syzbot

 sign-in | mailing list | source | docs
🐞 Open [1518]
Subsystems
🐞 Fixed [6645]
🐞 Invalid [17028]
Missing Backports [214]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING: locking bug in rcu_pending_exit

Status: upstream: reported C repro on 2024/10/21 23:24
Subsystems: bcachefs
[Documentation on labels]
Reported-by: syzbot+8d7226784b8fcb4c9d04@syzkaller.appspotmail.com
First crash: 361d, last: 19d
Cause bisection: introduced by (bisect log) :
commit 5db755fbb1a0de4a4cfd5d5edfaa19853b9c56e6
Author: Christoph Hellwig <hch@lst.de>
Date: Fri May 31 07:47:56 2024 +0000

  ubd: refactor the interrupt handler

Crash: BUG: unable to handle kernel NULL pointer dereference in srcu_invoke_callbacks (log)
Repro: C syz .config
  
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [bcachefs?] WARNING: locking bug in rcu_pending_exit 0 (3) 2024/12/01 20:03
Last patch testing requests (10)
Created Duration User Patch Repo Result
2025/09/19 03:25 21m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci report log
2025/09/19 03:25 27m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci report log
2025/08/13 02:40 46m retest repro upstream report log
2025/08/05 03:45 22m retest repro upstream report log
2025/08/05 03:45 18m retest repro upstream report log
2025/07/11 01:44 24m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci report log
2025/07/11 01:44 23m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci report log
2025/06/02 22:39 15m retest repro upstream report log
2025/05/12 07:25 27m retest repro upstream report log
2025/05/12 07:25 37m retest repro upstream report log
Fix bisection attempts (5)
Created Duration User Patch Repo Result
2025/09/24 10:36 2h38m bisect fix upstream OK (0) job log log
2025/08/22 06:41 2h15m bisect fix upstream OK (0) job log log
2025/07/21 00:05 3h37m bisect fix upstream OK (0) job log log
2025/06/20 03:49 2h25m bisect fix upstream OK (0) job log log
2025/05/19 13:35 2h27m bisect fix upstream OK (0) job log log

Sample crash report:
bcachefs (loop0): done going read-only, filesystem not clean
bcachefs (loop0): shutdown complete
------------[ cut here ]------------
Looking for class "lock" with key rcu_pending_init.__key, but found a different class "&p->lock" with the same key
WARNING: CPU: 0 PID: 5818 at kernel/locking/lockdep.c:939 look_up_lock_class+0xdc/0x170 kernel/locking/lockdep.c:936
Modules linked in:
CPU: 0 UID: 0 PID: 5818 Comm: syz-executor265 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
RIP: 0010:look_up_lock_class+0xdc/0x170 kernel/locking/lockdep.c:936
Code: 01 0f 85 8a 00 00 00 c6 05 42 f3 41 04 01 90 49 8b 16 49 8b 76 18 48 8b 8b b8 00 00 00 48 c7 c7 e0 b8 0a 8c e8 55 87 9f f5 90 <0f> 0b 90 90 eb 61 90 e8 28 2d f6 f8 e8 83 e3 be f5 48 c7 c7 20 b8
RSP: 0018:ffffc90003def750 EFLAGS: 00010046
RAX: a9658f60e5397f00 RBX: ffffffff93c40650 RCX: ffff88807e5dda00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90003def860 R08: ffffffff81600962 R09: 1ffff110170c519a
R10: dffffc0000000000 R11: ffffed10170c519b R12: ffffe8ffffd384e0
R13: ffffe8ffffd384e0 R14: ffffe8ffffd384e0 R15: ffffffff9a51ad20
FS:  0000555577abd380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f562737b000 CR3: 0000000034c48000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 register_lock_class+0x102/0x980 kernel/locking/lockdep.c:1290
 __lock_acquire+0xf3/0x2100 kernel/locking/lockdep.c:5101
 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849
 __raw_spin_lock_irq include/linux/spinlock_api_smp.h:119 [inline]
 _raw_spin_lock_irq+0xd3/0x120 kernel/locking/spinlock.c:170
 spin_lock_irq include/linux/spinlock.h:376 [inline]
 rcu_pending_has_pending_or_armed fs/bcachefs/rcu_pending.c:576 [inline]
 rcu_pending_exit+0x13f/0x7a0 fs/bcachefs/rcu_pending.c:594
 bch2_fs_btree_key_cache_exit+0x97f/0xab0 fs/bcachefs/btree_key_cache.c:741
 __bch2_fs_free fs/bcachefs/super.c:556 [inline]
 bch2_fs_release+0x206/0x7d0 fs/bcachefs/super.c:611
 kobject_cleanup lib/kobject.c:689 [inline]
 kobject_release lib/kobject.c:720 [inline]
 kref_put include/linux/kref.h:65 [inline]
 kobject_put+0x22f/0x480 lib/kobject.c:737
 deactivate_locked_super+0xc4/0x130 fs/super.c:473
 cleanup_mnt+0x41f/0x4b0 fs/namespace.c:1373
 task_work_run+0x24f/0x310 kernel/task_work.c:239
 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:114 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0x13f/0x340 kernel/entry/common.c:218
 do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f562ef32137
Code: 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
RSP: 002b:00007ffc3c0daab8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f562ef32137
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc3c0dab70
RBP: 00007ffc3c0dab70 R08: 0000000000000000 R09: 0000000000000000
R10: 00000000ffffffff R11: 0000000000000206 R12: 00007ffc3c0dbbe0
R13: 0000555577abe6c0 R14: 0000000000025b53 R15: 000000000000003a
 </TASK>

Crashes (25):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/12/15 07:46 upstream a0e3919a2df2 7cbfbb3a .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2024/11/30 21:46 upstream 2ba9f676d0a2 68914665 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2025/01/26 02:03 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 1950a0af2d55 9fbd772e .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-gce-arm64 WARNING: locking bug in rcu_pending_exit
2025/01/16 11:41 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 6251d1776bc5 968edaf4 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-gce-arm64 WARNING: locking bug in rcu_pending_exit
2025/02/24 14:06 upstream d082ecbc71e9 d34966d1 .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro #1] [mounted in repro #2 (clean fs)] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2024/12/26 15:40 upstream 9b2ffa6148b1 d3ccff63 .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2025/04/17 03:50 upstream c62f4b82d571 a95239b1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2025/03/24 19:57 upstream 38fec10eb60d 875573af .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2025/03/15 14:33 upstream a29967be967e e2826670 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2025/02/24 00:46 upstream d082ecbc71e9 d34966d1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2025/02/17 20:36 upstream 0ad2507d5d93 4121cf9d .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2025/01/30 12:14 upstream 805ba04cb7cc afe4eff5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2025/01/22 12:01 upstream c4b9570cfb63 da72ac06 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2025/01/03 11:50 upstream 0bc21e701a6f d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2024/10/17 23:16 upstream 6efbea77b390 666f77ed .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs WARNING: locking bug in rcu_pending_exit
2025/03/22 11:11 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a2392f333575 c6512ef7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING: locking bug in rcu_pending_exit
2025/03/22 10:17 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a2392f333575 c6512ef7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING: locking bug in rcu_pending_exit
2025/03/13 11:05 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 78e3fd2b7e4b 44be8b44 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING: locking bug in rcu_pending_exit
2025/01/19 20:03 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 1950a0af2d55 f2cb035c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING: locking bug in rcu_pending_exit
2025/01/10 22:57 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 6251d1776bc5 67d7ec0a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING: locking bug in rcu_pending_exit
2024/12/13 08:46 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2e7aff49b5da 3547e30f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING: locking bug in rcu_pending_exit
2024/12/04 01:06 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 7b1d1d4cfac0 b50eb251 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING: locking bug in rcu_pending_exit
2024/11/20 08:13 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 7b1d1d4cfac0 7d02db5a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING: locking bug in rcu_pending_exit
2024/11/14 02:44 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 8e9a54d7181b a8c99394 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING: locking bug in rcu_pending_exit
2024/11/13 10:21 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci baa007e8da32 62026c85 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING: locking bug in rcu_pending_exit
* Struck through repros no longer work on HEAD.