program:
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = dup(r0)
ioctl$PTP_EXTTS_REQUEST2(r1, 0x40603d10, &(0x7f0000000040)) (async)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000080)={0x1, [0x3]}, 0x6) (async)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x400448cb, 0x0) (async)
syz_emit_ethernet(0x7e, &(0x7f0000000000)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "ecff80", 0x48, 0x11, 0x0, @private0, @mcast2, {[], {0x0, 0x4e22, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "1252b415e4f9c8fa6acc60c585cb439a84648b4b0b82b1d5", "dea09ee7e84a19a512e6190f4ed29d7b8d98cd2da139c812fb04a7f2fa87287a"}}}}}}}, 0x0) (async)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40040, 0x0) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0402030c"], 0x7)

[   70.568000][ T5310] Bluetooth: hci0: command tx timeout
[   70.649347][ T5326] ------------[ cut here ]------------
[   70.651442][ T5326] WARNING: CPU: 0 PID: 5326 at kernel/workqueue.c:2257 __queue_work+0xcd3/0xf50
[   70.654843][ T5326] Modules linked in:
[   70.656310][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.0 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[   70.660074][ T5326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.664076][ T5326] RIP: 0010:__queue_work+0xcd3/0xf50
[   70.666061][ T5326] Code: ff e8 f1 d7 37 00 90 0f 0b 90 e9 b2 fe ff ff e8 e3 d7 37 00 eb 13 e8 dc d7 37 00 eb 0c e8 d5 d7 37 00 eb 05 e8 ce d7 37 00 90 <0f> 0b 90 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc
[   70.673270][ T5326] RSP: 0018:ffffc9000d3c7a88 EFLAGS: 00010093
[   70.675544][ T5326] RAX: ffffffff818794e4 RBX: ffff888000df8000 RCX: ffff888000df8000
[   70.678434][ T5326] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   70.681215][ T5326] RBP: 0000000000000000 R08: ffffffff81878944 R09: 0000000000000000
[   70.684145][ T5326] R10: ffffc9000d3c7b60 R11: fffff52001a78f6d R12: ffff8880436ac000
[   70.687023][ T5326] R13: ffff8880436ac1c0 R14: dffffc0000000000 R15: 0000000000000008
[   70.689921][ T5326] FS:  00007fbee05c86c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   70.693110][ T5326] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   70.695458][ T5326] CR2: 00007fbee05c7fe0 CR3: 000000003309a000 CR4: 0000000000352ef0
[   70.698330][ T5326] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   70.701221][ T5326] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   70.704054][ T5326] Call Trace:
[   70.705334][ T5326]  <TASK>
[   70.706432][ T5326]  ? __warn+0x165/0x4d0
[   70.708055][ T5326]  ? __queue_work+0xcd3/0xf50
[   70.709816][ T5326]  ? report_bug+0x2b3/0x500
[   70.711541][ T5326]  ? __queue_work+0xcd3/0xf50
[   70.713150][ T5326]  ? handle_bug+0x60/0x90
[   70.714816][ T5326]  ? exc_invalid_op+0x1a/0x50
[   70.716540][ T5326]  ? asm_exc_invalid_op+0x1a/0x20
[   70.718458][ T5326]  ? __queue_work+0x124/0xf50
[   70.720189][ T5326]  ? __queue_work+0xcc4/0xf50
[   70.721897][ T5326]  ? __queue_work+0xcd3/0xf50
[   70.723712][ T5326]  ? __queue_work+0xcc4/0xf50
[   70.725477][ T5326]  queue_work_on+0x1c2/0x380
[   70.727218][ T5326]  ? __pfx_queue_work_on+0x10/0x10
[   70.729088][ T5326]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   70.731325][ T5326]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   70.733720][ T5326]  ? skb_queue_tail+0x36/0x120
[   70.735417][ T5326]  hci_recv_frame+0x598/0x6f0
[   70.737243][ T5326]  vhci_write+0x35a/0x490
[   70.738857][ T5326]  vfs_write+0xacf/0xd10
[   70.740433][ T5326]  ? __pfx_vhci_write+0x10/0x10
[   70.742304][ T5326]  ? __pfx_vfs_write+0x10/0x10
[   70.744052][ T5326]  ? __fget_files+0x2a/0x410
[   70.745753][ T5326]  ? __fget_files+0x2a/0x410
[   70.747354][ T5326]  ksys_write+0x18f/0x2b0
[   70.748826][ T5326]  ? __pfx_ksys_write+0x10/0x10
[   70.750399][ T5326]  ? exc_page_fault+0x590/0x8b0
[   70.751888][ T5326]  ? do_syscall_64+0xb6/0x230
[   70.753456][ T5326]  do_syscall_64+0xf3/0x230
[   70.755037][ T5326]  ? clear_bhb_loop+0x35/0x90
[   70.756587][ T5326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.758605][ T5326] RIP: 0033:0x7fbedf78b85f
[   70.760129][ T5326] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   70.766786][ T5326] RSP: 002b:00007fbee05c8000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   70.770011][ T5326] RAX: ffffffffffffffda RBX: 00007fbedf9a6160 RCX: 00007fbedf78b85f
[   70.772927][ T5326] RDX: 0000000000000007 RSI: 0000000020000040 RDI: 00000000000000ca
[   70.775850][ T5326] RBP: 00007fbedf80e2a0 R08: 0000000000000000 R09: 0000000000000000
[   70.778868][ T5326] R10: 0000000020000040 R11: 0000000000000293 R12: 0000000000000000
[   70.781917][ T5326] R13: 0000000000000001 R14: 00007fbedf9a6160 R15: 00007fff79b0a828
[   70.785023][ T5326]  </TASK>
[   70.786252][ T5326] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   70.789028][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.0 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[   70.792805][ T5326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.796863][ T5326] Call Trace:
[   70.798387][ T5326]  <TASK>
[   70.799700][ T5326]  dump_stack_lvl+0x241/0x360
[   70.801509][ T5326]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.803587][ T5326]  ? __pfx__printk+0x10/0x10
[   70.805466][ T5326]  ? _printk+0xd5/0x120
[   70.807128][ T5326]  ? __init_begin+0x41000/0x41000
[   70.809076][ T5326]  ? vscnprintf+0x5d/0x90
[   70.810831][ T5326]  panic+0x349/0x880
[   70.812487][ T5326]  ? __warn+0x174/0x4d0
[   70.814096][ T5326]  ? __pfx_panic+0x10/0x10
[   70.815849][ T5326]  __warn+0x344/0x4d0
[   70.817378][ T5326]  ? __queue_work+0xcd3/0xf50
[   70.819161][ T5326]  report_bug+0x2b3/0x500
[   70.820823][ T5326]  ? __queue_work+0xcd3/0xf50
[   70.822643][ T5326]  handle_bug+0x60/0x90
[   70.824286][ T5326]  exc_invalid_op+0x1a/0x50
[   70.826069][ T5326]  asm_exc_invalid_op+0x1a/0x20
[   70.827865][ T5326] RIP: 0010:__queue_work+0xcd3/0xf50
[   70.829791][ T5326] Code: ff e8 f1 d7 37 00 90 0f 0b 90 e9 b2 fe ff ff e8 e3 d7 37 00 eb 13 e8 dc d7 37 00 eb 0c e8 d5 d7 37 00 eb 05 e8 ce d7 37 00 90 <0f> 0b 90 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc
[   70.837251][ T5326] RSP: 0018:ffffc9000d3c7a88 EFLAGS: 00010093
[   70.839478][ T5326] RAX: ffffffff818794e4 RBX: ffff888000df8000 RCX: ffff888000df8000
[   70.842541][ T5326] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   70.845475][ T5326] RBP: 0000000000000000 R08: ffffffff81878944 R09: 0000000000000000
[   70.848938][ T5326] R10: ffffc9000d3c7b60 R11: fffff52001a78f6d R12: ffff8880436ac000
[   70.852107][ T5326] R13: ffff8880436ac1c0 R14: dffffc0000000000 R15: 0000000000000008
[   70.855431][ T5326]  ? __queue_work+0x124/0xf50
[   70.857402][ T5326]  ? __queue_work+0xcc4/0xf50
[   70.859166][ T5326]  ? __queue_work+0xcc4/0xf50
[   70.860890][ T5326]  queue_work_on+0x1c2/0x380
[   70.862722][ T5326]  ? __pfx_queue_work_on+0x10/0x10
[   70.864596][ T5326]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   70.866916][ T5326]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   70.869353][ T5326]  ? skb_queue_tail+0x36/0x120
[   70.871166][ T5326]  hci_recv_frame+0x598/0x6f0
[   70.872935][ T5326]  vhci_write+0x35a/0x490
[   70.874601][ T5326]  vfs_write+0xacf/0xd10
[   70.876162][ T5326]  ? __pfx_vhci_write+0x10/0x10
[   70.878045][ T5326]  ? __pfx_vfs_write+0x10/0x10
[   70.879855][ T5326]  ? __fget_files+0x2a/0x410
[   70.881663][ T5326]  ? __fget_files+0x2a/0x410
[   70.883427][ T5326]  ksys_write+0x18f/0x2b0
[   70.885092][ T5326]  ? __pfx_ksys_write+0x10/0x10
[   70.887023][ T5326]  ? exc_page_fault+0x590/0x8b0
[   70.888875][ T5326]  ? do_syscall_64+0xb6/0x230
[   70.890552][ T5326]  do_syscall_64+0xf3/0x230
[   70.892153][ T5326]  ? clear_bhb_loop+0x35/0x90
[   70.893856][ T5326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.896058][ T5326] RIP: 0033:0x7fbedf78b85f
[   70.897975][ T5326] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   70.905139][ T5326] RSP: 002b:00007fbee05c8000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   70.908461][ T5326] RAX: ffffffffffffffda RBX: 00007fbedf9a6160 RCX: 00007fbedf78b85f
[   70.911455][ T5326] RDX: 0000000000000007 RSI: 0000000020000040 RDI: 00000000000000ca
[   70.914417][ T5326] RBP: 00007fbedf80e2a0 R08: 0000000000000000 R09: 0000000000000000
[   70.917392][ T5326] R10: 0000000020000040 R11: 0000000000000293 R12: 0000000000000000
[   70.920292][ T5326] R13: 0000000000000001 R14: 00007fbedf9a6160 R15: 00007fff79b0a828
[   70.923282][ T5326]  </TASK>
[   70.924738][ T5326] Kernel Offset: disabled
[   70.926384][ T5326] Rebooting in 86400 seconds..