bisecting fixing commit since 87ef12027b9b1dd0e0b12cf311fbcb19f9d92539 building syzkaller on 3642839c105d2c84160c10866805f903a22fa343 testing commit 87ef12027b9b1dd0e0b12cf311fbcb19f9d92539 with gcc (GCC) 8.1.0 kernel signature: c4c40d6b8e13b807e1dad67ac5c4b2cd7be0ce1856c28f094cd6b04dd2e99943 run #0: crashed: WARNING in unlock_new_inode run #1: crashed: WARNING in unlock_new_inode run #2: crashed: WARNING in unlock_new_inode run #3: crashed: WARNING in unlock_new_inode run #4: crashed: WARNING in unlock_new_inode run #5: crashed: WARNING in corrupted run #6: crashed: WARNING in unlock_new_inode run #7: crashed: WARNING in unlock_new_inode run #8: crashed: WARNING in unlock_new_inode run #9: crashed: WARNING in unlock_new_inode testing current HEAD 15bc20c6af4ceee97a1f90b43c0e386643c071b4 testing commit 15bc20c6af4ceee97a1f90b43c0e386643c071b4 with gcc (GCC) 8.1.0 kernel signature: e1bd1d654489662545dba1ee43c109184c8d6ff89f2fe988b9fe3ca8d6b50a86 run #0: crashed: WARNING in unlock_new_inode run #1: crashed: WARNING in unlock_new_inode run #2: crashed: WARNING in unlock_new_inode run #3: crashed: WARNING in corrupted run #4: crashed: WARNING in unlock_new_inode run #5: crashed: WARNING in unlock_new_inode run #6: crashed: WARNING in unlock_new_inode run #7: crashed: WARNING in unlock_new_inode run #8: crashed: WARNING in corrupted run #9: crashed: WARNING in unlock_new_inode revisions tested: 2, total time: 15m57.141395479s (build: 8m25.658939188s, test: 6m50.37697844s) the crash still happens on HEAD commit msg: Merge tag 'tty-5.9-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty crash: WARNING in unlock_new_inode REISERFS (device loop2): using 3.5.x disk format REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 3896 at fs/inode.c:996 unlock_new_inode+0x67/0x70 fs/inode.c:1001 REISERFS (device loop4): using ordered data mode Kernel panic - not syncing: panic_on_warn set ... CPU: 0 PID: 3896 Comm: syz-executor2 Not tainted 5.9.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0xb9/0xf1 lib/dump_stack.c:118 panic+0x115/0x30c kernel/panic.c:231 __warn.cold.13+0x20/0x26 kernel/panic.c:600 report_bug+0xc5/0x100 lib/bug.c:198 handle_bug+0x39/0xa0 arch/x86/kernel/traps.c:234 exc_invalid_op+0x18/0x70 arch/x86/kernel/traps.c:254 asm_exc_invalid_op+0x12/0x20 arch/x86/include/asm/idtentry.h:536 reiserfs: using flush barriers RIP: 0010:unlock_new_inode+0x67/0x70 fs/inode.c:996 Code: 89 83 d8 00 00 00 f0 83 44 24 fc 00 be 03 00 00 00 48 8d bb d8 00 00 00 e8 f6 3c de ff 4c 89 e7 e8 6e 32 9e 01 5b 41 5c 5d c3 <0f> 0b eb cb 0f 1f 44 00 00 55 8b 47 48 48 89 e5 85 c0 74 18 8d 50 RSP: 0018:ffffc9000051ba30 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff88820ba611d0 RCX: 0000000000000001 RDX: 0000000000000001 RSI: 0000000000003a62 RDI: ffff88820ba61258 RBP: ffffc9000051ba40 R08: 0000000000000030 R09: 0000000000003a62 REISERFS (device loop3): Using r5 hash to sort names R10: ffffc9000051b8e8 R11: 81d59cc8219e01c3 R12: ffff88820ba61258 R13: 00000000fffffff4 R14: 0000000000000000 R15: ffff88820ba61750 reiserfs_new_inode+0x156/0xa00 fs/reiserfs/inode.c:2166 reiserfs_mkdir+0x196/0x2d0 fs/reiserfs/namei.c:841 xattr_mkdir.constprop.22+0x22/0x30 fs/reiserfs/xattr.c:76 create_privroot fs/reiserfs/xattr.c:882 [inline] reiserfs_xattr_init+0x143/0x28c fs/reiserfs/xattr.c:1004 REISERFS (device loop5): Using r5 hash to sort names reiserfs_fill_super+0xae1/0xd50 fs/reiserfs/super.c:2177 mount_bdev+0x197/0x1d0 fs/super.c:1417 get_super_block+0x10/0x20 fs/reiserfs/super.c:2606 legacy_get_tree+0x2f/0x50 fs/fs_context.c:592 vfs_get_tree+0x28/0xc0 fs/super.c:1547 do_new_mount fs/namespace.c:2875 [inline] path_mount+0x755/0xae0 fs/namespace.c:3192 do_mount+0x77/0x90 fs/namespace.c:3205 __do_sys_mount fs/namespace.c:3413 [inline] __se_sys_mount fs/namespace.c:3390 [inline] __x64_sys_mount+0xc0/0xe0 fs/namespace.c:3390 do_syscall_64+0x37/0x80 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x457f2a REISERFS (device loop3): using 3.5.x disk format Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 5d 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 3a 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 RSP: 002b:00007f41552efbb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000457f2a RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f41552efc00 RBP: 0000000000000006 R08: 0000000020011500 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 R13: 000000000000067d R14: 00000000006fcc58 R15: 0000000000000000 Kernel Offset: disabled Rebooting in 86400 seconds..