------------[ cut here ]------------ WARNING: CPU: 0 PID: 5898 at net/bluetooth/hci_conn.c:404 hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Modules linked in: CPU: 0 PID: 5898 Comm: kworker/u5:1 Not tainted 4.19.196-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: hci4 hci_conn_timeout RIP: 0010:hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Code: 87 e8 05 ac eb ff 0f 0b e9 6f dc 35 ff e8 00 54 b8 fa 48 c7 c7 20 b3 cd 87 e8 07 a7 02 00 48 c7 c7 e0 b6 cd 87 e8 e1 ab eb ff <0f> 0b e9 4a 86 37 ff e8 dc 53 b8 fa 48 c7 c7 a0 bc cd 87 e8 e3 a6 RSP: 0018:ffff8881d175fd40 EFLAGS: 00010286 RAX: 0000000000000024 RBX: ffff8881e70987a0 RCX: 0000000000000000 ------------[ cut here ]------------ RDX: 0000000000000000 RSI: ffffffff8767a100 RDI: ffffffff8a19eaa0 RBP: ffff8881d175fd58 R08: ffffed103ed05081 R09: ffffed103ed05080 R10: ffffed103ed05080 R11: ffff8881f6828407 R12: ffff8881e7098680 R13: ffff8881f2911b00 R14: ffff8881ea24b400 R15: ffff8881e70987a0 FS: 0000000000000000(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000002cde848 CR3: 000000000846d004 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 WARNING: CPU: 1 PID: 5911 at net/bluetooth/hci_conn.c:404 hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Modules linked in: Call Trace: CPU: 1 PID: 5911 Comm: kworker/u5:4 Not tainted 4.19.196-syzkaller #0 process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2153 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: hci5 hci_conn_timeout RIP: 0010:hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Code: 87 e8 05 ac eb ff 0f 0b e9 6f dc 35 ff e8 00 54 b8 fa 48 c7 c7 20 b3 cd 87 e8 07 a7 02 00 48 c7 c7 e0 b6 cd 87 e8 e1 ab eb ff <0f> 0b e9 4a 86 37 ff e8 dc 53 b8 fa 48 c7 c7 a0 bc cd 87 e8 e3 a6 RSP: 0000:ffff8881d16ffd40 EFLAGS: 00010286 worker_thread+0x85/0xb60 kernel/workqueue.c:2296 RAX: 0000000000000024 RBX: ffff8881e79a23e0 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff8767a100 RDI: ffffffff8a19eaa0 kthread+0x347/0x410 kernel/kthread.c:259 RBP: ffff8881d16ffd58 R08: ffffed103ed25081 R09: ffffed103ed25080 R10: ffffed103ed25080 R11: ffff8881f6928407 R12: ffff8881e79a22c0 R13: ffff8881f2911b00 R14: ffff8881ea6d8400 R15: ffff8881e79a23e0 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 FS: 0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000 irq event stamp: 104596 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000000 CR3: 000000000846d002 CR4: 00000000001606e0 hardirqs last enabled at (104595): [] console_unlock+0xa4a/0xe20 kernel/printk/printk.c:2489 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 hardirqs last disabled at (104596): [] trace_hardirqs_off_thunk+0x1a/0x1c DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: softirqs last enabled at (99592): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 softirqs last disabled at (99049): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (99049): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2153 ---[ end trace de2c92ccc23de4ac ]--- ------------[ cut here ]------------ ------------[ cut here ]------------ worker_thread+0x85/0xb60 kernel/workqueue.c:2296 kthread+0x347/0x410 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 irq event stamp: 436418 hardirqs last enabled at (436417): [] console_unlock+0xb9e/0xe20 kernel/printk/printk.c:2464 ------------[ cut here ]------------ hardirqs last disabled at (436418): [] trace_hardirqs_off_thunk+0x1a/0x1c softirqs last enabled at (435686): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 softirqs last disabled at (435637): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (435637): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 ---[ end trace de2c92ccc23de4ad ]--- ------------[ cut here ]------------ WARNING: CPU: 0 PID: 5910 at net/bluetooth/hci_conn.c:404 hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 WARNING: CPU: 1 PID: 5911 at net/bluetooth/hci_conn.c:404 hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Modules linked in: Modules linked in: CPU: 0 PID: 5910 Comm: kworker/u5:3 Tainted: G W 4.19.196-syzkaller #0 CPU: 1 PID: 5911 Comm: kworker/u5:4 Tainted: G W 4.19.196-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: hci3 hci_conn_timeout Workqueue: hci1 hci_conn_timeout RIP: 0010:hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 RIP: 0010:hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Code: 87 e8 05 ac eb ff 0f 0b e9 6f dc 35 ff e8 00 54 b8 fa 48 c7 c7 20 b3 cd 87 e8 07 a7 02 00 48 c7 c7 e0 b6 cd 87 e8 e1 ab eb ff <0f> 0b e9 4a 86 37 ff e8 dc 53 b8 fa 48 c7 c7 a0 bc cd 87 e8 e3 a6 Code: 87 e8 05 ac eb ff 0f 0b e9 6f dc 35 ff e8 00 54 b8 fa 48 c7 c7 20 b3 cd 87 e8 07 a7 02 00 48 c7 c7 e0 b6 cd 87 e8 e1 ab eb ff <0f> 0b e9 4a 86 37 ff e8 dc 53 b8 fa 48 c7 c7 a0 bc cd 87 e8 e3 a6 RSP: 0018:ffff8881e8327d40 EFLAGS: 00010286 RSP: 0018:ffff8881d16ffd40 EFLAGS: 00010286 RAX: 0000000000000024 RBX: ffff8881e8bfeae0 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff8767a100 RDI: ffffffff8a19eaa0 RAX: 0000000000000024 RBX: ffff8881e71521e0 RCX: 0000000000000000 RBP: ffff8881e8327d58 R08: ffffed103ed05081 R09: ffffed103ed05080 RDX: 0000000000000000 RSI: ffffffff8767a100 RDI: ffffffff8a19eaa0 RBP: ffff8881d16ffd58 R08: ffffed103ed25081 R09: ffffed103ed25080 R10: ffffed103ed05080 R11: ffff8881f6828407 R12: ffff8881e8bfe9c0 R10: ffffed103ed25080 R11: ffff8881f6928407 R12: ffff8881e71520c0 R13: ffff8881f2911b00 R14: ffff8881ea6d8c00 R15: ffff8881e8bfeae0 FS: 0000000000000000(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000 R13: ffff8881f2911b00 R14: ffff8881ea24bc00 R15: ffff8881e71521e0 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 FS: 0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000 CR2: 00007f9bf80340d8 CR3: 000000000846d004 CR4: 00000000001606f0 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000001bd1708 CR3: 000000000846d005 CR4: 00000000001606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: Call Trace: process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2153 process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2153 worker_thread+0x85/0xb60 kernel/workqueue.c:2296 worker_thread+0x85/0xb60 kernel/workqueue.c:2296 kthread+0x347/0x410 kernel/kthread.c:259 kthread+0x347/0x410 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 irq event stamp: 314098 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 hardirqs last enabled at (314097): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline] hardirqs last enabled at (314097): [] _raw_spin_unlock_irq+0x27/0x90 kernel/locking/spinlock.c:192 irq event stamp: 436576 hardirqs last disabled at (314098): [] trace_hardirqs_off_thunk+0x1a/0x1c hardirqs last enabled at (436575): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline] hardirqs last enabled at (436575): [] _raw_spin_unlock_irq+0x27/0x90 kernel/locking/spinlock.c:192 hardirqs last disabled at (436576): [] trace_hardirqs_off_thunk+0x1a/0x1c softirqs last enabled at (314094): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 softirqs last enabled at (436570): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 softirqs last disabled at (436531): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (436531): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 softirqs last disabled at (314073): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (314073): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 ---[ end trace de2c92ccc23de4ae ]--- ---[ end trace de2c92ccc23de4af ]--- WARNING: CPU: 0 PID: 1231 at net/bluetooth/hci_conn.c:404 hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Modules linked in: CPU: 0 PID: 1231 Comm: kworker/u5:0 Tainted: G W 4.19.196-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: hci0 hci_conn_timeout RIP: 0010:hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Code: 87 e8 05 ac eb ff 0f 0b e9 6f dc 35 ff e8 00 54 b8 fa 48 c7 c7 20 b3 cd 87 e8 07 a7 02 00 48 c7 c7 e0 b6 cd 87 e8 e1 ab eb ff <0f> 0b e9 4a 86 37 ff e8 dc 53 b8 fa 48 c7 c7 a0 bc cd 87 e8 e3 a6 RSP: 0018:ffff8881f291fd40 EFLAGS: 00010286 RAX: 0000000000000024 RBX: ffff8881e7aa0560 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff8767a100 RDI: ffffffff8a19eaa0 RBP: ffff8881f291fd58 R08: ffffed103ed05081 R09: ffffed103ed05080 R10: ffffed103ed05080 R11: ffff8881f6828407 R12: ffff8881e7aa0440 R13: ffff8881f2911b00 R14: ffff8881efc70c00 R15: ffff8881e7aa0560 FS: 0000000000000000(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f9bf80340d8 CR3: 000000000846d004 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2153 worker_thread+0x85/0xb60 kernel/workqueue.c:2296 kthread+0x347/0x410 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 irq event stamp: 1342 hardirqs last enabled at (1341): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline] hardirqs last enabled at (1341): [] _raw_spin_unlock_irq+0x27/0x90 kernel/locking/spinlock.c:192 hardirqs last disabled at (1342): [] trace_hardirqs_off_thunk+0x1a/0x1c softirqs last enabled at (1338): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 softirqs last disabled at (1319): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (1319): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 ---[ end trace de2c92ccc23de4b0 ]--- WARNING: CPU: 0 PID: 5912 at net/bluetooth/hci_conn.c:404 hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Modules linked in: CPU: 0 PID: 5912 Comm: kworker/u5:5 Tainted: G W 4.19.196-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: hci2 hci_conn_timeout RIP: 0010:hci_conn_timeout.cold.5+0xc/0x13 net/bluetooth/hci_conn.c:404 Code: 87 e8 05 ac eb ff 0f 0b e9 6f dc 35 ff e8 00 54 b8 fa 48 c7 c7 20 b3 cd 87 e8 07 a7 02 00 48 c7 c7 e0 b6 cd 87 e8 e1 ab eb ff <0f> 0b e9 4a 86 37 ff e8 dc 53 b8 fa 48 c7 c7 a0 bc cd 87 e8 e3 a6 RSP: 0018:ffff8881e81afd40 EFLAGS: 00010286 RAX: 0000000000000024 RBX: ffff8881e6424c20 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff8767a100 RDI: ffffffff8a19eaa0 RBP: ffff8881e81afd58 R08: ffffed103ed05081 R09: ffffed103ed05080 R10: ffffed103ed05080 R11: ffff8881f6828407 R12: ffff8881e6424b00 R13: ffff8881f2911b00 R14: ffff8881efc70400 R15: ffff8881e6424c20 FS: 0000000000000000(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f9bf80340d8 CR3: 000000000846d004 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: process_one_work+0x7b9/0x15a0 kernel/workqueue.c:2153 worker_thread+0x85/0xb60 kernel/workqueue.c:2296 kthread+0x347/0x410 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 irq event stamp: 210 hardirqs last enabled at (209): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline] hardirqs last enabled at (209): [] _raw_spin_unlock_irq+0x27/0x90 kernel/locking/spinlock.c:192 hardirqs last disabled at (210): [] trace_hardirqs_off_thunk+0x1a/0x1c softirqs last enabled at (190): [] __do_softirq+0x62d/0x919 kernel/softirq.c:318 softirqs last disabled at (103): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (103): [] irq_exit+0x17f/0x1c0 kernel/softirq.c:412 ---[ end trace de2c92ccc23de4b1 ]--- Bluetooth: hci1: command 0x0406 tx timeout Bluetooth: hci5: command 0x0406 tx timeout Bluetooth: hci4: command 0x0406 tx timeout Bluetooth: hci3: command 0x0406 tx timeout Bluetooth: hci2: command 0x0406 tx timeout Bluetooth: hci0: command 0x0406 tx timeout