program:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000100), 0x8) (async)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0418"], 0x1a) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b4000000000000007911a800000000e105000000000000009500000c00005955610fa9a60385c8d67ddfe437d6a8aaa9"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) (async)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xa0, r1, 0x300, 0x70bd2c, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7fff}, @IPVS_CMD_ATTR_DAEMON={0x78, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'batadv_slave_0\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x7}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x3a}}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x20040000}, 0x8000)

[   75.696006][ T4675] Bluetooth: hci0: command tx timeout
[   75.736373][ T5306] ------------[ cut here ]------------
[   75.739227][ T5306] WARNING: CPU: 0 PID: 5306 at net/bluetooth/hci_conn.c:568 hci_conn_timeout+0xff/0x290
[   75.743292][ T5306] Modules linked in:
[   75.745075][ T5306] CPU: 0 UID: 0 PID: 5306 Comm: kworker/u5:2 Not tainted 6.16.0-syzkaller-02094-g86aa72182095 #0 PREEMPT(full) 
[   75.750544][ T5306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.754839][ T5306] Workqueue: hci0 hci_conn_timeout
[   75.757531][ T5306] RIP: 0010:hci_conn_timeout+0xff/0x290
[   75.759989][ T5306] Code: 48 89 df e8 53 fb 08 00 eb 07 e8 7c 4f 4f f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 67 cb fe ff e8 62 4f 4f f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[   75.768244][ T5306] RSP: 0018:ffffc9000f51fa50 EFLAGS: 00010293
[   75.770795][ T5306] RAX: ffffffff8a700f9e RBX: ffff888052ee4000 RCX: ffff888000b4a440
[   75.773978][ T5306] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   75.777422][ T5306] RBP: 00000000ffffffff R08: ffff888052ee4013 R09: 1ffff1100a5dc802
[   75.781248][ T5306] R10: dffffc0000000000 R11: ffffed100a5dc803 R12: dffffc0000000000
[   75.784694][ T5306] R13: ffff888011e38118 R14: ffff888052ee4948 R15: ffff888052ee4010
[   75.788095][ T5306] FS:  0000000000000000(0000) GS:ffff88808d27c000(0000) knlGS:0000000000000000
[   75.792053][ T5306] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.794843][ T5306] CR2: 00007f175bf74740 CR3: 00000000434c4000 CR4: 0000000000352ef0
[   75.798649][ T5306] Call Trace:
[   75.800146][ T5306]  <TASK>
[   75.801621][ T5306]  ? process_scheduled_works+0x9ef/0x17b0
[   75.804207][ T5306]  process_scheduled_works+0xade/0x17b0
[   75.806550][ T5306]  ? __pfx_process_scheduled_works+0x10/0x10
[   75.809427][ T5306]  worker_thread+0x8a0/0xda0
[   75.811250][ T5306]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.813860][ T5306]  ? __kthread_parkme+0x7b/0x200
[   75.816020][ T5306]  kthread+0x711/0x8a0
[   75.818046][ T5306]  ? __pfx_worker_thread+0x10/0x10
[   75.820461][ T5306]  ? __pfx_kthread+0x10/0x10
[   75.822627][ T5306]  ? _raw_spin_unlock_irq+0x23/0x50
[   75.825037][ T5306]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.827446][ T5306]  ? __pfx_kthread+0x10/0x10
[   75.829523][ T5306]  ret_from_fork+0x3fc/0x770
[   75.831608][ T5306]  ? __pfx_ret_from_fork+0x10/0x10
[   75.834012][ T5306]  ? __pfx_kthread+0x10/0x10
[   75.836322][ T5306]  ret_from_fork_asm+0x1a/0x30
[   75.839077][ T5306]  </TASK>
[   75.840564][ T5306] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   75.843942][ T5306] CPU: 0 UID: 0 PID: 5306 Comm: kworker/u5:2 Not tainted 6.16.0-syzkaller-02094-g86aa72182095 #0 PREEMPT(full) 
[   75.849107][ T5306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.853596][ T5306] Workqueue: hci0 hci_conn_timeout
[   75.856219][ T5306] Call Trace:
[   75.858461][ T5306]  <TASK>
[   75.860478][ T5306]  dump_stack_lvl+0x99/0x250
[   75.863092][ T5306]  ? __asan_memcpy+0x40/0x70
[   75.865371][ T5306]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.867710][ T5306]  ? __pfx__printk+0x10/0x10
[   75.869826][ T5306]  panic+0x2db/0x790
[   75.872059][ T5306]  ? __pfx_panic+0x10/0x10
[   75.874335][ T5306]  ? ret_from_fork_asm+0x1a/0x30
[   75.876843][ T5306]  __warn+0x31b/0x4b0
[   75.878753][ T5306]  ? hci_conn_timeout+0xff/0x290
[   75.881028][ T5306]  ? hci_conn_timeout+0xff/0x290
[   75.883199][ T5306]  report_bug+0x2be/0x4f0
[   75.885215][ T5306]  ? hci_conn_timeout+0xff/0x290
[   75.887301][ T5306]  ? hci_conn_timeout+0xff/0x290
[   75.889524][ T5306]  ? hci_conn_timeout+0x101/0x290
[   75.891805][ T5306]  handle_bug+0x84/0x160
[   75.893951][ T5306]  exc_invalid_op+0x1a/0x50
[   75.896234][ T5306]  asm_exc_invalid_op+0x1a/0x20
[   75.898372][ T5306] RIP: 0010:hci_conn_timeout+0xff/0x290
[   75.900661][ T5306] Code: 48 89 df e8 53 fb 08 00 eb 07 e8 7c 4f 4f f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 67 cb fe ff e8 62 4f 4f f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[   75.909028][ T5306] RSP: 0018:ffffc9000f51fa50 EFLAGS: 00010293
[   75.911922][ T5306] RAX: ffffffff8a700f9e RBX: ffff888052ee4000 RCX: ffff888000b4a440
[   75.915870][ T5306] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   75.919312][ T5306] RBP: 00000000ffffffff R08: ffff888052ee4013 R09: 1ffff1100a5dc802
[   75.922772][ T5306] R10: dffffc0000000000 R11: ffffed100a5dc803 R12: dffffc0000000000
[   75.926150][ T5306] R13: ffff888011e38118 R14: ffff888052ee4948 R15: ffff888052ee4010
[   75.929632][ T5306]  ? hci_conn_timeout+0xfe/0x290
[   75.931889][ T5306]  ? process_scheduled_works+0x9ef/0x17b0
[   75.934549][ T5306]  process_scheduled_works+0xade/0x17b0
[   75.937252][ T5306]  ? __pfx_process_scheduled_works+0x10/0x10
[   75.940109][ T5306]  worker_thread+0x8a0/0xda0
[   75.942293][ T5306]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.945039][ T5306]  ? __kthread_parkme+0x7b/0x200
[   75.947298][ T5306]  kthread+0x711/0x8a0
[   75.949100][ T5306]  ? __pfx_worker_thread+0x10/0x10
[   75.951225][ T5306]  ? __pfx_kthread+0x10/0x10
[   75.953191][ T5306]  ? _raw_spin_unlock_irq+0x23/0x50
[   75.955198][ T5306]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.957601][ T5306]  ? __pfx_kthread+0x10/0x10
[   75.960029][ T5306]  ret_from_fork+0x3fc/0x770
[   75.962276][ T5306]  ? __pfx_ret_from_fork+0x10/0x10
[   75.964639][ T5306]  ? __pfx_kthread+0x10/0x10
[   75.966721][ T5306]  ret_from_fork_asm+0x1a/0x30
[   75.968652][ T5306]  </TASK>
[   75.970277][ T5306] Kernel Offset: disabled
[   75.972258][ T5306] Rebooting in 86400 seconds..