syzbot


WARNING: bad unlock balance in ucma_destroy_id

Status: upstream: reported C repro on 2019/07/01 17:24
Reported-by: syzbot+22956fa835c831577177@syzkaller.appspotmail.com
First crash: 1184d, last: 19d

Fix bisection: the fix commit could be any of (bisect log):
  98db2bf27b9e Linux 4.14.171
  56dfe6252c68 Linux 4.14.188
similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 WARNING: bad unlock balance in ucma_destroy_id C error 6 19d 1189d 0/1 upstream: reported C repro on 2019/06/27 11:05
upstream WARNING: bad unlock balance in ucma_destroy_id syz done 44 938d 1491d 17/24 fixed on 2020/05/10 10:42

Sample crash report:
=====================================
WARNING: bad unlock balance detected!
4.14.292-syzkaller #0 Not tainted
-------------------------------------
syz-executor956/8126 is trying to release lock (&file->mut) at:
[<ffffffff855217fb>] ucma_destroy_id+0x1eb/0x420 drivers/infiniband/core/ucma.c:606
but there are no more locks to release!

other info that might help us debug this:
1 lock held by syz-executor956/8126:
 #0:  (&file->mut){+.+.}, at: [<ffffffff8552179c>] ucma_destroy_id+0x18c/0x420 drivers/infiniband/core/ucma.c:604

stack backtrace:
CPU: 1 PID: 8126 Comm: syz-executor956 Not tainted 4.14.292-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x1b2/0x281 lib/dump_stack.c:58
 print_unlock_imbalance_bug include/trace/events/lock.h:58 [inline]
 __lock_release kernel/locking/lockdep.c:3769 [inline]
 lock_release.cold+0x70/0xbf kernel/locking/lockdep.c:4017
 __mutex_unlock_slowpath+0x75/0x770 kernel/locking/mutex.c:1018
 ucma_destroy_id+0x1eb/0x420 drivers/infiniband/core/ucma.c:606
 ucma_write+0x206/0x2c0 drivers/infiniband/core/ucma.c:1672
 __vfs_write+0xe4/0x630 fs/read_write.c:480
 vfs_write+0x17f/0x4d0 fs/read_write.c:544
 SYSC_write fs/read_write.c:590 [inline]
 SyS_write+0xf2/0x210 fs/read_write.c:582
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x7f45d87c9a69
RSP: 002b:00007f45d875a308 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f45d8851418 RCX: 00007f45d87c9a69
RDX: 0000000000000018 RSI: 0000000020000180 RDI: 0000000000000003
RBP: 00007f45d8851410 R08: 00007f45d875a700 R09: 0000000000000000
R10: 00007f45d875a700 R11: 0000000000000246 R12: 00007f45d885141c
R13: 00007f45d881f074 R14: 006d635f616d6472 R15: 0000000000022000

Crashes (9):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-linux-4-14 2022/09/09 04:43 linux-4.14.y 65640c873dcf f3027468 .config log report syz C WARNING: bad unlock balance in ucma_destroy_id
ci2-linux-4-14 2021/01/19 12:34 linux-4.14.y 2762b48e9611 63631df1 .config log report syz WARNING: bad unlock balance in ucma_destroy_id
ci2-linux-4-14 2020/02/17 14:57 linux-4.14.y 98db2bf27b9e 72bfa6f2 .config log report syz
ci2-linux-4-14 2019/11/29 22:32 linux-4.14.y 43598c571e7e 4f7e1d0f .config log report syz
ci2-linux-4-14 2019/07/01 16:23 linux-4.14.y f4cc0ed9b2c7 907bf746 .config log report syz
ci2-linux-4-14 2022/09/09 04:23 linux-4.14.y 65640c873dcf f3027468 .config log report info WARNING: bad unlock balance in ucma_destroy_id
ci2-linux-4-14 2021/01/19 11:12 linux-4.14.y 2762b48e9611 63631df1 .config log report info WARNING: bad unlock balance in ucma_destroy_id
ci2-linux-4-14 2020/02/17 12:37 linux-4.14.y 98db2bf27b9e 72bfa6f2 .config log report
ci2-linux-4-14 2019/11/29 20:52 linux-4.14.y 43598c571e7e 4f7e1d0f .config log report
* Struck through repros no longer work on HEAD.