Re: [syzbot] [net?] WARNING: bad unlock balance in do_setlink

From: Aleksandr Nogikh
Date: Tue Apr 08 2025 - 16:18:00 EST

Next message: Joel Fernandes: "Re: [v2,05/12] rcutorture: Add tests for SRCU up/down reader primitives"
Previous message: SeongJae Park: "Re: [PATCH v2 4/4] mm/madvise: batch tlb flushes for MADV_DONTNEED[_LOCKED]"
In reply to: Eric Dumazet: "Re: [syzbot] [net?] WARNING: bad unlock balance in do_setlink"
Next in thread: Eric Dumazet: "Re: [syzbot] [net?] WARNING: bad unlock balance in do_setlink"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Apr 8, 2025 at 1:33 PM Eric Dumazet <edumazet@xxxxxxxxxx> wrote:
>
> On Tue, Apr 8, 2025 at 12:44 PM Dmitry Vyukov <dvyukov@xxxxxxxxxx> wrote:
> >
> > On Tue, 8 Apr 2025 at 10:11, Aleksandr Nogikh <nogikh@xxxxxxxxxx> wrote:
> > >
> > > On Mon, Apr 7, 2025 at 6:13 PM 'Kuniyuki Iwashima' via syzkaller-bugs
> > > <syzkaller-bugs@xxxxxxxxxxxxxxxx> wrote:
> > > >
> > > > From: Stanislav Fomichev <stfomichev@xxxxxxxxx>
> > > > Date: Mon, 7 Apr 2025 07:19:54 -0700
> > > > > On 04/07, syzbot wrote:
> > > > > > Hello,
> > > > > >
> > > > > > syzbot has tested the proposed patch but the reproducer is still triggering an issue:
> > > > > > unregister_netdevice: waiting for DEV to become free
> > > > > >
> > > > > > unregister_netdevice: waiting for batadv0 to become free. Usage count = 3
> > > > >
> > > > > So it does fix the lock unbalance issue, but now there is a hang?
> > > >
> > > > I think this is an orthogonal issue.
> > > >
> > > > I saw this in another report as well.
> > > > https://lore.kernel.org/netdev/67f208ea.050a0220.0a13.025b.GAE@xxxxxxxxxx/
> > > >
> > > > syzbot may want to find a better way to filter this kind of noise.
> > > >
> > >
> > > Syzbot treats this message as a problem worthy of reporting since a
> > > long time (Cc'd Dmitry who may remember the context):
> > > https://github.com/google/syzkaller/commit/7a67784ca8bdc3b26cce2f0ec9a40d2dd9ec9396
> > >
> > > Since v6.15-rc1, we do observe it happen at least 10x more often than
> > > before, both during fuzzing and while processing #syz test commands:
> > > https://syzkaller.appspot.com/bug?extid=881d65229ca4f9ae8c84
> >
> > IIUC this error means a leaked reference count on a device, and the
> > device and everything it references leaked forever + a kernel thread
> > looping forever. This does not look like noise.
> >
> > Eric, should know more. Eric fixed a bunch of these bugs and added a
> > ref count tracker to devices to provide better diagnostics. For some
> > reason I don't see the reftracker output in the console output, but
> > CONFIG_NET_DEV_REFCNT_TRACKER=y is enabled in the config.
>
> I think that Kuniyuki patch was fixing the original syzbot report.
>
> After fixing this trivial bug, another bug showed up,
> and this second bug triggered "syzbot may want to find a better way to
> filter this kind of noise." comment.

FWIW I've just bisected the recent spike in "unregister_netdevice:
waiting for batadv0 to become free" and git bisect pointed to:

00b35530811f2aa3d7ceec2dbada80861c7632a8
Author: Eric Dumazet <edumazet@xxxxxxxxxx>
Date: Thu Feb 6 14:04:22 2025 +0000

batman-adv: adopt netdev_hold() / netdev_put()

Add a device tracker to struct batadv_hard_iface to help
debugging of network device refcount imbalances.

Eric, could you please have a look?

>
>
> -ETOOMANYBUGS.

Next message: Joel Fernandes: "Re: [v2,05/12] rcutorture: Add tests for SRCU up/down reader primitives"
Previous message: SeongJae Park: "Re: [PATCH v2 4/4] mm/madvise: batch tlb flushes for MADV_DONTNEED[_LOCKED]"
In reply to: Eric Dumazet: "Re: [syzbot] [net?] WARNING: bad unlock balance in do_setlink"
Next in thread: Eric Dumazet: "Re: [syzbot] [net?] WARNING: bad unlock balance in do_setlink"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]