From: kernel test robot <oliver.sang@intel.com>
To: Joel Fernandes <joel@joelfernandes.org>
Cc: <oe-lkp@lists.linux.dev>, <lkp@intel.com>, <oliver.sang@intel.com>
Subject: [jfern:rcu/dev] [rcu] 02bf38db37: kernel_BUG_at_kernel/irq_work.c
Date: Sun, 22 Mar 2026 21:39:23 +0800 [thread overview]
Message-ID: <202603222159.5c488888-lkp@intel.com> (raw)
Hello,
kernel test robot noticed "kernel_BUG_at_kernel/irq_work.c" on:
commit: 02bf38db37c44207e5fa4ee205148cea7588da7b ("rcu: Use an intermediate irq_work to start process_srcu()")
https://git.kernel.org/cgit/linux/kernel/git/jfern/linux.git rcu/dev
in testcase: boot
config: x86_64-rhel-9.4-rust
compiler: clang-20
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 32G
(please refer to attached dmesg/kmsg for entire log/backtrace)
+--------------------------------------------------------+------------+------------+
| | 15d921a7bb | 02bf38db37 |
+--------------------------------------------------------+------------+------------+
| kernel_BUG_at_kernel/irq_work.c | 0 | 12 |
| Oops:invalid_opcode:#[##]SMP_PTI | 0 | 12 |
| RIP:irq_work_run | 0 | 12 |
| RIP:_raw_spin_unlock_irqrestore | 0 | 12 |
| Kernel_panic-not_syncing:Fatal_exception_in_interrupt | 0 | 12 |
+--------------------------------------------------------+------------+------------+
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202603222159.5c488888-lkp@intel.com
[ 183.137027][ C0] ------------[ cut here ]------------
[ 183.145289][ C0] kernel BUG at kernel/irq_work.c:245!
[ 183.156864][ C0] Oops: invalid opcode: 0000 [#1] SMP PTI
[ 183.165652][ C0] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 7.0.0-rc3-00020-g02bf38db37c4 #1 PREEMPT(lazy)
[ 183.180127][ C0] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 183.216556][ C0] Workqueue: events_unbound fsnotify_mark_destroy_workfn
[ 183.227738][ C0] RIP: 0010:irq_work_run (kernel/irq_work.c:245)
[ 183.236511][ C0] Code: 00 41 83 e7 fc 89 e8 f0 44 0f b1 7b 08 48 f7 05 66 8d fc 01 00 02 00 00 75 bc 48 83 c3 18 48 89 df e8 f0 eb e2 ff eb ae 0f 0b <0f> 0b 66 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 66 66 66
All code
========
0: 00 41 83 add %al,-0x7d(%rcx)
3: e7 fc out %eax,$0xfc
5: 89 e8 mov %ebp,%eax
7: f0 44 0f b1 7b 08 lock cmpxchg %r15d,0x8(%rbx)
d: 48 f7 05 66 8d fc 01 testq $0x200,0x1fc8d66(%rip) # 0x1fc8d7e
14: 00 02 00 00
18: 75 bc jne 0xffffffffffffffd6
1a: 48 83 c3 18 add $0x18,%rbx
1e: 48 89 df mov %rbx,%rdi
21: e8 f0 eb e2 ff call 0xffffffffffe2ec16
26: eb ae jmp 0xffffffffffffffd6
28: 0f 0b ud2
2a:* 0f 0b ud2 <-- trapping instruction
2c: 66 66 66 66 66 66 2e data16 data16 data16 data16 data16 cs nopw 0x0(%rax,%rax,1)
33: 0f 1f 84 00 00 00 00
3a: 00
3b: 66 data16
3c: 66 data16
3d: 66 data16
3e: 66 data16
3f: 66 data16
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 66 66 66 66 66 66 2e data16 data16 data16 data16 data16 cs nopw 0x0(%rax,%rax,1)
9: 0f 1f 84 00 00 00 00
10: 00
11: 66 data16
12: 66 data16
13: 66 data16
14: 66 data16
15: 66 data16
[ 183.274716][ C0] RSP: 0018:ffffd18940003fc0 EFLAGS: 00010206
[ 183.296753][ C0] RAX: ffff8b330fb34000 RBX: 0000000000000000 RCX: 0000000000000246
[ 183.314903][ C0] RDX: ffff8b2b803d0080 RSI: 0000000000000006 RDI: ffff8b2b803d0000
[ 183.337107][ C0] RBP: 0000000000000022 R08: ffff8b2b803d0080 R09: ffff8b2b803d6480
[ 183.353704][ C0] R10: ffff8b2b803d6480 R11: 0000000000000000 R12: 0000000000000000
[ 183.371072][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000020
[ 183.392885][ C0] FS: 0000000000000000(0000) GS:ffff8b330fb34000(0000) knlGS:0000000000000000
[ 183.414110][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 183.423974][ C0] CR2: 00007f97ec300720 CR3: 0000000100b2e000 CR4: 00000000000006f0
[ 183.438156][ C0] Call Trace:
[ 183.442923][ C0] <IRQ>
[ 183.447191][ C0] __sysvec_irq_work (arch/x86/include/asm/jump_label.h:37 arch/x86/include/asm/trace/irq_vectors.h:63 arch/x86/kernel/irq_work.c:23)
[ 183.453059][ C0] sysvec_irq_work (arch/x86/kernel/irq_work.c:17)
[ 183.458722][ C0] </IRQ>
[ 183.462805][ C0] <TASK>
[ 183.466765][ C0] asm_sysvec_irq_work (arch/x86/include/asm/idtentry.h:733)
[ 183.472657][ C0] RIP: 0010:_raw_spin_unlock_irqrestore (include/linux/spinlock_api_smp.h:179)
[ 183.488894][ C0] Code: 00 00 00 66 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 c6 07 00 0f 1f 00 f7 c6 00 02 00 00 74 01 fb 65 ff 0d d5 4f a9 01 <74> 06 e9 3e 1e 00 00 cc e8 78 6a fd fe c3 cc cc cc cc cc 66 66 66
All code
========
0: 00 00 add %al,(%rax)
2: 00 66 66 add %ah,0x66(%rsi)
5: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1)
c: 00 00 00
f: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
14: c6 07 00 movb $0x0,(%rdi)
17: 0f 1f 00 nopl (%rax)
1a: f7 c6 00 02 00 00 test $0x200,%esi
20: 74 01 je 0x23
22: fb sti
23: 65 ff 0d d5 4f a9 01 decl %gs:0x1a94fd5(%rip) # 0x1a94fff
2a:* 74 06 je 0x32 <-- trapping instruction
2c: e9 3e 1e 00 00 jmp 0x1e6f
31: cc int3
32: e8 78 6a fd fe call 0xfffffffffefd6aaf
37: c3 ret
38: cc int3
39: cc int3
3a: cc int3
3b: cc int3
3c: cc int3
3d: 66 data16
3e: 66 data16
3f: 66 data16
Code starting with the faulting instruction
===========================================
0: 74 06 je 0x8
2: e9 3e 1e 00 00 jmp 0x1e45
7: cc int3
8: e8 78 6a fd fe call 0xfffffffffefd6a85
d: c3 ret
e: cc int3
f: cc int3
10: cc int3
11: cc int3
12: cc int3
13: 66 data16
14: 66 data16
15: 66 data16
[ 183.527720][ C0] RSP: 0018:ffffd1894006bd38 EFLAGS: 00000286
[ 183.535070][ C0] RAX: 0000000000000001 RBX: ffffffff90315060 RCX: 000000000000083f
[ 183.545762][ C0] RDX: 0000000000000000 RSI: 0000000000000286 RDI: ffff8b2b80ac6e50
[ 183.556083][ C0] RBP: fffffffffffffe74 R08: ffffffff900f6a30 R09: 000000361b440d54
[ 183.566699][ C0] R10: 755f73746e657665 R11: ffffffff8d6a6280 R12: 0000000000000286
[ 183.577073][ C0] R13: ffffffff8f756001 R14: ffff8b2b80ac6e00 R15: fffffffffffffffc
[ 183.601898][ C0] ? kvm_restore_sched_clock_state (arch/x86/include/asm/preempt.h:80 arch/x86/kernel/kvmclock.c:79 arch/x86/kernel/kvmclock.c:87)
[ 183.615642][ C0] srcu_gp_start_if_needed (include/linux/srcutree.h:247)
[ 183.658989][ C0] __synchronize_srcu (kernel/rcu/srcutree.c:1493)
[ 183.665869][ C0] ? rcu_test_sync_prims (kernel/rcu/update.c:403)
[ 183.672861][ C0] fsnotify_mark_destroy_workfn (fs/notify/mark.c:1108)
[ 183.688708][ C0] process_scheduled_works (kernel/workqueue.c:3280)
[ 183.701765][ C0] worker_thread (include/linux/list.h:381 kernel/workqueue.c:949 kernel/workqueue.c:3440)
[ 183.712073][ C0] ? pr_cont_work (kernel/workqueue.c:3385)
[ 183.723037][ C0] kthread (kernel/kthread.c:438)
[ 183.731491][ C0] ? kthread_blkcg (kernel/kthread.c:381)
[ 183.741270][ C0] ret_from_fork (arch/x86/kernel/process.c:164)
[ 183.752674][ C0] ? kthread_blkcg (kernel/kthread.c:381)
[ 183.763600][ C0] ret_from_fork_asm (arch/x86/entry/entry_64.S:255)
[ 183.774808][ C0] </TASK>
[ 183.785962][ C0] Modules linked in:
[ 183.798169][ C0] ---[ end trace 0000000000000000 ]---
[ 183.808284][ C0] RIP: 0010:irq_work_run (kernel/irq_work.c:245)
[ 183.819822][ C0] Code: 00 41 83 e7 fc 89 e8 f0 44 0f b1 7b 08 48 f7 05 66 8d fc 01 00 02 00 00 75 bc 48 83 c3 18 48 89 df e8 f0 eb e2 ff eb ae 0f 0b <0f> 0b 66 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 66 66 66
All code
========
0: 00 41 83 add %al,-0x7d(%rcx)
3: e7 fc out %eax,$0xfc
5: 89 e8 mov %ebp,%eax
7: f0 44 0f b1 7b 08 lock cmpxchg %r15d,0x8(%rbx)
d: 48 f7 05 66 8d fc 01 testq $0x200,0x1fc8d66(%rip) # 0x1fc8d7e
14: 00 02 00 00
18: 75 bc jne 0xffffffffffffffd6
1a: 48 83 c3 18 add $0x18,%rbx
1e: 48 89 df mov %rbx,%rdi
21: e8 f0 eb e2 ff call 0xffffffffffe2ec16
26: eb ae jmp 0xffffffffffffffd6
28: 0f 0b ud2
2a:* 0f 0b ud2 <-- trapping instruction
2c: 66 66 66 66 66 66 2e data16 data16 data16 data16 data16 cs nopw 0x0(%rax,%rax,1)
33: 0f 1f 84 00 00 00 00
3a: 00
3b: 66 data16
3c: 66 data16
3d: 66 data16
3e: 66 data16
3f: 66 data16
Code starting with the faulting instruction
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20260322/202603222159.5c488888-lkp@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
reply other threads:[~2026-03-22 13:39 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202603222159.5c488888-lkp@intel.com \
--to=oliver.sang@intel.com \
--cc=joel@joelfernandes.org \
--cc=lkp@intel.com \
--cc=oe-lkp@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox