Warning: Permanently added '[localhost]:61391' (ED25519) to the list of known hosts.
[ 67.559135][ T5310] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 67.564084][ T5310] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 67.567198][ T5310] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 67.570573][ T5310] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 67.574221][ T5310] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 67.577140][ T5310] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 67.676292][ T4669] BUG: sleeping function called from invalid context at net/core/sock.c:3664
[ 67.679996][ T4669] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4669, name: kworker/u5:1
[ 67.683501][ T4669] preempt_count: 1, expected: 0
executing program
[ 67.685222][ T4669] RCU nest depth: 0, expected: 0
[ 67.687125][ T4669] 5 locks held by kworker/u5:1/4669:
[ 67.690442][ T4669] #0: ffff888030f14948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[ 67.694930][ T4669] #1: ffffc9000dd0fc60 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[ 67.699516][ T4669] #2: ffffffff9003b828 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_request_evt+0x842/0xef0
[ 67.703940][ T4669] #3: ffff88804801e420 (&conn->lock#3){+.+.}-{3:3}, at: sco_connect_cfm+0x293/0xc10
[ 67.708328][ T4669] #4: ffff8880425aa258 (sk_lock-AF_BLUETOOTH-BTPROTO_SCO){+.+.}-{0:0}, at: sco_connect_cfm+0x456/0xc10
[ 67.712747][ T4669] Preemption disabled at:
[ 67.712757][ T4669] [<0000000000000000>] 0x0
[ 67.716059][ T4669] CPU: 0 UID: 0 PID: 4669 Comm: kworker/u5:1 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[ 67.716074][ T4669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 67.716081][ T4669] Workqueue: hci0 hci_rx_work
[ 67.716099][ T4669] Call Trace:
[ 67.716104][ T4669]
[ 67.716115][ T4669] dump_stack_lvl+0x241/0x360
[ 67.716131][ T4669] ? __pfx_dump_stack_lvl+0x10/0x10
executing program
[ 67.716142][ T4669] ? __pfx__printk+0x10/0x10
[ 67.716159][ T4669] __might_resched+0x5d4/0x780
executing program
[ 67.716172][ T4669] ? __pfx_lock_acquire+0x10/0x10
[ 67.716188][ T4669] ? __pfx___might_resched+0x10/0x10
[ 67.716201][ T4669] ? __pfx_lock_release+0x10/0x10
executing program
[ 67.716214][ T4669] ? do_raw_spin_lock+0x14f/0x370
[ 67.716230][ T4669] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 67.716250][ T4669] lock_sock_nested+0x5d/0x100
[ 67.716268][ T4669] sco_connect_cfm+0x456/0xc10
[ 67.716282][ T4669] ? __pfx___mutex_lock+0x10/0x10
[ 67.716302][ T4669] ? __pfx_sco_connect_cfm+0x10/0x10
executing program
[ 67.716317][ T4669] ? hci_conn_request_evt+0x693/0xef0
[ 67.716331][ T4669] ? __pfx_sco_connect_cfm+0x10/0x10
executing program
[ 67.716344][ T4669] hci_conn_request_evt+0x8b5/0xef0
[ 67.716360][ T4669] ? __pfx_hci_conn_request_evt+0x10/0x10
[ 67.716371][ T4669] ? __mutex_unlock_slowpath+0x227/0x800
[ 67.716388][ T4669] ? __skb_clone+0x5c/0x6c0
[ 67.716401][ T4669] ? __pfx___mutex_unlock_slowpath+0x10/0x10
executing program
[ 67.716421][ T4669] ? skb_pull_data+0x112/0x230
[ 67.716437][ T4669] hci_event_packet+0xac1/0x1540
[ 67.716451][ T4669] ? __pfx_hci_conn_request_evt+0x10/0x10
[ 67.716467][ T4669] ? __pfx_hci_event_packet+0x10/0x10
[ 67.716478][ T4669] ? do_raw_spin_unlock+0x58/0x8b0
[ 67.716492][ T4669] ? kcov_remote_start+0x97/0x7d0
executing program
[ 67.716505][ T4669] ? kcov_remote_start+0x170/0x7d0
[ 67.716518][ T4669] ? insn_decode_mmio+0x2c0/0x580
[ 67.716534][ T4669] ? hci_send_to_monitor+0xdc/0x530
[ 67.716551][ T4669] hci_rx_work+0x3f3/0xdb0
[ 67.716568][ T4669] ? process_scheduled_works+0x9c6/0x18e0
executing program
[ 67.716581][ T4669] process_scheduled_works+0xabe/0x18e0
[ 67.716616][ T4669] ? __pfx_process_scheduled_works+0x10/0x10
[ 67.716638][ T4669] ? assign_work+0x364/0x3d0
[ 67.716654][ T4669] worker_thread+0x870/0xd30
executing program
[ 67.716671][ T4669] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 67.716686][ T4669] ? __kthread_parkme+0x169/0x1d0
[ 67.716700][ T4669] ? __pfx_worker_thread+0x10/0x10
[ 67.716713][ T4669] kthread+0x7a9/0x920
[ 67.716727][ T4669] ? __pfx_kthread+0x10/0x10
[ 67.716742][ T4669] ? __pfx_worker_thread+0x10/0x10
[ 67.716755][ T4669] ? __pfx_kthread+0x10/0x10
[ 67.716767][ T4669] ? __pfx_kthread+0x10/0x10
[ 67.716783][ T4669] ? __pfx_kthread+0x10/0x10
[ 67.716797][ T4669] ? _raw_spin_unlock_irq+0x23/0x50
executing program
[ 67.716808][ T4669] ? lockdep_hardirqs_on+0x99/0x150
[ 67.716826][ T4669] ? __pfx_kthread+0x10/0x10
[ 67.716844][ T4669] ret_from_fork+0x4b/0x80
[ 67.716858][ T4669] ? __pfx_kthread+0x10/0x10
executing program
[ 67.716872][ T4669] ret_from_fork_asm+0x1a/0x30
[ 67.716895][ T4669]
[ 67.733055][ T5315]
[ 67.733066][ T5315] ======================================================
[ 67.733071][ T5315] WARNING: possible circular locking dependency detected
executing program
[ 67.733077][ T5315] 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 Tainted: G W
[ 67.733085][ T5315] ------------------------------------------------------
[ 67.733089][ T5315] syz-executor332/5315 is trying to acquire lock:
executing program
[ 67.733095][ T5315] ffff88804801e420 (&conn->lock#3){+.+.}-{3:3}, at: sco_chan_del+0x74/0x180
[ 67.733164][ T5315]
[ 67.733164][ T5315] but task is already holding lock:
[ 67.733169][ T5315] ffff8880425ab258 (sk_lock-AF_BLUETOOTH){+.+.}-{0:0}, at: __sco_sock_close+0xe8/0x310
executing program
[ 67.733193][ T5315]
[ 67.733193][ T5315] which lock already depends on the new lock.
[ 67.733193][ T5315]
[ 67.733198][ T5315]
[ 67.733198][ T5315] the existing dependency chain (in reverse order) is:
executing program
[ 67.733202][ T5315]
[ 67.733202][ T5315] -> #2 (sk_lock-AF_BLUETOOTH){+.+.}-{0:0}:
[ 67.733218][ T5315] lock_acquire+0x1ed/0x550
[ 67.733233][ T5315] lock_sock_nested+0x48/0x100
[ 67.733245][ T5315] bt_accept_dequeue+0xfa/0x570
executing program
[ 67.733258][ T5315] __sco_sock_close+0xd2/0x310
[ 67.733270][ T5315] sco_sock_release+0xb3/0x320
[ 67.733281][ T5315] sock_close+0xbc/0x240
[ 67.733293][ T5315] __fput+0x3e9/0x9f0
[ 67.733306][ T5315] __x64_sys_close+0x7f/0x110
[ 67.733318][ T5315] do_syscall_64+0xf3/0x230
executing program
[ 67.733329][ T5315] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 67.733342][ T5315]
[ 67.733342][ T5315] -> #1 (sk_lock-AF_BLUETOOTH-BTPROTO_SCO){+.+.}-{0:0}:
[ 67.733356][ T5315] lock_acquire+0x1ed/0x550
[ 67.733368][ T5315] lock_sock_nested+0x48/0x100
executing program
[ 67.733381][ T5315] sco_connect_cfm+0x456/0xc10
[ 67.733391][ T5315] hci_conn_request_evt+0x8b5/0xef0
[ 67.733403][ T5315] hci_event_packet+0xac1/0x1540
[ 67.733413][ T5315] hci_rx_work+0x3f3/0xdb0
executing program
[ 67.733424][ T5315] process_scheduled_works+0xabe/0x18e0
[ 67.733436][ T5315] worker_thread+0x870/0xd30
[ 67.733448][ T5315] kthread+0x7a9/0x920
[ 67.733460][ T5315] ret_from_fork+0x4b/0x80
[ 67.733473][ T5315] ret_from_fork_asm+0x1a/0x30
executing program
[ 67.733484][ T5315]
[ 67.733484][ T5315] -> #0 (&conn->lock#3){+.+.}-{3:3}:
[ 67.733503][ T5315] validate_chain+0x18ef/0x5920
[ 67.733512][ T5315] __lock_acquire+0x1397/0x2100
[ 67.733525][ T5315] lock_acquire+0x1ed/0x550
executing program
[ 67.733538][ T5315] _raw_spin_lock+0x2e/0x40
[ 67.733549][ T5315] sco_chan_del+0x74/0x180
[ 67.733561][ T5315] __sco_sock_close+0x152/0x310
[ 67.733578][ T5315] sco_sock_release+0xb3/0x320
[ 67.733588][ T5315] sock_close+0xbc/0x240
[ 67.733603][ T5315] __fput+0x3e9/0x9f0
[ 67.733615][ T5315] __x64_sys_close+0x7f/0x110
[ 67.733628][ T5315] do_syscall_64+0xf3/0x230
executing program
[ 67.733645][ T5315] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 67.733658][ T5315]
[ 67.733658][ T5315] other info that might help us debug this:
[ 67.733658][ T5315]
[ 67.733661][ T5315] Chain exists of:
[ 67.733661][ T5315] &conn->lock#3 --> sk_lock-AF_BLUETOOTH-BTPROTO_SCO --> sk_lock-AF_BLUETOOTH
[ 67.733661][ T5315]
executing program
[ 67.733676][ T5315] Possible unsafe locking scenario:
[ 67.733676][ T5315]
[ 67.733679][ T5315] CPU0 CPU1
[ 67.733681][ T5315] ---- ----
[ 67.733683][ T5315] lock(sk_lock-AF_BLUETOOTH);
executing program
[ 67.733688][ T5315] lock(sk_lock-AF_BLUETOOTH-BTPROTO_SCO);
[ 67.733694][ T5315] lock(sk_lock-AF_BLUETOOTH);
[ 67.733700][ T5315] lock(&conn->lock#3);
executing program
[ 67.733707][ T5315]
[ 67.733707][ T5315] *** DEADLOCK ***
[ 67.733707][ T5315]
[ 67.733709][ T5315] 3 locks held by syz-executor332/5315:
[ 67.733713][ T5315] #0: ffff888044e43808 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x90/0x240
executing program
[ 67.733734][ T5315] #1: ffff8880425aa258 (sk_lock-AF_BLUETOOTH-BTPROTO_SCO){+.+.}-{0:0}, at: sco_sock_release+0x5a/0x320
[ 67.733753][ T5315] #2: ffff8880425ab258 (sk_lock-AF_BLUETOOTH){+.+.}-{0:0}, at: __sco_sock_close+0xe8/0x310
executing program
[ 67.733775][ T5315]
[ 67.733775][ T5315] stack backtrace:
[ 67.733780][ T5315] CPU: 0 UID: 0 PID: 5315 Comm: syz-executor332 Tainted: G W 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[ 67.733790][ T5315] Tainted: [W]=WARN
executing program
[ 67.733794][ T5315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 67.733799][ T5315] Call Trace:
[ 67.733803][ T5315]
[ 67.733807][ T5315] dump_stack_lvl+0x241/0x360
executing program
[ 67.733819][ T5315] ? __pfx_dump_stack_lvl+0x10/0x10
[ 67.733835][ T5315] ? __pfx__printk+0x10/0x10
[ 67.733846][ T5315] print_circular_bug+0x13a/0x1b0
[ 67.733862][ T5315] check_noncircular+0x36a/0x4a0
[ 67.733873][ T5315] ? __pfx_check_noncircular+0x10/0x10
executing program
[ 67.733887][ T5315] ? lockdep_lock+0x123/0x2b0
[ 67.733905][ T5315] validate_chain+0x18ef/0x5920
[ 67.733918][ T5315] ? do_raw_spin_lock+0x14f/0x370
[ 67.733931][ T5315] ? __pfx_validate_chain+0x10/0x10
executing program
[ 67.733940][ T5315] ? do_raw_spin_unlock+0x58/0x8b0
[ 67.733958][ T5315] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 67.733970][ T5315] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 67.733982][ T5315] ? __lock_acquire+0x1397/0x2100
executing program
executing program
[ 67.733995][ T5315] ? debug_object_assert_init+0x2dd/0x4b0
[ 67.734079][ T5315] ? __pfx_debug_object_assert_init+0x10/0x10
[ 67.734092][ T5315] ? mark_lock+0x9a/0x360
[ 67.734101][ T5315] __lock_acquire+0x1397/0x2100
[ 67.734117][ T5315] lock_acquire+0x1ed/0x550
[ 67.734129][ T5315] ? sco_chan_del+0x74/0x180
[ 67.734142][ T5315] ? __pfx_lock_acquire+0x10/0x10
[ 67.734156][ T5315] ? lockdep_hardirqs_on+0x99/0x150
[ 67.734170][ T5315] ? __cancel_work+0x2ee/0x390
[ 67.734184][ T5315] ? __pfx___cancel_work+0x10/0x10
executing program
[ 67.734196][ T5315] ? __sco_sock_close+0xe8/0x310
[ 67.734208][ T5315] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 67.734219][ T5315] ? __sco_sock_close+0xe8/0x310
[ 67.734231][ T5315] _raw_spin_lock+0x2e/0x40
[ 67.734242][ T5315] ? sco_chan_del+0x74/0x180
[ 67.734253][ T5315] sco_chan_del+0x74/0x180
[ 67.734265][ T5315] __sco_sock_close+0x152/0x310
executing program
[ 67.734277][ T5315] sco_sock_release+0xb3/0x320
[ 67.734287][ T5315] sock_close+0xbc/0x240
[ 67.734298][ T5315] ? __pfx_sock_close+0x10/0x10
[ 67.734331][ T5315] __fput+0x3e9/0x9f0
[ 67.734349][ T5315] __x64_sys_close+0x7f/0x110
executing program
[ 67.734361][ T5315] do_syscall_64+0xf3/0x230
[ 67.734374][ T5315] ? clear_bhb_loop+0x35/0x90
[ 67.734389][ T5315] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 67.734402][ T5315] RIP: 0033:0x7f221535b19a
executing program
[ 67.734412][ T5315] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 83 65 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 e3 65 02 00 8b 44 24
executing program
[ 67.734420][ T5315] RSP: 002b:00007fff68f18690 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 67.734430][ T5315] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f221535b19a
[ 67.734435][ T5315] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
executing program
[ 67.734439][ T5315] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[ 67.734443][ T5315] R10: 0000000000000004 R11: 0000000000000293 R12: 000055558a22c370
[ 67.734447][ T5315] R13: 0000000000000010 R14: 00007fff68f18710 R15: 00007f22153b315b
executing program
[ 67.734453][ T5315]
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 68.680602][ T5310] BUG: sleeping function called from invalid context at net/core/sock.c:3664
[ 68.684031][ T5310] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 5310, name: kworker/u5:2
[ 68.687408][ T5310] preempt_count: 1, expected: 0
[ 68.689570][ T5310] RCU nest depth: 0, expected: 0
[ 68.691910][ T5310] INFO: lockdep is turned off.
[ 68.693769][ T5310] Preemption disabled at:
[ 68.693776][ T5310] [<0000000000000000>] 0x0
[ 68.697150][ T5310] CPU: 0 UID: 0 PID: 5310 Comm: kworker/u5:2 Tainted: G W 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[ 68.697165][ T5310] Tainted: [W]=WARN
[ 68.697168][ T5310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 68.697175][ T5310] Workqueue: hci0 hci_rx_work
[ 68.697191][ T5310] Call Trace:
[ 68.697196][ T5310]
[ 68.697200][ T5310] dump_stack_lvl+0x241/0x360
[ 68.697213][ T5310] ? __pfx_dump_stack_lvl+0x10/0x10
executing program
[ 68.697222][ T5310] ? __pfx__printk+0x10/0x10
[ 68.697231][ T5310] ? rcu_is_watching+0x15/0xb0
[ 68.697243][ T5310] __might_resched+0x5d4/0x780
[ 68.697255][ T5310] ? __pfx_lock_acquire+0x10/0x10
[ 68.697269][ T5310] ? __pfx___might_resched+0x10/0x10
executing program
[ 68.697280][ T5310] ? __pfx_lock_release+0x10/0x10
[ 68.697292][ T5310] ? do_raw_spin_lock+0x14f/0x370
[ 68.697305][ T5310] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 68.697316][ T5310] lock_sock_nested+0x5d/0x100
executing program
[ 68.697331][ T5310] sco_connect_cfm+0x456/0xc10
[ 68.697343][ T5310] ? __pfx___mutex_lock+0x10/0x10
[ 68.697358][ T5310] ? __pfx_sco_connect_cfm+0x10/0x10
[ 68.697370][ T5310] ? hci_conn_request_evt+0x693/0xef0
executing program
[ 68.697381][ T5310] ? __pfx_sco_connect_cfm+0x10/0x10
[ 68.697392][ T5310] hci_conn_request_evt+0x8b5/0xef0
[ 68.697404][ T5310] ? __pfx_hci_conn_request_evt+0x10/0x10
[ 68.697414][ T5310] ? __mutex_unlock_slowpath+0x227/0x800
executing program
[ 68.697428][ T5310] ? __skb_clone+0x5c/0x6c0
[ 68.697438][ T5310] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 68.697452][ T5310] ? skb_pull_data+0x112/0x230
[ 68.697464][ T5310] hci_event_packet+0xac1/0x1540
[ 68.697475][ T5310] ? __pfx_hci_conn_request_evt+0x10/0x10
[ 68.697487][ T5310] ? __pfx_hci_event_packet+0x10/0x10
executing program
executing program
[ 68.697497][ T5310] ? do_raw_spin_unlock+0x58/0x8b0
[ 68.697508][ T5310] ? rcu_is_watching+0x15/0xb0
[ 68.697517][ T5310] ? kcov_remote_start+0x97/0x7d0
[ 68.697531][ T5310] ? hci_send_to_monitor+0xdc/0x530
[ 68.697544][ T5310] hci_rx_work+0x3f3/0xdb0
[ 68.697556][ T5310] ? process_scheduled_works+0x9c6/0x18e0
executing program
[ 68.697567][ T5310] process_scheduled_works+0xabe/0x18e0
[ 68.697583][ T5310] ? __pfx_process_scheduled_works+0x10/0x10
[ 68.697595][ T5310] ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 68.697607][ T5310] ? assign_work+0x364/0x3d0
executing program
[ 68.697618][ T5310] worker_thread+0x870/0xd30
[ 68.697631][ T5310] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 68.697644][ T5310] ? __kthread_parkme+0x169/0x1d0
[ 68.697656][ T5310] ? __pfx_worker_thread+0x10/0x10
[ 68.697667][ T5310] kthread+0x7a9/0x920
[ 68.697679][ T5310] ? __pfx_kthread+0x10/0x10
[ 68.697692][ T5310] ? __pfx_worker_thread+0x10/0x10
executing program
[ 68.697703][ T5310] ? __pfx_kthread+0x10/0x10
[ 68.697716][ T5310] ? __pfx_kthread+0x10/0x10
[ 68.697729][ T5310] ? __pfx_kthread+0x10/0x10
executing program
[ 68.697741][ T5310] ? _raw_spin_unlock_irq+0x23/0x50
[ 68.697755][ T5310] ? lockdep_hardirqs_on+0x99/0x150
[ 68.697768][ T5310] ? __pfx_kthread+0x10/0x10
[ 68.697780][ T5310] ret_from_fork+0x4b/0x80
[ 68.697792][ T5310] ? __pfx_kthread+0x10/0x10
executing program
[ 68.697805][ T5310] ret_from_fork_asm+0x1a/0x30
[ 68.697818][ T5310]
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 69.661847][ T5310] Bluetooth: hci0: command tx timeout
[ 69.674998][ T5310] BUG: sleeping function called from invalid context at net/core/sock.c:3664
executing program
[ 69.678123][ T5310] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 5310, name: kworker/u5:2
[ 69.681905][ T5310] preempt_count: 1, expected: 0
[ 69.684218][ T5310] RCU nest depth: 0, expected: 0
[ 69.686147][ T5310] INFO: lockdep is turned off.
[ 69.688094][ T5310] Preemption disabled at:
[ 69.688101][ T5310] [<0000000000000000>] 0x0
[ 69.691520][ T5310] CPU: 0 UID: 0 PID: 5310 Comm: kworker/u5:2 Tainted: G W 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[ 69.691541][ T5310] Tainted: [W]=WARN
[ 69.691544][ T5310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 69.691552][ T5310] Workqueue: hci0 hci_rx_work
[ 69.691571][ T5310] Call Trace:
[ 69.691577][ T5310]
[ 69.691597][ T5310] dump_stack_lvl+0x241/0x360
[ 69.691612][ T5310] ? __pfx_dump_stack_lvl+0x10/0x10
[ 69.691623][ T5310] ? __pfx__printk+0x10/0x10
[ 69.691633][ T5310] ? rcu_is_watching+0x15/0xb0
[ 69.691645][ T5310] __might_resched+0x5d4/0x780
[ 69.691659][ T5310] ? __pfx_lock_acquire+0x10/0x10
[ 69.691672][ T5310] ? __pfx___might_resched+0x10/0x10
[ 69.691683][ T5310] ? __pfx_lock_release+0x10/0x10
[ 69.691696][ T5310] ? do_raw_spin_lock+0x14f/0x370
[ 69.691708][ T5310] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 69.691720][ T5310] lock_sock_nested+0x5d/0x100
[ 69.691733][ T5310] sco_connect_cfm+0x456/0xc10
[ 69.691746][ T5310] ? __pfx___mutex_lock+0x10/0x10
[ 69.691761][ T5310] ? __pfx_sco_connect_cfm+0x10/0x10
[ 69.691773][ T5310] ? hci_conn_request_evt+0x693/0xef0
[ 69.691785][ T5310] ? __pfx_sco_connect_cfm+0x10/0x10
[ 69.691797][ T5310] hci_conn_request_evt+0x8b5/0xef0
[ 69.691809][ T5310] ? __pfx_hci_conn_request_evt+0x10/0x10
[ 69.691819][ T5310] ? __mutex_unlock_slowpath+0x227/0x800
[ 69.691838][ T5310] ? __skb_clone+0x5c/0x6c0
[ 69.691848][ T5310] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 69.691864][ T5310] ? skb_pull_data+0x112/0x230
[ 69.691877][ T5310] hci_event_packet+0xac1/0x1540
[ 69.691888][ T5310] ? __pfx_hci_conn_request_evt+0x10/0x10
[ 69.691899][ T5310] ? __pfx_hci_event_packet+0x10/0x10
[ 69.691908][ T5310] ? do_raw_spin_unlock+0x58/0x8b0
[ 69.691920][ T5310] ? rcu_is_watching+0x15/0xb0
[ 69.691929][ T5310] ? kcov_remote_start+0x97/0x7d0
[ 69.691943][ T5310] ? hci_send_to_monitor+0xdc/0x530
[ 69.691957][ T5310] hci_rx_work+0x3f3/0xdb0
[ 69.691969][ T5310] ? process_scheduled_works+0x9c6/0x18e0
[ 69.691981][ T5310] process_scheduled_works+0xabe/0x18e0
[ 69.691998][ T5310] ? __pfx_process_scheduled_works+0x10/0x10
[ 69.692011][ T5310] ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 69.692024][ T5310] ? assign_work+0x364/0x3d0
[ 69.692035][ T5310] worker_thread+0x870/0xd30
[ 69.692055][ T5310] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 69.692068][ T5310] ? __kthread_parkme+0x169/0x1d0
[ 69.692081][ T5310] ? __pfx_worker_thread+0x10/0x10
[ 69.692094][ T5310] kthread+0x7a9/0x920
[ 69.692108][ T5310] ? __pfx_kthread+0x10/0x10
[ 69.692122][ T5310] ? __pfx_worker_thread+0x10/0x10
[ 69.692133][ T5310] ? __pfx_kthread+0x10/0x10
[ 69.692144][ T5310] ? __pfx_kthread+0x10/0x10
[ 69.692157][ T5310] ? __pfx_kthread+0x10/0x10
[ 69.692169][ T5310] ? _raw_spin_unlock_irq+0x23/0x50
[ 69.692181][ T5310] ? lockdep_hardirqs_on+0x99/0x150
[ 69.692193][ T5310] ? __pfx_kthread+0x10/0x10
[ 69.692206][ T5310] ret_from_fork+0x4b/0x80
[ 69.692219][ T5310] ? __pfx_kthread+0x10/0x10
[ 69.692233][ T5310] ret_from_fork_asm+0x1a/0x30
[ 69.692247][ T5310]
[ 69.812315][ T4669] Bluetooth: hci0: Opcode 0x042a failed: -110
[ 69.815272][ T5310] ==================================================================
[ 69.818649][ T5310] BUG: KASAN: slab-use-after-free in hci_conn_request_evt+0xb37/0xef0
[ 69.822443][ T5310] Read of size 8 at addr ffff888038b01040 by task kworker/u5:2/5310
[ 69.825860][ T5310]
[ 69.826851][ T5310] CPU: 0 UID: 0 PID: 5310 Comm: kworker/u5:2 Tainted: G W 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[ 69.826868][ T5310] Tainted: [W]=WARN
[ 69.826872][ T5310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 69.826880][ T5310] Workqueue: hci0 hci_rx_work
[ 69.826899][ T5310] Call Trace:
[ 69.826905][ T5310]
[ 69.826911][ T5310] dump_stack_lvl+0x241/0x360
[ 69.826925][ T5310] ? __pfx_dump_stack_lvl+0x10/0x10
[ 69.826935][ T5310] ? __pfx__printk+0x10/0x10
[ 69.826946][ T5310] ? _printk+0xd5/0x120
[ 69.826954][ T5310] ? __virt_addr_valid+0x183/0x530
[ 69.826964][ T5310] ? __virt_addr_valid+0x183/0x530
[ 69.826973][ T5310] print_report+0x16e/0x5b0
[ 69.826986][ T5310] ? __virt_addr_valid+0x183/0x530
[ 69.826995][ T5310] ? __virt_addr_valid+0x183/0x530
[ 69.827003][ T5310] ? __virt_addr_valid+0x45f/0x530
[ 69.827012][ T5310] ? __phys_addr+0xba/0x170
[ 69.827021][ T5310] ? hci_conn_request_evt+0xb37/0xef0
[ 69.827040][ T5310] kasan_report+0x143/0x180
[ 69.827052][ T5310] ? hci_conn_request_evt+0xb37/0xef0
[ 69.827064][ T5310] hci_conn_request_evt+0xb37/0xef0
[ 69.827077][ T5310] ? __pfx_hci_conn_request_evt+0x10/0x10
[ 69.827088][ T5310] ? __mutex_unlock_slowpath+0x227/0x800
[ 69.827105][ T5310] ? __skb_clone+0x5c/0x6c0
[ 69.827117][ T5310] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 69.827131][ T5310] ? skb_pull_data+0x112/0x230
[ 69.827144][ T5310] hci_event_packet+0xac1/0x1540
[ 69.827156][ T5310] ? __pfx_hci_conn_request_evt+0x10/0x10
[ 69.827168][ T5310] ? __pfx_hci_event_packet+0x10/0x10
[ 69.827179][ T5310] ? do_raw_spin_unlock+0x58/0x8b0
[ 69.827192][ T5310] ? rcu_is_watching+0x15/0xb0
[ 69.827202][ T5310] ? kcov_remote_start+0x97/0x7d0
[ 69.827218][ T5310] ? hci_send_to_monitor+0xdc/0x530
[ 69.827232][ T5310] hci_rx_work+0x3f3/0xdb0
[ 69.827245][ T5310] ? process_scheduled_works+0x9c6/0x18e0
[ 69.827259][ T5310] process_scheduled_works+0xabe/0x18e0
[ 69.827275][ T5310] ? __pfx_process_scheduled_works+0x10/0x10
[ 69.827288][ T5310] ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 69.827301][ T5310] ? assign_work+0x364/0x3d0
[ 69.827314][ T5310] worker_thread+0x870/0xd30
[ 69.827328][ T5310] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 69.827342][ T5310] ? __kthread_parkme+0x169/0x1d0
[ 69.827355][ T5310] ? __pfx_worker_thread+0x10/0x10
[ 69.827367][ T5310] kthread+0x7a9/0x920
[ 69.827380][ T5310] ? __pfx_kthread+0x10/0x10
[ 69.827394][ T5310] ? __pfx_worker_thread+0x10/0x10
[ 69.827406][ T5310] ? __pfx_kthread+0x10/0x10
[ 69.827419][ T5310] ? __pfx_kthread+0x10/0x10
[ 69.827434][ T5310] ? __pfx_kthread+0x10/0x10
[ 69.827447][ T5310] ? _raw_spin_unlock_irq+0x23/0x50
[ 69.827458][ T5310] ? lockdep_hardirqs_on+0x99/0x150
[ 69.827470][ T5310] ? __pfx_kthread+0x10/0x10
[ 69.827484][ T5310] ret_from_fork+0x4b/0x80
[ 69.827496][ T5310] ? __pfx_kthread+0x10/0x10
[ 69.827510][ T5310] ret_from_fork_asm+0x1a/0x30
[ 69.827524][ T5310]
[ 69.827528][ T5310]
[ 69.951186][ T5310] Allocated by task 4669:
[ 69.952899][ T5310] kasan_save_track+0x3f/0x80
[ 69.955493][ T5310] __kasan_kmalloc+0x98/0xb0
[ 69.957354][ T5310] __kmalloc_cache_noprof+0x243/0x390
[ 69.959466][ T5310] __hci_conn_add+0x2f9/0x1890
[ 69.961443][ T5310] hci_conn_request_evt+0x625/0xef0
[ 69.963513][ T5310] hci_event_packet+0xac1/0x1540
[ 69.965425][ T5310] hci_rx_work+0x3f3/0xdb0
[ 69.967295][ T5310] process_scheduled_works+0xabe/0x18e0
[ 69.969436][ T5310] worker_thread+0x870/0xd30
[ 69.971231][ T5310] kthread+0x7a9/0x920
[ 69.972823][ T5310] ret_from_fork+0x4b/0x80
[ 69.974562][ T5310] ret_from_fork_asm+0x1a/0x30
[ 69.976452][ T5310]
[ 69.977426][ T5310] Freed by task 4669:
[ 69.979221][ T5310] kasan_save_track+0x3f/0x80
[ 69.981184][ T5310] kasan_save_free_info+0x40/0x50
[ 69.983311][ T5310] __kasan_slab_free+0x59/0x70
[ 69.985198][ T5310] kfree+0x196/0x430
[ 69.986752][ T5310] device_release+0x99/0x1c0
[ 69.988654][ T5310] kobject_put+0x22f/0x480
[ 69.990440][ T5310] hci_conn_del+0x8c4/0xc40
[ 69.992402][ T5310] hci_abort_conn_sync+0x59f/0xeb0
[ 69.994518][ T5310] hci_cmd_sync_work+0x22b/0x400
[ 69.996490][ T5310] process_scheduled_works+0xabe/0x18e0
[ 69.998798][ T5310] worker_thread+0x870/0xd30
[ 70.000688][ T5310] kthread+0x7a9/0x920
[ 70.002379][ T5310] ret_from_fork+0x4b/0x80
[ 70.004289][ T5310] ret_from_fork_asm+0x1a/0x30
[ 70.006333][ T5310]
[ 70.007320][ T5310] Last potentially related work creation:
[ 70.009629][ T5310] kasan_save_stack+0x3f/0x60
[ 70.011435][ T5310] kasan_record_aux_stack+0xaa/0xc0
[ 70.013374][ T5310] insert_work+0x3e/0x330
[ 70.015199][ T5310] __queue_work+0xc62/0x1090
[ 70.016827][ T5310] queue_delayed_work_on+0x1ca/0x390
[ 70.018780][ T5310] sco_conn_put+0x145/0x210
[ 70.020447][ T5310] sco_chan_del+0xa3/0x180
[ 70.022097][ T5310] sco_conn_del+0x1d8/0x330
[ 70.023691][ T5310] sco_connect_cfm+0xe6/0xc10
[ 70.025450][ T5310] hci_conn_failed+0x1ce/0x300
[ 70.027272][ T5310] hci_abort_conn_sync+0x59f/0xeb0
[ 70.029167][ T5310] hci_cmd_sync_work+0x22b/0x400
[ 70.031134][ T5310] process_scheduled_works+0xabe/0x18e0
[ 70.033292][ T5310] worker_thread+0x870/0xd30
[ 70.035011][ T5310] kthread+0x7a9/0x920
[ 70.036730][ T5310] ret_from_fork+0x4b/0x80
[ 70.038514][ T5310] ret_from_fork_asm+0x1a/0x30
[ 70.040423][ T5310]
[ 70.041409][ T5310] Second to last potentially related work creation:
[ 70.044036][ T5310] kasan_save_stack+0x3f/0x60
[ 70.045967][ T5310] kasan_record_aux_stack+0xaa/0xc0
[ 70.048120][ T5310] insert_work+0x3e/0x330
[ 70.049751][ T5310] __queue_work+0xd9a/0x1090
[ 70.051633][ T5310] queue_delayed_work_on+0x1ca/0x390
[ 70.054157][ T5310] sco_conn_put+0x145/0x210
[ 70.056073][ T5310] sco_chan_del+0xa3/0x180
[ 70.057780][ T5310] __sco_sock_close+0x152/0x310
[ 70.059692][ T5310] sco_sock_release+0xb3/0x320
[ 70.061559][ T5310] sock_close+0xbc/0x240
[ 70.063267][ T5310] __fput+0x3e9/0x9f0
[ 70.065098][ T5310] __x64_sys_close+0x7f/0x110
[ 70.067356][ T5310] do_syscall_64+0xf3/0x230
[ 70.069297][ T5310] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 70.071652][ T5310]
[ 70.072597][ T5310] The buggy address belongs to the object at ffff888038b00000
[ 70.072597][ T5310] which belongs to the cache kmalloc-8k of size 8192
[ 70.078022][ T5310] The buggy address is located 4160 bytes inside of
[ 70.078022][ T5310] freed 8192-byte region [ffff888038b00000, ffff888038b02000)
[ 70.083198][ T5310]
[ 70.084171][ T5310] The buggy address belongs to the physical page:
[ 70.086612][ T5310] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x38b00
[ 70.089923][ T5310] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 70.093950][ T5310] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 70.097600][ T5310] page_type: f5(slab)
[ 70.099182][ T5310] raw: 04fff00000000040 ffff88801b042280 dead000000000122 0000000000000000
[ 70.102600][ T5310] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000
[ 70.106110][ T5310] head: 04fff00000000040 ffff88801b042280 dead000000000122 0000000000000000
[ 70.109918][ T5310] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000
[ 70.113489][ T5310] head: 04fff00000000003 ffffea0000e2c001 ffffffffffffffff 0000000000000000
[ 70.117022][ T5310] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 70.120396][ T5310] page dumped because: kasan: bad access detected
[ 70.122974][ T5310] page_owner tracks the page as allocated
[ 70.125215][ T5310] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4669, tgid 4669 (kworker/u5:1), ts 67675791896, free_ts 67656687014
[ 70.133971][ T5310] post_alloc_hook+0x1f4/0x240
[ 70.135888][ T5310] get_page_from_freelist+0x365c/0x37a0
[ 70.138180][ T5310] __alloc_frozen_pages_noprof+0x292/0x710
[ 70.140771][ T5310] alloc_pages_mpol+0x311/0x660
[ 70.142766][ T5310] allocate_slab+0x8f/0x3a0
[ 70.144599][ T5310] ___slab_alloc+0xc27/0x14a0
[ 70.146630][ T5310] __slab_alloc+0x58/0xa0
[ 70.148351][ T5310] __kmalloc_cache_noprof+0x27b/0x390
[ 70.150509][ T5310] __hci_conn_add+0x2f9/0x1890
[ 70.152526][ T5310] hci_conn_request_evt+0x625/0xef0
[ 70.154683][ T5310] hci_event_packet+0xac1/0x1540
[ 70.156767][ T5310] hci_rx_work+0x3f3/0xdb0
[ 70.158573][ T5310] process_scheduled_works+0xabe/0x18e0
[ 70.160820][ T5310] worker_thread+0x870/0xd30
[ 70.162702][ T5310] kthread+0x7a9/0x920
[ 70.164409][ T5310] ret_from_fork+0x4b/0x80
[ 70.166261][ T5310] page last free pid 5314 tgid 5314 stack trace:
[ 70.168853][ T5310] free_frozen_pages+0xe0d/0x10e0
[ 70.170976][ T5310] __slab_free+0x2c2/0x380
[ 70.172786][ T5310] qlist_free_all+0x9a/0x140
[ 70.174606][ T5310] kasan_quarantine_reduce+0x14f/0x170
[ 70.176938][ T5310] __kasan_slab_alloc+0x23/0x80
[ 70.179085][ T5310] kmem_cache_alloc_noprof+0x1d9/0x380
[ 70.181399][ T5310] getname_flags+0xb7/0x540
[ 70.183221][ T5310] do_sys_openat2+0xd2/0x1d0
[ 70.185012][ T5310] __x64_sys_openat+0x247/0x2a0
[ 70.186927][ T5310] do_syscall_64+0xf3/0x230
[ 70.188724][ T5310] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 70.190922][ T5310]
[ 70.191899][ T5310] Memory state around the buggy address:
[ 70.194036][ T5310] ffff888038b00f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 70.197025][ T5310] ffff888038b00f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 70.200274][ T5310] >ffff888038b01000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 70.203259][ T5310] ^
[ 70.205606][ T5310] ffff888038b01080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 70.208917][ T5310] ffff888038b01100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 70.212099][ T5310] ==================================================================
[ 70.221943][ T5310] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 70.224963][ T5310] CPU: 0 UID: 0 PID: 5310 Comm: kworker/u5:2 Tainted: G W 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[ 70.230095][ T5310] Tainted: [W]=WARN
[ 70.231626][ T5310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 70.235716][ T5310] Workqueue: hci0 hci_rx_work
[ 70.237548][ T5310] Call Trace:
[ 70.238888][ T5310]
[ 70.240100][ T5310] dump_stack_lvl+0x241/0x360
[ 70.242062][ T5310] ? __pfx_dump_stack_lvl+0x10/0x10
[ 70.244134][ T5310] ? __pfx__printk+0x10/0x10
[ 70.246204][ T5310] ? rcu_is_watching+0x15/0xb0
[ 70.248149][ T5310] ? preempt_schedule+0xe1/0xf0
[ 70.250129][ T5310] ? vscnprintf+0x5d/0x90
[ 70.251905][ T5310] panic+0x349/0x880
[ 70.253570][ T5310] ? check_panic_on_warn+0x21/0xb0
[ 70.255586][ T5310] ? __pfx_panic+0x10/0x10
[ 70.257678][ T5310] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 70.260095][ T5310] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 70.262782][ T5310] ? print_report+0x519/0x5b0
[ 70.264755][ T5310] check_panic_on_warn+0x86/0xb0
[ 70.266818][ T5310] ? hci_conn_request_evt+0xb37/0xef0
[ 70.268951][ T5310] end_report+0x77/0x160
[ 70.270676][ T5310] kasan_report+0x154/0x180
[ 70.272577][ T5310] ? hci_conn_request_evt+0xb37/0xef0
[ 70.274818][ T5310] hci_conn_request_evt+0xb37/0xef0
[ 70.276957][ T5310] ? __pfx_hci_conn_request_evt+0x10/0x10
[ 70.279174][ T5310] ? __mutex_unlock_slowpath+0x227/0x800
[ 70.281501][ T5310] ? __skb_clone+0x5c/0x6c0
[ 70.283404][ T5310] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 70.285861][ T5310] ? skb_pull_data+0x112/0x230
[ 70.287859][ T5310] hci_event_packet+0xac1/0x1540
[ 70.289615][ T5310] ? __pfx_hci_conn_request_evt+0x10/0x10
[ 70.291624][ T5310] ? __pfx_hci_event_packet+0x10/0x10
[ 70.293608][ T5310] ? do_raw_spin_unlock+0x58/0x8b0
[ 70.295426][ T5310] ? rcu_is_watching+0x15/0xb0
[ 70.297171][ T5310] ? kcov_remote_start+0x97/0x7d0
[ 70.298915][ T5310] ? hci_send_to_monitor+0xdc/0x530
[ 70.300807][ T5310] hci_rx_work+0x3f3/0xdb0
[ 70.303271][ T5310] ? process_scheduled_works+0x9c6/0x18e0
[ 70.305617][ T5310] process_scheduled_works+0xabe/0x18e0
[ 70.308006][ T5310] ? __pfx_process_scheduled_works+0x10/0x10
[ 70.310227][ T5310] ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 70.312361][ T5310] ? assign_work+0x364/0x3d0
[ 70.314207][ T5310] worker_thread+0x870/0xd30
[ 70.316070][ T5310] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 70.318386][ T5310] ? __kthread_parkme+0x169/0x1d0
[ 70.320353][ T5310] ? __pfx_worker_thread+0x10/0x10
[ 70.322542][ T5310] kthread+0x7a9/0x920
[ 70.324494][ T5310] ? __pfx_kthread+0x10/0x10
[ 70.326733][ T5310] ? __pfx_worker_thread+0x10/0x10
[ 70.329277][ T5310] ? __pfx_kthread+0x10/0x10
[ 70.331556][ T5310] ? __pfx_kthread+0x10/0x10
[ 70.333771][ T5310] ? __pfx_kthread+0x10/0x10
[ 70.336049][ T5310] ? _raw_spin_unlock_irq+0x23/0x50
[ 70.338165][ T5310] ? lockdep_hardirqs_on+0x99/0x150
[ 70.340184][ T5310] ? __pfx_kthread+0x10/0x10
[ 70.342045][ T5310] ret_from_fork+0x4b/0x80
[ 70.343923][ T5310] ? __pfx_kthread+0x10/0x10
[ 70.345801][ T5310] ret_from_fork_asm+0x1a/0x30
[ 70.347751][ T5310]
[ 70.349289][ T5310] Kernel Offset: disabled
[ 70.350981][ T5310] Rebooting in 86400 seconds..
VM DIAGNOSIS:
16:09:13 Registers:
info registers vcpu 0
CPU#0
RAX=1ffffffff3533460 RBX=ffffffff9a99a100 RCX=0000000000000000 RDX=00000000000003fd
RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc9000dd0edb8
R8 =ffffffff85845566 R9 =1ffff1100682e046 R10=dffffc0000000000 R11=ffffffff85845520
R12=0000000000000000 R13=1ffffffff3533472 R14=00000000000003fd R15=dffffc0000000000
RIP=ffffffff85845596 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88801fc00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000400000000042 CR3=000000004363a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000ffe000d0 Opmask01=0000000000000001 Opmask02=00000000fff7ffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff68f186b0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000800000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000800000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558a22d3b8 00007f22153b80e7
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7865006a64615f65 726f63735f6d6f6f 2f666c65732f636f 72702f0030303031
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5d40004f41445f40 574a46565f484a4a 0a434940560a464a 57550a0015151514
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000