program: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) connect$bt_sco(r2, &(0x7f0000000100), 0x8) (async) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0418"], 0x1a) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000b00000008000300", @ANYRES32=r3, @ANYBLOB="05003901"], 0x44}}, 0x0) [ 75.520735][ T4673] Bluetooth: hci0: command tx timeout [ 75.568883][ T5303] ------------[ cut here ]------------ [ 75.572865][ T5303] WARNING: CPU: 0 PID: 5303 at net/bluetooth/hci_conn.c:567 hci_conn_timeout+0xff/0x290 [ 75.582532][ T5303] Modules linked in: [ 75.585599][ T5303] CPU: 0 UID: 0 PID: 5303 Comm: kworker/u5:2 Not tainted syzkaller #0 PREEMPT(full) [ 75.589635][ T5303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.594168][ T5303] Workqueue: hci0 hci_conn_timeout [ 75.596495][ T5303] RIP: 0010:hci_conn_timeout+0xff/0x290 [ 75.599012][ T5303] Code: 48 89 df e8 f3 21 09 00 eb 07 e8 5c 35 7a f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 87 c7 fe ff e8 42 35 7a f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff [ 75.607223][ T5303] RSP: 0018:ffffc9000d37fa30 EFLAGS: 00010293 [ 75.609989][ T5303] RAX: ffffffff8a45e0ee RBX: ffff888036b3c000 RCX: ffff88801f57a480 [ 75.613394][ T5303] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000 [ 75.616958][ T5303] RBP: 00000000ffffffff R08: ffff888036b3c013 R09: 1ffff11006d67802 [ 75.620384][ T5303] R10: dffffc0000000000 R11: ffffed1006d67803 R12: dffffc0000000000 [ 75.623908][ T5303] R13: ffff88801c12c018 R14: ffff888036b3c948 R15: ffff888036b3c010 [ 75.627719][ T5303] FS: 0000000000000000(0000) GS:ffff88808d732000(0000) knlGS:0000000000000000 [ 75.631564][ T5303] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.634445][ T5303] CR2: 00007f7ef1766fc8 CR3: 000000003db1f000 CR4: 0000000000352ef0 [ 75.637905][ T5303] Call Trace: [ 75.639357][ T5303] [ 75.640472][ T5303] ? process_scheduled_works+0x9ef/0x17b0 [ 75.643158][ T5303] process_scheduled_works+0xae1/0x17b0 [ 75.645637][ T5303] ? __pfx_process_scheduled_works+0x10/0x10 [ 75.648309][ T5303] worker_thread+0x8a0/0xda0 [ 75.650233][ T5303] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 75.652878][ T5303] ? __kthread_parkme+0x7b/0x200 [ 75.655075][ T5303] kthread+0x711/0x8a0 [ 75.656945][ T5303] ? __pfx_worker_thread+0x10/0x10 [ 75.659202][ T5303] ? __pfx_kthread+0x10/0x10 [ 75.661248][ T5303] ? _raw_spin_unlock_irq+0x23/0x50 [ 75.663498][ T5303] ? lockdep_hardirqs_on+0x9c/0x150 [ 75.665809][ T5303] ? __pfx_kthread+0x10/0x10 [ 75.667864][ T5303] ret_from_fork+0x4bc/0x870 [ 75.669879][ T5303] ? __pfx_ret_from_fork+0x10/0x10 [ 75.672240][ T5303] ? __pfx_kthread+0x10/0x10 [ 75.674331][ T5303] ret_from_fork_asm+0x1a/0x30 [ 75.676526][ T5303] [ 75.677883][ T5303] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 75.680936][ T5303] CPU: 0 UID: 0 PID: 5303 Comm: kworker/u5:2 Not tainted syzkaller #0 PREEMPT(full) [ 75.684997][ T5303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.689545][ T5303] Workqueue: hci0 hci_conn_timeout [ 75.691710][ T5303] Call Trace: [ 75.693294][ T5303] [ 75.694720][ T5303] dump_stack_lvl+0x99/0x250 [ 75.697005][ T5303] ? __asan_memcpy+0x40/0x70 [ 75.699168][ T5303] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.701671][ T5303] ? __pfx__printk+0x10/0x10 [ 75.703900][ T5303] vpanic+0x237/0x6d0 [ 75.705820][ T5303] ? __pfx_vpanic+0x10/0x10 [ 75.707860][ T5303] panic+0xb9/0xc0 [ 75.709540][ T5303] ? __pfx_panic+0x10/0x10 [ 75.711397][ T5303] __warn+0x31b/0x4b0 [ 75.713167][ T5303] ? hci_conn_timeout+0xff/0x290 [ 75.715292][ T5303] ? hci_conn_timeout+0xff/0x290 [ 75.717444][ T5303] report_bug+0x2be/0x4f0 [ 75.719320][ T5303] ? hci_conn_timeout+0xff/0x290 [ 75.721489][ T5303] ? hci_conn_timeout+0xff/0x290 [ 75.723649][ T5303] ? hci_conn_timeout+0x101/0x290 [ 75.725810][ T5303] handle_bug+0x84/0x160 [ 75.727631][ T5303] exc_invalid_op+0x1a/0x50 [ 75.729586][ T5303] asm_exc_invalid_op+0x1a/0x20 [ 75.731668][ T5303] RIP: 0010:hci_conn_timeout+0xff/0x290 [ 75.734118][ T5303] Code: 48 89 df e8 f3 21 09 00 eb 07 e8 5c 35 7a f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 87 c7 fe ff e8 42 35 7a f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff [ 75.741995][ T5303] RSP: 0018:ffffc9000d37fa30 EFLAGS: 00010293 [ 75.744494][ T5303] RAX: ffffffff8a45e0ee RBX: ffff888036b3c000 RCX: ffff88801f57a480 [ 75.747918][ T5303] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000 [ 75.751377][ T5303] RBP: 00000000ffffffff R08: ffff888036b3c013 R09: 1ffff11006d67802 [ 75.754797][ T5303] R10: dffffc0000000000 R11: ffffed1006d67803 R12: dffffc0000000000 [ 75.758320][ T5303] R13: ffff88801c12c018 R14: ffff888036b3c948 R15: ffff888036b3c010 [ 75.761733][ T5303] ? hci_conn_timeout+0xfe/0x290 [ 75.763983][ T5303] ? process_scheduled_works+0x9ef/0x17b0 [ 75.766488][ T5303] process_scheduled_works+0xae1/0x17b0 [ 75.768711][ T5303] ? __pfx_process_scheduled_works+0x10/0x10 [ 75.771172][ T5303] worker_thread+0x8a0/0xda0 [ 75.773090][ T5303] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 75.775961][ T5303] ? __kthread_parkme+0x7b/0x200 [ 75.778782][ T5303] kthread+0x711/0x8a0 [ 75.780992][ T5303] ? __pfx_worker_thread+0x10/0x10 [ 75.783668][ T5303] ? __pfx_kthread+0x10/0x10 [ 75.786126][ T5303] ? _raw_spin_unlock_irq+0x23/0x50 [ 75.788915][ T5303] ? lockdep_hardirqs_on+0x9c/0x150 [ 75.791268][ T5303] ? __pfx_kthread+0x10/0x10 [ 75.793518][ T5303] ret_from_fork+0x4bc/0x870 [ 75.795564][ T5303] ? __pfx_ret_from_fork+0x10/0x10 [ 75.797913][ T5303] ? __pfx_kthread+0x10/0x10 [ 75.800041][ T5303] ret_from_fork_asm+0x1a/0x30 [ 75.802217][ T5303] [ 75.803950][ T5303] Kernel Offset: disabled [ 75.805908][ T5303] Rebooting in 86400 seconds..