program:
syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x90, &(0x7f0000003280)=ANY=[], 0x4, 0xda9, &(0x7f0000000e00)="$eJzs3UtvXNUdAPBzx544LxoHm9pN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOiOH/F4PL+fdOfMvf977zlnHnfu3Mc5CRhajbXHxcXpKqW3b7118d7M6P9Wp8y05phdexzNY0sppWZruZTGw/qWxtbTzz65dqk9/TynVbqQqlS1pqdn77aWPZZSup5m0+00np77eOrmSx88s/zexI2Ji2/M3XkwtQcAgOFy70fv/vJvj//w2sn///7MUhprTS/750t5/Hje71+q1sdz0vofULWlVdt4cSjMN5qHRphvpMN87fk0w3yjXfI/FNbb7DLfWE3+I23TOtUbBtnG//iqMb9pvNGYn1//T77qw5FD1fwrV5ZfuNqnggK77tOZfIjPYDAM3bByot9bIIB18bzhfa7HIws701rbaG/533260Xl52AV7/fmX/2Dl/+4NWxx2z0H9NJV6le/R8TwezyOMhuW2+v0v64vnI5o9lrPbeYRBOb/QrZwje1yO7epW/vi5OKi+ltPyOpwJ8fbvT3xPB+U9Bjq75/i/wTC0w0q/N0DAvhWvm1vJSjxe1xfjYzXxwzXxIzXxozXxYzVxGGZ/ePW36Wa18T8//qff6vGwcpztoZx+aYvliccjt5p/vO53q3aaf7yeGPa1uf+e/vTXt/8er///PFz/fzb/lo7nDUQ5XhiPq7eu/Q83Bje6zPdwKM5DHeZfez65eb5qcmM9qW07c185pjcvd6LbfKc3zzce5jua90UOh/LG/ZOjYbmy/1G2q+X1Gg31bYZ6HArlKO/MyZweDvU52a1e4UD2oTBfMw8ToV6ToV6PhOW+HOpVTW+uVzx+XsozFabH8yRlvvC23fe7FN+LeF/Gozl9M6fv5PT9nH7UId9hVD6P3a7/L5/P6dSsXriyfPmJPF4+p3dGmmOr08/vcbmBnev1/p/ptPn+n+Ot6c1G+3bhxMb0qn27MB6mX+gy/ck8Xn7PfjpyZG36/KWfL/9ktysPQ+7qa6//7Pnl5cu/8sQTTzxpPen3lgl40BZeffkXC1dfe/3clZeff/Hyi5dfOf/E97/35FNPLS6s7dUvtO/bAwfLxo9+v0sCAAAAAAAAAAAA9Kw60nlyTuvaty33k5f70+P98QyG8r6VT0Npx6Dc/9mtXZdy/+bJPSgju28vbifqdx2Bzv6t/V/DQRxKQ4/9Lsc+H1ZWtOIP7A/97v+vtHtY0uPn/nlydSiz3X168/Yytl8IO7Hf+5+T/8Hq/6/V/1XP27/QY9b49vL9470j/2jLNp3qNf9Y/9IO7OTW8v9Tzr/U5rHUW/4rvwv5x4ZKe/TnkP/RHvO/r/6nt5f/X3L+5WWbO9tr/uslrhqbyxGPG5d2AONx4+Kvof6lbb8t13+bHbXdyvnDMBuUfia3alD6/+ymrLdsB/PmuXWerrS/Hfs72Gr5S7vf5XfgkbD+qub3Tf+fg62u/8/y+VvQ/yccOB86/3cQho3LrvpfFsMADSsrK33t+mRY+13ZL/r9+vd7H7Lf+ff79a8T+/+M/5di/58xHvv/jPHY/2eMx/61Yjz2/xlfz9j/Z4xPhfXG/kGna+JfqYmfqol/tSZ+uiYe/7/F+GxN/ExNfKYm/nBN/NGa+Nma+Ddq4o/VxB+vic/VxA+6r+d0WOsPwyz2G+n7D8OjnP/p9v2frIkDgyv26xy/39+siQODq1zn4fsNQ6jq3GJHPN5ejuO+mdN3cvp+Tj96YAVkL3wrp9/O6Xdy+t2cnsvpfE4XcqpvyMH2m3+dOnOz2rjO70SI93o9abwfILYTc77H8lSN7eVfTPWYT9f8087y3+btIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADo7H2uLg4XaX09q23Lv5n8gc/Xp0y05pjdu1xNI8tpZSaKaUqj4+G9V0fW08/++TapU5plS6sPZbx9Ozd1rLHVpdPs+l2Gk/PfTx186UPnll+b+LGxMU35u48mNoDAADAcPgiAAD//+Zz7UM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(r0, 0x40786e88, &(0x7f0000000640)={{0x0, 0x0, 0x40, 0xd, 0xe2}, {&(0x7f0000000300)=[{0x1, 0x700}], 0x1f, 0x10, 0x20c, 0xfffffffffffffff8}, {0x0, 0x0, 0x8, 0x1, 0x2}, {0x0, 0x0, 0x28, 0x0, 0xffffffffffffff2d}, {&(0x7f00000003c0)=[0x9], 0x1, 0x8, 0x98f, 0xffff}})

[   86.692071][ T4669] Bluetooth: hci0: command tx timeout
[   86.828860][ T5331] loop0: detected capacity change from 0 to 4096
[   86.880327][ T5331] NILFS (loop0): invalid segment: Checksum error in segment payload
[   86.893237][ T5331] NILFS (loop0): trying rollback from an earlier position
[   86.932743][ T5331] NILFS (loop0): recovery complete
[   86.945746][ T5333] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   86.964648][ T5331] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] SMP KASAN NOPTI
[   86.971638][ T5331] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]
[   86.976047][ T5331] CPU: 0 UID: 0 PID: 5331 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   86.980045][ T5331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   86.984554][ T5331] RIP: 0010:nilfs_mdt_save_to_shadow_map+0x141/0x1c0
[   86.987732][ T5331] Code: 3f 4c 8d 63 d8 4c 89 e0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 e7 e8 1e ac 84 fe 4d 8b 24 24 49 83 c4 30 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 00 ac 84 fe 49 8b 34 24 4c 89 ff
[   86.997058][ T5331] RSP: 0018:ffffc9000dc3f708 EFLAGS: 00010206
[   86.999984][ T5331] RAX: 0000000000000006 RBX: ffff88801f0307a8 RCX: 0000000000000002
[   87.004479][ T5331] RDX: ffff888012adc980 RSI: 0000000000000000 RDI: 0000000000000000
[   87.008898][ T5331] RBP: 0000000000000000 R08: ffff888012adc980 R09: 0000000000000003
[   87.012337][ T5331] R10: 0000000000000406 R11: 0000000000000002 R12: 0000000000000030
[   87.015752][ T5331] R13: dffffc0000000000 R14: ffff88801292d940 R15: ffff88801f05fc48
[   87.019224][ T5331] FS:  00007fa9571716c0(0000) GS:ffff88808ca55000(0000) knlGS:0000000000000000
[   87.025006][ T5331] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   87.028097][ T5331] CR2: 00007fa9566064b0 CR3: 000000001241d000 CR4: 0000000000352ef0
[   87.031915][ T5331] Call Trace:
[   87.033623][ T5331]  <TASK>
[   87.035154][ T5331]  nilfs_clean_segments+0x162/0xa50
[   87.037601][ T5331]  ? nilfs_ioctl_move_blocks+0x94b/0xda0
[   87.040606][ T5331]  ? __pfx_nilfs_clean_segments+0x10/0x10
[   87.044846][ T5331]  ? _copy_from_user+0x94/0xb0
[   87.047751][ T5331]  nilfs_ioctl+0x261f/0x2780
[   87.049846][ T5331]  ? __pfx_nilfs_ioctl+0x10/0x10
[   87.051951][ T5331]  ? kasan_save_track+0x4f/0x80
[   87.054150][ T5331]  ? kasan_save_track+0x3e/0x80
[   87.056392][ T5331]  ? kasan_save_free_info+0x46/0x50
[   87.058749][ T5331]  ? __kasan_slab_free+0x5c/0x80
[   87.061033][ T5331]  ? kfree+0x1c1/0x630
[   87.063279][ T5331]  ? tomoyo_path_number_perm+0x501/0x630
[   87.066489][ T5331]  ? security_file_ioctl+0xc3/0x2a0
[   87.069053][ T5331]  ? __se_sys_ioctl+0x47/0x170
[   87.071203][ T5331]  ? do_syscall_64+0x14d/0xf80
[   87.073668][ T5331]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.076796][ T5331]  ? kasan_quarantine_put+0xbb/0x1f0
[   87.080026][ T5331]  ? tomoyo_path_number_perm+0x219/0x630
[   87.083041][ T5331]  ? tomoyo_path_number_perm+0x219/0x630
[   87.085783][ T5331]  ? do_vfs_ioctl+0x1166/0x1530
[   87.088124][ T5331]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   87.090605][ T5331]  ? do_futex+0x333/0x420
[   87.092825][ T5331]  ? __fget_files+0x2a/0x420
[   87.095218][ T5331]  ? __fget_files+0x2a/0x420
[   87.097480][ T5331]  ? __fget_files+0x3a0/0x420
[   87.099663][ T5331]  ? __fget_files+0x2a/0x420
[   87.101878][ T5331]  ? bpf_lsm_file_ioctl+0x9/0x20
[   87.104483][ T5331]  ? __pfx_nilfs_ioctl+0x10/0x10
[   87.107295][ T5331]  __se_sys_ioctl+0xfc/0x170
[   87.109581][ T5331]  do_syscall_64+0x14d/0xf80
[   87.111678][ T5331]  ? trace_irq_disable+0x3b/0x150
[   87.113941][ T5331]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.116789][ T5331]  ? clear_bhb_loop+0x40/0x90
[   87.119642][ T5331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.122557][ T5331] RIP: 0033:0x7fa95639c799
[   87.124606][ T5331] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   87.134522][ T5331] RSP: 002b:00007fa957170fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   87.138452][ T5331] RAX: ffffffffffffffda RBX: 00007fa956615fa0 RCX: 00007fa95639c799
[   87.142130][ T5331] RDX: 0000200000000640 RSI: 0000000040786e88 RDI: 0000000000000004
[   87.146109][ T5331] RBP: 00007fa956432c99 R08: 0000000000000000 R09: 0000000000000000
[   87.150008][ T5331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   87.153488][ T5331] R13: 00007fa956616038 R14: 00007fa956615fa0 R15: 00007ffde04e3798
[   87.158032][ T5331]  </TASK>
[   87.160188][ T5331] Modules linked in:
[   87.163335][ T5331] ---[ end trace 0000000000000000 ]---
[   87.331263][ T5331] RIP: 0010:nilfs_mdt_save_to_shadow_map+0x141/0x1c0
[   87.334330][ T5331] Code: 3f 4c 8d 63 d8 4c 89 e0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 e7 e8 1e ac 84 fe 4d 8b 24 24 49 83 c4 30 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 00 ac 84 fe 49 8b 34 24 4c 89 ff
[   87.361557][ T5331] RSP: 0018:ffffc9000dc3f708 EFLAGS: 00010206
[   87.366157][ T5331] RAX: 0000000000000006 RBX: ffff88801f0307a8 RCX: 0000000000000002
[   87.371574][ T5331] RDX: ffff888012adc980 RSI: 0000000000000000 RDI: 0000000000000000
[   87.381884][ T5331] RBP: 0000000000000000 R08: ffff888012adc980 R09: 0000000000000003
[   87.391580][ T5331] R10: 0000000000000406 R11: 0000000000000002 R12: 0000000000000030
[   87.398146][ T5331] R13: dffffc0000000000 R14: ffff88801292d940 R15: ffff88801f05fc48
[   87.406217][ T5331] FS:  00007fa9571716c0(0000) GS:ffff88808ca55000(0000) knlGS:0000000000000000
[   87.411464][ T5331] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   87.414786][ T5331] CR2: 00007fec3df909c0 CR3: 000000001241d000 CR4: 0000000000352ef0
[   87.419388][ T5331] Kernel panic - not syncing: Fatal exception
[   87.422900][ T5331] Kernel Offset: disabled
[   87.424829][ T5331] Rebooting in 86400 seconds..