It looks like I'm affected by this upstream Bug (see URL above). My chipset is Intel 8087:07dc. I use it with a BeoPlay A1 via bluealsa. The workaround mentioned upstream doesn't work for me as autosuspend is disabled: # systool -v -m btusb | grep suspend enable_autosuspend = "N" Also, my laptop had been freshly booted prior to the kernel oops. It seems a regression, as I don't recall to have sees such a problem with previous kernel versions. Reproducible: Sometimes Steps to Reproduce: 1. Try to (re)connect a BT device in A2DP mode, f.i. via $ bluez-test-device disconnect $btaddr && bluez-test-device connect $btaddr Error might be: ... Traceback (most recent call last): File "/usr/bin/bluez-test-device", line 117, in <module> device.Disconnect() File "/usr/lib/python3.8/site-packages/dbus/proxies.py", line 72, in __call__ return self._proxy_method(*args, **keywords) File "/usr/lib/python3.8/site-packages/dbus/proxies.py", line 141, in __call__ return self._connection.call_blocking(self._named_service, File "/usr/lib/python3.8/site-packages/dbus/connection.py", line 652, in call_blocking reply_message = self.send_message_with_reply_and_block( dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. 2. Try to restart bluetooth: # rc-service bluetooth restart Actual Results: The BT device can't (re)connect. Observe a first nasty kernel message: debugfs: Directory '256' with parent 'hci0' already present! sysfs: cannot create duplicate filename '/devices/pci0000:00/0000:00:14.0/usb1/1-7/1-7:1.0/bluetooth/hci0/hci0:256' ... When restarting bluetooth, observe a kernel BUG + oops: BUG: kernel NULL pointer dereference, address: 0000000000000020 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 4 PID: 1597 Comm: kworker/u17:8 Not tainted 5.4.97-gentoo #1 ... :-( Expected Results: BT device (re)connect normally. # uname -a Linux sphakka 5.4.97-gentoo #1 SMP PREEMPT Wed Feb 17 19:40:43 CET 2021 x86_64 Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz GenuineIntel GNU/Linux # systool -v -m btusb Module = "btusb" Attributes: coresize = "45056" initsize = "0" initstate = "live" refcnt = "0" srcversion = "56A70678734253AB1DA442F" taint = "" uevent = <store method only> version = "0.8" Parameters: disable_scofix = "N" enable_autosuspend = "N" force_scofix = "N" reset = "Y" Sections: .bss = "0xffffffffa01ab440" .data = "0xffffffffa01ab000" .exit.text = "0xffffffffa01a5e48" .gnu.linkonce.this_module= "0xffffffffa01ab140" .init.text = "0xffffffffa01f5000" .note.Linux = "0xffffffffa01a6024" .note.gnu.build-id = "0xffffffffa01a6000" .orc_unwind = "0xffffffffa01a95f8" .orc_unwind_ip = "0xffffffffa01a8c60" .rodata = "0xffffffffa01a6d00" .rodata.str1.1 = "0xffffffffa01a603c" .rodata.str1.8 = "0xffffffffa01a6200" .smp_locks = "0xffffffffa01a6c0c" .strtab = "0xffffffffa01f7608" .symtab = "0xffffffffa01f6000" .text = "0xffffffffa01a2000" .text.unlikely = "0xffffffffa01a5e2e" __bug_table = "0xffffffffa01ab109" __param = "0xffffffffa01a8bc0" dmesg output ---------------------------------------------------------------------------------- debugfs: Directory '256' with parent 'hci0' already present! sysfs: cannot create duplicate filename '/devices/pci0000:00/0000:00:14.0/usb1/1-7/1-7:1.0/bluetooth/hci0/hci0:256' CPU: 3 PID: 5061 Comm: kworker/u17:0 Not tainted 5.4.97-gentoo #1 Hardware name: LENOVO 20C6003AMZ/20C6003AMZ, BIOS J9ETA2WW (2.28 ) 06/20/2018 Workqueue: hci0 hci_rx_work [bluetooth] Call Trace: dump_stack+0x50/0x63 sysfs_warn_dup.cold+0x17/0x24 sysfs_create_dir_ns+0xb1/0xd0 kobject_add_internal+0xa6/0x230 kobject_add+0x7e/0xb0 device_add+0xf5/0x630 hci_conn_add_sysfs+0x34/0x60 [bluetooth] hci_event_packet+0x20ab/0x3810 [bluetooth] ? __switch_to_asm+0x34/0x70 ? __switch_to_asm+0x40/0x70 ? __switch_to_asm+0x40/0x70 ? __switch_to_asm+0x34/0x70 ? __switch_to_asm+0x40/0x70 ? __switch_to_asm+0x34/0x70 ? __switch_to_asm+0x40/0x70 ? __switch_to_asm+0x34/0x70 ? __switch_to_asm+0x40/0x70 ? __switch_to_asm+0x34/0x70 ? hci_rx_work+0x18c/0x280 [bluetooth] hci_rx_work+0x18c/0x280 [bluetooth] process_one_work+0x1ae/0x300 worker_thread+0x45/0x3c0 kthread+0x109/0x150 ? current_work+0x30/0x30 ? kthread_park+0x80/0x80 ret_from_fork+0x35/0x40 kobject_add_internal failed for hci0:256 with -EEXIST, don't try to register things with the same name in the same directory. Bluetooth: hci0: failed to register connection device ... BUG: kernel NULL pointer dereference, address: 0000000000000020 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 4 PID: 1597 Comm: kworker/u17:8 Not tainted 5.4.97-gentoo #1 Hardware name: LENOVO 20C6003AMZ/20C6003AMZ, BIOS J9ETA2WW (2.28 ) 06/20/2018 Workqueue: hci0 hci_power_off [bluetooth] RIP: 0010:klist_next+0x14/0xe0 Code: 75 86 eb 9a 4c 89 ee 48 89 ef e8 c7 a7 04 00 eb aa 0f 1f 44 00 00 41 57 41 56 41 55 41 54 55 53 48 89 fb 48 8b 3f 4c 8b 63 08 <4c> 8b 77 20 e8 33 aa 04 00 4d 85 e4 49 89 c5 74 6f 49 8b 44 24 08 RSP: 0018:ffffc9000911fd30 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffffc9000911fd68 RCX: 0000000000000000 RDX: ffffffffa04dd540 RSI: ffffc9000911fd68 RDI: 0000000000000000 RBP: ffffffffa04dd540 R08: 0000000000000000 R09: 0000000000000006 R10: ffff88840e51fa00 R11: 0000000000015ab9 R12: 0000000000000000 R13: ffff88840c89a000 R14: 0000000000000000 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff88840e500000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000020 CR3: 0000000001e0a005 CR4: 00000000001606e0 Call Trace: ? bt_link_release+0x10/0x10 [bluetooth] device_find_child+0x37/0xa0 hci_conn_del_sysfs+0x45/0x70 [bluetooth] hci_conn_cleanup+0xa9/0x120 [bluetooth] hci_conn_del+0xd6/0x170 [bluetooth] hci_conn_hash_flush+0x98/0xb0 [bluetooth] hci_dev_do_close+0x1bb/0x460 [bluetooth] process_one_work+0x1ae/0x300 worker_thread+0x45/0x3c0 kthread+0x109/0x150 ? current_work+0x30/0x30 ? kthread_park+0x80/0x80 ret_from_fork+0x35/0x40 Modules linked in: ipv6 cmac rfcomm ctr ccm af_alg bnep xfs ext4 mbcache jbd2 snd_hda_codec_hdmi uvcvideo videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videodev videobuf2_common rmi_smbus rmi_core btusb btintel bluetooth ecdh_generic ecc crc16 binfmt_misc iwlmvm coretemp mac80211 rtsx_pci_sdmmc mmc_core libarc4 i915 iwlwifi x86_pkg_temp_thermal kvm_intel intel_gtt snd_hda_codec_conexant i2c_algo_bit snd_hda_codec_generic drm_kms_helper sha256_ssse3 kvm syscopyarea sha256_generic libsha256 sysfillrect sysimgblt irqbypass thinkpad_acpi sr_mod input_leds snd_hda_intel fb_sys_fops r8169 prime_numbers nvram cfg80211 cdrom ledtrig_audio realtek snd_intel_nhlt rtsx_pci libphy mfd_core thermal ac snd_hda_codec rfkill drm hwmon snd_hda_core led_class battery xhci_pci drm_panel_orientation_quirks snd_pcm xhci_hcd i2c_i801 button snd_timer CR2: 0000000000000020 ---[ end trace 5923d5e0377a2201 ]--- RIP: 0010:klist_next+0x14/0xe0 Code: 75 86 eb 9a 4c 89 ee 48 89 ef e8 c7 a7 04 00 eb aa 0f 1f 44 00 00 41 57 41 56 41 55 41 54 55 53 48 89 fb 48 8b 3f 4c 8b 63 08 <4c> 8b 77 20 e8 33 aa 04 00 4d 85 e4 49 89 c5 74 6f 49 8b 44 24 08 RSP: 0018:ffffc9000911fd30 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffffc9000911fd68 RCX: 0000000000000000 RDX: ffffffffa04dd540 RSI: ffffc9000911fd68 RDI: 0000000000000000 RBP: ffffffffa04dd540 R08: 0000000000000000 R09: 0000000000000006 R10: ffff88840e51fa00 R11: 0000000000015ab9 R12: 0000000000000000 R13: ffff88840c89a000 R14: 0000000000000000 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff88840e500000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000020 CR3: 0000000001e0a005 CR4: 00000000001606e0
No issue with `sys-kernel/gentoo-sources-5.4.92`.
can you try with 5.4.108
Sorry, I didn't have time to test it, as I switched permanently to a newer kernel. BTW, it looks OK with gentoo-sources from 5.10 to 5.13.
