program:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448cb, 0x0) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a"], 0x22) (rerun: 32)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="040b"], 0xe) (async, rerun: 64)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0402030c"], 0x7) (async, rerun: 64)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newlink={0x5c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x24, 0x5, 0x0, 0x1, [@IFLA_BRPORT_UNICAST_FLOOD={0x5, 0x9, 0x1}, @IFLA_BRPORT_MCAST_FLOOD={0x5}, @IFLA_BRPORT_VLAN_TUNNEL={0x5, 0x1d, 0x1}, @IFLA_BRPORT_MULTICAST_ROUTER={0x5}]}}}]}, 0x5c}}, 0x0)

[  150.125117][ T5319] Bluetooth: hci0: command tx timeout
[  150.177725][ T4665] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  150.182545][ T4665] CPU: 0 UID: 0 PID: 4665 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full) 
[  150.182567][ T4665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  150.182576][ T4665] Workqueue: hci0 hci_rx_work
[  150.182730][ T4665] Call Trace:
[  150.182740][ T4665]  <TASK>
[  150.182746][ T4665]  dump_stack_lvl+0xe8/0x150
[  150.182768][ T4665]  sysfs_create_dir_ns+0x271/0x2a0
[  150.182788][ T4665]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  150.182825][ T4665]  ? do_raw_spin_unlock+0x4d/0x210
[  150.182844][ T4665]  kobject_add_internal+0x62b/0xd00
[  150.182866][ T4665]  kobject_add+0x163/0x240
[  150.182883][ T4665]  ? __pfx_kobject_add+0x10/0x10
[  150.182919][ T4665]  ? _raw_spin_unlock+0x28/0x50
[  150.182941][ T4665]  ? get_device_parent+0x366/0x3a0
[  150.182998][ T4665]  device_add+0x408/0xb70
[  150.183045][ T4665]  hci_conn_add_sysfs+0xd5/0x210
[  150.183072][ T4665]  le_conn_complete_evt+0xf1d/0x1430
[  150.183096][ T4665]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  150.183112][ T4665]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  150.183167][ T4665]  ? __pfx___mutex_lock+0x10/0x10
[  150.183190][ T4665]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  150.183233][ T4665]  ? skb_pull_data+0xfb/0x200
[  150.183261][ T4665]  hci_le_enh_conn_complete_evt+0x189/0x490
[  150.183280][ T4665]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  150.183317][ T4665]  hci_event_packet+0x7af/0x12c0
[  150.183348][ T4665]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  150.183366][ T4665]  ? __pfx_hci_event_packet+0x10/0x10
[  150.183412][ T4665]  ? kcov_remote_start+0x49a/0x7a0
[  150.183440][ T4665]  ? hci_send_to_monitor+0xe2/0x590
[  150.183463][ T4665]  hci_rx_work+0x3ee/0x1030
[  150.183511][ T4665]  ? process_scheduled_works+0xa25/0x1830
[  150.183534][ T4665]  process_scheduled_works+0xb02/0x1830
[  150.183577][ T4665]  ? __pfx_process_scheduled_works+0x10/0x10
[  150.183622][ T4665]  ? assign_work+0x3d5/0x5e0
[  150.183648][ T4665]  worker_thread+0xa50/0xfc0
[  150.183690][ T4665]  kthread+0x388/0x470
[  150.183708][ T4665]  ? __pfx_worker_thread+0x10/0x10
[  150.183752][ T4665]  ? __pfx_kthread+0x10/0x10
[  150.183769][ T4665]  ret_from_fork+0x51e/0xb90
[  150.183792][ T4665]  ? __pfx_ret_from_fork+0x10/0x10
[  150.183830][ T4665]  ? __switch_to+0xc7d/0x1450
[  150.183853][ T4665]  ? __pfx_kthread+0x10/0x10
[  150.183870][ T4665]  ret_from_fork_asm+0x1a/0x30
[  150.183906][ T4665]  </TASK>
[  150.183942][ T4665] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  150.317884][ T4665] Bluetooth: hci0: failed to register connection device
[  150.322171][ T4665] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  150.327908][ T4665] CPU: 0 UID: 0 PID: 4665 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full) 
[  150.327929][ T4665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  150.327940][ T4665] Workqueue: hci0 hci_rx_work
[  150.327976][ T4665] Call Trace:
[  150.327982][ T4665]  <TASK>
[  150.327989][ T4665]  dump_stack_lvl+0xe8/0x150
[  150.328017][ T4665]  sysfs_create_dir_ns+0x271/0x2a0
[  150.328043][ T4665]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  150.328066][ T4665]  ? do_raw_spin_unlock+0x4d/0x210
[  150.328087][ T4665]  kobject_add_internal+0x62b/0xd00
[  150.328112][ T4665]  kobject_add+0x163/0x240
[  150.328130][ T4665]  ? __pfx_kobject_add+0x10/0x10
[  150.328164][ T4665]  ? _raw_spin_unlock+0x28/0x50
[  150.328192][ T4665]  ? get_device_parent+0x366/0x3a0
[  150.328222][ T4665]  device_add+0x408/0xb70
[  150.328249][ T4665]  hci_conn_add_sysfs+0xd5/0x210
[  150.328275][ T4665]  le_conn_complete_evt+0xf1d/0x1430
[  150.328295][ T4665]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  150.328310][ T4665]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  150.328338][ T4665]  ? __pfx___mutex_lock+0x10/0x10
[  150.328359][ T4665]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  150.328382][ T4665]  ? skb_pull_data+0xfb/0x200
[  150.328407][ T4665]  hci_le_enh_conn_complete_evt+0x189/0x490
[  150.328427][ T4665]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  150.328446][ T4665]  hci_event_packet+0x7af/0x12c0
[  150.328473][ T4665]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  150.328491][ T4665]  ? __pfx_hci_event_packet+0x10/0x10
[  150.328517][ T4665]  ? kcov_remote_start+0x49a/0x7a0
[  150.328536][ T4665]  ? hci_send_to_monitor+0xe2/0x590
[  150.328579][ T4665]  hci_rx_work+0x3ee/0x1030
[  150.328604][ T4665]  ? process_scheduled_works+0xa25/0x1830
[  150.328620][ T4665]  process_scheduled_works+0xb02/0x1830
[  150.328673][ T4665]  ? __pfx_process_scheduled_works+0x10/0x10
[  150.328696][ T4665]  ? assign_work+0x3d5/0x5e0
[  150.328710][ T4665]  worker_thread+0xa50/0xfc0
[  150.328731][ T4665]  kthread+0x388/0x470
[  150.328740][ T4665]  ? __pfx_worker_thread+0x10/0x10
[  150.328750][ T4665]  ? __pfx_kthread+0x10/0x10
[  150.328758][ T4665]  ret_from_fork+0x51e/0xb90
[  150.328770][ T4665]  ? __pfx_ret_from_fork+0x10/0x10
[  150.328781][ T4665]  ? __switch_to+0xc7d/0x1450
[  150.328793][ T4665]  ? __pfx_kthread+0x10/0x10
[  150.328802][ T4665]  ret_from_fork_asm+0x1a/0x30
[  150.328826][ T4665]  </TASK>
[  150.328977][ T4665] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  150.458219][ T4665] Bluetooth: hci0: failed to register connection device
[  150.463695][ T4665] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  150.468482][ T4665] CPU: 0 UID: 0 PID: 4665 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full) 
[  150.468507][ T4665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  150.468517][ T4665] Workqueue: hci0 hci_rx_work
[  150.468547][ T4665] Call Trace:
[  150.468552][ T4665]  <TASK>
[  150.468560][ T4665]  dump_stack_lvl+0xe8/0x150
[  150.468582][ T4665]  sysfs_create_dir_ns+0x271/0x2a0
[  150.468601][ T4665]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  150.468618][ T4665]  ? do_raw_spin_unlock+0x4d/0x210
[  150.468637][ T4665]  kobject_add_internal+0x62b/0xd00
[  150.468694][ T4665]  kobject_add+0x163/0x240
[  150.468711][ T4665]  ? __pfx_kobject_add+0x10/0x10
[  150.468725][ T4665]  ? _raw_spin_unlock+0x28/0x50
[  150.468743][ T4665]  ? get_device_parent+0x366/0x3a0
[  150.468761][ T4665]  device_add+0x408/0xb70
[  150.468782][ T4665]  hci_conn_add_sysfs+0xd5/0x210
[  150.468803][ T4665]  le_conn_complete_evt+0xf1d/0x1430
[  150.468824][ T4665]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  150.468836][ T4665]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  150.468855][ T4665]  ? __pfx___mutex_lock+0x10/0x10
[  150.468872][ T4665]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  150.468889][ T4665]  ? skb_pull_data+0xfb/0x200
[  150.468910][ T4665]  hci_le_enh_conn_complete_evt+0x189/0x490
[  150.468925][ T4665]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  150.468941][ T4665]  hci_event_packet+0x7af/0x12c0
[  150.468964][ T4665]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  150.468978][ T4665]  ? __pfx_hci_event_packet+0x10/0x10
[  150.469000][ T4665]  ? kcov_remote_start+0x49a/0x7a0
[  150.469018][ T4665]  ? hci_send_to_monitor+0xe2/0x590
[  150.469032][ T4665]  hci_rx_work+0x3ee/0x1030
[  150.469053][ T4665]  ? process_scheduled_works+0xa25/0x1830
[  150.469079][ T4665]  process_scheduled_works+0xb02/0x1830
[  150.469114][ T4665]  ? __pfx_process_scheduled_works+0x10/0x10
[  150.469142][ T4665]  ? assign_work+0x3d5/0x5e0
[  150.469165][ T4665]  worker_thread+0xa50/0xfc0
[  150.469210][ T4665]  kthread+0x388/0x470
[  150.469226][ T4665]  ? __pfx_worker_thread+0x10/0x10
[  150.469240][ T4665]  ? __pfx_kthread+0x10/0x10
[  150.469253][ T4665]  ret_from_fork+0x51e/0xb90
[  150.469276][ T4665]  ? __pfx_ret_from_fork+0x10/0x10
[  150.469294][ T4665]  ? __switch_to+0xc7d/0x1450
[  150.469315][ T4665]  ? __pfx_kthread+0x10/0x10
[  150.469331][ T4665]  ret_from_fork_asm+0x1a/0x30
[  150.469369][ T4665]  </TASK>
[  150.469401][ T4665] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  150.592950][ T4665] Bluetooth: hci0: failed to register connection device
[  150.598446][ T4665] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  150.602641][ T4665] CPU: 0 UID: 0 PID: 4665 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full) 
[  150.602663][ T4665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  150.602673][ T4665] Workqueue: hci0 hci_rx_work
[  150.602699][ T4665] Call Trace:
[  150.602706][ T4665]  <TASK>
[  150.602713][ T4665]  dump_stack_lvl+0xe8/0x150
[  150.602736][ T4665]  sysfs_create_dir_ns+0x271/0x2a0
[  150.602757][ T4665]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  150.602774][ T4665]  ? do_raw_spin_unlock+0x4d/0x210
[  150.602792][ T4665]  kobject_add_internal+0x62b/0xd00
[  150.602813][ T4665]  kobject_add+0x163/0x240
[  150.602829][ T4665]  ? __pfx_kobject_add+0x10/0x10
[  150.602846][ T4665]  ? _raw_spin_unlock+0x28/0x50
[  150.602863][ T4665]  ? get_device_parent+0x366/0x3a0
[  150.602892][ T4665]  device_add+0x408/0xb70
[  150.602914][ T4665]  hci_conn_add_sysfs+0xd5/0x210
[  150.602936][ T4665]  le_conn_complete_evt+0xf1d/0x1430
[  150.602960][ T4665]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  150.602972][ T4665]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  150.602991][ T4665]  ? __pfx___mutex_lock+0x10/0x10
[  150.603010][ T4665]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  150.603023][ T4665]  ? skb_pull_data+0xfb/0x200
[  150.603043][ T4665]  hci_le_enh_conn_complete_evt+0x189/0x490
[  150.603068][ T4665]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  150.603086][ T4665]  hci_event_packet+0x7af/0x12c0
[  150.603107][ T4665]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  150.603115][ T4665]  ? __pfx_hci_event_packet+0x10/0x10
[  150.603127][ T4665]  ? kcov_remote_start+0x49a/0x7a0
[  150.603141][ T4665]  ? hci_send_to_monitor+0xe2/0x590
[  150.603154][ T4665]  hci_rx_work+0x3ee/0x1030
[  150.603176][ T4665]  ? process_scheduled_works+0xa25/0x1830
[  150.603192][ T4665]  process_scheduled_works+0xb02/0x1830
[  150.603224][ T4665]  ? __pfx_process_scheduled_works+0x10/0x10
[  150.603243][ T4665]  ? assign_work+0x3d5/0x5e0
[  150.603259][ T4665]  worker_thread+0xa50/0xfc0
[  150.603290][ T4665]  kthread+0x388/0x470
[  150.603303][ T4665]  ? __pfx_worker_thread+0x10/0x10
[  150.603316][ T4665]  ? __pfx_kthread+0x10/0x10
[  150.603327][ T4665]  ret_from_fork+0x51e/0xb90
[  150.603339][ T4665]  ? __pfx_ret_from_fork+0x10/0x10
[  150.603347][ T4665]  ? __switch_to+0xc7d/0x1450
[  150.603357][ T4665]  ? __pfx_kthread+0x10/0x10
[  150.603368][ T4665]  ret_from_fork_asm+0x1a/0x30
[  150.603392][ T4665]  </TASK>
[  150.603418][ T4665] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  150.737083][ T4665] Bluetooth: hci0: failed to register connection device
[  150.743857][ T4665] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  150.748634][ T4665] CPU: 0 UID: 0 PID: 4665 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full) 
[  150.748685][ T4665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  150.748694][ T4665] Workqueue: hci0 hci_rx_work
[  150.748724][ T4665] Call Trace:
[  150.748729][ T4665]  <TASK>
[  150.748735][ T4665]  dump_stack_lvl+0xe8/0x150
[  150.748755][ T4665]  sysfs_create_dir_ns+0x271/0x2a0
[  150.748776][ T4665]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  150.748794][ T4665]  ? do_raw_spin_unlock+0x4d/0x210
[  150.748812][ T4665]  kobject_add_internal+0x62b/0xd00
[  150.748833][ T4665]  kobject_add+0x163/0x240
[  150.748849][ T4665]  ? __pfx_kobject_add+0x10/0x10
[  150.748861][ T4665]  ? _raw_spin_unlock+0x28/0x50
[  150.748878][ T4665]  ? get_device_parent+0x366/0x3a0
[  150.748899][ T4665]  device_add+0x408/0xb70
[  150.748919][ T4665]  hci_conn_add_sysfs+0xd5/0x210
[  150.748941][ T4665]  le_conn_complete_evt+0xf1d/0x1430
[  150.748962][ T4665]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  150.748974][ T4665]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  150.748994][ T4665]  ? __pfx___mutex_lock+0x10/0x10
[  150.749012][ T4665]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  150.749028][ T4665]  ? skb_pull_data+0xfb/0x200
[  150.749058][ T4665]  hci_le_enh_conn_complete_evt+0x189/0x490
[  150.749075][ T4665]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  150.749094][ T4665]  hci_event_packet+0x7af/0x12c0
[  150.749117][ T4665]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  150.749133][ T4665]  ? __pfx_hci_event_packet+0x10/0x10
[  150.749153][ T4665]  ? kcov_remote_start+0x49a/0x7a0
[  150.749172][ T4665]  ? hci_send_to_monitor+0xe2/0x590
[  150.749188][ T4665]  hci_rx_work+0x3ee/0x1030
[  150.749211][ T4665]  ? process_scheduled_works+0xa25/0x1830
[  150.749228][ T4665]  process_scheduled_works+0xb02/0x1830
[  150.749261][ T4665]  ? __pfx_process_scheduled_works+0x10/0x10
[  150.749280][ T4665]  ? assign_work+0x3d5/0x5e0
[  150.749298][ T4665]  worker_thread+0xa50/0xfc0
[  150.749330][ T4665]  kthread+0x388/0x470
[  150.749343][ T4665]  ? __pfx_worker_thread+0x10/0x10
[  150.749357][ T4665]  ? __pfx_kthread+0x10/0x10
[  150.749369][ T4665]  ret_from_fork+0x51e/0xb90
[  150.749386][ T4665]  ? __pfx_ret_from_fork+0x10/0x10
[  150.749399][ T4665]  ? __switch_to+0xc7d/0x1450
[  150.749415][ T4665]  ? __pfx_kthread+0x10/0x10
[  150.749427][ T4665]  ret_from_fork_asm+0x1a/0x30
[  150.749457][ T4665]  </TASK>
[  150.749479][ T4665] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  150.875821][ T4665] Bluetooth: hci0: failed to register connection device
[  150.881479][ T4665] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  150.887836][ T4665] CPU: 0 UID: 0 PID: 4665 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full) 
[  150.887872][ T4665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  150.887882][ T4665] Workqueue: hci0 hci_rx_work
[  150.887912][ T4665] Call Trace:
[  150.887919][ T4665]  <TASK>
[  150.887926][ T4665]  dump_stack_lvl+0xe8/0x150
[  150.887950][ T4665]  sysfs_create_dir_ns+0x271/0x2a0
[  150.887970][ T4665]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  150.887987][ T4665]  ? do_raw_spin_unlock+0x4d/0x210
[  150.888003][ T4665]  kobject_add_internal+0x62b/0xd00
[  150.888020][ T4665]  kobject_add+0x163/0x240
[  150.888034][ T4665]  ? __pfx_kobject_add+0x10/0x10
[  150.888046][ T4665]  ? _raw_spin_unlock+0x28/0x50
[  150.888065][ T4665]  ? get_device_parent+0x366/0x3a0
[  150.888082][ T4665]  device_add+0x408/0xb70
[  150.888101][ T4665]  hci_conn_add_sysfs+0xd5/0x210
[  150.888124][ T4665]  le_conn_complete_evt+0xf1d/0x1430
[  150.888146][ T4665]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  150.888156][ T4665]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  150.888176][ T4665]  ? __pfx___mutex_lock+0x10/0x10
[  150.888207][ T4665]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  150.888225][ T4665]  ? skb_pull_data+0xfb/0x200
[  150.888251][ T4665]  hci_le_enh_conn_complete_evt+0x189/0x490
[  150.888265][ T4665]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  150.888280][ T4665]  hci_event_packet+0x7af/0x12c0
[  150.888298][ T4665]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  150.888311][ T4665]  ? __pfx_hci_event_packet+0x10/0x10
[  150.888330][ T4665]  ? kcov_remote_start+0x49a/0x7a0
[  150.888348][ T4665]  ? hci_send_to_monitor+0xe2/0x590
[  150.888363][ T4665]  hci_rx_work+0x3ee/0x1030
[  150.888385][ T4665]  ? process_scheduled_works+0xa25/0x1830
[  150.888402][ T4665]  process_scheduled_works+0xb02/0x1830
[  150.888428][ T4665]  ? __pfx_process_scheduled_works+0x10/0x10
[  150.888441][ T4665]  ? assign_work+0x3d5/0x5e0
[  150.888451][ T4665]  worker_thread+0xa50/0xfc0
[  150.888475][ T4665]  kthread+0x388/0x470
[  150.888487][ T4665]  ? __pfx_worker_thread+0x10/0x10
[  150.888501][ T4665]  ? __pfx_kthread+0x10/0x10
[  150.888512][ T4665]  ret_from_fork+0x51e/0xb90
[  150.888529][ T4665]  ? __pfx_ret_from_fork+0x10/0x10
[  150.888542][ T4665]  ? __switch_to+0xc7d/0x1450
[  150.888556][ T4665]  ? __pfx_kthread+0x10/0x10
[  150.888566][ T4665]  ret_from_fork_asm+0x1a/0x30
[  150.888593][ T4665]  </TASK>
[  150.888616][ T4665] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  151.017774][ T5339] ------------[ cut here ]------------
[  151.020272][ T5339] workqueue: cannot queue hci_rx_work on wq hci0
[  151.023364][ T5339] WARNING: kernel/workqueue.c:2271 at __queue_work+0xd53/0x1020, CPU#0: syz.0.0/5339
[  151.027644][ T5339] Modules linked in:
[  151.030129][ T5339] CPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  151.034571][ T5339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  151.039888][ T5339] RIP: 0010:__queue_work+0xd7e/0x1020
[  151.042856][ T5339] Code: 83 c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 93 21 a4 00 49 8b 75 00 49 81 c7 78 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc
[  151.051342][ T5339] RSP: 0018:ffffc9000ec87b20 EFLAGS: 00010086
[  151.054182][ T5339] RAX: 1ffff11007a8097b RBX: 0000000000000008 RCX: ffff88800095c980
[  151.058362][ T5339] RDX: ffff888011b54978 RSI: ffffffff8aa0cb90 RDI: ffffffff9014a590
[  151.062510][ T5339] RBP: 0000000000000000 R08: ffff88803d404bc7 R09: 1ffff11007a80978
[  151.066015][ T5339] R10: dffffc0000000000 R11: ffffed1007a80979 R12: dffffc0000000000
[  151.069626][ T5339] R13: ffff88803d404bd8 R14: ffffffff9014a590 R15: ffff888011b54978
[  151.073778][ T5339] FS:  00007f7df5aca6c0(0000) GS:ffff88808ca57000(0000) knlGS:0000000000000000
[  151.078441][ T5339] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  151.081538][ T5339] CR2: 00007f7df5aa8fe8 CR3: 0000000036dc2000 CR4: 0000000000352ef0
[  151.085483][ T5339] Call Trace:
[  151.087375][ T5339]  <TASK>
[  151.089038][ T5339]  ? rcu_is_watching+0x15/0xb0
[  151.091380][ T5339]  queue_work_on+0x106/0x1d0
[  151.093526][ T5339]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  151.096266][ T5339]  hci_recv_frame+0x625/0x7c0
[  151.098791][ T5339]  ? skb_pull+0xc1/0x1d0
[  151.101347][ T5339]  vhci_write+0x358/0x4a0
[  151.103936][ T5339]  vfs_write+0x61d/0xb90
[  151.105840][ T5339]  ? __pfx_vfs_write+0x10/0x10
[  151.107776][ T5339]  ? __fget_files+0x2a/0x420
[  151.110183][ T5339]  ksys_write+0x150/0x270
[  151.112204][ T5339]  ? __pfx_ksys_write+0x10/0x10
[  151.114858][ T5339]  do_syscall_64+0x14d/0xf80
[  151.117126][ T5339]  ? trace_irq_disable+0x3b/0x150
[  151.119701][ T5339]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.122834][ T5339]  ? clear_bhb_loop+0x40/0x90
[  151.125291][ T5339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.128390][ T5339] RIP: 0033:0x7f7df4b5cfce
[  151.131076][ T5339] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  151.139964][ T5339] RSP: 002b:00007f7df5ac9f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  151.144505][ T5339] RAX: ffffffffffffffda RBX: 00007f7df5aca6c0 RCX: 00007f7df4b5cfce
[  151.149211][ T5339] RDX: 000000000000000e RSI: 0000200000000300 RDI: 00000000000000ca
[  151.153078][ T5339] RBP: 00007f7df4c32bd9 R08: 0000000000000000 R09: 0000000000000000
[  151.156579][ T5339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  151.160042][ T5339] R13: 00007f7df4e16128 R14: 00007f7df4e16090 R15: 00007ffecf586608
[  151.163588][ T5339]  </TASK>
[  151.165295][ T5339] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  151.169340][ T5339] CPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  151.173579][ T5339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  151.178115][ T5339] Call Trace:
[  151.179698][ T5339]  <TASK>
[  151.181502][ T5339]  vpanic+0x56c/0xa60
[  151.183996][ T5339]  ? __pfx__printk+0x10/0x10
[  151.186547][ T5339]  ? __pfx_vpanic+0x10/0x10
[  151.188667][ T5339]  ? is_bpf_text_address+0x292/0x2b0
[  151.191113][ T5339]  ? is_bpf_text_address+0x26/0x2b0
[  151.193575][ T5339]  panic+0xc5/0xd0
[  151.195363][ T5339]  ? __pfx_panic+0x10/0x10
[  151.197720][ T5339]  __warn+0x315/0x4f0
[  151.200271][ T5339]  ? __queue_work+0xd53/0x1020
[  151.202794][ T5339]  ? __queue_work+0xd53/0x1020
[  151.205296][ T5339]  __report_bug+0x29a/0x540
[  151.207445][ T5339]  ? __queue_work+0xd53/0x1020
[  151.209661][ T5339]  ? __pfx___report_bug+0x10/0x10
[  151.212076][ T5339]  ? __pfx_hci_rx_work+0x10/0x10
[  151.214303][ T5339]  ? do_syscall_64+0x14d/0xf80
[  151.216447][ T5339]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.219733][ T5339]  report_bug_entry+0x19a/0x290
[  151.222617][ T5339]  ? __queue_work+0xd7e/0x1020
[  151.225148][ T5339]  ? __queue_work+0xd83/0x1020
[  151.227524][ T5339]  handle_bug+0xce/0x200
[  151.229427][ T5339]  exc_invalid_op+0x1a/0x50
[  151.231799][ T5339]  asm_exc_invalid_op+0x1a/0x20
[  151.234114][ T5339] RIP: 0010:__queue_work+0xd7e/0x1020
[  151.236966][ T5339] Code: 83 c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 93 21 a4 00 49 8b 75 00 49 81 c7 78 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc
[  151.246574][ T5339] RSP: 0018:ffffc9000ec87b20 EFLAGS: 00010086
[  151.249324][ T5339] RAX: 1ffff11007a8097b RBX: 0000000000000008 RCX: ffff88800095c980
[  151.253364][ T5339] RDX: ffff888011b54978 RSI: ffffffff8aa0cb90 RDI: ffffffff9014a590
[  151.257378][ T5339] RBP: 0000000000000000 R08: ffff88803d404bc7 R09: 1ffff11007a80978
[  151.261148][ T5339] R10: dffffc0000000000 R11: ffffed1007a80979 R12: dffffc0000000000
[  151.265504][ T5339] R13: ffff88803d404bd8 R14: ffffffff9014a590 R15: ffff888011b54978
[  151.269639][ T5339]  ? __pfx_hci_rx_work+0x10/0x10
[  151.272389][ T5339]  ? rcu_is_watching+0x15/0xb0
[  151.275234][ T5339]  queue_work_on+0x106/0x1d0
[  151.278660][ T5339]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  151.282615][ T5339]  hci_recv_frame+0x625/0x7c0
[  151.285135][ T5339]  ? skb_pull+0xc1/0x1d0
[  151.287471][ T5339]  vhci_write+0x358/0x4a0
[  151.289928][ T5339]  vfs_write+0x61d/0xb90
[  151.292030][ T5339]  ? __pfx_vfs_write+0x10/0x10
[  151.295014][ T5339]  ? __fget_files+0x2a/0x420
[  151.297901][ T5339]  ksys_write+0x150/0x270
[  151.300002][ T5339]  ? __pfx_ksys_write+0x10/0x10
[  151.302266][ T5339]  do_syscall_64+0x14d/0xf80
[  151.304490][ T5339]  ? trace_irq_disable+0x3b/0x150
[  151.306797][ T5339]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.309950][ T5339]  ? clear_bhb_loop+0x40/0x90
[  151.312816][ T5339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.316377][ T5339] RIP: 0033:0x7f7df4b5cfce
[  151.318422][ T5339] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  151.326891][ T5339] RSP: 002b:00007f7df5ac9f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  151.330956][ T5339] RAX: ffffffffffffffda RBX: 00007f7df5aca6c0 RCX: 00007f7df4b5cfce
[  151.335749][ T5339] RDX: 000000000000000e RSI: 0000200000000300 RDI: 00000000000000ca
[  151.339720][ T5339] RBP: 00007f7df4c32bd9 R08: 0000000000000000 R09: 0000000000000000
[  151.343428][ T5339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  151.347511][ T5339] R13: 00007f7df4e16128 R14: 00007f7df4e16090 R15: 00007ffecf586608
[  151.352174][ T5339]  </TASK>
[  151.354332][ T5339] Kernel Offset: disabled
[  151.356480][ T5339] Rebooting in 86400 seconds..