syzbot

F2FS-fs (loop0): Found nat_bits in checkpoint
F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
F2FS-fs (loop0): Corrupted max_depth of 3: 16842753
------------[ cut here ]------------
WARNING: CPU: 0 PID: 4498 at fs/inode.c:332 drop_nlink+0xe4/0x134 fs/inode.c:332
Modules linked in:
CPU: 0 PID: 4498 Comm: syz.0.17 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/02/2026
pstate: 82400005 (Nzcv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
pc : drop_nlink+0xe4/0x134 fs/inode.c:332
lr : drop_nlink+0xe4/0x134 fs/inode.c:332
sp : ffff800020df77c0
x29: ffff800020df77c0 x28: ffff0000c413e03f x27: ffff0000f3011238
x26: ffff0000c06508d0 x25: ffff0000f3011b18 x24: 0000000000008000
x23: 1fffe0001e60248d x22: ffff0000f3012468 x21: dfff800000000000
x20: 0000000000000000 x19: ffff0000f3012420 x18: 0000000000000000
x17: ffff80000a5175d4 x16: ffff8000082d86b8 x15: 000000000004ffff
x14: 0000000000000001 x13: 1fffe0001e60251b x12: 0000000000000000
x11: ff00800008a1b38c x10: 0000000000000000 x9 : ffff800008a1b38c
x8 : ffff0000d1be1c00 x7 : ffff80000a2c322c x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000082d88b0
x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
 drop_nlink+0xe4/0x134 fs/inode.c:332
 f2fs_i_links_write fs/f2fs/f2fs.h:3058 [inline]
 f2fs_rename fs/f2fs/namei.c:992 [inline]
 f2fs_rename2+0x1228/0x1c88 fs/f2fs/namei.c:1267
 vfs_rename+0xb08/0xe3c fs/namei.c:4882
 do_renameat2+0x760/0xaa4 fs/namei.c:5035
 __do_sys_renameat2 fs/namei.c:5068 [inline]
 __se_sys_renameat2 fs/namei.c:5065 [inline]
 __arm64_sys_renameat2+0xe8/0x104 fs/namei.c:5065
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x290 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x13c/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x5c/0x134 arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x128 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
irq event stamp: 272604
hardirqs last  enabled at (272603): [<ffff8000083cceb0>] seqcount_lockdep_reader_access include/linux/seqlock.h:104 [inline]
hardirqs last  enabled at (272603): [<ffff8000083cceb0>] ktime_get_coarse_real_ts64+0x114/0x244 kernel/time/timekeeping.c:2261
hardirqs last disabled at (272604): [<ffff800011b3a55c>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last  enabled at (272446): [<ffff800008031254>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (272444): [<ffff800008031220>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19
---[ end trace 0000000000000000 ]---