bisecting fixing commit since e68061375f792af245fefbc13e3e078fa92d3539
building syzkaller on 52e3731913ab2677be27c29ed8142b04e8f28521
testing commit e68061375f792af245fefbc13e3e078fa92d3539 with gcc (GCC) 10.2.1 20210217
kernel signature: 7655392819de5033a383aec477f58329f9b02d8cdce0e2c0917fc7a6ec53fdbe
run #0: crashed: INFO: rcu detected stall in corrupted
run #1: crashed: INFO: rcu detected stall in corrupted
run #2: crashed: INFO: rcu detected stall in mac80211_hwsim_beacon
run #3: crashed: INFO: rcu detected stall in mac80211_hwsim_beacon
run #4: crashed: INFO: rcu detected stall in wg_packet_handshake_receive_worker
run #5: crashed: INFO: rcu detected stall in corrupted
run #6: crashed: INFO: rcu detected stall in sys_epoll_ctl
run #7: crashed: INFO: rcu detected stall in mac80211_hwsim_beacon
run #8: crashed: INFO: rcu detected stall in corrupted
run #9: crashed: INFO: rcu detected stall in mac80211_hwsim_beacon
run #10: crashed: INFO: rcu detected stall in ieee80211_tasklet_handler
run #11: crashed: INFO: rcu detected stall in mac80211_hwsim_beacon
run #12: crashed: INFO: rcu detected stall in mac80211_hwsim_beacon
run #13: crashed: INFO: rcu detected stall in corrupted
run #14: crashed: INFO: rcu detected stall in ieee80211_iface_work
run #15: crashed: INFO: rcu detected stall in mac80211_hwsim_beacon
run #16: crashed: INFO: rcu detected stall in __hrtimer_run_queues
run #17: crashed: INFO: rcu detected stall in mac80211_hwsim_beacon
run #18: crashed: INFO: rcu detected stall in do_idle
run #19: crashed: INFO: rcu detected stall in do_idle
testing current HEAD c2131f7e73c9e9365613e323d65c7b9e5b910f56
testing commit c2131f7e73c9e9365613e323d65c7b9e5b910f56 with gcc (GCC) 10.2.1 20210217
kernel signature: dcd0bee395221d99c259b9314271fedf655d72a327a23ee766924b1c24aba079
run #0: crashed: INFO: rcu detected stall in mac80211_hwsim_beacon
run #1: crashed: INFO: rcu detected stall in do_idle
run #2: crashed: INFO: rcu detected stall in do_idle
run #3: crashed: INFO: rcu detected stall in smp_call_function
run #4: crashed: INFO: rcu detected stall in ieee80211_iface_work
run #5: crashed: INFO: rcu detected stall in ieee80211_iface_work
run #6: crashed: INFO: rcu detected stall in addrconf_rs_timer
run #7: crashed: BUG: soft lockup in smp_call_function
run #8: crashed: INFO: rcu detected stall in neigh_periodic_work
run #9: crashed: INFO: rcu detected stall in mac80211_hwsim_beacon
revisions tested: 2, total time: 27m15.088026074s (build: 12m33.10190697s, test: 13m59.38646123s)
the crash still happens on HEAD
commit msg: Merge tag 'gfs2-v5.13-rc2-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2
crash: INFO: rcu detected stall in mac80211_hwsim_beacon
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	1-...!: (4 ticks this GP) idle=bce/1/0x4000000000000000 softirq=12713/12713 fqs=0 
	(detected by 0, t=11376 jiffies, g=8941, q=515)

============================================
WARNING: possible recursive locking detected
5.13.0-rc4-syzkaller #0 Not tainted
--------------------------------------------
kworker/u4:5/916 is trying to acquire lock:
ffffffff8a978058 (rcu_node_0){-.-.}-{2:2}, at: rcu_dump_cpu_stacks+0xd0/0x3f0 kernel/rcu/tree_stall.h:336

but task is already holding lock:
ffffffff8a978058 (rcu_node_0){-.-.}-{2:2}, at: print_other_cpu_stall kernel/rcu/tree_stall.h:542 [inline]
ffffffff8a978058 (rcu_node_0){-.-.}-{2:2}, at: check_cpu_stall kernel/rcu/tree_stall.h:708 [inline]
ffffffff8a978058 (rcu_node_0){-.-.}-{2:2}, at: rcu_pending kernel/rcu/tree.c:3911 [inline]
ffffffff8a978058 (rcu_node_0){-.-.}-{2:2}, at: rcu_sched_clock_irq+0xc63/0x2080 kernel/rcu/tree.c:2649

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(rcu_node_0);
  lock(rcu_node_0);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

6 locks held by kworker/u4:5/916:
 #0: ffff88801316e938 ((wq_completion)phy16){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
 #0: ffff88801316e938 ((wq_completion)phy16){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline]
 #0: ffff88801316e938 ((wq_completion)phy16){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline]
 #0: ffff88801316e938 ((wq_completion)phy16){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:617 [inline]
 #0: ffff88801316e938 ((wq_completion)phy16){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline]
 #0: ffff88801316e938 ((wq_completion)phy16){+.+.}-{0:0}, at: process_one_work+0x771/0x13b0 kernel/workqueue.c:2247
 #1: ffffc9000398fdb0 ((work_completion)(&sdata->work)){+.+.}-{0:0}, at: process_one_work+0x79e/0x13b0 kernel/workqueue.c:2251
 #2: ffff88802772cd00 (&wdev->mtx){+.+.}-{3:3}, at: sdata_lock net/mac80211/ieee80211_i.h:1003 [inline]
 #2: ffff88802772cd00 (&wdev->mtx){+.+.}-{3:3}, at: ieee80211_ibss_rx_queued_mgmt+0xe1/0x14c0 net/mac80211/ibss.c:1631
 #3: ffffffff8a96f440 (rcu_read_lock){....}-{1:2}, at: ieee80211_iterate_active_interfaces_atomic+0x0/0xf0 net/mac80211/util.c:1134
 #4: ffffffff8b6ccbb8 (hwsim_radio_lock){+.-.}-{2:2}, at: spin_lock include/linux/spinlock.h:354 [inline]
 #4: ffffffff8b6ccbb8 (hwsim_radio_lock){+.-.}-{2:2}, at: mac80211_hwsim_tx_frame_no_nl.isra.0+0x5ac/0x1020 drivers/net/wireless/mac80211_hwsim.c:1514
 #5: ffffffff8a978058 (rcu_node_0){-.-.}-{2:2}, at: print_other_cpu_stall kernel/rcu/tree_stall.h:542 [inline]
 #5: ffffffff8a978058 (rcu_node_0){-.-.}-{2:2}, at: check_cpu_stall kernel/rcu/tree_stall.h:708 [inline]
 #5: ffffffff8a978058 (rcu_node_0){-.-.}-{2:2}, at: rcu_pending kernel/rcu/tree.c:3911 [inline]
 #5: ffffffff8a978058 (rcu_node_0){-.-.}-{2:2}, at: rcu_sched_clock_irq+0xc63/0x2080 kernel/rcu/tree.c:2649

stack backtrace:
CPU: 0 PID: 916 Comm: kworker/u4:5 Not tainted 5.13.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: phy16 ieee80211_iface_work
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0x93/0xc2 lib/dump_stack.c:120
 print_deadlock_bug kernel/locking/lockdep.c:2831 [inline]
 check_deadlock kernel/locking/lockdep.c:2874 [inline]
 validate_chain kernel/locking/lockdep.c:3663 [inline]
 __lock_acquire.cold+0x149/0x399 kernel/locking/lockdep.c:4902
 lock_acquire kernel/locking/lockdep.c:5512 [inline]
 lock_acquire+0x1ab/0x730 kernel/locking/lockdep.c:5477
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0x39/0x50 kernel/locking/spinlock.c:159
 rcu_dump_cpu_stacks+0xd0/0x3f0 kernel/rcu/tree_stall.h:336
 print_other_cpu_stall kernel/rcu/tree_stall.h:560 [inline]
 check_cpu_stall kernel/rcu/tree_stall.h:708 [inline]
 rcu_pending kernel/rcu/tree.c:3911 [inline]
 rcu_sched_clock_irq+0x1a79/0x2080 kernel/rcu/tree.c:2649
 update_process_times+0x13b/0x1c0 kernel/time/timer.c:1796
 tick_sched_handle+0x6f/0x130 kernel/time/tick-sched.c:226
 tick_sched_timer+0x132/0x210 kernel/time/tick-sched.c:1373
 __run_hrtimer kernel/time/hrtimer.c:1537 [inline]
 __hrtimer_run_queues+0x18a/0xb00 kernel/time/hrtimer.c:1601
 hrtimer_interrupt+0x2f9/0x920 kernel/time/hrtimer.c:1663
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1089 [inline]
 __sysvec_apic_timer_interrupt+0x146/0x540 arch/x86/kernel/apic/apic.c:1106
 sysvec_apic_timer_interrupt+0x40/0xc0 arch/x86/kernel/apic/apic.c:1100
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:647
RIP: 0010:mac80211_hwsim_tx_frame_no_nl.isra.0+0x6a5/0x1020 drivers/net/wireless/mac80211_hwsim.c:1525
Code: 3c 00 00 00 74 9d 48 8d bb a5 3c 00 00 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 0f b6 04 28 38 d0 7f 08 84 c0 0f 85 0b 07 00 00 <80> bb a5 3c 00 00 00 74 26 48 8d bb 40 2c 00 00 48 89 f8 48 c1 e8
RSP: 0018:ffffc90000007bd8 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffff888041cd31e0 RCX: ffffffff87ad9c44
RDX: 0000000000000005 RSI: 0000000000000008 RDI: ffff888041cd6e85
RBP: dffffc0000000000 R08: 0000000000000001 R09: ffff888018ae949f
R10: ffffed100315d293 R11: 0000000000000000 R12: ffff888045098dc0
R13: ffff88804132b1e0 R14: ffff88804132b410 R15: 0000000000000004
 mac80211_hwsim_tx_frame+0x109/0x1a0 drivers/net/wireless/mac80211_hwsim.c:1775
 mac80211_hwsim_beacon_tx+0x3f8/0x7c0 drivers/net/wireless/mac80211_hwsim.c:1829
 __iterate_interfaces+0x107/0x360 net/mac80211/util.c:793
 ieee80211_iterate_active_interfaces_atomic+0x5c/0xf0 net/mac80211/util.c:829
 mac80211_hwsim_beacon+0xb7/0x160 drivers/net/wireless/mac80211_hwsim.c:1852
 __run_hrtimer kernel/time/hrtimer.c:1537 [inline]
 __hrtimer_run_queues+0x4d7/0xb00 kernel/time/hrtimer.c:1601
 hrtimer_run_softirq+0x176/0x340 kernel/time/hrtimer.c:1618
 __do_softirq+0x29b/0x9f6 kernel/softirq.c:559
 do_softirq.part.0+0xc8/0x110 kernel/softirq.c:460
 </IRQ>
 do_softirq kernel/softirq.c:452 [inline]
 __local_bh_enable_ip+0x102/0x120 kernel/softirq.c:384
 spin_unlock_bh include/linux/spinlock.h:399 [inline]
 cfg80211_bss_update+0x222/0x1ea0 net/wireless/scan.c:1779
 cfg80211_inform_single_bss_frame_data+0x60d/0xcc0 net/wireless/scan.c:2404
 cfg80211_inform_bss_frame_data+0x94/0xa80 net/wireless/scan.c:2437
 ieee80211_bss_info_update+0x29b/0x890 net/mac80211/scan.c:190
 ieee80211_rx_bss_info net/mac80211/ibss.c:1126 [inline]
 ieee80211_rx_mgmt_probe_beacon+0x7b7/0x15e0 net/mac80211/ibss.c:1615
 ieee80211_ibss_rx_queued_mgmt+0xb85/0x14c0 net/mac80211/ibss.c:1642
 ieee80211_iface_work+0x565/0x7b0 net/mac80211/iface.c:1437
 process_one_work+0x84c/0x13b0 kernel/workqueue.c:2276
 worker_thread+0x598/0xf80 kernel/workqueue.c:2422
 kthread+0x36f/0x450 kernel/kthread.c:313
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294