bisecting fixing commit since 10b84daddbec72c6b440216a69de9a9605127f7a building syzkaller on 0174c6c8f78a3fdd002a73a5fdf559c1b0ec8c34 testing commit 10b84daddbec72c6b440216a69de9a9605127f7a with gcc (GCC) 8.1.0 kernel signature: 0d96ff3f13a038dd4f59202f5bbe7ab235112c21 all runs: crashed: WARNING in account_page_dirtied testing current HEAD 6794862a16ef41f753abd75c03a152836e4c8028 testing commit 6794862a16ef41f753abd75c03a152836e4c8028 with gcc (GCC) 8.1.0 kernel signature: 4277dcc1cdb8931fda7122e4b1e779a673f28822 all runs: crashed: WARNING in account_page_dirtied revisions tested: 2, total time: 17m39.24346146s (build: 10m30.313215719s, test: 6m24.494721004s) the crash still happens on HEAD commit msg: Merge tag 'for-5.5-rc1-kconfig-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux crash: WARNING in account_page_dirtied gfs2: fsid=loop1.0: jid=0: Looking at journal... gfs2: fsid=loop3: Now mounting FS... gfs2: fsid=loop0.0: journal 0 mapped with 1 extents in 0ms ------------[ cut here ]------------ WARNING: CPU: 1 PID: 4430 at include/linux/backing-dev.h:348 inode_to_wb include/linux/backing-dev.h:345 [inline] WARNING: CPU: 1 PID: 4430 at include/linux/backing-dev.h:348 account_page_dirtied+0x65a/0x870 mm/page-writeback.c:2422 Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 4430 Comm: syz-executor4 Not tainted 5.5.0-rc1-syzkaller #0 gfs2: fsid=loop0.0: jid=0, already locked for use Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x12f/0x187 lib/dump_stack.c:118 gfs2: fsid=loop0.0: jid=0: Looking at journal... panic+0x22a/0x4f5 kernel/panic.c:221 __warn.cold.10+0x25/0x28 kernel/panic.c:582 report_bug+0x1b0/0x270 lib/bug.c:195 fixup_bug arch/x86/kernel/traps.c:174 [inline] do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:267 gfs2: fsid=loop1.0: jid=0: Journal head lookup took 104ms do_invalid_op+0x36/0x40 arch/x86/kernel/traps.c:286 gfs2: fsid=loop1.0: jid=0: Done invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027 RIP: 0010:inode_to_wb include/linux/backing-dev.h:345 [inline] RIP: 0010:account_page_dirtied+0x65a/0x870 mm/page-writeback.c:2422 Code: c1 ea 03 80 3c 02 00 0f 85 25 02 00 00 49 8b 86 90 01 00 00 be ff ff ff ff 48 8d 78 70 e8 6e fd cb ff 85 c0 0f 85 60 fb ff ff <0f> 0b e9 59 fb ff ff 4c 89 ee 4c 89 f7 e8 b4 50 28 00 e9 0a fb ff RSP: 0018:ffff8881c5ed7790 EFLAGS: 00010046 RAX: 0000000000000000 RBX: ffff8881c78ad368 RCX: ffff8881c5a76f18 RDX: 1ffffffff1065983 RSI: ffff8881c4c6f070 RDI: 0000000000000082 RBP: ffff8881c5ed77c0 R08: ffffed1038f15a6e R09: ffffed1038f15a6e gfs2: fsid=loop1.0: first mount done, others may mount R10: ffffed1038f15a6d R11: ffff8881c78ad36f R12: ffff8881c78ad1d8 R13: ffffea0007199a00 R14: ffff8881c78ad1d8 R15: 0000000000000282 __set_page_dirty+0x6f/0x250 fs/buffer.c:623 mark_buffer_dirty+0x2c4/0x3c0 fs/buffer.c:1152 gfs2_unpin+0xdf/0xe00 fs/gfs2/lops.c:107 buf_lo_after_commit+0x129/0x210 fs/gfs2/lops.c:715 lops_after_commit fs/gfs2/lops.h:62 [inline] gfs2_log_flush+0x9c4/0x1fa0 fs/gfs2/log.c:846 gfs2: fsid=loop1.0: found 1 quota changes do_sync+0x4dc/0xa60 fs/gfs2/quota.c:958 gfs2: fsid=loop0.0: jid=0: Journal head lookup took 209ms gfs2: fsid=loop0.0: jid=0: Done gfs2_quota_sync+0x254/0x4f0 fs/gfs2/quota.c:1301 gfs2_sync_fs+0x41/0xa0 fs/gfs2/super.c:712 __sync_filesystem fs/sync.c:39 [inline] sync_filesystem+0xd7/0x200 fs/sync.c:64 generic_shutdown_super+0x69/0x330 fs/super.c:448 kill_block_super+0x96/0xe0 fs/super.c:1442 gfs2_kill_sb+0x100/0x150 fs/gfs2/ops_fstype.c:1638 gfs2: fsid=loop0.0: first mount done, others may mount deactivate_locked_super+0x7c/0xd0 fs/super.c:335 deactivate_super+0x136/0x150 fs/super.c:366 cleanup_mnt+0x204/0x440 fs/namespace.c:1102 __cleanup_mnt+0xd/0x10 fs/namespace.c:1109 task_work_run+0x10e/0x190 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x1be/0x210 arch/x86/entry/common.c:164 prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline] syscall_return_slowpath arch/x86/entry/common.c:278 [inline] do_syscall_64+0x50b/0x600 arch/x86/entry/common.c:304 entry_SYSCALL_64_after_hwframe+0x49/0xbe gfs2: fsid=loop0.0: found 1 quota changes RIP: 0033:0x4579d7 Code: 44 00 00 b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 fd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffe79e78548 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000004579d7 RDX: 0000000000cdf9fb RSI: 0000000000000002 RDI: 00007ffe79e796b0 RBP: 00007ffe79e796b0 R08: 0000000000000000 R09: 0000000000000009 R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000cdf940 R13: 0000000000000000 R14: 0000000000000002 R15: 000000000000d061 Kernel Offset: disabled Rebooting in 86400 seconds..