program:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448cb, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e0402030c"], 0x7)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed}, 0xe) (async)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="04030b"], 0xe) (async)
r2 = socket$netlink(0x10, 0x3, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r3 = socket$igmp(0x2, 0x3, 0x2) (rerun: 32)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002380)='./file0\x00', 0x4040, &(0x7f00000000c0)=ANY=[@ANYRESOCT, @ANYRES32=r3, @ANYRESDEC=r3, @ANYRES8=0x0, @ANYRES16=r3], 0x3, 0x6ed, &(0x7f0000000900)="$eJzs3U1sHGcZAOB31uv1roHUadOkoEhdNVJBWCR2jAvmQkAIfKhQVQ6cV4nTWNk4le0iJ0LU4efOoQfEqRx8qzigco8EZ6pKqFcfOFRC6qUn34xmdmZ3bY9314lju/R5rJn5Zr7feWdnZn9kTQBfWovTUX0cSSxOv76Rrm9vzbXHtuYm8ux2RNQiohJR7SwiWcnzvno5bqTLr6cb823JYf28t7zw5iefb3/aWavmU1Y+GVSvRO3gps18imZEjOXLg8YPafHD/d3vae/moe2NqreHacCu5MuIPz9Vq/DUdg/Y7OZ98O9sPqj6Uc5b4IxKOvfNA6YiJiOiHhHZe4L86lA52dEdv83THgAAAAAcVePoVZ7biZ3YiHPPYjgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/yp//n+ST5Ui3YykeP5/Ld8WefoMGv4gxI8nOsvHz34wAAAAAAAAAPDMvbwTO7ER54r13ST7zf+Vvt/4vxLvxFosxWpcjY1oxXqsx2rMRsRUX0O1jdb6+upsVjPiwoCa1+OjkprXDx/jjWPeZwAAAAAAAAA44+pD8u+OH9z221js/f4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABnQRIx1llk04UiPRWVakTUi3KbER9FRO10R3skSdnGxyc/DgAAAHgq9b2rSX2EOs+9GzuxEeeK9d0k+8x/Mfu8XI93YiXWYznWox1LcSv/DJ1+6q9sb821t7fm7qXTwXZ/9NmRhp61GJ3vHsp7fikr0YjbsZxtuRo3I4ndTCVv5aXtrbl0ea98XI/SMSU/zA0YzVhf+lY6u/Rhlv7j3m8RqkfaxSdUOTRnKssd70ZkJh9bWuN8EYHySAw9OtWBPc1GpfvNz4XBPZXH/NHg3if3lSr95uZU7I/E9ah0j9DFwZGI+ObfP/jlnfbK3Tu316bPzi6VendoiW4kvltcZnqRuDRyJBrHPfBTMJPt+4vd9cX4afwipuOziTdiNZbjV9GK9VhqFvmt/PWczqcGR+rjyf61N4aNJD0nm93rV9mYmrFnTNGMn2SpVrySHdNzsRxJ3I+IpXgt+7ses92rQe8IvzjCWV8Z4Urb58q3skU3TDHgtfHX0Zo8Lmlcz/fFtf+aO5Xl9W/pRen50igV97rR70d9qt/IE2kLvxt4fzhp+yMx2xeJFw57vXRC+pfddL7WXrm7eqf19oj9vZov0/PoD2fqLlGLR/F81POdO5/Nk+ycmsmO/gvdO+zeeNXyX1w6Kvvzfvanbr3OmfrzuB+39pyp34v5mI+FrKWLWenxA3esNO9St6X+vLksL32nVe3+sNP/fut+tDvvhwA42ya/PVlr/Lfxr8b7jd837jRer/944vsTl2sx/s/xH1Rnxl6tXE7+Fu/Hb3qf/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCe39uDh3Va7vbRanqiUZyWDa7Xau8WDxAaU2ZNI8kfljFA4WXvwcHdog4MTE/nwnrD6cSaKx6gNL9x8hsNINvcfr/rwY1E85WmELpIDAU8rP/GYi557W8bPwKHcn2geX4PFC7Yva/RX73++1qncKDteYxFRVmvIhWNsT4vAF9C19XtvX1t78PA7y/daby29tbQyPj+/MLMw/9rctdvL7aWZzryvwok8/BY4Cf1vJ7pqEfHy8Lpu/gAAAAAAAAAAAHA6TuJ/IU57HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAvtsXpqD6OJGZnrs6k69tbc+10KtK9ktWIqERE8uuI5B8RN6IzxVRfc8lh/by3vPDmJ59vf9prq1qUr0RsHlpvNJv5FM2IGMuXx9XezeHt1XrJiZLspBuZNGBXisDBaftfAAAA//+o7+kR")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r5, &(0x7f0000000200), 0x43400)
ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="2b0000000000000000000000ffc8efdaddda85822e3aa00a1556a218837456a0a59dc8765f8821eef200cb900272ab9310c4"]) (async, rerun: 32)
openat$cgroup_ro(r5, &(0x7f0000000040)='cgroup.kill\x00', 0x0, 0x0) (async, rerun: 32)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
[ 86.665763][ T5330] ------------[ cut here ]------------
[ 86.668181][ T5330] workqueue: cannot queue hci_conn_timeout on wq hci0
[ 86.671310][ T5330] WARNING: CPU: 0 PID: 5330 at kernel/workqueue.c:2258 __queue_work+0xd38/0xfb0
[ 86.675295][ T5330] Modules linked in:
[ 86.677091][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 86.680769][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.685282][ T5330] RIP: 0010:__queue_work+0xd38/0xfb0
[ 86.687534][ T5330] Code: 42 80 3c 20 00 74 08 4c 89 ef e8 b3 5e 9d 00 49 8b 75 00 49 81 c7 78 01 00 00 48 c7 c7 20 eb 69 8b 4c 89 fa e8 b9 31 f9 ff 90 <0f> 0b 90 90 e9 1a f5 ff ff e8 3a 24 36 00 90 0f 0b 90 e9 dd fc ff
[ 86.696088][ T5330] RSP: 0018:ffffc9000d25f670 EFLAGS: 00010046
[ 86.698765][ T5330] RAX: 4808408d3e40dd00 RBX: 0000000000000000 RCX: ffff88800024c900
[ 86.702150][ T5330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[ 86.705593][ T5330] RBP: 1ffff110086f0a38 R08: ffff88801fc24293 R09: 1ffff11003f84852
[ 86.709032][ T5330] R10: dffffc0000000000 R11: ffffed1003f84853 R12: dffffc0000000000
[ 86.712426][ T5330] R13: ffff88801155c960 R14: ffff88800024c900 R15: ffff888043785178
[ 86.715815][ T5330] FS: 00007f3da55d46c0(0000) GS:ffff88808d301000(0000) knlGS:0000000000000000
[ 86.719453][ T5330] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 86.722278][ T5330] CR2: 0000000000000000 CR3: 00000000423b7000 CR4: 0000000000352ef0
[ 86.725771][ T5330] Call Trace:
[ 86.727208][ T5330]
[ 86.728544][ T5330] ? __queue_delayed_work+0xe1/0x2d0
[ 86.730757][ T5330] queue_delayed_work_on+0x18b/0x280
[ 86.733033][ T5330] ? __pfx___cancel_work+0x10/0x10
[ 86.735297][ T5330] ? __pfx_queue_delayed_work_on+0x10/0x10
[ 86.737811][ T5330] ? hci_conn_drop+0x14d/0x280
[ 86.739871][ T5330] l2cap_chan_del+0x285/0x5e0
[ 86.741978][ T5330] l2cap_chan_close+0x597/0x980
[ 86.744070][ T5330] ? __pfx_l2cap_chan_close+0x10/0x10
[ 86.746412][ T5330] l2cap_sock_shutdown+0xa8a/0x1130
[ 86.748554][ T5330] ? __lock_acquire+0xab9/0xd20
[ 86.750523][ T5330] ? do_raw_write_lock+0x11d/0x260
[ 86.752713][ T5330] ? __pfx_l2cap_sock_shutdown+0x10/0x10
[ 86.755143][ T5330] ? l2cap_sock_release+0x81/0x210
[ 86.757366][ T5330] l2cap_sock_release+0x8e/0x210
[ 86.759566][ T5330] sock_close+0xc3/0x240
[ 86.761475][ T5330] ? __pfx_sock_close+0x10/0x10
[ 86.763554][ T5330] __fput+0x44c/0xa70
[ 86.765363][ T5330] task_work_run+0x1d4/0x260
[ 86.767273][ T5330] ? __pfx_task_work_run+0x10/0x10
[ 86.769457][ T5330] ? task_work_add+0x281/0x420
[ 86.771689][ T5330] ? __pfx_task_work_add+0x10/0x10
[ 86.774415][ T5330] get_signal+0x11ec/0x1340
[ 86.776863][ T5330] arch_do_signal_or_restart+0xa0/0x790
[ 86.779321][ T5330] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.781947][ T5330] ? exit_to_user_mode_loop+0x40/0x130
[ 86.784308][ T5330] exit_to_user_mode_loop+0x72/0x130
[ 86.786540][ T5330] do_syscall_64+0x2bd/0xfa0
[ 86.788580][ T5330] ? lockdep_hardirqs_on+0x9c/0x150
[ 86.790780][ T5330] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.793489][ T5330] ? clear_bhb_loop+0x60/0xb0
[ 86.795571][ T5330] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.798044][ T5330] RIP: 0033:0x7f3da918eec9
[ 86.800157][ T5330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 86.807978][ T5330] RSP: 002b:00007f3da55d4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 86.811647][ T5330] RAX: fffffffffffffffc RBX: 00007f3da93e6090 RCX: 00007f3da918eec9
[ 86.814947][ T5330] RDX: 000000000000000e RSI: 0000200000000000 RDI: 0000000000000005
[ 86.818331][ T5330] RBP: 00007f3da9211f91 R08: 0000000000000000 R09: 0000000000000000
[ 86.821687][ T5330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 86.825066][ T5330] R13: 00007f3da93e6128 R14: 00007f3da93e6090 R15: 00007ffcc3344ee8
[ 86.829332][ T5330]
[ 86.831001][ T5330] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 86.834412][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 86.838309][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.842958][ T5330] Call Trace:
[ 86.844666][ T5330]
[ 86.845997][ T5330] dump_stack_lvl+0x99/0x250
[ 86.847876][ T5330] ? __asan_memcpy+0x40/0x70
[ 86.849831][ T5330] ? __pfx_dump_stack_lvl+0x10/0x10
[ 86.852003][ T5330] ? __pfx__printk+0x10/0x10
[ 86.854068][ T5330] vpanic+0x237/0x6d0
[ 86.855800][ T5330] ? __pfx_vpanic+0x10/0x10
[ 86.857890][ T5330] panic+0xb9/0xc0
[ 86.859571][ T5330] ? __pfx_panic+0x10/0x10
[ 86.861613][ T5330] __warn+0x31b/0x4b0
[ 86.863429][ T5330] ? __queue_work+0xd38/0xfb0
[ 86.865523][ T5330] ? __queue_work+0xd38/0xfb0
[ 86.867602][ T5330] report_bug+0x2be/0x4f0
[ 86.869549][ T5330] ? __queue_work+0xd38/0xfb0
[ 86.871713][ T5330] ? __queue_work+0xd38/0xfb0
[ 86.873858][ T5330] ? __queue_work+0xd3a/0xfb0
[ 86.876028][ T5330] handle_bug+0x84/0x160
[ 86.877931][ T5330] exc_invalid_op+0x1a/0x50
[ 86.880015][ T5330] asm_exc_invalid_op+0x1a/0x20
[ 86.882352][ T5330] RIP: 0010:__queue_work+0xd38/0xfb0
[ 86.884684][ T5330] Code: 42 80 3c 20 00 74 08 4c 89 ef e8 b3 5e 9d 00 49 8b 75 00 49 81 c7 78 01 00 00 48 c7 c7 20 eb 69 8b 4c 89 fa e8 b9 31 f9 ff 90 <0f> 0b 90 90 e9 1a f5 ff ff e8 3a 24 36 00 90 0f 0b 90 e9 dd fc ff
[ 86.893493][ T5330] RSP: 0018:ffffc9000d25f670 EFLAGS: 00010046
[ 86.896051][ T5330] RAX: 4808408d3e40dd00 RBX: 0000000000000000 RCX: ffff88800024c900
[ 86.899452][ T5330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[ 86.902891][ T5330] RBP: 1ffff110086f0a38 R08: ffff88801fc24293 R09: 1ffff11003f84852
[ 86.906350][ T5330] R10: dffffc0000000000 R11: ffffed1003f84853 R12: dffffc0000000000
[ 86.909785][ T5330] R13: ffff88801155c960 R14: ffff88800024c900 R15: ffff888043785178
[ 86.913192][ T5330] ? __queue_delayed_work+0xe1/0x2d0
[ 86.915514][ T5330] queue_delayed_work_on+0x18b/0x280
[ 86.917732][ T5330] ? __pfx___cancel_work+0x10/0x10
[ 86.919976][ T5330] ? __pfx_queue_delayed_work_on+0x10/0x10
[ 86.922485][ T5330] ? hci_conn_drop+0x14d/0x280
[ 86.924596][ T5330] l2cap_chan_del+0x285/0x5e0
[ 86.926587][ T5330] l2cap_chan_close+0x597/0x980
[ 86.928683][ T5330] ? __pfx_l2cap_chan_close+0x10/0x10
[ 86.930956][ T5330] l2cap_sock_shutdown+0xa8a/0x1130
[ 86.933246][ T5330] ? __lock_acquire+0xab9/0xd20
[ 86.935416][ T5330] ? do_raw_write_lock+0x11d/0x260
[ 86.937634][ T5330] ? __pfx_l2cap_sock_shutdown+0x10/0x10
[ 86.940027][ T5330] ? l2cap_sock_release+0x81/0x210
[ 86.942355][ T5330] l2cap_sock_release+0x8e/0x210
[ 86.944449][ T5330] sock_close+0xc3/0x240
[ 86.946107][ T5330] ? __pfx_sock_close+0x10/0x10
[ 86.948074][ T5330] __fput+0x44c/0xa70
[ 86.949610][ T5330] task_work_run+0x1d4/0x260
[ 86.951411][ T5330] ? __pfx_task_work_run+0x10/0x10
[ 86.953420][ T5330] ? task_work_add+0x281/0x420
[ 86.955367][ T5330] ? __pfx_task_work_add+0x10/0x10
[ 86.957457][ T5330] get_signal+0x11ec/0x1340
[ 86.959200][ T5330] arch_do_signal_or_restart+0xa0/0x790
[ 86.961433][ T5330] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.963965][ T5330] ? exit_to_user_mode_loop+0x40/0x130
[ 86.966274][ T5330] exit_to_user_mode_loop+0x72/0x130
[ 86.968477][ T5330] do_syscall_64+0x2bd/0xfa0
[ 86.970446][ T5330] ? lockdep_hardirqs_on+0x9c/0x150
[ 86.972731][ T5330] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.975346][ T5330] ? clear_bhb_loop+0x60/0xb0
[ 86.977286][ T5330] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.979723][ T5330] RIP: 0033:0x7f3da918eec9
[ 86.981643][ T5330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 86.989328][ T5330] RSP: 002b:00007f3da55d4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 86.992574][ T5330] RAX: fffffffffffffffc RBX: 00007f3da93e6090 RCX: 00007f3da918eec9
[ 86.995877][ T5330] RDX: 000000000000000e RSI: 0000200000000000 RDI: 0000000000000005
[ 86.999341][ T5330] RBP: 00007f3da9211f91 R08: 0000000000000000 R09: 0000000000000000
[ 87.002784][ T5330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 87.006139][ T5330] R13: 00007f3da93e6128 R14: 00007f3da93e6090 R15: 00007ffcc3344ee8
[ 87.009401][ T5330]
[ 87.011042][ T5330] Kernel Offset: disabled
[ 87.012874][ T5330] Rebooting in 86400 seconds..