program:
openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x4600, 0x0) (async)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0) (async)
r0 = socket$alg(0x26, 0x5, 0x0) (async)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
recvmsg$can_j1939(r1, &(0x7f0000000300)={&(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80, &(0x7f0000001880)=[{&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f0000000140)=""/105, 0x69}, {&(0x7f00000001c0)=""/146, 0x92}, {&(0x7f0000000280)=""/47, 0x2f}, {&(0x7f00000013c0)=""/183, 0xb7}, {&(0x7f0000001480)=""/130, 0x82}, {&(0x7f00000002c0)=""/28, 0x1c}, {&(0x7f0000001640)=""/52, 0x34}, {&(0x7f0000001680)=""/223, 0xdf}, {&(0x7f0000001800)=""/123, 0x7b}], 0xa, &(0x7f00000015c0)=""/117, 0x75}, 0x2000)
r2 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r5, &(0x7f0000000100), 0x8) (async)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0418"], 0x1a)
r6 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0xc018aec0, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil}) (async)
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f00000001c0)={"f2efe21e", 0x0, 0x6, 0x4d, 0x0, 0x1ff, "2179d46fd08e3c0ced34c7d0c7e6d7", "7ca24a13", "5161dc20", "a2d1d4a2", ["1af0b1ba1cb8fd54c9c9b587", "bed0f3d6ce7a5f7389827f04", "33af343c60abc64f2fdc9ddf", "9b3842fc63849f62b6eb1c3c"]}) (async)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000001b00)={0x1, 0x1, 0x1000, 0xd5, &(0x7f0000001940)="64c47b09cd64384ad4ab7202d246def5535d2d8e6b1d75e5f3cf0bf99a17bbb156cd509ca64a3f50e0d002d8dc135d35d080329507f94fb81c7b535aa483ed50f344be4288f6ac3a9a9e5ff80007fe7bfa5ade6ee0424ab8af0a1bd43063a14d0bdaa4576c3d5c745b3411ecbccf1da4e63d6a8f74700426fdae45a178d14b6e7582d173c2b51ab47edd4789ac8df0c8e029812f5689b31737e67b9dbbe40ef2391904ee4e98c5d5117a49f3d89e344d7e7c043f9406f7fbb942c90b2e156a1f7844e886550ebbcb533526d857f96c303ab00d0441", 0xbd, 0x0, &(0x7f0000001a40)="4b5e7adf77e05c255a1e781717cd5b99c7628274c2ddc55a8f90322195276135a4ccf31bc6377e2ada36dcaa69f8bf48e122bfff21e520eb7d56553dc827ce0d6939b9e2f12d048e2e8b80a808481ef49dac52ff39a4b0c312936ff895f48cae90f7d475bd693562b68a65e8ece5518f96e3b92ae1cc5d7b003d01863f1a32bbcd04c6929ff670af65157ee19bd1b8ed1009f087e124f1c442af072069d9377ff81db21496728816e77cd73028fd4b04a8fb157c8c14de52b701a376c6"}) (async)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)) (async)
ioctl$CEC_TRANSMIT(r2, 0xc0386105, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x7, 0x0, 0x4063, "57c1169b6664ea61326ac71ae7213059", 0xc, 0x81, 0x0, 0x0, 0x10, 0x9, 0xfe}) (async)
bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-avx2\x00'}, 0x58) (async)
io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0xfffd, 0xffffffffffffffff, &(0x7f0000000580)='v', 0x1, 0x400a00, 0x0, 0xb6311947b1eb388c}]) (async)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x2) (async)
unshare(0x22020600)
r7 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
r9 = openat$cgroup_pressure(r8, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0)
read(r9, &(0x7f0000000100)=""/43, 0x2b) (async)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001540)="aa594066f10f06a04a06b8ca0f4ba0c95100553889020196f882c4536952bf56", 0x20) (async)
r10 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TEAM_CMD_NOOP(r10, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001780)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f696e74657276616c00000000c60000000000000d000300030000000800040000000000"], 0x58}}, 0x0)

[   75.611692][ T5300] Bluetooth: hci0: command tx timeout
[   75.667262][ T4668] ------------[ cut here ]------------
[   75.669878][ T4668] WARNING: CPU: 0 PID: 4668 at net/bluetooth/hci_conn.c:567 hci_conn_timeout+0xff/0x290
[   75.674288][ T4668] Modules linked in:
[   75.675991][ T4668] CPU: 0 UID: 0 PID: 4668 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full) 
[   75.679800][ T4668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.684218][ T4668] Workqueue: hci0 hci_conn_timeout
[   75.686352][ T4668] RIP: 0010:hci_conn_timeout+0xff/0x290
[   75.688614][ T4668] Code: 48 89 df e8 53 1d 09 00 eb 07 e8 ac 5e 7a f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 e7 c4 fe ff e8 92 5e 7a f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[   75.696559][ T4668] RSP: 0018:ffffc9000cb87a30 EFLAGS: 00010293
[   75.698949][ T4668] RAX: ffffffff8a45b57e RBX: ffff888042f40000 RCX: ffff888000b08000
[   75.702422][ T4668] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   75.706121][ T4668] RBP: 00000000ffffffff R08: ffff888042f40013 R09: 1ffff110085e8002
[   75.709627][ T4668] R10: dffffc0000000000 R11: ffffed10085e8003 R12: dffffc0000000000
[   75.713292][ T4668] R13: ffff88805b37a018 R14: ffff888042f40948 R15: ffff888042f40010
[   75.716813][ T4668] FS:  0000000000000000(0000) GS:ffff88808d733000(0000) knlGS:0000000000000000
[   75.720765][ T4668] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.723652][ T4668] CR2: 00007f5ce7841fc8 CR3: 00000000426a6000 CR4: 0000000000352ef0
[   75.727190][ T4668] Call Trace:
[   75.728648][ T4668]  <TASK>
[   75.729904][ T4668]  ? process_scheduled_works+0x9ef/0x17b0
[   75.732325][ T4668]  process_scheduled_works+0xae1/0x17b0
[   75.734642][ T4668]  ? __pfx_process_scheduled_works+0x10/0x10
[   75.737132][ T4668]  worker_thread+0x8a0/0xda0
[   75.738980][ T4668]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.742089][ T4668]  ? __kthread_parkme+0x7b/0x200
[   75.744579][ T4668]  kthread+0x711/0x8a0
[   75.746301][ T4668]  ? __pfx_worker_thread+0x10/0x10
[   75.748680][ T4668]  ? __pfx_kthread+0x10/0x10
[   75.751149][ T4668]  ? _raw_spin_unlock_irq+0x23/0x50
[   75.753850][ T4668]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.755842][ T4668]  ? __pfx_kthread+0x10/0x10
[   75.757773][ T4668]  ret_from_fork+0x4bc/0x870
[   75.759799][ T4668]  ? __pfx_ret_from_fork+0x10/0x10
[   75.762524][ T4668]  ? __pfx_kthread+0x10/0x10
[   75.764952][ T4668]  ret_from_fork_asm+0x1a/0x30
[   75.766956][ T4668]  </TASK>
[   75.768287][ T4668] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   75.771182][ T4668] CPU: 0 UID: 0 PID: 4668 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full) 
[   75.774927][ T4668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.779416][ T4668] Workqueue: hci0 hci_conn_timeout
[   75.781670][ T4668] Call Trace:
[   75.783085][ T4668]  <TASK>
[   75.784345][ T4668]  dump_stack_lvl+0x99/0x250
[   75.786272][ T4668]  ? __asan_memcpy+0x40/0x70
[   75.788105][ T4668]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.790401][ T4668]  ? __pfx__printk+0x10/0x10
[   75.792439][ T4668]  vpanic+0x237/0x6d0
[   75.794184][ T4668]  ? __pfx_vpanic+0x10/0x10
[   75.796342][ T4668]  panic+0xb9/0xc0
[   75.798167][ T4668]  ? __pfx_panic+0x10/0x10
[   75.800171][ T4668]  __warn+0x31b/0x4b0
[   75.801936][ T4668]  ? hci_conn_timeout+0xff/0x290
[   75.804166][ T4668]  ? hci_conn_timeout+0xff/0x290
[   75.806318][ T4668]  report_bug+0x2be/0x4f0
[   75.808191][ T4668]  ? hci_conn_timeout+0xff/0x290
[   75.810378][ T4668]  ? hci_conn_timeout+0xff/0x290
[   75.812503][ T4668]  ? hci_conn_timeout+0x101/0x290
[   75.814649][ T4668]  handle_bug+0x84/0x160
[   75.816621][ T4668]  exc_invalid_op+0x1a/0x50
[   75.818560][ T4668]  asm_exc_invalid_op+0x1a/0x20
[   75.820676][ T4668] RIP: 0010:hci_conn_timeout+0xff/0x290
[   75.823019][ T4668] Code: 48 89 df e8 53 1d 09 00 eb 07 e8 ac 5e 7a f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 e7 c4 fe ff e8 92 5e 7a f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[   75.831439][ T4668] RSP: 0018:ffffc9000cb87a30 EFLAGS: 00010293
[   75.834087][ T4668] RAX: ffffffff8a45b57e RBX: ffff888042f40000 RCX: ffff888000b08000
[   75.837611][ T4668] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   75.840972][ T4668] RBP: 00000000ffffffff R08: ffff888042f40013 R09: 1ffff110085e8002
[   75.844330][ T4668] R10: dffffc0000000000 R11: ffffed10085e8003 R12: dffffc0000000000
[   75.847862][ T4668] R13: ffff88805b37a018 R14: ffff888042f40948 R15: ffff888042f40010
[   75.851292][ T4668]  ? hci_conn_timeout+0xfe/0x290
[   75.853524][ T4668]  ? process_scheduled_works+0x9ef/0x17b0
[   75.855967][ T4668]  process_scheduled_works+0xae1/0x17b0
[   75.858236][ T4668]  ? __pfx_process_scheduled_works+0x10/0x10
[   75.860958][ T4668]  worker_thread+0x8a0/0xda0
[   75.862843][ T4668]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.865422][ T4668]  ? __kthread_parkme+0x7b/0x200
[   75.867437][ T4668]  kthread+0x711/0x8a0
[   75.869148][ T4668]  ? __pfx_worker_thread+0x10/0x10
[   75.871178][ T4668]  ? __pfx_kthread+0x10/0x10
[   75.873369][ T4668]  ? _raw_spin_unlock_irq+0x23/0x50
[   75.876213][ T4668]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.879086][ T4668]  ? __pfx_kthread+0x10/0x10
[   75.881424][ T4668]  ret_from_fork+0x4bc/0x870
[   75.883481][ T4668]  ? __pfx_ret_from_fork+0x10/0x10
[   75.885912][ T4668]  ? __pfx_kthread+0x10/0x10
[   75.887987][ T4668]  ret_from_fork_asm+0x1a/0x30
[   75.890820][ T4668]  </TASK>
[   75.892568][ T4668] Kernel Offset: disabled
[   75.894393][ T4668] Rebooting in 86400 seconds..