WARNING: bad unlock balance in ovl_workdir

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
linux-4.14	WARNING: bad unlock balance in ovl_workdir_create (2)				1	1383d	1383d	0/1	auto-closed as invalid on 2021/06/08 14:33
linux-4.14	WARNING: bad unlock balance in ovl_workdir_create (3) jfs	C			6	637d	1008d	0/1	upstream: reported C repro on 2022/02/18 20:51

EXT4-fs error (device sda1): ext4_remount:5227: Abort forced by user
overlayfs: failed to create directory ./file1/index (errno: 30); mounting read-only
=====================================
WARNING: bad unlock balance detected!
4.14.179-syzkaller #0 Not tainted
-------------------------------------
syz-executor.2/22270 is trying to release lock (sb_writers) at:
[<ffffffff8221c9a2>] ovl_workdir_create.cold+0xeb/0xf7 fs/overlayfs/super.c:546
but there are no more locks to release!

other info that might help us debug this:
1 lock held by syz-executor.2/22270:
 #0:  (&type->s_umount_key#58/1){+.+.}, at: [<ffffffff818bb076>] alloc_super fs/super.c:251 [inline]
 #0:  (&type->s_umount_key#58/1){+.+.}, at: [<ffffffff818bb076>] sget_userns+0x556/0xc30 fs/super.c:516

stack backtrace:
CPU: 1 PID: 22270 Comm: syz-executor.2 Not tainted 4.14.179-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x13e/0x194 lib/dump_stack.c:58
 print_unlock_imbalance_bug kernel/locking/lockdep.c:3552 [inline]
 print_unlock_imbalance_bug.cold+0x110/0x11f kernel/locking/lockdep.c:3529
 __lock_release kernel/locking/lockdep.c:3769 [inline]
 lock_release+0x5e2/0x7f0 kernel/locking/lockdep.c:4017
 ovl_workdir_create.cold+0xeb/0xf7 fs/overlayfs/super.c:546
 ovl_fill_super+0x1d73/0x265d fs/overlayfs/super.c:1084
 mount_nodev+0x4c/0xf0 fs/super.c:1180
 mount_fs+0x92/0x2a0 fs/super.c:1237
 vfs_kern_mount.part.0+0x5b/0x3c0 fs/namespace.c:1046
 vfs_kern_mount fs/namespace.c:1036 [inline]
 do_new_mount fs/namespace.c:2549 [inline]
 do_mount+0x3c9/0x24f0 fs/namespace.c:2879
 SYSC_mount fs/namespace.c:3095 [inline]
 SyS_mount+0xa8/0x120 fs/namespace.c:3072
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45c829
RSP: 002b:00007f43f3d0cc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00000000004f62e0 RCX: 000000000045c829
RDX: 0000000020000100 RSI: 0000000020000000 RDI: 0000000000400000
RBP: 000000000078bf00 R08: 0000000020000400 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 000000000000075c R14: 00000000004ca197 R15: 00007f43f3d0d6d4
EXT4-fs error (device sda1): ext4_remount:5227: Abort forced by user
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
EXT4-fs error (device sda1): ext4_remount:5227: Abort forced by user
EXT4-fs error (device sda1): ext4_remount:5227: Abort forced by user
netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
EXT4-fs error (device sda1): ext4_remount:5227: Abort forced by user
overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
EXT4-fs error (device sda1): ext4_remount:5227: Abort forced by user
------------[ cut here ]------------
WARNING: CPU: 1 PID: 19251 at fs/namespace.c:1178 cleanup_mnt+0xfc/0x140 fs/namespace.c:1178

Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2020/05/09 18:36	linux-4.14.y	d71f695ce745	88cb3e92	.config	console log	report					ci2-linux-4-14
2020/03/09 15:33	linux-4.14.y	78d697fc93f9	35f53e45	.config	console log	report					ci2-linux-4-14