Warning: Permanently added '10.128.1.19' (ED25519) to the list of known hosts. executing program [ 53.125431][ T146] [ 53.127794][ T146] ===================================== [ 53.133411][ T146] WARNING: bad unlock balance detected! [ 53.139077][ T146] 5.15.167-syzkaller #0 Not tainted [ 53.144298][ T146] ------------------------------------- [ 53.149842][ T146] kworker/u5:0/146 is trying to release lock (&chan->lock) at: [ 53.157386][ T146] [] l2cap_recv_frame+0x136f/0x8ae0 [ 53.164178][ T146] but there are no more locks to release! [ 53.169885][ T146] [ 53.169885][ T146] other info that might help us debug this: [ 53.177922][ T146] 2 locks held by kworker/u5:0/146: [ 53.183102][ T146] #0: ffff888075b0c138 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 [ 53.193559][ T146] #1: ffffc9000168fd20 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 [ 53.205778][ T146] [ 53.205778][ T146] stack backtrace: [ 53.211673][ T146] CPU: 1 PID: 146 Comm: kworker/u5:0 Not tainted 5.15.167-syzkaller #0 [ 53.219913][ T146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 53.230008][ T146] Workqueue: hci0 hci_rx_work [ 53.234700][ T146] Call Trace: [ 53.237997][ T146] [ 53.241655][ T146] dump_stack_lvl+0x1e3/0x2d0 [ 53.246342][ T146] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 53.252016][ T146] ? panic+0x860/0x860 [ 53.256092][ T146] ? l2cap_recv_frame+0x136f/0x8ae0 [ 53.261311][ T146] print_unlock_imbalance_bug+0x248/0x2b0 [ 53.267113][ T146] ? list_move_tail+0x130/0x130 [ 53.274473][ T146] lock_release+0x596/0x9a0 [ 53.280985][ T146] ? mark_lock+0x98/0x340 [ 53.286112][ T146] ? l2cap_recv_frame+0x136f/0x8ae0 [ 53.291550][ T146] ? __lock_acquire+0x1ff0/0x1ff0 [ 53.297304][ T146] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 53.303932][ T146] ? lockdep_hardirqs_on_prepare+0x7a0/0x7a0 [ 53.310114][ T146] ? l2cap_recv_frame+0x136f/0x8ae0 [ 53.315685][ T146] __mutex_unlock_slowpath+0xde/0x750 [ 53.321224][ T146] ? __local_bh_enable_ip+0x164/0x1f0 [ 53.326965][ T146] ? mutex_unlock+0x10/0x10 [ 53.331894][ T146] ? do_raw_spin_unlock+0x137/0x8b0 [ 53.337101][ T146] ? l2cap_sock_recv_cb+0x18a/0x1e0 [ 53.342475][ T146] l2cap_recv_frame+0x136f/0x8ae0 [ 53.347504][ T146] ? l2cap_conn_unreliable+0x1a0/0x1a0 [ 53.352959][ T146] ? __mutex_unlock_slowpath+0x218/0x750 [ 53.358588][ T146] ? rcu_lock_release+0x5/0x20 [ 53.363363][ T146] ? mutex_unlock+0x10/0x10 [ 53.367857][ T146] ? hci_conn_enter_active_mode+0x25c/0x360 [ 53.373744][ T146] ? l2cap_recv_acldata+0x2ea/0x1560 [ 53.379018][ T146] hci_rx_work+0x48f/0x990 [ 53.383425][ T146] process_one_work+0x8a1/0x10c0 [ 53.388359][ T146] ? worker_detach_from_pool+0x260/0x260 [ 53.394006][ T146] ? _raw_spin_lock_irqsave+0x120/0x120 [ 53.399539][ T146] ? kthread_data+0x4e/0xc0 [ 53.404031][ T146] ? wq_worker_running+0x97/0x170 [ 53.409064][ T146] worker_thread+0xaca/0x1280 [ 53.414069][ T146] kthread+0x3f6/0x4f0 [ 53.418334][ T146] ? rcu_lock_release+0x20/0x20 [ 53.423215][ T146] ? kthread_blkcg+0xd0/0xd