program:
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(0xffffffffffffffff, 0x0)
close(0x3)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="02c82028002400010007d3040007c4faff020c04000300d3"], 0x2d)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448ca, 0x0) (fail_nth: 9)

[   86.388891][ T5322] ------------[ cut here ]------------
[   86.391376][ T5322] workqueue: cannot queue hci_tx_work on wq hci0
[   86.394024][ T5322] WARNING: kernel/workqueue.c:2298 at __queue_work+0xd1f/0xfc0, CPU#0: kworker/0:5/5322
[   86.398151][ T5322] Modules linked in:
[   86.399873][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: kworker/0:5 Not tainted syzkaller #0 PREEMPT(full) 
[   86.403991][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   86.408947][ T5322] Workqueue: events l2cap_info_timeout
[   86.410910][ T5322] RIP: 0010:__queue_work+0xd4a/0xfc0
[   86.412821][ T5322] Code: 83 c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 17 4d a5 00 49 8b 75 00 49 81 c7 70 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc
[   86.419567][ T5322] RSP: 0018:ffffc90003d1f838 EFLAGS: 00010082
[   86.422004][ T5322] RAX: 1ffff11007f4a18a RBX: 0000000000000008 RCX: ffff888000762500
[   86.426046][ T5322] RDX: ffff88803dedc970 RSI: ffffffff8aaa50f0 RDI: ffffffff9036a0f0
[   86.429862][ T5322] RBP: 0000000000000020 R08: ffff88803fa50c3f R09: 1ffff11007f4a187
[   86.433318][ T5322] R10: dffffc0000000000 R11: ffffed1007f4a188 R12: dffffc0000000000
[   86.436728][ T5322] R13: ffff88803fa50c50 R14: ffffffff9036a0f0 R15: ffff88803dedc970
[   86.440428][ T5322] FS:  0000000000000000(0000) GS:ffff88808c808000(0000) knlGS:0000000000000000
[   86.445113][ T5322] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   86.448390][ T5322] CR2: 000055f3e7815660 CR3: 0000000042e99000 CR4: 0000000000352ef0
[   86.452050][ T5322] Call Trace:
[   86.453677][ T5322]  <TASK>
[   86.454944][ T5322]  ? hci_send_acl+0x96b/0xe60
[   86.457052][ T5322]  ? rcu_is_watching+0x15/0xb0
[   86.459305][ T5322]  queue_work_on+0x106/0x1d0
[   86.461539][ T5322]  l2cap_conn_start+0x5c9/0xf20
[   86.464447][ T5322]  ? __pfx_l2cap_conn_start+0x10/0x10
[   86.467607][ T5322]  l2cap_info_timeout+0x68/0xa0
[   86.470087][ T5322]  ? process_scheduled_works+0xa70/0x1860
[   86.472789][ T5322]  process_scheduled_works+0xb5d/0x1860
[   86.475390][ T5322]  ? __pfx_process_scheduled_works+0x10/0x10
[   86.478267][ T5322]  ? assign_work+0x3d5/0x5e0
[   86.480470][ T5322]  worker_thread+0xa53/0xfc0
[   86.482773][ T5322]  kthread+0x388/0x470
[   86.484944][ T5322]  ? __pfx_worker_thread+0x10/0x10
[   86.487688][ T5322]  ? __pfx_kthread+0x10/0x10
[   86.490319][ T5322]  ret_from_fork+0x514/0xb70
[   86.492348][ T5322]  ? __pfx_ret_from_fork+0x10/0x10
[   86.494225][ T5322]  ? __switch_to+0xc79/0x1410
[   86.496298][ T5322]  ? __pfx_kthread+0x10/0x10
[   86.498428][ T5322]  ret_from_fork_asm+0x1a/0x30
[   86.500760][ T5322]  </TASK>
[   86.502314][ T5322] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   86.506292][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: kworker/0:5 Not tainted syzkaller #0 PREEMPT(full) 
[   86.510117][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   86.514027][ T5322] Workqueue: events l2cap_info_timeout
[   86.516313][ T5322] Call Trace:
[   86.517985][ T5322]  <TASK>
[   86.519563][ T5322]  vpanic+0x56c/0xa60
[   86.521666][ T5322]  ? __pfx__printk+0x10/0x10
[   86.523781][ T5322]  ? __pfx_vpanic+0x10/0x10
[   86.525813][ T5322]  ? is_bpf_text_address+0x292/0x2b0
[   86.528705][ T5322]  ? is_bpf_text_address+0x26/0x2b0
[   86.531909][ T5322]  panic+0xc5/0xd0
[   86.533957][ T5322]  ? __pfx_panic+0x10/0x10
[   86.536278][ T5322]  ? ret_from_fork_asm+0x1a/0x30
[   86.538274][ T5322]  __warn+0x315/0x4c0
[   86.539890][ T5322]  ? __queue_work+0xd1f/0xfc0
[   86.541831][ T5322]  ? __queue_work+0xd1f/0xfc0
[   86.543950][ T5322]  __report_bug+0x29a/0x540
[   86.546118][ T5322]  ? add_lock_to_list+0xc7/0x100
[   86.548555][ T5322]  ? __queue_work+0xd1f/0xfc0
[   86.551236][ T5322]  ? __pfx___report_bug+0x10/0x10
[   86.554154][ T5322]  ? __pfx_hci_tx_work+0x10/0x10
[   86.556561][ T5322]  report_bug_entry+0x19a/0x290
[   86.558778][ T5322]  ? __queue_work+0xd4a/0xfc0
[   86.560927][ T5322]  ? __queue_work+0xd4f/0xfc0
[   86.563112][ T5322]  handle_bug+0xce/0x200
[   86.565377][ T5322]  exc_invalid_op+0x1a/0x50
[   86.567727][ T5322]  asm_exc_invalid_op+0x1a/0x20
[   86.570114][ T5322] RIP: 0010:__queue_work+0xd4a/0xfc0
[   86.572827][ T5322] Code: 83 c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 17 4d a5 00 49 8b 75 00 49 81 c7 70 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc
[   86.581446][ T5322] RSP: 0018:ffffc90003d1f838 EFLAGS: 00010082
[   86.584650][ T5322] RAX: 1ffff11007f4a18a RBX: 0000000000000008 RCX: ffff888000762500
[   86.588133][ T5322] RDX: ffff88803dedc970 RSI: ffffffff8aaa50f0 RDI: ffffffff9036a0f0
[   86.591249][ T5322] RBP: 0000000000000020 R08: ffff88803fa50c3f R09: 1ffff11007f4a187
[   86.594540][ T5322] R10: dffffc0000000000 R11: ffffed1007f4a188 R12: dffffc0000000000
[   86.598851][ T5322] R13: ffff88803fa50c50 R14: ffffffff9036a0f0 R15: ffff88803dedc970
[   86.603148][ T5322]  ? __pfx_hci_tx_work+0x10/0x10
[   86.605486][ T5322]  ? __queue_work+0xf74/0xfc0
[   86.607747][ T5322]  ? hci_send_acl+0x96b/0xe60
[   86.609589][ T5322]  ? rcu_is_watching+0x15/0xb0
[   86.611618][ T5322]  queue_work_on+0x106/0x1d0
[   86.613625][ T5322]  l2cap_conn_start+0x5c9/0xf20
[   86.615802][ T5322]  ? __pfx_l2cap_conn_start+0x10/0x10
[   86.618583][ T5322]  l2cap_info_timeout+0x68/0xa0
[   86.621640][ T5322]  ? process_scheduled_works+0xa70/0x1860
[   86.624571][ T5322]  process_scheduled_works+0xb5d/0x1860
[   86.627039][ T5322]  ? __pfx_process_scheduled_works+0x10/0x10
[   86.629576][ T5322]  ? assign_work+0x3d5/0x5e0
[   86.631501][ T5322]  worker_thread+0xa53/0xfc0
[   86.633634][ T5322]  kthread+0x388/0x470
[   86.635317][ T5322]  ? __pfx_worker_thread+0x10/0x10
[   86.637535][ T5322]  ? __pfx_kthread+0x10/0x10
[   86.639828][ T5322]  ret_from_fork+0x514/0xb70
[   86.641965][ T5322]  ? __pfx_ret_from_fork+0x10/0x10
[   86.644092][ T5322]  ? __switch_to+0xc79/0x1410
[   86.646004][ T5322]  ? __pfx_kthread+0x10/0x10
[   86.648016][ T5322]  ret_from_fork_asm+0x1a/0x30
[   86.650562][ T5322]  </TASK>
[   86.652495][ T5322] Kernel Offset: disabled
[   86.654912][ T5322] Rebooting in 86400 seconds..