syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1342]
Subsystems
🐞 Fixed [7091]
🐞 Invalid [18728]
Missing Backports [220]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

BUG: sleeping function called from invalid context in jfs_fsync

Status: upstream: reported C repro on 2025/02/24 05:02
Subsystems: jfs
[Documentation on labels]
Reported-by: syzbot+c266ffd7d9f1769517ec@syzkaller.appspotmail.com
First crash: 451d, last: 142d
✨ AI Jobs (1)
ID Workflow Result Correct Bug Created Started Finished Revision Error
f30adfe2-44d1-4fdd-8454-770148e08c1b assessment-security 💥 BUG: sleeping function called from invalid context in jfs_fsync 2026/05/15 07:23 2026/05/15 07:23 2026/05/15 07:24 6ccb967e465e832a7bfd7a116ad00d52a0923a5d failed to run ["git" "-c" "core.hooksPath=/dev/null" "checkout" "e6747d19291c54f939c2eab76dee2753686398a7"]: exit status 128 Previous HEAD position was 971199ad2a0f Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux fatal: update_ref failed for ref 'HEAD': cannot lock ref 'HEAD': Unable to create '/app/workdir/repo/linux/.git/HEAD.lock': File exists. Another git process seems to be running in this repository, e.g. an editor opened by 'git commit'. Please make sure all processes are terminated then try again. If it still fails, a git process may have crashed in this repository earlier: remove the file manually to continue.
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [jfs?] BUG: sleeping function called from invalid context in jfs_fsync 0 (1) 2025/02/24 05:02
Similar bugs (1)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 BUG: sleeping function called from invalid context in jfs_fsync origin:upstream 5 C error 6 442d 443d 0/3 upstream: reported C repro on 2025/02/28 03:26
Last patch testing requests (10)
Created Duration User Patch Repo Result
2026/05/15 05:28 35m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci OK log
2026/05/15 05:17 30m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci OK log
2026/05/01 13:12 45m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci error
2026/03/06 02:49 1h11m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci error
2026/03/06 02:48 57m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci error
2026/02/19 23:17 30m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci error
2026/02/19 22:40 38m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci error
2025/12/25 21:48 27m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci report log
2025/12/11 21:15 22m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci report log
2025/10/02 19:59 57m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci report log

Sample crash report:
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1576
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 11, name: kworker/u8:0
preempt_count: 101, expected: 0
RCU nest depth: 0, expected: 0
2 locks held by kworker/u8:0/11:
 #0: ffff0000c0031148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3210
 #1: ffff800097d37ba0 (connector_reaper_work){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3210
Preemption disabled at:
[<ffff80008050c870>] spin_lock_irqsave_ssp_contention+0x74/0x2fc kernel/rcu/srcutree.c:391
CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.14.0-rc3-syzkaller-ge6747d19291c #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Workqueue: events_unbound fsnotify_connector_destroy_workfn
Call trace:
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120
 dump_stack+0x1c/0x28 lib/dump_stack.c:129
 __might_resched+0x374/0x4d0 kernel/sched/core.c:8767
 __might_sleep+0x90/0xe4 kernel/sched/core.c:8696
 down_write+0x28/0xc0 kernel/locking/rwsem.c:1576
 inode_lock include/linux/fs.h:877 [inline]
 jfs_fsync+0xa0/0x1d4 fs/jfs/file.c:28
 vfs_fsync_range+0x160/0x19c fs/sync.c:187
 generic_write_sync include/linux/fs.h:2970 [inline]
 dio_complete+0x510/0x6b8 fs/direct-io.c:313
 dio_bio_end_aio+0x488/0x550 fs/direct-io.c:368
 bio_endio+0x840/0x87c block/bio.c:1548
 blk_update_request+0x4ac/0xda0 block/blk-mq.c:983
 blk_mq_end_request+0x54/0x88 block/blk-mq.c:1145
 lo_complete_rq+0x188/0x2f4 drivers/block/loop.c:395
 blk_complete_reqs block/blk-mq.c:1220 [inline]
 blk_done_softirq+0x11c/0x168 block/blk-mq.c:1225
 handle_softirqs+0x320/0xd34 kernel/softirq.c:561
 __do_softirq+0x14/0x20 kernel/softirq.c:595
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:442 [inline]
 __irq_exit_rcu+0x1d8/0x544 kernel/softirq.c:662
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:678
 __el1_irq arch/arm64/kernel/entry-common.c:561 [inline]
 el1_interrupt+0x38/0x68 arch/arm64/kernel/entry-common.c:575
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P)
 arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P)
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] (P)
 _raw_spin_unlock_irqrestore+0x44/0x98 kernel/locking/spinlock.c:194 (P)
 spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
 srcu_funnel_gp_start kernel/rcu/srcutree.c:1093 [inline]
 srcu_gp_start_if_needed+0xdf0/0x11fc kernel/rcu/srcutree.c:1339
 __call_srcu kernel/rcu/srcutree.c:1384 [inline]
 __synchronize_srcu+0x2f0/0x3a0 kernel/rcu/srcutree.c:1432
 synchronize_srcu+0x2e0/0x38c
 fsnotify_connector_destroy_workfn+0x48/0xac fs/notify/mark.c:318
 process_one_work+0x810/0x1638 kernel/workqueue.c:3236
 process_scheduled_works kernel/workqueue.c:3317 [inline]
 worker_thread+0x97c/0xeec kernel/workqueue.c:3398
 kthread+0x65c/0x7b0 kernel/kthread.c:464
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862

=============================
[ BUG: Invalid wait context ]
6.14.0-rc3-syzkaller-ge6747d19291c #0 Tainted: G        W         
-----------------------------
kworker/u8:0/11 is trying to lock:
ffff0000dcaad870 (&sb->s_type->i_mutex_key#16){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:877 [inline]
ffff0000dcaad870 (&sb->s_type->i_mutex_key#16){+.+.}-{4:4}, at: jfs_fsync+0xa0/0x1d4 fs/jfs/file.c:28
other info that might help us debug this:
context-{3:3}
2 locks held by kworker/u8:0/11:
 #0: ffff0000c0031148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3210
 #1: ffff800097d37ba0 (connector_reaper_work){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3210
stack backtrace:
CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Tainted: G        W          6.14.0-rc3-syzkaller-ge6747d19291c #0
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Workqueue: events_unbound fsnotify_connector_destroy_workfn
Call trace:
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120
 dump_stack+0x1c/0x28 lib/dump_stack.c:129
 print_lock_invalid_wait_context kernel/locking/lockdep.c:4828 [inline]
 check_wait_context kernel/locking/lockdep.c:4900 [inline]
 __lock_acquire+0x2034/0x7904 kernel/locking/lockdep.c:5178
 lock_acquire+0x23c/0x724 kernel/locking/lockdep.c:5851
 down_write+0x50/0xc0 kernel/locking/rwsem.c:1577
 inode_lock include/linux/fs.h:877 [inline]
 jfs_fsync+0xa0/0x1d4 fs/jfs/file.c:28
 vfs_fsync_range+0x160/0x19c fs/sync.c:187
 generic_write_sync include/linux/fs.h:2970 [inline]
 dio_complete+0x510/0x6b8 fs/direct-io.c:313
 dio_bio_end_aio+0x488/0x550 fs/direct-io.c:368
 bio_endio+0x840/0x87c block/bio.c:1548
 blk_update_request+0x4ac/0xda0 block/blk-mq.c:983
 blk_mq_end_request+0x54/0x88 block/blk-mq.c:1145
 lo_complete_rq+0x188/0x2f4 drivers/block/loop.c:395
 blk_complete_reqs block/blk-mq.c:1220 [inline]
 blk_done_softirq+0x11c/0x168 block/blk-mq.c:1225
 handle_softirqs+0x320/0xd34 kernel/softirq.c:561
 __do_softirq+0x14/0x20 kernel/softirq.c:595
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:442 [inline]
 __irq_exit_rcu+0x1d8/0x544 kernel/softirq.c:662
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:678
 __el1_irq arch/arm64/kernel/entry-common.c:561 [inline]
 el1_interrupt+0x38/0x68 arch/arm64/kernel/entry-common.c:575
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P)
 arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P)
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] (P)
 _raw_spin_unlock_irqrestore+0x44/0x98 kernel/locking/spinlock.c:194 (P)
 spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
 srcu_funnel_gp_start kernel/rcu/srcutree.c:1093 [inline]
 srcu_gp_start_if_needed+0xdf0/0x11fc kernel/rcu/srcutree.c:1339
 __call_srcu kernel/rcu/srcutree.c:1384 [inline]
 __synchronize_srcu+0x2f0/0x3a0 kernel/rcu/srcutree.c:1432
 synchronize_srcu+0x2e0/0x38c
 fsnotify_connector_destroy_workfn+0x48/0xac fs/notify/mark.c:318
 process_one_work+0x810/0x1638 kernel/workqueue.c:3236
 process_scheduled_works kernel/workqueue.c:3317 [inline]
 worker_thread+0x97c/0xeec kernel/workqueue.c:3398
 kthread+0x65c/0x7b0 kernel/kthread.c:464
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/02/20 06:07 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci e6747d19291c cbd8edab .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci-upstream-gce-arm64 BUG: sleeping function called from invalid context in jfs_fsync
2025/02/20 07:02 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci e6747d19291c cbd8edab .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci-upstream-gce-arm64 BUG: sleeping function called from invalid context in jfs_fsync
2025/02/20 04:55 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci e6747d19291c cbd8edab .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: sleeping function called from invalid context in jfs_fsync
* Struck through repros no longer work on HEAD.