syzbot

------------[ cut here ]------------
kernel BUG at fs/f2fs/segment.c:2746!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.13.0-rc3-syzkaller-00082-gbaaa2567a712 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
RIP: 0010:get_new_segment fs/f2fs/segment.c:2746 [inline]
RIP: 0010:new_curseg+0x1f52/0x1f70 fs/f2fs/segment.c:2876
Code: fe fd e9 1a fa ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 4c fa ff ff 48 89 df e8 a9 1f fe fd e9 3f fa ff ff e8 0f c0 97 fd 90 <0f> 0b e8 07 c0 97 fd 90 0f 0b e8 ff bf 97 fd 90 0f 0b e8 f7 bf 97
RSP: 0018:ffffc9000d32f528 EFLAGS: 00010293
RAX: ffffffff8407b3e1 RBX: 0000000000000018 RCX: ffff888000bf4880
RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000000000000018
RBP: dffffc0000000000 R08: ffffffff8407a215 R09: fffff52001a65e94
R10: dffffc0000000000 R11: fffff52001a65e94 R12: 0000000000000018
R13: ffff8880431f9101 R14: 0000000000000018 R15: ffff8880119ba4d8
FS:  00007fa4e39826c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffc21660c00 CR3: 0000000042ce2000 CR4: 0000000000352ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __allocate_new_segment+0x1ce/0x940 fs/f2fs/segment.c:3210
 f2fs_allocate_new_section fs/f2fs/segment.c:3224 [inline]
 f2fs_allocate_pinning_section+0xfa/0x4e0 fs/f2fs/segment.c:3238
 f2fs_expand_inode_data+0x696/0xca0 fs/f2fs/file.c:1830
 f2fs_fallocate+0x537/0xa10 fs/f2fs/file.c:1940
 vfs_fallocate+0x569/0x6e0 fs/open.c:327
 do_vfs_ioctl+0x258c/0x2e40 fs/ioctl.c:885
 __do_sys_ioctl fs/ioctl.c:904 [inline]
 __se_sys_ioctl+0x80/0x170 fs/ioctl.c:892
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa4e2b85d29
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fa4e3982038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fa4e2d76080 RCX: 00007fa4e2b85d29
RDX: 00000000200000c0 RSI: 0000000040305828 RDI: 0000000000000008
RBP: 00007fa4e2c01aa8 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fa4e2d76080 R15: 00007ffc216613e8
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:get_new_segment fs/f2fs/segment.c:2746 [inline]
RIP: 0010:new_curseg+0x1f52/0x1f70 fs/f2fs/segment.c:2876
Code: fe fd e9 1a fa ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 4c fa ff ff 48 89 df e8 a9 1f fe fd e9 3f fa ff ff e8 0f c0 97 fd 90 <0f> 0b e8 07 c0 97 fd 90 0f 0b e8 ff bf 97 fd 90 0f 0b e8 f7 bf 97
RSP: 0018:ffffc9000d32f528 EFLAGS: 00010293
RAX: ffffffff8407b3e1 RBX: 0000000000000018 RCX: ffff888000bf4880
RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000000000000018
RBP: dffffc0000000000 R08: ffffffff8407a215 R09: fffff52001a65e94
R10: dffffc0000000000 R11: fffff52001a65e94 R12: 0000000000000018
R13: ffff8880431f9101 R14: 0000000000000018 R15: ffff8880119ba4d8
FS:  00007fa4e39826c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffc21660c00 CR3: 0000000042ce2000 CR4: 0000000000352ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400