[syzbot] [kernel?] WARNING in rcu_tasks_verify_work_fn
0 views
Skip to first unread message
syzbot
Mar 31, 2026, 5:53:25 PM (7 hours ago) Mar 31
to linux-...@vger.kernel.org, syzkall...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: b335bc5892a0 riscv: make runtime const not usable by modules
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git for-next
console output: https://syzkaller.appspot.com/x/log.txt?x=17d3a606580000
kernel config: https://syzkaller.appspot.com/x/.config?x=884e3e34df289c
dashboard link: https://syzkaller.appspot.com/bug?extid=251e9abcdac140e7ec74
compiler: riscv64-linux-gnu-gcc (Debian 14.2.0-19) 14.2.0, GNU ld (GNU Binutils for Debian) 2.44
userspace arch: riscv64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/a741b348759c/non_bootable_disk-b335bc58.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/81d2e116b7f9/vmlinux-b335bc58.xz
kernel image: https://storage.googleapis.com/syzbot-assets/da35545356d4/Image-b335bc58.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+251e9a...@syzkaller.appspotmail.com
cpu1: Ratio of byte access time to unaligned word access is 7.19, unaligned accesses are fast
hrtimer: interrupt took 78219600 ns
------------[ cut here ]------------
WARNING: [ret < 0] kernel/rcu/tasks.h:1530 at rcu_tasks_verify_self_tests kernel/rcu/tasks.h:1520 [inline], CPU#1: swapper/0/1
WARNING: [ret < 0] kernel/rcu/tasks.h:1530 at rcu_tasks_verify_work_fn+0x27e/0x31c kernel/rcu/tasks.h:1542, CPU#1: swapper/0/1
Modules linked in:
CPU: 1 UID: 0 PID: 1 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT
Hardware name: riscv-virtio,qemu (DT)
epc : rcu_tasks_verify_self_tests kernel/rcu/tasks.h:1530 [inline]
epc : rcu_tasks_verify_work_fn+0x27e/0x31c kernel/rcu/tasks.h:1542
ra : rcu_tasks_verify_self_tests kernel/rcu/tasks.h:1522 [inline]
ra : rcu_tasks_verify_work_fn+0x250/0x31c kernel/rcu/tasks.h:1542
epc : ffffffff8036ee1e ra : ffffffff8036edf0 sp : ffff8f8000027b10
gp : ffffffff8a229d40 tp : ffffaf8012afcf80 t0 : 1ffffffff22c0085
t1 : ffffffff8007a85c t2 : ffffffff91600428 s0 : ffff8f8000027bb0
s1 : 0000000000000bb8 a0 : ffffffff887f4a40 a1 : 0000000000000000
a2 : 0000000000000002 a3 : ffffffff803213b0 a4 : 1ffffffff10fe948
a5 : 0000000000000000 a6 : 0000000000000003 a7 : 0000000041b58ab3
s2 : 1ffff1f000004f64 s3 : ffff8f8000027b60 s4 : ffff8f8000027ca0
s5 : ffffffff88614240 s6 : ffffffff887f5060 s7 : 0000000000000000
s8 : 1ffffffff1467758 s9 : 0000000000000000 s10: ffffffff8a33bac0
s11: ffffffff881b2cf0 t3 : ffffffff87fb27e0 t4 : fffff5ef0e594511
t5 : fffff5ef0e594512 t6 : ffffffff86878840 ssp : 0000000000000000
status: 0000000200000120 badaddr: ffffffff8036ee1e cause: 0000000000000003
[<ffffffff8036ee1e>] rcu_tasks_verify_self_tests kernel/rcu/tasks.h:1520 [inline]
[<ffffffff8036ee1e>] rcu_tasks_verify_work_fn+0x27e/0x31c kernel/rcu/tasks.h:1542
[<ffffffff8036ef58>] rcu_tasks_verify_schedule_work+0x9c/0xa8 kernel/rcu/tasks.h:1554
[<ffffffff80063e4c>] do_one_initcall+0x18c/0xcdc init/main.c:1382
[<ffffffff86602d5a>] do_initcall_level init/main.c:1444 [inline]
[<ffffffff86602d5a>] do_initcalls init/main.c:1460 [inline]
[<ffffffff86602d5a>] do_basic_setup init/main.c:1479 [inline]
[<ffffffff86602d5a>] kernel_init_freeable+0x6ca/0x7b0 init/main.c:1692
[<ffffffff86433d40>] kernel_init+0x28/0x240 init/main.c:1582
[<ffffffff80069138>] ret_from_fork_kernel+0x94/0xef8 arch/riscv/kernel/process.c:228
[<ffffffff86459d52>] ret_from_fork_kernel_asm+0x16/0x18 arch/riscv/kernel/entry.S:363
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: b335bc5892a0 riscv: make runtime const not usable by modules
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git for-next
console output: https://syzkaller.appspot.com/x/log.txt?x=17d3a606580000
kernel config: https://syzkaller.appspot.com/x/.config?x=884e3e34df289c
dashboard link: https://syzkaller.appspot.com/bug?extid=251e9abcdac140e7ec74
compiler: riscv64-linux-gnu-gcc (Debian 14.2.0-19) 14.2.0, GNU ld (GNU Binutils for Debian) 2.44
userspace arch: riscv64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/a741b348759c/non_bootable_disk-b335bc58.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/81d2e116b7f9/vmlinux-b335bc58.xz
kernel image: https://storage.googleapis.com/syzbot-assets/da35545356d4/Image-b335bc58.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+251e9a...@syzkaller.appspotmail.com
cpu1: Ratio of byte access time to unaligned word access is 7.19, unaligned accesses are fast
hrtimer: interrupt took 78219600 ns
------------[ cut here ]------------
WARNING: [ret < 0] kernel/rcu/tasks.h:1530 at rcu_tasks_verify_self_tests kernel/rcu/tasks.h:1520 [inline], CPU#1: swapper/0/1
WARNING: [ret < 0] kernel/rcu/tasks.h:1530 at rcu_tasks_verify_work_fn+0x27e/0x31c kernel/rcu/tasks.h:1542, CPU#1: swapper/0/1
Modules linked in:
CPU: 1 UID: 0 PID: 1 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT
Hardware name: riscv-virtio,qemu (DT)
epc : rcu_tasks_verify_self_tests kernel/rcu/tasks.h:1530 [inline]
epc : rcu_tasks_verify_work_fn+0x27e/0x31c kernel/rcu/tasks.h:1542
ra : rcu_tasks_verify_self_tests kernel/rcu/tasks.h:1522 [inline]
ra : rcu_tasks_verify_work_fn+0x250/0x31c kernel/rcu/tasks.h:1542
epc : ffffffff8036ee1e ra : ffffffff8036edf0 sp : ffff8f8000027b10
gp : ffffffff8a229d40 tp : ffffaf8012afcf80 t0 : 1ffffffff22c0085
t1 : ffffffff8007a85c t2 : ffffffff91600428 s0 : ffff8f8000027bb0
s1 : 0000000000000bb8 a0 : ffffffff887f4a40 a1 : 0000000000000000
a2 : 0000000000000002 a3 : ffffffff803213b0 a4 : 1ffffffff10fe948
a5 : 0000000000000000 a6 : 0000000000000003 a7 : 0000000041b58ab3
s2 : 1ffff1f000004f64 s3 : ffff8f8000027b60 s4 : ffff8f8000027ca0
s5 : ffffffff88614240 s6 : ffffffff887f5060 s7 : 0000000000000000
s8 : 1ffffffff1467758 s9 : 0000000000000000 s10: ffffffff8a33bac0
s11: ffffffff881b2cf0 t3 : ffffffff87fb27e0 t4 : fffff5ef0e594511
t5 : fffff5ef0e594512 t6 : ffffffff86878840 ssp : 0000000000000000
status: 0000000200000120 badaddr: ffffffff8036ee1e cause: 0000000000000003
[<ffffffff8036ee1e>] rcu_tasks_verify_self_tests kernel/rcu/tasks.h:1520 [inline]
[<ffffffff8036ee1e>] rcu_tasks_verify_work_fn+0x27e/0x31c kernel/rcu/tasks.h:1542
[<ffffffff8036ef58>] rcu_tasks_verify_schedule_work+0x9c/0xa8 kernel/rcu/tasks.h:1554
[<ffffffff80063e4c>] do_one_initcall+0x18c/0xcdc init/main.c:1382
[<ffffffff86602d5a>] do_initcall_level init/main.c:1444 [inline]
[<ffffffff86602d5a>] do_initcalls init/main.c:1460 [inline]
[<ffffffff86602d5a>] do_basic_setup init/main.c:1479 [inline]
[<ffffffff86602d5a>] kernel_init_freeable+0x6ca/0x7b0 init/main.c:1692
[<ffffffff86433d40>] kernel_init+0x28/0x240 init/main.c:1582
[<ffffffff80069138>] ret_from_fork_kernel+0x94/0xef8 arch/riscv/kernel/process.c:228
[<ffffffff86459d52>] ret_from_fork_kernel_asm+0x16/0x18 arch/riscv/kernel/entry.S:363
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages