===================================== WARNING: bad unlock balance detected! 4.14.103+ #18 Not tainted ------------------------------------- migration/1/16 is trying to release lock (&rq->lock) at: [] migration_cpu_stop+0x2dd/0x430 kernel/sched/core.c:1036 but there are no more locks to release! other info that might help us debug this: 1 lock held by migration/1/16: #0: (&p->pi_lock){-.-.}, at: [] migration_cpu_stop+0xe1/0x430 kernel/sched/core.c:1027 stack backtrace: CPU: 1 PID: 16 Comm: migration/1 Not tainted 4.14.103+ #18 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0xb9/0x10e lib/dump_stack.c:53 print_unlock_imbalance_bug kernel/locking/lockdep.c:3548 [inline] print_unlock_imbalance_bug.cold+0x110/0x11f kernel/locking/lockdep.c:3525 device lo entered promiscuous mode audit: type=1400 audit(1551040433.933:45): avc: denied { map } for pid=5547 comm="syz-executor.4" path="/proc/5547" dev="proc" ino=14757 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=dir permissive=1 SELinux: mount invalid. Same superblock, different security settings for (dev tracefs, type tracefs) netlink: 11 bytes leftover after parsing attributes in process `syz-executor.5'. SELinux: mount invalid. Same superblock, different security settings for (dev tracefs, type tracefs) netlink: 11 bytes leftover after parsing attributes in process `syz-executor.5'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor.5'. binder: 5859:5868 got transaction to invalid handle binder: 5859:5868 transaction failed 29201/-22, size 524288--8132217326041888768 line 3012 binder: 5859:5868 BC_INCREFS_DONE u0000000000000000 no match binder: 5859:5868 Release 1 refcount change on invalid ref 1 ret -22 binder: 5859:5868 BC_ACQUIRE_DONE u0000000000000000 no match netlink: 11 bytes leftover after parsing attributes in process `syz-executor.5'. binder: BINDER_SET_CONTEXT_MGR already set binder: 5859:5873 ioctl 40046207 0 returned -16 binder: 5873:5892 got transaction to invalid handle binder: 5873:5892 transaction failed 29201/-22, size 524288--8132217326041888768 line 3012 binder: 5873:5873 BC_INCREFS_DONE u0000000000000000 no match binder: 5859:5891 Release 1 refcount change on invalid ref 1 ret -22 binder: 5873:5873 BC_ACQUIRE_DONE u0000000000000000 no match device lo entered promiscuous mode Y4`Ҙ: renamed from lo input: syz0 as /devices/virtual/input/input8 input: syz0 as /devices/virtual/input/input9 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor.5'. ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! netlink: 11 bytes leftover after parsing attributes in process `syz-executor.5'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor.5'. device lo entered promiscuous mode Y4`Ҙ: renamed from lo input: syz0 as /devices/virtual/input/input10 input: syz0 as /devices/virtual/input/input11 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.