program:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x4c, 0x0, &(0x7f0000000040))
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a"], 0x22)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001e80)=[{{&(0x7f0000000080)={0xa, 0x4e1f, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1ff}, 0x1c, 0x0}}], 0x1, 0x4000004)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="0408"], 0x7) (async)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="0408"], 0x7)

[   75.594005][ T5302] Bluetooth: hci0: command tx timeout
[   75.650428][ T5302] ------------[ cut here ]------------
[   75.653379][ T5302] WARNING: CPU: 0 PID: 5302 at net/bluetooth/hci_conn.c:567 hci_conn_timeout+0xff/0x290
[   75.658691][ T5302] Modules linked in:
[   75.660621][ T5302] CPU: 0 UID: 0 PID: 5302 Comm: kworker/u5:2 Not tainted syzkaller #0 PREEMPT(full) 
[   75.664468][ T5302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.669087][ T5302] Workqueue: hci0 hci_conn_timeout
[   75.671167][ T5302] RIP: 0010:hci_conn_timeout+0xff/0x290
[   75.673417][ T5302] Code: 48 89 df e8 53 1d 09 00 eb 07 e8 1c d6 74 f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 e7 c4 fe ff e8 02 d6 74 f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[   75.681334][ T5302] RSP: 0018:ffffc9000d177a30 EFLAGS: 00010293
[   75.683737][ T5302] RAX: ffffffff8a4acd9e RBX: ffff88803ecbc000 RCX: ffff88801f8ba480
[   75.687420][ T5302] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   75.690618][ T5302] RBP: 00000000ffffffff R08: ffff88803ecbc013 R09: 1ffff11007d97802
[   75.693853][ T5302] R10: dffffc0000000000 R11: ffffed1007d97803 R12: dffffc0000000000
[   75.697562][ T5302] R13: ffff8880119d5218 R14: ffff88803ecbc948 R15: ffff88803ecbc010
[   75.701838][ T5302] FS:  0000000000000000(0000) GS:ffff88808d306000(0000) knlGS:0000000000000000
[   75.706830][ T5302] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.710579][ T5302] CR2: 0000200000001e80 CR3: 0000000032d84000 CR4: 0000000000352ef0
[   75.715020][ T5302] Call Trace:
[   75.717229][ T5302]  <TASK>
[   75.719055][ T5302]  ? process_scheduled_works+0x9ef/0x17b0
[   75.722342][ T5302]  process_scheduled_works+0xae1/0x17b0
[   75.725624][ T5302]  ? __pfx_process_scheduled_works+0x10/0x10
[   75.729307][ T5302]  worker_thread+0x8a0/0xda0
[   75.731736][ T5302]  ? __kthread_parkme+0x7b/0x200
[   75.734148][ T5302]  kthread+0x711/0x8a0
[   75.736063][ T5302]  ? __pfx_worker_thread+0x10/0x10
[   75.738586][ T5302]  ? __pfx_kthread+0x10/0x10
[   75.740527][ T5302]  ? _raw_spin_unlock_irq+0x23/0x50
[   75.742718][ T5302]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.745031][ T5302]  ? __pfx_kthread+0x10/0x10
[   75.747563][ T5302]  ret_from_fork+0x4bc/0x870
[   75.750098][ T5302]  ? __pfx_ret_from_fork+0x10/0x10
[   75.752746][ T5302]  ? __pfx_kthread+0x10/0x10
[   75.755141][ T5302]  ret_from_fork_asm+0x1a/0x30
[   75.757833][ T5302]  </TASK>
[   75.759573][ T5302] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   75.763021][ T5302] CPU: 0 UID: 0 PID: 5302 Comm: kworker/u5:2 Not tainted syzkaller #0 PREEMPT(full) 
[   75.766975][ T5302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.771677][ T5302] Workqueue: hci0 hci_conn_timeout
[   75.773993][ T5302] Call Trace:
[   75.775516][ T5302]  <TASK>
[   75.776841][ T5302]  dump_stack_lvl+0x99/0x250
[   75.778827][ T5302]  ? __asan_memcpy+0x40/0x70
[   75.780908][ T5302]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.783169][ T5302]  ? __pfx__printk+0x10/0x10
[   75.785082][ T5302]  vpanic+0x237/0x6d0
[   75.786904][ T5302]  ? __pfx_vpanic+0x10/0x10
[   75.788651][ T5302]  panic+0xb9/0xc0
[   75.790198][ T5302]  ? __pfx_panic+0x10/0x10
[   75.792162][ T5302]  __warn+0x31b/0x4b0
[   75.793800][ T5302]  ? hci_conn_timeout+0xff/0x290
[   75.795891][ T5302]  ? hci_conn_timeout+0xff/0x290
[   75.798055][ T5302]  report_bug+0x2be/0x4f0
[   75.799977][ T5302]  ? hci_conn_timeout+0xff/0x290
[   75.802060][ T5302]  ? hci_conn_timeout+0xff/0x290
[   75.804252][ T5302]  ? hci_conn_timeout+0x101/0x290
[   75.806273][ T5302]  handle_bug+0x84/0x160
[   75.808133][ T5302]  exc_invalid_op+0x1a/0x50
[   75.810198][ T5302]  asm_exc_invalid_op+0x1a/0x20
[   75.812355][ T5302] RIP: 0010:hci_conn_timeout+0xff/0x290
[   75.814687][ T5302] Code: 48 89 df e8 53 1d 09 00 eb 07 e8 1c d6 74 f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 e7 c4 fe ff e8 02 d6 74 f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[   75.822811][ T5302] RSP: 0018:ffffc9000d177a30 EFLAGS: 00010293
[   75.825451][ T5302] RAX: ffffffff8a4acd9e RBX: ffff88803ecbc000 RCX: ffff88801f8ba480
[   75.829046][ T5302] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   75.832474][ T5302] RBP: 00000000ffffffff R08: ffff88803ecbc013 R09: 1ffff11007d97802
[   75.835911][ T5302] R10: dffffc0000000000 R11: ffffed1007d97803 R12: dffffc0000000000
[   75.839440][ T5302] R13: ffff8880119d5218 R14: ffff88803ecbc948 R15: ffff88803ecbc010
[   75.842920][ T5302]  ? hci_conn_timeout+0xfe/0x290
[   75.845029][ T5302]  ? process_scheduled_works+0x9ef/0x17b0
[   75.847590][ T5302]  process_scheduled_works+0xae1/0x17b0
[   75.849998][ T5302]  ? __pfx_process_scheduled_works+0x10/0x10
[   75.852523][ T5302]  worker_thread+0x8a0/0xda0
[   75.854495][ T5302]  ? __kthread_parkme+0x7b/0x200
[   75.856665][ T5302]  kthread+0x711/0x8a0
[   75.858411][ T5302]  ? __pfx_worker_thread+0x10/0x10
[   75.860668][ T5302]  ? __pfx_kthread+0x10/0x10
[   75.862740][ T5302]  ? _raw_spin_unlock_irq+0x23/0x50
[   75.864968][ T5302]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.867264][ T5302]  ? __pfx_kthread+0x10/0x10
[   75.869319][ T5302]  ret_from_fork+0x4bc/0x870
[   75.871279][ T5302]  ? __pfx_ret_from_fork+0x10/0x10
[   75.873298][ T5302]  ? __pfx_kthread+0x10/0x10
[   75.874968][ T5302]  ret_from_fork_asm+0x1a/0x30
[   75.876995][ T5302]  </TASK>
[   75.878611][ T5302] Kernel Offset: disabled
[   75.880490][ T5302] Rebooting in 86400 seconds..