===================================== [ BUG: bad unlock balance detected! ] 4.9.80-g550c01d #29 Not tainted ------------------------------------- syz-executor7/22567 is trying to release lock (mrt_lock) at: [] ipmr_mfc_seq_stop+0xe4/0x140 net/ipv6/ip6mr.c:553 but there are no more locks to release! other info that might help us debug this: 2 locks held by syz-executor7/22567: #0: (sb_writers#7){.+.+.+}, at: [] file_start_write include/linux/fs.h:2621 [inline] #0: (sb_writers#7){.+.+.+}, at: [] do_sendfile+0x9ff/0xd30 fs/read_write.c:1400 #1: (&p->lock){+.+.+.}, at: [] seq_read+0xdd/0x1290 fs/seq_file.c:178 stack backtrace: CPU: 0 PID: 22567 Comm: syz-executor7 Not tainted 4.9.80-g550c01d #29 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d804f2a8 ffffffff81d94b69 ffffffff849b6cf8 ffff8801b242c800 ffffffff834e8ee4 ffffffff849b6cf8 ffff8801b242d088 ffff8801d804f2d8 ffffffff81237e04 dffffc0000000000 ffffffff849b6cf8 00000000ffffffff Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_unlock_imbalance_bug+0x174/0x1a0 kernel/locking/lockdep.c:3398 [] __lock_release kernel/locking/lockdep.c:3540 [inline] [] lock_release+0x6f8/0xb80 kernel/locking/lockdep.c:3775 [] __raw_read_unlock include/linux/rwlock_api_smp.h:225 [inline] [] _raw_read_unlock+0x1a/0x50 kernel/locking/spinlock.c:255 [] ipmr_mfc_seq_stop+0xe4/0x140 net/ipv6/ip6mr.c:553 [] seq_read+0xa83/0x1290 fs/seq_file.c:283 [] proc_reg_read+0xef/0x170 fs/proc/inode.c:202 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] kernel_readv fs/splice.c:363 [inline] [] default_file_splice_read+0x43f/0x7a0 fs/splice.c:435 [] do_splice_to+0x10a/0x160 fs/splice.c:899 [] splice_direct_to_actor+0x24d/0x800 fs/splice.c:971 [] do_splice_direct+0x1a7/0x270 fs/splice.c:1080 [] do_sendfile+0x54b/0xd30 fs/read_write.c:1401 [] SYSC_sendfile64 fs/read_write.c:1456 [inline] [] SyS_sendfile64+0xd1/0x160 fs/read_write.c:1448 [] entry_SYSCALL_64_fastpath+0x29/0xe8 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 22984 Comm: syz-executor3 Not tainted 4.9.80-g550c01d #29 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d881f8a0 ffffffff81d94b69 ffff8801d881fb80 0000000000000000 ffff8801da38f490 ffff8801d881fa70 ffff8801da38f380 ffff8801d881fa98 ffffffff816624ba ffff8801d6845f80 ffff8801d881f9f0 00000001c389f067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa3a/0x1310 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x5c2/0xd40 arch/x86/mm/fault.c:1407 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1470 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1055 [] entry_SYSCALL_64_fastpath+0x29/0xe8 FAULT_FLAG_ALLOW_RETRY missing 30 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 23486 Comm: syz-executor6 Not tainted 4.9.80-g550c01d #29 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d01cf8d0 ffffffff81d94b69 ffff8801d01cfbb0 0000000000000000 ffff8801b9b37490 ffff8801d01cfaa0 ffff8801b9b37380 ffff8801d01cfac8 ffffffff816624ba 0000000000000000 ffff8801d01cfa20 00000001c9be9067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa3a/0x1310 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x5c2/0xd40 arch/x86/mm/fault.c:1407 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1470 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1055 [] entry_SYSCALL_64_fastpath+0x29/0xe8 CPU: 1 PID: 23484 Comm: syz-executor6 Not tainted 4.9.80-g550c01d #29 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801cf4cf860 ffffffff81d94b69 ffff8801cf4cfb40 0000000000000000 ffff8801b9b37490 ffff8801cf4cfa30 ffff8801b9b37380 ffff8801cf4cfa58 ffffffff816624ba ffffffff811b90e1 ffff8801cf4cf9b0 00000001c9be9067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa3a/0x1310 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x5c2/0xd40 arch/x86/mm/fault.c:1407 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1470 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1055 [] SyS_rt_sigtimedwait+0x2d/0x40 kernel/signal.c:2821 [] entry_SYSCALL_64_fastpath+0x29/0xe8 IPVS: Creating netns size=2536 id=13 FAULT_FLAG_ALLOW_RETRY missing 30 FAULT_FLAG_ALLOW_RETRY missing 70 CPU: 1 PID: 25868 Comm: syz-executor5 Not tainted 4.9.80-g550c01d #29 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801b9e3fae0 ffffffff81d94b69 ffff8801b9e3fdc0 0000000000000000 ffff8801b9d03490 ffff8801b9e3fcb0 ffff8801b9d03380 ffff8801b9e3fcd8 ffffffff816624ba 0000000000000000 ffff8801b9e3fc30 00000001cc047067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa3a/0x1310 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x5c2/0xd40 arch/x86/mm/fault.c:1407 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1470 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1055 CPU: 0 PID: 25840 Comm: syz-executor5 Not tainted 4.9.80-g550c01d #29 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c29ff990 ffffffff81d94b69 ffff8801c29ffc70 0000000000000000 ffff8801b9d03490 ffff8801c29ffb60 ffff8801b9d03380 ffff8801c29ffb88 ffffffff816624ba 0000000000000000 ffff8801c29ffae0 00000001cc047067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa3a/0x1310 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x5c2/0xd40 arch/x86/mm/fault.c:1407 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1470 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1055 [] entry_SYSCALL_64_fastpath+0x29/0xe8 Option ' ' to dns_resolver key: bad/missing value pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) IPVS: Creating netns size=2536 id=14