bisecting cause commit starting from 7c832d2f9b959e3181370c8b0dacaf9efe13fc05
building syzkaller on 0c5d9412d774262384cbdbe9d672b077364ed776
testing commit 7c832d2f9b959e3181370c8b0dacaf9efe13fc05
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 2c741ddeb7fc67524c922aaa5c48c13160e428aae5fafa5e45db74e614c0a53b
all runs: crashed: WARNING in fuse_evict_inode
testing release v5.14
testing commit 7d2a07b769330c34b4deabeed939325c77a7ec2f
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: de5d0644639cc5c360c5e4129b2c3253ccb03fa29846cb1eb6936ee1da8e68ac
all runs: OK
# git bisect start 7c832d2f9b959e3181370c8b0dacaf9efe13fc05 7d2a07b769330c34b4deabeed939325c77a7ec2f
Bisecting: 10492 revisions left to test after this (roughly 13 steps)
[14e2bc4e8c40a876c1ab5597320d523c12a97f39] Merge tag 'nfsd-5.15-1' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux

testing commit 14e2bc4e8c40a876c1ab5597320d523c12a97f39
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: b5ac7330f00980c4a84c1dced6473dd4592419cabd72572af26ec7f821dbbbbb
all runs: OK
# git bisect good 14e2bc4e8c40a876c1ab5597320d523c12a97f39
Bisecting: 5703 revisions left to test after this (roughly 12 steps)
[fc25206d8fae5eeb06a24fa3cb3f31848ec2c146] Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git

testing commit fc25206d8fae5eeb06a24fa3cb3f31848ec2c146
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 26e4ec5ffb2a705ead90642fac71623b9723ec5aac47cfb06556b8762bdc641e
all runs: crashed: WARNING in fuse_evict_inode
# git bisect bad fc25206d8fae5eeb06a24fa3cb3f31848ec2c146
Bisecting: 2393 revisions left to test after this (roughly 11 steps)
[acb8f8938b035113cdaa2b465edae2ecf9d7b545] Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc.git

testing commit acb8f8938b035113cdaa2b465edae2ecf9d7b545
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: b73ed67599c0091571a942deced0caef6ef1700c6fdb30a76264220249ac0b01
all runs: OK
# git bisect good acb8f8938b035113cdaa2b465edae2ecf9d7b545
Bisecting: 1190 revisions left to test after this (roughly 10 steps)
[02c6ff6a92e02cbecbd5c41c75973de460efdb06] Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git

testing commit 02c6ff6a92e02cbecbd5c41c75973de460efdb06
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 04bbe6169b3f1f8218ce10df6cc81c53a3097922817cf14109cb943d292ed665
all runs: OK
# git bisect good 02c6ff6a92e02cbecbd5c41c75973de460efdb06
Bisecting: 590 revisions left to test after this (roughly 9 steps)
[66058d49ecc96074c168f923fea19213db267559] Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid.git

testing commit 66058d49ecc96074c168f923fea19213db267559
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 089a435c9b6fd370ca59db049de7dd6aba7d389399d325c1afa6f433a0f21c74
all runs: crashed: WARNING in fuse_evict_inode
# git bisect bad 66058d49ecc96074c168f923fea19213db267559
Bisecting: 317 revisions left to test after this (roughly 8 steps)
[f577b380cf6984fca34cb90717d067b091c1ca88] Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git

testing commit f577b380cf6984fca34cb90717d067b091c1ca88
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 3a167bd3865a782629e1393fc57b6c9dba1748e9eae4be396e189522324a2cff
all runs: crashed: WARNING in fuse_evict_inode
# git bisect bad f577b380cf6984fca34cb90717d067b091c1ca88
Bisecting: 139 revisions left to test after this (roughly 7 steps)
[00c9626f46bece739cb413d1399ead6473809c54] Merge branch 'for-next-next-v5.15-20211014' into for-next-20211014

testing commit 00c9626f46bece739cb413d1399ead6473809c54
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: d2c2a543a44541617ce83f88e03b7d3b1bb321c5155504525c2a6b47a8da33f4
all runs: OK
# git bisect good 00c9626f46bece739cb413d1399ead6473809c54
Bisecting: 71 revisions left to test after this (roughly 6 steps)
[f2c936eb51ef68639166da79659da5e22d07d76d] Merge branch 'master' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt.git

testing commit f2c936eb51ef68639166da79659da5e22d07d76d
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: aa2827bd8e5b78e0c4c537e1d90beeef3412ca8bcc7612f33d8215431bef21a7
all runs: OK
# git bisect good f2c936eb51ef68639166da79659da5e22d07d76d
Bisecting: 36 revisions left to test after this (roughly 5 steps)
[3de97847de8658809288b4e4915b2a0bf8aeb9bc] Merge branch 'dev' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs.git

testing commit 3de97847de8658809288b4e4915b2a0bf8aeb9bc
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: eadf7a63ff2ab8603b0637037215221cb2c7710ad54fc143f67ee341e33585e6
all runs: OK
# git bisect good 3de97847de8658809288b4e4915b2a0bf8aeb9bc
Bisecting: 17 revisions left to test after this (roughly 4 steps)
[c25e588a350179ab0f45f2f9f166a4cacb66cff1] Merge branch 'dev' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs.git

testing commit c25e588a350179ab0f45f2f9f166a4cacb66cff1
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: f3eae3c7bb9b3f0c7b9eb322e36d352c6025b8be5e0db157e75dfe6f5a767e78
all runs: OK
# git bisect good c25e588a350179ab0f45f2f9f166a4cacb66cff1
Bisecting: 8 revisions left to test after this (roughly 3 steps)
[a69a29fb89c1f074b55b0220d844d064dd169182] fuse: don't bump attr_version in cached write

testing commit a69a29fb89c1f074b55b0220d844d064dd169182
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 6da874dd1f700ff992fb2472495ecff4874ee86f78c6681fdf209b5780e59675
all runs: crashed: WARNING in fuse_evict_inode
# git bisect bad a69a29fb89c1f074b55b0220d844d064dd169182
Bisecting: 4 revisions left to test after this (roughly 2 steps)
[2469204435db9492d09717e65302efed9be5f52a] fuse: use kmap_local_page()

testing commit 2469204435db9492d09717e65302efed9be5f52a
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 70cfede4fedefe46e0f618428de6d76e14d2e4aed55692e56d7917c9e0150940
all runs: crashed: WARNING in fuse_evict_inode
# git bisect bad 2469204435db9492d09717e65302efed9be5f52a
Bisecting: 1 revision left to test after this (roughly 1 step)
[6e6b45a963c4a962c61ca59982982ddcdc82e651] fuse: write inode in fuse_vma_close() instead of fuse_release()

testing commit 6e6b45a963c4a962c61ca59982982ddcdc82e651
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: 503018226226d4197bed50b7f5fe04e3e50a18f699de3d714c996c4c64af365f
all runs: crashed: WARNING in fuse_evict_inode
# git bisect bad 6e6b45a963c4a962c61ca59982982ddcdc82e651
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[b5cf7894208ea40bcfab1bec5aa0ccb30d09318e] fuse: make sure reclaim doesn't write the inode

testing commit b5cf7894208ea40bcfab1bec5aa0ccb30d09318e
compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2
kernel signature: ea0560d053fa3dd917f05981171104603e2a80622ab1d93ac69100c845b6ea04
all runs: OK
# git bisect good b5cf7894208ea40bcfab1bec5aa0ccb30d09318e
6e6b45a963c4a962c61ca59982982ddcdc82e651 is the first bad commit
commit 6e6b45a963c4a962c61ca59982982ddcdc82e651
Author: Miklos Szeredi <mszeredi@redhat.com>
Date:   Wed Oct 13 14:33:40 2021 +0200

    fuse: write inode in fuse_vma_close() instead of fuse_release()
    
    Fuse ->release() is otherwise asynchronous for the reason that it can
    happen in contexts unrelated to close/munmap.
    
    Inode is already written back from fuse_flush().  Add it to
    fuse_vma_close() as well to make sure inode dirtying from mmaps also get
    written out before the file is released.
    
    Also add error handling.
    
    Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>

 fs/fuse/file.c | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

culprit signature: 503018226226d4197bed50b7f5fe04e3e50a18f699de3d714c996c4c64af365f
parent  signature: ea0560d053fa3dd917f05981171104603e2a80622ab1d93ac69100c845b6ea04
revisions tested: 16, total time: 3h55m37.935948475s (build: 1h46m54.674726212s, test: 2h7m3.939623618s)
first bad commit: 6e6b45a963c4a962c61ca59982982ddcdc82e651 fuse: write inode in fuse_vma_close() instead of fuse_release()
recipients (to): ["linux-fsdevel@vger.kernel.org" "miklos@szeredi.hu" "mszeredi@redhat.com"]
recipients (cc): ["linux-kernel@vger.kernel.org"]
crash: WARNING in fuse_evict_inode
------------[ cut here ]------------
WARNING: CPU: 0 PID: 7012 at fs/fuse/inode.c:122 fuse_evict_inode+0x2be/0x390 fs/fuse/inode.c:130
Modules linked in:

CPU: 0 PID: 7012 Comm: syz-executor.1 Not tainted 5.15.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:fuse_evict_inode+0x2be/0x390 fs/fuse/inode.c:122
Code: c1 ea 03 80 3c 02 00 0f 85 9b 00 00 00 48 c7 83 a0 04 00 00 00 00 00 00 e9 9f fe ff ff 48 89 df e8 b7 6a 01 00 e9 60 fe ff ff <0f> 0b e9 79 fd ff ff 48 89 df e8 73 f7 27 ff e9 9f fe ff ff 48 89
RSP: 0018:ffffc90002a1fd28 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: ffff88805fd80000 RCX: 0000000000000000
RDX: 1ffff1100bfb001b RSI: 0000000000000004 RDI: ffff88805fd800d8
RBP: ffff88805fd80000 R08: 0000000000000000 R09: ffff88805fd8008b
R10: ffffed100bfb0011 R11: 0000000000000000 R12: ffff88805fd800d8
R13: ffff88805fd80028 R14: ffffffff8900e7a0 R15: ffff88805fd801d0
FS:  00005555566ae400(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f2cce9e8010 CR3: 0000000021e8e000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 evict+0x296/0x5d0 fs/inode.c:586
 __dentry_kill+0x315/0x560 fs/dcache.c:582
 do_one_tree fs/dcache.c:1660 [inline]
 shrink_dcache_for_umount+0x100/0x2e0 fs/dcache.c:1674
 generic_shutdown_super+0x5c/0x330 fs/super.c:447
 kill_anon_super+0x31/0x50 fs/super.c:1057
 deactivate_locked_super+0x7b/0x130 fs/super.c:335
 cleanup_mnt+0x324/0x4d0 fs/namespace.c:1137
 task_work_run+0xc0/0x160 kernel/task_work.c:164
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:175 [inline]
 exit_to_user_mode_prepare+0x27e/0x290 kernel/entry/common.c:209
 __syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
 syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:302
 do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7fb234cecea7
Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffdbd7cd4a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fb234cecea7
RDX: 00007ffdbd7cd579 RSI: 0000000000000002 RDI: 00007ffdbd7cd570
RBP: 00007ffdbd7cd570 R08: 00000000ffffffff R09: 00007ffdbd7cd340
R10: 00005555566af8e3 R11: 0000000000000246 R12: 00007fb234d44e05
R13: 00007ffdbd7ce630 R14: 00005555566af810 R15: 00007ffdbd7ce670