wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
Bluetooth: hci4: command 0x0406 tx timeout
INFO: task syz-executor.3:7869 blocked for more than 143 seconds.
      Not tainted 5.16.0-rc4-next-20211208 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.3  state:D stack:28760 pid: 7869 ppid:   298 flags:0x00024004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:4986 [inline]
 __schedule+0x882/0x2160 kernel/sched/core.c:6296
 schedule+0xd2/0x260 kernel/sched/core.c:6369
 io_uring_cancel_generic+0x537/0x68a fs/io_uring.c:9919
 io_uring_files_cancel include/linux/io_uring.h:16 [inline]
 do_exit+0x604/0x2960 kernel/exit.c:787
 do_group_exit+0x125/0x310 kernel/exit.c:929
 get_signal+0x349/0x2690 kernel/signal.c:2859
 arch_do_signal_or_restart+0x2b0/0x1720 arch/x86/kernel/signal.c:868
 handle_signal_work kernel/entry/common.c:148 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:172 [inline]
 exit_to_user_mode_prepare+0x143/0x1c0 kernel/entry/common.c:207
 __syscall_exit_to_user_mode_work kernel/entry/common.c:289 [inline]
 syscall_exit_to_user_mode+0x19/0x50 kernel/entry/common.c:300
 do_syscall_64+0x48/0x90 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7fcb3f1eeb19
RSP: 002b:00007fcb3c743218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: 0000000000000001 RBX: 00007fcb3f302028 RCX: 00007fcb3f1eeb19
RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcb3f30202c
RBP: 00007fcb3f302020 R08: 000000000000000e R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000246 R12: 00007fcb3f30202c
R13: 00007ffddada926f R14: 00007fcb3c743300 R15: 0000000000022000
 </TASK>

Showing all locks held in the system:
1 lock held by khungtaskd/25:
 #0: ffffffff85201860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6460
2 locks held by in:imklog/187:
 #0: ffff88800d3e2d70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:994
 #1: ffff88800e93ef48 (&object->lock){..-.}-{2:2}, at: might_alloc include/linux/sched/mm.h:253 [inline]
 #1: ffff88800e93ef48 (&object->lock){..-.}-{2:2}, at: slab_pre_alloc_hook mm/slab.h:739 [inline]
 #1: ffff88800e93ef48 (&object->lock){..-.}-{2:2}, at: slab_alloc_node mm/slub.c:3145 [inline]
 #1: ffff88800e93ef48 (&object->lock){..-.}-{2:2}, at: slab_alloc mm/slub.c:3239 [inline]
 #1: ffff88800e93ef48 (&object->lock){..-.}-{2:2}, at: kmem_cache_alloc+0x3b/0x480 mm/slub.c:3244

=============================================