bisecting fixing commit since 4fa640dc52302b5e62b01b05c755b055549633ae building syzkaller on d88894e6773ab63ac8b3f4b2edbae88290aaf0d6 testing commit 4fa640dc52302b5e62b01b05c755b055549633ae with gcc (GCC) 8.4.1 20210217 kernel signature: 01ec0811025845132e25eee53b8aad732d2001a20ac9fec49e0d1dea11407386 run #0: crashed: BUG: soft lockup in do_idle run #1: crashed: BUG: soft lockup in do_faccessat run #2: crashed: BUG: soft lockup in addrconf_dad_work run #3: crashed: BUG: soft lockup in do_idle run #4: crashed: BUG: workqueue lockup run #5: crashed: BUG: soft lockup in do_idle run #6: crashed: BUG: soft lockup in linkwatch_event run #7: crashed: BUG: soft lockup in do_idle run #8: crashed: BUG: soft lockup in do_idle run #9: crashed: BUG: soft lockup in do_idle run #10: crashed: BUG: soft lockup in do_idle run #11: crashed: BUG: workqueue lockup run #12: crashed: BUG: soft lockup in sys_socket run #13: crashed: BUG: soft lockup in do_idle run #14: crashed: BUG: soft lockup in do_idle run #15: crashed: BUG: soft lockup in do_idle run #16: crashed: BUG: soft lockup in do_idle run #17: crashed: BUG: soft lockup in do_idle run #18: crashed: BUG: soft lockup in process_srcu run #19: crashed: BUG: soft lockup in do_idle testing current HEAD 3dbdb38e286903ec220aaf1fb29a8d94297da246 testing commit 3dbdb38e286903ec220aaf1fb29a8d94297da246 with gcc (GCC) 10.2.1 20210217 kernel signature: 0da0f63da05e81b9b252acd671b9ee067a02d8afcdd35652c55abd8bfab9b09c run #0: crashed: BUG: soft lockup in rtnl_newlink run #1: crashed: BUG: soft lockup in do_idle run #2: crashed: BUG: soft lockup in rtnl_newlink run #3: crashed: BUG: soft lockup in do_idle run #4: crashed: BUG: soft lockup in do_idle run #5: crashed: BUG: soft lockup in batadv_nc_worker run #6: crashed: INFO: rcu detected stall in ext4_file_write_iter run #7: crashed: BUG: soft lockup in linkwatch_event run #8: crashed: INFO: rcu detected stall in corrupted run #9: crashed: INFO: rcu detected stall in tun_chr_close revisions tested: 2, total time: 23m30.443098153s (build: 11m59.046977589s, test: 10m47.615182558s) the crash still happens on HEAD commit msg: Merge branch 'for-5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup crash: INFO: rcu detected stall in tun_chr_close rcu: INFO: rcu_preempt self-detected stall on CPU rcu: 0-...!: (1 GPs behind) idle=eae/1/0x4000000000000000 softirq=9362/9405 fqs=1 (t=12256 jiffies g=6761 q=725) rcu: rcu_preempt kthread starved for 8589 jiffies! g6761 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. rcu: RCU grace-period kthread stack dump: task:rcu_preempt state:I stack:29480 pid: 13 ppid: 2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:4683 [inline] __schedule+0x8e2/0x2190 kernel/sched/core.c:5940 schedule+0xd3/0x270 kernel/sched/core.c:6019 schedule_timeout+0x11d/0x250 kernel/time/timer.c:1892 rcu_gp_fqs_loop kernel/rcu/tree.c:2004 [inline] rcu_gp_kthread+0xcb9/0x2170 kernel/rcu/tree.c:2177 kthread+0x38b/0x460 kernel/kthread.c:319 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 rcu: Stack dump where RCU GP kthread last ran: Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0xb/0x10 arch/x86/include/asm/irqflags.h:51 NMI backtrace for cpu 0 CPU: 0 PID: 6088 Comm: syz-executor.1 Not tainted 5.13.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack_lvl+0xbd/0xe2 lib/dump_stack.c:96 nmi_cpu_backtrace.cold+0x30/0x99 lib/nmi_backtrace.c:105 nmi_trigger_cpumask_backtrace+0x11f/0x170 lib/nmi_backtrace.c:62 trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline] rcu_dump_cpu_stacks+0x232/0x360 kernel/rcu/tree_stall.h:341 print_cpu_stall kernel/rcu/tree_stall.h:624 [inline] check_cpu_stall kernel/rcu/tree_stall.h:699 [inline] rcu_pending kernel/rcu/tree.c:3911 [inline] rcu_sched_clock_irq.cold+0x36a/0x66e kernel/rcu/tree.c:2649 update_process_times+0x131/0x1a0 kernel/time/timer.c:1796 tick_sched_handle+0x6f/0x130 kernel/time/tick-sched.c:226 tick_sched_timer+0x132/0x210 kernel/time/tick-sched.c:1421 __run_hrtimer kernel/time/hrtimer.c:1537 [inline] __hrtimer_run_queues+0x19e/0xb90 kernel/time/hrtimer.c:1601 hrtimer_interrupt+0x2ef/0x900 kernel/time/hrtimer.c:1663 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1089 [inline] __sysvec_apic_timer_interrupt+0x13e/0x520 arch/x86/kernel/apic/apic.c:1106 sysvec_apic_timer_interrupt+0x8e/0xc0 arch/x86/kernel/apic/apic.c:1100 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638 RIP: 0010:should_resched arch/x86/include/asm/preempt.h:103 [inline] RIP: 0010:__local_bh_enable_ip+0x14f/0x220 kernel/softirq.c:390 Code: 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 0f 85 bd 00 00 00 48 83 3d 5a 59 15 08 00 74 4f fb 66 0f 1f 44 00 00 <65> 8b 05 ca 02 c0 7e 85 c0 74 78 5b 5d 41 5c c3 65 8b 05 76 0a c0 RSP: 0018:ffffc900012c7660 EFLAGS: 00000282 RAX: 1ffffffff12aeaa0 RBX: 00000000fffffe01 RCX: 1ffffffff1845c32 RDX: dffffc0000000000 RSI: ffffffff87eb5e60 RDI: ffffffff8833b3a0 RBP: 0000000000000200 R08: 0000000000000001 R09: ffffffff8c221bc7 R10: fffffbfff1844378 R11: 1ffffffff17b5b3a R12: ffffffff85f6e303 R13: ffffc900012c7700 R14: 000000000001166f R15: ffff88810e835900 local_bh_enable include/linux/bottom_half.h:32 [inline] get_next_corpse net/netfilter/nf_conntrack_core.c:2233 [inline] nf_ct_iterate_cleanup+0x90/0x270 net/netfilter/nf_conntrack_core.c:2256 nf_ct_iterate_cleanup_net net/netfilter/nf_conntrack_core.c:2344 [inline] nf_ct_iterate_cleanup_net+0x1f7/0x310 net/netfilter/nf_conntrack_core.c:2328 masq_device_event+0x8d/0xc0 net/netfilter/nf_nat_masquerade.c:88 notifier_call_chain+0x94/0x170 kernel/notifier.c:83 call_netdevice_notifiers_extack net/core/dev.c:2134 [inline] call_netdevice_notifiers net/core/dev.c:2148 [inline] dev_close_many+0x28c/0x560 net/core/dev.c:1723 unregister_netdevice_many+0x325/0x1540 net/core/dev.c:11036 unregister_netdevice_queue+0x26b/0x330 net/core/dev.c:10993 unregister_netdevice include/linux/netdevice.h:2969 [inline] __tun_detach+0xc3f/0xfa0 drivers/net/tun.c:670 tun_detach drivers/net/tun.c:687 [inline] tun_chr_close+0xb0/0x150 drivers/net/tun.c:3397 __fput+0x209/0x870 fs/file_table.c:280 task_work_run+0xc0/0x160 kernel/task_work.c:164 exit_task_work include/linux/task_work.h:32 [inline] do_exit+0xaa0/0x25a0 kernel/exit.c:825 do_group_exit+0xe7/0x290 kernel/exit.c:922 get_signal+0x3c0/0x1b60 kernel/signal.c:2796 arch_do_signal_or_restart+0x2a9/0x1f80 arch/x86/kernel/signal.c:789 handle_signal_work kernel/entry/common.c:148 [inline] exit_to_user_mode_loop kernel/entry/common.c:172 [inline] exit_to_user_mode_prepare+0x20e/0x280 kernel/entry/common.c:209 __syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline] syscall_exit_to_user_mode+0x40/0x70 kernel/entry/common.c:302 do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x416ff6 Code: Unable to access opcode bytes at RIP 0x416fcc. RSP: 002b:00007ffe2c760418 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: 0000000000000028 RBX: 0000000000a93700 RCX: 0000000000416ff6 RDX: 0000000000000028 RSI: 0000000000a93750 RDI: 0000000000000003 RBP: 0000000000000000 R08: 00007ffe2c760424 R09: 000000000000000c R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000003 R15: 0000000000a93750