program:
r0 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x2102) (async)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="02c82028002400010007d3040007c4faff020c04000300d3"], 0x2d) (async, rerun: 32)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r2, 0x400448ca, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
pwrite64(r0, &(0x7f0000001480)="5eb310b9d8b46caf25434633fcb2b3553e4b916c5b83f51fd51bad97ced3b4c60f9e8a091d4b356e65f7a583aff9b495533e838ff91b6f7ce47e580b5fa5aada8317f23e9a1f9afa83cbbcb2b0f6e8c711df6d0bc1d0f9f99ba6abbc6c78e7c81c8b08b966a0654cb8f954ccd7417eb9de8c66a838d0836655e7dd955c0704d275716bfc0eb92440e700d2f6669d66a34b9d7a0e590672ac73177f6414fa875c77becc32f1f000e6a65a5129b1171cda7b5a80d520608a38742437a5d997f89971719cb00343a8426eb20687937c651cdf2930bd0d01ef523e7c66c079a366ce5394234d5d152030574d809df475a65d5275507bfc259474d03e4dac78390b0849c1370eddde3880105c25e112066638d9cd9b70e9e736089e4e3d043b8ee1b98221a5d12d5a541a501ec33f8a219944929d44205a9460cba2265392952fc0c032b17e8b5275468579ee174a40a0380f568543b9d31dd34527489ab0f1be0eebb6525b8543724a4810a6235a46a51ff6226286ed9e1fcc1a339f1da56f88c58f254156816afd1a7cbb9ed991d5b4382fc31678a9b48ddd76786f2b8b0dd73b5bf3f553cbac59f31cc3c82233666435547d21eeed2d45e5523354cd5752f7b92b6249ff7afa4e612d584a68016c841d99e76a789184e1055ccfe26446aace4d76f2b51e89b55cc61695d3e3e03b56b367595deb9184f42d50dcf4bef504b65101ba22a6a16beca22a8b31fb36f001cc7bda4c47bb544ee67cb24230774320ea836c45a88df57063b7c34f674a4a78e7dc86905ecc7758401dc3cf927c3e12bfec37c561959e3e045accc37b8c28cb7bcdba8d800a1e816f4fab0447a8c19d8b97c3673f1c6e40ccf9896e7b9762a4144d3747bfb70939921f64bd3df12efb6b2e95ac6ba438d38e3111d822cc9f241d19cda8d04f9cd97afffb13a938367f8ebc47b55513c84e8860423421db82f69f4d3b6100149ca5528ec26f848eac4d2c52df85da548d93919d4c8721a499d1b197b7c9f1384a7db4b61535e0c5087156920b5366874ba921ed5ca2d8cbe3107299136dc477902809392e1437f7dbc3b32b262690dc8185dbd3aa2e1d700d2191cd5b3bf7c602f524164fc3d7d5cde89a3ded76fd4bfffd90542fb8cac3f3a93ccaad9c03b58fe5c3a2342a0fe0edb1463b70aadebbe29789976b436d86f2e470126288405dba32b3d498196ff3c633d4c58ff19c5de8570280acd1e55aaf27d564645fd82903a5486b48c672b726445e976fdc19ec125d53e23e27fdc812c740feccdaccc639999f3058656bb7fc5fe550ca4b3422c5e35ef3ed125ee9d96f8fe5418a6f28309c94b0a9dde5139a90e2559f97e74487e6ee6235e6c9cb34cb444eb46673787459adc53d692d912c5e60d6d80d4a5b3564fa6f54efc6b57940a019a883fc1b15281f995c872ee6a21f6c668e673970d08444cd0151489d5c1017314c1414bd2266d70e2878867068c64df3165bb5f11563237c61b8c44459eb8182a86508812c0459603694fe749241202f80cb26b91256fb5975170b4b37a118a0995b3b63af0fe7668c2a38723d44e62a34092aab4a5d5d3f06944f60f492afae12d6adf1abced3b4c3dd48297b9aab41aa0dedcd9a675d0bbaaf11bd300e20e427cda99045527b17b2d0a43bdad2b477c32d6f6b043ef36bf4d3f19383782c9fdd4b5652a435330af835bb1f876507534d81a7dd69fd961d1e257448b7aede199c5f4ef17e1906522072d7f8c6a0fad9fa200bab4c028bbf9d5f36ccb54a782d7fa95de735b064f583fd28fd3508fce7cffe96c5699d8962ce7e63b0dc416da7c78e7bd5162313073c86e0f5ea8862f7b62769a151b4042396491d1f41195e05bd0894ff6fc91938b2417dcdb5b07d8dd50eec532a4ef2b5020f5fe28505da349d4443b7e11c8f2a6eac0fe60eebcc3ec72938bde88ae39294aa9b4594ce1141662bd02ca06f74ac02dd6a1d488fcf9c250f22adee3c23026c8da13bd3b86458deadc37cb25e099136ca90fe6e7649918e06888b28ceeae65a205796204ae41600048b2a9eb7138c8563c6b7c7573dbb917aa93ea9a7b6e0dbde906a475cc96cb325abab83b169dee490dd9a8c16454ef6b64b604fd1fb447a1d3beabf069fc7b3c7e64445eb33e3240917322b9b9a4279b3cc23cb94a45208e1e7016dc4ed3e723e27c762fe4d333fb491fe41bf970d3fafd303bc058648ed065114c12ed7175d2aa0ddfbff79418dc3da4a7ea1f036130864ca646a396d2779f6f60d55ca2610d22a027c4ae84f3d30f50201f16b689bd7b5133b26e9917bb74a6bf6251c1852dce75a23bf990b0b1b1a030ce1c2279d1b1ce58fc3ebd564c622c308ca1177022d914eb2489d5a966a02337df3e8e4230467d6d2aeb77fa84115c8a08617e2ecca69379b10347610929294da067518202aafd588fbf61921d5c3bb4977064f923f6b550d7d5b79bd23080b04f29e747aa1f24512e0bd238df54e0da9adfb6d1ba04790b3cae8ae151e5916bd737e63f42333ea83385727b6169d9baa573a788ecf067158fe9e9c87c4016e6675183bc0191c90c4f81c6c58b4fc49ac1fd8346c8da0511cc358a7bbc5fe18b5bb08d23768d6ece087be17a1c48f9094f6ce6fe071f0997ac95fbd6b4f762bff0a3d9924a698939f06adb7cda0e1d2446f9933f717adcc374e2d26185bac34f4591cd340bb7e380e28e32f55283b5b1d6ae68030311b8cafa9fc9d17e193d7738657e786ef80bb9da4fd9f69f64c87385728852967bb48f362d8252bb82723b36cc4df0c248752c27ea3c921abd82663eb47db44f0575045fda7f9f78bf20c4b18132b5eb4ec5a91307fc7075f5fdbc3694a7c223e1da5a31b71f3ee1ef4bc84f23e8a74a32c6f5e9eb143ce6db57960a18a7f67804ed1a296c5dc8b7dcd64f3e812ccf2370db0180fde7a7a172f48ca30e1cb606bc4a0422dd600fd364f895ff26dcfeab8eeef231807d3c5f6b0bd1f5482bb9a1ead1bd7136ae320b8f6ba2b2f394723ac94bb2e1e1b689f5251e4f0ed49afd84c6efa92ed39ec6b5e9f2291db7cd8e2cb1a6ad1bd961b2c69706d63cb707afde0997937876a71f23072b9fc0ea1f98894fb80f6e91723170dd8a12d3dac67bab0f1fd0686f33ad05ef84e79a4c0c35dde7af76fdcf453dd76231d49d08517bbf37eab125c8aaee43bafe5082613e5f661d5e61430d20bc01a4efbd65d901558ef029ea22f8a16320993ddcfac4d6e808915f0535b9a1a3503e694439bd52b54dedbc77f9314c1d661018f7fd6baaaa91756d6cc99b0e6b14f3916dbf937a40b5e8d1a2d73889c9e8223343a69a45c6c53b0d780ff5164f54b43f8375a6089703148a2b90cc61df21e0c6d319db777dfcd0831532e3a21f9bd54a11166a7c717291dedb9cdbaa32da0c0b759082809c8f5dc32f3ae5a92a068a84b426a10e866821c362d296551e12b8125296b9ea8e3d3cd7901f69e0b3582c007afcb7d816b782e764956a682738e39d7ac6ad7d10e52449003b33dc0dbb1303cbd12d7b8db0aaab2459c030cae89aa187766a3c5d3392c8dd3f58be0d72096cd4fefa6431612ed848f11ceeaed54f2c2822e441605d9aba042a0cef30c7f90cc35f73276d53cd208532b81c6d35c279900087be14fdb309e46235c366daf88657ac7b1fe9a00689bd37492a871a45b842fef259659f8b81e4bac3a8ffcfe5ee79d85e5c79a8af854f2f2f33f82e908c7ea75e4d42c9ca1a740054f958aa7976d0fbc1d1ff82d9eabc7190bc69ec722478a24339aff24d936fc984735bb5ce98be83bd488758d951e60c9af57c8eff1073eaf3afaa15471404e35fd2a4891e9a07aab2738c691eea48d6bdabfc42c3cec36e913a12eff335c9464bf46d5c57229c4f619af1e7c4dd67e3da0a91f7ad3c2183aebb984f5747b70dcb82f761ef60ee4e7e0a1a66db364143e667e104ad993dbf0e92ed81292e36da735e5f7c5f51fff2f96fec6f6d7b22636da9f5205ce0970f6bb8f55503341e5487e5e3cf67a7169861f36d5ce8742fad0d141711d94908b8daca86070e77dcca68052c2c0a032e1bf057e865b965b4dd5c36d988fdb2e93ebf46651af7b4baf8d0d2843697e4b62c0a039b30863213b552c25f68c361643c966c7364e046b4478ffbc15d7defe41c2c93ef88c3f06a98534e6b8de9024f48d9741dc2664161eb12ea4a30be728629f39aa2ceaf62a4c1552ef4854fe1a3e32230705cfc242d3c78cd47c18cd4e53ddb02aca4ceded294f08ece7967ccc32ed00e2a4faaf4085d8cf4011c7c6152c2823513ba02ca1a5d52e995bf8441f7a8290c37473e6b45bb3499b00d151895f597254a70688dc3a1429a873309ca28ad701a4510b87da6564f6b65183428c1c48ae9699ff0279dee8552de7e70ff1d70d4bf36f015c5b3786b0a96108eae38032d1c3ba4df4778e9a906da6b483226026d60a5832fcd9fb1cc9d0ec295b1025c561c9a323b8cf773054e0846b027f53dea2f015e3a6a944988b9ad47ef2b1def5c801c89ee9d8dfd6207161715c0eed66592237b1ab8bb3e41430e417c52daada5432ccd57a570812f1b18eabd3d29e47746546cd9137959caadd96dfc20ed65c511b35a47a8a5bdf8e2b9c9f6058738677b04fa482e9857184c348d0216508067575703a19100a342f983003cf05c56623c4a6ade17bd7a3ff762a4499bfcba1ba56556318742035720dc73dbd877273faa054db631d40f95afe6de65a6198a4861f219ee10518060d163125455ac60701328b0e7b73569618cb4cdef6f3d9b8aef260236671999e04c1f33b9bc6d46a60a9d64d31611ec38088329cd48251f6259c012fe4220fd6bc1cd5ba33cc06e154b719d7659d18f68f91d7fedc6c05731477bf9c25a17a15d9fcb7690f7d3f8a9e2871af1bb67f5f28e33201a33ecdf3e5df7ece0cf9607651adc0c04559189e41a5e248212ae5153a351a0df635923f80276eaaeecd8cc1c2a06acdf606d73d23886a3910be025b9ba3037a9da11a3cc5703c8fab2c6fba573da1d8f516f29f48529bd45038c138d9d3a4172c31a4ff104fae9dd82e90299247cb295fd7f1efa9c02617a6ec3cad0aef26958b1165239dc5ed41c88c6c49e54194eab38c4e98872b1ad1de67dde8461fddf83b7282e9583dd3b7b02148843073c491fd7075697c236547d7c124e23a059244c4fb2046be08b05f296b75486cf4b9cf3e5e5a529b76a7880a4a86068c0e9f17465014b577eeb61c5144866d247678e6f0b479506684791bf75d272bbe3b04a24c8faf104e58756527aa510fcdcf97b5230464a3fe3d127aa707162a473ed71cd06b1f7a67e4c99a17985a39f6bfa01d8c49133430960a15533265175b971f5c7fd4fb9f3feb265412ef9523ccfc1460888b08735ffc21e81a5e1083eb3c5467069ff146d11427162c594ab3ea687e77eaca791865571d40d46dca3b0729278d373633420ade64a0a101cbcad8a68e86edfe97dcd4ed696f2a4efef10c2d12b64fbb93c40ef76633e1e89b0d807622acfd01d9a6adffeab43387c447fb5bb85d50c9122fc0d1867dbcf7f697f0024250cc376e1ae713e3137c6a65d047d9db1331d703e172bd14898d2250941cbe34e5710d5716e803fc328fa7db9e3970546ed9c96c2743c7a7df8c90fb2cecb276a06820f910ba24a6a7c7466dd198ff6b6c3875fb8a40ff6cf69db7ddd3461cf90be8d64c733281bb2f382f8eeacacdbe7c8991bc28acef3230b6ce483f1313002edabe5f99c8b019", 0x1001, 0x2)

[   87.113299][ T4687] Bluetooth: hci0: command tx timeout
[   87.132607][ T5340] 
[   87.134502][ T5340] ======================================================
[   87.137765][ T5340] WARNING: possible circular locking dependency detected
[   87.140620][ T5340] 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 Not tainted
[   87.144362][ T5340] ------------------------------------------------------
[   87.151354][ T5340] kworker/0:5/5340 is trying to acquire lock:
[   87.159799][ T5340] ffff88804392bb38 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_info_timeout+0x60/0xa0
[   87.166302][ T5340] 
[   87.166302][ T5340] but task is already holding lock:
[   87.170310][ T5340] ffffc9000d35fbc0 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[   87.175366][ T5340] 
[   87.175366][ T5340] which lock already depends on the new lock.
[   87.175366][ T5340] 
[   87.180500][ T5340] 
[   87.180500][ T5340] the existing dependency chain (in reverse order) is:
[   87.184762][ T5340] 
[   87.184762][ T5340] -> #1 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}:
[   87.189431][ T5340]        lock_acquire+0x120/0x360
[   87.191972][ T5340]        __flush_work+0x6b8/0xbc0
[   87.194017][ T5340]        __cancel_work_sync+0xbe/0x110
[   87.196137][ T5340]        l2cap_conn_del+0x4f0/0x680
[   87.198237][ T5340]        hci_conn_hash_flush+0x10d/0x230
[   87.200608][ T5340]        hci_dev_close_sync+0xaef/0x1330
[   87.202943][ T5340]        hci_dev_close+0x108/0x200
[   87.205290][ T5340]        sock_do_ioctl+0xd9/0x300
[   87.207685][ T5340]        sock_ioctl+0x576/0x790
[   87.210009][ T5340]        __se_sys_ioctl+0xfc/0x170
[   87.212350][ T5340]        do_syscall_64+0xfa/0x3b0
[   87.214811][ T5340]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.217605][ T5340] 
[   87.217605][ T5340] -> #0 (&conn->lock#2){+.+.}-{4:4}:
[   87.221098][ T5340]        validate_chain+0xb9b/0x2140
[   87.223359][ T5340]        __lock_acquire+0xab9/0xd20
[   87.225445][ T5340]        lock_acquire+0x120/0x360
[   87.227600][ T5340]        __mutex_lock+0x182/0xe80
[   87.229922][ T5340]        l2cap_info_timeout+0x60/0xa0
[   87.232588][ T5340]        process_scheduled_works+0xae1/0x17b0
[   87.235466][ T5340]        worker_thread+0x8a0/0xda0
[   87.237932][ T5340]        kthread+0x70e/0x8a0
[   87.239993][ T5340]        ret_from_fork+0x3fc/0x770
[   87.242080][ T5340]        ret_from_fork_asm+0x1a/0x30
[   87.244271][ T5340] 
[   87.244271][ T5340] other info that might help us debug this:
[   87.244271][ T5340] 
[   87.248760][ T5340]  Possible unsafe locking scenario:
[   87.248760][ T5340] 
[   87.252531][ T5340]        CPU0                    CPU1
[   87.255893][ T5340]        ----                    ----
[   87.258203][ T5340]   lock((work_completion)(&(&conn->info_timer)->work));
[   87.261059][ T5340]                                lock(&conn->lock#2);
[   87.263925][ T5340]                                lock((work_completion)(&(&conn->info_timer)->work));
[   87.267910][ T5340]   lock(&conn->lock#2);
[   87.269692][ T5340] 
[   87.269692][ T5340]  *** DEADLOCK ***
[   87.269692][ T5340] 
[   87.273451][ T5340] 2 locks held by kworker/0:5/5340:
[   87.275939][ T5340]  #0: ffff88801a474d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[   87.281492][ T5340]  #1: ffffc9000d35fbc0 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[   87.287244][ T5340] 
[   87.287244][ T5340] stack backtrace:
[   87.289824][ T5340] CPU: 0 UID: 0 PID: 5340 Comm: kworker/0:5 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[   87.289841][ T5340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.289850][ T5340] Workqueue: events l2cap_info_timeout
[   87.289869][ T5340] Call Trace:
[   87.289876][ T5340]  <TASK>
[   87.289881][ T5340]  dump_stack_lvl+0x189/0x250
[   87.289897][ T5340]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.289907][ T5340]  ? __pfx__printk+0x10/0x10
[   87.289917][ T5340]  ? print_lock_name+0xde/0x100
[   87.289925][ T5340]  print_circular_bug+0x2ee/0x310
[   87.289939][ T5340]  check_noncircular+0x134/0x160
[   87.289952][ T5340]  validate_chain+0xb9b/0x2140
[   87.289967][ T5340]  ? ret_from_fork_asm+0x1a/0x30
[   87.289982][ T5340]  __lock_acquire+0xab9/0xd20
[   87.289994][ T5340]  ? l2cap_info_timeout+0x60/0xa0
[   87.290005][ T5340]  lock_acquire+0x120/0x360
[   87.290015][ T5340]  ? l2cap_info_timeout+0x60/0xa0
[   87.290028][ T5340]  __mutex_lock+0x182/0xe80
[   87.290039][ T5340]  ? l2cap_info_timeout+0x60/0xa0
[   87.290050][ T5340]  ? irqentry_exit+0x74/0x90
[   87.290060][ T5340]  ? lockdep_hardirqs_on+0x9c/0x150
[   87.290075][ T5340]  ? l2cap_info_timeout+0x60/0xa0
[   87.290087][ T5340]  ? __pfx___mutex_lock+0x10/0x10
[   87.290101][ T5340]  l2cap_info_timeout+0x60/0xa0
[   87.290111][ T5340]  ? process_scheduled_works+0x9ef/0x17b0
[   87.290119][ T5340]  process_scheduled_works+0xae1/0x17b0
[   87.290130][ T5340]  ? __pfx_process_scheduled_works+0x10/0x10
[   87.290140][ T5340]  worker_thread+0x8a0/0xda0
[   87.290148][ T5340]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   87.290159][ T5340]  ? __kthread_parkme+0x7b/0x200
[   87.290173][ T5340]  kthread+0x70e/0x8a0
[   87.290187][ T5340]  ? __pfx_worker_thread+0x10/0x10
[   87.290199][ T5340]  ? __pfx_kthread+0x10/0x10
[   87.290213][ T5340]  ? _raw_spin_unlock_irq+0x23/0x50
[   87.290227][ T5340]  ? lockdep_hardirqs_on+0x9c/0x150
[   87.290241][ T5340]  ? __pfx_kthread+0x10/0x10
[   87.290255][ T5340]  ret_from_fork+0x3fc/0x770
[   87.290268][ T5340]  ? __pfx_ret_from_fork+0x10/0x10
[   87.290280][ T5340]  ? __pfx_kthread+0x10/0x10
[   87.290293][ T5340]  ret_from_fork_asm+0x1a/0x30
[   87.290311][ T5340]  </TASK>
[   87.391962][ T5344] loop0: detected capacity change from 0 to 128
[   87.504654][ T5344] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   87.510872][ T5344] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff)
usb_generic_handle_packet: ctrl buffer too small (4097 > 4096)
[   89.153299][ T4687] Bluetooth: hci0: command tx timeout
[   91.234308][ T4687] Bluetooth: hci0: command tx timeout
[   91.954023][   T54] cfg80211: failed to load regulatory.db
[   93.313289][ T4687] Bluetooth: hci0: command tx timeout