syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1331]
Subsystems
🐞 Fixed [7147]
🐞 Invalid [18896]
Missing Backports [220]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

WARNING in rcu_tasks_verify_work_fn

Status: upstream: reported on 2026/03/31 21:53
Subsystems: kernel
Labels: prio:low
[Documentation on labels]
Reported-by: syzbot+251e9abcdac140e7ec74@syzkaller.appspotmail.com
First crash: 73d, last: 11d
✨ AI Jobs (1)
ID Workflow Result Correct Bug Created Started Finished Revision Error
f65ca737-5484-4f7b-84c4-c08fbadaf8a6 assessment-security DenialOfService: ❌ Exploitable: ❌ FilesystemTrigger: ❌ NetworkTrigger: ❌ PeripheralTrigger: ❌ RemoteTrigger: ❌ Unprivileged: ❌ UserNamespace: ❌ VMGuestTrigger: ❌ VMHostTrigger: ❌ WARNING in rcu_tasks_verify_work_fn 2026/05/26 01:24 2026/05/26 01:24 2026/05/26 01:51 c69befb30ac10e158cc9d1557b508ee3f0eca1de
Discussions (2)
Title Replies (including bot) Last reply
[PATCH] rcu-tasks: Fix possible boot-time tests failed for the call_rcu_tasks() 1 (1) 2026/04/23 11:19
[syzbot] [kernel?] WARNING in rcu_tasks_verify_work_fn 0 (1) 2026/03/31 21:53

Sample crash report:
------------[ cut here ]------------
 48 : (pgtable_l4_enabled ? 39 : 30)))) / 2) >> 1)) - ((((1UL))) << (((pgtable_l5_enabled ? 57 : (pgtable_l4_enabled ? 48 : 39)) - 12 - 1 + (( __builtin_constant_p(sizeof(struct page)) ? ( ((sizeof(struct page)) == 0 || (sizeof(struct page)) == 1) ? 0 : ( __builtin_constant_p((sizeof(struct page)) - 1) ? (((sizeof(struct page)) - 1) < 2 ? 0 : 63 - __builtin_clzll((sizeof(struct page)) - 1)) : (sizeof((sizeof(struct page)) - 1) <= 4) ? __ilog2_u32((sizeof(struct page)) - 1) : __ilog2_u64((sizeof(struct page)) - 1) ) + 1) : __order_base_2(sizeof(struct page)) )))))) - vmemmap_start_pfn) + (0))) & ((typeof((unsigned long) (((struct page *)((kernel_map.page_offset - ((((((1UL) << 12) / sizeof(pgd_t)) / 2 * ((1UL) << (pgtable_l5_enabled ? 48 : (pgtable_l4_enabled ? 39 : 30)))) / 2) >> 1)) - ((((1UL))) << (((pgtable_l5_enabled ? 57 : (pgtable_l4_enabled ? 48 : 39)) - 1
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper Not tainted syzkaller #0 PREEMPT 
Hardware name: riscv-virtio,qemu (DT)
epc : sparse_init+0x518/0x688 mm/sparse.c:423
 ra : sparse_init+0x518/0x688 mm/sparse.c:423
epc : ffffffff86652068 ra : ffffffff86652068 sp : ffffffff88607a90
 gp : ffffffff8a2739c0 tp : ffffffff88646200 t0 : ffffaf8072caa000
 t1 : fffff5ef0e5953ff t2 : 65203a6573726363 s0 : ffffffff88607bf0
 s1 : 000000000e000000 a0 : 0000000000000007 a1 : 0000000000000000
 a2 : 0000000000000002 a3 : ffffffff86652068 a4 : 0000000000000000
 a5 : ffffffff88647200 a6 : 0000000000000003 a7 : ffffaf8072ca9fff
 s2 : 0000020000000000 s3 : 0000200000000000 s4 : ffffffff882721c8
 s5 : 0000000000000027 s6 : 000000000000001f s7 : 0000000000000003
 s8 : ffffffff8a38e0a0 s9 : 1ffffffff10c0f5c s10: ffffffff8a38f920
 s11: 0000000000000000 t3 : 0000000000000000 t4 : 0000000000000040
 t5 : fffff5ef0e595400 t6 : ffffffff9149d5e8 ssp : 0000000000000000
status: 0000000200000100 badaddr: ffffffff86652068 cause: 0000000000000003
[<ffffffff86652068>] sparse_init+0x518/0x688 mm/sparse.c:423
[<ffffffff8663d7f0>] free_area_init mm/mm_init.c:1814 [inline]
[<ffffffff8663d7f0>] mm_core_init_early+0x120/0x1e18 mm/mm_init.c:2690
[<ffffffff86601e82>] start_kernel+0xce/0x87c init/main.c:1040
irq event stamp: 0
hardirqs last  enabled at (0): [<0000000000000000>] 0x0
hardirqs last disabled at (0): [<0000000000000000>] 0x0
softirqs last  enabled at (0): [<0000000000000000>] 0x0
softirqs last disabled at (0): [<0000000000000000>] 0x0
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: [ret < 0] kernel/rcu/tasks.h:1530 at rcu_tasks_verify_self_tests kernel/rcu/tasks.h:1520 [inline], CPU#0: swapper/0/1
WARNING: [ret < 0] kernel/rcu/tasks.h:1530 at rcu_tasks_verify_work_fn+0x27e/0x31c kernel/rcu/tasks.h:1542, CPU#0: swapper/0/1
Modules linked in:
CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Tainted: G        W           syzkaller #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: riscv-virtio,qemu (DT)
epc : rcu_tasks_verify_self_tests kernel/rcu/tasks.h:1530 [inline]
epc : rcu_tasks_verify_work_fn+0x27e/0x31c kernel/rcu/tasks.h:1542
 ra : rcu_tasks_verify_self_tests kernel/rcu/tasks.h:1522 [inline]
 ra : rcu_tasks_verify_work_fn+0x250/0x31c kernel/rcu/tasks.h:1542
epc : ffffffff80361ec6 ra : ffffffff80361e98 sp : ffff8f8000027b00
 gp : ffffffff8a2739c0 tp : ffffaf8012afcf80 t0 : ffff8f80000276d4
 t1 : fffffffef144f054 t2 : 5f7563725f6c6c61 s0 : ffff8f8000027ba0
 s1 : 0000000000000bb8 a0 : ffffffff887f0080 a1 : 0000000000000000
 a2 : 0000000000000002 a3 : ffffffff80314e8c a4 : 1ffffffff10fe010
 a5 : 0000000000000000 a6 : 0000000000000003 a7 : 0000000000000003
 s2 : 1ffff1f000004f64 s3 : ffff8f8000027b60 s4 : ffff8f8000027ca0
 s5 : ffffffff88611240 s6 : ffffffff887f06a0 s7 : 0000000000000000
 s8 : 1ffffffff1470b48 s9 : 0000000000000000 s10: ffffffff8a385a40
 s11: ffffffff88271f30 t3 : ffffffff88081988 t4 : fffffffef144f054
 t5 : fffffffef144f055 t6 : ffff8f80000274b8 ssp : 0000000000000000
status: 0000000200000120 badaddr: ffffffff80361ec6 cause: 0000000000000003
[<ffffffff80361ec6>] rcu_tasks_verify_self_tests kernel/rcu/tasks.h:1520 [inline]
[<ffffffff80361ec6>] rcu_tasks_verify_work_fn+0x27e/0x31c kernel/rcu/tasks.h:1542
[<ffffffff80362000>] rcu_tasks_verify_schedule_work+0x9c/0xa8 kernel/rcu/tasks.h:1554
[<ffffffff80064e4c>] do_one_initcall+0x18c/0xcc8 init/main.c:1392
[<ffffffff86602d9a>] do_initcall_level init/main.c:1454 [inline]
[<ffffffff86602d9a>] do_initcalls init/main.c:1470 [inline]
[<ffffffff86602d9a>] do_basic_setup init/main.c:1490 [inline]
[<ffffffff86602d9a>] kernel_init_freeable+0x6d2/0x7bc init/main.c:1703
[<ffffffff8646e490>] kernel_init+0x28/0x240 init/main.c:1593
[<ffffffff8006a124>] ret_from_fork_kernel+0x94/0xef8 arch/riscv/kernel/process.c:230
[<ffffffff86494fea>] ret_from_fork_kernel_asm+0x16/0x18 arch/riscv/kernel/entry.S:363

Crashes (6):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/05/28 22:21 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git for-next 0ca1724b56af 9a5a7e5e .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-riscv64 WARNING in rcu_tasks_verify_work_fn
2026/04/27 05:43 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git for-next 9b3a2be84803 9c2d0995 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-riscv64 WARNING in rcu_tasks_verify_work_fn
2026/04/23 12:00 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git for-next 9b3a2be84803 b10da5ec .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-riscv64 WARNING in rcu_tasks_verify_work_fn
2026/03/27 22:12 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git for-next b335bc5892a0 158c21af .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-riscv64 WARNING in rcu_tasks_verify_work_fn
2026/03/27 21:42 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git for-next b335bc5892a0 158c21af .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-riscv64 WARNING in rcu_tasks_verify_work_fn
2026/03/27 21:42 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git for-next b335bc5892a0 158c21af .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-riscv64 WARNING in rcu_tasks_verify_work_fn
* Struck through repros no longer work on HEAD.