sd_log_pinned: 5, sdp->sd_qc_inode-ip->i_inode.i_ino: 2078, quotaip-ip->i_inode.i_ino: 2340,gfs2_unpin
buf_lo_after_commit: 4
sd_log_pinned: 5, sdp->sd_qc_inode-ip->i_inode.i_ino: 2078, quotaip-ip->i_inode.i_ino: 2340,gfs2_unpin
str->di_height:0, ip->i_inode.i_ino: 2338, ip->i_height:0, gfs2_dinode_in
gfs2: fsid=syz:syz.0: qc_id:0
general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
CPU: 0 PID: 5520 Comm: syz-executor.0 Not tainted 6.2.0-rc1-syzkaller-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
RIP: 0010:gfs2_remove_from_journal+0x42a/0xa20 fs/gfs2/meta_io.c:350
Code: fe e8 8a 6e ef fd 41 83 ff 01 0f 84 34 03 00 00 e8 cb 71 ef fd 49 8d 7d 2c 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 59
RSP: 0018:ffffc90005c97730 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: ffff888072a97488 RCX: 0000000000000000
RDX: 0000000000000005 RSI: ffffffff83918175 RDI: 000000000000002c
RBP: ffff88807a920000 R08: 0000000000000005 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000001 R12: ffff88807c0cf150
R13: 0000000000000000 R14: ffff888072a974c8 R15: 0000000000000000
FS:  00005555572c5400(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fe82ed508ee CR3: 000000002a6f6000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 gfs2_discard fs/gfs2/aops.c:623 [inline]
 gfs2_invalidate_folio+0x330/0x7f0 fs/gfs2/aops.c:657
 folio_invalidate mm/truncate.c:159 [inline]
 truncate_cleanup_folio+0x31a/0x3f0 mm/truncate.c:179
 truncate_inode_pages_range+0x238/0xec0 mm/truncate.c:368
 gfs2_evict_inode+0x7c7/0x1c50 fs/gfs2/super.c:1411
 evict+0x2ed/0x6b0 fs/inode.c:664
 iput_final fs/inode.c:1747 [inline]
 iput.part.0+0x59b/0x880 fs/inode.c:1773
 iput+0x5c/0x80 fs/inode.c:1763
 gfs2_put_super+0x29e/0x670 fs/gfs2/super.c:606
 generic_shutdown_super+0x158/0x410 fs/super.c:492
 kill_block_super+0x9b/0xf0 fs/super.c:1386
 gfs2_kill_sb+0x108/0x170 fs/gfs2/ops_fstype.c:1739
 deactivate_locked_super+0x98/0x160 fs/super.c:332
 deactivate_super+0xb1/0xd0 fs/super.c:363
 cleanup_mnt+0x2ae/0x3d0 fs/namespace.c:1291
 task_work_run+0x16f/0x270 kernel/task_work.c:179
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:171 [inline]
 exit_to_user_mode_prepare+0x23c/0x250 kernel/entry/common.c:203
 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:296
 do_syscall_64+0x46/0xb0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f9187c8d567
Code: ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffc34e25a68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f9187c8d567
RDX: 00007ffc34e25b39 RSI: 000000000000000a RDI: 00007ffc34e25b30
RBP: 00007ffc34e25b30 R08: 00000000ffffffff R09: 00007ffc34e25900
R10: 00005555572c68b3 R11: 0000000000000246 R12: 00007f9187ce6b24
R13: 00007ffc34e26bf0 R14: 00005555572c6810 R15: 00007ffc34e26c30
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:gfs2_remove_from_journal+0x42a/0xa20 fs/gfs2/meta_io.c:350
Code: fe e8 8a 6e ef fd 41 83 ff 01 0f 84 34 03 00 00 e8 cb 71 ef fd 49 8d 7d 2c 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 59
RSP: 0018:ffffc90005c97730 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: ffff888072a97488 RCX: 0000000000000000
RDX: 0000000000000005 RSI: ffffffff83918175 RDI: 000000000000002c
RBP: ffff88807a920000 R08: 0000000000000005 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000001 R12: ffff88807c0cf150
R13: 0000000000000000 R14: ffff888072a974c8 R15: 0000000000000000
FS:  00005555572c5400(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fe82ed508ee CR3: 000000002a6f6000 CR4: 0000000000350ef0
----------------
Code disassembly (best guess), 1 bytes skipped:
   0:	e8 8a 6e ef fd       	callq  0xfdef6e8f
   5:	41 83 ff 01          	cmp    $0x1,%r15d
   9:	0f 84 34 03 00 00    	je     0x343
   f:	e8 cb 71 ef fd       	callq  0xfdef71df
  14:	49 8d 7d 2c          	lea    0x2c(%r13),%rdi
  18:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  1f:	fc ff df
  22:	48 89 fa             	mov    %rdi,%rdx
  25:	48 c1 ea 03          	shr    $0x3,%rdx
* 29:	0f b6 14 02          	movzbl (%rdx,%rax,1),%edx <-- trapping instruction
  2d:	48 89 f8             	mov    %rdi,%rax
  30:	83 e0 07             	and    $0x7,%eax
  33:	83 c0 03             	add    $0x3,%eax
  36:	38 d0                	cmp    %dl,%al
  38:	7c 08                	jl     0x42
  3a:	84 d2                	test   %dl,%dl
  3c:	0f                   	.byte 0xf
  3d:	85                   	.byte 0x85
  3e:	59                   	pop    %rcx