NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
general protection fault, probably for non-canonical address 0xdffffc000000002d: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000168-0x000000000000016f]
CPU: 0 PID: 3606 Comm: segctord Not tainted 6.1.0-rc2-syzkaller-00105-gb229b6ca5abb #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
RIP: 0010:_compound_head include/linux/page-flags.h:253 [inline]
RIP: 0010:lock_page+0x3a/0x2b0 include/linux/pagemap.h:958
Code: 00 fc ff df e8 57 9a 38 fe 48 c7 c7 e0 53 d5 8a be bc 03 00 00 e8 76 ea 0d fe 2e 2e 2e 31 c0 49 8d 5e 08 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 c7 92 8c fe 48 8b 1b 48 89 de 48
RSP: 0018:ffffc90003bef698 EFLAGS: 00010206
RAX: 000000000000002d RBX: 0000000000000168 RCX: ffff888074170000
RDX: ffff888074170000 RSI: ffff88807417043c RDI: ffffc90003bef620
RBP: ffffc90003befbf0 R08: ffffffff81b446e9 R09: fffff9400038aa01
R10: fffff9400038aa01 R11: 1ffffd400038aa00 R12: 1ffff1100e3964b0
R13: 0000000000000160 R14: 0000000000000160 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f882b7a71d0 CR3: 000000000c88e000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 nilfs_segctor_prepare_write fs/nilfs2/segment.c:1664 [inline]
 nilfs_segctor_do_construct+0x4ae9/0x6f80 fs/nilfs2/segment.c:2074
 nilfs_segctor_construct+0x143/0x8d0 fs/nilfs2/segment.c:2379
 nilfs_segctor_thread_construct fs/nilfs2/segment.c:2487 [inline]
 nilfs_segctor_thread+0x59e/0x11c0 fs/nilfs2/segment.c:2570
 kthread+0x266/0x300 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:_compound_head include/linux/page-flags.h:253 [inline]
RIP: 0010:lock_page+0x3a/0x2b0 include/linux/pagemap.h:958
Code: 00 fc ff df e8 57 9a 38 fe 48 c7 c7 e0 53 d5 8a be bc 03 00 00 e8 76 ea 0d fe 2e 2e 2e 31 c0 49 8d 5e 08 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 c7 92 8c fe 48 8b 1b 48 89 de 48
RSP: 0018:ffffc90003bef698 EFLAGS: 00010206
RAX: 000000000000002d RBX: 0000000000000168 RCX: ffff888074170000
RDX: ffff888074170000 RSI: ffff88807417043c RDI: ffffc90003bef620
RBP: ffffc90003befbf0 R08: ffffffff81b446e9 R09: fffff9400038aa01
R10: fffff9400038aa01 R11: 1ffffd400038aa00 R12: 1ffff1100e3964b0
R13: 0000000000000160 R14: 0000000000000160 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000556434238eb0 CR3: 000000000c88e000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess), 4 bytes skipped:
   0:	e8 57 9a 38 fe       	callq  0xfe389a5c
   5:	48 c7 c7 e0 53 d5 8a 	mov    $0xffffffff8ad553e0,%rdi
   c:	be bc 03 00 00       	mov    $0x3bc,%esi
  11:	e8 76 ea 0d fe       	callq  0xfe0dea8c
  16:	2e 2e 2e 31 c0       	cs cs cs xor %eax,%eax
  1b:	49 8d 5e 08          	lea    0x8(%r14),%rbx
  1f:	48 89 d8             	mov    %rbx,%rax
  22:	48 c1 e8 03          	shr    $0x3,%rax
* 26:	42 80 3c 38 00       	cmpb   $0x0,(%rax,%r15,1) <-- trapping instruction
  2b:	74 08                	je     0x35
  2d:	48 89 df             	mov    %rbx,%rdi
  30:	e8 c7 92 8c fe       	callq  0xfe8c92fc
  35:	48 8b 1b             	mov    (%rbx),%rbx
  38:	48 89 de             	mov    %rbx,%rsi
  3b:	48                   	rex.W