program:
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(0x0, 0xe) (async)
syz_emit_vhci(0x0, 0xe)
landlock_create_ruleset(0x0, 0x0, 0x2)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201010200000040"], 0x0) (async)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201010200000040"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x4, 0x4, 0x4}, 0x48)
syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) (async)
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000200)={0x5, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a"], 0x22)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="040b"], 0xe)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="0406"], 0x7)

[   74.346144][ T5292] Bluetooth: hci0: command tx timeout
[   74.429218][ T5314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   74.432790][ T5314] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   74.453875][ T5292] Bluetooth: hci0: unexpected event 0x06 length: 4 > 3
[   74.645648][ T5307] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   74.776232][ T5307] usb 5-1: device descriptor read/64, error -71
[   75.015613][ T5307] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   75.146281][ T5307] usb 5-1: device descriptor read/64, error -71
[   75.256174][ T5307] usb usb5-port1: attempt power cycle
[   75.595680][ T5307] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   75.616709][ T5307] usb 5-1: device descriptor read/8, error -71
[   75.856958][ T5307] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   75.876634][ T5307] usb 5-1: device descriptor read/8, error -71
[   75.985784][ T5307] usb usb5-port1: unable to enumerate USB device
[   76.417301][ T5292] Bluetooth: hci0: command tx timeout
[   76.499323][ T4661] ------------[ cut here ]------------
[   76.501829][ T4661] refcnt < 0
[   76.501838][ T4661] WARNING: net/bluetooth/hci_conn.c:567 at hci_conn_timeout+0xff/0x2c0, CPU#0: kworker/u5:1/4661
[   76.507960][ T4661] Modules linked in:
[   76.509803][ T4661] CPU: 0 UID: 0 PID: 4661 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full) 
[   76.513898][ T4661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   76.518384][ T4661] Workqueue: hci0 hci_conn_timeout
[   76.520645][ T4661] RIP: 0010:hci_conn_timeout+0xff/0x2c0
[   76.522931][ T4661] Code: 48 89 df e8 73 99 09 00 eb 07 e8 2c 9c 2e f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 87 a8 fe ff e8 12 9c 2e f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[   76.530652][ T4661] RSP: 0018:ffffc9000fc6fad0 EFLAGS: 00010293
[   76.533122][ T4661] RAX: ffffffff8a95ae5e RBX: ffff888033360000 RCX: ffff88801f8f8000
[   76.536686][ T4661] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   76.539870][ T4661] RBP: 00000000ffffffff R08: ffff888033360013 R09: 1ffff1100666c002
[   76.543079][ T4661] R10: dffffc0000000000 R11: ffffed100666c003 R12: dffffc0000000000
[   76.546238][ T4661] R13: ffff888000b09918 R14: ffff888033360a40 R15: ffff888033360010
[   76.549289][ T4661] FS:  0000000000000000(0000) GS:ffff88808caa3000(0000) knlGS:0000000000000000
[   76.552713][ T4661] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.555398][ T4661] CR2: 000055c10a35b168 CR3: 00000000440c6000 CR4: 0000000000352ef0
[   76.558903][ T4661] Call Trace:
[   76.560329][ T4661]  <TASK>
[   76.561690][ T4661]  ? process_scheduled_works+0xa0f/0x17a0
[   76.564220][ T4661]  process_scheduled_works+0xaec/0x17a0
[   76.566660][ T4661]  ? __pfx_process_scheduled_works+0x10/0x10
[   76.569354][ T4661]  ? assign_work+0x3d5/0x5e0
[   76.571256][ T4661]  worker_thread+0xa50/0xfc0
[   76.573409][ T4661]  kthread+0x388/0x470
[   76.575277][ T4661]  ? __pfx_worker_thread+0x10/0x10
[   76.578228][ T4661]  ? __pfx_kthread+0x10/0x10
[   76.580164][ T4661]  ret_from_fork+0x51e/0xb90
[   76.582605][ T4661]  ? __pfx_ret_from_fork+0x10/0x10
[   76.584897][ T4661]  ? __switch_to+0xc7d/0x1400
[   76.587422][ T4661]  ? __pfx_kthread+0x10/0x10
[   76.589578][ T4661]  ret_from_fork_asm+0x1a/0x30
[   76.591709][ T4661]  </TASK>
[   76.593118][ T4661] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   76.596192][ T4661] CPU: 0 UID: 0 PID: 4661 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full) 
[   76.600099][ T4661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   76.604428][ T4661] Workqueue: hci0 hci_conn_timeout
[   76.606778][ T4661] Call Trace:
[   76.608516][ T4661]  <TASK>
[   76.610121][ T4661]  vpanic+0x1e0/0x670
[   76.612325][ T4661]  panic+0xc5/0xd0
[   76.614365][ T4661]  ? __pfx_panic+0x10/0x10
[   76.616740][ T4661]  ? ret_from_fork_asm+0x1a/0x30
[   76.619393][ T4661]  __warn+0x315/0x4a0
[   76.621806][ T4661]  ? hci_conn_timeout+0xff/0x2c0
[   76.624091][ T4661]  ? hci_conn_timeout+0xff/0x2c0
[   76.626305][ T4661]  __report_bug+0x29a/0x540
[   76.628607][ T4661]  ? hci_conn_timeout+0xff/0x2c0
[   76.631293][ T4661]  ? __pfx___report_bug+0x10/0x10
[   76.634128][ T4661]  ? add_lock_to_list+0xc7/0x100
[   76.636393][ T4661]  ? lockdep_unlock+0x5d/0xd0
[   76.638482][ T4661]  ? __lock_acquire+0x146e/0x2cf0
[   76.640640][ T4661]  ? do_raw_spin_lock+0x12b/0x2f0
[   76.642842][ T4661]  ? hci_conn_timeout+0xff/0x2c0
[   76.645108][ T4661]  report_bug+0x16a/0x220
[   76.647003][ T4661]  ? hci_conn_timeout+0xff/0x2c0
[   76.649039][ T4661]  ? hci_conn_timeout+0x101/0x2c0
[   76.650904][ T4661]  handle_bug+0x98/0x200
[   76.652716][ T4661]  exc_invalid_op+0x1a/0x50
[   76.654335][ T4661]  asm_exc_invalid_op+0x1a/0x20
[   76.656098][ T4661] RIP: 0010:hci_conn_timeout+0xff/0x2c0
[   76.658131][ T4661] Code: 48 89 df e8 73 99 09 00 eb 07 e8 2c 9c 2e f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 87 a8 fe ff e8 12 9c 2e f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[   76.665664][ T4661] RSP: 0018:ffffc9000fc6fad0 EFLAGS: 00010293
[   76.668269][ T4661] RAX: ffffffff8a95ae5e RBX: ffff888033360000 RCX: ffff88801f8f8000
[   76.671740][ T4661] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   76.674942][ T4661] RBP: 00000000ffffffff R08: ffff888033360013 R09: 1ffff1100666c002
[   76.678309][ T4661] R10: dffffc0000000000 R11: ffffed100666c003 R12: dffffc0000000000
[   76.681554][ T4661] R13: ffff888000b09918 R14: ffff888033360a40 R15: ffff888033360010
[   76.684877][ T4661]  ? hci_conn_timeout+0xfe/0x2c0
[   76.686923][ T4661]  ? process_scheduled_works+0xa0f/0x17a0
[   76.689234][ T4661]  process_scheduled_works+0xaec/0x17a0
[   76.691561][ T4661]  ? __pfx_process_scheduled_works+0x10/0x10
[   76.694006][ T4661]  ? assign_work+0x3d5/0x5e0
[   76.695634][ T4661]  worker_thread+0xa50/0xfc0
[   76.697226][ T4661]  kthread+0x388/0x470
[   76.698589][ T4661]  ? __pfx_worker_thread+0x10/0x10
[   76.700489][ T4661]  ? __pfx_kthread+0x10/0x10
[   76.702485][ T4661]  ret_from_fork+0x51e/0xb90
[   76.704555][ T4661]  ? __pfx_ret_from_fork+0x10/0x10
[   76.706694][ T4661]  ? __switch_to+0xc7d/0x1400
[   76.708726][ T4661]  ? __pfx_kthread+0x10/0x10
[   76.710801][ T4661]  ret_from_fork_asm+0x1a/0x30
[   76.712925][ T4661]  </TASK>
[   76.715290][ T4661] Kernel Offset: disabled
[   76.717159][ T4661] Rebooting in 86400 seconds..