bisecting fixing commit since 0f091e43310f5c292b7094f9f115e651358e8053 building syzkaller on d5a3ae1f760e7cb2cd5a721d9645ae22eae114fe testing commit 0f091e43310f5c292b7094f9f115e651358e8053 with gcc (GCC) 8.1.0 kernel signature: 969deb5d0c51e942443eba945db7acc6b2881fb5b4bb4b96e2e50e6baaa3e46c run #0: crashed: INFO: rcu detected stall in do_idle run #1: crashed: INFO: rcu detected stall in corrupted run #2: crashed: INFO: rcu detected stall in do_idle run #3: crashed: INFO: rcu detected stall in do_idle run #4: crashed: INFO: rcu detected stall in smp_call_function run #5: crashed: INFO: rcu detected stall in smp_call_function run #6: crashed: BUG: workqueue lockup run #7: crashed: INFO: task hung in addrconf_dad_work run #8: crashed: no output from test machine run #9: crashed: no output from test machine testing current HEAD ae0d0bb29b311ee3c71c8796f76d309a3779c8d9 testing commit ae0d0bb29b311ee3c71c8796f76d309a3779c8d9 with gcc (GCC) 8.1.0 kernel signature: 7f4692e89704af4cad549a6c093f36fb949738c5d537d56215ca3afe52173961 run #0: crashed: INFO: rcu detected stall in mutex_spin_on_owner run #1: crashed: INFO: rcu detected stall in do_idle run #2: crashed: BUG: soft lockup in do_idle run #3: crashed: INFO: rcu detected stall in wb_workfn run #4: crashed: BUG: soft lockup in do_idle run #5: crashed: INFO: rcu detected stall in linkwatch_event run #6: crashed: no output from test machine run #7: crashed: no output from test machine run #8: crashed: no output from test machine run #9: crashed: BUG: soft lockup in wb_workfn revisions tested: 2, total time: 26m31.911258252s (build: 9m20.17343523s, test: 16m39.201013265s) the crash still happens on HEAD commit msg: Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net crash: BUG: soft lockup in wb_workfn watchdog: BUG: soft lockup - CPU#1 stuck for 263s! [kworker/u4:0:7] Modules linked in: irq event stamp: 1341744 hardirqs last enabled at (1341743): [] slab_alloc mm/slab.c:3307 [inline] hardirqs last enabled at (1341743): [] kmem_cache_alloc+0x29e/0x780 mm/slab.c:3484 hardirqs last disabled at (1341744): [] irqentry_enter+0x1d/0x50 kernel/entry/common.c:343 softirqs last enabled at (1340290): [] spin_unlock_bh include/linux/spinlock.h:399 [inline] softirqs last enabled at (1340290): [] get_next_work_item fs/fs-writeback.c:1948 [inline] softirqs last enabled at (1340290): [] wb_do_writeback fs/fs-writeback.c:2037 [inline] softirqs last enabled at (1340290): [] wb_workfn+0x13f/0x6f0 fs/fs-writeback.c:2080 softirqs last disabled at (1340288): [] spin_lock_bh include/linux/spinlock.h:359 [inline] softirqs last disabled at (1340288): [] get_next_work_item fs/fs-writeback.c:1942 [inline] softirqs last disabled at (1340288): [] wb_do_writeback fs/fs-writeback.c:2037 [inline] softirqs last disabled at (1340288): [] wb_workfn+0x126/0x6f0 fs/fs-writeback.c:2080 CPU: 1 PID: 7 Comm: kworker/u4:0 Not tainted 5.10.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: writeback wb_workfn (flush-8:0) RIP: 0010:PageWriteback include/linux/page-flags.h:376 [inline] RIP: 0010:wait_on_page_writeback+0x13/0x150 mm/page-writeback.c:2835 Code: 80 fe ff ff 31 d2 49 f7 f6 48 89 c2 e9 f3 fe ff ff 66 0f 1f 44 00 00 53 48 8b 57 08 48 89 fb 48 8d 42 ff 83 e2 01 48 0f 44 c7 <48> 83 38 ff 0f 84 9b 00 00 00 48 8b 57 08 48 8d 42 ff 83 e2 01 48 RSP: 0018:ffffc90000ca3900 EFLAGS: 00000246 RAX: ffffea0004492000 RBX: ffffea0004492000 RCX: 0000000000000001 RDX: 0000000000000000 RSI: ffffffff83e8c837 RDI: ffffea0004492000 RBP: 0000000000000000 R08: 0000000000000000 R09: ffff88810dded240 R10: 0000000000000001 R11: 0000000000000000 R12: 00000000000033ff R13: ffff88810df2dae0 R14: ffffea0004492000 R15: ffffc90000ca3a80 FS: 0000000000000000(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055d11efcb028 CR3: 00000001096ea000 CR4: 00000000001506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: mpage_prepare_extent_to_map+0x19c/0x370 fs/ext4/inode.c:2606 ext4_writepages+0x6df/0x11a0 fs/ext4/inode.c:2788 do_writepages+0x39/0xe0 mm/page-writeback.c:2352 __writeback_single_inode+0x5d/0x670 fs/fs-writeback.c:1461 writeback_sb_inodes+0x1fb/0x510 fs/fs-writeback.c:1721 __writeback_inodes_wb+0x5a/0xc0 fs/fs-writeback.c:1790 wb_writeback+0x32a/0x4c0 fs/fs-writeback.c:1896 wb_check_old_data_flush fs/fs-writeback.c:1998 [inline] wb_do_writeback fs/fs-writeback.c:2051 [inline] wb_workfn+0x49d/0x6f0 fs/fs-writeback.c:2080 process_one_work+0x273/0x600 kernel/workqueue.c:2272 worker_thread+0x38/0x380 kernel/workqueue.c:2418 kthread+0x145/0x170 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 2946 Comm: kworker/0:3 Not tainted 5.10.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: ipv6_addrconf addrconf_dad_work RIP: 0010:lock_acquire+0x13d/0x420 kernel/locking/lockdep.c:5440 Code: 40 de 7e 83 f8 01 0f 85 e0 01 00 00 48 83 3d c1 73 09 03 00 0f 84 f0 01 00 00 48 8b 3c 24 57 9d 0f 1f 44 00 00 48 8b 44 24 30 <65> 48 33 04 25 28 00 00 00 0f 85 ca 02 00 00 48 83 c4 38 5b 5d 41 RSP: 0018:ffffc90000003e20 EFLAGS: 00000082 RAX: a87f605997a08500 RBX: 0000000000000001 RCX: 000000000bb20072 RDX: 8165e272570ecded RSI: ffffffff83e8c837 RDI: 0000000000000082 RBP: 0000000000000000 R08: 00000000000036e2 R09: 0000000000000000 R10: 0000000000000001 R11: 00000021211d7c03 R12: 0000000000000000 R13: 0000000000000000 R14: ffffffff860ac4a0 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000004f97b0 CR3: 000000011d2fb000 CR4: 00000000001506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x58/0x80 kernel/locking/spinlock.c:159 debug_object_deactivate+0x84/0x180 lib/debugobjects.c:730 debug_hrtimer_deactivate kernel/time/hrtimer.c:425 [inline] debug_deactivate kernel/time/hrtimer.c:481 [inline] __run_hrtimer kernel/time/hrtimer.c:1487 [inline] __hrtimer_run_queues+0x160/0x4f0 kernel/time/hrtimer.c:1583 hrtimer_interrupt+0xf9/0x210 kernel/time/hrtimer.c:1645 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1080 [inline] __sysvec_apic_timer_interrupt+0x8e/0x290 arch/x86/kernel/apic/apic.c:1097 asm_call_irq_on_stack+0xf/0x20 __run_sysvec_on_irqstack arch/x86/include/asm/irq_stack.h:37 [inline] run_sysvec_on_irqstack_cond arch/x86/include/asm/irq_stack.h:89 [inline] sysvec_apic_timer_interrupt+0xcc/0xf0 arch/x86/kernel/apic/apic.c:1091 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:631 RIP: 0010:rep_nop arch/x86/include/asm/vdso/processor.h:13 [inline] RIP: 0010:cpu_relax arch/x86/include/asm/vdso/processor.h:18 [inline] RIP: 0010:mutex_spin_on_owner+0xf7/0x170 kernel/locking/mutex.c:579 Code: 22 81 48 c7 c7 40 89 3d 84 e8 f5 81 00 00 48 8d 65 e0 89 d8 5b 41 5c 41 5d 41 5e 5d c3 4d 85 e4 74 0d 4d 3b 66 50 75 ba f3 90 57 ff ff ff 49 8b 06 a8 01 74 f2 eb aa e8 36 ab 02 00 84 c0 0f RSP: 0018:ffffc90005edfce0 EFLAGS: 00000246 RAX: ffff88813bd00000 RBX: ffff88811d80a000 RCX: ffffffff8122c880 RDX: 0000000000000001 RSI: ffffffff840745f1 RDI: 0000000000000001 RBP: ffffc90005edfd00 R08: 0000000000000003 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000010 R12: 0000000000000000 R13: 0000000000000000 R14: ffffffff84626020 R15: ffffffff82b0a79f mutex_optimistic_spin kernel/locking/mutex.c:673 [inline] __mutex_lock_common kernel/locking/mutex.c:959 [inline] __mutex_lock+0x3d9/0x9f0 kernel/locking/mutex.c:1103 addrconf_dad_work+0x3f/0x500 net/ipv6/addrconf.c:4028 process_one_work+0x273/0x600 kernel/workqueue.c:2272 worker_thread+0x38/0x380 kernel/workqueue.c:2418 kthread+0x145/0x170 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296