------------[ cut here ]------------ WARNING: CPU: 1 PID: 1768 at net/bluetooth/hci_conn.c:445 schedule_work include/linux/workqueue.h:568 [inline] WARNING: CPU: 1 PID: 1768 at net/bluetooth/hci_conn.c:445 hci_connect_le_scan_remove net/bluetooth/hci_conn.c:195 [inline] WARNING: CPU: 1 PID: 1768 at net/bluetooth/hci_conn.c:445 hci_conn_timeout+0xb4/0xe0 net/bluetooth/hci_conn.c:460 Modules linked in: CPU: 1 PID: 1768 Comm: kworker/u5:0 Not tainted 5.12.0-rc2-syzkaller-00059-g144c79ef3353 #0 Hardware name: linux,dummy-virt (DT) Workqueue: hci0 hci_conn_timeout pstate: a0400009 (NzCv daif +PAN -UAO -TCO BTYPE=--) pc : hci_conn_timeout+0xb4/0xe0 net/bluetooth/hci_conn.c:445 lr : process_one_work+0x1d8/0x364 kernel/workqueue.c:2275 sp : ffff800016013d80 x29: ffff800016013d80 x28: f4ff000004fdc000 x27: ffff8000139c8820 x26: f5ff000004fe126c x25: 0000000000000000 x24: f4ff0000261630f8 x23: f4ff000004fdc000 x22: 0000000000000000 x21: f6ff000026b94200 x20: f5ff000004fe1200 x19: f4ff0000261630f0 x18: 0000000000000000 x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 x14: 0000000000000000 x13: 0000000000000020 x12: 0101010101010101 x11: 7f7f7f7f7f7f7f7f x10: fefefefefefefeff x9 : 7f7f7f7f7f7f7f7f x8 : 8080808080808080 x7 : 0000000080808080 x6 : f5ff000004fe126c x5 : 0000000000000008 x4 : 0000000000000005 x3 : dead000000000122 x2 : f4ff0000261630f8 x1 : ffff800011f75ca0 x0 : 00000000ffffffff Call trace: schedule_work include/linux/workqueue.h:568 [inline] hci_connect_le_scan_remove net/bluetooth/hci_conn.c:195 [inline] hci_conn_timeout+0xb4/0xe0 net/bluetooth/hci_conn.c:460 process_one_work+0x1d8/0x364 kernel/workqueue.c:2275 worker_thread+0x70/0x434 kernel/workqueue.c:2421 kthread+0x174/0x180 kernel/kthread.c:292 ret_from_fork+0x10/0x34 arch/arm64/kernel/entry.S:958