syzbot

 sign-in | mailing list | source | docs
🐞 Open [717] 🐞 Fixed [181] 🐞 Invalid [640] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

WARNING: bad unlock balance in ucma_event_handler

Status: upstream: reported C repro on 2020/01/02 01:32
Reported-by: syzbot+e8ab33b4c811424f4648@syzkaller.appspotmail.com
First crash: 1576d, last: 499d
Fix bisection the fix commit could be any of (bisect log):
  4c5bf01e16a7 Linux 4.14.161
  4139fb08c05f Linux 4.14.187
   
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 WARNING: bad unlock balance in ucma_event_handler C error 15 509d 1661d 0/1 upstream: reported C repro on 2019/10/08 08:22
upstream WARNING: bad unlock balance in ucma_event_handler C done 143 1479d 2143d 15/26 fixed on 2020/05/10 10:42
Last patch testing requests (1)
Created Duration User Patch Repo Result
2022/09/17 09:29 10m retest repro linux-4.14.y report log
Fix bisection attempts (6)
Created Duration User Patch Repo Result
2020/06/30 05:38 29m (2) bisect fix linux-4.14.y job log (2)
2020/05/31 03:28 23m bisect fix linux-4.14.y job log (0) log
2020/05/01 03:02 25m bisect fix linux-4.14.y job log (0) log
2020/04/01 02:37 24m bisect fix linux-4.14.y job log (0) log
2020/03/02 02:12 24m bisect fix linux-4.14.y job log (0) log
2020/02/01 01:31 25m bisect fix linux-4.14.y job log (0) log

Sample crash report:
=====================================
WARNING: bad unlock balance detected!
4.14.301-syzkaller #0 Not tainted
-------------------------------------
kworker/u4:0/5 is trying to release lock (&file->mut) at:
[<ffffffff85522e4a>] ucma_event_handler+0x6ea/0xeb0 drivers/infiniband/core/ucma.c:377
but there are no more locks to release!

other info that might help us debug this:
4 locks held by kworker/u4:0/5:
 #0:  ("ib_addr"){+.+.}, at: [<ffffffff81366130>] process_one_work+0x6b0/0x14a0 kernel/workqueue.c:2088
 #1:  ((&(&req->work)->work)){+.+.}, at: [<ffffffff81366166>] process_one_work+0x6e6/0x14a0 kernel/workqueue.c:2092
 #2:  (&id_priv->handler_mutex){+.+.}, at: [<ffffffff854ecf1c>] addr_handler+0x9c/0x420 drivers/infiniband/core/cma.c:2789
 #3:  (&file->mut){+.+.}, at: [<ffffffff85522812>] ucma_event_handler+0xb2/0xeb0 drivers/infiniband/core/ucma.c:337

stack backtrace:
CPU: 1 PID: 5 Comm: kworker/u4:0 Not tainted 4.14.301-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
Workqueue: ib_addr process_one_req
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x1b2/0x281 lib/dump_stack.c:58
 print_unlock_imbalance_bug include/trace/events/lock.h:58 [inline]
 __lock_release kernel/locking/lockdep.c:3769 [inline]
 lock_release.cold+0x70/0xbf kernel/locking/lockdep.c:4017
 __mutex_unlock_slowpath+0x75/0x770 kernel/locking/mutex.c:1018
 ucma_event_handler+0x6ea/0xeb0 drivers/infiniband/core/ucma.c:377
 addr_handler+0x1f5/0x420 drivers/infiniband/core/cma.c:2813
 process_one_req+0x22e/0x550 drivers/infiniband/core/addr.c:624
 process_one_work+0x793/0x14a0 kernel/workqueue.c:2117
 worker_thread+0x5cc/0xff0 kernel/workqueue.c:2251
 kthread+0x30d/0x420 kernel/kthread.c:232
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:406

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/12/13 03:17 linux-4.14.y 65afe34ac33d 67be1ae7 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-4-14 WARNING: bad unlock balance in ucma_event_handler
2020/01/02 01:31 linux-4.14.y 4c5bf01e16a7 25a0186e .config console log report syz C ci2-linux-4-14
2021/05/12 18:00 linux-4.14.y 7d7d1c0ab3eb 86294427 .config console log report info ci2-linux-4-14 WARNING: bad unlock balance in ucma_event_handler
* Struck through repros no longer work on HEAD.