Bluetooth: hci5: command 0x0406 tx timeout
Bluetooth: hci1: command 0x0406 tx timeout
Bluetooth: hci3: command 0x0406 tx timeout
Bluetooth: hci7: command 0x0406 tx timeout
Bluetooth: hci6: command 0x0406 tx timeout
INFO: task syz-executor.7:4137 blocked for more than 143 seconds.
      Not tainted 6.16.0-rc6-next-20250718 #1
      Blocked by coredump.
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.7  state:D stack:26392 pid:4137  tgid:4137  ppid:287    task_flags:0x40044c flags:0x00004004
Call Trace:
 <TASK>
 __schedule+0xe8d/0x35b0
 schedule+0xdb/0x390
 schedule_preempt_disabled+0x10/0x20
 rwsem_down_read_slowpath+0x578/0xd00
 down_read+0xec/0x470
 do_exit+0x68f/0x2970
 do_group_exit+0xd3/0x2a0
 get_signal+0x2315/0x2340
 arch_do_signal_or_restart+0x80/0x790
 exit_to_user_mode_loop+0x8b/0x100
 do_syscall_64+0x2f7/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f5b1f1ebb62
RSP: 002b:00007ffceb9f3658 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: fffffffffffffffc RBX: 0000000000020022 RCX: 00007f5b1f1ebb62
RDX: 0000000000000000 RSI: 0000000000021000 RDI: 0000000000000000
RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
R10: 0000000000020022 R11: 0000000000000246 R12: 00007ffceb9f3850
R13: 00007f5b1cf62700 R14: 0000000000000000 R15: 0000000000022000
 </TASK>
INFO: task syz-executor.7:4137 <reader> blocked on an rw-semaphore likely owned by task syz-executor.7:4138 <writer>
task:syz-executor.7  state:R  running task     stack:27848 pid:4138  tgid:4137  ppid:287    task_flags:0x400040 flags:0x00004006
Call Trace:
 <TASK>
 </TASK>

Showing all locks held in the system:
1 lock held by khungtaskd/32:
 #0: ffffffff85c1d1e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
1 lock held by in:imklog/178:
1 lock held by syz-executor.7/4137:
 #0: ffff888008c66ae0 (&mm->mmap_lock){++++}-{4:4}, at: do_exit+0x68f/0x2970
1 lock held by syz-executor.7/4138:

=============================================