program:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x280, 0x0) (async)
r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x210880, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000080)=0x100a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000001340)='f2fs_truncate_data_blocks_range\x00'}, 0x10) (async)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a"], 0x22) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="0408"], 0x7) (rerun: 64)
read$nci(r0, &(0x7f0000001040)=""/110, 0x6e)

[   58.074930][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.078288][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.081482][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.085238][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.088264][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.091454][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.094737][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.098013][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.101692][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.105644][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.109133][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.112392][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.116583][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.119572][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.123089][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.126442][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.130001][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.133348][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.136690][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.139959][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.143446][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.147360][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.150534][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.154202][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.157202][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.160289][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.163438][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.166997][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.170036][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.173160][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.176327][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.179292][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.182534][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.186385][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.189715][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.192927][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.196347][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.200546][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.204351][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.207488][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.210623][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.213712][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.216626][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.220240][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.223471][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.227126][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.230511][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.233855][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.237341][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.240488][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.244433][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.248545][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.251932][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.255233][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.258520][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.262173][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.265914][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.269394][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.272929][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.276644][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.280125][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.284388][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.287777][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.291258][ T5300] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   58.297021][ T5300] ------------[ cut here ]------------
[   58.299182][ T5300] WARNING: CPU: 0 PID: 5300 at net/bluetooth/hci_conn.c:567 hci_conn_timeout+0xfb/0x290
[   58.302949][ T5300] Modules linked in:
[   58.304688][ T5300] CPU: 0 UID: 0 PID: 5300 Comm: kworker/u5:2 Not tainted 6.13.0-rc2-syzkaller-00232-g4800575d8c0b #0
[   58.308853][ T5300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   58.312930][ T5300] Workqueue: hci0 hci_conn_timeout
[   58.314956][ T5300] RIP: 0010:hci_conn_timeout+0xfb/0x290
[   58.317060][ T5300] Code: 4c 89 f7 e8 07 c2 09 00 eb 07 e8 c0 67 e5 f6 b0 13 0f b6 f0 4c 89 f7 5b 41 5c 41 5e 41 5f 5d e9 5b b3 fe ff e8 a6 67 e5 f6 90 <0f> 0b 90 eb 8f 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 36 ff ff ff 48
[   58.324319][ T5300] RSP: 0018:ffffc9000d507b90 EFLAGS: 00010293
[   58.326571][ T5300] RAX: ffffffff8ab9f69a RBX: ffff888042eac8e8 RCX: ffff88800064a440
[   58.329571][ T5300] RDX: 0000000000000000 RSI: 00000000ffffffc0 RDI: 0000000000000000
[   58.332431][ T5300] RBP: 00000000ffffffc0 R08: ffffffff8ab9f603 R09: 1ffff110085d5802
[   58.335452][ T5300] R10: dffffc0000000000 R11: ffffed10085d5803 R12: dffffc0000000000
[   58.338690][ T5300] R13: ffffffff8168de96 R14: ffff888042eac000 R15: 0000000001400000
[   58.341634][ T5300] FS:  0000000000000000(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   58.344948][ T5300] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   58.347427][ T5300] CR2: 00007f7ca674c538 CR3: 0000000040f12000 CR4: 0000000000352ef0
[   58.350470][ T5300] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   58.353464][ T5300] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   58.356686][ T5300] Call Trace:
[   58.357941][ T5300]  <TASK>
[   58.359088][ T5300]  ? __warn+0x165/0x4d0
[   58.360637][ T5300]  ? hci_conn_timeout+0xfb/0x290
[   58.362512][ T5300]  ? report_bug+0x2b3/0x500
[   58.364522][ T5300]  ? hci_conn_timeout+0xfb/0x290
[   58.366472][ T5300]  ? handle_bug+0x60/0x90
[   58.368165][ T5300]  ? exc_invalid_op+0x1a/0x50
[   58.370082][ T5300]  ? asm_exc_invalid_op+0x1a/0x20
[   58.371978][ T5300]  ? process_scheduled_works+0x976/0x1840
[   58.374261][ T5300]  ? hci_conn_timeout+0x63/0x290
[   58.376061][ T5300]  ? hci_conn_timeout+0xfa/0x290
[   58.377638][ T5300]  ? hci_conn_timeout+0xfb/0x290
[   58.379530][ T5300]  process_scheduled_works+0xa66/0x1840
[   58.381657][ T5300]  ? __pfx_process_scheduled_works+0x10/0x10
[   58.384014][ T5300]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[   58.386063][ T5300]  ? assign_work+0x364/0x3d0
[   58.387744][ T5300]  worker_thread+0x870/0xd30
[   58.389477][ T5300]  ? __kthread_parkme+0x169/0x1d0
[   58.391413][ T5300]  ? __pfx_worker_thread+0x10/0x10
[   58.393320][ T5300]  kthread+0x2f0/0x390
[   58.394915][ T5300]  ? __pfx_worker_thread+0x10/0x10
[   58.396799][ T5300]  ? __pfx_kthread+0x10/0x10
[   58.398342][ T5300]  ret_from_fork+0x4b/0x80
[   58.400136][ T5300]  ? __pfx_kthread+0x10/0x10
[   58.401813][ T5300]  ret_from_fork_asm+0x1a/0x30
[   58.403496][ T5300]  </TASK>
[   58.404761][ T5300] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   58.407501][ T5300] CPU: 0 UID: 0 PID: 5300 Comm: kworker/u5:2 Not tainted 6.13.0-rc2-syzkaller-00232-g4800575d8c0b #0
[   58.411451][ T5300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   58.415680][ T5300] Workqueue: hci0 hci_conn_timeout
[   58.417686][ T5300] Call Trace:
[   58.418964][ T5300]  <TASK>
[   58.420192][ T5300]  dump_stack_lvl+0x241/0x360
[   58.421834][ T5300]  ? __pfx_dump_stack_lvl+0x10/0x10
[   58.423785][ T5300]  ? __pfx__printk+0x10/0x10
[   58.425450][ T5300]  ? vscnprintf+0x5d/0x90
[   58.427127][ T5300]  panic+0x349/0x880
[   58.428688][ T5300]  ? __warn+0x174/0x4d0
[   58.430193][ T5300]  ? __pfx_panic+0x10/0x10
[   58.431912][ T5300]  ? ret_from_fork_asm+0x1a/0x30
[   58.433714][ T5300]  __warn+0x344/0x4d0
[   58.435213][ T5300]  ? hci_conn_timeout+0xfb/0x290
[   58.436986][ T5300]  report_bug+0x2b3/0x500
[   58.438336][ T5300]  ? hci_conn_timeout+0xfb/0x290
[   58.439916][ T5300]  handle_bug+0x60/0x90
[   58.441234][ T5300]  exc_invalid_op+0x1a/0x50
[   58.442784][ T5300]  asm_exc_invalid_op+0x1a/0x20
[   58.444560][ T5300] RIP: 0010:hci_conn_timeout+0xfb/0x290
[   58.446608][ T5300] Code: 4c 89 f7 e8 07 c2 09 00 eb 07 e8 c0 67 e5 f6 b0 13 0f b6 f0 4c 89 f7 5b 41 5c 41 5e 41 5f 5d e9 5b b3 fe ff e8 a6 67 e5 f6 90 <0f> 0b 90 eb 8f 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 36 ff ff ff 48
[   58.453599][ T5300] RSP: 0018:ffffc9000d507b90 EFLAGS: 00010293
[   58.455966][ T5300] RAX: ffffffff8ab9f69a RBX: ffff888042eac8e8 RCX: ffff88800064a440
[   58.458952][ T5300] RDX: 0000000000000000 RSI: 00000000ffffffc0 RDI: 0000000000000000
[   58.461873][ T5300] RBP: 00000000ffffffc0 R08: ffffffff8ab9f603 R09: 1ffff110085d5802
[   58.464898][ T5300] R10: dffffc0000000000 R11: ffffed10085d5803 R12: dffffc0000000000
[   58.467764][ T5300] R13: ffffffff8168de96 R14: ffff888042eac000 R15: 0000000001400000
[   58.470748][ T5300]  ? process_scheduled_works+0x976/0x1840
[   58.472826][ T5300]  ? hci_conn_timeout+0x63/0x290
[   58.474651][ T5300]  ? hci_conn_timeout+0xfa/0x290
[   58.476486][ T5300]  process_scheduled_works+0xa66/0x1840
[   58.478517][ T5300]  ? __pfx_process_scheduled_works+0x10/0x10
[   58.480767][ T5300]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[   58.482871][ T5300]  ? assign_work+0x364/0x3d0
[   58.484610][ T5300]  worker_thread+0x870/0xd30
[   58.486364][ T5300]  ? __kthread_parkme+0x169/0x1d0
[   58.488281][ T5300]  ? __pfx_worker_thread+0x10/0x10
[   58.490254][ T5300]  kthread+0x2f0/0x390
[   58.491748][ T5300]  ? __pfx_worker_thread+0x10/0x10
[   58.493664][ T5300]  ? __pfx_kthread+0x10/0x10
[   58.495335][ T5300]  ret_from_fork+0x4b/0x80
[   58.496903][ T5300]  ? __pfx_kthread+0x10/0x10
[   58.498623][ T5300]  ret_from_fork_asm+0x1a/0x30
[   58.500343][ T5300]  </TASK>
[   58.501681][ T5300] Kernel Offset: disabled
[   58.503181][ T5300] Rebooting in 86400 seconds..