program:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448cb, 0x0) (async)
r1 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e24, @private=0xa010100}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=[{0x18, 0x110, 0x1, "dc"}], 0x18}, 0xfc00) (async)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="040e0402030c29"], 0x7)
[ 59.445337][ T5325] ------------[ cut here ]------------
[ 59.447442][ T5325] WARNING: CPU: 0 PID: 5325 at kernel/workqueue.c:2257 __queue_work+0xcd3/0xf50
[ 59.450721][ T5325] Modules linked in:
[ 59.452186][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted 6.12.0-rc4-syzkaller-00289-gea1fda89f5b2 #0
[ 59.456021][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 59.459899][ T5325] RIP: 0010:__queue_work+0xcd3/0xf50
[ 59.461907][ T5325] Code: ff e8 81 ae 37 00 90 0f 0b 90 e9 1e fd ff ff e8 73 ae 37 00 eb 13 e8 6c ae 37 00 eb 0c e8 65 ae 37 00 eb 05 e8 5e ae 37 00 90 <0f> 0b 90 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc
[ 59.468880][ T5325] RSP: 0018:ffffc9000d267a88 EFLAGS: 00010093
[ 59.471101][ T5325] RAX: ffffffff815d2a24 RBX: ffff8880005ba440 RCX: ffff8880005ba440
[ 59.474045][ T5325] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 59.476912][ T5325] RBP: 0000000000000000 R08: ffffffff815d1e84 R09: 0000000000000000
[ 59.479778][ T5325] R10: ffffc9000d267b60 R11: fffff52001a4cf6d R12: ffff888033b15800
[ 59.482588][ T5325] R13: ffff888033b159c0 R14: dffffc0000000000 R15: 0000000000000008
[ 59.485463][ T5325] FS: 00007ff5e32d96c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[ 59.488724][ T5325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 59.491034][ T5325] CR2: 00007ff5e32d8f98 CR3: 0000000035f92000 CR4: 0000000000352ef0
[ 59.493848][ T5325] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 59.496958][ T5325] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 59.499994][ T5325] Call Trace:
[ 59.501253][ T5325]
[ 59.502371][ T5325] ? __warn+0x168/0x4e0
[ 59.503995][ T5325] ? __queue_work+0xcd3/0xf50
[ 59.505727][ T5325] ? report_bug+0x2b3/0x500
[ 59.507439][ T5325] ? __queue_work+0xcd3/0xf50
[ 59.509260][ T5325] ? handle_bug+0x60/0x90
[ 59.510792][ T5325] ? exc_invalid_op+0x1a/0x50
[ 59.512481][ T5325] ? asm_exc_invalid_op+0x1a/0x20
[ 59.514322][ T5325] ? __queue_work+0x124/0xf50
[ 59.516097][ T5325] ? __queue_work+0xcc4/0xf50
[ 59.517866][ T5325] ? __queue_work+0xcd3/0xf50
[ 59.519616][ T5325] ? __queue_work+0xcc4/0xf50
[ 59.521476][ T5325] queue_work_on+0x1c2/0x380
[ 59.523187][ T5325] ? __pfx_queue_work_on+0x10/0x10
[ 59.525059][ T5325] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 59.527114][ T5325] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 59.529485][ T5325] ? skb_queue_tail+0x36/0x120
[ 59.531280][ T5325] hci_recv_frame+0x598/0x6f0
[ 59.532991][ T5325] vhci_write+0x35a/0x490
[ 59.534619][ T5325] vfs_write+0xaeb/0xd30
[ 59.536236][ T5325] ? __pfx_vhci_write+0x10/0x10
[ 59.538060][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 59.539817][ T5325] ? fdget_pos+0x19a/0x320
[ 59.541490][ T5325] ksys_write+0x183/0x2b0
[ 59.543068][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 59.544995][ T5325] ? exc_page_fault+0x590/0x8c0
[ 59.546792][ T5325] ? do_syscall_64+0xb6/0x230
[ 59.548509][ T5325] do_syscall_64+0xf3/0x230
[ 59.550207][ T5325] ? clear_bhb_loop+0x35/0x90
[ 59.551850][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 59.554027][ T5325] RIP: 0033:0x7ff5e257d1ff
[ 59.555632][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[ 59.562655][ T5325] RSP: 002b:00007ff5e32d9000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 59.565807][ T5325] RAX: ffffffffffffffda RBX: 00007ff5e2736130 RCX: 00007ff5e257d1ff
[ 59.568810][ T5325] RDX: 0000000000000007 RSI: 00000000200006c0 RDI: 00000000000000ca
[ 59.571735][ T5325] RBP: 00007ff5e25f132e R08: 0000000000000000 R09: 0000000000000000
[ 59.574860][ T5325] R10: 00000000200006c0 R11: 0000000000000293 R12: 0000000000000000
[ 59.577894][ T5325] R13: 0000000000000001 R14: 00007ff5e2736130 R15: 00007ffe1ea2c148
[ 59.580695][ T5325]
[ 59.581670][ T5325] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 59.583998][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted 6.12.0-rc4-syzkaller-00289-gea1fda89f5b2 #0
[ 59.587613][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 59.591253][ T5325] Call Trace:
[ 59.592555][ T5325]
[ 59.593649][ T5325] dump_stack_lvl+0x241/0x360
[ 59.595449][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10
[ 59.597456][ T5325] ? __pfx__printk+0x10/0x10
[ 59.599110][ T5325] ? vscnprintf+0x5d/0x90
[ 59.600798][ T5325] panic+0x349/0x880
[ 59.602230][ T5325] ? __warn+0x177/0x4e0
[ 59.603763][ T5325] ? __pfx_panic+0x10/0x10
[ 59.605404][ T5325] __warn+0x34b/0x4e0
[ 59.606906][ T5325] ? __queue_work+0xcd3/0xf50
[ 59.608729][ T5325] report_bug+0x2b3/0x500
[ 59.610315][ T5325] ? __queue_work+0xcd3/0xf50
[ 59.612129][ T5325] handle_bug+0x60/0x90
[ 59.613794][ T5325] exc_invalid_op+0x1a/0x50
[ 59.615448][ T5325] asm_exc_invalid_op+0x1a/0x20
[ 59.617214][ T5325] RIP: 0010:__queue_work+0xcd3/0xf50
[ 59.619027][ T5325] Code: ff e8 81 ae 37 00 90 0f 0b 90 e9 1e fd ff ff e8 73 ae 37 00 eb 13 e8 6c ae 37 00 eb 0c e8 65 ae 37 00 eb 05 e8 5e ae 37 00 90 <0f> 0b 90 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc
[ 59.626231][ T5325] RSP: 0018:ffffc9000d267a88 EFLAGS: 00010093
[ 59.628524][ T5325] RAX: ffffffff815d2a24 RBX: ffff8880005ba440 RCX: ffff8880005ba440
[ 59.631486][ T5325] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 59.634335][ T5325] RBP: 0000000000000000 R08: ffffffff815d1e84 R09: 0000000000000000
[ 59.637343][ T5325] R10: ffffc9000d267b60 R11: fffff52001a4cf6d R12: ffff888033b15800
[ 59.640390][ T5325] R13: ffff888033b159c0 R14: dffffc0000000000 R15: 0000000000000008
[ 59.643296][ T5325] ? __queue_work+0x124/0xf50
[ 59.645015][ T5325] ? __queue_work+0xcc4/0xf50
[ 59.646826][ T5325] ? __queue_work+0xcc4/0xf50
[ 59.648488][ T5325] queue_work_on+0x1c2/0x380
[ 59.650218][ T5325] ? __pfx_queue_work_on+0x10/0x10
[ 59.652109][ T5325] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 59.654320][ T5325] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 59.656546][ T5325] ? skb_queue_tail+0x36/0x120
[ 59.658144][ T5325] hci_recv_frame+0x598/0x6f0
[ 59.659808][ T5325] vhci_write+0x35a/0x490
[ 59.661399][ T5325] vfs_write+0xaeb/0xd30
[ 59.663020][ T5325] ? __pfx_vhci_write+0x10/0x10
[ 59.664884][ T5325] ? __pfx_vfs_write+0x10/0x10
[ 59.666789][ T5325] ? fdget_pos+0x19a/0x320
[ 59.668541][ T5325] ksys_write+0x183/0x2b0
[ 59.670200][ T5325] ? __pfx_ksys_write+0x10/0x10
[ 59.671736][ T5325] ? exc_page_fault+0x590/0x8c0
[ 59.673249][ T5325] ? do_syscall_64+0xb6/0x230
[ 59.674976][ T5325] do_syscall_64+0xf3/0x230
[ 59.676432][ T5325] ? clear_bhb_loop+0x35/0x90
[ 59.678145][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 59.680433][ T5325] RIP: 0033:0x7ff5e257d1ff
[ 59.682287][ T5325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[ 59.690045][ T5325] RSP: 002b:00007ff5e32d9000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 59.693254][ T5325] RAX: ffffffffffffffda RBX: 00007ff5e2736130 RCX: 00007ff5e257d1ff
[ 59.696233][ T5325] RDX: 0000000000000007 RSI: 00000000200006c0 RDI: 00000000000000ca
[ 59.699090][ T5325] RBP: 00007ff5e25f132e R08: 0000000000000000 R09: 0000000000000000
[ 59.701803][ T5325] R10: 00000000200006c0 R11: 0000000000000293 R12: 0000000000000000
[ 59.704712][ T5325] R13: 0000000000000001 R14: 00007ff5e2736130 R15: 00007ffe1ea2c148
[ 59.707630][ T5325]
[ 59.708963][ T5325] Kernel Offset: disabled
[ 59.710428][ T5325] Rebooting in 86400 seconds..