Warning: Permanently added '10.128.0.54' (ED25519) to the list of known hosts. executing program [ 44.602183][ T3568] [ 44.604527][ T3568] ===================================== [ 44.610036][ T3568] WARNING: bad unlock balance detected! [ 44.615634][ T3568] 5.15.167-syzkaller #0 Not tainted [ 44.620806][ T3568] ------------------------------------- [ 44.626315][ T3568] kworker/u5:2/3568 is trying to release lock (&chan->lock) at: [ 44.633923][ T3568] [] l2cap_recv_frame+0x136f/0x8ae0 [ 44.640714][ T3568] but there are no more locks to release! [ 44.646412][ T3568] [ 44.646412][ T3568] other info that might help us debug this: [ 44.654535][ T3568] 2 locks held by kworker/u5:2/3568: [ 44.659788][ T3568] #0: ffff888073ab4938 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 [ 44.670195][ T3568] #1: ffffc90002537d20 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 [ 44.681549][ T3568] [ 44.681549][ T3568] stack backtrace: [ 44.687421][ T3568] CPU: 1 PID: 3568 Comm: kworker/u5:2 Not tainted 5.15.167-syzkaller #0 [ 44.695729][ T3568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 44.705767][ T3568] Workqueue: hci0 hci_rx_work [ 44.710450][ T3568] Call Trace: [ 44.713706][ T3568] [ 44.716690][ T3568] dump_stack_lvl+0x1e3/0x2d0 [ 44.721347][ T3568] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 44.727042][ T3568] ? panic+0x860/0x860 [ 44.731084][ T3568] ? l2cap_recv_frame+0x136f/0x8ae0 [ 44.736253][ T3568] print_unlock_imbalance_bug+0x248/0x2b0 [ 44.741946][ T3568] ? list_move_tail+0x130/0x130 [ 44.746771][ T3568] lock_release+0x596/0x9a0 [ 44.751242][ T3568] ? mark_lock+0x98/0x340 [ 44.755539][ T3568] ? l2cap_recv_frame+0x136f/0x8ae0 [ 44.760709][ T3568] ? __lock_acquire+0x1ff0/0x1ff0 [ 44.765732][ T3568] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 44.771701][ T3568] ? lockdep_hardirqs_on_prepare+0x7a0/0x7a0 [ 44.777684][ T3568] ? l2cap_recv_frame+0x136f/0x8ae0 [ 44.782891][ T3568] __mutex_unlock_slowpath+0xde/0x750 [ 44.788253][ T3568] ? __local_bh_enable_ip+0x164/0x1f0 [ 44.793617][ T3568] ? mutex_unlock+0x10/0x10 [ 44.798103][ T3568] ? do_raw_spin_unlock+0x137/0x8b0 [ 44.803404][ T3568] ? l2cap_sock_recv_cb+0x18a/0x1e0 [ 44.808597][ T3568] l2cap_recv_frame+0x136f/0x8ae0 [ 44.813614][ T3568] ? l2cap_conn_unreliable+0x1a0/0x1a0 [ 44.819053][ T3568] ? __mutex_unlock_slowpath+0x218/0x750 [ 44.824663][ T3568] ? rcu_lock_release+0x5/0x20 [ 44.829403][ T3568] ? mutex_unlock+0x10/0x10 [ 44.833968][ T3568] ? hci_conn_enter_active_mode+0x25c/0x360 [ 44.839837][ T3568] ? l2cap_recv_acldata+0x2ea/0x1560 [ 44.845096][ T3568] hci_rx_work+0x48f/0x990 [ 44.849488][ T3568] process_one_work+0x8a1/0x10c0 [ 44.854424][ T3568] ? worker_detach_from_pool+0x260/0x260 [ 44.860028][ T3568] ? _raw_spin_lock_irqsave+0x120/0x120 [ 44.865650][ T3568] ? kthread_data+0x4e/0xc0 [ 44.870124][ T3568] ? wq_worker_running+0x97/0x170 [ 44.875114][ T3568] worker_thread+0xaca/0x1280 [ 44.879768][ T3568] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 44.885635][ T3568] kthread+0x3f6/0x4f0 [ 44.889679][ T3568] ? rcu_lock_release+0x20/0x20 [ 44.894497][ T3568] ? kthread_blkcg+0xd0/0xd0 [ 44.899055][ T3568] ret_from_fork+0x1f/0x30 [