forked to background, child pid 3171 no interfaces have a carri[ 20.949947][ T3172] 8021q: adding VLAN 0 to HW filter on device bond0 er [ 20.963820][ T3172] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.235' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 42.433224][ T3595] [ 42.435592][ T3595] ===================================== [ 42.441108][ T3595] WARNING: bad unlock balance detected! [ 42.446629][ T3595] 5.18.0-rc2-syzkaller-00275-g59250f8a7f3a #0 Not tainted [ 42.453709][ T3595] ------------------------------------- [ 42.459222][ T3595] syz-executor178/3595 is trying to release lock (&call->user_mutex) at: [ 42.467760][ T3595] [] rxrpc_do_sendmsg+0xc05/0x1340 [ 42.474451][ T3595] but there are no more locks to release! [ 42.480144][ T3595] [ 42.480144][ T3595] other info that might help us debug this: [ 42.488373][ T3595] no locks held by syz-executor178/3595. [ 42.493997][ T3595] [ 42.493997][ T3595] stack backtrace: [ 42.499866][ T3595] CPU: 1 PID: 3595 Comm: syz-executor178 Not tainted 5.18.0-rc2-syzkaller-00275-g59250f8a7f3a #0 [ 42.510347][ T3595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.520386][ T3595] Call Trace: [ 42.523648][ T3595] [ 42.526559][ T3595] dump_stack_lvl+0xcd/0x134 [ 42.531141][ T3595] lock_release.cold+0x49/0x4e [ 42.535895][ T3595] ? rxrpc_do_sendmsg+0xc05/0x1340 [ 42.540989][ T3595] ? lock_downgrade+0x6e0/0x6e0 [ 42.545829][ T3595] ? trace_rxrpc_transmit+0x290/0x290 [ 42.551183][ T3595] __mutex_unlock_slowpath+0x99/0x5e0 [ 42.556537][ T3595] ? wait_for_completion_io_timeout+0x20/0x20 [ 42.562583][ T3595] ? wake_up_q+0xf0/0xf0 [ 42.566808][ T3595] ? rxrpc_do_sendmsg+0xeea/0x1340 [ 42.571896][ T3595] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 42.578117][ T3595] ? rxrpc_put_peer+0x8a/0x3c0 [ 42.582859][ T3595] rxrpc_do_sendmsg+0xc05/0x1340 [ 42.587782][ T3595] ? rxrpc_kernel_send_data+0x450/0x450 [ 42.593312][ T3595] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 42.599538][ T3595] ? rxrpc_lookup_local+0x9bd/0x1050 [ 42.604803][ T3595] rxrpc_sendmsg+0x420/0x630 [ 42.609373][ T3595] ? rxrpc_sock_destructor+0x170/0x170 [ 42.614813][ T3595] sock_sendmsg+0xcf/0x120 [ 42.619210][ T3595] ____sys_sendmsg+0x6e2/0x800 [ 42.623953][ T3595] ? kernel_sendmsg+0x50/0x50 [ 42.628613][ T3595] ? do_recvmmsg+0x6d0/0x6d0 [ 42.633185][ T3595] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 42.639154][ T3595] ___sys_sendmsg+0xf3/0x170 [ 42.643726][ T3595] ? sendmsg_copy_msghdr+0x160/0x160 [ 42.648992][ T3595] ? lock_downgrade+0x6e0/0x6e0 [ 42.653830][ T3595] ? __fget_light+0xea/0x270 [ 42.658404][ T3595] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 42.664624][ T3595] __sys_sendmsg+0xe5/0x1b0 [ 42.669106][ T3595] ? __sys_sendmsg_sock+0x30/0x30 [ 42.674113][ T3595] ? syscall_enter_from_user_mode+0x21/0x70 [ 42.680111][ T3595] do_syscall_64+0x35/0xb0 [ 42.684511][ T3595] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 42.690388][ T3595] RIP: 0033:0x7fc2c1a47df9 [ 42.694782][ T3595] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 42.714456][ T3595] RSP: 002b:00007fc2c19fa318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 42.722847][ T3595] RAX: ffffffffffffffda RBX: 00007fc2c1ad03e8 RCX: 00007fc2c1a47df9 [ 42.730800][ T3595] RDX: 0000000000000000