syzkaller login: [ 43.002153] sshd (243) used greatest stack depth: 24640 bytes left Warning: Permanently added '[localhost]:3054' (ECDSA) to the list of known hosts. [ 44.342314] sshd (262) used greatest stack depth: 24200 bytes left 2022/10/01 02:24:31 fuzzer started 2022/10/01 02:24:31 dialing manager at localhost:35095 [ 45.118179] cgroup: Unknown subsys name 'net' [ 45.237813] cgroup: Unknown subsys name 'rlimit' 2022/10/01 02:24:46 syscalls: 2215 2022/10/01 02:24:46 code coverage: enabled 2022/10/01 02:24:46 comparison tracing: enabled 2022/10/01 02:24:46 extra coverage: enabled 2022/10/01 02:24:46 setuid sandbox: enabled 2022/10/01 02:24:46 namespace sandbox: enabled 2022/10/01 02:24:46 Android sandbox: enabled 2022/10/01 02:24:46 fault injection: enabled 2022/10/01 02:24:46 leak checking: enabled 2022/10/01 02:24:46 net packet injection: enabled 2022/10/01 02:24:46 net device setup: enabled 2022/10/01 02:24:46 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/01 02:24:46 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/01 02:24:46 USB emulation: enabled 2022/10/01 02:24:46 hci packet injection: enabled 2022/10/01 02:24:46 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/01 02:24:46 802.15.4 emulation: enabled 2022/10/01 02:24:46 fetching corpus: 0, signal 0/2000 (executing program) 2022/10/01 02:24:46 fetching corpus: 50, signal 31853/34570 (executing program) 2022/10/01 02:24:46 fetching corpus: 100, signal 41844/45293 (executing program) 2022/10/01 02:24:46 fetching corpus: 150, signal 46023/50286 (executing program) 2022/10/01 02:24:47 fetching corpus: 200, signal 50295/55157 (executing program) 2022/10/01 02:24:47 fetching corpus: 250, signal 56023/61192 (executing program) 2022/10/01 02:24:47 fetching corpus: 300, signal 59209/64817 (executing program) 2022/10/01 02:24:47 fetching corpus: 350, signal 63154/68922 (executing program) 2022/10/01 02:24:47 fetching corpus: 400, signal 65631/71691 (executing program) 2022/10/01 02:24:47 fetching corpus: 450, signal 67737/74025 (executing program) 2022/10/01 02:24:48 fetching corpus: 500, signal 71280/77513 (executing program) 2022/10/01 02:24:48 fetching corpus: 550, signal 77099/82373 (executing program) 2022/10/01 02:24:48 fetching corpus: 600, signal 80841/85651 (executing program) 2022/10/01 02:24:48 fetching corpus: 650, signal 83540/87929 (executing program) 2022/10/01 02:24:48 fetching corpus: 700, signal 85287/89454 (executing program) 2022/10/01 02:24:48 fetching corpus: 750, signal 88065/91605 (executing program) 2022/10/01 02:24:49 fetching corpus: 800, signal 90021/93073 (executing program) 2022/10/01 02:24:49 fetching corpus: 850, signal 92580/94964 (executing program) 2022/10/01 02:24:49 fetching corpus: 900, signal 94911/96538 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/97285 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/97343 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/97407 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/97471 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/97531 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/97571 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/97634 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/97705 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/97765 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/97822 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/97876 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/97936 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98011 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98075 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98148 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98196 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98259 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98328 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98376 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98440 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98504 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98581 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98650 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98722 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98770 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98833 (executing program) 2022/10/01 02:24:49 fetching corpus: 918, signal 96043/98893 (executing program) 2022/10/01 02:24:50 fetching corpus: 918, signal 96043/98960 (executing program) 2022/10/01 02:24:50 fetching corpus: 918, signal 96043/99017 (executing program) 2022/10/01 02:24:50 fetching corpus: 918, signal 96043/99018 (executing program) 2022/10/01 02:24:50 fetching corpus: 918, signal 96043/99018 (executing program) 2022/10/01 02:24:52 starting 8 fuzzer processes 02:24:52 executing program 2: ioctl$SG_GET_ACCESS_COUNT(0xffffffffffffffff, 0x2289, &(0x7f0000000000)) r0 = syz_io_uring_complete(0x0) ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000040)) ioctl$SG_SET_TIMEOUT(r0, 0x2201, &(0x7f0000000080)=0x7) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1}}, './file0\x00'}) ioctl$SG_EMULATED_HOST(r1, 0x2203, &(0x7f0000000100)) r2 = open(&(0x7f0000000140)='./file0\x00', 0x800, 0x40) r3 = syz_io_uring_complete(0x0) ioctl$PTP_PIN_SETFUNC2(r3, 0x40603d10, &(0x7f0000000180)={'\x00', 0x1, 0x2, 0x8}) ioctl$SG_GET_ACCESS_COUNT(r2, 0x2289, &(0x7f0000000200)) r4 = syz_io_uring_complete(0x0) ppoll(&(0x7f0000000240)=[{r4, 0x4002}], 0x1, &(0x7f0000000280), &(0x7f00000002c0)={[0xffffffffffffffc0]}, 0x8) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'ip_vti0\x00', {}, 0x16d}) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000340)={0x0, @initdev, @loopback}, &(0x7f0000000380)=0xc) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000003, 0x100010, 0xffffffffffffffff, 0x8000000) syz_io_uring_complete(r5) syz_io_uring_setup(0x482, &(0x7f00000003c0)={0x0, 0x5141, 0x0, 0x2, 0x11f, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000440)=0x0, &(0x7f0000000480)) syz_io_uring_complete(r6) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f00000004c0)={{0x2, 0x4e24, @empty}, {0x6, @local}, 0x12, {0x2, 0x4e21, @loopback}, 'gre0\x00'}) ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000580)={0x3, 0xffffffffffffff81, 0x0, 0xbb, 0x3, [{0x7, 0x5, 0x2, '\x00', 0x104}, {0x7e76, 0x0, 0xba8, '\x00', 0x1a05}, {0xa0000000000000, 0xfffffffffffffc01, 0x10001, '\x00', 0x800}]}) 02:24:52 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fchown(r0, 0x0, 0x0) 02:24:52 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0x0) ioctl$EXT4_IOC_GETSTATE(r0, 0x40046629, &(0x7f00000000c0)) 02:24:52 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x6, &(0x7f0000000140)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, {{}, 0x0, @in6=@mcast2}}, 0x2001eac) 02:24:52 executing program 1: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2002, 0xa824}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000540)={0x0, 0x0}) perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0x3, 0x42, 0x3f, 0x5d, 0x0, 0x9, 0x80000, 0x8, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x80000009, 0x4, @perf_config_ext={0x3, 0xfc0000000}, 0x12198, 0x1000, 0x0, 0x0, 0x8, 0x2, 0x9, 0x0, 0x9, 0x0, 0x5}, r1, 0x2, 0xffffffffffffffff, 0x3) mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300), 0x242880, &(0x7f00000005c0)=ANY=[@ANYBLOB="7472616e7390a15ba47b28803dce31140d294091dc31655df04a2c38b41389c25277c75f06b768", @ANYRESHEX, @ANYBLOB="2c6a62267c2885e717862c6f9e4928", @ANYRESOCT, @ANYBLOB=',cache=fscache,version=9p2000.u,privport,nodevmap,loose,\x00osixacl,access=', @ANYRESDEC, @ANYBLOB=',access=any,cache=none,subj_role=,smackfsroot=,fsname=\\,smackfshat=,(^\\)\a^,hash,smackfsfloor=^#\",func=FIRMWARE_CHECK,\x00']) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='xfs\x00', 0x40000, 0x0) lchown(&(0x7f0000000140)='./file0\x00', 0xee01, 0xee01) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000340)) 02:24:52 executing program 6: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, &(0x7f0000000040)="ae", 0x1, 0x881, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000001380)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)='m', 0x1}], 0x1}}], 0x1, 0x0) recvfrom(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 02:24:52 executing program 5: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNAPSHOT_UNFREEZE(r0, 0x3302) [ 65.752164] audit: type=1400 audit(1664591092.384:6): avc: denied { execmem } for pid=286 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 02:24:52 executing program 7: ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x7c, 0x0, 0x2, 0x70bd29, 0x25dfdbfb, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r0}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x81}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20040090}, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000240), 0x6, 0x206800) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x40, 0x0, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x4, 0x2}}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5f34}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private1}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x44041}, 0x20000000) sendmsg$IEEE802154_ASSOCIATE_REQ(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x20, 0x0, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0102}}]}, 0x20}, 0x1, 0x0, 0x0, 0x8895}, 0x24000090) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000480)={'wg0\x00'}) fork() [ 66.903034] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 66.905072] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 66.906480] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 66.910050] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 66.913270] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 66.914859] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.920524] Bluetooth: hci0: HCI_REQ-0x0c1a [ 67.012401] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.016226] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.017529] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.026802] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.027789] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.034377] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.035645] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.041212] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.042177] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.043238] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.045445] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.046458] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.047852] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.057254] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.060660] Bluetooth: hci1: HCI_REQ-0x0c1a [ 67.061246] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.067498] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.068303] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.069317] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.081096] Bluetooth: hci3: HCI_REQ-0x0c1a [ 67.082769] Bluetooth: hci2: HCI_REQ-0x0c1a [ 67.164606] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 67.166679] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 67.167638] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 67.169349] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 67.175369] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 67.176786] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 67.177732] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 67.182745] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 67.183616] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 67.185720] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 67.188883] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 67.193395] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 67.195455] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 67.199679] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 67.203761] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 67.210475] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 67.217694] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 67.218808] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 67.220530] Bluetooth: hci7: HCI_REQ-0x0c1a [ 67.223628] Bluetooth: hci4: HCI_REQ-0x0c1a [ 67.279381] Bluetooth: hci5: HCI_REQ-0x0c1a [ 68.981315] Bluetooth: hci0: command 0x0409 tx timeout [ 69.109071] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 69.110750] Bluetooth: hci1: command 0x0409 tx timeout [ 69.111356] Bluetooth: hci2: command 0x0409 tx timeout [ 69.173033] Bluetooth: hci3: command 0x0409 tx timeout [ 69.237025] Bluetooth: hci7: command 0x0409 tx timeout [ 69.301222] Bluetooth: hci4: command 0x0409 tx timeout [ 69.302048] Bluetooth: hci5: command 0x0409 tx timeout [ 71.029585] Bluetooth: hci0: command 0x041b tx timeout [ 71.157004] Bluetooth: hci2: command 0x041b tx timeout [ 71.157588] Bluetooth: hci1: command 0x041b tx timeout [ 71.220976] Bluetooth: hci3: command 0x041b tx timeout [ 71.284994] Bluetooth: hci7: command 0x041b tx timeout [ 71.348999] Bluetooth: hci5: command 0x041b tx timeout [ 71.349591] Bluetooth: hci4: command 0x041b tx timeout [ 72.251711] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 72.255063] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 72.256719] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 72.260349] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 72.261776] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 72.264817] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 72.272978] Bluetooth: hci6: HCI_REQ-0x0c1a [ 73.077200] Bluetooth: hci0: command 0x040f tx timeout [ 73.205168] Bluetooth: hci1: command 0x040f tx timeout [ 73.205236] Bluetooth: hci2: command 0x040f tx timeout [ 73.269139] Bluetooth: hci3: command 0x040f tx timeout [ 73.333011] Bluetooth: hci7: command 0x040f tx timeout [ 73.397162] Bluetooth: hci4: command 0x040f tx timeout [ 73.397734] Bluetooth: hci5: command 0x040f tx timeout [ 74.358006] Bluetooth: hci6: command 0x0409 tx timeout [ 75.125982] Bluetooth: hci0: command 0x0419 tx timeout [ 75.253028] Bluetooth: hci2: command 0x0419 tx timeout [ 75.254738] Bluetooth: hci1: command 0x0419 tx timeout [ 75.317006] Bluetooth: hci3: command 0x0419 tx timeout [ 75.381069] Bluetooth: hci7: command 0x0419 tx timeout [ 75.445079] Bluetooth: hci5: command 0x0419 tx timeout [ 75.445643] Bluetooth: hci4: command 0x0419 tx timeout [ 76.405047] Bluetooth: hci6: command 0x041b tx timeout [ 78.452984] Bluetooth: hci6: command 0x040f tx timeout [ 80.500990] Bluetooth: hci6: command 0x0419 tx timeout [ 129.538856] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 129.542695] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 129.544681] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 129.548627] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 129.551987] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 129.555257] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 129.564766] Bluetooth: hci1: HCI_REQ-0x0c1a [ 129.658751] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 129.664190] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 129.666206] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 129.724476] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 129.736198] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 129.737745] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 129.741783] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 129.743683] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 129.751649] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 129.754323] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 129.756615] Bluetooth: hci2: HCI_REQ-0x0c1a [ 129.771301] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 129.790147] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 129.815010] Bluetooth: hci7: HCI_REQ-0x0c1a [ 131.189080] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 131.572975] Bluetooth: hci1: command 0x0409 tx timeout [ 131.701020] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 131.701039] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 131.702210] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 131.829170] Bluetooth: hci7: command 0x0409 tx timeout [ 131.829267] Bluetooth: hci2: command 0x0409 tx timeout [ 133.411603] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 133.415887] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 133.423233] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 133.429112] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 133.435219] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 133.436407] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 133.449646] Bluetooth: hci0: HCI_REQ-0x0c1a [ 133.621020] Bluetooth: hci1: command 0x041b tx timeout [ 133.631832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 133.635417] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 133.638746] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 133.643764] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 133.646725] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 133.648527] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 133.671216] Bluetooth: hci3: HCI_REQ-0x0c1a [ 133.877132] Bluetooth: hci2: command 0x041b tx timeout [ 133.877999] Bluetooth: hci7: command 0x041b tx timeout [ 134.401719] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 134.404724] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 134.406566] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 134.427115] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 134.451191] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 134.456479] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 134.488968] Bluetooth: hci4: HCI_REQ-0x0c1a [ 134.593666] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 134.604057] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 134.611726] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 134.627158] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 134.635332] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 134.637713] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 134.647075] Bluetooth: hci5: HCI_REQ-0x0c1a [ 134.721020] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 134.724105] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 134.725827] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 134.728458] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 134.730047] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 134.732297] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 134.742481] Bluetooth: hci6: HCI_REQ-0x0c1a [ 135.477024] Bluetooth: hci0: command 0x0409 tx timeout [ 135.668971] Bluetooth: hci1: command 0x040f tx timeout [ 135.733049] Bluetooth: hci3: command 0x0409 tx timeout [ 135.924998] Bluetooth: hci7: command 0x040f tx timeout [ 135.925027] Bluetooth: hci2: command 0x040f tx timeout [ 136.564996] Bluetooth: hci4: command 0x0409 tx timeout [ 136.693024] Bluetooth: hci5: command 0x0409 tx timeout [ 136.821098] Bluetooth: hci6: command 0x0409 tx timeout [ 137.525034] Bluetooth: hci0: command 0x041b tx timeout [ 137.717071] Bluetooth: hci1: command 0x0419 tx timeout [ 137.780989] Bluetooth: hci3: command 0x041b tx timeout [ 137.973257] Bluetooth: hci2: command 0x0419 tx timeout [ 137.974040] Bluetooth: hci7: command 0x0419 tx timeout [ 138.613029] Bluetooth: hci4: command 0x041b tx timeout [ 138.741107] Bluetooth: hci5: command 0x041b tx timeout [ 138.869010] Bluetooth: hci6: command 0x041b tx timeout [ 139.572984] Bluetooth: hci0: command 0x040f tx timeout [ 139.829041] Bluetooth: hci3: command 0x040f tx timeout [ 140.660990] Bluetooth: hci4: command 0x040f tx timeout [ 140.789160] Bluetooth: hci5: command 0x040f tx timeout [ 140.917979] Bluetooth: hci6: command 0x040f tx timeout [ 141.620969] Bluetooth: hci0: command 0x0419 tx timeout [ 141.878011] Bluetooth: hci3: command 0x0419 tx timeout [ 142.709057] Bluetooth: hci4: command 0x0419 tx timeout [ 142.837100] Bluetooth: hci5: command 0x0419 tx timeout [ 142.965036] Bluetooth: hci6: command 0x0419 tx timeout [ 188.212943] INFO: task rcu_gp:3 blocked for more than 143 seconds. [ 188.213548] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.213977] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.214526] task:rcu_gp state:I stack:30328 pid:3 ppid:2 flags:0x00004000 [ 188.215149] Call Trace: [ 188.215344] [ 188.215725] __schedule+0x893/0x2470 [ 188.216041] ? io_schedule_timeout+0x150/0x150 [ 188.216400] ? do_raw_spin_lock+0x121/0x260 [ 188.217258] ? rwlock_bug.part.0+0x90/0x90 [ 188.217580] schedule+0xda/0x1b0 [ 188.217839] rescuer_thread+0x851/0xdb0 [ 188.218634] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.219031] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.219414] ? lockdep_hardirqs_on+0x79/0x100 [ 188.219763] ? worker_thread+0x1260/0x1260 [ 188.220114] kthread+0x2ed/0x3a0 [ 188.220397] ? kthread_complete_and_exit+0x40/0x40 [ 188.220784] ret_from_fork+0x22/0x30 [ 188.221109] [ 188.221292] INFO: task rcu_par_gp:4 blocked for more than 143 seconds. [ 188.221774] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.222200] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.222766] task:rcu_par_gp state:I stack:30944 pid:4 ppid:2 flags:0x00004000 [ 188.223410] Call Trace: [ 188.223612] [ 188.223788] __schedule+0x893/0x2470 [ 188.224104] ? io_schedule_timeout+0x150/0x150 [ 188.224467] ? do_raw_spin_lock+0x121/0x260 [ 188.224830] ? rwlock_bug.part.0+0x90/0x90 [ 188.225196] schedule+0xda/0x1b0 [ 188.225470] rescuer_thread+0x851/0xdb0 [ 188.225792] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.226192] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.226569] ? lockdep_hardirqs_on+0x79/0x100 [ 188.226931] ? worker_thread+0x1260/0x1260 [ 188.227259] kthread+0x2ed/0x3a0 [ 188.227523] ? kthread_complete_and_exit+0x40/0x40 [ 188.227920] ret_from_fork+0x22/0x30 [ 188.228241] [ 188.228423] INFO: task slub_flushwq:5 blocked for more than 143 seconds. [ 188.228935] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.229331] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.229918] task:slub_flushwq state:I stack:30944 pid:5 ppid:2 flags:0x00004000 [ 188.230530] Call Trace: [ 188.230728] [ 188.230923] __schedule+0x893/0x2470 [ 188.231219] ? io_schedule_timeout+0x150/0x150 [ 188.231570] ? do_raw_spin_lock+0x121/0x260 [ 188.231922] ? rwlock_bug.part.0+0x90/0x90 [ 188.232266] schedule+0xda/0x1b0 [ 188.232531] rescuer_thread+0x851/0xdb0 [ 188.232838] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.233250] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.233637] ? lockdep_hardirqs_on+0x79/0x100 [ 188.233998] ? worker_thread+0x1260/0x1260 [ 188.234329] kthread+0x2ed/0x3a0 [ 188.234589] ? kthread_complete_and_exit+0x40/0x40 [ 188.234992] ret_from_fork+0x22/0x30 [ 188.235291] [ 188.235471] INFO: task netns:6 blocked for more than 143 seconds. [ 188.235933] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.236324] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.236872] task:netns state:I stack:30944 pid:6 ppid:2 flags:0x00004000 [ 188.237499] Call Trace: [ 188.237697] [ 188.237876] __schedule+0x893/0x2470 [ 188.238183] ? io_schedule_timeout+0x150/0x150 [ 188.238530] ? do_raw_spin_lock+0x121/0x260 [ 188.238859] ? rwlock_bug.part.0+0x90/0x90 [ 188.239205] schedule+0xda/0x1b0 [ 188.239467] rescuer_thread+0x851/0xdb0 [ 188.239767] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.240161] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.240564] ? lockdep_hardirqs_on+0x79/0x100 [ 188.240939] ? worker_thread+0x1260/0x1260 [ 188.241264] kthread+0x2ed/0x3a0 [ 188.241522] ? kthread_complete_and_exit+0x40/0x40 [ 188.241908] ret_from_fork+0x22/0x30 [ 188.242203] [ 188.242380] INFO: task kworker/0:0:7 blocked for more than 143 seconds. [ 188.242858] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.243268] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.243834] task:kworker/0:0 state:I stack:29592 pid:7 ppid:2 flags:0x00004000 [ 188.244493] Workqueue: 0x0 (rcu_gp) [ 188.244782] Call Trace: [ 188.245016] [ 188.245194] __schedule+0x893/0x2470 [ 188.245500] ? io_schedule_timeout+0x150/0x150 [ 188.245862] schedule+0xda/0x1b0 [ 188.246151] worker_thread+0x15f/0x1260 [ 188.246474] ? process_one_work+0x16a0/0x16a0 [ 188.246820] kthread+0x2ed/0x3a0 [ 188.247116] ? kthread_complete_and_exit+0x40/0x40 [ 188.247543] ret_from_fork+0x22/0x30 [ 188.247844] [ 188.248043] INFO: task kworker/0:0H:8 blocked for more than 143 seconds. [ 188.248564] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.248987] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.249562] task:kworker/0:0H state:I stack:30128 pid:8 ppid:2 flags:0x00004000 [ 188.250210] Workqueue: 0x0 (events_highpri) [ 188.250565] Call Trace: [ 188.250759] [ 188.250956] __schedule+0x893/0x2470 [ 188.251258] ? io_schedule_timeout+0x150/0x150 [ 188.251624] schedule+0xda/0x1b0 [ 188.251908] worker_thread+0x15f/0x1260 [ 188.252253] ? process_one_work+0x16a0/0x16a0 [ 188.252607] kthread+0x2ed/0x3a0 [ 188.252867] ? kthread_complete_and_exit+0x40/0x40 [ 188.253269] ret_from_fork+0x22/0x30 [ 188.253575] [ 188.253763] INFO: task mm_percpu_wq:10 blocked for more than 143 seconds. [ 188.254286] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.254683] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.255265] task:mm_percpu_wq state:I stack:30944 pid:10 ppid:2 flags:0x00004000 [ 188.255903] Call Trace: [ 188.256094] [ 188.256274] __schedule+0x893/0x2470 [ 188.256555] ? io_schedule_timeout+0x150/0x150 [ 188.256921] ? do_raw_spin_lock+0x121/0x260 [ 188.257246] ? rwlock_bug.part.0+0x90/0x90 [ 188.257575] schedule+0xda/0x1b0 [ 188.257834] rescuer_thread+0x851/0xdb0 [ 188.258153] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.258527] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.258911] ? lockdep_hardirqs_on+0x79/0x100 [ 188.259250] ? worker_thread+0x1260/0x1260 [ 188.259569] kthread+0x2ed/0x3a0 [ 188.259830] ? kthread_complete_and_exit+0x40/0x40 [ 188.260228] ret_from_fork+0x22/0x30 [ 188.260536] [ 188.260715] INFO: task rcu_tasks_kthre:11 blocked for more than 143 seconds. [ 188.261248] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.261636] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.262213] task:rcu_tasks_kthre state:I stack:29272 pid:11 ppid:2 flags:0x00004000 [ 188.262817] Call Trace: [ 188.263027] [ 188.263209] __schedule+0x893/0x2470 [ 188.263501] ? io_schedule_timeout+0x150/0x150 [ 188.263839] ? mark_held_locks+0x9e/0xe0 [ 188.264159] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.264539] schedule+0xda/0x1b0 [ 188.264803] rcu_tasks_one_gp+0x3db/0xc10 [ 188.265153] rcu_tasks_kthread+0x80/0xa0 [ 188.265469] ? rcu_tasks_postscan+0x10/0x10 [ 188.265803] kthread+0x2ed/0x3a0 [ 188.266095] ? kthread_complete_and_exit+0x40/0x40 [ 188.266472] ret_from_fork+0x22/0x30 [ 188.266760] [ 188.266958] INFO: task kworker/1:0H:21 blocked for more than 143 seconds. [ 188.267436] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.267814] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.268391] task:kworker/1:0H state:I stack:29760 pid:21 ppid:2 flags:0x00004000 [ 188.269016] Call Trace: [ 188.269207] [ 188.269382] __schedule+0x893/0x2470 [ 188.269674] ? io_schedule_timeout+0x150/0x150 [ 188.270051] ? do_raw_spin_lock+0x121/0x260 [ 188.270389] schedule+0xda/0x1b0 [ 188.270656] worker_thread+0x15f/0x1260 [ 188.270997] ? process_one_work+0x16a0/0x16a0 [ 188.271344] kthread+0x2ed/0x3a0 [ 188.271612] ? kthread_complete_and_exit+0x40/0x40 [ 188.271996] ret_from_fork+0x22/0x30 [ 188.272294] [ 188.272474] INFO: task inet_frag_wq:23 blocked for more than 143 seconds. [ 188.272978] Not tainted 6.0.0-rc7-next-20220930 #1 [ 188.273368] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 188.273939] task:inet_frag_wq state:I stack:30360 pid:23 ppid:2 flags:0x00004000 [ 188.274569] Call Trace: [ 188.274766] [ 188.274963] __schedule+0x893/0x2470 [ 188.275261] ? io_schedule_timeout+0x150/0x150 [ 188.275611] ? do_raw_spin_lock+0x121/0x260 [ 188.275968] ? rwlock_bug.part.0+0x90/0x90 [ 188.276307] schedule+0xda/0x1b0 [ 188.276574] rescuer_thread+0x851/0xdb0 [ 188.276883] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.277282] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 188.277664] ? lockdep_hardirqs_on+0x79/0x100 [ 188.278029] ? worker_thread+0x1260/0x1260 [ 188.278356] kthread+0x2ed/0x3a0 [ 188.278618] ? kthread_complete_and_exit+0x40/0x40 [ 188.279018] ret_from_fork+0x22/0x30 [ 188.279320] [ 188.279580] [ 188.279580] Showing all locks held in the system: [ 188.280053] 2 locks held by kworker/u4:0/9: [ 188.280373] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 188.281162] #1: ffff88800861fdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 188.281980] 1 lock held by rcu_tasks_kthre/11: [ 188.282319] #0: ffffffff85406850 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc10 [ 188.283065] 1 lock held by khungtaskd/26: [ 188.283370] #0: ffffffff85407320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 188.284070] 2 locks held by kworker/u4:2/33: [ 188.284403] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 188.285182] #1: ffff888009377db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 188.286010] 2 locks held by kworker/u4:3/47: [ 188.286355] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 188.287145] #1: ffff88800f827db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 188.287962] 1 lock held by kmemleak/54: [ 188.288273] 1 lock held by in:imklog/191: [ 188.288580] 2 locks held by kworker/u4:4/330: [ 188.288940] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 188.289709] #1: ffff88801d697db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 188.290525] 2 locks held by kworker/u4:5/332: [ 188.290859] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 188.291653] #1: ffff88801d78fdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 188.292480] 2 locks held by kworker/u4:6/335: [ 188.292826] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 188.293619] #1: ffff88803e247db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 188.294446] 2 locks held by kworker/u4:7/338: [ 188.294776] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 188.295563] #1: ffff88803e2cfdb0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 188.296407] 2 locks held by kworker/u4:9/363: [ 188.296742] #0: ffff888007c61138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x915/0x16a0 [ 188.297531] #1: ffff88801c0c7db0 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x949/0x16a0 [ 188.298347] 1 lock held by syz-executor.6/3091: [ 188.298689] 1 lock held by modprobe/6107: [ 188.299014] 1 lock held by modprobe/6110: [ 188.299322] 1 lock held by modprobe/6111: [ 188.299627] 1 lock held by modprobe/6112: [ 188.299958] 1 lock held by modprobe/6113: [ 188.300279] 1 lock held by modprobe/6114: [ 188.300587] 1 lock held by modprobe/6115: [ 188.300925] [ 188.301058] ============================================= [ 188.301058] [ 191.356063] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 191.359775] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 191.365587] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 191.370222] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 191.371387] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 191.373089] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 191.387673] Bluetooth: hci1: HCI_REQ-0x0c1a [ 191.549604] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 191.557333] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 191.565210] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 191.578133] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 191.587519] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 191.593655] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 191.633082] Bluetooth: hci2: HCI_REQ-0x0c1a [ 193.397005] Bluetooth: hci1: command 0x0409 tx timeout [ 193.652969] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 193.719456] Bluetooth: hci2: command 0x0409 tx timeout [ 194.886383] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 194.891799] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 194.892849] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 194.894578] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 194.895653] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 194.896418] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 194.915258] Bluetooth: hci0: HCI_REQ-0x0c1a [ 195.444998] Bluetooth: hci1: command 0x041b tx timeout [ 195.765026] Bluetooth: hci2: command 0x041b tx timeout [ 196.366476] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 196.368441] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 196.370416] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 196.373297] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 196.374554] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 196.375741] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 196.381032] Bluetooth: hci6: HCI_REQ-0x0c1a [ 196.406400] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 196.411571] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 196.414489] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 196.424568] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 196.427869] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 196.429778] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 196.439109] Bluetooth: hci7: HCI_REQ-0x0c1a [ 196.981074] Bluetooth: hci0: command 0x0409 tx timeout [ 197.109087] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 197.493163] Bluetooth: hci1: command 0x040f tx timeout [ 197.749013] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 197.750662] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 197.814042] Bluetooth: hci2: command 0x040f tx timeout VM DIAGNOSIS: 02:26:55 Registers: info registers vcpu 0 RAX=0000000000000005 RBX=0000000000000001 RCX=0000000000000001 RDX=0000000000000000 RSI=0000000000000001 RDI=ffffffff85e02684 RBP=ffff88803a3ef780 RSP=ffff88803a3ef6a8 R8 =ffffffff86249168 R9 =ffffffff8624916c R10=ffffed100747def2 R11=000000000003603d R12=ffff88803a3ef769 R13=ffff88803a3ef788 R14=ffff88803a3ef728 R15=ffffffff8624916d RIP=ffffffff8111a63c RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff3aed2e368 CR3=000000002da48000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 322e6f732e6c6462 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00322e6f732e6c64 62696c2f756e672d YMM03=0000000000000000 0000000000000000 78756e696c2d3436 5f3638782f62696c YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88800903f898 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000031 R11=0000000000000001 R12=0000000000000031 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f8771537368 CR3=000000003f092000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 322e6f732e6c6462 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00322e6f732e6c64 62696c2f756e672d YMM03=0000000000000000 0000000000000000 78756e696c2d3436 5f3638782f62696c YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000