WARNING in NUM (2)

Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported
WARNING in rhashtable_init_noprof bcachefs	C	done		131	12d	30d

done

131

12d

30d

Title	Replies (including bot)	Last reply
[syzbot] [cgroups?] WARNING in NUM (2)	2 (3)	2025/06/21 10:41

Title

Replies (including bot)

Last reply

[syzbot] [cgroups?] WARNING in NUM (2)

2 (3)

2025/06/21 10:41

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	WARNING in NUM net				1	204d	200d	28/29	fixed on 2025/05/06 15:33
linux-5.15	WARNING in NUM origin:lts-only	syz		done	35	12d	453d	0/3	upstream: reported syz repro on 2024/03/29 21:32

ODEBUG: object 00000000ea6cf442 is on stack 0000000010ff2048, but NOT annotated. ------------[ cut here ]------------ WARNING: CPU: 1 PID: 7303 at lib/debugobjects.c:655 debug_object_is_on_stack lib/debugobjects.c:-1 [inline] WARNING: CPU: 1 PID: 7303 at lib/debugobjects.c:655 lookup_object_or_alloc lib/debugobjects.c:688 [inline] WARNING: CPU: 1 PID: 7303 at lib/debugobjects.c:655 __debug_object_init+0x364/0x40c lib/debugobjects.c:743 Modules linked in: CPU: 1 UID: 0 PID: 7303 Comm: bch-copygc/loop Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : debug_object_is_on_stack lib/debugobjects.c:-1 [inline] pc : lookup_object_or_alloc lib/debugobjects.c:688 [inline] pc : __debug_object_init+0x364/0x40c lib/debugobjects.c:743 lr : debug_object_is_on_stack lib/debugobjects.c:-1 [inline] lr : lookup_object_or_alloc lib/debugobjects.c:688 [inline] lr : __debug_object_init+0x364/0x40c lib/debugobjects.c:743 sp : ffff80009d4b7700 x29: ffff80009d4b7700 x28: 0000000000000000 x27: dfff800000000000 x26: ffff800097693000 x25: ffff0000d6f28020 x24: 0000000000000000 x23: ffff0000d05090a8 x22: 0000000000000000 x21: ffff800097637350 x20: ffff80008af70de0 x19: ffff80009d4b7bb0 x18: 00000000ffffffff x17: ffff80009331f000 x16: ffff80008aec8e2c x15: 0000000000000001 ====================================================== WARNING: possible circular locking dependency detected 6.16.0-rc1-syzkaller-g39dfc971e42d #0 Not tainted ------------------------------------------------------ bch-copygc/loop/7303 is trying to acquire lock: ffff0000c8b7a848 (&p->pi_lock){-.-.}-{2:2}, at: class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:557 [inline] ffff0000c8b7a848 (&p->pi_lock){-.-.}-{2:2}, at: try_to_wake_up+0x68/0xdf0 kernel/sched/core.c:4226 but task is already holding lock: ffff800097637370 (&obj_hash[i].lock){-.-.}-{2:2}, at: __debug_object_init+0x6c/0x40c lib/debugobjects.c:741 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&obj_hash[i].lock){-.-.}-{2:2}: __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x5c/0x7c kernel/locking/spinlock.c:162 debug_object_assert_init+0xa0/0x2c8 lib/debugobjects.c:1007 debug_timer_assert_init kernel/time/timer.c:803 [inline] debug_assert_init kernel/time/timer.c:848 [inline] __mod_timer+0x5c/0xd00 kernel/time/timer.c:1025 add_timer_global+0x88/0xc0 kernel/time/timer.c:1283 __queue_delayed_work+0x218/0x2c8 kernel/workqueue.c:2526 queue_delayed_work_on+0xe4/0x194 kernel/workqueue.c:2561 queue_delayed_work include/linux/workqueue.h:677 [inline] schedule_delayed_work include/linux/workqueue.h:817 [inline] psi_group_change+0xd50/0x12e4 kernel/sched/psi.c:873 psi_task_change+0xec/0x244 kernel/sched/psi.c:912 psi_enqueue kernel/sched/stats.h:166 [inline] enqueue_task+0x250/0x2f4 kernel/sched/core.c:2086 activate_task kernel/sched/core.c:2126 [inline] wake_up_new_task+0x324/0x990 kernel/sched/core.c:4891 kernel_clone+0x440/0x7a0 kernel/fork.c:2630 user_mode_thread+0xc8/0x11c kernel/fork.c:2677 rest_init+0x30/0x2f4 init/main.c:709 start_kernel+0x450/0x4ac init/main.c:1101 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246 -> #1 (&rq->__lock){-.-.}-{2:2}: _raw_spin_lock_nested+0x50/0x6c kernel/locking/spinlock.c:378 raw_spin_rq_lock_nested kernel/sched/core.c:606 [inline] raw_spin_rq_lock kernel/sched/sched.h:1532 [inline] task_rq_lock+0xc4/0x33c kernel/sched/core.c:708 cgroup_move_task+0x9c/0x454 kernel/sched/psi.c:1161 css_set_move_task+0x69c/0x8bc kernel/cgroup/cgroup.c:918 cgroup_post_fork+0x160/0x5cc kernel/cgroup/cgroup.c:6754 copy_process+0x2e48/0x31ec kernel/fork.c:2413 kernel_clone+0x1d8/0x7a0 kernel/fork.c:2599 user_mode_thread+0xc8/0x11c kernel/fork.c:2677 rest_init+0x30/0x2f4 init/main.c:709 start_kernel+0x450/0x4ac init/main.c:1101 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246 -> #0 (&p->pi_lock){-.-.}-{2:2}: check_prev_add kernel/locking/lockdep.c:3168 [inline] check_prevs_add kernel/locking/lockdep.c:3287 [inline] validate_chain kernel/locking/lockdep.c:3911 [inline] __lock_acquire+0x1774/0x30a4 kernel/locking/lockdep.c:5240 lock_acquire+0x14c/0x2e0 kernel/locking/lockdep.c:5871 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x5c/0x7c kernel/locking/spinlock.c:162 class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:557 [inline] try_to_wake_up+0x68/0xdf0 kernel/sched/core.c:4226 wake_up_process kernel/sched/core.c:4475 [inline] wake_up_q+0x70/0x9c kernel/sched/core.c:1081 up+0x100/0x170 kernel/locking/semaphore.c:235 __up_console_sem kernel/printk/printk.c:343 [inline] __console_unlock+0x88/0xc4 kernel/printk/printk.c:2885 __console_flush_and_unlock kernel/printk/printk.c:3287 [inline] console_unlock+0xfc/0x288 kernel/printk/printk.c:3325 vprintk_emit+0x298/0x430 kernel/printk/printk.c:2450 vprintk_default+0x54/0x80 kernel/printk/printk.c:2465 vprintk+0x90/0x128 kernel/printk/printk_safe.c:82 _printk+0xd0/0x118 kernel/printk/printk.c:2475 __show_regs+0x254/0x2dc arch/arm64/kernel/process.c:239 show_regs+0x20/0x44 arch/arm64/kernel/process.c:247 __warn+0x1d0/0x658 kernel/panic.c:775 __report_bug lib/bug.c:195 [inline] report_bug+0x288/0x568 lib/bug.c:215 bug_handler+0x50/0x1fc arch/arm64/kernel/traps.c:1002 call_break_hook arch/arm64/kernel/debug-monitors.c:315 [inline] brk_handler+0x1d8/0x288 arch/arm64/kernel/debug-monitors.c:325 do_debug_exception+0x1e4/0x38c arch/arm64/mm/fault.c:1002 el1_dbg+0x64/0x80 arch/arm64/kernel/entry-common.c:513 el1h_64_sync_handler+0x40/0xcc arch/arm64/kernel/entry-common.c:559 el1h_64_sync+0x6c/0x70 arch/arm64/kernel/entry.S:595 debug_object_is_on_stack lib/debugobjects.c:-1 [inline] lookup_object_or_alloc lib/debugobjects.c:688 [inline] __debug_object_init+0x364/0x40c lib/debugobjects.c:743 debug_object_init+0x20/0x2c lib/debugobjects.c:779 __init_work+0x58/0x68 kernel/workqueue.c:677 rhashtable_init_noprof+0x734/0xa10 lib/rhashtable.c:1085 bch2_copygc_thread+0xec/0xd40 fs/bcachefs/movinggc.c:353 kthread+0x5fc/0x75c kernel/kthread.c:464 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:847 other info that might help us debug this: Chain exists of: &p->pi_lock --> &rq->__lock --> &obj_hash[i].lock Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&obj_hash[i].lock); lock(&rq->__lock); lock(&obj_hash[i].lock); lock(&p->pi_lock); *** DEADLOCK *** 1 lock held by bch-copygc/loop/7303: #0: ffff800097637370 (&obj_hash[i].lock){-.-.}-{2:2}, at: __debug_object_init+0x6c/0x40c lib/debugobjects.c:741 stack backtrace: CPU: 1 UID: 0 PID: 7303 Comm: bch-copygc/loop Not tainted 6.16.0-rc1-syzkaller-g39dfc971e42d #0 PREEMPT Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 Call trace: show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C) __dump_stack+0x30/0x40 lib/dump_stack.c:94 dump_stack_lvl+0xd8/0x12c lib/dump_stack.c:120 dump_stack+0x1c/0x28 lib/dump_stack.c:129 print_circular_bug+0x324/0x32c kernel/locking/lockdep.c:2046 check_noncircular+0x154/0x174 kernel/locking/lockdep.c:2178 check_prev_add kernel/locking/lockdep.c:3168 [inline] check_prevs_add kernel/locking/lockdep.c:3287 [inline] validate_chain kernel/locking/lockdep.c:3911 [inline] __lock_acquire+0x1774/0x30a4 kernel/locking/lockdep.c:5240 lock_acquire+0x14c/0x2e0 kernel/locking/lockdep.c:5871 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x5c/0x7c kernel/locking/spinlock.c:162 class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:557 [inline] try_to_wake_up+0x68/0xdf0 kernel/sched/core.c:4226 wake_up_process kernel/sched/core.c:4475 [inline] wake_up_q+0x70/0x9c kernel/sched/core.c:1081 up+0x100/0x170 kernel/locking/semaphore.c:235 __up_console_sem kernel/printk/printk.c:343 [inline] __console_unlock+0x88/0xc4 kernel/printk/printk.c:2885 __console_flush_and_unlock kernel/printk/printk.c:3287 [inline] console_unlock+0xfc/0x288 kernel/printk/printk.c:3325 vprintk_emit+0x298/0x430 kernel/printk/printk.c:2450 vprintk_default+0x54/0x80 kernel/printk/printk.c:2465 vprintk+0x90/0x128 kernel/printk/printk_safe.c:82 _printk+0xd0/0x118 kernel/printk/printk.c:2475 __show_regs+0x254/0x2dc arch/arm64/kernel/process.c:239 show_regs+0x20/0x44 arch/arm64/kernel/process.c:247 __warn+0x1d0/0x658 kernel/panic.c:775 __report_bug lib/bug.c:195 [inline] report_bug+0x288/0x568 lib/bug.c:215 bug_handler+0x50/0x1fc arch/arm64/kernel/traps.c:1002 call_break_hook arch/arm64/kernel/debug-monitors.c:315 [inline] brk_handler+0x1d8/0x288 arch/arm64/kernel/debug-monitors.c:325 do_debug_exception+0x1e4/0x38c arch/arm64/mm/fault.c:1002 el1_dbg+0x64/0x80 arch/arm64/kernel/entry-common.c:513 el1h_64_sync_handler+0x40/0xcc arch/arm64/kernel/entry-common.c:559 el1h_64_sync+0x6c/0x70 arch/arm64/kernel/entry.S:595 debug_object_is_on_stack lib/debugobjects.c:-1 [inline] (P) lookup_object_or_alloc lib/debugobjects.c:688 [inline] (P) __debug_object_init+0x364/0x40c lib/debugobjects.c:743 (P) debug_object_init+0x20/0x2c lib/debugobjects.c:779 __init_work+0x58/0x68 kernel/workqueue.c:677 rhashtable_init_noprof+0x734/0xa10 lib/rhashtable.c:1085 bch2_copygc_thread+0xec/0xd40 fs/bcachefs/movinggc.c:353 kthread+0x5fc/0x75c kernel/kthread.c:464 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:847 x14: 1ffff00013a96e58 x13: 0000000000000000 x12: 0000000000000000 x11: ffff700013a96e59 x10: 0000000000ff0100 x9 : 5d0f4a6cc8d63800 x8 : 5d0f4a6cc8d63800 x7 : ffff800080552a88 x6 : 0000000000000000 x5 : ffff80009356dba0 x4 : 0000000000000008 x3 : ffff8000807c0744 x2 : 0000000000000001 x1 : 0000000100000001 x0 : 0000000000000050 Call trace: debug_object_is_on_stack lib/debugobjects.c:-1 [inline] (P) lookup_object_or_alloc lib/debugobjects.c:688 [inline] (P) __debug_object_init+0x364/0x40c lib/debugobjects.c:743 (P) debug_object_init+0x20/0x2c lib/debugobjects.c:779 __init_work+0x58/0x68 kernel/workqueue.c:677 rhashtable_init_noprof+0x734/0xa10 lib/rhashtable.c:1085 bch2_copygc_thread+0xec/0xd40 fs/bcachefs/movinggc.c:353 kthread+0x5fc/0x75c kernel/kthread.c:464 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:847 irq event stamp: 20 hardirqs last enabled at (19): [<ffff800083e7f73c>] get_random_u32+0x2d4/0x540 drivers/char/random.c:554 hardirqs last disabled at (20): [<ffff80008aeea2b4>] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline] hardirqs last disabled at (20): [<ffff80008aeea2b4>] _raw_spin_lock_irqsave+0x2c/0x7c kernel/locking/spinlock.c:162 softirqs last enabled at (0): [<ffff8000803afb44>] copy_process+0x1134/0x31ec kernel/fork.c:2114 softirqs last disabled at (0): [<0000000000000000>] 0x0 ---[ end trace 0000000000000000 ]---

Crashes (3):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Assets (help?)	Manager	Title
2025/06/19 05:59	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	39dfc971e42d	ed3e87f7	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	WARNING in NUM
2025/06/12 15:44	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	19272b37aa4f	98683f8f	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	WARNING in NUM
2025/06/11 20:08	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	19272b37aa4f	98683f8f	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	WARNING in NUM

Crashes (3):

Assets (help?)