Warning: Permanently added '10.128.10.25' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   27.099583] overlayfs: failed to create directory ./file1/work (errno: 30); mounting read-only
[   27.108588] 
[   27.110204] =====================================
[   27.115047] WARNING: bad unlock balance detected!
[   27.119861] 4.14.267-syzkaller #0 Not tainted
[   27.124321] -------------------------------------
[   27.129133] syz-executor341/7962 is trying to release lock (sb_writers) at:
[   27.136212] [<ffffffff87078294>] ovl_workdir_create.cold+0xeb/0xf7
[   27.142499] but there are no more locks to release!
[   27.147482] 
[   27.147482] other info that might help us debug this:
[   27.154117] 1 lock held by syz-executor341/7962:
[   27.158837]  #0:  (&type->s_umount_key#46/1){+.+.}, at: [<ffffffff81876656>] sget_userns+0x556/0xc10
[   27.168089] 
[   27.168089] stack backtrace:
[   27.172557] CPU: 1 PID: 7962 Comm: syz-executor341 Not tainted 4.14.267-syzkaller #0
[   27.180405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   27.189732] Call Trace:
[   27.192294]  dump_stack+0x1b2/0x281
[   27.195894]  ? ovl_workdir_create.cold+0xeb/0xf7
[   27.200621]  lock_release.cold+0x70/0xbf
[   27.204654]  ? lock_downgrade+0x740/0x740
[   27.208773]  ovl_workdir_create.cold+0xeb/0xf7
[   27.213326]  ? clone_private_mount+0x24f/0x2f0
[   27.217879]  ? ovl_mount_dir+0x190/0x190
[   27.221924]  ? lock_downgrade+0x740/0x740
[   27.226043]  ? up_read+0x17/0x30
[   27.229379]  ? clone_private_mount+0x113/0x2f0
[   27.233940]  ovl_fill_super+0xfe9/0x2610
[   27.237988]  ? ovl_put_super+0x4a0/0x4a0
[   27.242031]  ? sget_userns+0x768/0xc10
[   27.245894]  ? get_anon_bdev+0x1c0/0x1c0
[   27.249929]  ? sget+0xd9/0x110
[   27.253091]  ? ovl_put_super+0x4a0/0x4a0
[   27.257124]  mount_nodev+0x4c/0xf0
[   27.260721]  mount_fs+0x92/0x2a0
[   27.264060]  vfs_kern_mount.part.0+0x5b/0x470
[   27.268527]  do_mount+0xe65/0x2a10
[   27.272045]  ? do_raw_spin_unlock+0x164/0x220
[   27.276509]  ? copy_mount_string+0x40/0x40
[   27.280719]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[   27.285702]  ? copy_mnt_ns+0xa30/0xa30
[   27.289562]  ? copy_mount_options+0x1fa/0x2f0
[   27.294027]  ? copy_mnt_ns+0xa30/0xa30
[   27.297886]  SyS_mount+0xa8/0x120
[   27.301312]  ? copy_mnt_ns+0xa30/0xa30
[   27.305168]  do_syscall_64+0x1d5/0x640
[   27.309028]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   27.314189] RIP: 0033:0x7f3488b390e9
[   27.317869] RSP: 002b:00007fff2f0687d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   27.325547] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f3488b390e9
[   27.332798] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[   27.340038] RBP: 00007f3488afd0d0 R08: 0000000020000340 R09: 0000000000000000
[   27.347290] R10: 0000000000000000 R11