loop3: detected capacity change from 0 to 40427
F2FS-fs (loop3): Found nat_bits in checkpoint
F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
------------[ cut here ]------------
kernel BUG at fs/f2fs/extent_cache.c:1191!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 5613 Comm: syz-executor.3 Not tainted 6.2.0-rc8-syzkaller-00002-gb408817d4884 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
RIP: 0010:__destroy_extent_tree+0x64a/0x7f0 fs/f2fs/extent_cache.c:1191
Code: 04 00 00 00 49 8d 9c 07 e8 0c 00 00 48 89 df e8 6c e5 21 fe f0 ff 03 48 8b 3c 24 e8 d0 6f 5e 06 e9 93 fc ff ff e8 a6 9c d4 fd <0f> 0b e8 9f 9c d4 fd e8 fa 6e 5c 06 31 ff 89 c3 89 c6 e8 3f 99 d4
RSP: 0018:ffffc900034079e0 EFLAGS: 00010246
RAX: 0000000000040000 RBX: 0000000000000000 RCX: ffffc90005b65000
RDX: 0000000000040000 RSI: ffffffff83ab7cba RDI: 0000000000000005
RBP: ffff888048307140 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
R13: ffff8880480f8110 R14: 0000000000000001 R15: ffff888070148000
FS:  00007fb38f707700(0000) GS:ffff88802c600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2e22b000 CR3: 000000006fa60000 CR4: 0000000000150ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 f2fs_destroy_extent_tree+0x17/0x30 fs/f2fs/extent_cache.c:1204
 f2fs_evict_inode+0x38b/0x1df0 fs/f2fs/inode.c:789
 evict+0x2ed/0x6b0 fs/inode.c:664
 iput_final fs/inode.c:1747 [inline]
 iput.part.0+0x59b/0x880 fs/inode.c:1773
 iput+0x5c/0x80 fs/inode.c:1763
 f2fs_abort_atomic_write+0xea/0x4f0 fs/f2fs/segment.c:196
 f2fs_release_file+0xc8/0xf0 fs/f2fs/file.c:1869
 __fput+0x27c/0xa90 fs/file_table.c:320
 task_work_run+0x16f/0x270 kernel/task_work.c:179
 get_signal+0x1c7/0x2450 kernel/signal.c:2635
 arch_do_signal_or_restart+0x79/0x5c0 arch/x86/kernel/signal.c:306
 exit_to_user_mode_loop kernel/entry/common.c:168 [inline]
 exit_to_user_mode_prepare+0x15f/0x250 kernel/entry/common.c:203
 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:296
 do_syscall_64+0x46/0xb0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fb38ea8c0f9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fb38f707168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: 0000000000f58000 RBX: 00007fb38ebabf80 RCX: 00007fb38ea8c0f9
RDX: 000000000208e24b RSI: 0000000020000040 RDI: 0000000000000004
RBP: 00007fb38eae7ae9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc76a89f8f R14: 00007fb38f707300 R15: 0000000000022000
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__destroy_extent_tree+0x64a/0x7f0 fs/f2fs/extent_cache.c:1191
Code: 04 00 00 00 49 8d 9c 07 e8 0c 00 00 48 89 df e8 6c e5 21 fe f0 ff 03 48 8b 3c 24 e8 d0 6f 5e 06 e9 93 fc ff ff e8 a6 9c d4 fd <0f> 0b e8 9f 9c d4 fd e8 fa 6e 5c 06 31 ff 89 c3 89 c6 e8 3f 99 d4
RSP: 0018:ffffc900034079e0 EFLAGS: 00010246
RAX: 0000000000040000 RBX: 0000000000000000 RCX: ffffc90005b65000
RDX: 0000000000040000 RSI: ffffffff83ab7cba RDI: 0000000000000005
RBP: ffff888048307140 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
R13: ffff8880480f8110 R14: 0000000000000001 R15: ffff888070148000
FS:  00007fb38f707700(0000) GS:ffff88802c600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2e22b000 CR3: 000000006fa60000 CR4: 0000000000150ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400