Created attachment 929821 [details]
emerge --info

Comment 2 Mike Gilbert 2025-05-28 21:16:27 UTC

Your steps to reproduce do not make much sense to me: there are four step 1s and two step 2s. Are these two separate failure modes that you have numbered incorrectly?

What version of dracut are you using?

This issue indicates the problem may be triggered by having a symlink at /tmp:

https://github.com/systemd/systemd/issues/29621

> Your steps to reproduce do not make much sense to me: there are four step 1s and two step 2s. Are these two separate failure modes that you have numbered incorrectly?

Sorry. This is correct:

Steps to Reproduce:

case 1:

1.Make initramfs by dracut without systemd modules;
2.Boot gentoo with systemd init manager;
3.Update sys-apps/systemd package or run systemctl daemon-reexec

case 2:

1.Make initramfs by dracut or mkosi with systemd as init inside initrd;
2.Boot gentoo with systemd init manager;
3.Switch root hangs

> What version of dracut are you using?

```
# qlist -Ive sys-kernel/dracut
sys-kernel/dracut-106-r2
```

I rebuild gentoo-kernel  with hardened use flag. The issue still exists.

```
gentoo ~ # dmesg |tail -10
[   11.231037] netfs: FS-Cache loaded
[   11.671512] RPC: Registered named UNIX socket transport module.
[   11.680124] RPC: Registered udp transport module.
[   11.680129] RPC: Registered tcp transport module.
[   11.680131] RPC: Registered tcp-with-tls transport module.
[   11.680132] RPC: Registered tcp NFSv4.1 backchannel transport module.
[   12.539252] Key type dns_resolver registered
[   13.016849] NFS: Registering the id_resolver key type
[   13.020466] Key type id_resolver registered
[   13.024549] Key type id_legacy registered

gentoo ~ # stat /tmp/
  File: /tmp/
  Size: 200       	Blocks: 0          IO Block: 4096   directory
Device: 0,40	Inode: 1           Links: 9
Access: (1777/drwxrwxrwt)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2025-05-29 06:37:46.201218476 +0300
Modify: 2025-05-29 06:37:59.079999985 +0300
Change: 2025-05-29 06:37:59.079999985 +0300
 Birth: 2025-05-29 06:37:46.201218476 +0300

gentoo ~ # systemctl daemon-reexec

gentoo ~ # dmesg |tail -10
[   13.020466] Key type id_resolver registered
[   13.024549] Key type id_legacy registered
[  394.390989] systemd[1]: systemd 257.5 running in system mode (+PAM +AUDIT -SELINUX -APPARMOR +IMA +IPE +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN -IPTC +KMOD +LIBCRYPTSETUP +LIBCRYPTSETUP_PLUGINS +LIBFDISK +PCRE2 -PWQUALITY +P11KIT -QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK +BTF -XKBCOMMON +UTMP -SYSVINIT +LIBARCHIVE)
[  394.399634] systemd[1]: Detected virtualization kvm.
[  394.401080] systemd[1]: Detected architecture x86-64.
[  394.531639] systemd[1]: bpf-restrict-fs: Failed to load BPF object: Invalid argument
[  484.560588] systemd[1]: Failed to fork off sandboxing environment for executing generators: Protocol error
[  484.564853] systemd[1]: Freezing execution.
[  593.468514] systemd-journald[491]: Failed to send WATCHDOG=1 notification message: Connection refused
[  653.469389] systemd-journald[491]: Failed to send WATCHDOG=1 notification message: Transport endpoint is not connected

gentoo ~ # systemctl daemon-reload
Failed to connect to system scope bus via local transport: Connection refused

gentoo ~ #
```

Created attachment 929939 [details]
kernel config

> I rebuild gentoo-kernel  with hardened use flag. The issue still exists.

*without

Comment 6 Mike Gilbert 2025-05-29 14:47:24 UTC

Ok, I'm afraid I have no idea why it is failing. I would suggest you seek support upstream.

Comment 7 Mike Gilbert 2025-05-29 15:40:15 UTC

Maybe try booting with the log level set to debug. An easy way to do that is to add this to the kernel command line in your bootloader config.

systemd.log-level=debug

Debug logging shows nothing. But I found that freez was because one of systemd-system-generator (netplan).

I still have error message:

[ 1069.212399] systemd[1]: bpf-restrict-fs: Failed to load BPF object: Invalid argument

sys-apps/systemd-257.5::gentoo was built with the following:
USE="acl audit boot bpf cryptsetup curl dns-over-tls elfutils fido2 gcrypt importd kernel-install kmod lz4 lzma openssl pam pcre pkcs11 (policykit) seccomp secureboot sysv-utils tpm ukify zstd -apparmor -cgroup-hybrid -gnutls -homed -http -idn -iptables -pwquality -qrcode -resolvconf (-selinux) (-split-usr) -test -vanilla -xkb" PYTHON_SINGLE_TARGET="python3_13 (-python3_11) -python3_12"

# zgrep -iE 'bpf|btf' /proc/config.gz
CONFIG_BPF=y
CONFIG_HAVE_EBPF_JIT=y
CONFIG_ARCH_WANT_DEFAULT_BPF_JIT=y
# BPF subsystem
CONFIG_BPF_SYSCALL=y
CONFIG_BPF_JIT=y
CONFIG_BPF_JIT_ALWAYS_ON=y
CONFIG_BPF_JIT_DEFAULT_ON=y
CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
CONFIG_BPF_PRELOAD=y
# CONFIG_BPF_PRELOAD_UMD is not set
CONFIG_BPF_LSM=y
# end of BPF subsystem
CONFIG_CGROUP_BPF=y
CONFIG_IPV6_SEG6_BPF=y
CONFIG_NETFILTER_BPF_LINK=y
CONFIG_NETFILTER_XT_MATCH_BPF=m
CONFIG_NET_CLS_BPF=m
CONFIG_NET_ACT_BPF=m
CONFIG_BPF_STREAM_PARSER=y
CONFIG_LWTUNNEL_BPF=y
CONFIG_BPF_LIRC_MODE2=y
CONFIG_VIDEO_SONY_BTF_MPX=m
# HID-BPF support
CONFIG_HID_BPF=y
# end of HID-BPF support
CONFIG_LSM="landlock,yama,bpf"
CONFIG_DEBUG_INFO_BTF=y
CONFIG_PAHOLE_HAS_SPLIT_BTF=y
CONFIG_DEBUG_INFO_BTF_MODULES=y
# CONFIG_MODULE_ALLOW_BTF_MISMATCH is not set
CONFIG_PROBE_EVENTS_BTF_ARGS=y
CONFIG_BPF_EVENTS=y
CONFIG_TEST_BPF=m

I don't know open new issue or continue here?

Comment 9 Mike Gilbert 2025-05-29 17:24:19 UTC

Take it upstream.

Comment 10 Sam James 2025-05-29 17:29:08 UTC

(In reply to Alexander Miroshnichenko from comment #8)
> Debug logging shows nothing. But I found that freez was because one of
> systemd-system-generator (netplan).
> 
> I still have error message:
> 
> [ 1069.212399] systemd[1]: bpf-restrict-fs: Failed to load BPF object:
> Invalid argument

See https://gcc.gnu.org/PR119731 for this one. It's a kernel bug.