ci2 starts bisection 2025-02-18 22:08:44.162195512 +0000 UTC m=+105.734307200
bisecting fixing commit since e7cddbb41b63252ddb5b7f8247da5d0b24adfac5
building syzkaller on 28b24332d95f2f7df44ec7e7a5e0025bcadc6277
ensuring issue is reproducible on original commit e7cddbb41b63252ddb5b7f8247da5d0b24adfac5

testing commit e7cddbb41b63252ddb5b7f8247da5d0b24adfac5 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 04184dfde822bdbd58e3eb78147ff1f37eb9f88c02567d7bf0edee8b5a3b84f5
all runs: crashed: WARNING: bad unlock balance in ext4_ioctl
representative crash: WARNING: bad unlock balance in ext4_ioctl, types: [LOCKDEP]
check whether we can drop unnecessary instrumentation
disabling configs for [UBSAN BUG KASAN ATOMIC_SLEEP HANG LEAK], they are not needed
testing commit e7cddbb41b63252ddb5b7f8247da5d0b24adfac5 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 5e549814c39f8a3ee3ea4658cd2753961b9c902326dcae43e804922b07b6e899
all runs: crashed: WARNING: bad unlock balance in ext4_ioctl
representative crash: WARNING: bad unlock balance in ext4_ioctl, types: [LOCKDEP]
the bug reproduces without the instrumentation
disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN], they are not needed
kconfig minimization: base=3823 full=7526 leaves diff=1995
split chunks (needed=false): <1995>
split chunk #0 of len 1995 into 5 parts
testing without sub-chunk 1/5
disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN], they are not needed
testing commit e7cddbb41b63252ddb5b7f8247da5d0b24adfac5 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: a5a1b58eeda91ebbbdc8d658fa55f2d5ddf744d7439864402c43c897f01854f7
all runs: crashed: WARNING: bad unlock balance in ext4_ioctl
representative crash: WARNING: bad unlock balance in ext4_ioctl, types: [LOCKDEP]
the chunk can be dropped
testing without sub-chunk 2/5
disabling configs for [LEAK UBSAN BUG KASAN ATOMIC_SLEEP HANG], they are not needed
testing commit e7cddbb41b63252ddb5b7f8247da5d0b24adfac5 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: d57e2b399b03b03107e7d0d494ee34272f5fd75d1b396e772302c78d66eef626
all runs: crashed: WARNING: bad unlock balance in ext4_ioctl
representative crash: WARNING: bad unlock balance in ext4_ioctl, types: [LOCKDEP]
the chunk can be dropped
testing without sub-chunk 3/5
disabling configs for [KASAN ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed
testing commit e7cddbb41b63252ddb5b7f8247da5d0b24adfac5 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: e038cd17b4a36b17b403e5b114c12d26295cb1f32c9cdc3294d6662980164346
all runs: crashed: WARNING: bad unlock balance in ext4_ioctl
representative crash: WARNING: bad unlock balance in ext4_ioctl, types: [LOCKDEP]
the chunk can be dropped
testing without sub-chunk 4/5
disabling configs for [LEAK UBSAN BUG KASAN ATOMIC_SLEEP HANG], they are not needed
testing commit e7cddbb41b63252ddb5b7f8247da5d0b24adfac5 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: eab015ea8536a4fc711818ff6dbe14a7dbcdb94086d95f15d8709248e062cf74
all runs: crashed: WARNING: bad unlock balance in ext4_ioctl
representative crash: WARNING: bad unlock balance in ext4_ioctl, types: [LOCKDEP]
the chunk can be dropped
testing without sub-chunk 5/5
disabling configs for [KASAN ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed
testing commit e7cddbb41b63252ddb5b7f8247da5d0b24adfac5 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 25402a8a6adc986bac445b4f3e0216c525d80361e3f968419e9764f36ed69180
all runs: crashed: WARNING: bad unlock balance in ext4_ioctl
representative crash: WARNING: bad unlock balance in ext4_ioctl, types: [LOCKDEP]
the chunk can be dropped
disabling configs for [HANG LEAK UBSAN BUG KASAN ATOMIC_SLEEP], they are not needed
testing current HEAD 0cbb5f65e52f3e66410a7fe0edf75e1b2bf41e80
testing commit 0cbb5f65e52f3e66410a7fe0edf75e1b2bf41e80 gcc
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
kernel signature: 3e3c74dce8f776aa39dd609822048a707b5129a0004a0f3bb2f2462763c3ae9d
all runs: crashed: WARNING: bad unlock balance in ext4_ioctl
representative crash: WARNING: bad unlock balance in ext4_ioctl, types: [LOCKDEP]
crash still not fixed/happens on the oldest tested release
revisions tested: 8, total time: 2h48m32.533653625s (build: 1h32m49.415740632s, test: 28m13.057499354s)
crash still not fixed or there were kernel test errors
commit msg: Linux 6.1.128
crash: WARNING: bad unlock balance in ext4_ioctl
EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
EXT4-fs (loop0): 1 truncate cleaned up
EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
=====================================
WARNING: bad unlock balance detected!
6.1.128-syzkaller #0 Not tainted
-------------------------------------
syz-executor.0/1465 is trying to release lock (&type->i_mutex_dir_key) at:
[<ffffffff813abcf1>] swap_inode_boot_loader fs/ext4/ioctl.c:513 [inline]
[<ffffffff813abcf1>] __ext4_ioctl fs/ext4/ioctl.c:1424 [inline]
[<ffffffff813abcf1>] ext4_ioctl+0x18f1/0x1a50 fs/ext4/ioctl.c:1614
but there are no more locks to release!

other info that might help us debug this:
1 lock held by syz-executor.0/1465:
 #0: ffff888103ec8438 (sb_writers#13){.+.+}-{0:0}, at: mnt_want_write_file+0x12/0x60 fs/namespace.c:437

stack backtrace:
CPU: 0 PID: 1465 Comm: syz-executor.0 Not tainted 6.1.128-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x89/0xd7 lib/dump_stack.c:106
 print_unlock_imbalance_bug+0x179/0x190 kernel/locking/lockdep.c:5102
 __lock_release kernel/locking/lockdep.c:5339 [inline]
 lock_release+0x1c5/0x2b0 kernel/locking/lockdep.c:5682
 up_write+0x2a/0x170 kernel/locking/rwsem.c:1625
 swap_inode_boot_loader fs/ext4/ioctl.c:513 [inline]
 __ext4_ioctl fs/ext4/ioctl.c:1424 [inline]
 ext4_ioctl+0x18f1/0x1a50 fs/ext4/ioctl.c:1614
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:870 [inline]
 __se_sys_ioctl+0x6a/0xb0 fs/ioctl.c:856
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x3b/0x80 arch/x86/entry/common.c:81
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f710ec74ba9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f710e7f70c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f710ed93f80 RCX: 00007f710ec74ba9
RDX: 0000000000000000 RSI: 0000000000006611 RDI: 0000000000000004
RBP: 00007f710ecc047a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000006 R14: 00007f710ed93f80 R15: 00007ffdae581858
 </TASK>