program:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448cb, 0x0) (async)
landlock_create_ruleset(&(0x7f0000000100)={0x0, 0x3, 0x3}, 0x18, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e1301"], 0x16) (async, rerun: 64)
syz_usb_connect(0x0, 0x0, 0x0, 0x0) (rerun: 64)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x2, 0x1a}, @l2cap_cid_le_signaling={{0x16}, @l2cap_ecred_reconf_req={{0x19, 0x40, 0x12}, {0x1000, 0x7, [0x2, 0x1, 0x9, 0x2, 0x5, 0x2, 0x21]}}}}, 0x1f) (async, rerun: 64)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40040, 0x0) (rerun: 64)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0402030c"], 0x7)
[ 84.555812][ T4682] Bluetooth: hci0: command tx timeout
[ 84.623158][ T4682] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[ 84.627403][ T4682] CPU: 0 UID: 0 PID: 4682 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full)
[ 84.627423][ T4682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.627431][ T4682] Workqueue: hci0 hci_rx_work
[ 84.627577][ T4682] Call Trace:
[ 84.627585][ T4682]
[ 84.627591][ T4682] dump_stack_lvl+0xe8/0x150
[ 84.627610][ T4682] sysfs_create_dir_ns+0x259/0x280
[ 84.627657][ T4682] ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 84.627674][ T4682] ? do_raw_spin_unlock+0x4d/0x240
[ 84.627691][ T4682] kobject_add_internal+0x6ab/0xcc0
[ 84.627741][ T4682] kobject_add+0x155/0x220
[ 84.627756][ T4682] ? __pfx_kobject_add+0x10/0x10
[ 84.627770][ T4682] ? _raw_spin_unlock+0x28/0x50
[ 84.627789][ T4682] ? get_device_parent+0x366/0x3a0
[ 84.627824][ T4682] device_add+0x408/0xb80
[ 84.627844][ T4682] hci_conn_add_sysfs+0xd5/0x210
[ 84.627864][ T4682] le_conn_complete_evt+0xf1d/0x1420
[ 84.627886][ T4682] ? __pfx_le_conn_complete_evt+0x10/0x10
[ 84.627897][ T4682] ? __mutex_unlock_slowpath+0x1a1/0x730
[ 84.627914][ T4682] ? __asan_memcpy+0x40/0x70
[ 84.627935][ T4682] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 84.627946][ T4682] ? skb_pull_data+0xfb/0x200
[ 84.627965][ T4682] hci_le_conn_complete_evt+0x187/0x480
[ 84.627982][ T4682] hci_event_packet+0x78f/0x1260
[ 84.627995][ T4682] ? __pfx_hci_le_meta_evt+0x10/0x10
[ 84.628009][ T4682] ? __pfx_hci_event_packet+0x10/0x10
[ 84.628023][ T4682] ? kcov_remote_start+0x49b/0x7a0
[ 84.628040][ T4682] ? hci_send_to_monitor+0xe2/0x590
[ 84.628056][ T4682] hci_rx_work+0x3ee/0x1060
[ 84.628072][ T4682] ? process_scheduled_works+0x9ef/0x1770
[ 84.628085][ T4682] process_scheduled_works+0xad1/0x1770
[ 84.628113][ T4682] ? __pfx_process_scheduled_works+0x10/0x10
[ 84.628125][ T4682] ? do_raw_spin_lock+0x121/0x290
[ 84.628151][ T4682] worker_thread+0x8a0/0xda0
[ 84.628178][ T4682] kthread+0x711/0x8a0
[ 84.628195][ T4682] ? __pfx_worker_thread+0x10/0x10
[ 84.628206][ T4682] ? __pfx_kthread+0x10/0x10
[ 84.628221][ T4682] ? _raw_spin_unlock_irq+0x23/0x50
[ 84.628236][ T4682] ? __pfx_kthread+0x10/0x10
[ 84.628250][ T4682] ret_from_fork+0x510/0xa50
[ 84.628262][ T4682] ? __pfx_ret_from_fork+0x10/0x10
[ 84.628273][ T4682] ? __switch_to+0xc9e/0x1480
[ 84.628290][ T4682] ? __pfx_kthread+0x10/0x10
[ 84.628304][ T4682] ret_from_fork_asm+0x1a/0x30
[ 84.628331][ T4682]
[ 84.733162][ T4682] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[ 84.740351][ T4682] Bluetooth: hci0: failed to register connection device
[ 84.744800][ T4682] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[ 84.748800][ T4682] CPU: 0 UID: 0 PID: 4682 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full)
[ 84.748816][ T4682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.748823][ T4682] Workqueue: hci0 hci_rx_work
[ 84.748840][ T4682] Call Trace:
[ 84.748845][ T4682]
[ 84.748851][ T4682] dump_stack_lvl+0xe8/0x150
[ 84.748868][ T4682] sysfs_create_dir_ns+0x259/0x280
[ 84.748884][ T4682] ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 84.748895][ T4682] ? do_raw_spin_unlock+0x4d/0x240
[ 84.748906][ T4682] kobject_add_internal+0x6ab/0xcc0
[ 84.748918][ T4682] kobject_add+0x155/0x220
[ 84.748928][ T4682] ? __pfx_kobject_add+0x10/0x10
[ 84.748936][ T4682] ? _raw_spin_unlock+0x28/0x50
[ 84.748946][ T4682] ? get_device_parent+0x366/0x3a0
[ 84.748957][ T4682] device_add+0x408/0xb80
[ 84.748967][ T4682] hci_conn_add_sysfs+0xd5/0x210
[ 84.748985][ T4682] le_conn_complete_evt+0xf1d/0x1420
[ 84.748998][ T4682] ? __pfx_le_conn_complete_evt+0x10/0x10
[ 84.749006][ T4682] ? __mutex_unlock_slowpath+0x1a1/0x730
[ 84.749013][ T4682] ? __asan_memcpy+0x40/0x70
[ 84.749024][ T4682] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 84.749031][ T4682] ? skb_pull_data+0xfb/0x200
[ 84.749046][ T4682] hci_le_conn_complete_evt+0x187/0x480
[ 84.749063][ T4682] hci_event_packet+0x78f/0x1260
[ 84.749074][ T4682] ? __pfx_hci_le_meta_evt+0x10/0x10
[ 84.749088][ T4682] ? __pfx_hci_event_packet+0x10/0x10
[ 84.749102][ T4682] ? kcov_remote_start+0x49b/0x7a0
[ 84.749117][ T4682] ? hci_send_to_monitor+0xe2/0x590
[ 84.749127][ T4682] hci_rx_work+0x3ee/0x1060
[ 84.749137][ T4682] ? process_scheduled_works+0x9ef/0x1770
[ 84.749146][ T4682] process_scheduled_works+0xad1/0x1770
[ 84.749162][ T4682] ? __pfx_process_scheduled_works+0x10/0x10
[ 84.749168][ T4682] ? do_raw_spin_lock+0x121/0x290
[ 84.749181][ T4682] worker_thread+0x8a0/0xda0
[ 84.749197][ T4682] kthread+0x711/0x8a0
[ 84.749206][ T4682] ? __pfx_worker_thread+0x10/0x10
[ 84.749212][ T4682] ? __pfx_kthread+0x10/0x10
[ 84.749221][ T4682] ? _raw_spin_unlock_irq+0x23/0x50
[ 84.749230][ T4682] ? __pfx_kthread+0x10/0x10
[ 84.749238][ T4682] ret_from_fork+0x510/0xa50
[ 84.749247][ T4682] ? __pfx_ret_from_fork+0x10/0x10
[ 84.749255][ T4682] ? __switch_to+0xc9e/0x1480
[ 84.749270][ T4682] ? __pfx_kthread+0x10/0x10
[ 84.749282][ T4682] ret_from_fork_asm+0x1a/0x30
[ 84.749305][ T4682]
[ 84.749319][ T4682] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[ 84.863082][ T4682] Bluetooth: hci0: failed to register connection device
[ 84.870268][ T4682] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[ 84.875642][ T4682] CPU: 0 UID: 0 PID: 4682 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full)
[ 84.875661][ T4682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.875669][ T4682] Workqueue: hci0 hci_rx_work
[ 84.875685][ T4682] Call Trace:
[ 84.875690][ T4682]
[ 84.875695][ T4682] dump_stack_lvl+0xe8/0x150
[ 84.875711][ T4682] sysfs_create_dir_ns+0x259/0x280
[ 84.875731][ T4682] ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 84.875767][ T4682] ? do_raw_spin_unlock+0x4d/0x240
[ 84.875782][ T4682] kobject_add_internal+0x6ab/0xcc0
[ 84.875793][ T4682] kobject_add+0x155/0x220
[ 84.875803][ T4682] ? __pfx_kobject_add+0x10/0x10
[ 84.875811][ T4682] ? _raw_spin_unlock+0x28/0x50
[ 84.875823][ T4682] ? get_device_parent+0x366/0x3a0
[ 84.875834][ T4682] device_add+0x408/0xb80
[ 84.875845][ T4682] hci_conn_add_sysfs+0xd5/0x210
[ 84.875856][ T4682] le_conn_complete_evt+0xf1d/0x1420
[ 84.875868][ T4682] ? __pfx_le_conn_complete_evt+0x10/0x10
[ 84.875877][ T4682] ? __mutex_unlock_slowpath+0x1a1/0x730
[ 84.875886][ T4682] ? __asan_memcpy+0x40/0x70
[ 84.875903][ T4682] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 84.875912][ T4682] ? skb_pull_data+0xfb/0x200
[ 84.875930][ T4682] hci_le_conn_complete_evt+0x187/0x480
[ 84.875948][ T4682] hci_event_packet+0x78f/0x1260
[ 84.875962][ T4682] ? __pfx_hci_le_meta_evt+0x10/0x10
[ 84.875979][ T4682] ? __pfx_hci_event_packet+0x10/0x10
[ 84.875988][ T4682] ? kcov_remote_start+0x49b/0x7a0
[ 84.876003][ T4682] ? hci_send_to_monitor+0xe2/0x590
[ 84.876017][ T4682] hci_rx_work+0x3ee/0x1060
[ 84.876030][ T4682] ? process_scheduled_works+0x9ef/0x1770
[ 84.876043][ T4682] process_scheduled_works+0xad1/0x1770
[ 84.876070][ T4682] ? __pfx_process_scheduled_works+0x10/0x10
[ 84.876079][ T4682] ? do_raw_spin_lock+0x121/0x290
[ 84.876102][ T4682] worker_thread+0x8a0/0xda0
[ 84.876130][ T4682] kthread+0x711/0x8a0
[ 84.876148][ T4682] ? __pfx_worker_thread+0x10/0x10
[ 84.876157][ T4682] ? __pfx_kthread+0x10/0x10
[ 84.876172][ T4682] ? _raw_spin_unlock_irq+0x23/0x50
[ 84.876185][ T4682] ? __pfx_kthread+0x10/0x10
[ 84.876197][ T4682] ret_from_fork+0x510/0xa50
[ 84.876212][ T4682] ? __pfx_ret_from_fork+0x10/0x10
[ 84.876221][ T4682] ? __switch_to+0xc9e/0x1480
[ 84.876240][ T4682] ? __pfx_kthread+0x10/0x10
[ 84.876255][ T4682] ret_from_fork_asm+0x1a/0x30
[ 84.876279][ T4682]
[ 84.876552][ T4682] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[ 84.995435][ T4682] Bluetooth: hci0: failed to register connection device
[ 84.999243][ T4682] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[ 85.003458][ T4682] CPU: 0 UID: 0 PID: 4682 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full)
[ 85.003478][ T4682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.003486][ T4682] Workqueue: hci0 hci_rx_work
[ 85.003504][ T4682] Call Trace:
[ 85.003511][ T4682]
[ 85.003518][ T4682] dump_stack_lvl+0xe8/0x150
[ 85.003537][ T4682] sysfs_create_dir_ns+0x259/0x280
[ 85.003556][ T4682] ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 85.003572][ T4682] ? do_raw_spin_unlock+0x4d/0x240
[ 85.003590][ T4682] kobject_add_internal+0x6ab/0xcc0
[ 85.003608][ T4682] kobject_add+0x155/0x220
[ 85.003623][ T4682] ? __pfx_kobject_add+0x10/0x10
[ 85.003635][ T4682] ? _raw_spin_unlock+0x28/0x50
[ 85.003651][ T4682] ? get_device_parent+0x366/0x3a0
[ 85.003668][ T4682] device_add+0x408/0xb80
[ 85.003685][ T4682] hci_conn_add_sysfs+0xd5/0x210
[ 85.003705][ T4682] le_conn_complete_evt+0xf1d/0x1420
[ 85.003723][ T4682] ? __pfx_le_conn_complete_evt+0x10/0x10
[ 85.003735][ T4682] ? __mutex_unlock_slowpath+0x1a1/0x730
[ 85.003745][ T4682] ? __asan_memcpy+0x40/0x70
[ 85.003761][ T4682] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 85.003770][ T4682] ? skb_pull_data+0xfb/0x200
[ 85.003786][ T4682] hci_le_conn_complete_evt+0x187/0x480
[ 85.003804][ T4682] hci_event_packet+0x78f/0x1260
[ 85.003819][ T4682] ? __pfx_hci_le_meta_evt+0x10/0x10
[ 85.003834][ T4682] ? __pfx_hci_event_packet+0x10/0x10
[ 85.003848][ T4682] ? kcov_remote_start+0x49b/0x7a0
[ 85.003863][ T4682] ? hci_send_to_monitor+0xe2/0x590
[ 85.003879][ T4682] hci_rx_work+0x3ee/0x1060
[ 85.003895][ T4682] ? process_scheduled_works+0x9ef/0x1770
[ 85.003908][ T4682] process_scheduled_works+0xad1/0x1770
[ 85.003933][ T4682] ? __pfx_process_scheduled_works+0x10/0x10
[ 85.003943][ T4682] ? do_raw_spin_lock+0x121/0x290
[ 85.003975][ T4682] worker_thread+0x8a0/0xda0
[ 85.004002][ T4682] kthread+0x711/0x8a0
[ 85.004017][ T4682] ? __pfx_worker_thread+0x10/0x10
[ 85.004027][ T4682] ? __pfx_kthread+0x10/0x10
[ 85.004042][ T4682] ? _raw_spin_unlock_irq+0x23/0x50
[ 85.004056][ T4682] ? __pfx_kthread+0x10/0x10
[ 85.004068][ T4682] ret_from_fork+0x510/0xa50
[ 85.004081][ T4682] ? __pfx_ret_from_fork+0x10/0x10
[ 85.004090][ T4682] ? __switch_to+0xc9e/0x1480
[ 85.004106][ T4682] ? __pfx_kthread+0x10/0x10
[ 85.004120][ T4682] ret_from_fork_asm+0x1a/0x30
[ 85.004145][ T4682]
[ 85.004169][ T4682] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[ 85.118352][ T4682] Bluetooth: hci0: failed to register connection device
[ 85.122384][ T4682] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[ 85.128586][ T4682] CPU: 0 UID: 0 PID: 4682 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full)
[ 85.128604][ T4682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.128612][ T4682] Workqueue: hci0 hci_rx_work
[ 85.128629][ T4682] Call Trace:
[ 85.128634][ T4682]
[ 85.128640][ T4682] dump_stack_lvl+0xe8/0x150
[ 85.128658][ T4682] sysfs_create_dir_ns+0x259/0x280
[ 85.128679][ T4682] ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 85.128696][ T4682] ? do_raw_spin_unlock+0x4d/0x240
[ 85.128714][ T4682] kobject_add_internal+0x6ab/0xcc0
[ 85.128732][ T4682] kobject_add+0x155/0x220
[ 85.128747][ T4682] ? __pfx_kobject_add+0x10/0x10
[ 85.128757][ T4682] ? _raw_spin_unlock+0x28/0x50
[ 85.128774][ T4682] ? get_device_parent+0x366/0x3a0
[ 85.128789][ T4682] device_add+0x408/0xb80
[ 85.128807][ T4682] hci_conn_add_sysfs+0xd5/0x210
[ 85.128824][ T4682] le_conn_complete_evt+0xf1d/0x1420
[ 85.128842][ T4682] ? __pfx_le_conn_complete_evt+0x10/0x10
[ 85.128853][ T4682] ? __mutex_unlock_slowpath+0x1a1/0x730
[ 85.128862][ T4682] ? __asan_memcpy+0x40/0x70
[ 85.128877][ T4682] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 85.128885][ T4682] ? skb_pull_data+0xfb/0x200
[ 85.128898][ T4682] hci_le_conn_complete_evt+0x187/0x480
[ 85.128915][ T4682] hci_event_packet+0x78f/0x1260
[ 85.128928][ T4682] ? __pfx_hci_le_meta_evt+0x10/0x10
[ 85.128941][ T4682] ? __pfx_hci_event_packet+0x10/0x10
[ 85.128953][ T4682] ? kcov_remote_start+0x49b/0x7a0
[ 85.128977][ T4682] ? hci_send_to_monitor+0xe2/0x590
[ 85.128993][ T4682] hci_rx_work+0x3ee/0x1060
[ 85.129010][ T4682] ? process_scheduled_works+0x9ef/0x1770
[ 85.129021][ T4682] process_scheduled_works+0xad1/0x1770
[ 85.129046][ T4682] ? __pfx_process_scheduled_works+0x10/0x10
[ 85.129056][ T4682] ? do_raw_spin_lock+0x121/0x290
[ 85.129080][ T4682] worker_thread+0x8a0/0xda0
[ 85.129107][ T4682] kthread+0x711/0x8a0
[ 85.129122][ T4682] ? __pfx_worker_thread+0x10/0x10
[ 85.129133][ T4682] ? __pfx_kthread+0x10/0x10
[ 85.129149][ T4682] ? _raw_spin_unlock_irq+0x23/0x50
[ 85.129163][ T4682] ? __pfx_kthread+0x10/0x10
[ 85.129176][ T4682] ret_from_fork+0x510/0xa50
[ 85.129189][ T4682] ? __pfx_ret_from_fork+0x10/0x10
[ 85.129198][ T4682] ? __switch_to+0xc9e/0x1480
[ 85.129216][ T4682] ? __pfx_kthread+0x10/0x10
[ 85.129229][ T4682] ret_from_fork_asm+0x1a/0x30
[ 85.129253][ T4682]
[ 85.129273][ T4682] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[ 85.244426][ T4682] Bluetooth: hci0: failed to register connection device
[ 85.247770][ T4682] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[ 85.251673][ T4682] CPU: 0 UID: 0 PID: 4682 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full)
[ 85.251689][ T4682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.251697][ T4682] Workqueue: hci0 hci_rx_work
[ 85.251722][ T4682] Call Trace:
[ 85.251727][ T4682]
[ 85.251733][ T4682] dump_stack_lvl+0xe8/0x150
[ 85.251750][ T4682] sysfs_create_dir_ns+0x259/0x280
[ 85.251771][ T4682] ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 85.251789][ T4682] ? do_raw_spin_unlock+0x4d/0x240
[ 85.251806][ T4682] kobject_add_internal+0x6ab/0xcc0
[ 85.251824][ T4682] kobject_add+0x155/0x220
[ 85.251837][ T4682] ? __pfx_kobject_add+0x10/0x10
[ 85.251849][ T4682] ? _raw_spin_unlock+0x28/0x50
[ 85.251865][ T4682] ? get_device_parent+0x366/0x3a0
[ 85.251882][ T4682] device_add+0x408/0xb80
[ 85.251899][ T4682] hci_conn_add_sysfs+0xd5/0x210
[ 85.251916][ T4682] le_conn_complete_evt+0xf1d/0x1420
[ 85.251928][ T4682] ? __pfx_le_conn_complete_evt+0x10/0x10
[ 85.251935][ T4682] ? __mutex_unlock_slowpath+0x1a1/0x730
[ 85.251941][ T4682] ? __asan_memcpy+0x40/0x70
[ 85.251952][ T4682] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 85.251959][ T4682] ? skb_pull_data+0xfb/0x200
[ 85.251969][ T4682] hci_le_conn_complete_evt+0x187/0x480
[ 85.251979][ T4682] hci_event_packet+0x78f/0x1260
[ 85.251987][ T4682] ? __pfx_hci_le_meta_evt+0x10/0x10
[ 85.251996][ T4682] ? __pfx_hci_event_packet+0x10/0x10
[ 85.252004][ T4682] ? kcov_remote_start+0x49b/0x7a0
[ 85.252013][ T4682] ? hci_send_to_monitor+0xe2/0x590
[ 85.252022][ T4682] hci_rx_work+0x3ee/0x1060
[ 85.252032][ T4682] ? process_scheduled_works+0x9ef/0x1770
[ 85.252039][ T4682] process_scheduled_works+0xad1/0x1770
[ 85.252055][ T4682] ? __pfx_process_scheduled_works+0x10/0x10
[ 85.252061][ T4682] ? do_raw_spin_lock+0x121/0x290
[ 85.252074][ T4682] worker_thread+0x8a0/0xda0
[ 85.252090][ T4682] kthread+0x711/0x8a0
[ 85.252099][ T4682] ? __pfx_worker_thread+0x10/0x10
[ 85.252106][ T4682] ? __pfx_kthread+0x10/0x10
[ 85.252115][ T4682] ? _raw_spin_unlock_irq+0x23/0x50
[ 85.252123][ T4682] ? __pfx_kthread+0x10/0x10
[ 85.252131][ T4682] ret_from_fork+0x510/0xa50
[ 85.252139][ T4682] ? __pfx_ret_from_fork+0x10/0x10
[ 85.252145][ T4682] ? __switch_to+0xc9e/0x1480
[ 85.252155][ T4682] ? __pfx_kthread+0x10/0x10
[ 85.252179][ T4682] ret_from_fork_asm+0x1a/0x30
[ 85.252198][ T4682]
[ 85.252300][ T4682] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[ 85.360013][ T5344] ------------[ cut here ]------------
[ 85.362401][ T5344] workqueue: cannot queue hci_rx_work on wq hci0
[ 85.365147][ T5344] WARNING: kernel/workqueue.c:2252 at __queue_work+0xd20/0xf90, CPU#0: syz.0.0/5344
[ 85.369036][ T5344] Modules linked in:
[ 85.370673][ T5344] CPU: 0 UID: 0 PID: 5344 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.374525][ T5344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.379394][ T5344] RIP: 0010:__queue_work+0xd4b/0xf90
[ 85.381858][ T5344] Code: 83 c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 86 5a 9e 00 49 8b 75 00 49 81 c7 78 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d e9 3d 18
[ 85.390368][ T5344] RSP: 0018:ffffc9000d8efb20 EFLAGS: 00010086
[ 85.392895][ T5344] RAX: 1ffff1100342897b RBX: 0000000000000008 RCX: ffff88801c580000
[ 85.396282][ T5344] RDX: ffff888042733178 RSI: ffffffff8a553600 RDI: ffffffff8f852a60
[ 85.399773][ T5344] RBP: 0000000000000000 R08: ffff88801a144bc7 R09: 1ffff11003428978
[ 85.402902][ T5344] R10: dffffc0000000000 R11: ffffed1003428979 R12: dffffc0000000000
[ 85.406497][ T5344] R13: ffff88801a144bd8 R14: ffffffff8f852a60 R15: ffff888042733178
[ 85.410491][ T5344] FS: 00007ff5f6b666c0(0000) GS:ffff88808d416000(0000) knlGS:0000000000000000
[ 85.414048][ T5344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 85.417078][ T5344] CR2: 00007ff5f21f5d58 CR3: 000000001246e000 CR4: 0000000000352ef0
[ 85.420646][ T5344] Call Trace:
[ 85.422136][ T5344]
[ 85.423445][ T5344] ? rcu_is_watching+0x15/0xb0
[ 85.425678][ T5344] queue_work_on+0x106/0x1c0
[ 85.427808][ T5344] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 85.430356][ T5344] hci_recv_frame+0x625/0x7c0
[ 85.432445][ T5344] ? skb_pull+0xc1/0x1d0
[ 85.434257][ T5344] vhci_write+0x358/0x4a0
[ 85.436129][ T5344] vfs_write+0x5c9/0xb30
[ 85.437968][ T5344] ? __pfx_vhci_write+0x10/0x10
[ 85.440135][ T5344] ? __pfx_vfs_write+0x10/0x10
[ 85.442147][ T5344] ? __fget_files+0x2a/0x420
[ 85.444143][ T5344] ksys_write+0x145/0x250
[ 85.446113][ T5344] ? __pfx_ksys_write+0x10/0x10
[ 85.448186][ T5344] do_syscall_64+0xec/0xf80
[ 85.450195][ T5344] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.452877][ T5344] ? trace_irq_disable+0x37/0x100
[ 85.455089][ T5344] ? clear_bhb_loop+0x60/0xb0
[ 85.457200][ T5344] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.459662][ T5344] RIP: 0033:0x7ff5f5d8e27f
[ 85.461560][ T5344] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 85.469418][ T5344] RSP: 002b:00007ff5f6b66000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 85.472888][ T5344] RAX: ffffffffffffffda RBX: 00007ff5f5fe6090 RCX: 00007ff5f5d8e27f
[ 85.476278][ T5344] RDX: 000000000000001f RSI: 0000200000000000 RDI: 00000000000000ca
[ 85.480031][ T5344] RBP: 00007ff5f5e13f91 R08: 0000000000000000 R09: 0000000000000000
[ 85.483945][ T5344] R10: 0000200000000000 R11: 0000000000000293 R12: 0000000000000000
[ 85.487403][ T5344] R13: 00007ff5f5fe6128 R14: 00007ff5f5fe6090 R15: 00007fffe464aa58
[ 85.490677][ T5344]
[ 85.492069][ T5344] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 85.495096][ T5344] CPU: 0 UID: 0 PID: 5344 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.498792][ T5344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.503273][ T5344] Call Trace:
[ 85.504553][ T5344]
[ 85.505744][ T5344] vpanic+0x1e0/0x670
[ 85.507413][ T5344] panic+0xb9/0xc0
[ 85.509010][ T5344] ? __pfx_panic+0x10/0x10
[ 85.510950][ T5344] __warn+0x317/0x4b0
[ 85.512644][ T5344] ? __queue_work+0xd20/0xf90
[ 85.514601][ T5344] ? __queue_work+0xd20/0xf90
[ 85.516528][ T5344] __report_bug+0x288/0x500
[ 85.518457][ T5344] ? __queue_work+0xd20/0xf90
[ 85.520439][ T5344] ? __pfx___report_bug+0x10/0x10
[ 85.522572][ T5344] ? vhci_write+0xbe/0x4a0
[ 85.524529][ T5344] ? __pfx_hci_rx_work+0x10/0x10
[ 85.526655][ T5344] ? __lock_acquire+0x6b6/0x2cf0
[ 85.528774][ T5344] report_bug_entry+0x19a/0x290
[ 85.530827][ T5344] ? __queue_work+0xd4b/0xf90
[ 85.532869][ T5344] ? __queue_work+0xd50/0xf90
[ 85.534935][ T5344] handle_bug+0xca/0x200
[ 85.536793][ T5344] exc_invalid_op+0x1a/0x50
[ 85.538803][ T5344] asm_exc_invalid_op+0x1a/0x20
[ 85.540969][ T5344] RIP: 0010:__queue_work+0xd4b/0xf90
[ 85.543222][ T5344] Code: 83 c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 86 5a 9e 00 49 8b 75 00 49 81 c7 78 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d e9 3d 18
[ 85.551512][ T5344] RSP: 0018:ffffc9000d8efb20 EFLAGS: 00010086
[ 85.554195][ T5344] RAX: 1ffff1100342897b RBX: 0000000000000008 RCX: ffff88801c580000
[ 85.557818][ T5344] RDX: ffff888042733178 RSI: ffffffff8a553600 RDI: ffffffff8f852a60
[ 85.561172][ T5344] RBP: 0000000000000000 R08: ffff88801a144bc7 R09: 1ffff11003428978
[ 85.564687][ T5344] R10: dffffc0000000000 R11: ffffed1003428979 R12: dffffc0000000000
[ 85.567906][ T5344] R13: ffff88801a144bd8 R14: ffffffff8f852a60 R15: ffff888042733178
[ 85.571252][ T5344] ? __pfx_hci_rx_work+0x10/0x10
[ 85.573458][ T5344] ? rcu_is_watching+0x15/0xb0
[ 85.575638][ T5344] queue_work_on+0x106/0x1c0
[ 85.577568][ T5344] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 85.580222][ T5344] hci_recv_frame+0x625/0x7c0
[ 85.582412][ T5344] ? skb_pull+0xc1/0x1d0
[ 85.584531][ T5344] vhci_write+0x358/0x4a0
[ 85.586474][ T5344] vfs_write+0x5c9/0xb30
[ 85.588234][ T5344] ? __pfx_vhci_write+0x10/0x10
[ 85.590356][ T5344] ? __pfx_vfs_write+0x10/0x10
[ 85.592367][ T5344] ? __fget_files+0x2a/0x420
[ 85.594425][ T5344] ksys_write+0x145/0x250
[ 85.596368][ T5344] ? __pfx_ksys_write+0x10/0x10
[ 85.598526][ T5344] do_syscall_64+0xec/0xf80
[ 85.600607][ T5344] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.603157][ T5344] ? trace_irq_disable+0x37/0x100
[ 85.605231][ T5344] ? clear_bhb_loop+0x60/0xb0
[ 85.607282][ T5344] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.609817][ T5344] RIP: 0033:0x7ff5f5d8e27f
[ 85.611835][ T5344] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 85.619840][ T5344] RSP: 002b:00007ff5f6b66000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 85.623446][ T5344] RAX: ffffffffffffffda RBX: 00007ff5f5fe6090 RCX: 00007ff5f5d8e27f
[ 85.626976][ T5344] RDX: 000000000000001f RSI: 0000200000000000 RDI: 00000000000000ca
[ 85.630272][ T5344] RBP: 00007ff5f5e13f91 R08: 0000000000000000 R09: 0000000000000000
[ 85.633668][ T5344] R10: 0000200000000000 R11: 0000000000000293 R12: 0000000000000000
[ 85.637103][ T5344] R13: 00007ff5f5fe6128 R14: 00007ff5f5fe6090 R15: 00007fffe464aa58
[ 85.640459][ T5344]
[ 85.642191][ T5344] Kernel Offset: disabled
[ 85.643981][ T5344] Rebooting in 86400 seconds..