program: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0) (async) syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="04038eaa"], 0xd) (async) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)={0x80040}, 0x18) (async) r2 = socket$packet(0x11, 0x3, 0x300) (async) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000380)={&(0x7f0000000740)={0x180, r3, 0x20, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x16c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x34, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0xfd, 0x3, 0x6, 0xffff, 0x1, 0xfff8, 0x5]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x30, 0x5a, 0x1, 0x6, 0xc, 0x6, 0x1b, 0xb, 0x5, 0x30, 0x5, 0x2, 0x6, 0x2, 0x53, 0x36]}]}, @NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x4e, 0x100, 0x40, 0x2, 0xa03, 0xb, 0x1]}}]}, @NL80211_BAND_5GHZ={0x4c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x12, 0xc, 0x24, 0xc]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x4, 0x12, 0x2, 0xb, 0x6, 0x1, 0x36, 0x4, 0x60, 0x6c, 0x36, 0x9, 0x16, 0x6c, 0x0, 0x5, 0x3, 0x2, 0x60, 0x6c, 0x18, 0x12, 0x3, 0x60, 0x3, 0x7a, 0x2, 0x9, 0x0, 0x24]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xda62, 0x9, 0x3, 0x75, 0x101, 0x8001, 0x9, 0x7ff]}}]}, @NL80211_BAND_6GHZ={0x84, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x3d, 0x2, [{0x0, 0x8}, {0x4, 0x6}, {0x4, 0x2}, {0x1, 0x8}, {0x3, 0x6}, {0x4, 0x9}, {0x6, 0x3}, {0x0, 0x8}, {0x4, 0xa}, {0x6, 0x9}, {0x5, 0xa}, {0x2, 0x9}, {0x4, 0x9}, {0x7}, {0x7, 0x7}, {0x1, 0x6}, {0x7, 0x4}, {0x0, 0x4}, {0x2}, {0x5, 0xa}, {0x0, 0x9}, {0x1, 0x6}, {0x7, 0x5}, {0x5}, {0x1}, {0x1, 0x9}, {0x1, 0x2}, {0x1, 0x7}, {0x6, 0x7}, {0x0, 0x2}, {0x5}, {0x2, 0x3}, {0x1, 0x2}, {0x6, 0x7}, {0x2}, {0x3, 0x8}, {0x4, 0x1}, {0x0, 0x5}, {0x4, 0x5}, {0x3, 0x4}, {0x4, 0x6}, {0x4, 0x4}, {0x1, 0x4}, {0x0, 0x9}, {0x7, 0x8}, {0x5, 0x7}, {0x2, 0x8}, {0x0, 0x2}, {0x3, 0x3}, {0x3, 0x4}, {0x3, 0x7}, {0x5, 0x5}, {0x5, 0x1}, {0x4, 0xa}, {0x4, 0x3}, {0x2, 0x7}, {0x6, 0x6}]}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0x4, 0x1b, 0x24, 0x6, 0x14, 0x9, 0x30, 0x3, 0x5, 0x16, 0x36, 0x2, 0x5, 0x1b, 0x30, 0x4, 0x36, 0x9, 0x15, 0x6c, 0x18, 0x3, 0x5, 0x48, 0x36, 0x48, 0x4, 0x3, 0x1b, 0x1b, 0x24]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x9, 0x7fff, 0x9, 0x0, 0x1, 0x4, 0x4]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0x4c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x0, 0x640, 0x3c, 0x8, 0x9, 0x21, 0x6]}}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x24, 0x30, 0xc, 0x30, 0x12, 0x12, 0x12, 0x1, 0x2, 0x24, 0x16, 0xc, 0x2, 0xb, 0x60]}, @NL80211_TXRATE_HT={0x16, 0x2, [{0x3, 0x1}, {0x4, 0x5}, {0x1, 0x5}, {0x5, 0x5}, {0x4, 0x8}, {0x2, 0x1}, {0x7, 0x7}, {0x6, 0x1}, {}, {0x6, 0x9}, {0x0, 0x5}, {0x7, 0x4}, {0x0, 0x4}, {0x4, 0x7}, {0x3, 0x2}, {0x1}, {0x1, 0x4}, {0x5}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}]}, 0x180}, 0x1, 0x0, 0x0, 0x20008800}, 0x8000) (async) sendmmsg(r2, &(0x7f0000005740)=[{{&(0x7f00000000c0)=@qipcrtr={0x2a, 0x8}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1}}], 0x1, 0x0) (async) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) (async) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="05002dbd700000000000060000000a00e800ff73ffffffff0000280017800400040004004100040004001edcd3b4040006000400040004000100040004000400050008001780040001000800178004000200"], 0x58}, 0x1, 0x0, 0x0, 0x5}, 0x4000800) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r4, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4) (async) bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) (async) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) (async) sendto$inet6(r4, 0x0, 0x0, 0x20004011, &(0x7f0000000180)={0xa, 0x4e20, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8001}, 0x1c) bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async) ioprio_get$pid(0x2, 0x0) (async) socket$unix(0x1, 0x2, 0x0) (async) r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r6, 0xc0045627, &(0x7f0000000100)=0x3) (async) r7 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000000400)={0xf0f02a, 0x105}) (async) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r6, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0xa00, 0x63c, 0x1, 0x2, 0xd59f83, 0x19f2, 0x3f, 0x19ef, 0x3, 0x4, 0x2800, 0x2800, 0x2, 0xba2, 0x0, 0x38, {0x8, 0xffffffff}, 0xd1, 0x9}}) (async) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) r8 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x9006}, 0x4) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) [ 107.218233][ T5307] Bluetooth: hci0: command tx timeout [ 107.222064][ T5307] Bluetooth: hci0: unexpected event 0x03 length: 10 < 11 [ 107.260663][ T5327] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 107.264113][ T5327] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 107.270790][ T10] [ 107.272118][ T10] ====================================================== [ 107.274949][ T10] WARNING: possible circular locking dependency detected [ 107.277656][ T10] syzkaller #0 Not tainted [ 107.279628][ T10] ------------------------------------------------------ [ 107.282320][ T10] kworker/0:1/10 is trying to acquire lock: [ 107.285399][ T10] ffff8880429d2af8 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_info_timeout+0x60/0xa0 [ 107.291622][ T10] [ 107.291622][ T10] but task is already holding lock: [ 107.294665][ T10] ffffc9000023fc40 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830 [ 107.300052][ T10] [ 107.300052][ T10] which lock already depends on the new lock. [ 107.300052][ T10] [ 107.305068][ T10] [ 107.305068][ T10] the existing dependency chain (in reverse order) is: [ 107.309321][ T10] [ 107.309321][ T10] -> #1 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}: [ 107.313670][ T10] __flush_work+0x700/0xc50 [ 107.316449][ T10] __cancel_work_sync+0xbe/0x110 [ 107.319570][ T10] l2cap_conn_del+0x40f/0x5c0 [ 107.322558][ T10] l2cap_connect_cfm+0x12b/0x1390 [ 107.325449][ T10] hci_conn_failed+0x1ce/0x340 [ 107.327991][ T10] hci_abort_conn_sync+0xdd0/0x1190 [ 107.330457][ T10] hci_disconnect_all_sync+0x1b5/0x350 [ 107.333152][ T10] hci_suspend_sync+0x417/0xd20 [ 107.335638][ T10] hci_suspend_dev+0x28d/0x540 [ 107.338126][ T10] hci_suspend_notifier+0xf2/0x2f0 [ 107.340841][ T10] notifier_call_chain+0x1be/0x400 [ 107.344353][ T10] blocking_notifier_call_chain_robust+0x85/0x100 [ 107.348363][ T10] pm_notifier_call_chain_robust+0x2c/0x60 [ 107.351262][ T10] snapshot_open+0x19c/0x280 [ 107.353639][ T10] misc_open+0x2d5/0x350 [ 107.355872][ T10] chrdev_open+0x4cd/0x5e0 [ 107.358291][ T10] do_dentry_open+0x785/0x14e0 [ 107.360907][ T10] vfs_open+0x3b/0x340 [ 107.363123][ T10] path_openat+0x2e08/0x3860 [ 107.365822][ T10] do_file_open+0x23e/0x4a0 [ 107.368153][ T10] do_sys_openat2+0x113/0x200 [ 107.370415][ T10] __x64_sys_openat+0x138/0x170 [ 107.372888][ T10] do_syscall_64+0x14d/0xf80 [ 107.375144][ T10] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.377985][ T10] [ 107.377985][ T10] -> #0 (&conn->lock#2){+.+.}-{4:4}: [ 107.381220][ T10] __lock_acquire+0x15a5/0x2cf0 [ 107.383104][ T10] lock_acquire+0xf0/0x2e0 [ 107.385409][ T10] __mutex_lock+0x19f/0x1300 [ 107.387603][ T10] l2cap_info_timeout+0x60/0xa0 [ 107.390094][ T10] process_scheduled_works+0xb02/0x1830 [ 107.393060][ T10] worker_thread+0xa50/0xfc0 [ 107.396135][ T10] kthread+0x388/0x470 [ 107.399300][ T10] ret_from_fork+0x51e/0xb90 [ 107.401961][ T10] ret_from_fork_asm+0x1a/0x30 [ 107.404355][ T10] [ 107.404355][ T10] other info that might help us debug this: [ 107.404355][ T10] [ 107.408933][ T10] Possible unsafe locking scenario: [ 107.408933][ T10] [ 107.412422][ T10] CPU0 CPU1 [ 107.414859][ T10] ---- ---- [ 107.417695][ T10] lock((work_completion)(&(&conn->info_timer)->work)); [ 107.421460][ T10] lock(&conn->lock#2); [ 107.424663][ T10] lock((work_completion)(&(&conn->info_timer)->work)); [ 107.428963][ T10] lock(&conn->lock#2); [ 107.431144][ T10] [ 107.431144][ T10] *** DEADLOCK *** [ 107.431144][ T10] [ 107.435397][ T10] 2 locks held by kworker/0:1/10: [ 107.437833][ T10] #0: ffff88801aca6948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830 [ 107.442846][ T10] #1: ffffc9000023fc40 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830 [ 107.449599][ T10] [ 107.449599][ T10] stack backtrace: [ 107.453107][ T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted syzkaller #0 PREEMPT(full) [ 107.453130][ T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.453141][ T10] Workqueue: events l2cap_info_timeout [ 107.453168][ T10] Call Trace: [ 107.453178][ T10] [ 107.453185][ T10] dump_stack_lvl+0xe8/0x150 [ 107.453206][ T10] print_circular_bug+0x2e1/0x300 [ 107.453228][ T10] check_noncircular+0x12e/0x150 [ 107.453249][ T10] __lock_acquire+0x15a5/0x2cf0 [ 107.453267][ T10] ? __schedule+0x15f3/0x52d0 [ 107.453296][ T10] ? ret_from_fork_asm+0x1a/0x30 [ 107.453315][ T10] lock_acquire+0xf0/0x2e0 [ 107.453331][ T10] ? l2cap_info_timeout+0x60/0xa0 [ 107.453348][ T10] __mutex_lock+0x19f/0x1300 [ 107.453365][ T10] ? l2cap_info_timeout+0x60/0xa0 [ 107.453380][ T10] ? irqentry_exit+0x59e/0x620 [ 107.453399][ T10] ? lockdep_hardirqs_on+0x7a/0x110 [ 107.453417][ T10] ? l2cap_info_timeout+0x60/0xa0 [ 107.453429][ T10] ? irqentry_exit+0x59e/0x620 [ 107.453445][ T10] ? trace_irq_disable+0x3b/0x150 [ 107.453466][ T10] ? __pfx___mutex_lock+0x10/0x10 [ 107.453490][ T10] ? lock_acquire+0x20b/0x2e0 [ 107.453506][ T10] l2cap_info_timeout+0x60/0xa0 [ 107.453519][ T10] ? process_scheduled_works+0xa25/0x1830 [ 107.453534][ T10] process_scheduled_works+0xb02/0x1830 [ 107.453556][ T10] ? __pfx_process_scheduled_works+0x10/0x10 [ 107.453575][ T10] ? assign_work+0x3d5/0x5e0 [ 107.453592][ T10] worker_thread+0xa50/0xfc0 [ 107.453615][ T10] kthread+0x388/0x470 [ 107.453628][ T10] ? __pfx_worker_thread+0x10/0x10 [ 107.453644][ T10] ? __pfx_kthread+0x10/0x10 [ 107.453656][ T10] ret_from_fork+0x51e/0xb90 [ 107.453674][ T10] ? __pfx_ret_from_fork+0x10/0x10 [ 107.453690][ T10] ? __switch_to+0xc7d/0x1450 [ 107.453706][ T10] ? __pfx_kthread+0x10/0x10 [ 107.453718][ T10] ret_from_fork_asm+0x1a/0x30 [ 107.453742][ T10] [ 109.572960][ T4670] Bluetooth: hci0: command 0x040f tx timeout [ 111.653997][ T4670] Bluetooth: hci0: command 0x040f tx timeout [ 113.732941][ T4670] Bluetooth: hci0: command 0x040f tx timeout