program: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x4, 0x700000000000000}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r2, 0x1, 0x1d, &(0x7f00000000c0)=0x10400, 0x4) sendto$unix(r1, 0x0, 0x0, 0x0, 0x0, 0x0) recvmsg$unix(r2, &(0x7f0000002a40)={0x0, 0x0, 0x0}, 0x400001a0) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0xfffffffffffffc7e) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b708"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043e1f1b"], 0x22) [ 58.977087][ T5307] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585 [ 58.984501][ T5307] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5307, name: kworker/u5:2 [ 58.988016][ T5307] preempt_count: 0, expected: 0 [ 58.989869][ T5307] RCU nest depth: 1, expected: 0 [ 58.992498][ T5307] 4 locks held by kworker/u5:2/5307: [ 58.994459][ T5307] #0: ffff8880403e6148 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 59.001975][ T5307] #1: ffffc9000d567d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 59.006568][ T5307] #2: ffff888040448078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 [ 59.021265][ T5307] #3: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 [ 59.025214][ T5307] CPU: 0 UID: 0 PID: 5307 Comm: kworker/u5:2 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0 [ 59.029082][ T5307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.032906][ T5307] Workqueue: hci0 hci_rx_work [ 59.034727][ T5307] Call Trace: [ 59.036000][ T5307] [ 59.037141][ T5307] dump_stack_lvl+0x241/0x360 [ 59.038985][ T5307] ? __pfx_dump_stack_lvl+0x10/0x10 [ 59.040932][ T5307] ? __pfx__printk+0x10/0x10 [ 59.042665][ T5307] __might_resched+0x5d4/0x780 [ 59.044415][ T5307] ? __mutex_lock+0x112/0xd70 [ 59.046201][ T5307] ? __pfx___might_resched+0x10/0x10 [ 59.048114][ T5307] __mutex_lock+0xc1/0xd70 [ 59.049782][ T5307] ? __pfx_lock_acquire+0x10/0x10 [ 59.051600][ T5307] ? hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.053893][ T5307] ? __pfx_lock_release+0x10/0x10 [ 59.055960][ T5307] ? __pfx___mutex_lock+0x10/0x10 [ 59.057824][ T5307] ? trace_contention_end+0x3c/0x120 [ 59.059681][ T5307] ? skb_pull_data+0x112/0x230 [ 59.061526][ T5307] ? hci_conn_set_handle+0x9a/0x270 [ 59.063370][ T5307] hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.065649][ T5307] ? __copy_skb_header+0x437/0x5b0 [ 59.067607][ T5307] ? hci_le_create_big_complete_evt+0xdb/0xae0 [ 59.069843][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.072111][ T5307] ? hci_le_meta_evt+0x366/0x580 [ 59.073925][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.076298][ T5307] hci_event_packet+0xa55/0x1540 [ 59.078079][ T5307] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 59.079968][ T5307] ? __pfx_hci_event_packet+0x10/0x10 [ 59.081871][ T5307] ? do_raw_spin_unlock+0x58/0x8b0 [ 59.083729][ T5307] ? hci_send_to_monitor+0xd8/0x7f0 [ 59.085726][ T5307] ? kcov_remote_start+0x97/0x7d0 [ 59.087521][ T5307] hci_rx_work+0x3e8/0xca0 [ 59.089119][ T5307] ? process_scheduled_works+0x976/0x1850 [ 59.091222][ T5307] process_scheduled_works+0xa63/0x1850 [ 59.093242][ T5307] ? __pfx_process_scheduled_works+0x10/0x10 [ 59.095427][ T5307] ? assign_work+0x364/0x3d0 [ 59.097107][ T5307] worker_thread+0x870/0xd30 [ 59.098813][ T5307] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 59.100939][ T5307] ? __kthread_parkme+0x169/0x1d0 [ 59.102748][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.104536][ T5307] kthread+0x2f0/0x390 [ 59.105981][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.107890][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.109739][ T5307] ret_from_fork+0x4b/0x80 [ 59.111336][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.112967][ T5307] ret_from_fork_asm+0x1a/0x30 [ 59.114757][ T5307] [ 59.118820][ T5307] [ 59.119739][ T5307] ============================= [ 59.121498][ T5307] [ BUG: Invalid wait context ] [ 59.123306][ T5307] 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0 Tainted: G W [ 59.126433][ T5307] ----------------------------- [ 59.128161][ T5307] kworker/u5:2/5307 is trying to lock: [ 59.130064][ T5307] ffffffff8fe40568 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.133906][ T5307] other info that might help us debug this: [ 59.135973][ T5307] context-{4:4} [ 59.137273][ T5307] 4 locks held by kworker/u5:2/5307: [ 59.139195][ T5307] #0: ffff8880403e6148 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 59.143384][ T5307] #1: ffffc9000d567d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 59.147969][ T5307] #2: ffff888040448078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 [ 59.151869][ T5307] #3: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 [ 59.155894][ T5307] stack backtrace: [ 59.157290][ T5307] CPU: 0 UID: 0 PID: 5307 Comm: kworker/u5:2 Tainted: G W 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0 [ 59.161609][ T5307] Tainted: [W]=WARN [ 59.163020][ T5307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.166836][ T5307] Workqueue: hci0 hci_rx_work [ 59.168543][ T5307] Call Trace: [ 59.169787][ T5307] [ 59.170899][ T5307] dump_stack_lvl+0x241/0x360 [ 59.172671][ T5307] ? __pfx_dump_stack_lvl+0x10/0x10 [ 59.174540][ T5307] ? __pfx__printk+0x10/0x10 [ 59.176073][ T5307] __lock_acquire+0x154a/0x2050 [ 59.177909][ T5307] lock_acquire+0x1ed/0x550 [ 59.179545][ T5307] ? hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.181854][ T5307] ? __pfx_lock_acquire+0x10/0x10 [ 59.183693][ T5307] ? __mutex_lock+0x112/0xd70 [ 59.185509][ T5307] ? __pfx___might_resched+0x10/0x10 [ 59.187519][ T5307] __mutex_lock+0x136/0xd70 [ 59.189177][ T5307] ? hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.191480][ T5307] ? __pfx_lock_acquire+0x10/0x10 [ 59.193432][ T5307] ? hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.195789][ T5307] ? __pfx_lock_release+0x10/0x10 [ 59.197704][ T5307] ? __pfx___mutex_lock+0x10/0x10 [ 59.199590][ T5307] ? trace_contention_end+0x3c/0x120 [ 59.201500][ T5307] ? skb_pull_data+0x112/0x230 [ 59.203274][ T5307] ? hci_conn_set_handle+0x9a/0x270 [ 59.205261][ T5307] hci_le_create_big_complete_evt+0x3d9/0xae0 [ 59.207448][ T5307] ? __copy_skb_header+0x437/0x5b0 [ 59.209310][ T5307] ? hci_le_create_big_complete_evt+0xdb/0xae0 [ 59.211491][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.213889][ T5307] ? hci_le_meta_evt+0x366/0x580 [ 59.215661][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.218038][ T5307] hci_event_packet+0xa55/0x1540 [ 59.219765][ T5307] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 59.221581][ T5307] ? __pfx_hci_event_packet+0x10/0x10 [ 59.223558][ T5307] ? do_raw_spin_unlock+0x58/0x8b0 [ 59.225299][ T5307] ? hci_send_to_monitor+0xd8/0x7f0 [ 59.227053][ T5307] ? kcov_remote_start+0x97/0x7d0 [ 59.228696][ T5307] hci_rx_work+0x3e8/0xca0 [ 59.230209][ T5307] ? process_scheduled_works+0x976/0x1850 [ 59.232072][ T5307] process_scheduled_works+0xa63/0x1850 [ 59.234200][ T5307] ? __pfx_process_scheduled_works+0x10/0x10 [ 59.236513][ T5307] ? assign_work+0x364/0x3d0 [ 59.238270][ T5307] worker_thread+0x870/0xd30 [ 59.240004][ T5307] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 59.242226][ T5307] ? __kthread_parkme+0x169/0x1d0 [ 59.244203][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.246090][ T5307] kthread+0x2f0/0x390 [ 59.247674][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.249529][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.251177][ T5307] ret_from_fork+0x4b/0x80 [ 59.252872][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.254600][ T5307] ret_from_fork_asm+0x1a/0x30 [ 59.256319][ T5307] [ 59.261574][ T5307] ================================================================== [ 59.264512][ T5307] BUG: KASAN: slab-use-after-free in hci_le_create_big_complete_evt+0x383/0xae0 [ 59.267984][ T5307] Read of size 8 at addr ffff888043c9c000 by task kworker/u5:2/5307 [ 59.270965][ T5307] [ 59.271854][ T5307] CPU: 0 UID: 0 PID: 5307 Comm: kworker/u5:2 Tainted: G W 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0 [ 59.276288][ T5307] Tainted: [W]=WARN [ 59.277760][ T5307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.281674][ T5307] Workqueue: hci0 hci_rx_work [ 59.283451][ T5307] Call Trace: [ 59.284743][ T5307] [ 59.285785][ T5307] dump_stack_lvl+0x241/0x360 [ 59.287533][ T5307] ? __pfx_dump_stack_lvl+0x10/0x10 [ 59.289464][ T5307] ? __pfx__printk+0x10/0x10 [ 59.291143][ T5307] ? _printk+0xd5/0x120 [ 59.292606][ T5307] ? __virt_addr_valid+0x183/0x530 [ 59.294388][ T5307] ? __virt_addr_valid+0x183/0x530 [ 59.296269][ T5307] print_report+0x169/0x550 [ 59.297904][ T5307] ? __virt_addr_valid+0x183/0x530 [ 59.300050][ T5307] ? __virt_addr_valid+0x183/0x530 [ 59.302366][ T5307] ? __virt_addr_valid+0x45f/0x530 [ 59.304321][ T5307] ? __phys_addr+0xba/0x170 [ 59.306074][ T5307] ? hci_le_create_big_complete_evt+0x383/0xae0 [ 59.308323][ T5307] kasan_report+0x143/0x180 [ 59.309918][ T5307] ? hci_le_create_big_complete_evt+0x383/0xae0 [ 59.312161][ T5307] hci_le_create_big_complete_evt+0x383/0xae0 [ 59.314436][ T5307] ? __copy_skb_header+0x437/0x5b0 [ 59.316390][ T5307] ? hci_le_create_big_complete_evt+0xdb/0xae0 [ 59.318609][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.320956][ T5307] ? hci_le_meta_evt+0x366/0x580 [ 59.322827][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.325269][ T5307] hci_event_packet+0xa55/0x1540 [ 59.327133][ T5307] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 59.329127][ T5307] ? __pfx_hci_event_packet+0x10/0x10 [ 59.331127][ T5307] ? do_raw_spin_unlock+0x58/0x8b0 [ 59.332975][ T5307] ? hci_send_to_monitor+0xd8/0x7f0 [ 59.335017][ T5307] ? kcov_remote_start+0x97/0x7d0 [ 59.336829][ T5307] hci_rx_work+0x3e8/0xca0 [ 59.338422][ T5307] ? process_scheduled_works+0x976/0x1850 [ 59.340405][ T5307] process_scheduled_works+0xa63/0x1850 [ 59.342477][ T5307] ? __pfx_process_scheduled_works+0x10/0x10 [ 59.344676][ T5307] ? assign_work+0x364/0x3d0 [ 59.346528][ T5307] worker_thread+0x870/0xd30 [ 59.348322][ T5307] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 59.350750][ T5307] ? __kthread_parkme+0x169/0x1d0 [ 59.352679][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.354571][ T5307] kthread+0x2f0/0x390 [ 59.356146][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.357970][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.359798][ T5307] ret_from_fork+0x4b/0x80 [ 59.361674][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.363547][ T5307] ret_from_fork_asm+0x1a/0x30 [ 59.365278][ T5307] [ 59.366454][ T5307] [ 59.367335][ T5307] Allocated by task 5307: [ 59.368928][ T5307] kasan_save_track+0x3f/0x80 [ 59.370672][ T5307] __kasan_kmalloc+0x98/0xb0 [ 59.372332][ T5307] __kmalloc_cache_noprof+0x19c/0x2c0 [ 59.374234][ T5307] __hci_conn_add+0x2f9/0x1850 [ 59.376050][ T5307] hci_le_big_sync_established_evt+0x414/0xc20 [ 59.378325][ T5307] hci_event_packet+0xa55/0x1540 [ 59.380166][ T5307] hci_rx_work+0x3e8/0xca0 [ 59.382005][ T5307] process_scheduled_works+0xa63/0x1850 [ 59.384490][ T5307] worker_thread+0x870/0xd30 [ 59.386332][ T5307] kthread+0x2f0/0x390 [ 59.387783][ T5307] ret_from_fork+0x4b/0x80 [ 59.389414][ T5307] ret_from_fork_asm+0x1a/0x30 [ 59.391171][ T5307] [ 59.392058][ T5307] Freed by task 5307: [ 59.393605][ T5307] kasan_save_track+0x3f/0x80 [ 59.395353][ T5307] kasan_save_free_info+0x40/0x50 [ 59.397230][ T5307] __kasan_slab_free+0x59/0x70 [ 59.399317][ T5307] kfree+0x1a0/0x440 [ 59.401119][ T5307] device_release+0x99/0x1c0 [ 59.403261][ T5307] kobject_put+0x22f/0x480 [ 59.405265][ T5307] hci_conn_del+0x8c4/0xc40 [ 59.407335][ T5307] hci_le_create_big_complete_evt+0x619/0xae0 [ 59.410088][ T5307] hci_event_packet+0xa55/0x1540 [ 59.411879][ T5307] hci_rx_work+0x3e8/0xca0 [ 59.413452][ T5307] process_scheduled_works+0xa63/0x1850 [ 59.415442][ T5307] worker_thread+0x870/0xd30 [ 59.417117][ T5307] kthread+0x2f0/0x390 [ 59.418581][ T5307] ret_from_fork+0x4b/0x80 [ 59.420186][ T5307] ret_from_fork_asm+0x1a/0x30 [ 59.421922][ T5307] [ 59.422790][ T5307] The buggy address belongs to the object at ffff888043c9c000 [ 59.422790][ T5307] which belongs to the cache kmalloc-8k of size 8192 [ 59.427663][ T5307] The buggy address is located 0 bytes inside of [ 59.427663][ T5307] freed 8192-byte region [ffff888043c9c000, ffff888043c9e000) [ 59.432345][ T5307] [ 59.433211][ T5307] The buggy address belongs to the physical page: [ 59.435592][ T5307] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x43c98 [ 59.438589][ T5307] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 59.441525][ T5307] anon flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 59.444336][ T5307] page_type: f5(slab) [ 59.445814][ T5307] raw: 04fff00000000040 ffff88801ac42280 0000000000000000 0000000000000001 [ 59.448919][ T5307] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 59.451979][ T5307] head: 04fff00000000040 ffff88801ac42280 0000000000000000 0000000000000001 [ 59.455119][ T5307] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 59.458227][ T5307] head: 04fff00000000003 ffffea00010f2601 ffffffffffffffff 0000000000000000 [ 59.461301][ T5307] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 59.464270][ T5307] page dumped because: kasan: bad access detected [ 59.466579][ T5307] page_owner tracks the page as allocated [ 59.468397][ T5307] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5304, tgid 5304 (sh), ts 55993486773, free_ts 55957667262 [ 59.475292][ T5307] post_alloc_hook+0x1f3/0x230 [ 59.476987][ T5307] get_page_from_freelist+0x3649/0x3790 [ 59.478977][ T5307] __alloc_pages_noprof+0x292/0x710 [ 59.480884][ T5307] alloc_pages_mpol_noprof+0x3e8/0x680 [ 59.482869][ T5307] alloc_slab_page+0x6a/0x140 [ 59.484594][ T5307] allocate_slab+0x5a/0x2f0 [ 59.486266][ T5307] ___slab_alloc+0xcd1/0x14b0 [ 59.488007][ T5307] __slab_alloc+0x58/0xa0 [ 59.489516][ T5307] __kmalloc_cache_noprof+0x1d5/0x2c0 [ 59.491566][ T5307] tomoyo_init_log+0x11cd/0x2050 [ 59.493325][ T5307] tomoyo_supervisor+0x38a/0x11f0 [ 59.495118][ T5307] tomoyo_env_perm+0x178/0x210 [ 59.496787][ T5307] tomoyo_find_next_domain+0x146e/0x1d40 [ 59.498713][ T5307] tomoyo_bprm_check_security+0x114/0x180 [ 59.500663][ T5307] security_bprm_check+0x86/0x250 [ 59.502527][ T5307] bprm_execve+0xa56/0x1770 [ 59.504157][ T5307] page last free pid 5228 tgid 5228 stack trace: [ 59.506472][ T5307] free_unref_page+0xdf9/0x1140 [ 59.508291][ T5307] vfree+0x186/0x2e0 [ 59.509732][ T5307] kcov_close+0x28/0x50 [ 59.511210][ T5307] __fput+0x23f/0x880 [ 59.512673][ T5307] __x64_sys_close+0x7f/0x110 [ 59.514328][ T5307] do_syscall_64+0xf3/0x230 [ 59.516056][ T5307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 59.518284][ T5307] [ 59.519152][ T5307] Memory state around the buggy address: [ 59.520980][ T5307] ffff888043c9bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.523728][ T5307] ffff888043c9bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.526648][ T5307] >ffff888043c9c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 59.529652][ T5307] ^ [ 59.531224][ T5307] ffff888043c9c080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 59.534188][ T5307] ffff888043c9c100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 59.537029][ T5307] ================================================================== [ 59.548646][ T5307] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 59.551238][ T5307] CPU: 0 UID: 0 PID: 5307 Comm: kworker/u5:2 Tainted: G W 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0 [ 59.555559][ T5307] Tainted: [W]=WARN [ 59.556947][ T5307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.560754][ T5307] Workqueue: hci0 hci_rx_work [ 59.562379][ T5307] Call Trace: [ 59.563556][ T5307] [ 59.564655][ T5307] dump_stack_lvl+0x241/0x360 [ 59.566445][ T5307] ? __pfx_dump_stack_lvl+0x10/0x10 [ 59.568343][ T5307] ? __pfx__printk+0x10/0x10 [ 59.570050][ T5307] ? rcu_is_watching+0x15/0xb0 [ 59.571822][ T5307] ? preempt_schedule+0xe1/0xf0 [ 59.573617][ T5307] ? vscnprintf+0x5d/0x90 [ 59.575124][ T5307] panic+0x349/0x880 [ 59.576566][ T5307] ? check_panic_on_warn+0x21/0xb0 [ 59.578367][ T5307] ? __pfx_panic+0x10/0x10 [ 59.579984][ T5307] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 59.582149][ T5307] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 59.584311][ T5307] ? print_report+0x502/0x550 [ 59.585974][ T5307] check_panic_on_warn+0x86/0xb0 [ 59.587773][ T5307] ? hci_le_create_big_complete_evt+0x383/0xae0 [ 59.590000][ T5307] end_report+0x77/0x160 [ 59.591505][ T5307] kasan_report+0x154/0x180 [ 59.593120][ T5307] ? hci_le_create_big_complete_evt+0x383/0xae0 [ 59.595322][ T5307] hci_le_create_big_complete_evt+0x383/0xae0 [ 59.597458][ T5307] ? __copy_skb_header+0x437/0x5b0 [ 59.599318][ T5307] ? hci_le_create_big_complete_evt+0xdb/0xae0 [ 59.601495][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.603963][ T5307] ? hci_le_meta_evt+0x366/0x580 [ 59.605795][ T5307] ? __pfx_hci_le_create_big_complete_evt+0x10/0x10 [ 59.608096][ T5307] hci_event_packet+0xa55/0x1540 [ 59.610118][ T5307] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 59.612296][ T5307] ? __pfx_hci_event_packet+0x10/0x10 [ 59.614619][ T5307] ? do_raw_spin_unlock+0x58/0x8b0 [ 59.616483][ T5307] ? hci_send_to_monitor+0xd8/0x7f0 [ 59.618347][ T5307] ? kcov_remote_start+0x97/0x7d0 [ 59.620195][ T5307] hci_rx_work+0x3e8/0xca0 [ 59.621919][ T5307] ? process_scheduled_works+0x976/0x1850 [ 59.624166][ T5307] process_scheduled_works+0xa63/0x1850 [ 59.626524][ T5307] ? __pfx_process_scheduled_works+0x10/0x10 [ 59.628832][ T5307] ? assign_work+0x364/0x3d0 [ 59.630564][ T5307] worker_thread+0x870/0xd30 [ 59.632232][ T5307] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 59.634310][ T5307] ? __kthread_parkme+0x169/0x1d0 [ 59.636143][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.637973][ T5307] kthread+0x2f0/0x390 [ 59.639449][ T5307] ? __pfx_worker_thread+0x10/0x10 [ 59.641341][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.642973][ T5307] ret_from_fork+0x4b/0x80 [ 59.644568][ T5307] ? __pfx_kthread+0x10/0x10 [ 59.646367][ T5307] ret_from_fork_asm+0x1a/0x30 [ 59.648169][ T5307] [ 59.649595][ T5307] Kernel Offset: disabled [ 59.651224][ T5307] Rebooting in 86400 seconds..