From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 00BF23B5302 for ; Mon, 27 Apr 2026 10:44:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777286644; cv=none; b=kTKeT9zy7wYGw+N7aKG60KTb/n+hrWWlJk3e+Ce6oBEBQD2zUqGrlNhIkufddSGSkseR1j5/YZuWvp34YwahPbNfdUC+VIkfNpcbOKd3eeeYQJs81F+Gc8hY53TTruevVQmh/WcH6HirzAwMjbLbrh9V8mj5uTAzpgSelXYQrUA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777286644; c=relaxed/simple; bh=iTndbkVHwjqibIZVTSPWbo8ojcxJAy0mB2LeI5+NXD8=; h=Date:From:To:Cc:Subject:Message-Id:In-Reply-To:References: Mime-Version:Content-Type; b=bnQwh3GXizxdH/FCQ9P9HnaZ7sKjaQBpRJgQK9fFf68O9O48NcAh+M1URJt0QoYWB6ujlCfd2jeWI3OED7qQAaD99vZ94a1GLwvnR90RQKDAx2NSh4NOxE6RbLFYD5x5GxRbLBy0fwm4D7MEIXbLYdQplXssKgRhmsw01xIWRw0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux-foundation.org header.i=@linux-foundation.org header.b=K8qaMwJC; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux-foundation.org header.i=@linux-foundation.org header.b="K8qaMwJC" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 500D9C2BCB4; Mon, 27 Apr 2026 10:44:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1777286643; bh=iTndbkVHwjqibIZVTSPWbo8ojcxJAy0mB2LeI5+NXD8=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=K8qaMwJCaqiC/yQFukTnoCCKBEdcWHxwZ2CKVJKGiGXAeCJT49g4amyjQTrZv6yJl EeazLQ2ZXtADk4bUag8sm3blu2HWaiT8O/wPFYsFl6WlK17luWwBc2wQTEmq+YJV9v YPk4oUIeYEmjNT79i47KevFsVW5wSqODNbJm+d2k= Date: Mon, 27 Apr 2026 03:44:02 -0700 From: Andrew Morton To: Qi Zheng Cc: shakeel.butt@linux.dev, syzbot , Liam.Howlett@oracle.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, ljs@kernel.org, surenb@google.com, syzkaller-bugs@googlegroups.com, vbabka@kernel.org, Muchun Song Subject: Re: [syzbot] [mm?] WARNING: bad unlock balance in do_wp_page Message-Id: <20260427034402.096cb95de92bec15becc78bb@linux-foundation.org> In-Reply-To: References: <69edca15.170a0220.38e3f1.0000.GAE@google.com> <20260426034938.db29d74982a8eb8463f8cf3a@linux-foundation.org> <20260426105532.43768b24a42744f1b52fdff2@linux-foundation.org> <3591c663-a4a9-4c22-97cf-b58b2e7d8a41@linux.dev> X-Mailer: Sylpheed 3.8.0beta1 (GTK+ 2.24.33; x86_64-pc-linux-gnu) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Mon, 27 Apr 2026 17:43:38 +0800 Qi Zheng wrote: >=20 > Alright, it seems I have successfully reproduced it: > (The reproducer is attached at the bottom of this email.) That's a lot of code. Thanks for doing that. Maybe there's something here we can put into selftests/ > >> > >>> However, in a production environment, this is practically impossible. > >> > >> Can you expand on this? > >> > >> sysbot isn't a production environment ;) > >=20 > > Rebinding only works when the hierarchy is completely empty. This is > > generally not the case in a production environment (e.g. when systemd > > is used). > >=20 > > BTW, it seems rebinding is about to be deprecated: > >=20 > > cgroup1_reconfigure > > --> pr_warn("option changes via remount are deprecated (pid=3D%d comm= =3D%s)\n", > > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 task_tgid_nr(current), current->comm= ); > >=20 > > Also, it appears the current memcg subsystem assumes that > > cgroup_subsys_on_dfl(memory_cgrp_subsys) cannot be changed at runtime. > > (Please correct me if I missed anything.) > >=20 > > If we can get a reproducer, we can try the following fix, or simply drop > > rebinding altogether? We'll want something which is applicable to 7.1-rcX please. Removal of rebinding sounds like something we'd address in 7.2 or later. > > From 6ae41b91339625dd7bf0f819f775f26e78171a73 Mon Sep 17 00:00:00 2001 > > From: Qi Zheng > > Date: Mon, 27 Apr 2026 11:20:21 +0800 > > Subject: [PATCH] mm: memcontrol: fix rcu unbalance in > > =A0get_non_dying_memcg_end() > >=20 > > Signed-off-by: Qi Zheng > > --- > > =A0mm/memcontrol.c | 30 ++++++++++++++++++++---------- > > =A01 file changed, 20 insertions(+), 10 deletions(-) >=20 > With the above patch applied, the warnings are gone. >=20 > If no one objects, I'll submit the formal fix. Or should we actually > just remove rebinding instead? I suggest we just fix up current -rc please.