BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585 in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 53, name: kworker/u9:0 preempt_count: 0, expected: 0 RCU nest depth: 1, expected: 0 4 locks held by kworker/u9:0/53: #0: ffff0000c5e89148 ((wq_completion)hci2#2){+.+.}-{0:0}, at: process_one_work+0x624/0x15b8 kernel/workqueue.c:3205 #1: ffff800094bb7c20 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x6a0/0x15b8 kernel/workqueue.c:3205 #2: ffff0000eb1a8078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xc0/0x998 net/bluetooth/hci_event.c:6853 #3: ffff80008f6edb60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c include/linux/rcupdate.h:325 CPU: 1 UID: 0 PID: 53 Comm: kworker/u9:0 Not tainted 6.11.0-rc4-syzkaller-gbe6d853c7631 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 Workqueue: hci2 hci_rx_work Call trace: dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:317 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:324 __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:119 dump_stack+0x1c/0x28 lib/dump_stack.c:128 __might_resched+0x374/0x4d0 kernel/sched/core.c:8463 __might_sleep+0x90/0xe4 kernel/sched/core.c:8392 __mutex_lock_common+0xcc/0x21a0 kernel/locking/mutex.c:585 __mutex_lock kernel/locking/mutex.c:752 [inline] mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804 hci_connect_cfm include/net/bluetooth/hci_core.h:1962 [inline] hci_le_create_big_complete_evt+0x348/0x998 net/bluetooth/hci_event.c:6878 hci_le_meta_evt+0x2a4/0x478 net/bluetooth/hci_event.c:7135 hci_event_func net/bluetooth/hci_event.c:7443 [inline] hci_event_packet+0x890/0x106c net/bluetooth/hci_event.c:7498 hci_rx_work+0x318/0xa80 net/bluetooth/hci_core.c:4022 process_one_work+0x79c/0x15b8 kernel/workqueue.c:3231 process_scheduled_works kernel/workqueue.c:3312 [inline] worker_thread+0x938/0xebc kernel/workqueue.c:3390 kthread+0x288/0x310 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860 ============================= [ BUG: Invalid wait context ] 6.11.0-rc4-syzkaller-gbe6d853c7631 #0 Tainted: G W ----------------------------- kworker/u9:0/53 is trying to lock: ffff800092518908 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:1962 [inline] ffff800092518908 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0x348/0x998 net/bluetooth/hci_event.c:6878 other info that might help us debug this: context-{4:4} 4 locks held by kworker/u9:0/53: #0: ffff0000c5e89148 ((wq_completion)hci2#2){+.+.}-{0:0}, at: process_one_work+0x624/0x15b8 kernel/workqueue.c:3205 #1: ffff800094bb7c20 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x6a0/0x15b8 kernel/workqueue.c:3205 #2: ffff0000eb1a8078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xc0/0x998 net/bluetooth/hci_event.c:6853 #3: ffff80008f6edb60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c include/linux/rcupdate.h:325 stack backtrace: CPU: 1 UID: 0 PID: 53 Comm: kworker/u9:0 Tainted: G W 6.11.0-rc4-syzkaller-gbe6d853c7631 #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 Workqueue: hci2 hci_rx_work Call trace: dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:317 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:324 __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:119 dump_stack+0x1c/0x28 lib/dump_stack.c:128 print_lock_invalid_wait_context kernel/locking/lockdep.c:4750 [inline] check_wait_context kernel/locking/lockdep.c:4820 [inline] __lock_acquire+0x1f30/0x779c kernel/locking/lockdep.c:5092 lock_acquire+0x240/0x728 kernel/locking/lockdep.c:5759 __mutex_lock_common+0x190/0x21a0 kernel/locking/mutex.c:608 __mutex_lock kernel/locking/mutex.c:752 [inline] mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804 hci_connect_cfm include/net/bluetooth/hci_core.h:1962 [inline] hci_le_create_big_complete_evt+0x348/0x998 net/bluetooth/hci_event.c:6878 hci_le_meta_evt+0x2a4/0x478 net/bluetooth/hci_event.c:7135 hci_event_func net/bluetooth/hci_event.c:7443 [inline] hci_event_packet+0x890/0x106c net/bluetooth/hci_event.c:7498 hci_rx_work+0x318/0xa80 net/bluetooth/hci_core.c:4022 process_one_work+0x79c/0x15b8 kernel/workqueue.c:3231 process_scheduled_works kernel/workqueue.c:3312 [inline] worker_thread+0x938/0xebc kernel/workqueue.c:3390 kthread+0x288/0x310 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860 ------------[ cut here ]------------ Voluntary context switch within RCU read-side critical section! WARNING: CPU: 1 PID: 53 at kernel/rcu/tree_plugin.h:330 rcu_note_context_switch+0xb84/0x101c kernel/rcu/tree_plugin.h:330 Modules linked in: CPU: 1 UID: 0 PID: 53 Comm: kworker/u9:0 Tainted: G W 6.11.0-rc4-syzkaller-gbe6d853c7631 #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 Workqueue: hci2 hci_rx_work pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : rcu_note_context_switch+0xb84/0x101c kernel/rcu/tree_plugin.h:330 lr : rcu_note_context_switch+0xb84/0x101c kernel/rcu/tree_plugin.h:330 sp : ffff800094bb7230 x29: ffff800094bb72c0 x28: dfff800000000000 x27: 1ffff00011ea20a1 x26: 0000000000000000 x25: ffff700012976ec8 x24: 0000000000000000 x23: dfff800000000000 x22: ffff80012489c000 x21: ffff0000c2d1bc80 x20: ffff0000c2d1c084 x19: ffff0000c2d1bc80 x18: 0000000000000008 x17: 0000000000000000 x16: ffff80008b22da30 x15: ffff700011eb1170 x14: 1ffff00011eb1170 x13: 0000000000000004 x12: ffffffffffffffff x11: 0000000000100000 x10: 000000000007be96 x9 : ad6a966005413100 x8 : ad6a966005413100 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff800094bb6978 x4 : ffff80008f5fb1e0 x3 : ffff8000803823c8 x2 : 0000000000000000 x1 : 0000000000000001 x0 : 0000000000000000 Call trace: rcu_note_context_switch+0xb84/0x101c kernel/rcu/tree_plugin.h:330 __schedule+0x2c0/0x2418 kernel/sched/core.c:6417 __schedule_loop kernel/sched/core.c:6606 [inline] schedule+0xbc/0x238 kernel/sched/core.c:6621 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6678 mutex_optimistic_spin+0x2e0/0x49c kernel/locking/mutex.c:510 __mutex_lock_common+0x1bc/0x21a0 kernel/locking/mutex.c:612 __mutex_lock kernel/locking/mutex.c:752 [inline] mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804 hci_connect_cfm include/net/bluetooth/hci_core.h:1962 [inline] hci_le_create_big_complete_evt+0x348/0x998 net/bluetooth/hci_event.c:6878 hci_le_meta_evt+0x2a4/0x478 net/bluetooth/hci_event.c:7135 hci_event_func net/bluetooth/hci_event.c:7443 [inline] hci_event_packet+0x890/0x106c net/bluetooth/hci_event.c:7498 hci_rx_work+0x318/0xa80 net/bluetooth/hci_core.c:4022 process_one_work+0x79c/0x15b8 kernel/workqueue.c:3231 process_scheduled_works kernel/workqueue.c:3312 [inline] worker_thread+0x938/0xebc kernel/workqueue.c:3390 kthread+0x288/0x310 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860 irq event stamp: 4525 hardirqs last enabled at (4525): [] __exit_to_kernel_mode arch/arm64/kernel/entry-common.c:85 [inline] hardirqs last enabled at (4525): [] exit_to_kernel_mode+0xdc/0x10c arch/arm64/kernel/entry-common.c:95 hardirqs last disabled at (4524): [] preempt_schedule_irq+0x90/0x188 kernel/sched/core.c:6852 softirqs last enabled at (4520): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (4520): [] handle_softirqs+0xa3c/0xbfc kernel/softirq.c:582 softirqs last disabled at (4481): [] __do_softirq+0x14/0x20 kernel/softirq.c:588 ---[ end trace 0000000000000000 ]---