Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
INFO: task kworker/u5:3:873 blocked for more than 143 seconds.
      Not tainted 5.19.0-rc3-next-20220623 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u5:3    state:D stack:27320 pid:  873 ppid:     2 flags:0x00004000
Workqueue: hci4 hci_power_on
Call Trace:
 <TASK>
 __schedule+0x893/0x2490
 schedule+0xd2/0x1f0
 schedule_timeout+0x1c5/0x280
 __wait_for_common+0x36f/0x4b0
 __flush_work+0x53f/0xae0
 __cancel_work_timer+0x398/0x4d0
 hci_dev_close_sync+0x82/0xf20
 hci_power_on+0x1d2/0x630
 process_one_work+0xa1c/0x16a0
 worker_thread+0x637/0x1250
 kthread+0x2f2/0x3b0
 ret_from_fork+0x22/0x30
 </TASK>
INFO: task syz-executor.6:599754 blocked for more than 143 seconds.
      Not tainted 5.19.0-rc3-next-20220623 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.6  state:D stack:28040 pid:599754 ppid:     1 flags:0x00000000
Call Trace:
 <TASK>
 __schedule+0x893/0x2490
 schedule+0xd2/0x1f0
 schedule_timeout+0x1c5/0x280
 __wait_for_common+0x36f/0x4b0
 __flush_workqueue+0x360/0x1110
 hci_dev_open+0x180/0x360
 hci_sock_ioctl+0x2f1/0x910
 sock_do_ioctl+0xd2/0x230
 sock_ioctl+0x41c/0x670
 __x64_sys_ioctl+0x196/0x210
 do_syscall_64+0x3b/0x90
 entry_SYSCALL_64_after_hwframe+0x46/0xb0
RIP: 0033:0x7f7ce06288d7
RSP: 002b:00007ffc4729d918 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007ffc4729dfd8 RCX: 00007f7ce06288d7
RDX: 0000000000000004 RSI: 00000000400448c9 RDI: 0000000000000003
RBP: 0000000000000003 R08: 00007f7cde39f700 R09: 00007f7cde39f700
R10: 00007f7cde39f9d0 R11: 0000000000000246 R12: 00007f7ce073cbf0
R13: 00007ffc4729da70 R14: 0000000000000000 R15: 00000000000000f8
 </TASK>

Showing all locks held in the system:
4 locks held by kworker/0:1H/9:
1 lock held by rcu_tasks_kthre/11:
 #0: ffffffff852043d0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc10
1 lock held by khungtaskd/25:
 #0: ffffffff85204ea0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
2 locks held by jbd2/sda-8/87:
2 locks held by systemd-journal/114:
1 lock held by in:imklog/190:
 #0: ffff88800e6d7c68 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe3/0x100
3 locks held by kworker/u5:3/873:
 #0: ffff88803a265138 ((wq_completion)hci4){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0
 #1: ffff88803842fdb0 ((work_completion)(&hdev->power_on)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0
 #2: ffff888038ed1048 (&hdev->req_lock){+.+.}-{3:3}, at: hci_power_on+0x1ca/0x630

=============================================