forked to background, child pid 3238
[   22.330706][ T3239] 8021q: adding VLAN 0 to HW filter on device bond0
[   22.346142][ T3239] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: [   22.530105][ T3311] ssh-keygen (3311) used greatest stack depth: 20024 bytes left
OK

syzkaller
Warning: Permanently added '10.128.0.84' (ED25519) to the list of known hosts.
executing program
syzkaller login: [   44.179680][ T3568] 
[   44.182020][ T3568] =====================================
[   44.187532][ T3568] WARNING: bad unlock balance detected!
[   44.193040][ T3568] 5.15.167-syzkaller #0 Not tainted
[   44.198213][ T3568] -------------------------------------
[   44.203722][ T3568] kworker/u5:2/3568 is trying to release lock (&chan->lock) at:
[   44.211338][ T3568] [<ffffffff895b621f>] l2cap_recv_frame+0x136f/0x8ae0
[   44.218092][ T3568] but there are no more locks to release!
[   44.223772][ T3568] 
[   44.223772][ T3568] other info that might help us debug this:
[   44.231797][ T3568] 2 locks held by kworker/u5:2/3568:
[   44.237154][ T3568]  #0: ffff8880232fd938 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[   44.247506][ T3568]  #1: ffffc90002c77d20 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[   44.258867][ T3568] 
[   44.258867][ T3568] stack backtrace:
[   44.264742][ T3568] CPU: 0 PID: 3568 Comm: kworker/u5:2 Not tainted 5.15.167-syzkaller #0
[   44.273049][ T3568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   44.283077][ T3568] Workqueue: hci0 hci_rx_work
[   44.287734][ T3568] Call Trace:
[   44.290986][ T3568]  <TASK>
[   44.293891][ T3568]  dump_stack_lvl+0x1e3/0x2d0
[   44.298555][ T3568]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   44.304157][ T3568]  ? panic+0x860/0x860
[   44.308199][ T3568]  ? l2cap_recv_frame+0x136f/0x8ae0
[   44.313371][ T3568]  print_unlock_imbalance_bug+0x248/0x2b0
[   44.319066][ T3568]  ? list_move_tail+0x130/0x130
[   44.323888][ T3568]  lock_release+0x596/0x9a0
[   44.328357][ T3568]  ? mark_lock+0x98/0x340
[   44.332656][ T3568]  ? l2cap_recv_frame+0x136f/0x8ae0
[   44.337824][ T3568]  ? __lock_acquire+0x1ff0/0x1ff0
[   44.342812][ T3568]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   44.348762][ T3568]  ? lockdep_hardirqs_on_prepare+0x7a0/0x7a0
[   44.354709][ T3568]  ? l2cap_recv_frame+0x136f/0x8ae0
[   44.359878][ T3568]  __mutex_unlock_slowpath+0xde/0x750
[   44.365229][ T3568]  ? __local_bh_enable_ip+0x164/0x1f0
[   44.370574][ T3568]  ? mutex_unlock+0x10/0x10
[   44.375046][ T3568]  ? do_raw_spin_unlock+0x137/0x8b0
[   44.380215][ T3568]  ? l2cap_sock_recv_cb+0x18a/0x1e0
[   44.385387][ T3568]  l2cap_recv_frame+0x136f/0x8ae0
[   44.390382][ T3568]  ? l2cap_conn_unreliable+0x1a0/0x1a0
[   44.395807][ T3568]  ? __mutex_unlock_slowpath+0x218/0x750
[   44.401406][ T3568]  ? rcu_lock_release+0x5/0x20
[   44.406138][ T3568]  ? mutex_unlock+0x10/0x10
[   44.410605][ T3568]  ? hci_conn_enter_active_mode+0x25c/0x360
[   44.416468][ T3568]  ? l2cap_recv_acldata+0x2ea/0x1560
[   44.421719][ T3568]  hci_rx_work+0x48f/0x990
[   44.426103][ T3568]  process_one_work+0x8a1/0x10c0
[   44.431011][ T3568]  ? worker_detach_from_pool+0x260/0x260
[   44.436610][ T3568]  ? _raw_spin_lock_irqsave+0x120/0x120
[   44.442121][ T3568]  ? kthread_data+0x4e/0xc0
[   44.446589][ T3568]  ? wq_worker_running+0x97/0x170
[   44.451580][ T3568]  worker_thread+0xaca/0x1280
[   44.456227][ T3568]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   44.462091][ T3568]  kthread+0x3f6/0x4f0
[   44.466127][ T3568]  ? rcu_lock_release+0x20/0x20
[   44.470946][ T3568]  ? kthread_blkcg+0xd0/0xd0
[   44.475505][ T3568]  ret_from_fork+0x1f/0x30
[   44.479892