DUID 00:04:f2:7f:36:b6:03:80:f9:c3:71:03:f9:5e:f9:cf:ad:4a forked to background, child pid 3181 [ 28.923968][ T3182] 8021q: adding VLAN 0 to HW filter on device bond0 [ 28.937488][ T3182] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.40' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 52.170011][ T3604] [ 52.172355][ T3604] ===================================== [ 52.177881][ T3604] WARNING: bad unlock balance detected! [ 52.183411][ T3604] 5.16.0-rc6-syzkaller #0 Not tainted [ 52.188770][ T3604] ------------------------------------- [ 52.194294][ T3604] syz-executor844/3604 is trying to release lock (&call->user_mutex) at: [ 52.202700][ T3604] [] rxrpc_do_sendmsg+0xc13/0x1350 [ 52.209392][ T3604] but there are no more locks to release! [ 52.215090][ T3604] [ 52.215090][ T3604] other info that might help us debug this: [ 52.223141][ T3604] no locks held by syz-executor844/3604. [ 52.228753][ T3604] [ 52.228753][ T3604] stack backtrace: [ 52.234626][ T3604] CPU: 0 PID: 3604 Comm: syz-executor844 Not tainted 5.16.0-rc6-syzkaller #0 [ 52.243381][ T3604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 52.253424][ T3604] Call Trace: [ 52.256693][ T3604] [ 52.259617][ T3604] dump_stack_lvl+0xcd/0x134 [ 52.264205][ T3604] lock_release.cold+0x49/0x4e [ 52.268967][ T3604] ? rxrpc_do_sendmsg+0xc13/0x1350 [ 52.274076][ T3604] ? lock_downgrade+0x6e0/0x6e0 [ 52.278928][ T3604] ? trace_rxrpc_timer+0x290/0x290 [ 52.284057][ T3604] __mutex_unlock_slowpath+0x99/0x5e0 [ 52.289517][ T3604] ? wait_for_completion_io+0x270/0x270 [ 52.295059][ T3604] ? wake_up_q+0xf0/0xf0 [ 52.299300][ T3604] ? rxrpc_do_sendmsg+0xef8/0x1350 [ 52.304405][ T3604] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 52.310645][ T3604] ? rxrpc_put_peer+0x8a/0x3c0 [ 52.315407][ T3604] rxrpc_do_sendmsg+0xc13/0x1350 [ 52.320341][ T3604] ? rxrpc_kernel_send_data+0x450/0x450 [ 52.325883][ T3604] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 52.332130][ T3604] ? rxrpc_lookup_local+0x9bd/0x1050 [ 52.337417][ T3604] rxrpc_sendmsg+0x420/0x630 [ 52.342009][ T3604] ? rxrpc_sock_set_min_security_level+0xe0/0xe0 [ 52.348340][ T3604] sock_sendmsg+0xcf/0x120 [ 52.352757][ T3604] ____sys_sendmsg+0x6e8/0x810 [ 52.357517][ T3604] ? kernel_sendmsg+0x50/0x50 [ 52.362190][ T3604] ? do_recvmmsg+0x6d0/0x6d0 [ 52.366774][ T3604] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 52.372754][ T3604] ? lock_downgrade+0x6e0/0x6e0 [ 52.377608][ T3604] ___sys_sendmsg+0xf3/0x170 [ 52.382192][ T3604] ? sendmsg_copy_msghdr+0x160/0x160 [ 52.387472][ T3604] ? lock_downgrade+0x6e0/0x6e0 [ 52.392331][ T3604] ? __fget_light+0xea/0x280 [ 52.396927][ T3604] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 52.403169][ T3604] __sys_sendmsg+0xe5/0x1b0 [ 52.407671][ T3604] ? __sys_sendmsg_sock+0x30/0x30 [ 52.412694][ T3604] ? syscall_enter_from_user_mode+0x21/0x70 [ 52.418587][ T3604] do_syscall_64+0x35/0xb0 [ 52.422996][ T3604] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 52.428889][ T3604] RIP: 0033:0x7fdd60faadf9 [ 52.433306][ T3604] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 52.452909][ T3604] RSP: 002b:00007fdd60f5d318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 52.461315][ T3604] RAX: ffffffffffffffda RBX: 00007fdd610333e8 RCX: 00007fdd60faadf9 [ 52.469277][ T3604] RDX