syzbot

 sign-in | mailing list | source | docs
🐞 Open [1547]
Subsystems
🐞 Fixed [6205]
🐞 Invalid [15609]
Missing Backports [182]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING: bad unlock balance in __rtnl_unlock

Status: upstream: reported C repro on 2025/03/04 12:56
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+3f18ef0f7df107a3f6a0@syzkaller.appspotmail.com
Fix commit: f130a0cc1b4f inet: fix lwtunnel_valid_encap_type() lock imbalance
Patched on: [ci-qemu-gce-upstream-auto ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-snapshot-upstream-root ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-arm64 ci-upstream-gce-leak ci-upstream-kasan-badwrites-root ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce-386-root ci-upstream-kmsan-gce-root ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-fs ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu-native-arm64-kvm ci-qemu2-arm32 ci-qemu2-riscv64]
First crash: 52d, last: 50d
Cause bisection: introduced by (bisect log) :
commit 1dd2af7963e95df90590fe40425fe1bdf982ae8f
Author: Kuniyuki Iwashima <kuniyu@amazon.com>
Date: Fri Feb 28 04:23:28 2025 +0000

  ipv4: fib: Convert RTM_NEWROUTE and RTM_DELROUTE to per-netns RTNL.

Crash: WARNING: bad unlock balance in __rtnl_unlock (log)
Repro: C syz .config
  
Discussions (2)
Title Replies (including bot) Last reply
[PATCH net-next] inet: fix lwtunnel_valid_encap_type() lock imbalance 3 (3) 2025/03/06 03:30
[syzbot] [net?] WARNING: bad unlock balance in __rtnl_unlock 0 (1) 2025/03/04 12:56
Last patch testing requests (2)
Created Duration User Patch Repo Result
2025/03/04 11:17 38m edumazet@google.com patch net-next OK log
2025/03/04 10:44 32m edumazet@google.com patch net-next error

Sample crash report:
netlink: 'syz-executor245': attribute type 11 has an invalid length.
=====================================
WARNING: bad unlock balance detected!
6.14.0-rc4-syzkaller-00873-g3424291dd242 #0 Not tainted
-------------------------------------
syz-executor245/5836 is trying to release lock (rtnl_mutex) at:
[<ffffffff89d0e38c>] __rtnl_unlock+0x6c/0xf0 net/core/rtnetlink.c:142
but there are no more locks to release!

other info that might help us debug this:
no locks held by syz-executor245/5836.

stack backtrace:
CPU: 0 UID: 0 PID: 5836 Comm: syz-executor245 Not tainted 6.14.0-rc4-syzkaller-00873-g3424291dd242 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120
 print_unlock_imbalance_bug+0x25b/0x2d0 kernel/locking/lockdep.c:5289
 __lock_release kernel/locking/lockdep.c:5518 [inline]
 lock_release+0x47e/0xa30 kernel/locking/lockdep.c:5872
 __mutex_unlock_slowpath+0xec/0x800 kernel/locking/mutex.c:891
 __rtnl_unlock+0x6c/0xf0 net/core/rtnetlink.c:142
 lwtunnel_valid_encap_type+0x38a/0x5f0 net/core/lwtunnel.c:169
 lwtunnel_valid_encap_type_attr+0x113/0x270 net/core/lwtunnel.c:209
 rtm_to_fib_config+0x949/0x14e0 net/ipv4/fib_frontend.c:808
 inet_rtm_newroute+0xf6/0x2a0 net/ipv4/fib_frontend.c:917
 rtnetlink_rcv_msg+0x791/0xcf0 net/core/rtnetlink.c:6919
 netlink_rcv_skb+0x206/0x480 net/netlink/af_netlink.c:2534
 netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]
 netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1339
 netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1883
 sock_sendmsg_nosec net/socket.c:709 [inline]
 __sock_sendmsg+0x221/0x270 net/socket.c:724
 ____sys_sendmsg+0x53a/0x860 net/socket.c:2564
 ___sys_sendmsg net/socket.c:2618 [inline]
 __sys_sendmsg+0x269/0x350 net/socket.c:2650
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f09df9913e9
Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd5288a738 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007ffd5288a908 RCX: 00007f09df9913e9
RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000003
RBP: 00007f09dfa04610 R08: 0000000000000000 R09: 00007ffd5288a908
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
R13: 00007ffd5288a8f8 R14: 0000000000000001 R15: 0000000000000001

Crashes (18):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/03/04 02:36 net-next 3424291dd242 c3901742 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/06 03:34 net-next c62e6f056ea3 034534df .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:18 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:18 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:18 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:17 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:14 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:14 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:14 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:11 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:07 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:07 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:06 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:06 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:04 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 01:04 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 00:26 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
2025/03/04 00:26 net-next 3424291dd242 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: bad unlock balance in __rtnl_unlock
* Struck through repros no longer work on HEAD.