------------[ cut here ]------------ ------------[ cut here ]------------ WARNING: CPU: 1 PID: 5840 at net/bluetooth/hci_conn.c:404 queue_work include/linux/workqueue.h:491 [inline] WARNING: CPU: 1 PID: 5840 at net/bluetooth/hci_conn.c:404 schedule_work include/linux/workqueue.h:549 [inline] WARNING: CPU: 1 PID: 5840 at net/bluetooth/hci_conn.c:404 hci_connect_le_scan_remove net/bluetooth/hci_conn.c:185 [inline] WARNING: CPU: 1 PID: 5840 at net/bluetooth/hci_conn.c:404 hci_conn_timeout+0x1aa/0x200 net/bluetooth/hci_conn.c:419 WARNING: CPU: 0 PID: 5844 at net/bluetooth/hci_conn.c:404 queue_work include/linux/workqueue.h:491 [inline] WARNING: CPU: 0 PID: 5844 at net/bluetooth/hci_conn.c:404 schedule_work include/linux/workqueue.h:549 [inline] WARNING: CPU: 0 PID: 5844 at net/bluetooth/hci_conn.c:404 hci_connect_le_scan_remove net/bluetooth/hci_conn.c:185 [inline] WARNING: CPU: 0 PID: 5844 at net/bluetooth/hci_conn.c:404 hci_conn_timeout+0x1aa/0x200 net/bluetooth/hci_conn.c:419 Modules linked in: Modules linked in: CPU: 1 PID: 5840 Comm: kworker/u5:4 Not tainted 4.14.232-syzkaller #0 CPU: 0 PID: 5844 Comm: kworker/u5:8 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: hci3 hci_conn_timeout Workqueue: hci0 hci_conn_timeout task: ffff8881d267c600 task.stack: ffff8881d2a88000 task: ffff8881e7f8a000 task.stack: ffff8881d21e8000 RIP: 0010:hci_conn_timeout+0x1aa/0x200 net/bluetooth/hci_conn.c:404 RIP: 0010:hci_conn_timeout+0x1aa/0x200 net/bluetooth/hci_conn.c:404 RSP: 0018:ffff8881d2a8fd48 EFLAGS: 00010286 RSP: 0018:ffff8881d21efd48 EFLAGS: 00010282 RAX: 00000000ffffebc6 RBX: ffff8881e74eaf20 RCX: ffffed103a4cf9d0 RAX: 00000000ffffec0e RBX: ffff8881e7a2a720 RCX: ffffed103cff1510 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881e7a2a610 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881e74eae10 RBP: ffff8881d21efd60 R08: 1ffff1103cff1510 R09: ffffffff89563ad0 RBP: ffff8881d2a8fd60 R08: 1ffff1103a4cf9d0 R09: ffff8881d2a8fa68 R10: 0000000000000028 R11: ffff8881e7f8a000 R12: ffff8881e865c800 R10: ffff8881d2a8f9e0 R11: ffff8881d267c600 R12: ffff8881e890cb00 R13: ffff8881f24691c0 R14: ffff8881ed4a3000 R15: ffff8881e7a2a720 R13: ffff8881f24691c0 R14: ffff8881e8734c00 R15: ffff8881e74eaf20 FS: 0000000000000000(0000) GS:ffff8881f6700000(0000) knlGS:0000000000000000 FS: 0000000000000000(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000960004 CR3: 0000000007e6a005 CR4: 00000000001606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 CR2: 0000000000533198 CR3: 0000000007e6a001 CR4: 00000000001606f0 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 process_one_work+0x74f/0x1620 kernel/workqueue.c:2116 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: worker_thread+0xcc/0xee0 kernel/workqueue.c:2250 process_one_work+0x74f/0x1620 kernel/workqueue.c:2116 kthread+0x338/0x400 kernel/kthread.c:232 worker_thread+0xcc/0xee0 kernel/workqueue.c:2250 kthread+0x338/0x400 kernel/kthread.c:232 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 Code: df ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 48 Code: 8d df 48 93 8d 80 93 02 80 00 02 00 00 48 00 89 48 f9 89 48 f9 c1 48 e9 c1 03 e9 80 03 3c 80 01 3c 00 01 75 00 45 75 48 8b 35 e5 71 02 03 bf 40 00 00 00 e8 9b 72 89 fb 45 e9 48 38 8b ff 35 ff e5 ff <0f> 71 0b 02 e9 03 a2 bf fe 40 ff 00 ff 00 e8 00 ca e8 73 d1 9b fb 72 e9 84 89 fe fb ff e9 ff 38 e8 ff 80 ff 73 ff d1 <0f> 0b e9 a2 ---[ end trace 18965f8afb3ec443 ]--- fe ------------[ cut here ]------------ ff WARNING: CPU: 1 PID: 5843 at net/bluetooth/hci_conn.c:404 queue_work include/linux/workqueue.h:491 [inline] WARNING: CPU: 1 PID: 5843 at net/bluetooth/hci_conn.c:404 schedule_work include/linux/workqueue.h:549 [inline] WARNING: CPU: 1 PID: 5843 at net/bluetooth/hci_conn.c:404 hci_connect_le_scan_remove net/bluetooth/hci_conn.c:185 [inline] WARNING: CPU: 1 PID: 5843 at net/bluetooth/hci_conn.c:404 hci_conn_timeout+0x1aa/0x200 net/bluetooth/hci_conn.c:419 ff Modules linked in: e8 CPU: 1 PID: 5843 Comm: kworker/u5:7 Tainted: G W 4.14.232-syzkaller #0 ca Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 73 Workqueue: hci2 hci_conn_timeout d1 fb task: ffff8881e91e46c0 task.stack: ffff8881e7828000 e9 84 RIP: 0010:hci_conn_timeout+0x1aa/0x200 net/bluetooth/hci_conn.c:404 fe RSP: 0018:ffff8881e782fd48 EFLAGS: 00010282 ff RAX: 00000000ffffebdc RBX: ffff8881e7938820 RCX: ffffed103d23c9e8 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881e7938710 ff RBP: ffff8881e782fd60 R08: 1ffff1103d23c9e8 R09: ffffffff89563ad0 e8 R10: 0000000000000028 R11: ffff8881e91e46c0 R12: ffff8881e88fb200 80 R13: ffff8881f24691c0 R14: ffff8881ecb29400 R15: ffff8881e7938820 FS: 0000000000000000(0000) GS:ffff8881f6700000(0000) knlGS:0000000000000000 73 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f3f526f9000 CR3: 0000000007e6a006 CR4: 00000000001606e0 d1 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---[ end trace 18965f8afb3ec444 ]--- ------------[ cut here ]------------ Call Trace: WARNING: CPU: 0 PID: 5841 at net/bluetooth/hci_conn.c:404 queue_work include/linux/workqueue.h:491 [inline] WARNING: CPU: 0 PID: 5841 at net/bluetooth/hci_conn.c:404 schedule_work include/linux/workqueue.h:549 [inline] WARNING: CPU: 0 PID: 5841 at net/bluetooth/hci_conn.c:404 hci_connect_le_scan_remove net/bluetooth/hci_conn.c:185 [inline] WARNING: CPU: 0 PID: 5841 at net/bluetooth/hci_conn.c:404 hci_conn_timeout+0x1aa/0x200 net/bluetooth/hci_conn.c:419 process_one_work+0x74f/0x1620 kernel/workqueue.c:2116 Modules linked in: worker_thread+0xcc/0xee0 kernel/workqueue.c:2250 CPU: 0 PID: 5841 Comm: kworker/u5:5 Tainted: G W 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 kthread+0x338/0x400 kernel/kthread.c:232 Workqueue: hci1 hci_conn_timeout task: ffff8881e8a48640 task.stack: ffff8881e96c8000 RIP: 0010:hci_conn_timeout+0x1aa/0x200 net/bluetooth/hci_conn.c:404 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 RSP: 0018:ffff8881e96cfd48 EFLAGS: 00010282 Code: df RAX: 00000000ffffeb62 RBX: ffff8881e78b0620 RCX: ffffed103d1491d8 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881e78b0510 48 RBP: ffff8881e96cfd60 R08: 1ffff1103d1491d8 R09: ffffffff89563ad0 8d R10: 0000000000000028 R11: ffff8881e8a48640 R12: ffff8881e890c900 R13: ffff8881f24691c0 R14: ffff8881ecb29c00 R15: ffff8881e78b0620 93 80 FS: 0000000000000000(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000 02 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 00 CR2: 00007fdec0efa000 CR3: 0000000007e6a001 CR4: 00000000001606f0 00 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 48 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 89 Call Trace: f9 process_one_work+0x74f/0x1620 kernel/workqueue.c:2116 48 c1 worker_thread+0xcc/0xee0 kernel/workqueue.c:2250 e9 kthread+0x338/0x400 kernel/kthread.c:232 03 80 3c ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 01 Code: 00 df 75 48 45 8d 48 93 8b 80 35 02 e5 00 71 02 00 03 48 bf 89 40 f9 00 48 00 c1 00 e9 e8 03 9b 80 72 3c 89 01 fb 00 e9 75 38 45 ff 48 ff ff 8b <0f> 35 0b e5 e9 71 a2 02 fe 03 ff bf ff 40 e8 00 ca 00 73 00 d1 e8 fb 9b e9 72 84 fe 89 ff fb ff e9 e8 38 80 ff 73 ff d1 ff <0f> ---[ end trace 18965f8afb3ec445 ]--- 0b ------------[ cut here ]------------ e9 WARNING: CPU: 1 PID: 1204 at net/bluetooth/hci_conn.c:404 queue_work include/linux/workqueue.h:491 [inline] WARNING: CPU: 1 PID: 1204 at net/bluetooth/hci_conn.c:404 schedule_work include/linux/workqueue.h:549 [inline] WARNING: CPU: 1 PID: 1204 at net/bluetooth/hci_conn.c:404 hci_connect_le_scan_remove net/bluetooth/hci_conn.c:185 [inline] WARNING: CPU: 1 PID: 1204 at net/bluetooth/hci_conn.c:404 hci_conn_timeout+0x1aa/0x200 net/bluetooth/hci_conn.c:419 a2 Modules linked in: fe ff ff CPU: 1 PID: 1204 Comm: kworker/u5:0 Tainted: G W 4.14.232-syzkaller #0 e8 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ca Workqueue: hci4 hci_conn_timeout 73 d1 task: ffff8881f246a040 task.stack: ffff8881f2478000 fb RIP: 0010:hci_conn_timeout+0x1aa/0x200 net/bluetooth/hci_conn.c:404 e9 RSP: 0018:ffff8881f247fd48 EFLAGS: 00010286 84 fe RAX: 00000000ffffeb84 RBX: ffff8881e94f64e0 RCX: ffffed103e48d518 ff RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881e94f63d0 ff RBP: ffff8881f247fd60 R08: 1ffff1103e48d518 R09: ffffffff89563ad0 e8 R10: 0000000000000028 R11: ffff8881f246a040 R12: ffff8881f2a7d900 80 R13: ffff8881f24691c0 R14: ffff8881ed4a3800 R15: ffff8881e94f64e0 73 FS: 0000000000000000(0000) GS:ffff8881f6700000(0000) knlGS:0000000000000000 d1 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fdeb4030098 CR3: 0000000007e6a006 CR4: 00000000001606e0 ---[ end trace 18965f8afb3ec446 ]--- DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 ------------[ cut here ]------------ DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 WARNING: CPU: 0 PID: 5835 at net/bluetooth/hci_conn.c:404 queue_work include/linux/workqueue.h:491 [inline] WARNING: CPU: 0 PID: 5835 at net/bluetooth/hci_conn.c:404 schedule_work include/linux/workqueue.h:549 [inline] WARNING: CPU: 0 PID: 5835 at net/bluetooth/hci_conn.c:404 hci_connect_le_scan_remove net/bluetooth/hci_conn.c:185 [inline] WARNING: CPU: 0 PID: 5835 at net/bluetooth/hci_conn.c:404 hci_conn_timeout+0x1aa/0x200 net/bluetooth/hci_conn.c:419 Call Trace: Modules linked in: process_one_work+0x74f/0x1620 kernel/workqueue.c:2116 CPU: 0 PID: 5835 Comm: kworker/u5:2 Tainted: G W 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: hci5 hci_conn_timeout worker_thread+0xcc/0xee0 kernel/workqueue.c:2250 kthread+0x338/0x400 kernel/kthread.c:232 task: ffff8881d27ac4c0 task.stack: ffff8881d2940000 RIP: 0010:hci_conn_timeout+0x1aa/0x200 net/bluetooth/hci_conn.c:404 RSP: 0018:ffff8881d2947d48 EFLAGS: 00010282 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 RAX: 00000000ffffeb68 RBX: ffff8881e783e3a0 RCX: ffffed103a4f59a8 Code: RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881e783e290 RBP: ffff8881d2947d60 R08: 1ffff1103a4f59a8 R09: ffffffff89563ad0 df R10: 0000000000000028 R11: ffff8881d27ac4c0 R12: ffff8881e827c100 R13: ffff8881f24691c0 R14: ffff8881e8734400 R15: ffff8881e783e3a0 48 FS: 0000000000000000(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000 8d CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 93 CR2: 00007fdec0efa000 CR3: 0000000007e6a001 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 80 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 02 Call Trace: 00 process_one_work+0x74f/0x1620 kernel/workqueue.c:2116 00 48 worker_thread+0xcc/0xee0 kernel/workqueue.c:2250 89 kthread+0x338/0x400 kernel/kthread.c:232 f9 48 c1 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 e9 Code: 03 df 80 48 3c 8d 01 93 00 80 75 02 45 00 48 00 8b 48 35 89 e5 f9 71 48 02 c1 03 e9 bf 03 40 80 00 3c 00 01 00 00 e8 75 9b 45 72 48 89 8b fb e9 35 38 e5 ff 71 ff 02 ff 03 <0f> bf 40 0b 00 e9 00 a2 fe ff ff 00 e8 e8 ca 9b 73 72 89 d1 fb fb e9 e9 84 fe ff ff 38 e8 ff 80 ff 73 ff d1 <0f> 0b ---[ end trace 18965f8afb3ec447 ]--- e9 a2 fe ff ff e8 ca 73 d1 fb e9 84 fe ff ff e8 80 73 d1 ---[ end trace 18965f8afb3ec448 ]--- Bluetooth: hci4 command 0x0406 tx timeout Bluetooth: hci0 command 0x0406 tx timeout Bluetooth: hci2 command 0x0406 tx timeout Bluetooth: hci3 command 0x0406 tx timeout Bluetooth: hci1 command 0x0406 tx timeout Bluetooth: hci5 command 0x0406 tx timeout random: crng init done random: 7 urandom warning(s) missed due to ratelimiting