workqueue: cannot queue hci_cmd_timeout on wq hci3
WARNING: CPU: 2 PID: 3 at kernel/workqueue.c:2257 __queue_work+0xc9c/0x10f0 kernel/workqueue.c:2256
Modules linked in:
CPU: 2 UID: 0 PID: 3 Comm: pool_workqueue_ Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full)
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
RIP: 0010:__queue_work+0xc9c/0x10f0 kernel/workqueue.c:2256
Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 28 04 00 00 48 8b 75 18 4c 89 f2 48 c7 c7 c0 07 ac 8b e8 f5 16 f7 ff 90 <0f> 0b 90 90 e9 96 f7 ff ff e8 56 19 38 00 90 0f 0b 90 e9 1b f6 ff
RSP: 0018:ffffc90000648be8 EFLAGS: 00010082
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817af1a8
RDX: ffff88810002c880 RSI: ffffffff817af1b5 RDI: 0000000000000001
RBP: ffff88802a370970 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff920000c918f
R13: 0000000000000100 R14: ffff888024e2d178 R15: 0000000000000001
FS: 0000000000000000(0000) GS:ffff8880d6913000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000002d9be000 CR4: 0000000000352ef0
DR0: 0000000000000007 DR1: 000000000000009b DR2: 00040000ffffffff
DR3: 000000000000000b DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
call_timer_fn+0x197/0x620 kernel/time/timer.c:1747
expire_timers kernel/time/timer.c:1793 [inline]
__run_timers+0x569/0x960 kernel/time/timer.c:2372
__run_timer_base kernel/time/timer.c:2384 [inline]
__run_timer_base kernel/time/timer.c:2376 [inline]
run_timer_base+0x114/0x190 kernel/time/timer.c:2393
run_timer_softirq+0x1a/0x40 kernel/time/timer.c:2403
handle_softirqs+0x219/0x8e0 kernel/softirq.c:579
__do_softirq kernel/softirq.c:613 [inline]
invoke_softirq kernel/softirq.c:453 [inline]
__irq_exit_rcu+0x109/0x170 kernel/softirq.c:680
irq_exit_rcu+0x9/0x30 kernel/softirq.c:696
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1050
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lockdep_unregister_key+0xe9/0x140 kernel/locking/lockdep.c:6619
Code: 48 89 ef e8 b9 e5 ff ff 48 83 2d 09 70 58 14 01 89 c3 e8 da ee ff ff 9c 58 f6 c4 02 75 52 41 f7 c4 00 02 00 00 74 01 fb 84 db <75> 1b 5b 5d 41 5c e9 4c 74 0a 00 8b 05 fa 8f 11 0f 31 db 85 c0 74
RSP: 0018:ffffc90000067d98 EFLAGS: 00000246
RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000001
RDX: 0000000000000000 RSI: ffffffff8df25d95 RDI: ffffffff8c158f60
RBP: ffffffff975599f8 R08: 0000000000043a24 R09: ffffffff95f90de8
R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000246
R13: ffff88810a8ac400 R14: ffff88810a8ac408 R15: ffff88802dbb8801
wq_unregister_lockdep kernel/workqueue.c:4818 [inline]
pwq_release_workfn+0x5e6/0xa70 kernel/workqueue.c:5114
kthread_worker_fn+0x310/0xc50 kernel/kthread.c:1010
kthread+0x3c5/0x780 kernel/kthread.c:464
ret_from_fork+0x5d7/0x6f0 arch/x86/kernel/process.c:148
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
----------------
Code disassembly (best guess):
0: 48 89 ef mov %rbp,%rdi
3: e8 b9 e5 ff ff call 0xffffe5c1
8: 48 83 2d 09 70 58 14 subq $0x1,0x14587009(%rip) # 0x14587019
f: 01
10: 89 c3 mov %eax,%ebx
12: e8 da ee ff ff call 0xffffeef1
17: 9c pushf
18: 58 pop %rax
19: f6 c4 02 test $0x2,%ah
1c: 75 52 jne 0x70
1e: 41 f7 c4 00 02 00 00 test $0x200,%r12d
25: 74 01 je 0x28
27: fb sti
28: 84 db test %bl,%bl
* 2a: 75 1b jne 0x47 <-- trapping instruction
2c: 5b pop %rbx
2d: 5d pop %rbp
2e: 41 5c pop %r12
30: e9 4c 74 0a 00 jmp 0xa7481
35: 8b 05 fa 8f 11 0f mov 0xf118ffa(%rip),%eax # 0xf119035
3b: 31 db xor %ebx,%ebx
3d: 85 c0 test %eax,%eax
3f: 74 .byte 0x74