program: socket$packet(0x11, 0x2, 0x300) socket$inet6_tcp(0xa, 0x1, 0x0) openat(0xffffffffffffff9c, 0x0, 0x40042, 0x1f7) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000040)={'veth0_to_batadv\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x2}}) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000000c0)={'veth0_to_batadv\x00'}) (fail_nth: 4) [ 81.553171][ T5095] Bluetooth: hci0: command tx timeout [ 82.558624][ T5110] FAULT_INJECTION: forcing a failure. [ 82.558624][ T5110] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 82.558669][ T5110] [ 82.558674][ T5110] ====================================================== [ 82.558678][ T5110] WARNING: possible circular locking dependency detected [ 82.558684][ T5110] 6.11.0-syzkaller-11728-gad46e8f95e93 #0 Not tainted [ 82.558691][ T5110] ------------------------------------------------------ [ 82.558695][ T5110] syz.0.0/5110 is trying to acquire lock: [ 82.558700][ T5110] ffffffff8e813418 ((console_sem).lock){-...}-{2:2}, at: down_trylock+0x20/0xa0 [ 82.558826][ T5110] [ 82.558826][ T5110] but task is already holding lock: [ 82.558830][ T5110] ffff88801fc3ea98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 82.558859][ T5110] [ 82.558859][ T5110] which lock already depends on the new lock. [ 82.558859][ T5110] [ 82.558864][ T5110] [ 82.558864][ T5110] the existing dependency chain (in reverse order) is: [ 82.558868][ T5110] [ 82.558868][ T5110] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 82.558883][ T5110] lock_acquire+0x1ed/0x550 [ 82.558901][ T5110] _raw_spin_lock_nested+0x31/0x40 [ 82.558916][ T5110] raw_spin_rq_lock_nested+0x2a/0x140 [ 82.558928][ T5110] task_rq_lock+0xc6/0x360 [ 82.558940][ T5110] cgroup_move_task+0x92/0x2d0 [ 82.558953][ T5110] css_set_move_task+0x72e/0x950 [ 82.558965][ T5110] cgroup_post_fork+0x256/0x880 [ 82.558975][ T5110] copy_process+0x39e9/0x3d50 [ 82.558989][ T5110] kernel_clone+0x226/0x8f0 [ 82.559004][ T5110] user_mode_thread+0x132/0x1a0 [ 82.559018][ T5110] rest_init+0x23/0x300 [ 82.559029][ T5110] start_kernel+0x47f/0x500 [ 82.559044][ T5110] x86_64_start_reservations+0x2a/0x30 [ 82.559057][ T5110] x86_64_start_kernel+0x9f/0xa0 [ 82.559068][ T5110] common_startup_64+0x13e/0x147 [ 82.559080][ T5110] [ 82.559080][ T5110] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 82.559096][ T5110] lock_acquire+0x1ed/0x550 [ 82.559110][ T5110] _raw_spin_lock_irqsave+0xd5/0x120 [ 82.559124][ T5110] try_to_wake_up+0xb0/0x1480 [ 82.559139][ T5110] up+0x72/0x90 [ 82.559148][ T5110] __console_unlock+0x123/0x1f0 [ 82.559183][ T5110] console_unlock+0x18f/0x3b0 [ 82.559196][ T5110] vga_remove_vgacon+0xbe/0xd0 [ 82.559234][ T5110] virtio_gpu_probe+0x347/0x3c0 [ 82.559247][ T5110] virtio_dev_probe+0x931/0xc80 [ 82.559258][ T5110] really_probe+0x2b8/0xad0 [ 82.559268][ T5110] __driver_probe_device+0x1a2/0x390 [ 82.559284][ T5110] driver_probe_device+0x50/0x430 [ 82.559294][ T5110] __driver_attach+0x45f/0x710 [ 82.559309][ T5110] bus_for_each_dev+0x239/0x2b0 [ 82.559321][ T5110] bus_add_driver+0x346/0x670 [ 82.559333][ T5110] driver_register+0x23a/0x320 [ 82.559344][ T5110] do_one_initcall+0x248/0x880 [ 82.559360][ T5110] do_initcall_level+0x157/0x210 [ 82.559370][ T5110] do_initcalls+0x3f/0x80 [ 82.559379][ T5110] kernel_init_freeable+0x435/0x5d0 [ 82.559389][ T5110] kernel_init+0x1d/0x2b0 [ 82.559406][ T5110] ret_from_fork+0x4b/0x80 [ 82.559420][ T5110] ret_from_fork_asm+0x1a/0x30 [ 82.559434][ T5110] [ 82.559434][ T5110] -> #0 ((console_sem).lock){-...}-{2:2}: [ 82.559450][ T5110] validate_chain+0x18ef/0x5920 [ 82.559461][ T5110] __lock_acquire+0x1384/0x2050 [ 82.559475][ T5110] lock_acquire+0x1ed/0x550 [ 82.559489][ T5110] _raw_spin_lock_irqsave+0xd5/0x120 [ 82.559502][ T5110] down_trylock+0x20/0xa0 [ 82.559511][ T5110] __down_trylock_console_sem+0x109/0x250 [ 82.559523][ T5110] vprintk_emit+0x3d7/0xa10 [ 82.559534][ T5110] _printk+0xd5/0x120 [ 82.559548][ T5110] should_fail_ex+0x391/0x4e0 [ 82.559563][ T5110] strncpy_from_user+0x36/0x250 [ 82.559576][ T5110] strncpy_from_user_nofault+0x71/0x140 [ 82.559587][ T5110] bpf_probe_read_user_str+0x2a/0x70 [ 82.559602][ T5110] bpf_prog_b1bc9f7c1f89903c+0x41/0x43 [ 82.559611][ T5110] bpf_trace_run4+0x334/0x590 [ 82.559622][ T5110] __schedule+0x234a/0x4b30 [ 82.559636][ T5110] preempt_schedule_common+0x84/0xd0 [ 82.559650][ T5110] preempt_schedule+0xe1/0xf0 [ 82.559663][ T5110] preempt_schedule_thunk+0x1a/0x30 [ 82.559674][ T5110] _raw_spin_unlock_irqrestore+0x130/0x140 [ 82.559688][ T5110] kthread_queue_work+0x110/0x180 [ 82.559704][ T5110] synchronize_rcu_expedited+0x5ad/0x830 [ 82.559717][ T5110] dev_deactivate_many+0x4a7/0xb10 [ 82.559727][ T5110] __dev_close_many+0x1a4/0x300 [ 82.559741][ T5110] __dev_change_flags+0x30e/0x6f0 [ 82.559755][ T5110] dev_change_flags+0x8b/0x1a0 [ 82.559769][ T5110] dev_ifsioc+0x7c8/0xe70 [ 82.559780][ T5110] dev_ioctl+0x719/0x1340 [ 82.559790][ T5110] sock_do_ioctl+0x240/0x460 [ 82.559804][ T5110] sock_ioctl+0x626/0x8e0 [ 82.559815][ T5110] __se_sys_ioctl+0xf9/0x170 [ 82.559831][ T5110] do_syscall_64+0xf3/0x230 [ 82.559846][ T5110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.559862][ T5110] [ 82.559862][ T5110] other info that might help us debug this: [ 82.559862][ T5110] [ 82.559866][ T5110] Chain exists of: [ 82.559866][ T5110] (console_sem).lock --> &p->pi_lock --> &rq->__lock [ 82.559866][ T5110] [ 82.559886][ T5110] Possible unsafe locking scenario: [ 82.559886][ T5110] [ 82.559889][ T5110] CPU0 CPU1 [ 82.559893][ T5110] ---- ---- [ 82.559896][ T5110] lock(&rq->__lock); [ 82.559903][ T5110] lock(&p->pi_lock); [ 82.559912][ T5110] lock(&rq->__lock); [ 82.559920][ T5110] lock((console_sem).lock); [ 82.559927][ T5110] [ 82.559927][ T5110] *** DEADLOCK *** [ 82.559927][ T5110] [ 82.559930][ T5110] 4 locks held by syz.0.0/5110: [ 82.559937][ T5110] #0: ffffffff8fcd1408 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x706/0x1340 [ 82.559965][ T5110] #1: ffffffff8e93d338 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 82.559993][ T5110] #2: ffff88801fc3ea98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 82.560023][ T5110] #3: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x244/0x590 [ 82.560051][ T5110] [ 82.560051][ T5110] stack backtrace: [ 82.560056][ T5110] CPU: 0 UID: 0 PID: 5110 Comm: syz.0.0 Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 82.560069][ T5110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.560076][ T5110] Call Trace: [ 82.560080][ T5110] [ 82.560086][ T5110] dump_stack_lvl+0x241/0x360 [ 82.560104][ T5110] ? __pfx_dump_stack_lvl+0x10/0x10 [ 82.560120][ T5110] ? __pfx__printk+0x10/0x10 [ 82.560139][ T5110] print_circular_bug+0x13a/0x1b0 [ 82.560152][ T5110] check_noncircular+0x36a/0x4a0 [ 82.560166][ T5110] ? __pfx_check_noncircular+0x10/0x10 [ 82.560179][ T5110] ? lockdep_lock+0x123/0x2b0 [ 82.560197][ T5110] validate_chain+0x18ef/0x5920 [ 82.560215][ T5110] ? __pfx_validate_chain+0x10/0x10 [ 82.560227][ T5110] ? __pfx_prb_first_seq+0x10/0x10 [ 82.560242][ T5110] ? this_cpu_in_panic+0x4f/0x80 [ 82.560254][ T5110] ? _prb_read_valid+0xa39/0xac0 [ 82.560270][ T5110] ? mark_lock+0x9a/0x360 [ 82.560281][ T5110] __lock_acquire+0x1384/0x2050 [ 82.560301][ T5110] lock_acquire+0x1ed/0x550 [ 82.560316][ T5110] ? down_trylock+0x20/0xa0 [ 82.560328][ T5110] ? __pfx_desc_update_last_finalized+0x10/0x10 [ 82.560341][ T5110] ? __pfx_lock_acquire+0x10/0x10 [ 82.560356][ T5110] ? rcu_is_watching+0x15/0xb0 [ 82.560369][ T5110] ? vprintk_store+0xd3e/0x1160 [ 82.560384][ T5110] _raw_spin_lock_irqsave+0xd5/0x120 [ 82.560403][ T5110] ? down_trylock+0x20/0xa0 [ 82.560414][ T5110] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 82.560429][ T5110] ? validate_chain+0x11e/0x5920 [ 82.560441][ T5110] ? validate_chain+0x11e/0x5920 [ 82.560454][ T5110] down_trylock+0x20/0xa0 [ 82.560466][ T5110] __down_trylock_console_sem+0x109/0x250 [ 82.560481][ T5110] ? _printk+0xd5/0x120 [ 82.560495][ T5110] ? __pfx___down_trylock_console_sem+0x10/0x10 [ 82.560511][ T5110] ? this_cpu_in_panic+0x4f/0x80 [ 82.560522][ T5110] ? is_printk_legacy_deferred+0x43/0x50 [ 82.560538][ T5110] ? printk_get_console_flush_type+0x1fe/0x4f0 [ 82.560552][ T5110] vprintk_emit+0x3d7/0xa10 [ 82.560565][ T5110] ? __pfx_vprintk_emit+0x10/0x10 [ 82.560578][ T5110] ? __pfx___bfs+0x10/0x10 [ 82.560593][ T5110] _printk+0xd5/0x120 [ 82.560609][ T5110] ? __pfx__printk+0x10/0x10 [ 82.560628][ T5110] should_fail_ex+0x391/0x4e0 [ 82.560644][ T5110] strncpy_from_user+0x36/0x250 [ 82.560660][ T5110] strncpy_from_user_nofault+0x71/0x140 [ 82.560673][ T5110] bpf_probe_read_user_str+0x2a/0x70 [ 82.560688][ T5110] ? bpf_trace_run4+0x244/0x590 [ 82.560700][ T5110] bpf_prog_b1bc9f7c1f89903c+0x41/0x43 [ 82.560710][ T5110] bpf_trace_run4+0x334/0x590 [ 82.560723][ T5110] ? __pfx_bpf_trace_run4+0x10/0x10 [ 82.560736][ T5110] ? task_psi_group+0x50/0x1a0 [ 82.560749][ T5110] ? psi_task_switch+0x36d/0x770 [ 82.560764][ T5110] __schedule+0x234a/0x4b30 [ 82.560780][ T5110] ? __asan_memset+0x23/0x50 [ 82.560800][ T5110] ? __pfx___schedule+0x10/0x10 [ 82.560820][ T5110] ? preempt_schedule+0xe1/0xf0 [ 82.560836][ T5110] preempt_schedule_common+0x84/0xd0 [ 82.560852][ T5110] preempt_schedule+0xe1/0xf0 [ 82.560867][ T5110] ? __pfx_preempt_schedule+0x10/0x10 [ 82.560882][ T5110] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 82.560900][ T5110] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 82.560916][ T5110] preempt_schedule_thunk+0x1a/0x30 [ 82.560929][ T5110] _raw_spin_unlock_irqrestore+0x130/0x140 [ 82.560944][ T5110] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 82.560962][ T5110] kthread_queue_work+0x110/0x180 [ 82.560979][ T5110] synchronize_rcu_expedited+0x5ad/0x830 [ 82.560995][ T5110] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 82.561011][ T5110] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 82.561024][ T5110] ? __local_bh_enable_ip+0x168/0x200 [ 82.561039][ T5110] ? dev_deactivate_many+0x250/0xb10 [ 82.561049][ T5110] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 82.561064][ T5110] ? do_raw_spin_unlock+0x58/0x8b0 [ 82.561080][ T5110] dev_deactivate_many+0x4a7/0xb10 [ 82.561091][ T5110] ? dev_deactivate_many+0x250/0xb10 [ 82.561103][ T5110] __dev_close_many+0x1a4/0x300 [ 82.561118][ T5110] ? __pfx___dev_close_many+0x10/0x10 [ 82.561133][ T5110] ? dev_set_rx_mode+0x233/0x2e0 [ 82.561149][ T5110] __dev_change_flags+0x30e/0x6f0 [ 82.561166][ T5110] ? __pfx___dev_change_flags+0x10/0x10 [ 82.561180][ T5110] ? rcu_is_watching+0x15/0xb0 [ 82.561192][ T5110] ? trace_contention_end+0x3c/0x120 [ 82.561205][ T5110] ? __mutex_lock+0x2ef/0xd70 [ 82.561216][ T5110] dev_change_flags+0x8b/0x1a0 [ 82.561232][ T5110] dev_ifsioc+0x7c8/0xe70 [ 82.561244][ T5110] ? __pfx_dev_ifsioc+0x10/0x10 [ 82.561256][ T5110] ? dev_load+0x21/0x1f0 [ 82.561268][ T5110] dev_ioctl+0x719/0x1340 [ 82.561280][ T5110] sock_do_ioctl+0x240/0x460 [ 82.561295][ T5110] ? __pfx_sock_do_ioctl+0x10/0x10 [ 82.561313][ T5110] sock_ioctl+0x626/0x8e0 [ 82.561327][ T5110] ? __pfx_sock_ioctl+0x10/0x10 [ 82.561339][ T5110] ? __fget_files+0x29/0x470 [ 82.561353][ T5110] ? __fget_files+0x3f3/0x470 [ 82.561366][ T5110] ? __pfx_sock_ioctl+0x10/0x10 [ 82.561379][ T5110] __se_sys_ioctl+0xf9/0x170 [ 82.561400][ T5110] do_syscall_64+0xf3/0x230 [ 82.561416][ T5110] ? clear_bhb_loop+0x35/0x90 [ 82.561427][ T5110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.561443][ T5110] RIP: 0033:0x7fd650d7dff9 [ 82.561452][ T5110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.561462][ T5110] RSP: 002b:00007fd651abb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 82.561474][ T5110] RAX: ffffffffffffffda RBX: 00007fd650f35f80 RCX: 00007fd650d7dff9 [ 82.561483][ T5110] RDX: 00000000200000c0 RSI: 0000000000008914 RDI: 0000000000000008 [ 82.561491][ T5110] RBP: 00007fd651abb090 R08: 0000000000000000 R09: 0000000000000000 [ 82.561498][ T5110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.561505][ T5110] R13: 0000000000000000 R14: 00007fd650f35f80 R15: 00007ffcd8e35ac8 [ 82.561517][ T5110] [ 82.998727][ T5110] CPU: 0 UID: 0 PID: 5110 Comm: syz.0.0 Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 83.002406][ T5110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.006062][ T5110] Call Trace: [ 83.007249][ T5110] [ 83.008292][ T5110] dump_stack_lvl+0x241/0x360 [ 83.009977][ T5110] ? __pfx_dump_stack_lvl+0x10/0x10 [ 83.011863][ T5110] ? __pfx__printk+0x10/0x10 [ 83.013503][ T5110] should_fail_ex+0x3b0/0x4e0 [ 83.015143][ T5110] strncpy_from_user+0x36/0x250 [ 83.016859][ T5110] strncpy_from_user_nofault+0x71/0x140 [ 83.018928][ T5110] bpf_probe_read_user_str+0x2a/0x70 [ 83.020876][ T5110] ? bpf_trace_run4+0x244/0x590 [ 83.022615][ T5110] bpf_prog_b1bc9f7c1f89903c+0x41/0x43 [ 83.024589][ T5110] bpf_trace_run4+0x334/0x590 [ 83.026256][ T5110] ? __pfx_bpf_trace_run4+0x10/0x10 [ 83.028186][ T5110] ? task_psi_group+0x50/0x1a0 [ 83.029960][ T5110] ? psi_task_switch+0x36d/0x770 [ 83.031793][ T5110] __schedule+0x234a/0x4b30 [ 83.033464][ T5110] ? __asan_memset+0x23/0x50 [ 83.035120][ T5110] ? __pfx___schedule+0x10/0x10 [ 83.036856][ T5110] ? preempt_schedule+0xe1/0xf0 [ 83.038677][ T5110] preempt_schedule_common+0x84/0xd0 [ 83.040622][ T5110] preempt_schedule+0xe1/0xf0 [ 83.042334][ T5110] ? __pfx_preempt_schedule+0x10/0x10 [ 83.044283][ T5110] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 83.046417][ T5110] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 83.048654][ T5110] preempt_schedule_thunk+0x1a/0x30 [ 83.050495][ T5110] _raw_spin_unlock_irqrestore+0x130/0x140 [ 83.052533][ T5110] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 83.054811][ T5110] kthread_queue_work+0x110/0x180 [ 83.056632][ T5110] synchronize_rcu_expedited+0x5ad/0x830 [ 83.058708][ T5110] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 83.061079][ T5110] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 83.063113][ T5110] ? __local_bh_enable_ip+0x168/0x200 [ 83.065186][ T5110] ? dev_deactivate_many+0x250/0xb10 [ 83.067196][ T5110] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 83.069385][ T5110] ? do_raw_spin_unlock+0x58/0x8b0 [ 83.071331][ T5110] dev_deactivate_many+0x4a7/0xb10 [ 83.073243][ T5110] ? dev_deactivate_many+0x250/0xb10 [ 83.075235][ T5110] __dev_close_many+0x1a4/0x300 [ 83.077103][ T5110] ? __pfx___dev_close_many+0x10/0x10 [ 83.079065][ T5110] ? dev_set_rx_mode+0x233/0x2e0 [ 83.080867][ T5110] __dev_change_flags+0x30e/0x6f0 [ 83.082799][ T5110] ? __pfx___dev_change_flags+0x10/0x10 [ 83.084942][ T5110] ? rcu_is_watching+0x15/0xb0 [ 83.086730][ T5110] ? trace_contention_end+0x3c/0x120 [ 83.088751][ T5110] ? __mutex_lock+0x2ef/0xd70 [ 83.090533][ T5110] dev_change_flags+0x8b/0x1a0 [ 83.092415][ T5110] dev_ifsioc+0x7c8/0xe70 [ 83.094076][ T5110] ? __pfx_dev_ifsioc+0x10/0x10 [ 83.095942][ T5110] ? dev_load+0x21/0x1f0 [ 83.097499][ T5110] dev_ioctl+0x719/0x1340 [ 83.099031][ T5110] sock_do_ioctl+0x240/0x460 [ 83.100672][ T5110] ? __pfx_sock_do_ioctl+0x10/0x10 [ 83.102450][ T5110] sock_ioctl+0x626/0x8e0 [ 83.103973][ T5110] ? __pfx_sock_ioctl+0x10/0x10 [ 83.105652][ T5110] ? __fget_files+0x29/0x470 [ 83.107269][ T5110] ? __fget_files+0x3f3/0x470 [ 83.108897][ T5110] ? __pfx_sock_ioctl+0x10/0x10 [ 83.110596][ T5110] __se_sys_ioctl+0xf9/0x170 [ 83.112241][ T5110] do_syscall_64+0xf3/0x230 [ 83.113991][ T5110] ? clear_bhb_loop+0x35/0x90 [ 83.115791][ T5110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.117993][ T5110] RIP: 0033:0x7fd650d7dff9 [ 83.119728][ T5110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.126926][ T5110] RSP: 002b:00007fd651abb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 83.130112][ T5110] RAX: ffffffffffffffda RBX: 00007fd650f35f80 RCX: 00007fd650d7dff9 [ 83.133109][ T5110] RDX: 00000000200000c0 RSI: 0000000000008914 RDI: 0000000000000008 [ 83.136115][ T5110] RBP: 00007fd651abb090 R08: 0000000000000000 R09: 0000000000000000 [ 83.139140][ T5110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.142168][ T5110] R13: 0000000000000000 R14: 00007fd650f35f80 R15: 00007ffcd8e35ac8 [ 83.145219][ T5110] [ 83.613103][ T5095] Bluetooth: hci0: command tx timeout