syzbot

 sign-in | mailing list | source | docs
🐞 Open [858]
🐞 Fixed [87]
🐞 Invalid [1342]
Missing Backports [131]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

BUG: sleeping function called from invalid context in __getblk_gfp

Status: auto-obsoleted due to no activity on 2026/05/19 05:05
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+04432b64d3da7935f979@syzkaller.appspotmail.com
First crash: 1180d, last: 784d
Bug presence (3)
Date Name Commit Repro Result
2025/05/28 linux-5.15.y (ToT) 98f47d0e9b8c C [report] KASAN: use-after-free Read in sysv_new_inode
2024/12/28 upstream (ToT) fd0584d220fe C [report] KASAN: slab-out-of-bounds Read in sysv_new_inode
2025/05/28 upstream (ToT) aacc73ceeb8b C Didn't crash
Similar bugs (2)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream BUG: sleeping function called from invalid context in __getblk_gfp fs 5 C error done 3673 892d 1286d 25/29 fixed on 2024/04/10 03:59
linux-6.1 BUG: sleeping function called from invalid context in __getblk_gfp origin:lts-only 5 C inconclusive 277 784d 1180d 0/3 upstream: reported C repro on 2023/03/14 21:24
Last patch testing requests (7)
Created Duration User Patch Repo Result
2026/05/19 04:36 27m retest repro linux-5.15.y OK log
2026/03/05 19:54 20m retest repro linux-5.15.y report log
2025/12/25 15:40 16m retest repro linux-5.15.y report log
2025/10/16 00:59 21m retest repro linux-5.15.y report log
2025/08/07 00:02 16m retest repro linux-5.15.y report log
2025/05/17 18:29 22m retest repro linux-5.15.y report log
2025/03/06 15:19 17m retest repro linux-5.15.y report log
Fix bisection attempts (7)
Created Duration User Patch Repo Result
2026/03/24 20:08 1m fix candidate upstream error job log
2026/02/22 11:45 48m fix candidate upstream error job log
2026/01/23 01:19 1m fix candidate upstream error job log
2025/05/29 13:07 1m fix candidate upstream error job log
2024/09/22 11:22 37m fix candidate upstream error job log
2024/08/14 23:29 0m fix candidate upstream error job log
2024/04/21 10:53 1m fix candidate upstream error job log

Sample crash report:
Buffer I/O error on dev loop0, logical block 8073606, async page read
BUG: sleeping function called from invalid context at fs/buffer.c:1334
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 10690, name: syz-executor.0
3 locks held by syz-executor.0/10690:
 #0: ffff888061854d70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2cb/0x380 fs/file.c:1088
 #1: ffff888062550188 (&type->i_mutex_dir_key#19){.+.+}-{3:3}, at: iterate_dir+0x10a/0x570 fs/readdir.c:55
 #2: ffffffff8cba0f38 (pointers_lock#2){.+.+}-{2:2}, at: get_block+0x163/0x1750 fs/sysv/itree.c:221
Preemption disabled at:
[<0000000000000000>] 0x0
CPU: 1 PID: 10690 Comm: syz-executor.0 Not tainted 5.15.154-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 ___might_sleep+0x547/0x6a0 kernel/sched/core.c:9626
 __getblk_gfp+0x43/0xaf0 fs/buffer.c:1334
 __bread_gfp+0x2a/0x390 fs/buffer.c:1381
 sb_bread include/linux/buffer_head.h:337 [inline]
 get_branch+0x2af/0x660 fs/sysv/itree.c:104
 get_block+0x181/0x1750 fs/sysv/itree.c:222
 block_read_full_page+0x2f9/0xde0 fs/buffer.c:2290
 do_read_cache_page+0x752/0x1040
 read_mapping_page include/linux/pagemap.h:515 [inline]
 dir_get_page fs/sysv/dir.c:58 [inline]
 sysv_readdir+0x19b/0x820 fs/sysv/dir.c:83
 iterate_dir+0x224/0x570
 __do_sys_getdents64 fs/readdir.c:369 [inline]
 __se_sys_getdents64+0x209/0x4f0 fs/readdir.c:354
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f6b1708be69
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f6b155fe0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
RAX: ffffffffffffffda RBX: 00007f6b171b9f80 RCX: 00007f6b1708be69
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
RBP: 00007f6b170d847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f6b171b9f80 R15: 00007ffff097bb78
 </TASK>
attempt to access beyond end of device
loop0: rw=0, want=6491550, limit=128
Buffer I/O error on dev loop0, logical block 3245774, async page read
attempt to access beyond end of device
loop0: rw=0, want=17669880, limit=128
Buffer I/O error on dev loop0, logical block 8834939, async page read
BUG: sleeping function called from invalid context at fs/buffer.c:1334
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 10690, name: syz-executor.0
3 locks held by syz-executor.0/10690:
 #0: ffff888061854d70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2cb/0x380 fs/file.c:1088
 #1: ffff888062550188 (&type->i_mutex_dir_key#19){.+.+}-{3:3}, at: iterate_dir+0x10a/0x570 fs/readdir.c:55
 #2: ffffffff8cba0f38 (pointers_lock#2){.+.+}-{2:2}, at: get_block+0x163/0x1750 fs/sysv/itree.c:221
Preemption disabled at:
[<0000000000000000>] 0x0
CPU: 0 PID: 10690 Comm: syz-executor.0 Tainted: G        W         5.15.154-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 ___might_sleep+0x547/0x6a0 kernel/sched/core.c:9626
 __getblk_gfp+0x43/0xaf0 fs/buffer.c:1334
 __bread_gfp+0x2a/0x390 fs/buffer.c:1381
 sb_bread include/linux/buffer_head.h:337 [inline]
 get_branch+0x2af/0x660 fs/sysv/itree.c:104
 get_block+0x181/0x1750 fs/sysv/itree.c:222
 block_read_full_page+0x2f9/0xde0 fs/buffer.c:2290
 do_read_cache_page+0x752/0x1040
 read_mapping_page include/linux/pagemap.h:515 [inline]
 dir_get_page fs/sysv/dir.c:58 [inline]
 sysv_readdir+0x19b/0x820 fs/sysv/dir.c:83
 iterate_dir+0x224/0x570
 __do_sys_getdents64 fs/readdir.c:369 [inline]
 __se_sys_getdents64+0x209/0x4f0 fs/readdir.c:354
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f6b1708be69
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f6b155fe0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
RAX: ffffffffffffffda RBX: 00007f6b171b9f80 RCX: 00007f6b1708be69
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
RBP: 00007f6b170d847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f6b171b9f80 R15: 00007ffff097bb78
 </TASK>
BUG: sleeping function called from invalid context at fs/buffer.c:1334
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 10690, name: syz-executor.0
3 locks held by syz-executor.0/10690:
 #0: ffff888061854d70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2cb/0x380 fs/file.c:1088
 #1: ffff888062550188 (&type->i_mutex_dir_key#19){.+.+}-{3:3}, at: iterate_dir+0x10a/0x570 fs/readdir.c:55
 #2: ffffffff8cba0f38 (pointers_lock#2){.+.+}-{2:2}, at: get_block+0x163/0x1750 fs/sysv/itree.c:221
Preemption disabled at:
[<0000000000000000>] 0x0
CPU: 1 PID: 10690 Comm: syz-executor.0 Tainted: G        W         5.15.154-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 ___might_sleep+0x547/0x6a0 kernel/sched/core.c:9626
 __getblk_gfp+0x43/0xaf0 fs/buffer.c:1334
 __bread_gfp+0x2a/0x390 fs/buffer.c:1381
 sb_bread include/linux/buffer_head.h:337 [inline]
 get_branch+0x2af/0x660 fs/sysv/itree.c:104
 get_block+0x181/0x1750 fs/sysv/itree.c:222
 block_read_full_page+0x2f9/0xde0 fs/buffer.c:2290
 do_read_cache_page+0x752/0x1040
 read_mapping_page include/linux/pagemap.h:515 [inline]
 dir_get_page fs/sysv/dir.c:58 [inline]
 sysv_readdir+0x19b/0x820 fs/sysv/dir.c:83
 iterate_dir+0x224/0x570
 __do_sys_getdents64 fs/readdir.c:369 [inline]
 __se_sys_getdents64+0x209/0x4f0 fs/readdir.c:354
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f6b1708be69
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f6b155fe0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
RAX: ffffffffffffffda RBX: 00007f6b171b9f80 RCX: 00007f6b1708be69
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
RBP: 00007f6b170d847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f6b171b9f80 R15: 00007ffff097bb78
 </TASK>
BUG: sleeping function called from invalid context at fs/buffer.c:1334
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 10690, name: syz-executor.0
3 locks held by syz-executor.0/10690:
 #0: ffff888061854d70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2cb/0x380 fs/file.c:1088
 #1: ffff888062550188 (&type->i_mutex_dir_key#19){.+.+}-{3:3}, at: iterate_dir+0x10a/0x570 fs/readdir.c:55
 #2: ffffffff8cba0f38 (pointers_lock#2){.+.+}-{2:2}, at: get_block+0x163/0x1750 fs/sysv/itree.c:221
Preemption disabled at:
[<0000000000000000>] 0x0
CPU: 0 PID: 10690 Comm: syz-executor.0 Tainted: G        W         5.15.154-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 ___might_sleep+0x547/0x6a0 kernel/sched/core.c:9626
 __getblk_gfp+0x43/0xaf0 fs/buffer.c:1334
 __bread_gfp+0x2a/0x390 fs/buffer.c:1381
 sb_bread include/linux/buffer_head.h:337 [inline]
 get_branch+0x2af/0x660 fs/sysv/itree.c:104
 get_block+0x181/0x1750 fs/sysv/itree.c:222
 block_read_full_page+0x2f9/0xde0 fs/buffer.c:2290
 do_read_cache_page+0x752/0x1040
 read_mapping_page include/linux/pagemap.h:515 [inline]
 dir_get_page fs/sysv/dir.c:58 [inline]
 sysv_readdir+0x19b/0x820 fs/sysv/dir.c:83
 iterate_dir+0x224/0x570
 __do_sys_getdents64 fs/readdir.c:369 [inline]
 __se_sys_getdents64+0x209/0x4f0 fs/readdir.c:354
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f6b1708be69
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f6b155fe0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
RAX: ffffffffffffffda RBX: 00007f6b171b9f80 RCX: 00007f6b1708be69
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
RBP: 00007f6b170d847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f6b171b9f80 R15: 00007ffff097bb78
 </TASK>
BUG: sleeping function called from invalid context at fs/buffer.c:1334
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 10690, name: syz-executor.0
3 locks held by syz-executor.0/10690:
 #0: ffff888061854d70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2cb/0x380 fs/file.c:1088
 #1: ffff888062550188 (&type->i_mutex_dir_key#19){.+.+}-{3:3}, at: iterate_dir+0x10a/0x570 fs/readdir.c:55
 #2: ffffffff8cba0f38 (pointers_lock#2){.+.+}-{2:2}, at: get_block+0x163/0x1750 fs/sysv/itree.c:221
Preemption disabled at:
[<0000000000000000>] 0x0
CPU: 1 PID: 10690 Comm: syz-executor.0 Tainted: G        W         5.15.154-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 ___might_sleep+0x547/0x6a0 kernel/sched/core.c:9626
 __getblk_gfp+0x43/0xaf0 fs/buffer.c:1334
 __bread_gfp+0x2a/0x390 fs/buffer.c:1381
 sb_bread include/linux/buffer_head.h:337 [inline]
 get_branch+0x2af/0x660 fs/sysv/itree.c:104
 get_block+0x181/0x1750 fs/sysv/itree.c:222
 block_read_full_page+0x2f9/0xde0 fs/buffer.c:2290
 do_read_cache_page+0x752/0x1040
 read_mapping_page include/linux/pagemap.h:515 [inline]
 dir_get_page fs/sysv/dir.c:58 [inline]
 sysv_readdir+0x19b/0x820 fs/sysv/dir.c:83
 iterate_dir+0x224/0x570
 __do_sys_getdents64 fs/readdir.c:369 [inline]
 __se_sys_getdents64+0x209/0x4f0 fs/readdir.c:354
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f6b1708be69
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f6b155fe0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
RAX: ffffffffffffffda RBX: 00007f6b171b9f80 RCX: 00007f6b1708be69
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
RBP: 00007f6b170d847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f6b171b9f80 R15: 00007ffff097bb78
 </TASK>
BUG: sleeping function called from invalid context at fs/buffer.c:1334
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 10690, name: syz-executor.0
3 locks held by syz-executor.0/10690:
 #0: ffff888061854d70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2cb/0x380 fs/file.c:1088
 #1: ffff888062550188 (&type->i_mutex_dir_key#19){.+.+}-{3:3}, at: iterate_dir+0x10a/0x570 fs/readdir.c:55
 #2: ffffffff8cba0f38 (pointers_lock#2){.+.+}-{2:2}, at: get_block+0x163/0x1750 fs/sysv/itree.c:221
Preemption disabled at:
[<0000000000000000>] 0x0
CPU: 0 PID: 10690 Comm: syz-executor.0 Tainted: G        W         5.15.154-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 ___might_sleep+0x547/0x6a0 kernel/sched/core.c:9626
 __getblk_gfp+0x43/0xaf0 fs/buffer.c:1334
 __bread_gfp+0x2a/0x390 fs/buffer.c:1381
 sb_bread include/linux/buffer_head.h:337 [inline]
 get_branch+0x2af/0x660 fs/sysv/itree.c:104
 get_block+0x181/0x1750 fs/sysv/itree.c:222
 block_read_full_page+0x2f9/0xde0 fs/buffer.c:2290
 do_read_cache_page+0x752/0x1040
 read_mapping_page include/linux/pagemap.h:515 [inline]
 dir_get_page fs/sysv/dir.c:58 [inline]
 sysv_readdir+0x19b/0x820 fs/sysv/dir.c:83
 iterate_dir+0x224/0x570
 __do_sys_getdents64 fs/readdir.c:369 [inline]
 __se_sys_getdents64+0x209/0x4f0 fs/readdir.c:354
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f6b1708be69
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f6b155fe0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
RAX: ffffffffffffffda RBX: 00007f6b171b9f80 RCX: 00007f6b1708be69
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
RBP: 00007f6b170d847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f6b171b9f80 R15: 00007ffff097bb78
 </TASK>
BUG: sleeping function called from invalid context at fs/buffer.c:1334
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 10690, name: syz-executor.0
3 locks held by syz-executor.0/10690:
 #0: ffff888061854d70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2cb/0x380 fs/file.c:1088
 #1: ffff888062550188 (&type->i_mutex_dir_key#19){.+.+}-{3:3}, at: iterate_dir+0x10a/0x570 fs/readdir.c:55
 #2: ffffffff8cba0f38 (pointers_lock#2){.+.+}-{2:2}, at: get_block+0x163/0x1750 fs/sysv/itree.c:221
Preemption disabled at:
[<0000000000000000>] 0x0
CPU: 0 PID: 10690 Comm: syz-executor.0 Tainted: G        W         5.15.154-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 ___might_sleep+0x547/0x6a0 kernel/sched/core.c:9626
 __getblk_gfp+0x43/0xaf0 fs/buffer.c:1334
 __bread_gfp+0x2a/0x390 fs/buffer.c:1381
 sb_bread include/linux/buffer_head.h:337 [inline]
 get_branch+0x2af/0x660 fs/sysv/itree.c:104
 get_block+0x181/0x1750 fs/sysv/itree.c:222
 block_read_full_page+0x2f9/0xde0 fs/buffer.c:2290
 do_read_cache_page+0x752/0x1040
 read_mapping_page include/linux/pagemap.h:515 [inline]
 dir_get_page fs/sysv/dir.c:58 [inline]
 sysv_readdir+0x19b/0x820 fs/sysv/dir.c:83
 iterate_dir+0x224/0x570
 __do_sys_getdents64 fs/readdir.c:369 [inline]
 __se_sys_getdents64+0x209/0x4f0 fs/readdir.c:354
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f6b1708be69
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f6b155fe0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
RAX: ffffffffffffffda RBX: 00007f6b171b9f80 RCX: 00007f6b1708be69
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
RBP: 00007f6b170d847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f6b171b9f80 R15: 00007ffff097bb78
 </TASK>
BUG: sleeping function called from invalid context at fs/buffer.c:1334
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 10690, name: syz-executor.0
3 locks held by syz-executor.0/10690:
 #0: ffff888061854d70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2cb/0x380 fs/file.c:1088
 #1: ffff888062550188 (&type->i_mutex_dir_key#19){.+.+}-{3:3}, at: iterate_dir+0x10a/0x570 fs/readdir.c:55
 #2: ffffffff8cba0f38 (pointers_lock#2){.+.+}-{2:2}, at: get_block+0x163/0x1750 fs/sysv/itree.c:221
Preemption disabled at:
[<0000000000000000>] 0x0
CPU: 1 PID: 10690 Comm: syz-executor.0 Tainted: G        W         5.15.154-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 ___might_sleep+0x547/0x6a0 kernel/sched/core.c:9626
 __getblk_gfp+0x43/0xaf0 fs/buffer.c:1334
 __bread_gfp+0x2a/0x390 fs/buffer.c:1381
 sb_bread include/linux/buffer_head.h:337 [inline]
 get_branch+0x2af/0x660 fs/sysv/itree.c:104
 get_block+0x181/0x1750 fs/sysv/itree.c:222
 block_read_full_page+0x2f9/0xde0 fs/buffer.c:2290
 do_read_cache_page+0x752/0x1040
 read_mapping_page include/linux/pagemap.h:515 [inline]
 dir_get_page fs/sysv/dir.c:58 [inline]
 sysv_readdir+0x19b/0x820 fs/sysv/dir.c:83
 iterate_dir+0x224/0x570
 __do_sys_getdents64 fs/readdir.c:369 [inline]
 __se_sys_getdents64+0x209/0x4f0 fs/readdir.c:354
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f6b1708be69
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f6b155fe0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
RAX: ffffffffffffffda RBX: 00007f6b171b9f80 RCX: 00007f6b1708be69
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
RBP: 00007f6b170d847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f6b171b9f80 R15: 00007ffff097bb78
 </TASK>
BUG: sleeping function called from invalid context at include/linux/pagemap.h:623
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 10690, name: syz-executor.0
3 locks held by syz-executor.0/10690:
 #0: ffff888061854d70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2cb/0x380 fs/file.c:1088
 #1: ffff888062550188 (&type->i_mutex_dir_key#19){.+.+}-{3:3}, at: iterate_dir+0x10a/0x570 fs/readdir.c:55
 #2: ffffffff8cba0f38 (pointers_lock#2){.+.+}-{2:2}, at: get_block+0x163/0x1750 fs/sysv/itree.c:221
Preemption disabled at:
[<0000000000000000>] 0x0
CPU: 1 PID: 10690 Comm: syz-executor.0 Tainted: G        W         5.15.154-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 ___might_sleep+0x547/0x6a0 kernel/sched/core.c:9626
 lock_page include/linux/pagemap.h:623 [inline]
 pagecache_get_page+0x4b9/0x1010 mm/filemap.c:1910
 find_or_create_page include/linux/pagemap.h:420 [inline]
 grow_dev_page fs/buffer.c:949 [inline]
 grow_buffers fs/buffer.c:1014 [inline]
 __getblk_slow fs/buffer.c:1041 [inline]
 __getblk_gfp+0x22a/0xaf0 fs/buffer.c:1336
 __bread_gfp+0x2a/0x390 fs/buffer.c:1381
 sb_bread include/linux/buffer_head.h:337 [inline]
 get_branch+0x2af/0x660 fs/sysv/itree.c:104
 get_block+0x181/0x1750 fs/sysv/itree.c:222
 block_read_full_page+0x2f9/0xde0 fs/buffer.c:2290
 do_read_cache_page+0x752/0x1040
 read_mapping_page include/linux/pagemap.h:515 [inline]
 dir_get_page fs/sysv/dir.c:58 [inline]
 sysv_readdir+0x19b/0x820 fs/sysv/dir.c:83
 iterate_dir+0x224/0x570
 __do_sys_getdents64 fs/readdir.c:369 [inline]
 __se_sys_getdents64+0x209/0x4f0 fs/readdir.c:354
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f6b1708be69
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f6b155fe0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
RAX: ffffffffffffffda RBX: 00007f6b171b9f80 RCX: 00007f6b1708be69
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
RBP: 00007f6b170d847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f6b171b9f80 R15: 00007ffff097bb78
 </TASK>
BUG: sleeping function called from invalid context at fs/buffer.c:1334
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 10690, name: syz-executor.0
3 locks held by syz-executor.0/10690:
 #0: ffff888061854d70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2cb/0x380 fs/file.c:1088
 #1: ffff888062550188 (&type->i_mutex_dir_key#19){.+.+}-{3:3}, at: iterate_dir+0x10a/0x570 fs/readdir.c:55
 #2: ffffffff8cba0f38 (pointers_lock#2){.+.+}-{2:2}, at: get_block+0x163/0x1750 fs/sysv/itree.c:221
Preemption disabled at:
[<0000000000000000>] 0x0
CPU: 0 PID: 10690 Comm: syz-executor.0 Tainted: G        W         5.15.154-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 ___might_sleep+0x547/0x6a0 kernel/sched/core.c:9626
 __getblk_gfp+0x43/0xaf0 fs/buffer.c:1334
 __bread_gfp+0x2a/0x390 fs/buffer.c:1381
 sb_bread include/linux/buffer_head.h:337 [inline]
 get_branch+0x2af/0x660 fs/sysv/itree.c:104
 get_block+0x181/0x1750 fs/sysv/itree.c:222
 block_read_full_page+0x2f9/0xde0 fs/buffer.c:2290
 do_read_cache_page+0x752/0x1040
 read_mapping_page include/linux/pagemap.h:515 [inline]
 dir_get_page fs/sysv/dir.c:58 [inline]
 sysv_readdir+0x19b/0x820 fs/sysv/dir.c:83
 iterate_dir+0x224/0x570
 __do_sys_getdents64 fs/readdir.c:369 [inline]
 __se_sys_getdents64+0x209/0x4f0 fs/readdir.c:354
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f6b1708be69
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f6b155fe0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
RAX: ffffffffffffffda RBX: 00007f6b171b9f80 RCX: 00007f6b1708be69
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
RBP: 00007f6b170d847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f6b171b9f80 R15: 00007ffff097bb78
 </TASK>

Crashes (241):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/04/13 09:04 linux-5.15.y cdfd0a7f0139 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/13 08:40 linux-5.15.y cdfd0a7f0139 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/13 04:10 linux-5.15.y cdfd0a7f0139 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/13 02:39 linux-5.15.y cdfd0a7f0139 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/13 00:25 linux-5.15.y cdfd0a7f0139 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/12 19:14 linux-5.15.y cdfd0a7f0139 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/12 13:38 linux-5.15.y cdfd0a7f0139 27de0a5c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/12 12:19 linux-5.15.y cdfd0a7f0139 27de0a5c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/12 10:40 linux-5.15.y cdfd0a7f0139 27de0a5c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/09 06:26 linux-5.15.y 9465fef4ae35 f3234354 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/09 00:27 linux-5.15.y 9465fef4ae35 53df08b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/08 14:48 linux-5.15.y 9465fef4ae35 53df08b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/08 09:33 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/08 09:15 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/08 03:00 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/08 01:51 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/07 23:40 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/07 20:32 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/07 10:32 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/07 04:11 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/06 20:58 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/06 18:39 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/06 14:02 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/06 12:14 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/06 05:27 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/05 21:50 linux-5.15.y 9465fef4ae35 77230c29 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/05 06:54 linux-5.15.y 9465fef4ae35 0ee3535e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2023/06/18 14:32 linux-5.15.y 471e639e59d1 f3921d4d .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2023/06/17 00:07 linux-5.15.y 471e639e59d1 f3921d4d .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/13 05:16 linux-5.15.y cdfd0a7f0139 c8349e48 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/12 09:03 linux-5.15.y cdfd0a7f0139 27de0a5c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/11 12:45 linux-5.15.y cdfd0a7f0139 33b9e058 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/11 07:15 linux-5.15.y cdfd0a7f0139 33b9e058 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/11 05:24 linux-5.15.y cdfd0a7f0139 33b9e058 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/10 19:31 linux-5.15.y cdfd0a7f0139 4320ec32 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/10 18:44 linux-5.15.y cdfd0a7f0139 4320ec32 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/10 06:26 linux-5.15.y 9465fef4ae35 171ec371 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/09 16:31 linux-5.15.y 9465fef4ae35 f3234354 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/08 22:09 linux-5.15.y 9465fef4ae35 53df08b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/08 20:39 linux-5.15.y 9465fef4ae35 53df08b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/08 19:23 linux-5.15.y 9465fef4ae35 53df08b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/08 11:13 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/08 04:51 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/08 00:41 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/04/06 18:20 linux-5.15.y 9465fef4ae35 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/03/30 19:08 linux-5.15.y 9465fef4ae35 6baf5069 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2024/01/15 15:39 linux-5.15.y 26c690eff0a5 551587c1 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2023/09/27 05:27 linux-5.15.y b911329317b4 0b6a67ac .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2023/05/23 02:25 linux-5.15.y 9d6bde853685 4bce1a3e .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: sleeping function called from invalid context in __getblk_gfp
2023/03/14 19:21 linux-5.15.y 2ddbd0f967b3 0d5c4377 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan BUG: sleeping function called from invalid context in __getblk_gfp
* Struck through repros no longer work on HEAD.