program:
syz_mount_image$cramfs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x8000, &(0x7f00000006c0)=ANY=[], 0xfd, 0x152, &(0x7f0000000200)="$eJzsj09LImEcxz+z45/dVVcXXHAXdlnYw4phjiN266CRJGQDhZeuOVHgpCiEx+zcoRfgoQg6iYfo2KHsZCmEvQ5vgcficSYjkF7B87nM/D7f3/PleZYXB1FCoGKzVLGqNbNeN0t/141CbuPi8uqb8F7g82TDqtbEcsnev87Ajvi6YNS09W3gE1A257cqZTGPMhAFsj7Y3nWjiaomfBUuLFzZTGKfj/6D7g/b6TNcynG/XJAN2k4Dnk/hv+j7/tb3BDRabudl8dj5bzXjDDRac5323Vq/l4/H/phHeu7nmT+iUjQ9gCLyx0Qv/pDotIeDfmHVKBiDlK4vpLSkpqWHxn0/nz44xrXi34dN5X2fR3QU4VCBlgLtST66UQKAj7FhBb3hL8BeCJRp0j0ZG5bi3M9OVCLuV8P0Z8YkkUgkEolEIpFIJBLJh7wEAAD//yj6WvA=")
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448cb, 0x0)
syz_emit_vhci(&(0x7f0000001fc0)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x6, 0xc9}}}, 0x7)
open(&(0x7f0000000180)='./file2\x00', 0x1c107c, 0xa2)
[ 84.814105][ T4688] Bluetooth: hci0: command tx timeout
[ 84.893965][ T5346] loop0: detected capacity change from 0 to 8
[ 85.012502][ T5315] udevd[5315]: incorrect cramfs checksum on /dev/loop0
[ 85.018704][ T5347] ------------[ cut here ]------------
[ 85.021222][ T5347] workqueue: cannot queue hci_rx_work on wq hci0
[ 85.024107][ T5347] WARNING: kernel/workqueue.c:2252 at __queue_work+0xd20/0xf90, CPU#0: syz.0.0/5347
[ 85.028108][ T5347] Modules linked in:
[ 85.029868][ T5347] CPU: 0 UID: 0 PID: 5347 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.033431][ T5347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.038380][ T5347] RIP: 0010:__queue_work+0xd4b/0xf90
[ 85.040950][ T5347] Code: 83 c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 86 5a 9e 00 49 8b 75 00 49 81 c7 78 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d e9 7d 28
[ 85.050064][ T5347] RSP: 0018:ffffc9000814fb20 EFLAGS: 00010086
[ 85.052617][ T5347] RAX: 1ffff11007f7917b RBX: 0000000000000008 RCX: 0000000000100000
[ 85.055984][ T5347] RDX: ffff888041f6a978 RSI: ffffffff8a553c80 RDI: ffffffff8f852e60
[ 85.059310][ T5347] RBP: 0000000000000000 R08: ffff88803fbc8bc7 R09: 1ffff11007f79178
[ 85.062543][ T5347] R10: dffffc0000000000 R11: ffffed1007f79179 R12: dffffc0000000000
[ 85.065750][ T5347] R13: ffff88803fbc8bd8 R14: ffffffff8f852e60 R15: ffff888041f6a978
[ 85.068840][ T5347] FS: 00007fa6e4aa46c0(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000
[ 85.072459][ T5347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 85.075346][ T5347] CR2: 00007fa6e4aa3fc8 CR3: 0000000011a79000 CR4: 0000000000352ef0
[ 85.078841][ T5347] Call Trace:
[ 85.080343][ T5347]
[ 85.081680][ T5347] ? rcu_is_watching+0x15/0xb0
[ 85.083762][ T5347] queue_work_on+0x106/0x1c0
[ 85.085600][ T5347] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 85.087937][ T5347] hci_recv_frame+0x625/0x7c0
[ 85.089939][ T5347] ? skb_pull+0xc1/0x1d0
[ 85.091760][ T5347] vhci_write+0x358/0x4a0
[ 85.093690][ T5347] vfs_write+0x5c9/0xb30
[ 85.095572][ T5347] ? __pfx_vhci_write+0x10/0x10
[ 85.097548][ T5347] ? __pfx_vfs_write+0x10/0x10
[ 85.099352][ T5347] ? __fget_files+0x2a/0x420
[ 85.101280][ T5347] ksys_write+0x145/0x250
[ 85.102905][ T5347] ? __pfx_ksys_write+0x10/0x10
[ 85.104814][ T5347] do_syscall_64+0xec/0xf80
[ 85.106569][ T5347] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.108811][ T5347] ? trace_irq_disable+0x37/0x100
[ 85.110753][ T5347] ? clear_bhb_loop+0x60/0xb0
[ 85.112765][ T5347] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.115087][ T5347] RIP: 0033:0x7fa6e3b8e27f
[ 85.116948][ T5347] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 85.124932][ T5347] RSP: 002b:00007fa6e4aa4000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 85.128504][ T5347] RAX: ffffffffffffffda RBX: 00007fa6e3de6090 RCX: 00007fa6e3b8e27f
[ 85.131662][ T5347] RDX: 0000000000000007 RSI: 0000200000001fc0 RDI: 00000000000000ca
[ 85.135026][ T5347] RBP: 00007fa6e3c13f91 R08: 0000000000000000 R09: 0000000000000000
[ 85.138421][ T5347] R10: 0000200000001fc0 R11: 0000000000000293 R12: 0000000000000000
[ 85.141684][ T5347] R13: 00007fa6e3de6128 R14: 00007fa6e3de6090 R15: 00007ffe4d4af5b8
[ 85.145309][ T5347]
[ 85.146646][ T5347] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 85.149713][ T5347] CPU: 0 UID: 0 PID: 5347 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.153507][ T5347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.157850][ T5347] Call Trace:
[ 85.159276][ T5347]
[ 85.160544][ T5347] vpanic+0x1e0/0x670
[ 85.162202][ T5347] panic+0xb9/0xc0
[ 85.163887][ T5347] ? __pfx_panic+0x10/0x10
[ 85.165823][ T5347] __warn+0x317/0x4b0
[ 85.167497][ T5347] ? __queue_work+0xd20/0xf90
[ 85.169518][ T5347] ? __queue_work+0xd20/0xf90
[ 85.171498][ T5347] __report_bug+0x288/0x500
[ 85.173444][ T5347] ? __queue_work+0xd20/0xf90
[ 85.175480][ T5347] ? __pfx___report_bug+0x10/0x10
[ 85.177511][ T5347] ? vhci_write+0xbe/0x4a0
[ 85.179418][ T5347] ? __pfx_hci_rx_work+0x10/0x10
[ 85.181520][ T5347] ? __lock_acquire+0x6b6/0x2cf0
[ 85.183636][ T5347] report_bug_entry+0x19a/0x290
[ 85.185696][ T5347] ? __queue_work+0xd4b/0xf90
[ 85.187735][ T5347] ? __queue_work+0xd50/0xf90
[ 85.189939][ T5347] handle_bug+0xca/0x200
[ 85.191798][ T5347] exc_invalid_op+0x1a/0x50
[ 85.193689][ T5347] asm_exc_invalid_op+0x1a/0x20
[ 85.195692][ T5347] RIP: 0010:__queue_work+0xd4b/0xf90
[ 85.197930][ T5347] Code: 83 c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 86 5a 9e 00 49 8b 75 00 49 81 c7 78 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d e9 7d 28
[ 85.205980][ T5347] RSP: 0018:ffffc9000814fb20 EFLAGS: 00010086
[ 85.208491][ T5347] RAX: 1ffff11007f7917b RBX: 0000000000000008 RCX: 0000000000100000
[ 85.211660][ T5347] RDX: ffff888041f6a978 RSI: ffffffff8a553c80 RDI: ffffffff8f852e60
[ 85.214809][ T5347] RBP: 0000000000000000 R08: ffff88803fbc8bc7 R09: 1ffff11007f79178
[ 85.218142][ T5347] R10: dffffc0000000000 R11: ffffed1007f79179 R12: dffffc0000000000
[ 85.221381][ T5347] R13: ffff88803fbc8bd8 R14: ffffffff8f852e60 R15: ffff888041f6a978
[ 85.224744][ T5347] ? __pfx_hci_rx_work+0x10/0x10
[ 85.226851][ T5347] ? rcu_is_watching+0x15/0xb0
[ 85.228885][ T5347] queue_work_on+0x106/0x1c0
[ 85.230816][ T5347] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 85.233261][ T5347] hci_recv_frame+0x625/0x7c0
[ 85.235260][ T5347] ? skb_pull+0xc1/0x1d0
[ 85.237137][ T5347] vhci_write+0x358/0x4a0
[ 85.239011][ T5347] vfs_write+0x5c9/0xb30
[ 85.240834][ T5347] ? __pfx_vhci_write+0x10/0x10
[ 85.242841][ T5347] ? __pfx_vfs_write+0x10/0x10
[ 85.244894][ T5347] ? __fget_files+0x2a/0x420
[ 85.246846][ T5347] ksys_write+0x145/0x250
[ 85.248651][ T5347] ? __pfx_ksys_write+0x10/0x10
[ 85.250626][ T5347] do_syscall_64+0xec/0xf80
[ 85.252560][ T5347] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.254967][ T5347] ? trace_irq_disable+0x37/0x100
[ 85.256886][ T5347] ? clear_bhb_loop+0x60/0xb0
[ 85.258799][ T5347] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.261331][ T5347] RIP: 0033:0x7fa6e3b8e27f
[ 85.263354][ T5347] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 85.272269][ T5347] RSP: 002b:00007fa6e4aa4000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 85.275974][ T5347] RAX: ffffffffffffffda RBX: 00007fa6e3de6090 RCX: 00007fa6e3b8e27f
[ 85.279145][ T5347] RDX: 0000000000000007 RSI: 0000200000001fc0 RDI: 00000000000000ca
[ 85.282391][ T5347] RBP: 00007fa6e3c13f91 R08: 0000000000000000 R09: 0000000000000000
[ 85.285665][ T5347] R10: 0000200000001fc0 R11: 0000000000000293 R12: 0000000000000000
[ 85.288954][ T5347] R13: 00007fa6e3de6128 R14: 00007fa6e3de6090 R15: 00007ffe4d4af5b8
[ 85.292244][ T5347]
[ 85.293973][ T5347] Kernel Offset: disabled
[ 85.295832][ T5347] Rebooting in 86400 seconds..