Warning: Permanently added '[localhost]:63052' (ECDSA) to the list of known hosts. 2023/02/24 11:13:50 fuzzer started 2023/02/24 11:13:50 dialing manager at localhost:41417 syzkaller login: [ 37.417809] cgroup: Unknown subsys name 'net' [ 37.502409] cgroup: Unknown subsys name 'rlimit' 2023/02/24 11:14:07 syscalls: 2217 2023/02/24 11:14:07 code coverage: enabled 2023/02/24 11:14:07 comparison tracing: enabled 2023/02/24 11:14:07 extra coverage: enabled 2023/02/24 11:14:07 setuid sandbox: enabled 2023/02/24 11:14:07 namespace sandbox: enabled 2023/02/24 11:14:07 Android sandbox: enabled 2023/02/24 11:14:07 fault injection: enabled 2023/02/24 11:14:07 leak checking: enabled 2023/02/24 11:14:07 net packet injection: enabled 2023/02/24 11:14:07 net device setup: enabled 2023/02/24 11:14:07 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/02/24 11:14:07 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/02/24 11:14:07 USB emulation: enabled 2023/02/24 11:14:07 hci packet injection: enabled 2023/02/24 11:14:07 wifi device emulation: enabled 2023/02/24 11:14:07 802.15.4 emulation: enabled 2023/02/24 11:14:07 fetching corpus: 0, signal 0/2000 (executing program) 2023/02/24 11:14:07 fetching corpus: 39, signal 18431/22146 (executing program) 2023/02/24 11:14:07 fetching corpus: 87, signal 32177/37360 (executing program) 2023/02/24 11:14:07 fetching corpus: 137, signal 45955/52354 (executing program) 2023/02/24 11:14:07 fetching corpus: 187, signal 57581/65153 (executing program) 2023/02/24 11:14:07 fetching corpus: 237, signal 68919/77432 (executing program) 2023/02/24 11:14:07 fetching corpus: 287, signal 75294/84841 (executing program) 2023/02/24 11:14:07 fetching corpus: 337, signal 81835/92300 (executing program) 2023/02/24 11:14:08 fetching corpus: 385, signal 84410/95986 (executing program) 2023/02/24 11:14:08 fetching corpus: 435, signal 87402/99970 (executing program) 2023/02/24 11:14:08 fetching corpus: 484, signal 90941/104443 (executing program) 2023/02/24 11:14:08 fetching corpus: 533, signal 95285/109499 (executing program) 2023/02/24 11:14:08 fetching corpus: 583, signal 99821/114731 (executing program) 2023/02/24 11:14:08 fetching corpus: 633, signal 103820/119397 (executing program) 2023/02/24 11:14:08 fetching corpus: 683, signal 107949/124085 (executing program) 2023/02/24 11:14:09 fetching corpus: 733, signal 110317/127172 (executing program) 2023/02/24 11:14:09 fetching corpus: 783, signal 112965/130488 (executing program) 2023/02/24 11:14:09 fetching corpus: 833, signal 116234/134295 (executing program) 2023/02/24 11:14:09 fetching corpus: 883, signal 119089/137707 (executing program) 2023/02/24 11:14:09 fetching corpus: 933, signal 121603/140785 (executing program) 2023/02/24 11:14:09 fetching corpus: 983, signal 124683/144250 (executing program) 2023/02/24 11:14:09 fetching corpus: 1033, signal 127865/147772 (executing program) 2023/02/24 11:14:09 fetching corpus: 1083, signal 129697/150173 (executing program) 2023/02/24 11:14:10 fetching corpus: 1133, signal 131456/152474 (executing program) 2023/02/24 11:14:10 fetching corpus: 1183, signal 134782/155986 (executing program) 2023/02/24 11:14:10 fetching corpus: 1233, signal 136714/158336 (executing program) 2023/02/24 11:14:10 fetching corpus: 1282, signal 138763/160776 (executing program) 2023/02/24 11:14:10 fetching corpus: 1332, signal 140681/163104 (executing program) 2023/02/24 11:14:10 fetching corpus: 1382, signal 141973/164880 (executing program) 2023/02/24 11:14:10 fetching corpus: 1432, signal 144690/167756 (executing program) 2023/02/24 11:14:10 fetching corpus: 1482, signal 146611/169919 (executing program) 2023/02/24 11:14:11 fetching corpus: 1531, signal 148948/172389 (executing program) 2023/02/24 11:14:11 fetching corpus: 1581, signal 150165/174016 (executing program) 2023/02/24 11:14:11 fetching corpus: 1631, signal 151745/175867 (executing program) 2023/02/24 11:14:11 fetching corpus: 1680, signal 153381/177684 (executing program) 2023/02/24 11:14:11 fetching corpus: 1730, signal 155684/179944 (executing program) 2023/02/24 11:14:11 fetching corpus: 1780, signal 156952/181512 (executing program) 2023/02/24 11:14:11 fetching corpus: 1830, signal 158456/183200 (executing program) 2023/02/24 11:14:11 fetching corpus: 1880, signal 159758/184690 (executing program) 2023/02/24 11:14:11 fetching corpus: 1930, signal 161645/186552 (executing program) 2023/02/24 11:14:12 fetching corpus: 1980, signal 163314/188257 (executing program) 2023/02/24 11:14:12 fetching corpus: 2030, signal 164592/189677 (executing program) 2023/02/24 11:14:12 fetching corpus: 2080, signal 165505/190889 (executing program) 2023/02/24 11:14:12 fetching corpus: 2129, signal 166883/192306 (executing program) 2023/02/24 11:14:12 fetching corpus: 2179, signal 167808/193448 (executing program) 2023/02/24 11:14:12 fetching corpus: 2229, signal 168612/194510 (executing program) 2023/02/24 11:14:12 fetching corpus: 2279, signal 169800/195758 (executing program) 2023/02/24 11:14:12 fetching corpus: 2328, signal 171325/197224 (executing program) 2023/02/24 11:14:13 fetching corpus: 2378, signal 173152/198828 (executing program) 2023/02/24 11:14:13 fetching corpus: 2428, signal 174070/199869 (executing program) 2023/02/24 11:14:13 fetching corpus: 2478, signal 175017/200906 (executing program) 2023/02/24 11:14:13 fetching corpus: 2527, signal 176065/201997 (executing program) 2023/02/24 11:14:13 fetching corpus: 2577, signal 177318/203200 (executing program) 2023/02/24 11:14:13 fetching corpus: 2627, signal 178191/204194 (executing program) 2023/02/24 11:14:13 fetching corpus: 2677, signal 179216/205202 (executing program) 2023/02/24 11:14:13 fetching corpus: 2727, signal 180406/206272 (executing program) 2023/02/24 11:14:14 fetching corpus: 2777, signal 181842/207537 (executing program) 2023/02/24 11:14:14 fetching corpus: 2827, signal 182877/208486 (executing program) 2023/02/24 11:14:14 fetching corpus: 2877, signal 184005/209511 (executing program) 2023/02/24 11:14:14 fetching corpus: 2927, signal 184622/210243 (executing program) 2023/02/24 11:14:14 fetching corpus: 2977, signal 186012/211305 (executing program) 2023/02/24 11:14:14 fetching corpus: 3026, signal 186538/211968 (executing program) 2023/02/24 11:14:14 fetching corpus: 3076, signal 187438/212738 (executing program) 2023/02/24 11:14:15 fetching corpus: 3126, signal 189104/213945 (executing program) 2023/02/24 11:14:15 fetching corpus: 3175, signal 190104/214774 (executing program) 2023/02/24 11:14:15 fetching corpus: 3225, signal 191173/215595 (executing program) 2023/02/24 11:14:15 fetching corpus: 3274, signal 192044/216347 (executing program) 2023/02/24 11:14:15 fetching corpus: 3323, signal 192886/217046 (executing program) 2023/02/24 11:14:15 fetching corpus: 3373, signal 194005/217870 (executing program) 2023/02/24 11:14:15 fetching corpus: 3422, signal 194684/218452 (executing program) 2023/02/24 11:14:16 fetching corpus: 3472, signal 195368/219060 (executing program) 2023/02/24 11:14:16 fetching corpus: 3521, signal 196203/219733 (executing program) 2023/02/24 11:14:16 fetching corpus: 3571, signal 196910/220342 (executing program) 2023/02/24 11:14:16 fetching corpus: 3621, signal 197713/220973 (executing program) 2023/02/24 11:14:16 fetching corpus: 3671, signal 198205/221482 (executing program) 2023/02/24 11:14:16 fetching corpus: 3719, signal 199051/222140 (executing program) 2023/02/24 11:14:16 fetching corpus: 3769, signal 199694/222683 (executing program) 2023/02/24 11:14:17 fetching corpus: 3819, signal 200357/223194 (executing program) 2023/02/24 11:14:17 fetching corpus: 3868, signal 200958/223667 (executing program) 2023/02/24 11:14:17 fetching corpus: 3918, signal 201560/224168 (executing program) 2023/02/24 11:14:17 fetching corpus: 3966, signal 202324/224664 (executing program) 2023/02/24 11:14:17 fetching corpus: 4015, signal 202920/225150 (executing program) 2023/02/24 11:14:17 fetching corpus: 4065, signal 203905/225738 (executing program) 2023/02/24 11:14:17 fetching corpus: 4114, signal 204642/226202 (executing program) 2023/02/24 11:14:17 fetching corpus: 4164, signal 205315/226645 (executing program) 2023/02/24 11:14:17 fetching corpus: 4214, signal 205823/227014 (executing program) 2023/02/24 11:14:18 fetching corpus: 4264, signal 206524/227437 (executing program) 2023/02/24 11:14:18 fetching corpus: 4314, signal 207133/227823 (executing program) 2023/02/24 11:14:18 fetching corpus: 4363, signal 207583/228170 (executing program) 2023/02/24 11:14:18 fetching corpus: 4413, signal 208465/228640 (executing program) 2023/02/24 11:14:18 fetching corpus: 4463, signal 209619/229136 (executing program) 2023/02/24 11:14:18 fetching corpus: 4513, signal 210283/229483 (executing program) 2023/02/24 11:14:18 fetching corpus: 4563, signal 210959/229847 (executing program) 2023/02/24 11:14:19 fetching corpus: 4613, signal 211447/230123 (executing program) 2023/02/24 11:14:19 fetching corpus: 4663, signal 212206/230495 (executing program) 2023/02/24 11:14:19 fetching corpus: 4713, signal 212769/230803 (executing program) 2023/02/24 11:14:19 fetching corpus: 4763, signal 213373/231129 (executing program) 2023/02/24 11:14:19 fetching corpus: 4813, signal 214058/231431 (executing program) 2023/02/24 11:14:19 fetching corpus: 4863, signal 214642/231725 (executing program) 2023/02/24 11:14:19 fetching corpus: 4913, signal 215248/232007 (executing program) 2023/02/24 11:14:19 fetching corpus: 4963, signal 215671/232264 (executing program) 2023/02/24 11:14:20 fetching corpus: 5013, signal 216086/232472 (executing program) 2023/02/24 11:14:20 fetching corpus: 5063, signal 216523/232691 (executing program) 2023/02/24 11:14:20 fetching corpus: 5113, signal 217077/232927 (executing program) 2023/02/24 11:14:20 fetching corpus: 5163, signal 217553/233159 (executing program) 2023/02/24 11:14:20 fetching corpus: 5213, signal 218024/233351 (executing program) 2023/02/24 11:14:20 fetching corpus: 5262, signal 218551/233551 (executing program) 2023/02/24 11:14:20 fetching corpus: 5312, signal 219229/233748 (executing program) 2023/02/24 11:14:20 fetching corpus: 5362, signal 219744/233897 (executing program) 2023/02/24 11:14:21 fetching corpus: 5412, signal 220170/234040 (executing program) 2023/02/24 11:14:21 fetching corpus: 5462, signal 220828/234213 (executing program) 2023/02/24 11:14:21 fetching corpus: 5512, signal 221251/234367 (executing program) 2023/02/24 11:14:21 fetching corpus: 5562, signal 221725/234520 (executing program) 2023/02/24 11:14:21 fetching corpus: 5612, signal 222201/234647 (executing program) 2023/02/24 11:14:21 fetching corpus: 5662, signal 222710/234777 (executing program) 2023/02/24 11:14:21 fetching corpus: 5712, signal 223099/234896 (executing program) 2023/02/24 11:14:21 fetching corpus: 5762, signal 223705/235014 (executing program) 2023/02/24 11:14:22 fetching corpus: 5811, signal 224395/235071 (executing program) 2023/02/24 11:14:22 fetching corpus: 5861, signal 224862/235143 (executing program) 2023/02/24 11:14:22 fetching corpus: 5911, signal 225293/235143 (executing program) 2023/02/24 11:14:22 fetching corpus: 5960, signal 225677/235143 (executing program) 2023/02/24 11:14:22 fetching corpus: 6010, signal 226234/235143 (executing program) 2023/02/24 11:14:22 fetching corpus: 6059, signal 226698/235143 (executing program) 2023/02/24 11:14:22 fetching corpus: 6108, signal 227170/235143 (executing program) 2023/02/24 11:14:22 fetching corpus: 6158, signal 227485/235143 (executing program) 2023/02/24 11:14:22 fetching corpus: 6208, signal 228119/235143 (executing program) 2023/02/24 11:14:23 fetching corpus: 6258, signal 228691/235143 (executing program) 2023/02/24 11:14:23 fetching corpus: 6306, signal 229028/235145 (executing program) 2023/02/24 11:14:23 fetching corpus: 6355, signal 229442/235145 (executing program) 2023/02/24 11:14:23 fetching corpus: 6404, signal 229957/235249 (executing program) 2023/02/24 11:14:23 fetching corpus: 6454, signal 230356/235249 (executing program) 2023/02/24 11:14:23 fetching corpus: 6503, signal 230727/235249 (executing program) 2023/02/24 11:14:23 fetching corpus: 6553, signal 231041/235275 (executing program) 2023/02/24 11:14:23 fetching corpus: 6596, signal 231527/235275 (executing program) 2023/02/24 11:14:23 fetching corpus: 6596, signal 231527/235275 (executing program) 2023/02/24 11:14:26 starting 8 fuzzer processes 11:14:26 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCGETA(r0, 0x4b3b, &(0x7f0000000000)) 11:14:26 executing program 1: r0 = io_uring_setup(0x56bc, &(0x7f0000001980)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x7ffffffff000, 0x0, 0x10, r0, 0x0) [ 71.522124] audit: type=1400 audit(1677237266.910:6): avc: denied { execmem } for pid=258 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:14:26 executing program 2: clock_getres(0x2, 0x0) 11:14:26 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {&(0x7f0000010100)='RRaA', 0x4, 0x800}, {&(0x7f0000010200)='\x00\x00\x00\x00rrAa', 0x8, 0x9e0}, {0x0, 0x0, 0x10000}], 0x0, &(0x7f0000011000)) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)=""/233) 11:14:26 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, 0x0, 0xc) 11:14:26 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) bind(r0, &(0x7f0000000000)=@x25={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x0}}, 0x80) 11:14:26 executing program 6: openat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0xffffffffffffff6c) 11:14:26 executing program 7: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x2000000) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x4000) [ 72.791423] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.794034] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.796629] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 72.800515] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.803498] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 72.804719] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 72.922035] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 72.930841] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 72.933311] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 72.935711] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 72.936080] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.939678] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 72.942323] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 72.944206] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 72.946100] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 72.947934] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 72.949192] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 72.950161] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 72.951843] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 72.955473] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 72.960226] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 72.961440] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 72.970584] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 72.971699] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 72.975346] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 72.977308] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 72.979338] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.980258] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 72.981977] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 72.982958] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 72.985423] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 72.995296] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 72.996565] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 73.010415] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 73.019048] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 73.020531] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 73.084199] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 73.097358] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 73.099834] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 73.118062] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 73.129043] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 73.131123] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 74.876290] Bluetooth: hci0: command 0x0409 tx timeout [ 75.004407] Bluetooth: hci1: command 0x0409 tx timeout [ 75.006081] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 75.008058] [ 75.008220] ====================================================== [ 75.008756] WARNING: possible circular locking dependency detected [ 75.009281] 6.2.0-next-20230224 #1 Not tainted [ 75.009670] ------------------------------------------------------ [ 75.013789] syz-executor.6/274 is trying to acquire lock: [ 75.014338] ffff888018274880 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: __flush_work+0xdd/0xd80 [ 75.015387] [ 75.015387] but task is already holding lock: [ 75.015971] ffff888018274920 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}, at: hci_cmd_sync_clear+0x45/0x250 [ 75.016930] [ 75.016930] which lock already depends on the new lock. [ 75.016930] [ 75.017709] [ 75.017709] the existing dependency chain (in reverse order) is: [ 75.018445] [ 75.018445] -> #1 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}: [ 75.019128] __mutex_lock+0x133/0x14a0 [ 75.019566] hci_cmd_sync_work+0x1e6/0x320 [ 75.020028] process_one_work+0xa0f/0x1790 [ 75.020500] worker_thread+0x63b/0x1260 [ 75.020939] kthread+0x2e9/0x3a0 [ 75.021315] ret_from_fork+0x2c/0x50 [ 75.021728] [ 75.021728] -> #0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}: [ 75.022507] __lock_acquire+0x2d56/0x6380 [ 75.022957] lock_acquire.part.0+0xea/0x320 [ 75.023428] __flush_work+0x109/0xd80 [ 75.023852] __cancel_work_timer+0x39c/0x4e0 [ 75.024313] hci_cmd_sync_clear+0x52/0x250 [ 75.024763] hci_unregister_dev+0xf9/0x410 [ 75.025222] vhci_release+0x80/0x100 [ 75.025631] __fput+0x263/0xa40 [ 75.025994] task_work_run+0x174/0x280 [ 75.026432] do_exit+0xad8/0x2800 [ 75.026815] do_group_exit+0xd4/0x2a0 [ 75.027230] __x64_sys_exit_group+0x3e/0x50 [ 75.027690] do_syscall_64+0x3f/0x90 [ 75.028095] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.028619] [ 75.028619] other info that might help us debug this: [ 75.028619] [ 75.029333] Possible unsafe locking scenario: [ 75.029333] [ 75.029885] CPU0 CPU1 [ 75.030321] ---- ---- [ 75.030754] lock(&hdev->cmd_sync_work_lock); [ 75.031208] lock((work_completion)(&hdev->cmd_sync_work)); [ 75.031996] lock(&hdev->cmd_sync_work_lock); [ 75.032671] lock((work_completion)(&hdev->cmd_sync_work)); [ 75.033262] [ 75.033262] *** DEADLOCK *** [ 75.033262] [ 75.033839] 1 lock held by syz-executor.6/274: [ 75.034299] #0: ffff888018274920 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}, at: hci_cmd_sync_clear+0x45/0x250 [ 75.035213] [ 75.035213] stack backtrace: [ 75.035594] CPU: 0 PID: 274 Comm: syz-executor.6 Not tainted 6.2.0-next-20230224 #1 [ 75.036229] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 75.036915] Call Trace: [ 75.037134] [ 75.037335] dump_stack_lvl+0x91/0xf0 [ 75.037678] check_noncircular+0x263/0x2e0 [ 75.038124] ? __pfx_check_noncircular+0x10/0x10 [ 75.038638] __lock_acquire+0x2d56/0x6380 [ 75.039071] ? lock_is_held_type+0x9f/0x120 [ 75.039520] ? __pfx___lock_acquire+0x10/0x10 [ 75.039946] ? __pfx_register_lock_class+0x10/0x10 [ 75.040385] ? __wait_for_common+0x394/0x550 [ 75.040787] ? __pfx_lock_release+0x10/0x10 [ 75.041180] lock_acquire.part.0+0xea/0x320 [ 75.041556] ? __flush_work+0xdd/0xd80 [ 75.041909] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 75.042342] ? __flush_work+0xdd/0xd80 [ 75.042691] ? rcu_read_lock_sched_held+0x42/0x80 [ 75.043110] ? trace_lock_acquire+0x170/0x1e0 [ 75.043506] ? __flush_work+0xdd/0xd80 [ 75.043848] ? lock_acquire+0x32/0xc0 [ 75.044183] ? __flush_work+0xdd/0xd80 [ 75.044534] __flush_work+0x109/0xd80 [ 75.044877] ? __flush_work+0xdd/0xd80 [ 75.045221] ? __pfx_mark_lock.part.0+0x10/0x10 [ 75.045633] ? __pfx___flush_work+0x10/0x10 [ 75.046013] ? lock_acquire.part.0+0xea/0x320 [ 75.046422] ? hci_cmd_sync_clear+0x45/0x250 [ 75.046805] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 75.047237] ? hci_cmd_sync_clear+0x45/0x250 [ 75.047632] ? rcu_read_lock_sched_held+0x42/0x80 [ 75.048060] ? trace_lock_acquire+0x170/0x1e0 [ 75.048462] ? lock_is_held_type+0x9f/0x120 [ 75.048855] ? mark_held_locks+0x9e/0xe0 [ 75.049221] __cancel_work_timer+0x39c/0x4e0 [ 75.049606] ? __pfx___cancel_work_timer+0x10/0x10 [ 75.050031] ? __cancel_work_timer+0x2aa/0x4e0 [ 75.050437] ? __pfx___cancel_work_timer+0x10/0x10 [ 75.050858] ? lock_release+0x1e3/0x710 [ 75.051220] ? __pfx_lock_release+0x10/0x10 [ 75.051593] ? do_raw_write_lock+0x11e/0x3b0 [ 75.052011] ? __pfx_vhci_release+0x10/0x10 [ 75.052392] hci_cmd_sync_clear+0x52/0x250 [ 75.052760] ? __pfx_vhci_release+0x10/0x10 [ 75.053142] hci_unregister_dev+0xf9/0x410 [ 75.053505] vhci_release+0x80/0x100 [ 75.053845] __fput+0x263/0xa40 [ 75.054153] task_work_run+0x174/0x280 [ 75.054512] ? __pfx_task_work_run+0x10/0x10 [ 75.054898] ? do_raw_spin_unlock+0x53/0x220 [ 75.055287] do_exit+0xad8/0x2800 [ 75.055590] ? lock_release+0x1e3/0x710 [ 75.055951] ? __pfx_lock_release+0x10/0x10 [ 75.056335] ? do_raw_spin_lock+0x125/0x270 [ 75.056711] ? __pfx_do_exit+0x10/0x10 [ 75.057062] do_group_exit+0xd4/0x2a0 [ 75.057404] __x64_sys_exit_group+0x3e/0x50 [ 75.057783] do_syscall_64+0x3f/0x90 [ 75.058111] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.058567] RIP: 0033:0x7f8f7298ab19 [ 75.058903] Code: Unable to access opcode bytes at 0x7f8f7298aaef. [ 75.059421] RSP: 002b:00007ffe2bb21548 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.060070] RAX: ffffffffffffffda RBX: 00007ffe2bb21d28 RCX: 00007f8f7298ab19 [ 75.060668] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 75.061264] RBP: 0000000000000000 R08: 0000000000000026 R09: 00007ffe2bb21d28 [ 75.061861] R10: 0000000000000020 R11: 0000000000000246 R12: 00007f8f729e4233 [ 75.062459] R13: 0000000000000002 R14: 0000000000000000 R15: 00000000000000f8 [ 75.063048] [ 75.067842] Bluetooth: hci5: command 0x0409 tx timeout [ 75.068308] Bluetooth: hci2: command 0x0409 tx timeout [ 75.068754] Bluetooth: hci3: command 0x0409 tx timeout [ 75.069224] Bluetooth: hci4: command 0x0409 tx timeout [ 75.195824] Bluetooth: hci7: command 0x0409 tx timeout [ 76.923858] Bluetooth: hci0: command 0x041b tx timeout [ 77.051906] Bluetooth: hci1: command 0x041b tx timeout [ 77.115864] Bluetooth: hci4: command 0x041b tx timeout [ 77.116286] Bluetooth: hci3: command 0x041b tx timeout [ 77.116656] Bluetooth: hci2: command 0x041b tx timeout [ 77.117048] Bluetooth: hci5: command 0x041b tx timeout [ 77.243819] Bluetooth: hci7: command 0x041b tx timeout [ 78.206611] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 78.208281] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 78.209224] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 78.213321] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 78.214208] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 78.219094] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 78.971822] Bluetooth: hci0: command 0x040f tx timeout [ 79.099984] Bluetooth: hci1: command 0x040f tx timeout [ 79.163858] Bluetooth: hci5: command 0x040f tx timeout [ 79.163881] Bluetooth: hci2: command 0x040f tx timeout [ 79.164442] Bluetooth: hci3: command 0x040f tx timeout [ 79.164869] Bluetooth: hci4: command 0x040f tx timeout [ 79.291829] Bluetooth: hci7: command 0x040f tx timeout [ 80.251863] Bluetooth: hci6: command 0x0409 tx timeout [ 81.019831] Bluetooth: hci0: command 0x0419 tx timeout [ 81.147825] Bluetooth: hci1: command 0x0419 tx timeout [ 81.211817] Bluetooth: hci4: command 0x0419 tx timeout [ 81.211849] Bluetooth: hci3: command 0x0419 tx timeout [ 81.212219] Bluetooth: hci2: command 0x0419 tx timeout [ 81.212594] Bluetooth: hci5: command 0x0419 tx timeout [ 81.339849] Bluetooth: hci7: command 0x0419 tx timeout [ 82.299835] Bluetooth: hci6: command 0x041b tx timeout [ 84.347879] Bluetooth: hci6: command 0x040f tx timeout VM DIAGNOSIS: 11:14:30 Registers: info registers vcpu 0 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82502865 RDI=ffffffff87f10da0 RBP=ffffffff87f10d60 RSP=ffff88803d527190 R8 =0000000000000001 R9 =000000000000000a R10=000000000000002d R11=0000000000000001 R12=000000000000002d R13=ffffffff87f10d60 R14=0000000000000010 R15=ffffffff82502850 RIP=ffffffff825028bd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe67cbf9e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe67cbf9c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f180a4921f0 CR3=000000000f80a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=7465756c42205d3332313133312e3337 XMM04=636f72703d7373616c63742030733a74 XMM05=3a755f6d65747379733d747865746e6f XMM06=5f6d65747379733a755f6d6574737973 XMM07=00000000000000000000000000000000 XMM08=303430783020646e616d6d6f63203a31 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=fffff94000185ae0 RBX=0000000000000001 RCX=ffffffff81656333 RDX=ffff7fffffffffff RSI=0000000000000008 RDI=ffffea0000c2d700 RBP=fffff94000185ae0 RSP=ffff88803f38fa70 R8 =0000000000000000 R9 =ffffea0000c2d707 R10=fffff94000185ae0 R11=0000000000000001 R12=ffffffffffffffff R13=dffffc0000000000 R14=0000000000000065 R15=ffffea0000c2d700 RIP=ffffffff817fe74f RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe085a7e9000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe085a7e7000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd4d3cd1028 CR3=000000000e306000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=1b11f030381c7da473466c791c71bacb XMM02=6b1e99b806172e3b00000000000aea28 XMM03=ac8bc31478ec851100000000000aefa0 XMM04=3e9747f8dffdd204000000000012e2d8 XMM05=d3fdd5f48436fbd700000000000aead0 XMM06=17ab952e9c38485a00000000000ae988 XMM07=a1fcdcf819d7e1e500000000000ae728 XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000