list_add corruption. prev->next should be next (ffff0000c0f2c588), but was 0000000000000000. (prev=ffff000100074ec8).
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:32!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 2653 Comm: kworker/1:13 Not tainted 6.0.0-rc6-syzkaller-17739-g16c9f284e746 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
Workqueue: events vhci_open_timeout
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __list_add_valid+0xb4/0xb8 lib/list_debug.c:30
lr : __list_add_valid+0xb4/0xb8 lib/list_debug.c:30
sp : ffff80001405bc40
x29: ffff80001405bc40 x28: ffff80000d29b000 x27: ffff0001feff3205
x26: ffff000104679b10 x25: 0000000000000002 x24: 0000000000000000
x23: ffff0000c0f2c588 x22: ffff000100074ec8 x21: ffff0000ff6576c8
x20: ffff0000ff6576c0 x19: ffff0000c0f2c548 x18: 00000000000000c0
x17: 3838356332663063 x16: ffff80000db59158 x15: ffff0000f9f83500
x14: 0000000000000000 x13: 00000000ffffffff x12: ffff0000f9f83500
x11: ff808000081c30a4 x10: 0000000000000000 x9 : 38f8e860c798b500
x8 : 38f8e860c798b500 x7 : ffff8000081976e4 x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000001 x3 : 0000000000000000
x2 : ffff0001fefddcd0 x1 : 0000000100000001 x0 : 0000000000000075
Call trace:
 __list_add_valid+0xb4/0xb8 lib/list_debug.c:30
 __list_add include/linux/list.h:69 [inline]
 list_add_tail include/linux/list.h:102 [inline]
 add_tail lib/klist.c:104 [inline]
 klist_add_tail+0x9c/0xd8 lib/klist.c:137
 device_add+0x7e0/0x958 drivers/base/core.c:3534
 hci_register_dev+0x1a8/0x5a0 net/bluetooth/hci_core.c:2593
 __vhci_create_device+0x1d4/0x384 drivers/bluetooth/hci_vhci.c:336
 vhci_create_device drivers/bluetooth/hci_vhci.c:374 [inline]
 vhci_open_timeout+0x44/0x60 drivers/bluetooth/hci_vhci.c:531
 process_one_work+0x2d8/0x504 kernel/workqueue.c:2289
 worker_thread+0x340/0x610 kernel/workqueue.c:2436
 kthread+0x12c/0x158 kernel/kthread.c:376
 ret_from_fork+0x10/0x20
Code: 91257400 aa0303e1 aa0803e3 94a78613 (d4210000) 
---[ end trace 0000000000000000 ]---