syzbot

 sign-in | mailing list | source | docs
🐞 Open [734]
🐞 Fixed [51]
🐞 Invalid [497]
Missing Backports [57]
Kernel Health Bugs/Month Bug Lifetimes Fuzzing Crashes
💬 Send us feedback

WARNING: bad unlock balance in l2cap_recv_frame (2)

Status: upstream: reported C repro on 2024/09/08 08:19
Bug presence: origin:lts-only
[Documentation on labels]
Reported-by: syzbot+5bfea7abc11dc8a59559@syzkaller.appspotmail.com
First crash: 28d, last: 13h48m
Bug presence (2)
Date Name Commit Repro Result
2024/09/09 linux-5.15.y (ToT) 14e468424d3e C [report] WARNING: bad unlock balance in l2cap_recv_frame
2024/09/09 upstream (ToT) da3ea35007d0 C Didn't crash
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 WARNING: bad unlock balance in l2cap_recv_frame origin:lts-only C done 22 503d 534d 3/3 fixed on 2023/06/26 14:47
upstream WARNING: bad unlock balance in l2cap_recv_frame bluetooth 75 528d 539d 22/28 fixed on 2023/06/08 14:41
linux-5.15 WARNING: bad unlock balance in l2cap_recv_frame origin:lts-only C done 5 501d 524d 3/3 fixed on 2023/06/26 14:47

Sample crash report:
=====================================
WARNING: bad unlock balance detected!
5.15.167-syzkaller #0 Not tainted
-------------------------------------
kworker/u5:2/3568 is trying to release lock (&chan->lock) at:
[<ffffffff895b621f>] l2cap_chan_unlock include/net/bluetooth/l2cap.h:860 [inline]
[<ffffffff895b621f>] l2cap_conless_channel net/bluetooth/l2cap_core.c:7770 [inline]
[<ffffffff895b621f>] l2cap_recv_frame+0x136f/0x8ae0 net/bluetooth/l2cap_core.c:7823
but there are no more locks to release!

other info that might help us debug this:
2 locks held by kworker/u5:2/3568:
 #0: ffff8880232fd938 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
 #1: ffffc90002c77d20 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285

stack backtrace:
CPU: 0 PID: 3568 Comm: kworker/u5:2 Not tainted 5.15.167-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Workqueue: hci0 hci_rx_work
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 print_unlock_imbalance_bug+0x248/0x2b0 kernel/locking/lockdep.c:5065
 __lock_release kernel/locking/lockdep.c:5302 [inline]
 lock_release+0x596/0x9a0 kernel/locking/lockdep.c:5643
 __mutex_unlock_slowpath+0xde/0x750 kernel/locking/mutex.c:851
 l2cap_chan_unlock include/net/bluetooth/l2cap.h:860 [inline]
 l2cap_conless_channel net/bluetooth/l2cap_core.c:7770 [inline]
 l2cap_recv_frame+0x136f/0x8ae0 net/bluetooth/l2cap_core.c:7823
 hci_acldata_packet net/bluetooth/hci_core.c:4969 [inline]
 hci_rx_work+0x48f/0x990 net/bluetooth/hci_core.c:5160
 process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
 worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
 kthread+0x3f6/0x4f0 kernel/kthread.c:334
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287

Crashes (88):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/10/05 03:41 linux-5.15.y 3a5928702e71 d7906eff .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/05 03:16 linux-5.15.y 3a5928702e71 d7906eff .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/09/08 12:36 linux-5.15.y 14e468424d3e 9750182a .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/09/08 11:28 linux-5.15.y 14e468424d3e 9750182a .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/09/08 10:27 linux-5.15.y 14e468424d3e 9750182a .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/09/08 09:22 linux-5.15.y 14e468424d3e 9750182a .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/05 11:09 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/05 09:30 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/05 02:49 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/04 17:04 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/04 10:19 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/04 04:16 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/04 03:05 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/03 12:48 linux-5.15.y 3a5928702e71 a4c7fd36 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/03 12:48 linux-5.15.y 3a5928702e71 a4c7fd36 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 23:11 linux-5.15.y 3a5928702e71 02f9582a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 23:11 linux-5.15.y 3a5928702e71 02f9582a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 04:25 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 04:25 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 04:11 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 04:11 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 01:50 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 01:50 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 01:05 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 00:48 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 00:47 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/01 22:27 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/01 22:27 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/09/22 23:57 linux-5.15.y 3a5928702e71 6f888b75 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING: bad unlock balance in l2cap_recv_frame
2024/10/05 20:37 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/05 09:26 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/05 01:26 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/04 18:29 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/04 15:47 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/04 15:14 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/04 12:34 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/04 00:43 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 04:20 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 04:20 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 03:18 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 03:05 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/02 03:05 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/01 22:55 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/01 22:54 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/01 22:52 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/01 22:51 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/01 20:50 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/01 20:50 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/01 20:44 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/10/01 20:42 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
2024/09/08 08:18 linux-5.15.y 14e468424d3e 9750182a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING: bad unlock balance in l2cap_recv_frame
* Struck through repros no longer work on HEAD.