bisecting fixing commit since a1b977b49b66c75e6c51a515f6700371ae720217
building syzkaller on d32b0bbf2f8cfe548553c4012e2c0f79040d999f
testing commit a1b977b49b66c75e6c51a515f6700371ae720217 with gcc (GCC) 8.1.0
kernel signature: fb346b2aa8504c86a9799c148c86cddcf5fb2350f912224b0eb55c7fe76bfa67
all runs: crashed: BUG: unable to handle kernel paging request in dquot_add_space
testing current HEAD 13d2ce42de8cb98ff952f8de6307f896203854c2
testing commit 13d2ce42de8cb98ff952f8de6307f896203854c2 with gcc (GCC) 8.1.0
kernel signature: 07d52793d47a69a9e66290b8d9fe8c7d49359751ad3206f2e21912d361cbc5f7
all runs: crashed: BUG: unable to handle kernel paging request in dquot_add_space
revisions tested: 2, total time: 29m40.856360338s (build: 23m22.155478109s, test: 5m35.879477514s)
the crash still happens on HEAD
commit msg: Linux 4.19.163
crash: BUG: unable to handle kernel paging request in dquot_add_space
Bluetooth: hci1: command 0x0419 tx timeout
wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
Bluetooth: hci0: command 0x0419 tx timeout
BUG: unable to handle kernel paging request at fffffbfff9161860
wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
PGD 23ffea067 P4D 23ffea067 PUD 23fe5e067 PMD 0 
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 7418 Comm: syz-executor.1 Not tainted 4.19.163-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:dquot_add_space+0x34/0x1240 fs/quota/dquot.c:1307
Code: e5 41 57 41 56 41 55 41 54 53 48 89 fb 48 83 ec 58 48 89 55 c8 48 89 c2 48 89 45 b8 48 c1 ea 03 48 b8 00 00 00 00 00 fc ff df <80> 3c 02 00 48 89 75 d0 89 4d b0 4c 89 45 c0 0f 85 24 0b 00 00 4c
Quota error (device loop4): qtree_write_dquot: Error -927940090 occurred while creating quota
RSP: 0018:ffff8881cd79f0d8 EFLAGS: 00010a07
RAX: dffffc0000000000 RBX: ffffffffc8b0c206 RCX: 0000000000000001
RDX: 1ffffffff9161860 RSI: 0000000000000400 RDI: ffffffffc8b0c206
RBP: ffff8881cd79f158 R08: ffff8881cd79f1c8 R09: ffffed1038f5631f
R10: 0000000000000000 R11: ffff8881cd79f1c8 R12: 0000000000000000
R13: 0000000000000000 R14: ffff8881c7ab1e10 R15: 0000000000000400
FS:  00007f945aab4700(0000) GS:ffff8881f6700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: fffffbfff9161860 CR3: 00000001d4a83003 CR4: 00000000001606e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __dquot_alloc_space+0x3f4/0x6f0 fs/quota/dquot.c:1672
 dquot_alloc_space_nodirty include/linux/quotaops.h:298 [inline]
 dquot_alloc_space include/linux/quotaops.h:311 [inline]
 dquot_alloc_block include/linux/quotaops.h:335 [inline]
 ext4_mb_new_blocks+0x4a4/0x3aa0 fs/ext4/mballoc.c:4533
 ext4_new_meta_blocks+0x1cc/0x360 fs/ext4/balloc.c:665
 ext4_xattr_block_set+0x10e3/0x2e10 fs/ext4/xattr.c:2075
 ext4_xattr_set_handle+0x861/0xc20 fs/ext4/xattr.c:2411
 ext4_xattr_set+0x1bc/0x300 fs/ext4/xattr.c:2511
 ext4_xattr_trusted_set+0x1e/0x20 fs/ext4/xattr_trusted.c:37
 __vfs_setxattr+0xd9/0x140 fs/xattr.c:149
 __vfs_setxattr_noperm+0xe9/0x380 fs/xattr.c:180
 __vfs_setxattr_locked+0x185/0x200 fs/xattr.c:238
 vfs_setxattr+0x101/0x280 fs/xattr.c:255
 setxattr+0x1af/0x280 fs/xattr.c:520
 path_setxattr+0x144/0x160 fs/xattr.c:539
 __do_sys_setxattr fs/xattr.c:554 [inline]
 __se_sys_setxattr fs/xattr.c:550 [inline]
 __x64_sys_setxattr+0xbf/0x150 fs/xattr.c:550
 do_syscall_64+0xd0/0x4e0 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45de59
Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f945aab3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
RAX: ffffffffffffffda RBX: 0000000000033bc0 RCX: 000000000045de59
RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000040
RBP: 000000000118bf70 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c
R13: 00007ffe996e08cf R14: 00007f945aab49c0 R15: 000000000118bf2c
Modules linked in:
CR2: fffffbfff9161860
---[ end trace 2da4c383955c28c1 ]---
BUG: unable to handle kernel paging request at fffffbfff9161860
RIP: 0010:dquot_add_space+0x34/0x1240 fs/quota/dquot.c:1307
PGD 23ffea067 P4D 23ffea067 PUD 23fe5e067 PMD 0 
Code: e5 41 57 41 56 41 55 41 54 53 48 89 fb 48 83 ec 58 48 89 55 c8 48 89 c2 48 89 45 b8 48 c1 ea 03 48 b8 00 00 00 00 00 fc ff df <80> 3c 02 00 48 89 75 d0 89 4d b0 4c 89 45 c0 0f 85 24 0b 00 00 4c
Oops: 0000 [#2] PREEMPT SMP KASAN
RSP: 0018:ffff8881cd79f0d8 EFLAGS: 00010a07
CPU: 0 PID: 7454 Comm: syz-executor.4 Tainted: G      D           4.19.163-syzkaller #0
RAX: dffffc0000000000 RBX: ffffffffc8b0c206 RCX: 0000000000000001
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RDX: 1ffffffff9161860 RSI: 0000000000000400 RDI: ffffffffc8b0c206
RIP: 0010:dquot_add_space+0x34/0x1240 fs/quota/dquot.c:1307
RBP: ffff8881cd79f158 R08: ffff8881cd79f1c8 R09: ffffed1038f5631f
Code: e5 41 57 41 56 41 55 41 54 53 48 89 fb 48 83 ec 58 48 89 55 c8 48 89 c2 48 89 45 b8 48 c1 ea 03 48 b8 00 00 00 00 00 fc ff df <80> 3c 02 00 48 89 75 d0 89 4d b0 4c 89 45 c0 0f 85 24 0b 00 00 4c
R10: 0000000000000000 R11: ffff8881cd79f1c8 R12: 0000000000000000
RSP: 0018:ffff8881d535f0d8 EFLAGS: 00010a07
R13: 0000000000000000 R14: ffff8881c7ab1e10 R15: 0000000000000400
RAX: dffffc0000000000 RBX: ffffffffc8b0c206 RCX: 0000000000000001
FS:  00007f945aab4700(0000) GS:ffff8881f6700000(0000) knlGS:0000000000000000
RDX: 1ffffffff9161860 RSI: 0000000000000400 RDI: ffffffffc8b0c206
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
RBP: ffff8881d535f158 R08: ffff8881d535f1c8 R09: ffffed1038f57c5f
CR2: fffffbfff9161860 CR3: 00000001d4a83003 CR4: 00000000001606e0
R10: 0000000000000000 R11: ffff8881d535f1c8 R12: 0000000000000000
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
R13: 0000000000000000 R14: ffff8881c7abe810 R15: 0000000000000400
FS:  00007fe61c5e0700(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033