F2FS-fs (loop0): Found nat_bits in checkpoint
F2FS-fs (loop0): access invalid blkaddr:1232352068
------------[ cut here ]------------
WARNING: CPU: 0 PID: 5427 at fs/f2fs/checkpoint.c:191 __lse_atomic64_or arch/arm64/include/asm/atomic_lse.h:177 [inline]
WARNING: CPU: 0 PID: 5427 at fs/f2fs/checkpoint.c:191 arch_atomic64_or arch/arm64/include/asm/atomic.h:65 [inline]
WARNING: CPU: 0 PID: 5427 at fs/f2fs/checkpoint.c:191 atomic64_or include/asm-generic/atomic-instrumented.h:1328 [inline]
WARNING: CPU: 0 PID: 5427 at fs/f2fs/checkpoint.c:191 atomic_long_or include/asm-generic/atomic-long.h:329 [inline]
WARNING: CPU: 0 PID: 5427 at fs/f2fs/checkpoint.c:191 set_bit include/asm-generic/bitops/atomic.h:17 [inline]
WARNING: CPU: 0 PID: 5427 at fs/f2fs/checkpoint.c:191 set_sbi_flag fs/f2fs/f2fs.h:1840 [inline]
WARNING: CPU: 0 PID: 5427 at fs/f2fs/checkpoint.c:191 f2fs_is_valid_blkaddr+0xac8/0xe80 fs/f2fs/checkpoint.c:190
Modules linked in:
CPU: 0 PID: 5427 Comm: syz-executor.0 Not tainted 5.11.0-syzkaller-09786-g3b9cdafb5358 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60000005 (nZCv daif -PAN -UAO -TCO BTYPE=--)
pc : f2fs_is_valid_blkaddr+0xac8/0xe80 fs/f2fs/checkpoint.c:191
lr : instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
lr : atomic64_or include/asm-generic/atomic-instrumented.h:1327 [inline]
lr : atomic_long_or include/asm-generic/atomic-long.h:329 [inline]
lr : set_bit include/asm-generic/bitops/atomic.h:17 [inline]
lr : set_sbi_flag fs/f2fs/f2fs.h:1840 [inline]
lr : f2fs_is_valid_blkaddr+0xab4/0xe80 fs/f2fs/checkpoint.c:190
sp : ffff000039a4f2f0
x29: ffff000039a4f2f0 x28: fffffc000068a180 
x27: 0000000000000009 x26: ffff000032424168 
x25: 1fffe0000648482d x24: 0000000000000200 
x23: 0000000000004000 x22: ffff000019886000 
x21: 0000000049743344 x20: ffff000032424000 
x19: ffff0000324240b8 x18: ffff00006a255b48 
x17: 0000000000000000 x16: 0000000000000000 
x15: ffff80001b092810 x14: 1fffe00007349d7a 
x13: 0000000000000000 x12: ffff600006484818 
x11: 1fffe00006484817 x10: ffff600006484817 
x9 : dfff800000000000 x8 : ffff0000324240bf 
x7 : 0000000000000001 x6 : 00009ffff9b7b7e9 
x5 : ffff0000324240b8 x4 : ffff600006484818 
x3 : ffff800011d8c754 x2 : ffff0000324240b8 
x1 : 0000000000000000 x0 : 000000000000000c 
Call trace:
 __lse_atomic64_or arch/arm64/include/asm/atomic_lse.h:177 [inline]
 arch_atomic64_or arch/arm64/include/asm/atomic.h:65 [inline]
 atomic64_or include/asm-generic/atomic-instrumented.h:1328 [inline]
 atomic_long_or include/asm-generic/atomic-long.h:329 [inline]
 set_bit include/asm-generic/bitops/atomic.h:17 [inline]
 set_sbi_flag fs/f2fs/f2fs.h:1840 [inline]
 f2fs_is_valid_blkaddr+0xac8/0xe80 fs/f2fs/checkpoint.c:190
 f2fs_get_node_info+0x3f0/0x98c fs/f2fs/node.c:574
 read_node_page+0x2f4/0x5f0 fs/f2fs/node.c:1297
 __get_node_page.part.0+0x98/0xa80 fs/f2fs/node.c:1357
 __get_node_page fs/f2fs/node.c:34 [inline]
 f2fs_get_node_page+0xc8/0x110 fs/f2fs/node.c:1402
 do_read_inode fs/f2fs/inode.c:346 [inline]
 f2fs_iget+0x180/0x4950 fs/f2fs/inode.c:497
 f2fs_fill_super+0x2c60/0x68b0 fs/f2fs/super.c:3885
 mount_bdev+0x298/0x364 fs/super.c:1367
 f2fs_mount+0x18/0x24 fs/f2fs/super.c:4105
 legacy_get_tree+0xd0/0x190 fs/fs_context.c:592
 vfs_get_tree+0x74/0x2a0 fs/super.c:1497
 do_new_mount fs/namespace.c:2881 [inline]
 path_mount+0xf64/0x2170 fs/namespace.c:3211
 do_mount fs/namespace.c:3224 [inline]
 __do_sys_mount fs/namespace.c:3432 [inline]
 __se_sys_mount fs/namespace.c:3409 [inline]
 __arm64_sys_mount+0x2ec/0x520 fs/namespace.c:3409
 __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]
 invoke_syscall arch/arm64/kernel/syscall.c:49 [inline]
 el0_svc_common.constprop.0+0xf0/0x2c0 arch/arm64/kernel/syscall.c:129
 do_el0_svc+0xa4/0xd0 arch/arm64/kernel/syscall.c:168
 el0_svc+0x24/0x34 arch/arm64/kernel/entry-common.c:416
 el0_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:432
 el0_sync+0x170/0x180 arch/arm64/kernel/entry.S:699