program: syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x90, &(0x7f0000003280)=ANY=[@ANYRES16=0x0], 0x1, 0xda6, &(0x7f0000000e00)="$eJzs3UtvXNUdAPBzxx6bPGgcYho3TWOXlOI+YpNgle5qpHSBKqFKfAKUBhpq6CN0AQpqwqLbRkJ8gCL2XfSZBVLEKhWbVv0CiFU3KUKibVQJprJ9znj8zwx3HDsej+f3k+6cufd/7j3nzOPOnfs6CRhZjbXHpaWZKqW3brx5/s7s+H9Xp8y2c8ytPY7nseWUUrM9X0pTYXnLk+vppx9fudCZfpbTKp1LVara09Mzt9vzHkopXU1z6WaaSs9+dPz6i+8/vfLusWvHzr8+f+v+tB4AAEbLnR+88/O/Pvb9K0f/97tTy2myPb1sny/n8cN5u3+5Wh/PSft/QNWRVh3jxUTIN56HRsg31iVfZznNkG+8R/kTYbnNHvkma8of65jWrd0wzDb+x1eNhU3jjcbCwvp/8lUfjE1UCy9fWnn+8oAqCuy4T2bzLj6DwTByQ+vIoNdAAOviccO7XI17FranvbTx/sq//VSj+/ywA3b786/84Sr/nWvWOOyc/fppKu0q36PDeTweRxgP8231+1+WF49HNPusZ6/jCMNyfKFXPcd2uR73qlf94+div/pKTsvrcCrEO78/8T0dlvcY6O6O/f8Gw8gOrUGvgIA9K54318pKPJ7XF+OTNfEHauIHauIHa+KHauIwyn7/ym/S9Wrjf378T7/V/WFlP9uDOf3CFusT90dutfx43u9Wbbf8eD4x7Gnz/zn5yS9v/i2e//9ZOP//dP4tncoriLK/MO5Xb5/7Hy4MbvTI91CozoNd8q89n96cr5reWE7qWM/cVY+ZzfMd6ZXv5OZ8UyHfwbwt8kCob9w+ORjmK9sfZb1aXq/x0N5maMdEqEd5Z47m9IHQnqO92hV2ZE+EfM08HAvtmg7tejjM98XQrmpmc7vi/vNSn+NhejxOUvKFt+2u36X4XsTrMh7J6Rs5fTun7+X0wy7ljqLyeex1/n/5fM6kZvX8pZWLj+fx8jm9NdacXJ1+dpfrDWxfv9f/zKTN1/8cbk9vNjrXC0c2pled64WpMP1cj+lP5PHye/bjsQNr0xcu/HTlRzvdeBhxl1997SfPraxc/IUnnnjiSfvJoNdMwP22+MpLP1u8/OprZy699NwLF1+4+PLZx7/7nSeefHJpcW2rfrFz2x7YXzZ+9AddEwAAAAAAAAAAAKBv1YHuk3Nad3/bcj15uT49Xh/PcCjvW/k0lPsYlOs/e93XpVy/eXQX6sjO243LiQbdRqC7f7n/r8EwskOr5S7+wN4w6P7/yn0PS3r4zD+Org4l2+2nNq8v4/0LYTv2ev9zyt9f/f+1+7/qe/0Xesyaqiuhe33/cOfA3zuKTSf6LT+2v9wHdrquHpv9MZdfWvNo6q/81m9D+fFGpX36Uyj/YJ/l39X+k/dW/p9z+eVlmz/db/nrNa4am+sR9xuX+wDG/cbFX0L7y739ttz+e+yo7UYuH0bZsPQzuVXD0v9nL2W5ZT2YV8/t43Tl/tuxv4Ot1r/c97v8Djwcll/V/L7p/3O41fX/WT5/i/r/hH3nA8f/DIaRHVqt1kC7PhnVflf2ikG//oPehhx0+YN+/evE/j/j/6XY/2eMx/4/Yzz2/xnjsX+tGI/9f8bXM/b/GePHw3Jj/6AzNfEv1cRP1MS/XBM/WROP/99ifK4mfqomPlsTf6gm/khN/HRN/Gs18Udr4o/VxOdr4vvdV3M6qu2HURb7jfT9h9FRjv/0+v5P18SB4RX7dY7f76/XxIHhVc7z2Ph+T/h+w6iout+xI+5vL/tx38jp2zl9L6cf3rcKshu+kdNv5vRbOf12Ts/kdCGniznVN+Rw+/U/T5y6Xm2c53ckxPs9nzReDxDvE3O2BFq/+tz6xONzWz2f9fjnLr3edsu/x8tBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIZGY+1xaWmmSumtG2+e//f09364OmW2nWNu7XE8jy2nlJoppSqPj4flXZ1cTz/9+MqFbmmVzq09lvH0zO32vIdW509z6WaaSs9+dPz6i+8/vfLusWvHzr8+f+v+tB4AAABGw/8DAAD//0hc5kc=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(r0, 0x40786e88, &(0x7f0000000640)={{0x0, 0x0, 0x40, 0xd, 0xe2}, {0x0, 0x0, 0x10, 0x20c, 0xfffffffffffffff8}, {0x0, 0x0, 0x8, 0x1, 0x2}, {&(0x7f00000004c0)=[{0x400, 0x6, 0x6, 0x9, 0xd}, {0x2, 0x6, 0x9, 0x1, 0x25}], 0x2, 0x28, 0x0, 0xffffffffffffff2d}, {&(0x7f00000003c0)=[0x9], 0x1, 0x8, 0x98f, 0xffff}}) [ 103.619977][ T45] Bluetooth: hci0: command tx timeout [ 103.813495][ T5326] loop0: detected capacity change from 0 to 4096 [ 103.845915][ T5326] NILFS (loop0): invalid segment: Checksum error in segment payload [ 103.857501][ T5326] NILFS (loop0): trying rollback from an earlier position [ 103.889538][ T5326] NILFS (loop0): recovery complete [ 103.902403][ T5334] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 103.933961][ T5326] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] SMP KASAN NOPTI [ 103.939780][ T5326] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] [ 103.943999][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 103.948035][ T5326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 103.953410][ T5326] RIP: 0010:nilfs_mdt_save_to_shadow_map+0x141/0x1c0 [ 103.957419][ T5326] Code: 3f 4c 8d 63 d8 4c 89 e0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 e7 e8 9e 74 84 fe 4d 8b 24 24 49 83 c4 30 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 80 74 84 fe 49 8b 34 24 4c 89 ff [ 103.966625][ T5326] RSP: 0018:ffffc9000f237708 EFLAGS: 00010206 [ 103.969736][ T5326] RAX: 0000000000000006 RBX: ffff888011a247a8 RCX: 0000000000000002 [ 103.973615][ T5326] RDX: ffff888034f98000 RSI: 0000000000000000 RDI: 0000000000000000 [ 103.977509][ T5326] RBP: 0000000000000000 R08: ffff888034f98000 R09: 0000000000000003 [ 103.981596][ T5326] R10: 0000000000000406 R11: 0000000000000002 R12: 0000000000000030 [ 103.985434][ T5326] R13: dffffc0000000000 R14: ffff8880125b5940 R15: ffff888011a23c48 [ 103.989359][ T5326] FS: 00007f7ea928b6c0(0000) GS:ffff88808ca49000(0000) knlGS:0000000000000000 [ 103.993559][ T5326] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.996727][ T5326] CR2: 00007f7ea86107e0 CR3: 000000003b57a000 CR4: 0000000000352ef0 [ 104.000703][ T5326] Call Trace: [ 104.002409][ T5326] [ 104.003837][ T5326] nilfs_clean_segments+0x162/0xa50 [ 104.007277][ T5326] ? nilfs_ioctl_move_blocks+0x94b/0xda0 [ 104.010212][ T5326] ? __pfx_nilfs_clean_segments+0x10/0x10 [ 104.013132][ T5326] ? _copy_from_user+0x94/0xb0 [ 104.015673][ T5326] nilfs_ioctl+0x261f/0x2780 [ 104.017846][ T5326] ? __pfx_nilfs_ioctl+0x10/0x10 [ 104.020244][ T5326] ? kasan_save_track+0x4f/0x80 [ 104.022854][ T5326] ? kasan_save_track+0x3e/0x80 [ 104.025450][ T5326] ? kasan_save_free_info+0x46/0x50 [ 104.027920][ T5326] ? __kasan_slab_free+0x5c/0x80 [ 104.030095][ T5326] ? kfree+0x1c1/0x630 [ 104.032024][ T5326] ? tomoyo_path_number_perm+0x501/0x630 [ 104.034985][ T5326] ? security_file_ioctl+0xc3/0x2a0 [ 104.037718][ T5326] ? __se_sys_ioctl+0x47/0x170 [ 104.039899][ T5326] ? do_syscall_64+0x14d/0xf80 [ 104.042042][ T5326] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.044900][ T5326] ? kasan_quarantine_put+0xbb/0x1f0 [ 104.047540][ T5326] ? tomoyo_path_number_perm+0x219/0x630 [ 104.050451][ T5326] ? tomoyo_path_number_perm+0x219/0x630 [ 104.053382][ T5326] ? do_vfs_ioctl+0x1166/0x1530 [ 104.055852][ T5326] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 104.058331][ T5326] ? do_futex+0x333/0x420 [ 104.060456][ T5326] ? __fget_files+0x2a/0x420 [ 104.062754][ T5326] ? __fget_files+0x2a/0x420 [ 104.065191][ T5326] ? __fget_files+0x3a0/0x420 [ 104.067507][ T5326] ? __fget_files+0x2a/0x420 [ 104.069531][ T5326] ? bpf_lsm_file_ioctl+0x9/0x20 [ 104.071968][ T5326] ? __pfx_nilfs_ioctl+0x10/0x10 [ 104.074586][ T5326] __se_sys_ioctl+0xfc/0x170 [ 104.076976][ T5326] do_syscall_64+0x14d/0xf80 [ 104.079182][ T5326] ? trace_irq_disable+0x3b/0x150 [ 104.081295][ T5326] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.083753][ T5326] ? clear_bhb_loop+0x40/0x90 [ 104.085922][ T5326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.088834][ T5326] RIP: 0033:0x7f7ea839c819 [ 104.090746][ T5326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 104.099622][ T5326] RSP: 002b:00007f7ea928afe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 104.103541][ T5326] RAX: ffffffffffffffda RBX: 00007f7ea8615fa0 RCX: 00007f7ea839c819 [ 104.107239][ T5326] RDX: 0000200000000640 RSI: 0000000040786e88 RDI: 0000000000000004 [ 104.111276][ T5326] RBP: 00007f7ea8432c91 R08: 0000000000000000 R09: 0000000000000000 [ 104.115286][ T5326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 104.118736][ T5326] R13: 00007f7ea8616038 R14: 00007f7ea8615fa0 R15: 00007ffe213dfe08 [ 104.122152][ T5326] [ 104.123581][ T5326] Modules linked in: [ 104.126656][ T5326] ---[ end trace 0000000000000000 ]--- [ 104.140171][ T5326] RIP: 0010:nilfs_mdt_save_to_shadow_map+0x141/0x1c0 [ 104.143558][ T5326] Code: 3f 4c 8d 63 d8 4c 89 e0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 e7 e8 9e 74 84 fe 4d 8b 24 24 49 83 c4 30 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 80 74 84 fe 49 8b 34 24 4c 89 ff [ 104.156173][ T5326] RSP: 0018:ffffc9000f237708 EFLAGS: 00010206 [ 104.159442][ T5326] RAX: 0000000000000006 RBX: ffff888011a247a8 RCX: 0000000000000002 [ 104.162816][ T5326] RDX: ffff888034f98000 RSI: 0000000000000000 RDI: 0000000000000000 [ 104.166864][ T5326] RBP: 0000000000000000 R08: ffff888034f98000 R09: 0000000000000003 [ 104.171451][ T5326] R10: 0000000000000406 R11: 0000000000000002 R12: 0000000000000030 [ 104.175711][ T5326] R13: dffffc0000000000 R14: ffff8880125b5940 R15: ffff888011a23c48 [ 104.180081][ T5326] FS: 00007f7ea928b6c0(0000) GS:ffff88808ca49000(0000) knlGS:0000000000000000 [ 104.184751][ T5326] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.187990][ T5326] CR2: 00007f7ea86107e0 CR3: 000000003b57a000 CR4: 0000000000352ef0 [ 104.192206][ T5326] Kernel panic - not syncing: Fatal exception [ 104.196031][ T5326] Kernel Offset: disabled [ 104.198147][ T5326] Rebooting in 86400 seconds..