* [PATCH v1] fs: Move might_sleep() annotation to iput_final()
@ 2025-11-05 19:37 Mickaël Salaün
2025-11-05 19:50 ` Mateusz Guzik
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Mickaël Salaün @ 2025-11-05 19:37 UTC (permalink / raw)
To: Christian Brauner
Cc: Mickaël Salaün, linux-security-module, linux-fsdevel,
Al Viro, Edward Adam Davis, Günther Noack, Hillf Danton,
Jan Kara, Jann Horn, Mateusz Guzik, Max Kellermann, Tingmao Wang,
syzbot+12479ae15958fc3f54ec
iput() don't directly call any sleepable code but mostly checks flags
and decrement a reference counter before calling iput_final() and then
evict().
Some code might call iput() with guarantees that iput_final() will not
be called. This is the case for Landlock's hook_sb_delete() where the
inode counter must de decremented while holding it with another
reference, see comment above the first iput() call.
Move the new might_sleep() call from iput() to iput_final(). The
alternative would be to manually decrement the counter without calling
iput(), but it doesn't seem right.
Cc: Christian Brauner <brauner@kernel.org>
Cc: Edward Adam Davis <eadavis@qq.com>
Cc: Günther Noack <gnoack@google.com>
Cc: Hillf Danton <hdanton@sina.com>
Cc: Jan Kara <jack@suse.cz>
Cc: Jann Horn <jannh@google.com>
Cc: Mateusz Guzik <mjguzik@gmail.com>
Cc: Max Kellermann <max.kellermann@ionos.com>
Cc: Tingmao Wang <m@maowtm.org>
Reported-by: syzbot+12479ae15958fc3f54ec@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/all/68d32659.a70a0220.4f78.0012.GAE@google.com/
Fixes: 2ef435a872ab ("fs: add might_sleep() annotation to iput() and more")
Signed-off-by: Mickaël Salaün <mic@digikod.net>
---
From hook_sb_delete():
/*
* At this point, we own the ihold() reference that was
* originally set up by get_inode_object() and the
* __iget() reference that we just set in this loop
* walk. Therefore the following call to iput() will
* not sleep nor drop the inode because there is now at
* least two references to it.
*/
iput(inode);
#syz test
---
fs/inode.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/inode.c b/fs/inode.c
index 84f539497857..64120cb21e8b 100644
--- a/fs/inode.c
+++ b/fs/inode.c
@@ -1917,6 +1917,7 @@ static void iput_final(struct inode *inode)
const struct super_operations *op = inode->i_sb->s_op;
int drop;
+ might_sleep();
WARN_ON(inode_state_read(inode) & I_NEW);
VFS_BUG_ON_INODE(atomic_read(&inode->i_count) != 0, inode);
@@ -1969,7 +1970,6 @@ static void iput_final(struct inode *inode)
*/
void iput(struct inode *inode)
{
- might_sleep();
if (unlikely(!inode))
return;
--
2.51.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH v1] fs: Move might_sleep() annotation to iput_final()
2025-11-05 19:37 [PATCH v1] fs: Move might_sleep() annotation to iput_final() Mickaël Salaün
@ 2025-11-05 19:50 ` Mateusz Guzik
2025-11-05 20:56 ` [syzbot] [fs?] BUG: sleeping function called from invalid context in hook_sb_delete syzbot
2025-11-12 5:40 ` [PATCH v1] fs: Move might_sleep() annotation to iput_final() kernel test robot
2 siblings, 0 replies; 4+ messages in thread
From: Mateusz Guzik @ 2025-11-05 19:50 UTC (permalink / raw)
To: Mickaël Salaün
Cc: Christian Brauner, linux-security-module, linux-fsdevel, Al Viro,
Edward Adam Davis, Günther Noack, Hillf Danton, Jan Kara,
Jann Horn, Max Kellermann, Tingmao Wang,
syzbot+12479ae15958fc3f54ec
On Wed, Nov 5, 2025 at 8:38 PM Mickaël Salaün <mic@digikod.net> wrote:
>
> iput() don't directly call any sleepable code but mostly checks flags
> and decrement a reference counter before calling iput_final() and then
> evict().
>
> Some code might call iput() with guarantees that iput_final() will not
> be called. This is the case for Landlock's hook_sb_delete() where the
> inode counter must de decremented while holding it with another
> reference, see comment above the first iput() call.
>
> Move the new might_sleep() call from iput() to iput_final(). The
> alternative would be to manually decrement the counter without calling
> iput(), but it doesn't seem right.
>
This would mostly defeat the point of the original change.
Instead, if you have a consumer which *guarantees* this is not the
last reference, the vfs layer can provide a helper which acts
accordingly.
Something like this (untested):
diff --git a/fs/inode.c b/fs/inode.c
index 84f539497857..a3ece9b4b6ef 100644
--- a/fs/inode.c
+++ b/fs/inode.c
@@ -2011,6 +2011,15 @@ void iput(struct inode *inode)
}
EXPORT_SYMBOL(iput);
+void iput_not_last(struct inode *inode)
+{
+ VFS_BUG_ON_INODE(inode_state_read_once(inode) & I_CLEAR, inode);
+ VFS_BUG_ON_INODE(atomic_read(&inode->i_count) < 2, inode);
+
+ WARN_ON(atomic_sub_return(1, &inode->i_count) == 0);
+}
+EXPORT_SYMBOL(iput_not_last);
+
#ifdef CONFIG_BLOCK
/**
* bmap - find a block number in a file
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 41c855ef0594..8181a0d0e2ac 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -2909,6 +2909,7 @@ extern int current_umask(void);
extern void ihold(struct inode * inode);
extern void iput(struct inode *);
+void iput_not_last(struct inode *);
int inode_update_timestamps(struct inode *inode, int flags);
int generic_update_time(struct inode *, int);
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [syzbot] [fs?] BUG: sleeping function called from invalid context in hook_sb_delete
2025-11-05 19:37 [PATCH v1] fs: Move might_sleep() annotation to iput_final() Mickaël Salaün
2025-11-05 19:50 ` Mateusz Guzik
@ 2025-11-05 20:56 ` syzbot
2025-11-12 5:40 ` [PATCH v1] fs: Move might_sleep() annotation to iput_final() kernel test robot
2 siblings, 0 replies; 4+ messages in thread
From: syzbot @ 2025-11-05 20:56 UTC (permalink / raw)
To: brauner, eadavis, gnoack, hdanton, jack, jannh, linux-fsdevel,
linux-kernel, linux-security-module, m, max.kellermann, mic,
mjguzik, syzkaller-bugs, viro
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
f
[ 104.167925][ T5820] ? clear_bhb_loop+0x60/0xb0
[ 104.167948][ T5820] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 104.167967][ T5820] RIP: 0033:0x7f9a9fef16c5
[ 104.167983][ T5820] Code: Unable to access opcode bytes at 0x7f9a9fef169b.
[ 104.167993][ T5820] RSP: 002b:00007fff0fc3e0f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 104.168021][ T5820] RAX: ffffffffffffffda RBX: 00005583ec761b10 RCX: 00007f9a9fef16c5
[ 104.168036][ T5820] RDX: 00000000000000e7 RSI: fffffffffffffe68 RDI: 0000000000000000
[ 104.168048][ T5820] RBP: 00005583ec738910 R08: 0000000000000000 R09: 0000000000000000
[ 104.168060][ T5820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 104.168071][ T5820] R13: 00007fff0fc3e140 R14: 0000000000000000 R15: 0000000000000000
[ 104.168101][ T5820] </TASK>
2025/11/05 20:54:56 parsed 1 programs
[ 105.509351][ T5829] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 105.518601][ T5829] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 5829, name: syz-execprog
[ 105.528439][ T5829] preempt_count: 1, expected: 0
[ 105.533521][ T5829] RCU nest depth: 0, expected: 0
[ 105.538811][ T5829] 1 lock held by syz-execprog/5829:
[ 105.544194][ T5829] #0: ffff88807e6f68d8 (&sb->s_type->i_lock_key#9){+.+.}-{3:3}, at: iput+0x2db/0x1050
[ 105.554222][ T5829] Preemption disabled at:
[ 105.554232][ T5829] [<0000000000000000>] 0x0
[ 105.564065][ T5829] CPU: 0 UID: 0 PID: 5829 Comm: syz-execprog Tainted: G W syzkaller #0 PREEMPT(full)
[ 105.564091][ T5829] Tainted: [W]=WARN
[ 105.564096][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 105.564105][ T5829] Call Trace:
[ 105.564114][ T5829] <TASK>
[ 105.564121][ T5829] dump_stack_lvl+0x189/0x250
[ 105.564144][ T5829] ? __pfx_dump_stack_lvl+0x10/0x10
[ 105.564160][ T5829] ? __pfx__printk+0x10/0x10
[ 105.564176][ T5829] ? call_rcu+0x6ff/0x9c0
[ 105.564197][ T5829] ? print_lock_name+0xde/0x100
[ 105.564218][ T5829] __might_resched+0x495/0x610
[ 105.564241][ T5829] ? __pfx___might_resched+0x10/0x10
[ 105.564258][ T5829] ? do_raw_spin_lock+0x121/0x290
[ 105.564286][ T5829] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 105.564320][ T5829] iput+0x741/0x1050
[ 105.564352][ T5829] __dentry_kill+0x209/0x660
[ 105.564371][ T5829] ? dput+0x37/0x2b0
[ 105.564389][ T5829] dput+0x19f/0x2b0
[ 105.564406][ T5829] __fput+0x68e/0xa70
[ 105.564431][ T5829] fput_close_sync+0x113/0x220
[ 105.564450][ T5829] ? __pfx_fput_close_sync+0x10/0x10
[ 105.564470][ T5829] ? do_raw_spin_unlock+0x122/0x240
[ 105.564495][ T5829] __x64_sys_close+0x7f/0x110
[ 105.564517][ T5829] do_syscall_64+0xfa/0xfa0
[ 105.564541][ T5829] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 105.564558][ T5829] ? clear_bhb_loop+0x60/0xb0
[ 105.564577][ T5829] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 105.564593][ T5829] RIP: 0033:0x40dd0e
[ 105.564610][ T5829] Code: 24 28 44 8b 44 24 2c e9 70 ff ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 49 89 f2 48 89 fa 48 89 ce 48 89 df 0f 05 <48> 3d 01 f0 ff ff 76 15 48 f7 d8 48 89 c1 48 c7 c0 ff ff ff ff 48
[ 105.564625][ T5829] RSP: 002b:000000c002db1760 EFLAGS: 00000212 ORIG_RAX: 0000000000000003
[ 105.564688][ T5829] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000040dd0e
[ 105.564701][ T5829] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 105.564711][ T5829] RBP: 000000c002db17a0 R08: 0000000000000000 R09: 0000000000000000
[ 105.564723][ T5829] R10: 0000000000000000 R11: 0000000000000212 R12: 000000c002db18c0
[ 105.564735][ T5829] R13: 00000000000007ff R14: 000000c000002380 R15: 000000c0008937c0
[ 105.564765][ T5829] </TASK>
[ 107.337546][ T5837] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 107.347227][ T5837] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 5837, name: dhcpcd
[ 107.356267][ T5837] preempt_count: 1, expected: 0
[ 107.361915][ T5837] RCU nest depth: 0, expected: 0
[ 107.367125][ T5837] 1 lock held by dhcpcd/5837:
[ 107.373083][ T5837] #0: ffff88807e6fa3d8 (&sb->s_type->i_lock_key#9){+.+.}-{3:3}, at: iput+0x2db/0x1050
[ 107.384068][ T5837] Preemption disabled at:
[ 107.384082][ T5837] [<0000000000000000>] 0x0
[ 107.393377][ T5837] CPU: 1 UID: 0 PID: 5837 Comm: dhcpcd Tainted: G W syzkaller #0 PREEMPT(full)
[ 107.393403][ T5837] Tainted: [W]=WARN
[ 107.393408][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 107.393417][ T5837] Call Trace:
[ 107.393424][ T5837] <TASK>
[ 107.393430][ T5837] dump_stack_lvl+0x189/0x250
[ 107.393456][ T5837] ? __pfx_dump_stack_lvl+0x10/0x10
[ 107.393480][ T5837] ? __pfx__printk+0x10/0x10
[ 107.393503][ T5837] ? print_lock_name+0xde/0x100
[ 107.393526][ T5837] __might_resched+0x495/0x610
[ 107.393553][ T5837] ? __pfx___might_resched+0x10/0x10
[ 107.393570][ T5837] ? do_raw_spin_lock+0x121/0x290
[ 107.393597][ T5837] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 107.393632][ T5837] iput+0x741/0x1050
[ 107.393662][ T5837] __dentry_kill+0x209/0x660
[ 107.393681][ T5837] ? dput+0x37/0x2b0
[ 107.393699][ T5837] dput+0x19f/0x2b0
[ 107.393717][ T5837] __fput+0x68e/0xa70
[ 107.393749][ T5837] fput_close_sync+0x113/0x220
[ 107.393768][ T5837] ? __pfx_fput_close_sync+0x10/0x10
[ 107.393790][ T5837] ? do_raw_spin_unlock+0x122/0x240
[ 107.393819][ T5837] __x64_sys_close+0x7f/0x110
[ 107.393843][ T5837] do_syscall_64+0xfa/0xfa0
[ 107.393871][ T5837] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.393890][ T5837] ? clear_bhb_loop+0x60/0xb0
[ 107.393915][ T5837] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.393933][ T5837] RIP: 0033:0x7fc58c16c407
[ 107.393950][ T5837] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 107.393968][ T5837] RSP: 002b:00007ffc1197cc80 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[ 107.393988][ T5837] RAX: ffffffffffffffda RBX: 00007fc58c0e2740 RCX: 00007fc58c16c407
[ 107.394002][ T5837] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 107.394014][ T5837] RBP: 000055fc7ab074b0 R08: 0000000000000000 R09: 0000000000000000
[ 107.394026][ T5837] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 107.394038][ T5837] R13: 000055fc83902290 R14: 0000000000000000 R15: 000055fc7ab1cac0
[ 107.394071][ T5837] </TASK>
[ 108.750656][ T5835] cgroup: Unknown subsys name 'net'
[ 108.759273][ T5835] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 108.769492][ T5835] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 5835, name: syz-executor
[ 108.782190][ T5835] preempt_count: 1, expected: 0
[ 108.787683][ T5835] RCU nest depth: 0, expected: 0
[ 108.792976][ T5835] 2 locks held by syz-executor/5835:
[ 108.799370][ T5835] #0: ffff8880340e80e0 (&type->s_umount_key#44){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0
[ 108.811870][ T5835] #1: ffff888077e41970 (&sb->s_type->i_lock_key#33){+.+.}-{3:3}, at: iput+0x2db/0x1050
[ 108.822811][ T5835] Preemption disabled at:
[ 108.822824][ T5835] [<0000000000000000>] 0x0
[ 108.833460][ T5835] CPU: 1 UID: 0 PID: 5835 Comm: syz-executor Tainted: G W syzkaller #0 PREEMPT(full)
[ 108.833488][ T5835] Tainted: [W]=WARN
[ 108.833493][ T5835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 108.833502][ T5835] Call Trace:
[ 108.833508][ T5835] <TASK>
[ 108.833515][ T5835] dump_stack_lvl+0x189/0x250
[ 108.833542][ T5835] ? __pfx_dump_stack_lvl+0x10/0x10
[ 108.833561][ T5835] ? __pfx__printk+0x10/0x10
[ 108.833580][ T5835] ? print_lock_name+0xde/0x100
[ 108.833601][ T5835] __might_resched+0x495/0x610
[ 108.833625][ T5835] ? __pfx___might_resched+0x10/0x10
[ 108.833642][ T5835] ? do_raw_spin_lock+0x121/0x290
[ 108.833666][ T5835] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 108.833699][ T5835] iput+0x741/0x1050
[ 108.833731][ T5835] __dentry_kill+0x209/0x660
[ 108.833751][ T5835] ? dput+0x37/0x2b0
[ 108.833770][ T5835] dput+0x19f/0x2b0
[ 108.833789][ T5835] shrink_dcache_for_umount+0xa0/0x170
[ 108.833815][ T5835] generic_shutdown_super+0x67/0x2c0
[ 108.833843][ T5835] kill_anon_super+0x3b/0x70
[ 108.833868][ T5835] kernfs_kill_sb+0x161/0x180
[ 108.833895][ T5835] deactivate_locked_super+0xbc/0x130
[ 108.833920][ T5835] cleanup_mnt+0x425/0x4c0
[ 108.833943][ T5835] ? lockdep_hardirqs_on+0x9c/0x150
[ 108.833970][ T5835] task_work_run+0x1d4/0x260
[ 108.833998][ T5835] ? __pfx_task_work_run+0x10/0x10
[ 108.834027][ T5835] ? exit_to_user_mode_loop+0x55/0x4f0
[ 108.834058][ T5835] exit_to_user_mode_loop+0xff/0x4f0
[ 108.834084][ T5835] ? rcu_is_watching+0x15/0xb0
[ 108.834109][ T5835] do_syscall_64+0x2e9/0xfa0
[ 108.834135][ T5835] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 108.834152][ T5835] ? clear_bhb_loop+0x60/0xb0
[ 108.834175][ T5835] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 108.834192][ T5835] RIP: 0033:0x7f2c235901f7
[ 108.834208][ T5835] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 108.834224][ T5835] RSP: 002b:00007ffeee90f4f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 108.834244][ T5835] RAX: 0000000000000000 RBX: 00007ffeee90f5f0 RCX: 00007f2c235901f7
[ 108.834256][ T5835] RDX: 00007f2c23623d15 RSI: 0000000000000000 RDI: 00007f2c236125ca
[ 108.834266][ T5835] RBP: 00007f2c236125ca R08: 00007f2c236128ae R09: 0000000000000000
[ 108.834277][ T5835] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2c23612844
[ 108.834287][ T5835] R13: 00007f2c23623d15 R14: 00007ffeee90f608 R15: 00007ffeee90f500
[ 108.834313][ T5835] </TASK>
[ 109.214905][ T5835] cgroup: Unknown subsys name 'cpuset'
[ 109.226104][ T5835] cgroup: Unknown subsys name 'rlimit'
[ 110.666383][ T5835] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 110.845546][ T5195] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 110.854984][ T5195] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 5195, name: udevd
[ 110.865089][ T5195] preempt_count: 1, expected: 0
[ 110.870130][ T5195] RCU nest depth: 0, expected: 0
[ 110.875858][ T5195] 2 locks held by udevd/5195:
[ 110.881834][ T5195] #0: ffff88802feb6420 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[ 110.893073][ T5195] #1: ffff8880306928e8 (&sb->s_type->i_lock_key){+.+.}-{3:3}, at: iput+0x2db/0x1050
[ 110.903490][ T5195] Preemption disabled at:
[ 110.903505][ T5195] [<0000000000000000>] 0x0
[ 110.912829][ T5195] CPU: 1 UID: 0 PID: 5195 Comm: udevd Tainted: G W syzkaller #0 PREEMPT(full)
[ 110.912861][ T5195] Tainted: [W]=WARN
[ 110.912867][ T5195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 110.912878][ T5195] Call Trace:
[ 110.912886][ T5195] <TASK>
[ 110.912894][ T5195] dump_stack_lvl+0x189/0x250
[ 110.912924][ T5195] ? __pfx_dump_stack_lvl+0x10/0x10
[ 110.912946][ T5195] ? __pfx__printk+0x10/0x10
[ 110.912969][ T5195] ? print_lock_name+0xde/0x100
[ 110.912994][ T5195] __might_resched+0x495/0x610
[ 110.913020][ T5195] ? __pfx___might_resched+0x10/0x10
[ 110.913036][ T5195] ? do_raw_spin_lock+0x121/0x290
[ 110.913063][ T5195] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 110.913095][ T5195] iput+0x741/0x1050
[ 110.913122][ T5195] do_unlinkat+0x39f/0x560
[ 110.913155][ T5195] ? __pfx_do_unlinkat+0x10/0x10
[ 110.913182][ T5195] ? strncpy_from_user+0x150/0x2c0
[ 110.913209][ T5195] ? getname_flags+0x1e5/0x540
[ 110.913232][ T5195] __x64_sys_unlink+0x47/0x50
[ 110.913267][ T5195] do_syscall_64+0xfa/0xfa0
[ 110.913295][ T5195] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 110.913313][ T5195] ? clear_bhb_loop+0x60/0xb0
[ 110.913335][ T5195] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 110.913354][ T5195] RIP: 0033:0x7f9a9ff15937
[ 110.913371][ T5195] Code: 00 00 e9 a9 fd ff ff 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 5f 00 00 00 0f 05 c3 0f 1f 84 00 00 00 00 00 b8 57 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 91 b4 0d 00 f7 d8 64 89 02 b8
[ 110.913387][ T5195] RSP: 002b:00007fff0fc3e2a8 EFLAGS: 00000202 ORIG_RAX: 0000000000000057
[ 110.913408][ T5195] RAX: ffffffffffffffda RBX: 0000000000000bb8 RCX: 00007f9a9ff15937
[ 110.913422][ T5195] RDX: ffffffffffffffff RSI: 000000000000000b RDI: 00005583c5bc802e
[ 110.913434][ T5195] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 110.913445][ T5195] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 110.913456][ T5195] R13: 00005583c5be3100 R14: 0000000000000000 R15: 0000000000000000
[ 110.913486][ T5195] </TASK>
syzkaller build log:
go env (err=<nil>)
AR='ar'
CC='gcc'
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_ENABLED='1'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
CXX='g++'
GCCGO='gccgo'
GO111MODULE='auto'
GOAMD64='v1'
GOARCH='amd64'
GOAUTH='netrc'
GOBIN=''
GOCACHE='/syzkaller/.cache/go-build'
GOCACHEPROG=''
GODEBUG=''
GOENV='/syzkaller/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFIPS140='off'
GOFLAGS=''
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build2124321294=/tmp/go-build -gno-record-gcc-switches'
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMOD='/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/go.mod'
GOMODCACHE='/syzkaller/jobs/linux/gopath/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/syzkaller/jobs/linux/gopath'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTELEMETRY='local'
GOTELEMETRYDIR='/syzkaller/.config/go/telemetry'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.24.4'
GOWORK=''
PKG_CONFIG='pkg-config'
git status (err=<nil>)
HEAD detached at 7e2882b3269
nothing to commit, working tree clean
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
go list -f '{{.Stale}}' -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=7e2882b32698b70f3149aee00c41e3d2d941dca3 -X github.com/google/syzkaller/prog.gitRevisionDate=20251007-152513" ./sys/syz-sysgen | grep -q false || go install -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=7e2882b32698b70f3149aee00c41e3d2d941dca3 -X github.com/google/syzkaller/prog.gitRevisionDate=20251007-152513" ./sys/syz-sysgen
make .descriptions
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
bin/syz-sysgen
touch .descriptions
GOOS=linux GOARCH=amd64 go build -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=7e2882b32698b70f3149aee00c41e3d2d941dca3 -X github.com/google/syzkaller/prog.gitRevisionDate=20251007-152513" -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog
mkdir -p ./bin/linux_amd64
g++ -o ./bin/linux_amd64/syz-executor executor/executor.cc \
-m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -Wno-unused-but-set-variable -Wno-unused-command-line-argument -static-pie -std=c++17 -I. -Iexecutor/_include -DGOOS_linux=1 -DGOARCH_amd64=1 \
-DHOSTGOOS_linux=1 -DGIT_REVISION=\"7e2882b32698b70f3149aee00c41e3d2d941dca3\"
/usr/bin/ld: /tmp/ccT2jI60.o: in function `Connection::Connect(char const*, char const*)':
executor.cc:(.text._ZN10Connection7ConnectEPKcS1_[_ZN10Connection7ConnectEPKcS1_]+0x104): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
./tools/check-syzos.sh 2>/dev/null
Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=11651084580000
Tested on:
commit: 84d39fb9 Add linux-next specific files for 20251105
git tree: linux-next
kernel config: https://syzkaller.appspot.com/x/.config?x=bebc0cb9c2989b81
dashboard link: https://syzkaller.appspot.com/bug?extid=12479ae15958fc3f54ec
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
patch: https://syzkaller.appspot.com/x/patch.diff?x=139f532f980000
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH v1] fs: Move might_sleep() annotation to iput_final()
2025-11-05 19:37 [PATCH v1] fs: Move might_sleep() annotation to iput_final() Mickaël Salaün
2025-11-05 19:50 ` Mateusz Guzik
2025-11-05 20:56 ` [syzbot] [fs?] BUG: sleeping function called from invalid context in hook_sb_delete syzbot
@ 2025-11-12 5:40 ` kernel test robot
2 siblings, 0 replies; 4+ messages in thread
From: kernel test robot @ 2025-11-12 5:40 UTC (permalink / raw)
To: Mickaël Salaün
Cc: oe-lkp, lkp, Christian Brauner, Edward Adam Davis,
Günther Noack, Hillf Danton, Jan Kara, Jann Horn,
Mateusz Guzik, Max Kellermann, Tingmao Wang, linux-fsdevel,
Mickaël Salaün, linux-security-module, Al Viro,
syzbot+12479ae15958fc3f54ec, oliver.sang
Hello,
kernel test robot noticed "BUG:sleeping_function_called_from_invalid_context_at_fs/inode.c" on:
commit: 29fb8368dfb5d1f784fd936cec578c9601d77325 ("[PATCH v1] fs: Move might_sleep() annotation to iput_final()")
url: https://github.com/intel-lab-lkp/linux/commits/Micka-l-Sala-n/fs-Move-might_sleep-annotation-to-iput_final/20251106-060704
patch link: https://lore.kernel.org/all/20251105193800.2340868-1-mic@digikod.net/
patch subject: [PATCH v1] fs: Move might_sleep() annotation to iput_final()
in testcase: boot
config: x86_64-rhel-9.4-rust
compiler: clang-20
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 32G
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202511121304.5e522f7b-lkp@intel.com
[ 18.387422][ T1] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 18.389429][ T1] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1, name: init
[ 18.390340][ T1] preempt_count: 1, expected: 0
[ 18.390892][ T1] RCU nest depth: 0, expected: 0
[ 18.391438][ T1] CPU: 1 UID: 0 PID: 1 Comm: init Not tainted 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 #1 PREEMPT(voluntary)
[ 18.391441][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 18.391443][ T1] Call Trace:
[ 18.392215][ T1] <TASK>
[ 18.392219][ T1] dump_stack_lvl (lib/dump_stack.c:123)
[ 18.392228][ T1] __might_resched (kernel/sched/core.c:8838)
[ 18.393064][ T1] iput (include/linux/kernel.h:61 fs/inode.c:1920 fs/inode.c:2010)
[ 18.393072][ T1] __dentry_kill (fs/dcache.c:?)
[ 18.393075][ T1] dput (fs/dcache.c:912)
[ 18.393077][ T1] __fput (fs/file_table.c:477)
[ 18.393081][ T1] __x64_sys_close (fs/open.c:1591)
[ 18.393082][ T1] do_syscall_64 (arch/x86/entry/syscall_64.c:?)
[ 18.393086][ T1] ? __x64_sys_connect (net/socket.c:2131 net/socket.c:2128 net/socket.c:2128)
[ 18.393098][ T1] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 18.393099][ T1] ? kmem_cache_alloc_noprof (include/linux/kernel.h:?)
[ 18.393104][ T1] ? alloc_empty_file (fs/file_table.c:238)
[ 18.393105][ T1] ? init_file (fs/file_table.c:174)
[ 18.393107][ T1] ? file_init_path (fs/file_table.c:326)
[ 18.393108][ T1] ? alloc_file_pseudo (fs/file_table.c:?)
[ 18.393110][ T1] ? sock_alloc_file (net/socket.c:?)
[ 18.393113][ T1] ? __sys_socket (net/socket.c:?)
[ 18.393115][ T1] ? __x64_sys_socket (net/socket.c:1765 net/socket.c:1763 net/socket.c:1763)
[ 18.393117][ T1] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 18.393119][ T1] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 18.393121][ T1] RIP: 0033:0x7fcfd14c3040
[ 18.393126][ T1] Code: 40 75 0b 31 c0 48 83 c4 08 e9 0c ff ff ff 48 8d 3d c5 99 09 00 e8 a0 3f 02 00 83 3d 9d 71 2d 00 00 75 10 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 9e b1 01 00 48 89 04 24
All code
========
0: 40 75 0b rex jne 0xe
3: 31 c0 xor %eax,%eax
5: 48 83 c4 08 add $0x8,%rsp
9: e9 0c ff ff ff jmp 0xffffffffffffff1a
e: 48 8d 3d c5 99 09 00 lea 0x999c5(%rip),%rdi # 0x999da
15: e8 a0 3f 02 00 call 0x23fba
1a: 83 3d 9d 71 2d 00 00 cmpl $0x0,0x2d719d(%rip) # 0x2d71be
21: 75 10 jne 0x33
23: b8 03 00 00 00 mov $0x3,%eax
28: 0f 05 syscall
2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction
30: 73 31 jae 0x63
32: c3 ret
33: 48 83 ec 08 sub $0x8,%rsp
37: e8 9e b1 01 00 call 0x1b1da
3c: 48 89 04 24 mov %rax,(%rsp)
Code starting with the faulting instruction
===========================================
0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax
6: 73 31 jae 0x39
8: c3 ret
9: 48 83 ec 08 sub $0x8,%rsp
d: e8 9e b1 01 00 call 0x1b1b0
12: 48 89 04 24 mov %rax,(%rsp)
[ 18.393128][ T1] RSP: 002b:00007ffd4cbc7398 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 18.393131][ T1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcfd14c3040
[ 18.393132][ T1] RDX: 00007fcfd1526f2c RSI: 0000000000000000 RDI: 0000000000000008
[ 18.393133][ T1] RBP: 0000000000000008 R08: 0000000000000003 R09: 0000000000000000
[ 18.393134][ T1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcfd221b6a0
[ 18.393135][ T1] R13: 00007fcfd15563cb R14: 00000000ffffffff R15: 0000000000000000
[ 18.393137][ T1] </TASK>
LKP: ttyS0: 86: skip deploy intel ucode as no ucode is specified
LKP: ttyS0: 86: Kernel tests: Boot OK!
LKP: ttyS0: 86: HOSTNAME vm-snb, MAC 52:54:00:12:34:56, kernel 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 1
[ 18.589452][ T181] udevd[181]: starting version 175
[ 18.598118][ T107] is_virt=true
[ 18.598124][ T107]
[ 18.603531][ T107] lkp: kernel tainted state: 512
[ 18.603537][ T107]
[ 18.612979][ T107] LKP: stdout: 86: Kernel tests: Boot OK!
[ 18.612986][ T107]
LKP: ttyS0: 86: /lkp/lkp/src/bin/run-lkp /lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml
[ 18.661802][ T107] LKP: stdout: 86: HOSTNAME vm-snb, MAC 52:54:00:12:34:56, kernel 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 1
[ 18.661809][ T107]
[ 18.676637][ T107] NO_NETWORK=
[ 18.676643][ T107]
[ 18.680228][ T200] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0
[ 18.690939][ T107] INFO: lkp CACHE_DIR is /tmp/cache
[ 18.690945][ T107]
[ 18.694448][ T200] i2c i2c-0: Memory type 0x07 not supported yet, not instantiating SPD
[ 18.761028][ T107] LKP: stdout: 86: /lkp/lkp/src/bin/run-lkp /lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml
[ 18.761038][ T107]
[ 18.781039][ T107] RESULT_ROOT=/result/boot/1/vm-snb/quantal-x86_64-core-20190426.cgz/x86_64-rhel-9.4-rust/clang-20/29fb8368dfb5d1f784fd936cec578c9601d77325/0
[ 18.781047][ T107]
[ 18.805586][ T107] job=/lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml
[ 18.805592][ T107]
[ 18.857299][ T201] libata version 3.00 loaded.
[ 18.872519][ T107] result_service: raw_upload, RESULT_MNT: /internal-lkp-server/result, RESULT_ROOT: /internal-lkp-server/result/boot/1/vm-snb/quantal-x86_64-core-20190426.cgz/x86_64-rhel-9.4-rust/clang-20/29fb8368dfb5d1f784fd936cec578c9601d77325/0, TMP_RESULT_ROOT: /tmp/lkp/result
[ 18.872526][ T107]
[ 18.880780][ T201] scsi host0: ata_piix
[ 18.899515][ T107] run-job /lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml
[ 18.899520][ T107]
[ 18.908385][ T201] scsi host1: ata_piix
[ 18.910926][ T201] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc140 irq 14 lpm-pol 0
[ 18.911964][ T201] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc148 irq 15 lpm-pol 0
[ 18.932209][ T107] /usr/bin/wget -nv --timeout=3600 --tries=1 --local-encoding=UTF-8 http://internal-lkp-server:80/~lkp/cgi-bin/lkp-jobfile-append-var?job_file=/lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml&job_state=running -O /dev/null
[ 18.932216][ T107]
[ 18.974405][ T212] ACPI: bus type drm_connector registered
[ 18.978482][ T1] init: failsafe main process (320) killed by TERM signal
[ 19.074983][ T307] ata2: found unknown device (class 0)
[ 19.076067][ T307] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100
[ 19.077908][ T12] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5
[ 19.099276][ T312] parport_pc 00:03: reported by Plug and Play ACPI
[ 19.104906][ T312] parport0: PC-style at 0x378, irq 7 [PCSPP,TRISTATE]
[ 19.190656][ T384] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray
[ 19.191608][ T384] cdrom: Uniform CD-ROM driver Revision: 3.20
[ 19.201172][ T212] bochs-drm 0000:00:02.0: vgaarb: deactivate vga console
[ 19.206902][ T212] Console: switching to colour dummy device 80x25
[ 19.207699][ T212] [drm] Found bochs VGA, ID 0xb0c5.
[ 19.208107][ T212] [drm] Framebuffer size 16384 kB @ 0xfd000000, mmio @ 0xfebf0000.
[ 19.209140][ T212] [drm] Initialized bochs-drm 1.0.0 for 0000:00:02.0 on minor 0
[ 19.216585][ T212] fbcon: bochs-drmdrmfb (fb0) is primary device
[ 19.233924][ T384] sr 1:0:0:0: Attached scsi CD-ROM sr0
[ 19.236779][ T212] Console: switching to colour frame buffer device 160x50
[ 19.296502][ T212] bochs-drm 0000:00:02.0: [drm] fb0: bochs-drmdrmfb frame buffer device
[ 19.300750][ T391] ppdev: user-space parallel port driver
[ 19.386935][ T82] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 19.387879][ T82] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 82, name: plymouthd
[ 19.388607][ T82] preempt_count: 1, expected: 0
[ 19.389718][ T82] RCU nest depth: 0, expected: 0
[ 19.391578][ T82] CPU: 1 UID: 0 PID: 82 Comm: plymouthd Tainted: G W 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 #1 PREEMPT(voluntary)
[ 19.391582][ T82] Tainted: [W]=WARN
[ 19.391583][ T82] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 19.391584][ T82] Call Trace:
[ 19.391587][ T82] <TASK>
[ 19.391590][ T82] dump_stack_lvl (lib/dump_stack.c:123)
[ 19.391599][ T82] __might_resched (kernel/sched/core.c:8838)
[ 19.391605][ T82] iput (include/linux/kernel.h:61 fs/inode.c:1920 fs/inode.c:2010)
[ 19.391609][ T82] __dentry_kill (fs/dcache.c:?)
[ 19.391613][ T82] dput (fs/dcache.c:912)
[ 19.391615][ T82] __fput (fs/file_table.c:477)
[ 19.391625][ T82] __x64_sys_close (fs/open.c:1591)
[ 19.391627][ T82] do_syscall_64 (arch/x86/entry/syscall_64.c:?)
[ 19.391631][ T82] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 19.391633][ T82] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 19.391635][ T82] ? __x64_sys_sendto (net/socket.c:2255 net/socket.c:2251 net/socket.c:2251)
[ 19.391645][ T82] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 19.391647][ T82] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 19.391650][ T82] RIP: 0033:0x7ff9cf9f9040
[ 19.391654][ T82] Code: 40 75 0b 31 c0 48 83 c4 08 e9 0c ff ff ff 48 8d 3d c5 99 09 00 e8 a0 3f 02 00 83 3d 9d 71 2d 00 00 75 10 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 9e b1 01 00 48 89 04 24
All code
========
0: 40 75 0b rex jne 0xe
3: 31 c0 xor %eax,%eax
5: 48 83 c4 08 add $0x8,%rsp
9: e9 0c ff ff ff jmp 0xffffffffffffff1a
e: 48 8d 3d c5 99 09 00 lea 0x999c5(%rip),%rdi # 0x999da
15: e8 a0 3f 02 00 call 0x23fba
1a: 83 3d 9d 71 2d 00 00 cmpl $0x0,0x2d719d(%rip) # 0x2d71be
21: 75 10 jne 0x33
23: b8 03 00 00 00 mov $0x3,%eax
28: 0f 05 syscall
2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction
30: 73 31 jae 0x63
32: c3 ret
33: 48 83 ec 08 sub $0x8,%rsp
37: e8 9e b1 01 00 call 0x1b1da
3c: 48 89 04 24 mov %rax,(%rsp)
Code starting with the faulting instruction
===========================================
0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax
6: 73 31 jae 0x39
8: c3 ret
9: 48 83 ec 08 sub $0x8,%rsp
d: e8 9e b1 01 00 call 0x1b1b0
12: 48 89 04 24 mov %rax,(%rsp)
[ 19.391656][ T82] RSP: 002b:00007ffd01a06c28 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 19.391659][ T82] RAX: ffffffffffffffda RBX: 0000000034e212e0 RCX: 00007ff9cf9f9040
[ 19.391661][ T82] RDX: 00007ffd01a06cbc RSI: 0000000034e212e0 RDI: 0000000000000007
[ 19.391662][ T82] RBP: 0000000034e20f50 R08: 00000000118a0360 R09: 7fffffffffffffff
[ 19.391664][ T82] R10: 3fffffffffffffff R11: 0000000000000246 R12: 0000000034e215a0
[ 19.391668][ T82] R13: 0000000034e21570 R14: 0000000000000058 R15: 0000000000000000
[ 19.391670][ T82] </TASK>
[ 19.684798][ C0] hrtimer: interrupt took 7335062 ns
[ 19.697123][ T109] 2025-11-10 18:26:34 URL:http://internal-lkp-server/~lkp/cgi-bin/lkp-jobfile-append-var?job_file=/lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml&job_state=running [0/0] -> "/dev/null" [1]
[ 19.773587][ T109]
[ 19.827552][ T107] target ucode:
[ 19.827558][ T107]
[ 19.854980][ T107] check_nr_cpu
[ 19.872576][ T107]
[ 19.875184][ T107] CPU(s): 2
[ 19.877090][ T107]
[ 19.888546][ T107] On-line CPU(s) list: 0,1
[ 19.888553][ T107]
[ 19.922264][ T107] Thread(s) per core: 1
[ 19.922272][ T107]
[ 19.925376][ T107] Core(s) per socket: 2
[ 19.925383][ T107]
[ 19.942720][ T107] Socket(s): 1
[ 19.942727][ T107]
[ 19.966452][ T107] NUMA node(s): 1
[ 19.966460][ T107]
[ 19.981930][ T107] NUMA node0 CPU(s): 0,1
[ 19.981942][ T107]
[ 20.557619][ T497] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 20.558839][ T497] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 497, name: udevd
[ 20.559927][ T497] preempt_count: 1, expected: 0
[ 20.562617][ T497] RCU nest depth: 0, expected: 0
[ 20.563969][ T497] CPU: 0 UID: 0 PID: 497 Comm: udevd Tainted: G W 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 #1 PREEMPT(voluntary)
[ 20.563978][ T497] Tainted: [W]=WARN
[ 20.563979][ T497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 20.563981][ T497] Call Trace:
[ 20.563986][ T497] <TASK>
[ 20.563989][ T497] dump_stack_lvl (lib/dump_stack.c:123)
[ 20.563999][ T497] __might_resched (kernel/sched/core.c:8838)
[ 20.564004][ T497] iput (include/linux/kernel.h:61 fs/inode.c:1920 fs/inode.c:2010)
[ 20.564008][ T497] __dentry_kill (fs/dcache.c:?)
[ 20.564012][ T497] shrink_dentry_list (fs/dcache.c:1114)
[ 20.564015][ T497] shrink_dcache_parent (fs/dcache.c:1550)
[ 20.564019][ T497] d_invalidate (fs/dcache.c:1660)
[ 20.564022][ T497] proc_invalidate_siblings_dcache (fs/proc/inode.c:143)
[ 20.564026][ T497] release_task (kernel/exit.c:292)
[ 20.564030][ T497] wait_consider_task (kernel/exit.c:1276)
[ 20.564033][ T497] ? do_wait (kernel/exit.c:1714)
[ 20.564035][ T497] __do_wait (kernel/exit.c:1640 kernel/exit.c:1674)
[ 20.564037][ T497] ? do_wait (kernel/exit.c:1714)
[ 20.564039][ T497] do_wait (kernel/exit.c:1716)
[ 20.564041][ T497] kernel_wait4 (kernel/exit.c:1874)
[ 20.564043][ T497] ? get_task_struct (kernel/exit.c:1599)
[ 20.564045][ T497] __x64_sys_wait4 (kernel/exit.c:1902 kernel/exit.c:1898 kernel/exit.c:1898)
[ 20.564048][ T497] do_syscall_64 (arch/x86/entry/syscall_64.c:?)
[ 20.564052][ T497] ? vfs_read (fs/read_write.c:492)
[ 20.564055][ T497] ? __x64_sys_read (fs/read_write.c:?)
[ 20.564056][ T497] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 20.564058][ T497] ? irqentry_exit (include/linux/rseq_entry.h:576 include/linux/irq-entry-common.h:271 include/linux/irq-entry-common.h:339 kernel/entry/common.c:196)
[ 20.564061][ T497] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 20.564064][ T497] RIP: 0033:0x7f0bbd443c3e
[ 20.564068][ T497] Code: 00 f7 d8 64 89 02 48 89 f8 eb cc 90 48 83 ec 28 8b 05 aa e5 2f 00 85 c0 75 1d 45 31 d2 48 63 d2 48 63 ff b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 48 83 c4 28 c3 89 54 24 08 48 89 74 24 10
All code
========
0: 00 f7 add %dh,%bh
2: d8 64 89 02 fsubs 0x2(%rcx,%rcx,4)
6: 48 89 f8 mov %rdi,%rax
9: eb cc jmp 0xffffffffffffffd7
b: 90 nop
c: 48 83 ec 28 sub $0x28,%rsp
10: 8b 05 aa e5 2f 00 mov 0x2fe5aa(%rip),%eax # 0x2fe5c0
16: 85 c0 test %eax,%eax
18: 75 1d jne 0x37
1a: 45 31 d2 xor %r10d,%r10d
1d: 48 63 d2 movslq %edx,%rdx
20: 48 63 ff movslq %edi,%rdi
23: b8 3d 00 00 00 mov $0x3d,%eax
28: 0f 05 syscall
2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction
30: 77 51 ja 0x83
32: 48 83 c4 28 add $0x28,%rsp
36: c3 ret
37: 89 54 24 08 mov %edx,0x8(%rsp)
3b: 48 89 74 24 10 mov %rsi,0x10(%rsp)
Code starting with the faulting instruction
===========================================
0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
6: 77 51 ja 0x59
8: 48 83 c4 28 add $0x28,%rsp
c: c3 ret
d: 89 54 24 08 mov %edx,0x8(%rsp)
11: 48 89 74 24 10 mov %rsi,0x10(%rsp)
[ 20.564071][ T497] RSP: 002b:00007fff65aecee0 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[ 20.564074][ T497] RAX: ffffffffffffffda RBX: 0000556a4924f6d0 RCX: 00007f0bbd443c3e
[ 20.564076][ T497] RDX: 0000000000000001 RSI: 00007fff65aedfe4 RDI: 00000000000001f2
[ 20.564077][ T497] RBP: 0000000000000000 R08: 000000001bb5db01 R09: 7fffffffffffffff
[ 20.564079][ T497] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff65af3948
[ 20.564080][ T497] R13: 00000000000001f2 R14: 0000556a49215250 R15: 00000000000003e8
[ 20.564083][ T497] </TASK>
[ 20.689253][ T1] init: networking main process (512) terminated with status 1
[ 21.005572][ T107] sleep started
[ 21.005581][ T107]
[ 22.006385][ T210] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 22.007457][ T210] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 210, name: run-lkp
[ 22.008482][ T210] preempt_count: 1, expected: 0
[ 22.009261][ T210] RCU nest depth: 0, expected: 0
[ 22.009992][ T210] CPU: 1 UID: 0 PID: 210 Comm: run-lkp Tainted: G W 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 #1 PREEMPT(voluntary)
[ 22.009996][ T210] Tainted: [W]=WARN
[ 22.009997][ T210] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 22.009999][ T210] Call Trace:
[ 22.010003][ T210] <TASK>
[ 22.010005][ T210] dump_stack_lvl (lib/dump_stack.c:123)
[ 22.010015][ T210] __might_resched (kernel/sched/core.c:8838)
[ 22.010021][ T210] iput (include/linux/kernel.h:61 fs/inode.c:1920 fs/inode.c:2010)
[ 22.010026][ T210] __dentry_kill (fs/dcache.c:?)
[ 22.010030][ T210] shrink_dentry_list (fs/dcache.c:1114)
[ 22.010034][ T210] shrink_dcache_parent (fs/dcache.c:1550)
[ 22.010037][ T210] d_invalidate (fs/dcache.c:1660)
[ 22.010040][ T210] proc_invalidate_siblings_dcache (fs/proc/inode.c:143)
[ 22.010046][ T210] release_task (kernel/exit.c:292)
[ 22.010051][ T210] wait_consider_task (kernel/exit.c:1276)
[ 22.010057][ T210] __do_wait (kernel/exit.c:1565 kernel/exit.c:1681)
[ 22.010059][ T210] ? do_wait (kernel/exit.c:1714)
[ 22.010061][ T210] do_wait (kernel/exit.c:1716)
[ 22.010063][ T210] kernel_wait4 (kernel/exit.c:1874)
[ 22.010066][ T210] ? get_task_struct (kernel/exit.c:1599)
[ 22.010069][ T210] __x64_sys_wait4 (kernel/exit.c:1902 kernel/exit.c:1898 kernel/exit.c:1898)
[ 22.010071][ T210] ? count_memcg_events (mm/memcontrol.c:? mm/memcontrol.c:847)
[ 22.010073][ T210] ? handle_mm_fault (mm/memory.c:6423)
[ 22.010078][ T210] do_syscall_64 (arch/x86/entry/syscall_64.c:?)
[ 22.010082][ T210] ? do_user_addr_fault (arch/x86/mm/fault.c:1337)
[ 22.010086][ T210] ? irqentry_exit (include/linux/rseq_entry.h:576 include/linux/irq-entry-common.h:271 include/linux/irq-entry-common.h:339 kernel/entry/common.c:196)
[ 22.010089][ T210] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 22.010093][ T210] RIP: 0033:0x7fe001e18c3e
[ 22.010097][ T210] Code: 00 f7 d8 64 89 02 48 89 f8 eb cc 90 48 83 ec 28 8b 05 aa e5 2f 00 85 c0 75 1d 45 31 d2 48 63 d2 48 63 ff b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 48 83 c4 28 c3 89 54 24 08 48 89 74 24 10
All code
========
0: 00 f7 add %dh,%bh
2: d8 64 89 02 fsubs 0x2(%rcx,%rcx,4)
6: 48 89 f8 mov %rdi,%rax
9: eb cc jmp 0xffffffffffffffd7
b: 90 nop
c: 48 83 ec 28 sub $0x28,%rsp
10: 8b 05 aa e5 2f 00 mov 0x2fe5aa(%rip),%eax # 0x2fe5c0
16: 85 c0 test %eax,%eax
18: 75 1d jne 0x37
1a: 45 31 d2 xor %r10d,%r10d
1d: 48 63 d2 movslq %edx,%rdx
20: 48 63 ff movslq %edi,%rdi
23: b8 3d 00 00 00 mov $0x3d,%eax
28: 0f 05 syscall
2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction
30: 77 51 ja 0x83
32: 48 83 c4 28 add $0x28,%rsp
36: c3 ret
37: 89 54 24 08 mov %edx,0x8(%rsp)
3b: 48 89 74 24 10 mov %rsi,0x10(%rsp)
Code starting with the faulting instruction
===========================================
0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
6: 77 51 ja 0x59
8: 48 83 c4 28 add $0x28,%rsp
c: c3 ret
d: 89 54 24 08 mov %edx,0x8(%rsp)
11: 48 89 74 24 10 mov %rsi,0x10(%rsp)
[ 22.010099][ T210] RSP: 002b:00007ffc8644ef50 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[ 22.010102][ T210] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fe001e18c3e
[ 22.010104][ T210] RDX: 0000000000000000 RSI: 00007ffc8644efb8 RDI: ffffffffffffffff
[ 22.010105][ T210] RBP: 000000003db55300 R08: 000000003db553c8 R09: 0000000000000001
[ 22.010107][ T210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 22.010108][ T210] R13: 0000000000000000 R14: 0000000000000000 R15: 00000000ffffffff
[ 22.010110][ T210] </TASK>
[ 22.147235][ T107] /usr/bin/wget -nv --timeout=3600 --tries=1 --local-encoding=UTF-8 http://internal-lkp-server:80/~lkp/cgi-bin/lkp-jobfile-append-var?job_file=/lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml&job_state=post_run -O /dev/null
[ 22.147244][ T107]
[ 22.859171][ T109] 2025-11-10 18:26:38 URL:http://internal-lkp-server/~lkp/cgi-bin/lkp-jobfile-append-var?job_file=/lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml&job_state=post_run [0/0] -> "/dev/null" [1]
[ 22.859180][ T109]
[ 23.872028][ T539] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 23.873181][ T539] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 539, name: post-run
[ 23.875374][ T539] preempt_count: 1, expected: 0
[ 23.876396][ T539] RCU nest depth: 0, expected: 0
[ 23.877455][ T539] CPU: 1 UID: 0 PID: 539 Comm: post-run Tainted: G W 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 #1 PREEMPT(voluntary)
[ 23.877459][ T539] Tainted: [W]=WARN
[ 23.877460][ T539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 23.877461][ T539] Call Trace:
[ 23.877465][ T539] <TASK>
[ 23.877467][ T539] dump_stack_lvl (lib/dump_stack.c:123)
[ 23.877475][ T539] __might_resched (kernel/sched/core.c:8838)
[ 23.877480][ T539] iput (include/linux/kernel.h:61 fs/inode.c:1920 fs/inode.c:2010)
[ 23.877484][ T539] __dentry_kill (fs/dcache.c:?)
[ 23.877488][ T539] dput (fs/dcache.c:912)
[ 23.877490][ T539] __fput (fs/file_table.c:477)
[ 23.877494][ T539] __x64_sys_close (fs/open.c:1591)
[ 23.877496][ T539] do_syscall_64 (arch/x86/entry/syscall_64.c:?)
[ 23.877499][ T539] ? handle_mm_fault (mm/memory.c:6423)
[ 23.877504][ T539] ? do_user_addr_fault (arch/x86/mm/fault.c:1337)
[ 23.877508][ T539] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 23.877510][ T539] ? irqentry_exit (include/linux/rseq_entry.h:576 include/linux/irq-entry-common.h:271 include/linux/irq-entry-common.h:339 kernel/entry/common.c:196)
[ 23.877513][ T539] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 23.877516][ T539] RIP: 0033:0x7f1031cde040
[ 23.877519][ T539] Code: 40 75 0b 31 c0 48 83 c4 08 e9 0c ff ff ff 48 8d 3d c5 99 09 00 e8 a0 3f 02 00 83 3d 9d 71 2d 00 00 75 10 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 9e b1 01 00 48 89 04 24
All code
========
0: 40 75 0b rex jne 0xe
3: 31 c0 xor %eax,%eax
5: 48 83 c4 08 add $0x8,%rsp
9: e9 0c ff ff ff jmp 0xffffffffffffff1a
e: 48 8d 3d c5 99 09 00 lea 0x999c5(%rip),%rdi # 0x999da
15: e8 a0 3f 02 00 call 0x23fba
1a: 83 3d 9d 71 2d 00 00 cmpl $0x0,0x2d719d(%rip) # 0x2d71be
21: 75 10 jne 0x33
23: b8 03 00 00 00 mov $0x3,%eax
28: 0f 05 syscall
2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction
30: 73 31 jae 0x63
32: c3 ret
33: 48 83 ec 08 sub $0x8,%rsp
37: e8 9e b1 01 00 call 0x1b1da
3c: 48 89 04 24 mov %rax,(%rsp)
Code starting with the faulting instruction
===========================================
0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax
6: 73 31 jae 0x39
8: c3 ret
9: 48 83 ec 08 sub $0x8,%rsp
d: e8 9e b1 01 00 call 0x1b1b0
12: 48 89 04 24 mov %rax,(%rsp)
[ 23.877521][ T539] RSP: 002b:00007fff879e0888 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 23.877524][ T539] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f1031cde040
[ 23.877525][ T539] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 0000000000000003
[ 23.877526][ T539] RBP: 0000000000000000 R08: 000000000000000a R09: 0000000000000000
[ 23.877527][ T539] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff879e08e4
[ 23.877528][ T539] R13: 0000000000000080 R14: 000000000000000a R15: 000000001dc63a08
[ 23.877530][ T539] </TASK>
[ 23.937654][ T107] kill 429 vmstat -n 10
[ 23.937662][ T107]
[ 23.944123][ T107] kill 425 cat /proc/kmsg
[ 23.944131][ T107]
[ 23.962000][ T107] wait for background processes: 435 432 oom-killer meminfo
[ 23.962008][ T107]
[ 24.972654][ T561] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 24.973813][ T561] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 561, name: post-run
[ 24.974943][ T561] preempt_count: 1, expected: 0
[ 24.975752][ T561] RCU nest depth: 0, expected: 0
[ 24.976454][ T561] CPU: 1 UID: 0 PID: 561 Comm: post-run Tainted: G W 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 #1 PREEMPT(voluntary)
[ 24.976459][ T561] Tainted: [W]=WARN
[ 24.976459][ T561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 24.976461][ T561] Call Trace:
[ 24.976464][ T561] <TASK>
[ 24.976466][ T561] dump_stack_lvl (lib/dump_stack.c:123)
[ 24.976476][ T561] __might_resched (kernel/sched/core.c:8838)
[ 24.976485][ T561] iput (include/linux/kernel.h:61 fs/inode.c:1920 fs/inode.c:2010)
[ 24.976489][ T561] __dentry_kill (fs/dcache.c:?)
[ 24.976492][ T561] shrink_dentry_list (fs/dcache.c:1114)
[ 24.976495][ T561] shrink_dcache_parent (fs/dcache.c:1550)
[ 24.976498][ T561] d_invalidate (fs/dcache.c:1660)
[ 24.976502][ T561] proc_invalidate_siblings_dcache (fs/proc/inode.c:143)
[ 24.976507][ T561] release_task (kernel/exit.c:292)
[ 24.976510][ T561] wait_consider_task (kernel/exit.c:1276)
[ 24.976513][ T561] __do_wait (kernel/exit.c:1565 kernel/exit.c:1681)
[ 24.976515][ T561] ? do_wait (kernel/exit.c:1714)
[ 24.976517][ T561] do_wait (kernel/exit.c:1716)
[ 24.976519][ T561] kernel_wait4 (kernel/exit.c:1874)
[ 24.976522][ T561] ? get_task_struct (kernel/exit.c:1599)
[ 24.976524][ T561] __x64_sys_wait4 (kernel/exit.c:1902 kernel/exit.c:1898 kernel/exit.c:1898)
[ 24.976526][ T561] ? _copy_to_user (arch/x86/include/asm/uaccess_64.h:126 arch/x86/include/asm/uaccess_64.h:134 arch/x86/include/asm/uaccess_64.h:147 include/linux/uaccess.h:204 lib/usercopy.c:26)
[ 24.976530][ T561] ? __x64_sys_rt_sigaction (include/linux/uaccess.h:232 kernel/signal.c:4648 kernel/signal.c:4629 kernel/signal.c:4629)
[ 24.976535][ T561] do_syscall_64 (arch/x86/entry/syscall_64.c:?)
[ 24.976538][ T561] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 24.976539][ T561] ? _copy_from_user (arch/x86/include/asm/uaccess_64.h:126 arch/x86/include/asm/uaccess_64.h:141 include/linux/uaccess.h:185 lib/usercopy.c:18)
[ 24.976541][ T561] ? __x64_sys_rt_sigprocmask (kernel/signal.c:3340)
[ 24.976544][ T561] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 24.976546][ T561] ? do_user_addr_fault (arch/x86/mm/fault.c:1337)
[ 24.976549][ T561] ? irqentry_exit (include/linux/rseq_entry.h:576 include/linux/irq-entry-common.h:271 include/linux/irq-entry-common.h:339 kernel/entry/common.c:196)
[ 24.976553][ T561] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 24.976556][ T561] RIP: 0033:0x7f1031cb6c3e
[ 24.976560][ T561] Code: 00 f7 d8 64 89 02 48 89 f8 eb cc 90 48 83 ec 28 8b 05 aa e5 2f 00 85 c0 75 1d 45 31 d2 48 63 d2 48 63 ff b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 48 83 c4 28 c3 89 54 24 08 48 89 74 24 10
All code
========
0: 00 f7 add %dh,%bh
2: d8 64 89 02 fsubs 0x2(%rcx,%rcx,4)
6: 48 89 f8 mov %rdi,%rax
9: eb cc jmp 0xffffffffffffffd7
b: 90 nop
c: 48 83 ec 28 sub $0x28,%rsp
10: 8b 05 aa e5 2f 00 mov 0x2fe5aa(%rip),%eax # 0x2fe5c0
16: 85 c0 test %eax,%eax
18: 75 1d jne 0x37
1a: 45 31 d2 xor %r10d,%r10d
1d: 48 63 d2 movslq %edx,%rdx
20: 48 63 ff movslq %edi,%rdi
23: b8 3d 00 00 00 mov $0x3d,%eax
28: 0f 05 syscall
2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction
30: 77 51 ja 0x83
32: 48 83 c4 28 add $0x28,%rsp
36: c3 ret
37: 89 54 24 08 mov %edx,0x8(%rsp)
3b: 48 89 74 24 10 mov %rsi,0x10(%rsp)
Code starting with the faulting instruction
===========================================
0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
6: 77 51 ja 0x59
8: 48 83 c4 28 add $0x28,%rsp
c: c3 ret
d: 89 54 24 08 mov %edx,0x8(%rsp)
11: 48 89 74 24 10 mov %rsi,0x10(%rsp)
[ 24.976562][ T561] RSP: 002b:00007fff879dfb10 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[ 24.976564][ T561] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1031cb6c3e
[ 24.976566][ T561] RDX: 0000000000000000 RSI: 00007fff879dfb78 RDI: ffffffffffffffff
[ 24.976567][ T561] RBP: 000000001dc65f00 R08: 000000001dc65f48 R09: 0000000000000000
[ 24.976568][ T561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 24.976570][ T561] R13: 0000000000000000 R14: 0000000000000000 R15: 00000000ffffffff
[ 24.976572][ T561] </TASK>
[ 26.014722][ T539] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 26.015763][ T539] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 539, name: post-run
[ 26.016818][ T539] preempt_count: 1, expected: 0
[ 26.017515][ T539] RCU nest depth: 0, expected: 0
[ 26.018261][ T539] CPU: 0 UID: 0 PID: 539 Comm: post-run Tainted: G W 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 #1 PREEMPT(voluntary)
[ 26.018266][ T539] Tainted: [W]=WARN
[ 26.018266][ T539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 26.018268][ T539] Call Trace:
[ 26.018271][ T539] <TASK>
[ 26.018274][ T539] dump_stack_lvl (lib/dump_stack.c:123)
[ 26.018284][ T539] __might_resched (kernel/sched/core.c:8838)
[ 26.018289][ T539] iput (include/linux/kernel.h:61 fs/inode.c:1920 fs/inode.c:2010)
[ 26.018293][ T539] __dentry_kill (fs/dcache.c:?)
[ 26.018296][ T539] dput (fs/dcache.c:912)
[ 26.018299][ T539] __fput (fs/file_table.c:477)
[ 26.018302][ T539] __x64_sys_close (fs/open.c:1591)
[ 26.018305][ T539] do_syscall_64 (arch/x86/entry/syscall_64.c:?)
[ 26.018309][ T539] ? mutex_lock (arch/x86/include/asm/current.h:25 kernel/locking/mutex.c:152 kernel/locking/mutex.c:273)
[ 26.018311][ T539] ? anon_pipe_read (fs/pipe.c:404)
[ 26.018313][ T539] ? arch_exit_to_user_mode_prepare (arch/x86/include/asm/entry-common.h:?)
[ 26.018317][ T539] ? vfs_read (fs/read_write.c:492)
[ 26.018319][ T539] ? __x64_sys_read (fs/read_write.c:?)
[ 26.018321][ T539] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 26.018323][ T539] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 26.018324][ T539] ? do_user_addr_fault (arch/x86/mm/fault.c:1337)
[ 26.018328][ T539] ? irqentry_exit (include/linux/rseq_entry.h:576 include/linux/irq-entry-common.h:271 include/linux/irq-entry-common.h:339 kernel/entry/common.c:196)
[ 26.018332][ T539] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 26.018334][ T539] RIP: 0033:0x7f1031cde040
[ 26.018338][ T539] Code: 40 75 0b 31 c0 48 83 c4 08 e9 0c ff ff ff 48 8d 3d c5 99 09 00 e8 a0 3f 02 00 83 3d 9d 71 2d 00 00 75 10 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 9e b1 01 00 48 89 04 24
All code
========
0: 40 75 0b rex jne 0xe
3: 31 c0 xor %eax,%eax
5: 48 83 c4 08 add $0x8,%rsp
9: e9 0c ff ff ff jmp 0xffffffffffffff1a
e: 48 8d 3d c5 99 09 00 lea 0x999c5(%rip),%rdi # 0x999da
15: e8 a0 3f 02 00 call 0x23fba
1a: 83 3d 9d 71 2d 00 00 cmpl $0x0,0x2d719d(%rip) # 0x2d71be
21: 75 10 jne 0x33
23: b8 03 00 00 00 mov $0x3,%eax
28: 0f 05 syscall
2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction
30: 73 31 jae 0x63
32: c3 ret
33: 48 83 ec 08 sub $0x8,%rsp
37: e8 9e b1 01 00 call 0x1b1da
3c: 48 89 04 24 mov %rax,(%rsp)
Code starting with the faulting instruction
===========================================
0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax
6: 73 31 jae 0x39
8: c3 ret
9: 48 83 ec 08 sub $0x8,%rsp
d: e8 9e b1 01 00 call 0x1b1b0
12: 48 89 04 24 mov %rax,(%rsp)
[ 26.018340][ T539] RSP: 002b:00007fff879e0888 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 26.018343][ T539] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f1031cde040
[ 26.018345][ T539] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 0000000000000003
[ 26.018346][ T539] RBP: 0000000000000000 R08: 000000000000000a R09: 0000000000000000
[ 26.018347][ T539] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff879e08e4
[ 26.018348][ T539] R13: 0000000000000080 R14: 000000000000000a R15: 000000001dc65a08
[ 26.018350][ T539] </TASK>
[ 27.079314][ T577] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 27.080408][ T577] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 577, name: grep
[ 27.081456][ T577] preempt_count: 1, expected: 0
[ 27.082233][ T577] RCU nest depth: 0, expected: 0
[ 27.082945][ T577] CPU: 0 UID: 0 PID: 577 Comm: grep Tainted: G W 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 #1 PREEMPT(voluntary)
[ 27.082949][ T577] Tainted: [W]=WARN
[ 27.082950][ T577] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 27.082951][ T577] Call Trace:
[ 27.082954][ T577] <TASK>
[ 27.082957][ T577] dump_stack_lvl (lib/dump_stack.c:123)
[ 27.082966][ T577] __might_resched (kernel/sched/core.c:8838)
[ 27.082972][ T577] iput (include/linux/kernel.h:61 fs/inode.c:1920 fs/inode.c:2010)
[ 27.082979][ T577] __dentry_kill (fs/dcache.c:?)
[ 27.082983][ T577] dput (fs/dcache.c:912)
[ 27.082986][ T577] __fput (fs/file_table.c:477)
[ 27.082989][ T577] task_work_run (kernel/task_work.c:235)
[ 27.082994][ T577] do_exit (kernel/exit.c:971)
[ 27.082997][ T577] do_group_exit (kernel/exit.c:1111)
[ 27.083000][ T577] __x64_sys_exit_group (kernel/exit.c:1122)
[ 27.083001][ T577] x64_sys_call (??:?)
[ 27.083004][ T577] do_syscall_64 (arch/x86/entry/syscall_64.c:?)
[ 27.083008][ T577] ? __x64_sys_close (fs/open.c:1591)
[ 27.083010][ T577] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 27.083011][ T577] ? do_user_addr_fault (arch/x86/mm/fault.c:1337)
[ 27.083015][ T577] ? irqentry_exit (include/linux/rseq_entry.h:576 include/linux/irq-entry-common.h:271 include/linux/irq-entry-common.h:339 kernel/entry/common.c:196)
[ 27.083018][ T577] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 27.083021][ T577] RIP: 0033:0x7f5f03de3408
[ 27.083024][ T577] Code: Unable to access opcode bytes at 0x7f5f03de33de.
Code starting with the faulting instruction
===========================================
[ 27.083025][ T577] RSP: 002b:00007ffd05f705b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 27.083028][ T577] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5f03de3408
[ 27.083029][ T577] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[ 27.083031][ T577] RBP: 00007f5f040d7820 R08: 00000000000000e7 R09: ffffffffffffffa0
[ 27.083032][ T577] R10: 00007f5f040ddb80 R11: 0000000000000246 R12: 00007f5f040d7820
[ 27.083033][ T577] R13: 0000000000000001 R14: 000000002f100438 R15: 000000000000000a
[ 27.083036][ T577] </TASK>
[ 28.126767][ T582] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 28.127828][ T582] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 582, name: grep
[ 28.128876][ T582] preempt_count: 1, expected: 0
[ 28.129633][ T582] RCU nest depth: 0, expected: 0
[ 28.130368][ T582] CPU: 1 UID: 0 PID: 582 Comm: grep Tainted: G W 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 #1 PREEMPT(voluntary)
[ 28.130373][ T582] Tainted: [W]=WARN
[ 28.130374][ T582] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 28.130375][ T582] Call Trace:
[ 28.130379][ T582] <TASK>
[ 28.130381][ T582] dump_stack_lvl (lib/dump_stack.c:123)
[ 28.130391][ T582] __might_resched (kernel/sched/core.c:8838)
[ 28.130396][ T582] iput (include/linux/kernel.h:61 fs/inode.c:1920 fs/inode.c:2010)
[ 28.130400][ T582] __dentry_kill (fs/dcache.c:?)
[ 28.130404][ T582] dput (fs/dcache.c:912)
[ 28.130407][ T582] __fput (fs/file_table.c:477)
[ 28.130410][ T582] task_work_run (kernel/task_work.c:235)
[ 28.130414][ T582] do_exit (kernel/exit.c:971)
[ 28.130418][ T582] ? get_page_from_freelist (mm/page_alloc.c:?)
[ 28.130421][ T582] do_group_exit (kernel/exit.c:1111)
[ 28.130423][ T582] __x64_sys_exit_group (kernel/exit.c:1122)
[ 28.130425][ T582] x64_sys_call (??:?)
[ 28.130428][ T582] do_syscall_64 (arch/x86/entry/syscall_64.c:?)
[ 28.130431][ T582] ? __x64_sys_close (fs/open.c:1591)
[ 28.130433][ T582] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 28.130435][ T582] ? __x64_sys_close (fs/open.c:1591)
[ 28.130436][ T582] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 28.130438][ T582] ? alloc_pages_mpol (mm/mempolicy.c:2481)
[ 28.130443][ T582] ? update_curr (kernel/sched/fair.c:1224)
[ 28.130445][ T582] ? place_entity (kernel/sched/fair.c:?)
[ 28.130447][ T582] ? kvm_sched_clock_read (arch/x86/kernel/kvmclock.c:91)
[ 28.130450][ T582] ? __smp_call_single_queue (kernel/smp.c:117)
[ 28.130454][ T582] ? native_smp_send_reschedule (arch/x86/kernel/apic/ipi.c:78)
[ 28.130457][ T582] ? ttwu_queue_wakelist (kernel/sched/core.c:? kernel/sched/core.c:3880)
[ 28.130459][ T582] ? try_to_wake_up (kernel/sched/core.c:4224)
[ 28.130460][ T582] ? tick_setup_sched_timer (kernel/time/tick-sched.c:307)
[ 28.130464][ T582] ? swake_up_one (include/linux/list.h:226 include/linux/list.h:295 kernel/sched/swait.c:31 kernel/sched/swait.c:53)
[ 28.130467][ T582] ? kvm_sched_clock_read (arch/x86/kernel/kvmclock.c:91)
[ 28.130469][ T582] ? sched_clock (arch/x86/include/asm/preempt.h:95 arch/x86/kernel/tsc.c:289)
[ 28.130477][ T582] ? sched_clock_cpu (kernel/sched/clock.c:397)
[ 28.130478][ T582] ? irqtime_account_irq (kernel/sched/cputime.c:67)
[ 28.130481][ T582] ? handle_softirqs (arch/x86/include/asm/preempt.h:27 kernel/softirq.c:407 kernel/softirq.c:468 kernel/softirq.c:654)
[ 28.130483][ T582] ? irqentry_exit (include/linux/rseq_entry.h:576 include/linux/irq-entry-common.h:271 include/linux/irq-entry-common.h:339 kernel/entry/common.c:196)
[ 28.130486][ T582] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 28.130488][ T582] RIP: 0033:0x7fe98a926408
[ 28.130491][ T582] Code: Unable to access opcode bytes at 0x7fe98a9263de.
Code starting with the faulting instruction
===========================================
[ 28.130493][ T582] RSP: 002b:00007ffc82246da8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 28.130496][ T582] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe98a926408
[ 28.130497][ T582] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[ 28.130498][ T582] RBP: 00007fe98ac1a820 R08: 00000000000000e7 R09: ffffffffffffffa0
[ 28.130499][ T582] R10: 00007fe98ac20b80 R11: 0000000000000246 R12: 00007fe98ac1a820
[ 28.130501][ T582] R13: 0000000000000001 R14: 0000000012c71014 R15: 000000000000000a
[ 28.130503][ T582] </TASK>
[ 28.839638][ T107] /usr/bin/wget -nv --timeout=3600 --tries=1 --local-encoding=UTF-8 http://internal-lkp-server:80/~lkp/cgi-bin/lkp-jobfile-append-var?job_file=/lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml&loadavg=0.78%200.19%200.06%201/108%20594&start_time=1762799196&end_time=1762799197&version=/lkp/lkp/.src-20251109-171750:1aad5493ad31-dirty:35b842bfeaee-dirty& -O /dev/null
[ 28.839648][ T107]
[ 29.442824][ T614] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 29.443836][ T614] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 614, name: wget
[ 29.444824][ T614] preempt_count: 1, expected: 0
[ 29.445535][ T614] RCU nest depth: 0, expected: 0
[ 29.446242][ T614] CPU: 1 UID: 0 PID: 614 Comm: wget Tainted: G W 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 #1 PREEMPT(voluntary)
[ 29.446246][ T614] Tainted: [W]=WARN
[ 29.446247][ T614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 29.446249][ T614] Call Trace:
[ 29.446252][ T614] <TASK>
[ 29.446255][ T614] dump_stack_lvl (lib/dump_stack.c:123)
[ 29.446265][ T614] __might_resched (kernel/sched/core.c:8838)
[ 29.446270][ T614] iput (include/linux/kernel.h:61 fs/inode.c:1920 fs/inode.c:2010)
[ 29.446274][ T614] __dentry_kill (fs/dcache.c:?)
[ 29.446278][ T614] dput (fs/dcache.c:912)
[ 29.446280][ T614] __fput (fs/file_table.c:477)
[ 29.446283][ T614] task_work_run (kernel/task_work.c:235)
[ 29.446287][ T614] do_exit (kernel/exit.c:971)
[ 29.446290][ T614] ? __lruvec_stat_mod_folio (include/linux/rcupdate.h:899 mm/memcontrol.c:798)
[ 29.446292][ T614] do_group_exit (kernel/exit.c:1111)
[ 29.446294][ T614] __x64_sys_exit_group (kernel/exit.c:1122)
[ 29.446296][ T614] x64_sys_call (??:?)
[ 29.446298][ T614] do_syscall_64 (arch/x86/entry/syscall_64.c:?)
[ 29.446300][ T614] ? filemap_map_pages (mm/filemap.c:3935)
[ 29.446307][ T614] ? count_memcg_events (mm/memcontrol.c:? mm/memcontrol.c:847)
[ 29.446308][ T614] ? handle_mm_fault (mm/memory.c:6423)
[ 29.446317][ T614] ? do_user_addr_fault (arch/x86/mm/fault.c:1337)
[ 29.446321][ T614] ? __x64_sys_close (fs/open.c:1591)
[ 29.446323][ T614] ? irqentry_exit (include/linux/rseq_entry.h:576 include/linux/irq-entry-common.h:271 include/linux/irq-entry-common.h:339 kernel/entry/common.c:196)
[ 29.446326][ T614] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 29.446329][ T614] RIP: 0033:0x7f69b74d2408
[ 29.446331][ T614] Code: Unable to access opcode bytes at 0x7f69b74d23de.
Code starting with the faulting instruction
===========================================
[ 29.446332][ T614] RSP: 002b:00007ffcd55f1d78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 29.446335][ T614] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f69b74d2408
[ 29.446337][ T614] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[ 29.446338][ T614] RBP: 00007f69b77c6820 R08: 00000000000000e7 R09: ffffffffffffffa0
[ 29.446339][ T614] R10: 00007f69b77cdfa8 R11: 0000000000000246 R12: 00007f69b77c6820
[ 29.446340][ T614] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000
[ 29.446343][ T614] </TASK>
[ 29.519252][ T107] /usr/bin/wget -nv --timeout=3600 --tries=1 --local-encoding=UTF-8 http://internal-lkp-server:80/~lkp/cgi-bin/lkp-jobfile-append-var?job_file=/lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml&job_state=finished -O /dev/null
[ 29.519260][ T107]
[ 29.555346][ T109] 2025-11-10 18:26:44 URL:http://internal-lkp-server/~lkp/cgi-bin/lkp-jobfile-append-var?job_file=/lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml&loadavg=0.78%200.19%200.06%201/108%20594&start_time=1762799196&end_time=1762799197&version=/lkp/lkp/.src-20251109-171750:1aad5493ad31-dirty:35b842bfeaee-dirty& [0/0] -> "/dev/null" [1]
[ 29.555355][ T109]
[ 30.276210][ T109] 2025-11-10 18:26:45 URL:http://internal-lkp-server/~lkp/cgi-bin/lkp-jobfile-append-var?job_file=/lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml&job_state=finished [0/0] -> "/dev/null" [1]
LKP: ttyS0: 86: LKP: rebooting forcely
[ 30.276218][ T109]
[ 30.285962][ T107] LKP: stdout: 86: LKP: rebooting forcely
[ 30.285968][ T107]
[ 30.324585][ T107] /usr/bin/wget -nv --timeout=3600 --tries=1 --local-encoding=UTF-8 http://internal-lkp-server:80/~lkp/cgi-bin/lkp-wtmp?tbox_name=vm-snb&tbox_state=rebooting&job_file=/lkp/jobs/scheduled/vm-meta-119/boot-1-quantal-x86_64-core-20190426.cgz-29fb8368dfb5-20251110-11844-dgg7hi-0.yaml -O /dev/null
[ 30.324593][ T107]
[ 31.152096][ T641] BUG: sleeping function called from invalid context at fs/inode.c:1920
[ 31.153357][ T641] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 641, name: wget
[ 31.154471][ T641] preempt_count: 1, expected: 0
[ 31.155280][ T641] RCU nest depth: 0, expected: 0
[ 31.156362][ T641] CPU: 1 UID: 0 PID: 641 Comm: wget Tainted: G W 6.18.0-rc4-next-20251105-00001-g29fb8368dfb5 #1 PREEMPT(voluntary)
[ 31.156367][ T641] Tainted: [W]=WARN
[ 31.156367][ T641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 31.156369][ T641] Call Trace:
[ 31.156392][ T641] <TASK>
[ 31.156395][ T641] dump_stack_lvl (lib/dump_stack.c:123)
[ 31.156408][ T641] __might_resched (kernel/sched/core.c:8838)
[ 31.156415][ T641] iput (include/linux/kernel.h:61 fs/inode.c:1920 fs/inode.c:2010)
[ 31.156420][ T641] __dentry_kill (fs/dcache.c:?)
[ 31.156423][ T641] dput (fs/dcache.c:912)
[ 31.156429][ T641] __fput (fs/file_table.c:477)
[ 31.156432][ T641] task_work_run (kernel/task_work.c:235)
[ 31.156436][ T641] do_exit (kernel/exit.c:971)
[ 31.156440][ T641] do_group_exit (kernel/exit.c:1111)
[ 31.156442][ T641] __x64_sys_exit_group (kernel/exit.c:1122)
[ 31.156444][ T641] x64_sys_call (??:?)
[ 31.156447][ T641] do_syscall_64 (arch/x86/entry/syscall_64.c:?)
[ 31.156451][ T641] ? count_memcg_events (mm/memcontrol.c:? mm/memcontrol.c:847)
[ 31.156453][ T641] ? handle_mm_fault (mm/memory.c:6423)
[ 31.156458][ T641] ? do_user_addr_fault (arch/x86/mm/fault.c:1337)
[ 31.156462][ T641] ? do_syscall_64 (arch/x86/include/asm/atomic64_64.h:15 include/linux/atomic/atomic-arch-fallback.h:2583 include/linux/atomic/atomic-long.h:38 include/linux/atomic/atomic-instrumented.h:3189 include/linux/unwind_deferred.h:37 include/linux/irq-entry-common.h:300 include/linux/entry-common.h:196 arch/x86/entry/syscall_64.c:100)
[ 31.156463][ T641] ? irqentry_exit (include/linux/rseq_entry.h:576 include/linux/irq-entry-common.h:271 include/linux/irq-entry-common.h:339 kernel/entry/common.c:196)
[ 31.156466][ T641] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 31.156468][ T641] RIP: 0033:0x7f07d32bf408
[ 31.156471][ T641] Code: Unable to access opcode bytes at 0x7f07d32bf3de.
Code starting with the faulting instruction
===========================================
[ 31.156472][ T641] RSP: 002b:00007ffc164c7eb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 31.156475][ T641] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f07d32bf408
[ 31.156477][ T641] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[ 31.156478][ T641] RBP: 00007f07d35b3820 R08: 00000000000000e7 R09: ffffffffffffffa0
[ 31.156479][ T641] R10: 00007f07d35bafa8 R11: 0000000000000246 R12: 00007f07d35b3820
[ 31.156480][ T641] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000
[ 31.156482][ T641] </TASK>
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20251112/202511121304.5e522f7b-lkp@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2025-11-12 5:40 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-11-05 19:37 [PATCH v1] fs: Move might_sleep() annotation to iput_final() Mickaël Salaün
2025-11-05 19:50 ` Mateusz Guzik
2025-11-05 20:56 ` [syzbot] [fs?] BUG: sleeping function called from invalid context in hook_sb_delete syzbot
2025-11-12 5:40 ` [PATCH v1] fs: Move might_sleep() annotation to iput_final() kernel test robot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).