------------[ cut here ]------------ ------------[ cut here ]------------ WARNING: CPU: 0 PID: 5946 at net/bluetooth/hci_conn.c:404 hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 WARNING: CPU: 1 PID: 1231 at net/bluetooth/hci_conn.c:404 hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Modules linked in: Modules linked in: CPU: 0 PID: 5946 Comm: kworker/u5:3 Not tainted 4.19.188-syzkaller #0 CPU: 1 PID: 1231 Comm: kworker/u5:0 Not tainted 4.19.188-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: hci5 hci_conn_timeout Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Workqueue: hci3 hci_conn_timeout Code: 87 e8 20 ab eb ff 0f 0b e9 37 1c 36 ff e8 58 a7 b8 fa 48 c7 c7 a0 76 cd 87 e8 61 a2 02 00 48 c7 c7 60 7a cd 87 e8 fc aa eb ff <0f> 0b e9 12 c6 37 ff e8 34 a7 b8 fa 48 c7 c7 20 80 cd 87 e8 3d a2 RIP: 0010:hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 RSP: 0018:ffff8881ed077d40 EFLAGS: 00010286 Code: 87 e8 20 ab eb ff 0f 0b e9 37 1c 36 ff e8 58 a7 b8 fa 48 c7 c7 a0 76 cd 87 e8 61 a2 02 00 48 c7 c7 60 7a cd 87 e8 fc aa eb ff <0f> 0b e9 12 c6 37 ff e8 34 a7 b8 fa 48 c7 c7 20 80 cd 87 e8 3d a2 RAX: 0000000000000024 RBX: ffff8881d0fb01a0 RCX: 0000000000000000 RSP: 0018:ffff8881f28efd40 EFLAGS: 00010286 RDX: 0000000000000000 RSI: ffffffff87679d40 RDI: ffffffff8a1a0aa0 RAX: 0000000000000024 RBX: ffff8881dc7a2fa0 RCX: 0000000000000000 RBP: ffff8881ed077d58 R08: ffffed103ed05081 R09: ffffed103ed05080 RDX: 0000000000000000 RSI: ffffffff87679d40 RDI: ffffffff8a1a0aa0 R10: ffffed103ed05080 R11: ffff8881f6828407 R12: ffff8881d0fb0080 RBP: ffff8881f28efd58 R08: ffffed103ed25081 R09: ffffed103ed25080 R10: ffffed103ed25080 R11: ffff8881f6928407 R12: ffff8881dc7a2e80 R13: ffff8881f2813b00 R14: ffff8881db7c2800 R15: ffff8881d0fb01a0 FS: 0000000000000000(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000 R13: ffff8881f2813b00 R14: ffff8881d87fcc00 R15: ffff8881dc7a2fa0 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 FS: 0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000 CR2: 00007fa12e122718 CR3: 000000000846d005 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000002687848 CR3: 000000000846d002 CR4: 00000000001606e0 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 Call Trace: DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2152 process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2152 worker_thread+0x85/0xb60 kernel/workqueue.c:2295 worker_thread+0x85/0xb60 kernel/workqueue.c:2295 kthread+0x347/0x410 kernel/kthread.c:259 kthread+0x347/0x410 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 irq event stamp: 467910 irq event stamp: 408982 hardirqs last enabled at (467909): [] trace_hardirqs_on_thunk+0x1a/0x1c hardirqs last enabled at (408981): [] trace_hardirqs_on_thunk+0x1a/0x1c hardirqs last disabled at (467910): [] trace_hardirqs_off_thunk+0x1a/0x1c hardirqs last disabled at (408982): [] trace_hardirqs_off_thunk+0x1a/0x1c softirqs last enabled at (405798): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 softirqs last disabled at (405279): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (405279): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 ---[ end trace 0a2dfad4191f31d4 ]--- ------------[ cut here ]------------ softirqs last enabled at (465274): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 softirqs last disabled at (465161): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (465161): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 ---[ end trace 0a2dfad4191f31d5 ]--- ------------[ cut here ]------------ ------------[ cut here ]------------ WARNING: CPU: 0 PID: 5950 at net/bluetooth/hci_conn.c:404 hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Modules linked in: CPU: 0 PID: 5950 Comm: kworker/u5:7 Tainted: G W 4.19.188-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: hci0 hci_conn_timeout RIP: 0010:hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Code: 87 e8 20 ab eb ff 0f 0b e9 37 1c 36 ff e8 58 a7 b8 fa 48 c7 c7 a0 76 cd 87 e8 61 a2 02 00 48 c7 c7 60 7a cd 87 e8 fc aa eb ff <0f> 0b e9 12 c6 37 ff e8 34 a7 b8 fa 48 c7 c7 20 80 cd 87 e8 3d a2 RSP: 0018:ffff8881dc9c7d40 EFLAGS: 00010286 RAX: 0000000000000024 RBX: ffff8881e66985e0 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff87679d40 RDI: ffffffff8a1a0aa0 RBP: ffff8881dc9c7d58 R08: ffffed103ed05081 R09: ffffed103ed05080 R10: ffffed103ed05080 R11: ffff8881f6828407 R12: ffff8881e66984c0 R13: ffff8881f2813b00 R14: ffff8881db7c2000 R15: ffff8881e66985e0 FS: 0000000000000000(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f069220f000 CR3: 000000000846d006 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2152 worker_thread+0x85/0xb60 kernel/workqueue.c:2295 kthread+0x347/0x410 kernel/kthread.c:259 ------------[ cut here ]------------ ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 irq event stamp: 790 hardirqs last enabled at (789): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline] hardirqs last enabled at (789): [] _raw_spin_unlock_irq+0x27/0x90 kernel/locking/spinlock.c:192 hardirqs last disabled at (790): [] trace_hardirqs_off_thunk+0x1a/0x1c softirqs last enabled at (786): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 softirqs last disabled at (689): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (689): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 ---[ end trace 0a2dfad4191f31d6 ]--- WARNING: CPU: 0 PID: 5940 at net/bluetooth/hci_conn.c:404 hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 WARNING: CPU: 1 PID: 5947 at net/bluetooth/hci_conn.c:404 hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Modules linked in: Modules linked in: CPU: 0 PID: 5940 Comm: kworker/u5:1 Tainted: G W 4.19.188-syzkaller #0 CPU: 1 PID: 5947 Comm: kworker/u5:4 Tainted: G W 4.19.188-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: hci2 hci_conn_timeout Workqueue: hci1 hci_conn_timeout RIP: 0010:hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 RIP: 0010:hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Code: 87 e8 20 ab eb ff 0f 0b e9 37 1c 36 ff e8 58 a7 b8 fa 48 c7 c7 a0 76 cd 87 e8 61 a2 02 00 48 c7 c7 60 7a cd 87 e8 fc aa eb ff <0f> 0b e9 12 c6 37 ff e8 34 a7 b8 fa 48 c7 c7 20 80 cd 87 e8 3d a2 Code: 87 e8 20 ab eb ff 0f 0b e9 37 1c 36 ff e8 58 a7 b8 fa 48 c7 c7 a0 76 cd 87 e8 61 a2 02 00 48 c7 c7 60 7a cd 87 e8 fc aa eb ff <0f> 0b e9 12 c6 37 ff e8 34 a7 b8 fa 48 c7 c7 20 80 cd 87 e8 3d a2 RSP: 0018:ffff8881e8227d40 EFLAGS: 00010286 RSP: 0018:ffff8881db4a7d40 EFLAGS: 00010286 RAX: 0000000000000024 RBX: ffff8881dc3f0de0 RCX: 0000000000000000 RAX: 0000000000000024 RBX: ffff8881dc9dc1e0 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff87679d40 RDI: ffffffff8a1a0aa0 RDX: 0000000000000000 RSI: ffffffff87679d40 RDI: ffffffff8a1a0aa0 RBP: ffff8881e8227d58 R08: ffffed103ed25081 R09: ffffed103ed25080 R10: ffffed103ed25080 R11: ffff8881f6928407 R12: ffff8881dc3f0cc0 RBP: ffff8881db4a7d58 R08: ffffed103ed05081 R09: ffffed103ed05080 R13: ffff8881f2813b00 R14: ffff8881d888c400 R15: ffff8881dc3f0de0 R10: ffffed103ed05080 R11: ffff8881f6828407 R12: ffff8881dc9dc0c0 FS: 0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000 R13: ffff8881f2813b00 R14: ffff8881d888cc00 R15: ffff8881dc9dc1e0 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000055d061 CR3: 000000000846d003 CR4: 00000000001606e0 FS: 0000000000000000(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 CR2: 0000000000536038 CR3: 000000000846d005 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 Call Trace: DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2152 Call Trace: process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2152 worker_thread+0x85/0xb60 kernel/workqueue.c:2295 worker_thread+0x85/0xb60 kernel/workqueue.c:2295 kthread+0x347/0x410 kernel/kthread.c:259 kthread+0x347/0x410 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 irq event stamp: 622 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 hardirqs last enabled at (621): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline] hardirqs last enabled at (621): [] _raw_spin_unlock_irq+0x27/0x90 kernel/locking/spinlock.c:192 irq event stamp: 1796 hardirqs last disabled at (622): [] trace_hardirqs_off_thunk+0x1a/0x1c hardirqs last enabled at (1795): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline] hardirqs last enabled at (1795): [] _raw_spin_unlock_irq+0x27/0x90 kernel/locking/spinlock.c:192 softirqs last enabled at (604): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 softirqs last disabled at (517): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (517): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 hardirqs last disabled at (1796): [] trace_hardirqs_off_thunk+0x1a/0x1c softirqs last enabled at (1788): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 ---[ end trace 0a2dfad4191f31d7 ]--- softirqs last disabled at (1051): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (1051): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 WARNING: CPU: 1 PID: 1231 at net/bluetooth/hci_conn.c:404 hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 ---[ end trace 0a2dfad4191f31d8 ]--- Modules linked in: CPU: 1 PID: 1231 Comm: kworker/u5:0 Tainted: G W 4.19.188-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: hci4 hci_conn_timeout RIP: 0010:hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Code: 87 e8 20 ab eb ff 0f 0b e9 37 1c 36 ff e8 58 a7 b8 fa 48 c7 c7 a0 76 cd 87 e8 61 a2 02 00 48 c7 c7 60 7a cd 87 e8 fc aa eb ff <0f> 0b e9 12 c6 37 ff e8 34 a7 b8 fa 48 c7 c7 20 80 cd 87 e8 3d a2 RSP: 0018:ffff8881f28efd40 EFLAGS: 00010286 RAX: 0000000000000024 RBX: ffff8881dc9e6e60 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff87679d40 RDI: ffffffff8a1a0aa0 RBP: ffff8881f28efd58 R08: ffffed103ed25081 R09: ffffed103ed25080 R10: ffffed103ed25080 R11: ffff8881f6928407 R12: ffff8881dc9e6d40 R13: ffff8881f2813b00 R14: ffff8881d87fc400 R15: ffff8881dc9e6e60 FS: 0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000055d061 CR3: 000000000846d003 CR4: 00000000001606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2152 worker_thread+0x85/0xb60 kernel/workqueue.c:2295 kthread+0x347/0x410 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 irq event stamp: 409110 hardirqs last enabled at (409109): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline] hardirqs last enabled at (409109): [] _raw_spin_unlock_irq+0x27/0x90 kernel/locking/spinlock.c:192 hardirqs last disabled at (409110): [] trace_hardirqs_off_thunk+0x1a/0x1c softirqs last enabled at (409106): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 softirqs last disabled at (409023): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (409023): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 ---[ end trace 0a2dfad4191f31d9 ]--- Bluetooth: hci5: command 0x0406 tx timeout Bluetooth: hci0: command 0x0406 tx timeout Bluetooth: hci3: command 0x0406 tx timeout Bluetooth: hci1: command 0x0406 tx timeout Bluetooth: hci2: command 0x0406 tx timeout Bluetooth: hci4: command 0x0406 tx timeout