Bluetooth: hci2: command 0x0406 tx timeout
Bluetooth: hci7: command 0x0406 tx timeout
Bluetooth: hci5: command 0x0406 tx timeout
Bluetooth: hci4: command 0x0406 tx timeout
Bluetooth: hci6: command 0x0406 tx timeout
INFO: task syz-executor.2:4064 can't die for more than 143 seconds.
task:syz-executor.2  state:D stack:27224 pid: 4064 ppid:   292 flags:0x00004004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:4986 [inline]
 __schedule+0x882/0x2190 kernel/sched/core.c:6295
 schedule+0xd2/0x260 kernel/sched/core.c:6368
 p9_client_rpc+0x409/0x1270 net/9p/client.c:756
 p9_client_flush+0x1f9/0x430 net/9p/client.c:664
 p9_client_rpc+0x1005/0x1270 net/9p/client.c:780
 p9_client_version net/9p/client.c:951 [inline]
 p9_client_create+0xacf/0x1040 net/9p/client.c:1056
 v9fs_session_init+0x1dd/0x1670 fs/9p/v9fs.c:408
 v9fs_mount+0x73/0x9a0 fs/9p/vfs_super.c:126
 legacy_get_tree+0x105/0x220 fs/fs_context.c:610
 vfs_get_tree+0x8e/0x2f0 fs/super.c:1497
 do_new_mount fs/namespace.c:3010 [inline]
 path_mount+0x131b/0x1f80 fs/namespace.c:3340
 do_mount fs/namespace.c:3353 [inline]
 __do_sys_mount fs/namespace.c:3561 [inline]
 __se_sys_mount fs/namespace.c:3538 [inline]
 __x64_sys_mount+0x27e/0x300 fs/namespace.c:3538
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0x90 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7efcf39a7b19
RSP: 002b:00007efcf0f1d188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007efcf3abaf60 RCX: 00007efcf39a7b19
RDX: 0000000020000280 RSI: 0000000020000080 RDI: 0000000000000000
RBP: 00007efcf3a01f6d R08: 0000000020000480 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffe28c7114f R14: 00007efcf0f1d300 R15: 0000000000022000
 </TASK>
INFO: task syz-executor.2:4080 can't die for more than 143 seconds.
task:syz-executor.2  state:D stack:27224 pid: 4080 ppid:   292 flags:0x00004004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:4986 [inline]
 __schedule+0x882/0x2190 kernel/sched/core.c:6295
 schedule+0xd2/0x260 kernel/sched/core.c:6368
 p9_client_rpc+0x409/0x1270 net/9p/client.c:756
 p9_client_flush+0x1f9/0x430 net/9p/client.c:664
 p9_client_rpc+0x1005/0x1270 net/9p/client.c:780
 p9_client_version net/9p/client.c:951 [inline]
 p9_client_create+0xacf/0x1040 net/9p/client.c:1056
 v9fs_session_init+0x1dd/0x1670 fs/9p/v9fs.c:408
 v9fs_mount+0x73/0x9a0 fs/9p/vfs_super.c:126
 legacy_get_tree+0x105/0x220 fs/fs_context.c:610
 vfs_get_tree+0x8e/0x2f0 fs/super.c:1497
 do_new_mount fs/namespace.c:3010 [inline]
 path_mount+0x131b/0x1f80 fs/namespace.c:3340
 do_mount fs/namespace.c:3353 [inline]
 __do_sys_mount fs/namespace.c:3561 [inline]
 __se_sys_mount fs/namespace.c:3538 [inline]
 __x64_sys_mount+0x27e/0x300 fs/namespace.c:3538
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0x90 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7efcf39a7b19
RSP: 002b:00007efcf0efc188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007efcf3abb020 RCX: 00007efcf39a7b19
RDX: 0000000020000280 RSI: 0000000020000080 RDI: 0000000000000000
RBP: 00007efcf3a01f6d R08: 0000000020000480 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffe28c7114f R14: 00007efcf0efc300 R15: 0000000000022000
 </TASK>

Showing all locks held in the system:
1 lock held by khungtaskd/24:
 #0: ffffffff85202400 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6460
1 lock held by in:imklog/187:

=============================================