bisecting fixing commit since 10b84daddbec72c6b440216a69de9a9605127f7a building syzkaller on 0174c6c8f78a3fdd002a73a5fdf559c1b0ec8c34 testing commit 10b84daddbec72c6b440216a69de9a9605127f7a with gcc (GCC) 8.1.0 all runs: crashed: WARNING in account_page_dirtied testing current HEAD 5c6207539aea8b22490f9569db5aa72ddfd0d486 testing commit 5c6207539aea8b22490f9569db5aa72ddfd0d486 with gcc (GCC) 8.1.0 all runs: crashed: WARNING in account_page_dirtied revisions tested: 2, total time: 18m14.676605235s (build: 9m54.889727425s, test: 6m48.767986141s) the crash still happens on HEAD crash: WARNING in account_page_dirtied gfs2: fsid=loop3.0: first mount done, others may mount gfs2: fsid=loop4.0: jid=0: Journal head lookup took 209ms gfs2: fsid=loop4.0: jid=0: Done gfs2: fsid=loop4.0: first mount done, others may mount WARNING: CPU: 0 PID: 4397 at include/linux/backing-dev.h:343 inode_to_wb include/linux/backing-dev.h:340 [inline] WARNING: CPU: 0 PID: 4397 at include/linux/backing-dev.h:343 account_page_dirtied+0x605/0x7f0 mm/page-writeback.c:2420 Kernel panic - not syncing: panic_on_warn set ... CPU: 0 PID: 4397 Comm: syz-executor5 Not tainted 5.3.0-rc2+ #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 gfs2: fsid=loop1.0: found 1 quota changes Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x115/0x167 lib/dump_stack.c:113 panic+0x223/0x4ee kernel/panic.c:219 __warn.cold.10+0x1b/0x45 kernel/panic.c:576 report_bug+0x1a4/0x200 lib/bug.c:186 fixup_bug arch/x86/kernel/traps.c:179 [inline] do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:272 do_invalid_op+0x36/0x40 arch/x86/kernel/traps.c:291 invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1026 RIP: 0010:inode_to_wb include/linux/backing-dev.h:340 [inline] RIP: 0010:account_page_dirtied+0x605/0x7f0 mm/page-writeback.c:2420 Code: c1 ea 03 80 3c 02 00 0f 85 f3 01 00 00 49 8b 86 88 01 00 00 be ff ff ff ff 48 8d 78 70 e8 b3 9e cd ff 85 c0 0f 85 b5 fb ff ff <0f> 0b e9 ae fb ff ff 4c 89 ee 4c 89 f7 e8 c9 c2 26 00 e9 5f fb ff RSP: 0018:ffff8881cceff798 EFLAGS: 00010046 RAX: 0000000000000000 RBX: ffff8881cc788ca0 RCX: ffff8881cd08abd0 RDX: 1ffffffff102515a RSI: ffff8881d1eced70 RDI: 0000000000000082 RBP: ffff8881cceff7c8 R08: ffffed103b606c5c R09: ffffed103b606c5c R10: ffffed103b606c5b R11: ffff8881db0362db R12: ffff8881cc788b18 R13: ffffea0006c9d6c0 R14: ffff8881cc788b18 R15: 0000000000000282 __set_page_dirty+0x6f/0x250 fs/buffer.c:583 mark_buffer_dirty+0x2c4/0x3c0 fs/buffer.c:1112 gfs2_unpin+0xdf/0xe00 fs/gfs2/lops.c:107 buf_lo_after_commit+0x129/0x210 fs/gfs2/lops.c:714 lops_after_commit fs/gfs2/lops.h:61 [inline] gfs2_log_flush+0x9b5/0x1be0 fs/gfs2/log.c:829 do_sync+0x4dc/0xa60 fs/gfs2/quota.c:958 gfs2: fsid=loop0.0: found 1 quota changes gfs2_quota_sync+0x254/0x4f0 fs/gfs2/quota.c:1301 gfs2_sync_fs+0x41/0xa0 fs/gfs2/super.c:963 __sync_filesystem fs/sync.c:39 [inline] sync_filesystem+0xd7/0x200 fs/sync.c:64 generic_shutdown_super+0x69/0x330 fs/super.c:444 kill_block_super+0x96/0xe0 fs/super.c:1310 gfs2_kill_sb+0x100/0x150 fs/gfs2/ops_fstype.c:1379 deactivate_locked_super+0x7c/0xd0 fs/super.c:331 gfs2: fsid=loop2.0: found 1 quota changes deactivate_super+0x136/0x150 fs/super.c:362 cleanup_mnt+0x204/0x440 fs/namespace.c:1102 __cleanup_mnt+0xd/0x10 fs/namespace.c:1109 task_work_run+0x10e/0x190 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x1be/0x210 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline] syscall_return_slowpath arch/x86/entry/common.c:274 [inline] do_syscall_64+0x468/0x550 arch/x86/entry/common.c:299 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4579d7 Code: 44 00 00 b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 fd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc8effe708 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 gfs2: fsid=loop3.0: found 1 quota changes RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000004579d7 RDX: 00005555565f5a13 RSI: 0000000000000002 RDI: 00007ffc8efff870 RBP: 00007ffc8efff870 R08: 0000000000000000 R09: 0000000000000009 R10: 0000000000000005 R11: 0000000000000246 R12: 00005555565f5940 R13: 0000000000000000 R14: 0000000000000002 R15: 000000000000c9bf Kernel Offset: disabled Rebooting in 86400 seconds..