Warning: Permanently added '10.128.0.217' (ED25519) to the list of known hosts.
[  101.786931][ T3559] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  101.795402][ T3559] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  101.803081][ T3559] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  101.811886][ T3559] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  101.820016][ T3559] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  101.827320][ T3559] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
executing program
[  103.877842][ T3559] Bluetooth: hci0: command tx timeout
[  105.957939][ T3559] Bluetooth: hci0: command tx timeout
executing program
[  108.037548][ T3559] Bluetooth: hci0: command tx timeout
[  110.117823][ T3559] Bluetooth: hci0: command tx timeout
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  146.904082][ T3559] Bluetooth: hci0: link tx timeout
[  146.909467][ T3559] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  146.917333][ T3559] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580
[  146.926732][ T3559] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 3559, name: kworker/u5:2
[  146.936359][ T3559] preempt_count: 0, expected: 0
[  146.941452][ T3559] RCU nest depth: 1, expected: 0
[  146.946755][ T3559] 3 locks held by kworker/u5:2/3559:
[  146.952084][ T3559]  #0: ffff88807cd09938 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  146.962943][ T3559]  #1: ffffc90003b3fd20 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  146.974555][ T3559]  #2: ffffffff8d12a980 (rcu_read_lock){....}-{1:2}, at: __check_timeout+0x181/0x460
[  146.984476][ T3559] CPU: 1 PID: 3559 Comm: kworker/u5:2 Not tainted 6.1.84-syzkaller #0
[  146.992620][ T3559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[  147.002869][ T3559] Workqueue: hci0 hci_tx_work
[  147.007558][ T3559] Call Trace:
[  147.010842][ T3559]  <TASK>
[  147.013769][ T3559]  dump_stack_lvl+0x1e3/0x2cb
[  147.018448][ T3559]  ? nf_tcp_handle_invalid+0x642/0x642
[  147.023902][ T3559]  ? panic+0x75d/0x75d
[  147.028059][ T3559]  __might_resched+0x5cb/0x780
[  147.032838][ T3559]  ? __wake_up_klogd+0x1c/0x100
[  147.037694][ T3559]  ? __might_sleep+0xb0/0xb0
[  147.042362][ T3559]  ? _printk+0xd1/0x111
[  147.046516][ T3559]  ? vprintk_emit+0x622/0x740
[  147.051368][ T3559]  ? printk_sprint+0x490/0x490
[  147.056132][ T3559]  ? reacquire_held_locks+0x660/0x660
[  147.061519][ T3559]  __mutex_lock+0xbd/0xd80
[  147.065937][ T3559]  ? _printk+0xd1/0x111
[  147.070085][ T3559]  ? hci_cmd_sync_submit+0x3b/0x2e0
[  147.075363][ T3559]  ? mutex_lock_nested+0x10/0x10
[  147.080315][ T3559]  ? hci_conn_get_phy+0x370/0x370
[  147.085358][ T3559]  hci_cmd_sync_submit+0x3b/0x2e0
[  147.090381][ T3559]  hci_disconnect+0xe6/0x2c0
[  147.095138][ T3559]  ? hci_conn_hash_lookup_handle+0x240/0x240
[  147.101136][ T3559]  ? hci_sched_esco+0x32e/0x430
[  147.105991][ T3559]  __check_timeout+0x333/0x460
[  147.110865][ T3559]  ? __check_timeout+0x181/0x460
[  147.115812][ T3559]  hci_tx_work+0x138b/0x1ec0
[  147.120525][ T3559]  ? hci_cmd_work+0x660/0x660
[  147.125242][ T3559]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  147.131432][ T3559]  ? do_raw_spin_unlock+0x137/0x8a0
[  147.136729][ T3559]  ? process_one_work+0x7a9/0x11d0
[  147.142109][ T3559]  process_one_work+0x8a9/0x11d0
[  147.147242][ T3559]  ? worker_detach_from_pool+0x260/0x260
[  147.152998][ T3559]  ? _raw_spin_lock_irqsave+0x120/0x120
[  147.158889][ T3559]  ? kthread_data+0x4e/0xc0
[  147.163483][ T3559]  ? wq_worker_running+0x97/0x190
[  147.168513][ T3559]  worker_thread+0xa47/0x1200
[  147.173188][ T3559]  ? _raw_spin_unlock+0x40/0x40
[  147.178206][ T3559]  ? __sched_text_start+0x8/0x8
[  147.183073][ T3559]  ? _raw_spin_unlock+0x40/0x40
[  147.188359][ T3559]  kthread+0x28d/0x320
[  147.192607][ T3559]  ? worker_clr_flags+0x190/0x190
[  147.197635][ T3559]  ? kthread_blkcg+0xd0/0xd0
[  147.202276][ T3559]  ret_from_fork+0x1f/0x30
[  147.206713][ T3559]  </TASK>
[  147.210053][ T3559] 
[  147.212389][ T3559] =============================
[  147.217411][ T3559] [ BUG: Invalid wait context ]
[  147.222335][ T3559] 6.1.84-syzkaller #0 Tainted: G        W         
[  147.228989][ T3559] -----------------------------
[  147.233825][ T3559] kworker/u5:2/3559 is trying to lock:
[  147.239275][ T3559] ffff8880289609b0 (&hdev->unregister_lock){+.+.}-{3:3}, at: hci_cmd_sync_submit+0x3b/0x2e0
[  147.249452][ T3559] other info that might help us debug this:
[  147.255805][ T3559] context-{4:4}
[  147.259256][ T3559] 3 locks held by kworker/u5:2/3559:
[  147.266069][ T3559]  #0: ffff88807cd09938 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  147.277243][ T3559]  #1: ffffc90003b3fd20 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  147.289102][ T3559]  #2: ffffffff8d12a980 (rcu_read_lock){....}-{1:2}, at: __check_timeout+0x181/0x460
[  147.298864][ T3559] stack backtrace:
[  147.302804][ T3559] CPU: 1 PID: 3559 Comm: kworker/u5:2 Tainted: G        W          6.1.84-syzkaller #0
[  147.312630][ T3559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[  147.322942][ T3559] Workqueue: hci0 hci_tx_work
[  147.327642][ T3559] Call Trace:
[  147.331101][ T3559]  <TASK>
[  147.334034][ T3559]  dump_stack_lvl+0x1e3/0x2cb
[  147.338911][ T3559]  ? nf_tcp_handle_invalid+0x642/0x642
[  147.344383][ T3559]  ? panic+0x75d/0x75d
[  147.348547][ T3559]  __lock_acquire+0x14b1/0x1f80
[  147.353459][ T3559]  lock_acquire+0x1f8/0x5a0
[  147.357963][ T3559]  ? hci_cmd_sync_submit+0x3b/0x2e0
[  147.363417][ T3559]  ? read_lock_is_recursive+0x10/0x10
[  147.368877][ T3559]  ? __wake_up_klogd+0x1c/0x100
[  147.373718][ T3559]  ? __might_sleep+0xb0/0xb0
[  147.378303][ T3559]  ? _printk+0xd1/0x111
[  147.382570][ T3559]  ? vprintk_emit+0x622/0x740
[  147.387412][ T3559]  ? printk_sprint+0x490/0x490
[  147.392174][ T3559]  ? reacquire_held_locks+0x660/0x660
[  147.397547][ T3559]  __mutex_lock+0x132/0xd80
[  147.402043][ T3559]  ? hci_cmd_sync_submit+0x3b/0x2e0
[  147.407236][ T3559]  ? _printk+0xd1/0x111
[  147.411383][ T3559]  ? hci_cmd_sync_submit+0x3b/0x2e0
[  147.416564][ T3559]  ? mutex_lock_nested+0x10/0x10
[  147.421498][ T3559]  ? hci_conn_get_phy+0x370/0x370
[  147.426531][ T3559]  hci_cmd_sync_submit+0x3b/0x2e0
[  147.431566][ T3559]  hci_disconnect+0xe6/0x2c0
[  147.436141][ T3559]  ? hci_conn_hash_lookup_handle+0x240/0x240
[  147.442113][ T3559]  ? hci_sched_esco+0x32e/0x430
[  147.446962][ T3559]  __check_timeout+0x333/0x460
[  147.452232][ T3559]  ? __check_timeout+0x181/0x460
[  147.457155][ T3559]  hci_tx_work+0x138b/0x1ec0
[  147.461751][ T3559]  ? hci_cmd_work+0x660/0x660
[  147.466416][ T3559]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  147.472297][ T3559]  ? do_raw_spin_unlock+0x137/0x8a0
[  147.477483][ T3559]  ? process_one_work+0x7a9/0x11d0
[  147.482636][ T3559]  process_one_work+0x8a9/0x11d0
[  147.487746][ T3559]  ? worker_detach_from_pool+0x260/0x260
[  147.493367][ T3559]  ? _raw_spin_lock_irqsave+0x120/0x120
[  147.498899][ T3559]  ? kthread_data+0x4e/0xc0
[  147.503392][ T3559]  ? wq_worker_running+0x97/0x190
[  147.508416][ T3559]  worker_thread+0xa47/0x1200
[  147.513080][ T3559]  ? _raw_spin_unlock+0x40/0x40
[  147.517922][ T3559]  ? __sched_text_start+0x8/0x8
[  147.522761][ T3559]  ? _raw_spin_unlock+0x40/0x40
[  147.527616][ T3559]  kthread+0x28d/0x320
[  147.531673][ T3559]  ? worker_clr_flags+0x190/0x190
[  147.536714][ T3559]  ? kthread_blkcg+0xd0/0xd0
[  147.541292][ T3559]  ret_from_fork+0x1f/0x30
[  147.545791][ T3559]  </TASK>
[  149.557492][ T3559] Bluetooth: hci0: command 0x0406 tx timeout
executing program
[  151.906051][   T48] Bluetooth: hci0: link tx timeout
[  151.911255][   T48] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa
[  151.918924][   T48] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580
[  151.928242][   T48] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 48, name: kworker/u5:0
[  151.937260][   T48] preempt_count: 0, expected: 0
[  151.942142][   T48] RCU nest depth: 1, expected: 0
[  151.947129][   T48] INFO: lockdep is turned off.
[  151.951938][   T48] CPU: 1 PID: 48 Comm: kworker/u5:0 Tainted: G        W          6.1.84-syzkaller #0
[  151.961691][   T48] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[  151.971855][   T48] Workqueue: hci0 hci_tx_work
[  151.976621][   T48] Call Trace:
[  151.979892][   T48]  <TASK>
[  151.982823][   T48]  dump_stack_lvl+0x1e3/0x2cb
[  151.987500][   T48]  ? nf_tcp_handle_invalid+0x642/0x642
[  151.992966][   T48]  ? panic+0x75d/0x75d
[  151.997036][   T48]  ? console_unlock+0x281/0x7c0
[  152.001877][   T48]  ? console_unlock+0x781/0x7c0
[  152.006722][   T48]  ? console_unlock+0x281/0x7c0
[  152.011568][   T48]  __might_resched+0x5cb/0x780
[  152.016323][   T48]  ? __wake_up_klogd+0x1c/0x100
[  152.021159][   T48]  ? __might_sleep+0xb0/0xb0
[  152.025737][   T48]  ? _printk+0xd1/0x111
[  152.029885][   T48]  ? vprintk_emit+0x622/0x740
[  152.034641][   T48]  ? printk_sprint+0x490/0x490
[  152.039396][   T48]  ? lock_repin_lock+0x410/0x410
[  152.044424][   T48]  __mutex_lock+0xbd/0xd80
[  152.048840][   T48]  ? _printk+0xd1/0x111
[  152.053165][   T48]  ? hci_cmd_sync_submit+0x3b/0x2e0
[  152.058792][   T48]  ? mutex_lock_nested+0x10/0x10
[  152.063722][   T48]  ? rcu_is_watching+0x11/0xb0
[  152.068471][   T48]  ? hci_conn_get_phy+0x370/0x370
[  152.073484][   T48]  hci_cmd_sync_submit+0x3b/0x2e0
[  152.078586][   T48]  hci_disconnect+0xe6/0x2c0
[  152.083162][   T48]  ? lock_acquire+0xfa/0x5a0
[  152.087741][   T48]  ? hci_conn_hash_lookup_handle+0x240/0x240
[  152.093713][   T48]  ? hci_sched_esco+0x32e/0x430
[  152.098553][   T48]  ? rcu_is_watching+0x11/0xb0
[  152.103477][   T48]  __check_timeout+0x333/0x460
[  152.108313][   T48]  ? __check_timeout+0x181/0x460
[  152.114104][   T48]  hci_tx_work+0xce2/0x1ec0
[  152.118631][   T48]  ? do_raw_spin_unlock+0x137/0x8a0
[  152.123833][   T48]  ? hci_cmd_work+0x660/0x660
[  152.128520][   T48]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  152.134418][   T48]  ? do_raw_spin_unlock+0x137/0x8a0
[  152.139914][   T48]  ? read_word_at_a_time+0xe/0x20
[  152.144926][   T48]  ? process_one_work+0x7a9/0x11d0
[  152.150024][   T48]  process_one_work+0x8a9/0x11d0
[  152.154954][   T48]  ? worker_detach_from_pool+0x260/0x260
[  152.160577][   T48]  ? _raw_spin_lock_irqsave+0x120/0x120
[  152.166110][   T48]  ? kthread_data+0x4e/0xc0
[  152.170691][   T48]  ? wq_worker_running+0x97/0x190
[  152.175898][   T48]  worker_thread+0xa47/0x1200
[  152.180614][   T48]  ? __sched_text_start+0x8/0x8
[  152.185602][   T48]  kthread+0x28d/0x320
[  152.189826][   T48]  ? worker_clr_flags+0x190/0x190
[  152.194999][   T48]  ? kthread_blkcg+0xd0/0xd0
[  152.199593][   T48]  ret_from_fork+0x1f/0x30
[  152.204703][   T48]  </TASK>
[  152.208033][   T48] Bluetooth: hci0: link tx timeout
[  152.213243][   T48] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  154.277531][ T3559] Bluetooth: hci0: command 0x0406 tx timeout
executing program