program:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448cb, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000240)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_ENCODER_CMD(r1, 0xc028564d, &(0x7f0000000080)={0x3, 0x1, [0x200, 0x0, 0x9, 0xfffffffc, 0x400, 0x6, 0x7, 0x6]})
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000200)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
landlock_create_ruleset(&(0x7f0000000100)={0x0, 0x3}, 0x10, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e1301"], 0x16)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40040, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0402030c"], 0x7)
[ 75.403586][ T5302] Bluetooth: hci0: command tx timeout
[ 75.490224][ T5323] evm: overlay not supported
[ 75.577651][ T5324] ------------[ cut here ]------------
[ 75.580010][ T5324] workqueue: cannot queue hci_rx_work on wq hci0
[ 75.583064][ T5324] WARNING: CPU: 0 PID: 5324 at kernel/workqueue.c:2258 __queue_work+0xd38/0xfb0
[ 75.587100][ T5324] Modules linked in:
[ 75.588979][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 75.593029][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 75.597655][ T5324] RIP: 0010:__queue_work+0xd38/0xfb0
[ 75.600007][ T5324] Code: 42 80 3c 20 00 74 08 4c 89 ef e8 43 5e 9d 00 49 8b 75 00 49 81 c7 78 01 00 00 48 c7 c7 20 eb 69 8b 4c 89 fa e8 b9 31 f9 ff 90 <0f> 0b 90 90 e9 1a f5 ff ff e8 3a 24 36 00 90 0f 0b 90 e9 dd fc ff
[ 75.608445][ T5324] RSP: 0018:ffffc9000f567a70 EFLAGS: 00010046
[ 75.611122][ T5324] RAX: 68084def88ea0d00 RBX: 0000000000000000 RCX: 0000000000100000
[ 75.614663][ T5324] RDX: ffffc9000ec7c000 RSI: 0000000000000ab5 RDI: 0000000000000ab6
[ 75.618269][ T5324] RBP: 1ffff11007d19738 R08: 0000000000000003 R09: 0000000000000004
[ 75.621699][ T5324] R10: dffffc0000000000 R11: fffffbfff1bfa650 R12: dffffc0000000000
[ 75.625094][ T5324] R13: ffff888033024ae0 R14: ffff88800071a480 R15: ffff88803e8cb978
[ 75.628411][ T5324] FS: 00007f44758736c0(0000) GS:ffff88808d300000(0000) knlGS:0000000000000000
[ 75.632300][ T5324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 75.634878][ T5324] CR2: 00007f4475872fc8 CR3: 000000000dc36000 CR4: 0000000000352ef0
[ 75.638075][ T5324] Call Trace:
[ 75.639462][ T5324]
[ 75.640766][ T5324] ? rcu_is_watching+0x15/0xb0
[ 75.642724][ T5324] queue_work_on+0x181/0x270
[ 75.644627][ T5324] ? lockdep_hardirqs_on+0x9c/0x150
[ 75.646781][ T5324] ? __pfx_queue_work_on+0x10/0x10
[ 75.649071][ T5324] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 75.651656][ T5324] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 75.654386][ T5324] ? skb_queue_tail+0x30/0xf0
[ 75.656323][ T5324] hci_recv_frame+0x625/0x7c0
[ 75.658242][ T5324] ? skb_pull+0xc1/0x1d0
[ 75.660002][ T5324] vhci_write+0x358/0x4a0
[ 75.661745][ T5324] vfs_write+0x5c9/0xb30
[ 75.663611][ T5324] ? __pfx_vhci_write+0x10/0x10
[ 75.665835][ T5324] ? __pfx_vfs_write+0x10/0x10
[ 75.668003][ T5324] ? __fget_files+0x2a/0x420
[ 75.670111][ T5324] ksys_write+0x145/0x250
[ 75.672079][ T5324] ? __pfx_ksys_write+0x10/0x10
[ 75.674283][ T5324] ? do_syscall_64+0xbe/0xfa0
[ 75.676443][ T5324] do_syscall_64+0xfa/0xfa0
[ 75.678486][ T5324] ? lockdep_hardirqs_on+0x9c/0x150
[ 75.680735][ T5324] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 75.683391][ T5324] ? clear_bhb_loop+0x60/0xb0
[ 75.685517][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 75.688276][ T5324] RIP: 0033:0x7f447498da7f
[ 75.690292][ T5324] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 75.698779][ T5324] RSP: 002b:00007f4475873000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 75.703184][ T5324] RAX: ffffffffffffffda RBX: 00007f4474be6180 RCX: 00007f447498da7f
[ 75.706638][ T5324] RDX: 0000000000000007 RSI: 0000200000000040 RDI: 00000000000000ca
[ 75.710157][ T5324] RBP: 00007f4474a11f91 R08: 0000000000000000 R09: 0000000000000000
[ 75.713560][ T5324] R10: 0000200000000040 R11: 0000000000000293 R12: 0000000000000000
[ 75.717200][ T5324] R13: 00007f4474be6218 R14: 00007f4474be6180 R15: 00007ffd88cdfda8
[ 75.720555][ T5324]
[ 75.721925][ T5324] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 75.725065][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 75.728863][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 75.733400][ T5324] Call Trace:
[ 75.734841][ T5324]
[ 75.736160][ T5324] dump_stack_lvl+0x99/0x250
[ 75.738180][ T5324] ? __asan_memcpy+0x40/0x70
[ 75.740249][ T5324] ? __pfx_dump_stack_lvl+0x10/0x10
[ 75.742584][ T5324] ? __pfx__printk+0x10/0x10
[ 75.744662][ T5324] vpanic+0x237/0x6d0
[ 75.746468][ T5324] ? __pfx_vpanic+0x10/0x10
[ 75.748594][ T5324] panic+0xb9/0xc0
[ 75.750316][ T5324] ? __pfx_panic+0x10/0x10
[ 75.752385][ T5324] __warn+0x31b/0x4b0
[ 75.754207][ T5324] ? __queue_work+0xd38/0xfb0
[ 75.756217][ T5324] ? __queue_work+0xd38/0xfb0
[ 75.758148][ T5324] report_bug+0x2be/0x4f0
[ 75.760005][ T5324] ? __queue_work+0xd38/0xfb0
[ 75.762081][ T5324] ? __queue_work+0xd38/0xfb0
[ 75.764157][ T5324] ? __queue_work+0xd3a/0xfb0
[ 75.766233][ T5324] handle_bug+0x84/0x160
[ 75.768034][ T5324] exc_invalid_op+0x1a/0x50
[ 75.770054][ T5324] asm_exc_invalid_op+0x1a/0x20
[ 75.772306][ T5324] RIP: 0010:__queue_work+0xd38/0xfb0
[ 75.774650][ T5324] Code: 42 80 3c 20 00 74 08 4c 89 ef e8 43 5e 9d 00 49 8b 75 00 49 81 c7 78 01 00 00 48 c7 c7 20 eb 69 8b 4c 89 fa e8 b9 31 f9 ff 90 <0f> 0b 90 90 e9 1a f5 ff ff e8 3a 24 36 00 90 0f 0b 90 e9 dd fc ff
[ 75.782844][ T5324] RSP: 0018:ffffc9000f567a70 EFLAGS: 00010046
[ 75.785490][ T5324] RAX: 68084def88ea0d00 RBX: 0000000000000000 RCX: 0000000000100000
[ 75.789023][ T5324] RDX: ffffc9000ec7c000 RSI: 0000000000000ab5 RDI: 0000000000000ab6
[ 75.792504][ T5324] RBP: 1ffff11007d19738 R08: 0000000000000003 R09: 0000000000000004
[ 75.795894][ T5324] R10: dffffc0000000000 R11: fffffbfff1bfa650 R12: dffffc0000000000
[ 75.799404][ T5324] R13: ffff888033024ae0 R14: ffff88800071a480 R15: ffff88803e8cb978
[ 75.802946][ T5324] ? rcu_is_watching+0x15/0xb0
[ 75.805070][ T5324] queue_work_on+0x181/0x270
[ 75.807131][ T5324] ? lockdep_hardirqs_on+0x9c/0x150
[ 75.809534][ T5324] ? __pfx_queue_work_on+0x10/0x10
[ 75.811812][ T5324] ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 75.814465][ T5324] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 75.817219][ T5324] ? skb_queue_tail+0x30/0xf0
[ 75.819346][ T5324] hci_recv_frame+0x625/0x7c0
[ 75.821564][ T5324] ? skb_pull+0xc1/0x1d0
[ 75.823389][ T5324] vhci_write+0x358/0x4a0
[ 75.825382][ T5324] vfs_write+0x5c9/0xb30
[ 75.827308][ T5324] ? __pfx_vhci_write+0x10/0x10
[ 75.829539][ T5324] ? __pfx_vfs_write+0x10/0x10
[ 75.831648][ T5324] ? __fget_files+0x2a/0x420
[ 75.833721][ T5324] ksys_write+0x145/0x250
[ 75.835687][ T5324] ? __pfx_ksys_write+0x10/0x10
[ 75.837856][ T5324] ? do_syscall_64+0xbe/0xfa0
[ 75.839948][ T5324] do_syscall_64+0xfa/0xfa0
[ 75.842004][ T5324] ? lockdep_hardirqs_on+0x9c/0x150
[ 75.844406][ T5324] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 75.847248][ T5324] ? clear_bhb_loop+0x60/0xb0
[ 75.849404][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 75.852127][ T5324] RIP: 0033:0x7f447498da7f
[ 75.854182][ T5324] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 75.862838][ T5324] RSP: 002b:00007f4475873000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 75.866625][ T5324] RAX: ffffffffffffffda RBX: 00007f4474be6180 RCX: 00007f447498da7f
[ 75.870172][ T5324] RDX: 0000000000000007 RSI: 0000200000000040 RDI: 00000000000000ca
[ 75.873771][ T5324] RBP: 00007f4474a11f91 R08: 0000000000000000 R09: 0000000000000000
[ 75.877340][ T5324] R10: 0000200000000040 R11: 0000000000000293 R12: 0000000000000000
[ 75.880804][ T5324] R13: 00007f4474be6218 R14: 00007f4474be6180 R15: 00007ffd88cdfda8
[ 75.884389][ T5324]
[ 75.886096][ T5324] Kernel Offset: disabled
[ 75.888073][ T5324] Rebooting in 86400 seconds..