bisecting fixing commit since a35d65bedfbc38cffe2701798cd6810bbdf07892
building syzkaller on 3cd800e43d452c348a66ba475143831d94969a24
testing commit a35d65bedfbc38cffe2701798cd6810bbdf07892
compiler: gcc version 8.4.1 20210217 (GCC)
kernel signature: 563824a25970fee06bc179a07872e6f5c40434b79e0d07eed707c812a84a126e
run #0: crashed: unregister_netdevice: waiting for DEV to become free
run #1: crashed: WARNING in inc_nlink
run #2: crashed: unregister_netdevice: waiting for DEV to become free
run #3: crashed: unregister_netdevice: waiting for DEV to become free
run #4: crashed: WARNING in inc_nlink
run #5: crashed: unregister_netdevice: waiting for DEV to become free
run #6: crashed: WARNING in inc_nlink
run #7: crashed: WARNING in inc_nlink
run #8: crashed: WARNING in inc_nlink
run #9: crashed: unregister_netdevice: waiting for DEV to become free
run #10: crashed: unregister_netdevice: waiting for DEV to become free
run #11: crashed: unregister_netdevice: waiting for DEV to become free
run #12: crashed: unregister_netdevice: waiting for DEV to become free
run #13: crashed: unregister_netdevice: waiting for DEV to become free
run #14: crashed: unregister_netdevice: waiting for DEV to become free
run #15: crashed: unregister_netdevice: waiting for DEV to become free
run #16: crashed: unregister_netdevice: waiting for DEV to become free
run #17: crashed: unregister_netdevice: waiting for DEV to become free
run #18: crashed: unregister_netdevice: waiting for DEV to become free
run #19: crashed: unregister_netdevice: waiting for DEV to become free
testing current HEAD eb045674aab31aa55a4f9aec27cce36e3d946a21
testing commit eb045674aab31aa55a4f9aec27cce36e3d946a21
compiler: gcc version 8.4.1 20210217 (GCC)
kernel signature: f245b8649b629d8309ddeca4074d5a1fa607108fd051f4dd9ce2cc94170375ef
run #0: crashed: unregister_netdevice: waiting for DEV to become free
run #1: crashed: WARNING in inc_nlink
run #2: crashed: unregister_netdevice: waiting for DEV to become free
run #3: crashed: WARNING in inc_nlink
run #4: crashed: unregister_netdevice: waiting for DEV to become free
run #5: crashed: unregister_netdevice: waiting for DEV to become free
run #6: crashed: unregister_netdevice: waiting for DEV to become free
run #7: crashed: WARNING in inc_nlink
run #8: crashed: unregister_netdevice: waiting for DEV to become free
run #9: crashed: WARNING in inc_nlink
revisions tested: 2, total time: 22m39.154534644s (build: 15m37.539732568s, test: 6m38.460114802s)
the crash still happens on HEAD
commit msg: Linux 4.14.272
crash: WARNING in inc_nlink
------------[ cut here ]------------
WARNING: CPU: 1 PID: 8309 at fs/inode.c:342 inc_nlink+0x10c/0x130 fs/inode.c:341
Kernel panic - not syncing: panic_on_warn set ...

CPU: 1 PID: 8309 Comm: syz-executor802 Not tainted 4.14.272-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x14b/0x1e7 lib/dump_stack.c:58
 panic+0x1b0/0x358 kernel/panic.c:183
 __warn.cold.7+0x25/0x25 kernel/panic.c:547
 report_bug+0x1a1/0x200 lib/bug.c:183
 fixup_bug arch/x86/kernel/traps.c:177 [inline]
 fixup_bug arch/x86/kernel/traps.c:172 [inline]
 do_error_trap+0x1bd/0x310 arch/x86/kernel/traps.c:295
 do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:314
 invalid_op+0x1b/0x40 arch/x86/entry/entry_64.S:964
RIP: 0010:inc_nlink+0x10c/0x130 fs/inode.c:342
RSP: 0018:ffff8880aba8fbb8 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: ffff8880ab2ff680 RCX: ffff8880b1cec9c8
RDX: 1ffff1101565feeb RSI: ffff8880b1ceca40 RDI: ffff8880ab2ff758
RBP: ffff8880aba8fbd0 R08: 00000000000055b6 R09: ffffffff8aab56f0
R10: 0000000000000078 R11: ffff8880b1cec140 R12: ffff8880ab2ff6c8
R13: 1ffff11015751f7f R14: ffff8880aad88940 R15: 0000000000000005
 fuse_link+0x333/0x4a0 fs/fuse/dir.c:860
 vfs_link+0x63d/0xa00 fs/namei.c:4264
 SYSC_linkat fs/namei.c:4332 [inline]
 SyS_linkat+0x3ab/0x5e0 fs/namei.c:4288
 SYSC_link fs/namei.c:4355 [inline]
 SyS_link+0x19/0x20 fs/namei.c:4353
 do_syscall_64+0x1c7/0x5b0 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x7f967a09dd19
RSP: 002b:00007f967a02e2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
RAX: ffffffffffffffda RBX: 00007f967a1304d0 RCX: 00007f967a09dd19
RDX: 00007f967a09dd19 RSI: 0000000020000080 RDI: 0000000020000040
RBP: 00007f967a0fe0ec R08: 0000000000003065 R09: 0000000000000000
R10: 0000000000000030 R11: 0000000000000246 R12: 00007f967a0f80d8
R13: 00007f967a0fa0e0 R14: 00007f967a0fc0e8 R15: 00007f967a1304d8
Kernel Offset: disabled
Rebooting in 86400 seconds..