bisecting fixing commit since 3d40d7117e353b84627c1e8c5ed9ae0b1237ef5c building syzkaller on d646e21ff436cd2a40b23314436cd53f21ae9500 testing commit 3d40d7117e353b84627c1e8c5ed9ae0b1237ef5c with gcc (GCC) 8.1.0 kernel signature: e8735b6321272c1d35910fc9a653ade90cb266dd7b709e4c7c413bea9374c1d8 all runs: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket testing current HEAD b499cf4b3a901e87e1f933df04abf69b54de4457 testing commit b499cf4b3a901e87e1f933df04abf69b54de4457 with gcc (GCC) 8.1.0 kernel signature: 920624b0ab9f6f13a5933ab72ade336258fa93775bd3d8eee8962ee4f323bf84 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: boot failed: can't ssh into the instance # git bisect start b499cf4b3a901e87e1f933df04abf69b54de4457 3d40d7117e353b84627c1e8c5ed9ae0b1237ef5c Bisecting: 645 revisions left to test after this (roughly 9 steps) [f27808ed8c147e178e77404eb7719ef3a96bf5e7] brcmfmac: create debugfs files for bus-specific layer testing commit f27808ed8c147e178e77404eb7719ef3a96bf5e7 with gcc (GCC) 8.1.0 kernel signature: 0f64a3c5a10fe27ac60ae76bc47be2c61a0ef22ee98211e5a894c9f4e01f17de all runs: OK # git bisect bad f27808ed8c147e178e77404eb7719ef3a96bf5e7 Bisecting: 322 revisions left to test after this (roughly 8 steps) [a9a5fd928285d228bfc7cd4ee80f48c481cb466f] rseq/selftests: Turn off timeout setting testing commit a9a5fd928285d228bfc7cd4ee80f48c481cb466f with gcc (GCC) 8.1.0 kernel signature: d05e063ebea6b63f0b517c3409db3a0ed3432bd76c153bf756fb00a28c749b31 all runs: OK # git bisect bad a9a5fd928285d228bfc7cd4ee80f48c481cb466f Bisecting: 160 revisions left to test after this (roughly 7 steps) [77de8ee6b09f5c73a92c0434e8a08b4e614fbcba] fs: avoid softlockups in s_inodes iterators testing commit 77de8ee6b09f5c73a92c0434e8a08b4e614fbcba with gcc (GCC) 8.1.0 kernel signature: fac09419b8fd3e662d0ac6d94d35d4c469b9f0dd1d7861a4aeebb66569fef72a all runs: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket # git bisect good 77de8ee6b09f5c73a92c0434e8a08b4e614fbcba Bisecting: 80 revisions left to test after this (roughly 6 steps) [d429612632cc33d8b929a59f7242bcb3239813dd] phy: cpcap-usb: Fix flakey host idling and enumerating of devices testing commit d429612632cc33d8b929a59f7242bcb3239813dd with gcc (GCC) 8.1.0 kernel signature: e54ce3a36b3620b9d9a7ddc89bc1cda8a6b657e59fa768aadaffe1e3a99a907d all runs: OK # git bisect bad d429612632cc33d8b929a59f7242bcb3239813dd Bisecting: 39 revisions left to test after this (roughly 5 steps) [1b7d82175bf8ac8f692b2b1d1ab801afa8cf0c03] usb: chipidea: host: Disable port power only if previously enabled testing commit 1b7d82175bf8ac8f692b2b1d1ab801afa8cf0c03 with gcc (GCC) 8.1.0 kernel signature: 5dafa0ca8a336dff68a9fbe1de60b560f001f89f4b5ca83cfb9653468a2e82ed all runs: OK # git bisect bad 1b7d82175bf8ac8f692b2b1d1ab801afa8cf0c03 Bisecting: 19 revisions left to test after this (roughly 4 steps) [d36857e02bf8a9574362912afc865cdfb8ba1972] net: dsa: mv88e6xxx: Preserve priority when setting CPU port. testing commit d36857e02bf8a9574362912afc865cdfb8ba1972 with gcc (GCC) 8.1.0 kernel signature: e43eebd1eff8e9fa2ecf2b5d92b46dfab936d7322f5bf86e07b02154ee9d2fa6 run #0: OK run #1: OK run #2: OK run #3: OK run #4: OK run #5: boot failed: can't ssh into the instance run #6: OK run #7: OK run #8: OK run #9: OK # git bisect bad d36857e02bf8a9574362912afc865cdfb8ba1972 Bisecting: 9 revisions left to test after this (roughly 3 steps) [4b9f0187aa07bd9386cb81e47e0387a6ff679294] parisc: Fix compiler warnings in debug_core.c testing commit 4b9f0187aa07bd9386cb81e47e0387a6ff679294 with gcc (GCC) 8.1.0 kernel signature: 8c41efe1d49b7f6b9953be6f9a5f725fdeb61a9a2f68cbbdb5e8a5b24274b990 all runs: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket # git bisect good 4b9f0187aa07bd9386cb81e47e0387a6ff679294 Bisecting: 4 revisions left to test after this (roughly 2 steps) [4ef576e99d29a6c58a3cc9016f052629f040f111] cpufreq: imx6q: read OCOTP through nvmem for imx6ul/imx6ull testing commit 4ef576e99d29a6c58a3cc9016f052629f040f111 with gcc (GCC) 8.1.0 kernel signature: 307b046addb59132b0d0964fae81b7d4d1f45468163e460354ac3f8249292a2e run #0: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #1: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #2: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #3: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #4: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #5: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #6: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #7: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #8: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #9: boot failed: can't ssh into the instance # git bisect good 4ef576e99d29a6c58a3cc9016f052629f040f111 Bisecting: 2 revisions left to test after this (roughly 1 step) [13d9f98ef4c11cef57093cd6e28b31d7c3b55fb0] PCI/switchtec: Read all 64 bits of part_event_bitmap testing commit 13d9f98ef4c11cef57093cd6e28b31d7c3b55fb0 with gcc (GCC) 8.1.0 kernel signature: 8865e3b2b99281edb75b090a47678fda8aeb69c193de30bd329247d67238aa93 run #0: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #1: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #2: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #3: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #4: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #5: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #6: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #7: crashed: WARNING: bad unlock balance in gtp_encap_enable_socket run #8: boot failed: can't ssh into the instance run #9: boot failed: can't ssh into the instance # git bisect good 13d9f98ef4c11cef57093cd6e28b31d7c3b55fb0 Bisecting: 0 revisions left to test after this (roughly 1 step) [5f3274c53ae7049755b29ec0c351f145cb68270c] macvlan: do not assume mac_header is set in macvlan_broadcast() testing commit 5f3274c53ae7049755b29ec0c351f145cb68270c with gcc (GCC) 8.1.0 kernel signature: ff1c558892690a1e257daeb2b2e9498c765dc27f2e0e8b5e04a621e6e6a4b25a all runs: OK # git bisect bad 5f3274c53ae7049755b29ec0c351f145cb68270c Bisecting: 0 revisions left to test after this (roughly 0 steps) [776a81a024e73e809af4d965ed397405062d4515] gtp: fix bad unlock balance in gtp_encap_enable_socket testing commit 776a81a024e73e809af4d965ed397405062d4515 with gcc (GCC) 8.1.0 kernel signature: 385d8d95b16a4295ef6833719caf100bf4298506e03a67333ef86c51baa67f16 all runs: OK # git bisect bad 776a81a024e73e809af4d965ed397405062d4515 776a81a024e73e809af4d965ed397405062d4515 is the first bad commit commit 776a81a024e73e809af4d965ed397405062d4515 Author: Eric Dumazet Date: Mon Jan 6 06:45:37 2020 -0800 gtp: fix bad unlock balance in gtp_encap_enable_socket [ Upstream commit 90d72256addff9e5f8ad645e8f632750dd1f8935 ] WARNING: bad unlock balance detected! 5.5.0-rc5-syzkaller #0 Not tainted ------------------------------------- syz-executor921/9688 is trying to release lock (sk_lock-AF_INET6) at: [] gtp_encap_enable_socket+0x146/0x400 drivers/net/gtp.c:830 but there are no more locks to release! other info that might help us debug this: 2 locks held by syz-executor921/9688: #0: ffffffff8a4d8840 (rtnl_mutex){+.+.}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffffffff8a4d8840 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x405/0xaf0 net/core/rtnetlink.c:5421 #1: ffff88809304b560 (slock-AF_INET6){+...}, at: spin_lock_bh include/linux/spinlock.h:343 [inline] #1: ffff88809304b560 (slock-AF_INET6){+...}, at: release_sock+0x20/0x1c0 net/core/sock.c:2951 stack backtrace: CPU: 0 PID: 9688 Comm: syz-executor921 Not tainted 5.5.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x197/0x210 lib/dump_stack.c:118 print_unlock_imbalance_bug kernel/locking/lockdep.c:4008 [inline] print_unlock_imbalance_bug.cold+0x114/0x123 kernel/locking/lockdep.c:3984 __lock_release kernel/locking/lockdep.c:4242 [inline] lock_release+0x5f2/0x960 kernel/locking/lockdep.c:4503 sock_release_ownership include/net/sock.h:1496 [inline] release_sock+0x17c/0x1c0 net/core/sock.c:2961 gtp_encap_enable_socket+0x146/0x400 drivers/net/gtp.c:830 gtp_encap_enable drivers/net/gtp.c:852 [inline] gtp_newlink+0x9fc/0xc60 drivers/net/gtp.c:666 __rtnl_newlink+0x109e/0x1790 net/core/rtnetlink.c:3305 rtnl_newlink+0x69/0xa0 net/core/rtnetlink.c:3363 rtnetlink_rcv_msg+0x45e/0xaf0 net/core/rtnetlink.c:5424 netlink_rcv_skb+0x177/0x450 net/netlink/af_netlink.c:2477 rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5442 netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline] netlink_unicast+0x58c/0x7d0 net/netlink/af_netlink.c:1328 netlink_sendmsg+0x91c/0xea0 net/netlink/af_netlink.c:1917 sock_sendmsg_nosec net/socket.c:639 [inline] sock_sendmsg+0xd7/0x130 net/socket.c:659 ____sys_sendmsg+0x753/0x880 net/socket.c:2330 ___sys_sendmsg+0x100/0x170 net/socket.c:2384 __sys_sendmsg+0x105/0x1d0 net/socket.c:2417 __do_sys_sendmsg net/socket.c:2426 [inline] __se_sys_sendmsg net/socket.c:2424 [inline] __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2424 do_syscall_64+0xfa/0x790 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x445d49 Code: e8 bc b7 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b 12 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f8019074db8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00000000006dac38 RCX: 0000000000445d49 RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 RBP: 00000000006dac30 R08: 0000000000000004 R09: 0000000000000000 R10: 0000000000000008 R11: 0000000000000246 R12: 00000000006dac3c R13: 00007ffea687f6bf R14: 00007f80190759c0 R15: 20c49ba5e353f7cf Fixes: e198987e7dd7 ("gtp: fix suspicious RCU usage") Signed-off-by: Eric Dumazet Reported-by: syzbot Cc: Taehee Yoo Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman drivers/net/gtp.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) culprit signature: 385d8d95b16a4295ef6833719caf100bf4298506e03a67333ef86c51baa67f16 parent signature: 8865e3b2b99281edb75b090a47678fda8aeb69c193de30bd329247d67238aa93 revisions tested: 13, total time: 4h10m58.392287898s (build: 2h5m52.48512641s, test: 2h3m2.029171875s) first good commit: 776a81a024e73e809af4d965ed397405062d4515 gtp: fix bad unlock balance in gtp_encap_enable_socket cc: ["davem@davemloft.net" "edumazet@google.com" "gregkh@linuxfoundation.org"]