] ? __pfx_nilfs_ioctl+0x10/0x10 [ 105.005199][ T5325] ? kasan_save_track+0x4f/0x80 [ 105.007961][ T5325] ? kasan_save_track+0x3e/0x80 [ 105.011194][ T5325] ? kasan_save_free_info+0x46/0x50 [ 105.014006][ T5325] ? __kasan_slab_free+0x5c/0x80 [ 105.016373][ T5325] ? kfree+0x1c1/0x630 [ 105.019362][ T5325] ? tomoyo_path_number_perm+0x501/0x630 [ 105.023597][ T5325] ? security_file_ioctl+0xc3/0x2a0 [ 105.026632][ T5325] ? __se_sys_ioctl+0x47/0x170 [ 105.029519][ T5325] ? do_syscall_64+0x14d/0xf80 [ 105.032235][ T5325] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.036742][ T5325] ? kasan_quarantine_put+0xbb/0x1f0 [ 105.040612][ T5325] ? tomoyo_path_number_perm+0x219/0x630 [ 105.043255][ T5325] ? tomoyo_path_number_perm+0x219/0x630 [ 105.046341][ T5325] ? do_vfs_ioctl+0x1166/0x1530 [ 105.049122][ T5325] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 105.051551][ T5325] ? do_futex+0x333/0x420 [ 105.053741][ T5325] ? hook_socket_connect+0x107/0x190 [ 105.056666][ T5325] ? __fget_files+0x2a/0x420 [ 105.059501][ T5325] ? __fget_files+0x2a/0x420 [ 105.061918][ T5325] ? __fget_files+0x3a0/0x420 [ 105.064218][ T5325] ? __fget_files+0x2a/0x420 [ 105.066507][ T5325] ? bpf_lsm_file_ioctl+0x9/0x20 [ 105.069634][ T5325] ? __pfx_nilfs_ioctl+0x10/0x10 [ 105.072604][ T5325] __se_sys_ioctl+0xfc/0x170 [ 105.075147][ T5325] do_syscall_64+0x14d/0xf80 [ 105.077308][ T5325] ? trace_irq_disable+0x3b/0x150 [ 105.079609][ T5325] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.082421][ T5325] ? clear_bhb_loop+0x40/0x90 [ 105.084890][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.088477][ T5325] RIP: 0033:0x7f184e59c819 [ 105.091232][ T5325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 105.101070][ T5325] RSP: 002b:00007f184f52ffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 105.105206][ T5325] RAX: ffffffffffffffda RBX: 00007f184e815fa0 RCX: 00007f184e59c819 [ 105.109017][ T5325] RDX: 0000200000000640 RSI: 0000000040786e88 RDI: 0000000000000006 [ 105.113377][ T5325] RBP: 00007f184e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 105.117774][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 105.121608][ T5325] R13: 00007f184e816038 R14: 00007f184e815fa0 R15: 00007ffd5718ebb8 [ 105.125841][ T5325] [ 105.127869][ T5325] Modules linked in: [ 105.131908][ T5325] ---[ end trace 0000000000000000 ]--- [ 105.184558][ T5325] RIP: 0010:nilfs_mdt_save_to_shadow_map+0x141/0x1c0 [ 105.187767][ T5325] Code: 3f 4c 8d 63 d8 4c 89 e0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 e7 e8 9e 6f 84 fe 4d 8b 24 24 49 83 c4 30 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 80 6f 84 fe 49 8b 34 24 4c 89 ff [ 105.198137][ T5325] RSP: 0018:ffffc9000daef708 EFLAGS: 00010206 [ 105.204938][ T5325] RAX: 0000000000000006 RBX: ffff8880118e47a8 RCX: 0000000000000000 [ 105.209557][ T5325] RDX: ffff88801ccea4c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 105.215322][ T5325] RBP: 0000000000000000 R08: ffff88801ccea4c0 R09: 0000000000000003 [ 105.219465][ T5325] R10: 0000000000000406 R11: 0000000000000000 R12: 0000000000000030 [ 105.224683][ T5325] R13: dffffc0000000000 R14: ffff888012021940 R15: ffff8880118e3c48 [ 105.228941][ T5325] FS: 00007f184f5306c0(0000) GS:ffff88808ca49000(0000) knlGS:0000000000000000 [ 105.235300][ T5325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.242231][ T5325] CR2: 00007ffd5718df58 CR3: 000000001277d000 CR4: 0000000000352ef0 [ 105.248123][ T5325] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 105.252591][ T5325] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000602 [ 105.256802][ T5325] Kernel panic - not syncing: Fatal exception [ 105.261350][ T5325] Kernel Offset: disabled [ 105.263574][ T5325] Rebooting in 86400 seconds..