[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 76.220932][ T27] audit: type=1800 audit(1578467949.071:25): pid=9422 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 76.240597][ T27] audit: type=1800 audit(1578467949.071:26): pid=9422 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 76.261414][ T27] audit: type=1800 audit(1578467949.071:27): pid=9422 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.21' (ECDSA) to the list of known hosts. executing program executing program executing program executing program syzkaller login: [ 84.859794][ T753] [ 84.862166][ T753] ===================================== [ 84.868038][ T753] WARNING: bad unlock balance detected! [ 84.873575][ T753] 5.5.0-rc5-next-20200107-syzkaller #0 Not tainted [ 84.880058][ T753] ------------------------------------- [ 84.885583][ T753] kworker/u4:6/753 is trying to release lock (&file->mut) at: [ 84.893030][ T753] [] ucma_event_handler+0x711/0xef0 [ 84.899764][ T753] but there are no more locks to release! [ 84.905464][ T753] [ 84.905464][ T753] other info that might help us debug this: [ 84.913504][ T753] 4 locks held by kworker/u4:6/753: [ 84.918675][ T753] #0: ffff88821a867128 ((wq_completion)ib_addr){+.+.}, at: process_one_work+0x88b/0x1740 [ 84.928549][ T753] #1: ffffc90003687dc0 ((work_completion)(&(&req->work)->work)){+.+.}, at: process_one_work+0x8c1/0x1740 [ 84.939809][ T753] #2: ffff8880a02e5390 (&id_priv->handler_mutex){+.+.}, at: addr_handler+0xaf/0x3d0 [ 84.949247][ T753] #3: ffff88809e0d1c60 (&file->mut){+.+.}, at: ucma_event_handler+0xb3/0xef0 [ 84.958088][ T753] [ 84.958088][ T753] stack backtrace: [ 84.964096][ T753] CPU: 1 PID: 753 Comm: kworker/u4:6 Not tainted 5.5.0-rc5-next-20200107-syzkaller #0 [ 84.973627][ T753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.983675][ T753] Workqueue: ib_addr process_one_req [ 84.988946][ T753] Call Trace: [ 84.992226][ T753] dump_stack+0x197/0x210 [ 84.996995][ T753] ? ucma_event_handler+0x711/0xef0 [ 85.002180][ T753] print_unlock_imbalance_bug.cold+0x114/0x123 [ 85.008314][ T753] ? ucma_event_handler+0x711/0xef0 [ 85.013495][ T753] lock_release+0x5f2/0x960 [ 85.018018][ T753] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 85.023813][ T753] ? lock_downgrade+0x920/0x920 [ 85.028656][ T753] ? trace_hardirqs_on+0x67/0x240 [ 85.033666][ T753] ? _raw_spin_unlock_irqrestore+0x9f/0xe0 [ 85.039475][ T753] __mutex_unlock_slowpath+0x86/0x6a0 [ 85.044834][ T753] ? wait_for_completion+0x440/0x440 [ 85.050102][ T753] ? lockdep_hardirqs_on+0x421/0x5e0 [ 85.055366][ T753] mutex_unlock+0xd/0x10 [ 85.059589][ T753] ucma_event_handler+0x711/0xef0 [ 85.064768][ T753] addr_handler+0x2e9/0x3d0 [ 85.069256][ T753] ? cma_work_handler+0x1f0/0x1f0 [ 85.074275][ T753] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 85.080495][ T753] ? addr_resolve+0x3b0/0x1ad0 [ 85.085239][ T753] ? rdma_translate_ip+0x2f0/0x2f0 [ 85.090332][ T753] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 85.096467][ T753] process_one_req+0x106/0x680 [ 85.101215][ T753] process_one_work+0x9af/0x1740 [ 85.106132][ T753] ? pwq_dec_nr_in_flight+0x320/0x320 [ 85.111484][ T753] ? lock_acquire+0x190/0x410 [ 85.116150][ T753] worker_thread+0x98/0xe40 [ 85.120638][ T753] ? trace_hardirqs_on+0x67/0x240 [ 85.125655][ T753] kthread+0x361/0x430 [ 85.129703][ T753] ? process_one_work+0x1740/0x1740 [ 85.134895][ T753] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 85.140614][ T753] ret_from_fork+0x24/0x30