program:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448cb, 0x0)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a"], 0x22)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="040b"], 0xe)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0402030c"], 0x7)
r1 = socket$packet(0x11, 0x2, 0x300)
sendmmsg$sock(r1, &(0x7f0000000800)=[{{&(0x7f00000005c0)=@qipcrtr={0x2a, 0x1}, 0x80, 0x0}}, {{&(0x7f0000000480)=@ax25={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x12, 0x0}}], 0x2, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="42a536962f7c16785f3a23f307d40fed73ca9a91c51186a8aa90da9a24c5c38f1539457280a97d71c0befd8e5ad9d868c595d289c523820edcc699bc7f3a65ab73f3c7858d95d1145826fa057e97f3264e2320f3d9c5c3f26addcd28"], 0x1, 0x1f4, &(0x7f00000004c0)="$eJzsks1rE0EYxn+zu0lXURokIorgV7H10Gaz1fhxUPBiUE9SoRYEQ5LWYOpHE9CEHiIIVbwIitgiHgSJiAfxHzAHT70piLda6LmHHrxIy8rszi6T/6CHeQ777Pv1vPO+M7cbDxoDwNbGfBkySDhk+SEEDnBIhC4qdsSu4quK0yp+yYq4p/if4q3T7ckpSAEFq7evckRk2JX9u7xKmcGbnH135fPPa7VXv/asf/gm8y9fb31FDFcG37/98uLi4u5QXtyYUjqidnSlYPcOLrlSCHi5Obmy6uwnq2ntdXGXn3Q/FZ794c3T19MIb8kFxr6PLp73Dj+3lGaj1b5Tqterc40Ljy3Ww1a/N+bL8ucWEARBEM4OFAE9R47/Ucs54MAEYBMkOXJ/0hgGcs3Z+7lGqz1amy3NVGeqd31/vOCd9LxTfm66Vq960VdoLdQGkXwCkNe0Q4vLnW6qnJ30Q2hHU3Gh16a1qxs51l9rabUxC3pJ7YDKkyuY4DhytQ87QvMOhSoO4UhFBDap0Mg72vmiXm4YGCvfgwUEIi7r4iQa+TVSieHrxviZTnzsBcVDiouKu4rXFMcvOn6pTqhgqfc80oE0j0rN5lxeLin6S3x+4vMzHX1hsmvG7h/unI2BgYGBgYGBgYGBgcG2wf8AAAD//9y2nHE=")
chdir(&(0x7f0000000100)='./file0\x00')
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
[ 85.235021][ T5332] ------------[ cut here ]------------
[ 85.237276][ T5332] workqueue: cannot queue hci_rx_work on wq hci0
[ 85.240010][ T5332] WARNING: kernel/workqueue.c:2298 at __queue_work+0xd3f/0x1040, CPU#0: syz.0.0/5332
[ 85.243881][ T5332] Modules linked in:
[ 85.245555][ T5332] CPU: 0 UID: 0 PID: 5332 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.249282][ T5332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 85.253255][ T5332] RIP: 0010:__queue_work+0xd67/0x1040
[ 85.255593][ T5332] Code: a6 0e 49 8d 7d 18 48 89 f8 48 c1 e8 03 42 80 3c 20 00 74 05 e8 ea 5d a5 00 49 8b 75 18 49 81 c7 70 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef
[ 85.263700][ T5332] RSP: 0018:ffffc9000c37fb08 EFLAGS: 00010082
[ 85.266289][ T5332] RAX: 1ffff11008073178 RBX: 0000000000000008 RCX: 0000000000100000
[ 85.269780][ T5332] RDX: ffff88804214b970 RSI: ffffffff8a9e1670 RDI: ffffffff9033e850
[ 85.273212][ T5332] RBP: 0000000000000000 R08: ffff888040398baf R09: 1ffff11008073175
[ 85.276538][ T5332] R10: dffffc0000000000 R11: ffffed1008073176 R12: dffffc0000000000
[ 85.279523][ T5332] R13: ffff888040398ba8 R14: ffffffff9033e850 R15: ffff88804214b970
[ 85.282761][ T5332] FS: 00007ff182f916c0(0000) GS:ffff88808c87f000(0000) knlGS:0000000000000000
[ 85.286790][ T5332] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 85.289563][ T5332] CR2: 00007ff18240c358 CR3: 0000000012200000 CR4: 0000000000352ef0
[ 85.292925][ T5332] Call Trace:
[ 85.294415][ T5332]
[ 85.295692][ T5332] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 85.297994][ T5332] ? rcu_is_watching+0x15/0xb0
[ 85.300088][ T5332] queue_work_on+0x106/0x1d0
[ 85.301982][ T5332] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 85.304472][ T5332] hci_recv_frame+0x625/0x7c0
[ 85.306468][ T5332] vhci_write+0x358/0x4a0
[ 85.308323][ T5332] vfs_write+0x61d/0xb90
[ 85.310087][ T5332] ? __pfx_vfs_write+0x10/0x10
[ 85.312050][ T5332] ? __fget_files+0x2a/0x420
[ 85.313981][ T5332] ksys_write+0x150/0x270
[ 85.315753][ T5332] ? __pfx_ksys_write+0x10/0x10
[ 85.317785][ T5332] ? __pfx_kcov_ioctl+0x10/0x10
[ 85.319892][ T5332] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.322470][ T5332] do_syscall_64+0x15f/0xf80
[ 85.324437][ T5332] ? trace_irq_disable+0x3b/0x140
[ 85.326498][ T5332] ? clear_bhb_loop+0x40/0x90
[ 85.328505][ T5332] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.331028][ T5332] RIP: 0033:0x7ff18215d68e
[ 85.333291][ T5332] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 85.342565][ T5332] RSP: 002b:00007ff182f90f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 85.345998][ T5332] RAX: ffffffffffffffda RBX: 00007ff182f916c0 RCX: 00007ff18215d68e
[ 85.349380][ T5332] RDX: 0000000000000022 RSI: 0000200000000540 RDI: 00000000000000ca
[ 85.352787][ T5332] RBP: 00007ff182232d6f R08: 0000000000000000 R09: 0000000000000000
[ 85.356239][ T5332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 85.359586][ T5332] R13: 00007ff182416128 R14: 00007ff182416090 R15: 00007fffa1b6dab8
[ 85.362951][ T5332]
[ 85.364568][ T5332] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 85.368283][ T5332] CPU: 0 UID: 0 PID: 5332 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.371914][ T5332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 85.375964][ T5332] Call Trace:
[ 85.377433][ T5332]
[ 85.378701][ T5332] vpanic+0x56c/0xa60
[ 85.380386][ T5332] ? __pfx__printk+0x10/0x10
[ 85.382380][ T5332] ? __pfx_vpanic+0x10/0x10
[ 85.384351][ T5332] ? is_bpf_text_address+0x292/0x2b0
[ 85.386521][ T5332] ? is_bpf_text_address+0x26/0x2b0
[ 85.388675][ T5332] panic+0xc5/0xd0
[ 85.390194][ T5332] ? __pfx_panic+0x10/0x10
[ 85.392076][ T5332] __warn+0x315/0x4c0
[ 85.393790][ T5332] ? __queue_work+0xd3f/0x1040
[ 85.395908][ T5332] ? __queue_work+0xd3f/0x1040
[ 85.397957][ T5332] __report_bug+0x29a/0x540
[ 85.399819][ T5332] ? finish_task_switch+0x41f/0xbe0
[ 85.402086][ T5332] ? __queue_work+0xd3f/0x1040
[ 85.404188][ T5332] ? __pfx___report_bug+0x10/0x10
[ 85.406446][ T5332] ? __schedule+0x1837/0x5740
[ 85.408453][ T5332] ? __pfx_hci_rx_work+0x10/0x10
[ 85.410499][ T5332] ? do_syscall_64+0x15f/0xf80
[ 85.412448][ T5332] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.414955][ T5332] report_bug_entry+0x19a/0x290
[ 85.417002][ T5332] ? __queue_work+0xd67/0x1040
[ 85.418913][ T5332] ? __queue_work+0xd6c/0x1040
[ 85.420982][ T5332] handle_bug+0xce/0x200
[ 85.422726][ T5332] exc_invalid_op+0x1a/0x50
[ 85.424683][ T5332] asm_exc_invalid_op+0x1a/0x20
[ 85.426699][ T5332] RIP: 0010:__queue_work+0xd67/0x1040
[ 85.428992][ T5332] Code: a6 0e 49 8d 7d 18 48 89 f8 48 c1 e8 03 42 80 3c 20 00 74 05 e8 ea 5d a5 00 49 8b 75 18 49 81 c7 70 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef
[ 85.436966][ T5332] RSP: 0018:ffffc9000c37fb08 EFLAGS: 00010082
[ 85.439550][ T5332] RAX: 1ffff11008073178 RBX: 0000000000000008 RCX: 0000000000100000
[ 85.442841][ T5332] RDX: ffff88804214b970 RSI: ffffffff8a9e1670 RDI: ffffffff9033e850
[ 85.446108][ T5332] RBP: 0000000000000000 R08: ffff888040398baf R09: 1ffff11008073175
[ 85.449559][ T5332] R10: dffffc0000000000 R11: ffffed1008073176 R12: dffffc0000000000
[ 85.452952][ T5332] R13: ffff888040398ba8 R14: ffffffff9033e850 R15: ffff88804214b970
[ 85.456543][ T5332] ? __pfx_hci_rx_work+0x10/0x10
[ 85.458649][ T5332] ? __queue_work+0xd2c/0x1040
[ 85.460652][ T5332] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 85.462820][ T5332] ? rcu_is_watching+0x15/0xb0
[ 85.464984][ T5332] queue_work_on+0x106/0x1d0
[ 85.467073][ T5332] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 85.469601][ T5332] hci_recv_frame+0x625/0x7c0
[ 85.471675][ T5332] vhci_write+0x358/0x4a0
[ 85.473648][ T5332] vfs_write+0x61d/0xb90
[ 85.475539][ T5332] ? __pfx_vfs_write+0x10/0x10
[ 85.477619][ T5332] ? __fget_files+0x2a/0x420
[ 85.479601][ T5332] ksys_write+0x150/0x270
[ 85.481372][ T5332] ? __pfx_ksys_write+0x10/0x10
[ 85.483372][ T5332] ? __pfx_kcov_ioctl+0x10/0x10
[ 85.485525][ T5332] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.487827][ T5332] do_syscall_64+0x15f/0xf80
[ 85.489593][ T5332] ? trace_irq_disable+0x3b/0x140
[ 85.491601][ T5332] ? clear_bhb_loop+0x40/0x90
[ 85.493514][ T5332] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.496030][ T5332] RIP: 0033:0x7ff18215d68e
[ 85.498001][ T5332] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 85.506051][ T5332] RSP: 002b:00007ff182f90f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 85.509390][ T5332] RAX: ffffffffffffffda RBX: 00007ff182f916c0 RCX: 00007ff18215d68e
[ 85.512757][ T5332] RDX: 0000000000000022 RSI: 0000200000000540 RDI: 00000000000000ca
[ 85.515938][ T5332] RBP: 00007ff182232d6f R08: 0000000000000000 R09: 0000000000000000
[ 85.519177][ T5332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 85.522418][ T5332] R13: 00007ff182416128 R14: 00007ff182416090 R15: 00007fffa1b6dab8
[ 85.525838][ T5332]
[ 85.527517][ T5332] Kernel Offset: disabled
[ 85.529364][ T5332] Rebooting in 86400 seconds..