program:
sendmsg$IPCTNL_MSG_CT_GET_STATS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0xc800) (async)
sendmsg$IPCTNL_MSG_CT_GET_STATS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0xc800)
syz_emit_vhci(&(0x7f0000000080)=@HCI_SCODATA_PKT={0x3, {0xc8, 0xef}, "a9ba7b39ba232cfcdb68ad890cdba7456af12ee0473340249ddaec58809b670bf4300809a99c1c7cd7edec6272d726ecf4c2c16551604034505cc1468f1135a7ca864eea8642f5e306c0af352713c0cfc94f53ef8960fa86719a857b826e6539f2d9030f8f1686f86cf78ae9b033aee551a4387956f0c08757f2dfd282ff7d1f129b5ecfd78d1069bcf7b35867465263cd3733a3169daac0c29011b447d0140e9085e5af665eec62dfcf84e3ea1506002de0158fa4429c895ec8b692d28b5951d75f6b64d2a9bcb85387c290918555586a8f2fc640d45b49c991b8f5f518a57b6d8d96b6eadda549e43f6f1a3aabcc"}, 0xf3)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000003d40)={0x0, 0x0, &(0x7f0000003d00)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x485a08b97ac18223, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}], {0x14}}, 0x68}, 0x1, 0x0, 0x0, 0x2015}, 0x10)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a"], 0x22)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="0430"], 0x7) (async)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="0430"], 0x7)

[   73.476757][   T48] Bluetooth: hci0: command tx timeout
[   73.578771][   T48] Bluetooth: hci0: unexpected event 0x30 length: 4 > 3
[   73.578838][   T48] Bluetooth: hci0: unexpected event 0x30 length: 4 > 3
[   73.581849][   T48] ------------[ cut here ]------------
[   73.586569][   T48] WARNING: CPU: 0 PID: 48 at net/bluetooth/hci_conn.c:567 hci_conn_timeout+0xfb/0x290
[   73.589954][   T48] Modules linked in:
[   73.591385][   T48] CPU: 0 UID: 0 PID: 48 Comm: kworker/u5:0 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[   73.595143][   T48] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.599094][   T48] Workqueue: hci0 hci_conn_timeout
[   73.600961][   T48] RIP: 0010:hci_conn_timeout+0xfb/0x290
[   73.602767][   T48] Code: 4c 89 f7 e8 47 a4 09 00 eb 07 e8 c0 f1 de f6 b0 13 0f b6 f0 4c 89 f7 5b 41 5c 41 5e 41 5f 5d e9 cb ba fe ff e8 a6 f1 de f6 90 <0f> 0b 90 eb 8f 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 36 ff ff ff 48
[   73.609769][   T48] RSP: 0018:ffffc90000637b90 EFLAGS: 00010293
[   73.611959][   T48] RAX: ffffffff8ab6ee6a RBX: ffff888043aac8e8 RCX: ffff88801e274880
[   73.615091][   T48] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   73.617967][   T48] RBP: 00000000ffffffff R08: ffffffff8ab6edd3 R09: 1ffff11008755802
[   73.620849][   T48] R10: dffffc0000000000 R11: ffffed1008755803 R12: dffffc0000000000
[   73.623689][   T48] R13: ffffffff815f5b16 R14: ffff888043aac000 R15: 0000000001400000
[   73.626621][   T48] FS:  0000000000000000(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   73.630026][   T48] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   73.632281][   T48] CR2: 0000562ad69d1f20 CR3: 0000000011f24000 CR4: 0000000000352ef0
[   73.635493][   T48] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   73.638411][   T48] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   73.641295][   T48] Call Trace:
[   73.642530][   T48]  <TASK>
[   73.643675][   T48]  ? __warn+0x168/0x4e0
[   73.645351][   T48]  ? hci_conn_timeout+0xfb/0x290
[   73.647139][   T48]  ? report_bug+0x2b3/0x500
[   73.648808][   T48]  ? hci_conn_timeout+0xfb/0x290
[   73.650595][   T48]  ? handle_bug+0x60/0x90
[   73.652126][   T48]  ? exc_invalid_op+0x1a/0x50
[   73.653803][   T48]  ? asm_exc_invalid_op+0x1a/0x20
[   73.655745][   T48]  ? process_scheduled_works+0x976/0x1850
[   73.657812][   T48]  ? hci_conn_timeout+0x63/0x290
[   73.659648][   T48]  ? hci_conn_timeout+0xfa/0x290
[   73.661473][   T48]  ? hci_conn_timeout+0xfb/0x290
[   73.663210][   T48]  process_scheduled_works+0xa63/0x1850
[   73.665333][   T48]  ? __pfx_process_scheduled_works+0x10/0x10
[   73.667471][   T48]  ? assign_work+0x364/0x3d0
[   73.669089][   T48]  worker_thread+0x870/0xd30
[   73.670815][   T48]  ? __kthread_parkme+0x169/0x1d0
[   73.672640][   T48]  ? __pfx_worker_thread+0x10/0x10
[   73.674469][   T48]  kthread+0x2f0/0x390
[   73.676051][   T48]  ? __pfx_worker_thread+0x10/0x10
[   73.677869][   T48]  ? __pfx_kthread+0x10/0x10
[   73.679489][   T48]  ret_from_fork+0x4b/0x80
[   73.681091][   T48]  ? __pfx_kthread+0x10/0x10
[   73.682785][   T48]  ret_from_fork_asm+0x1a/0x30
[   73.684620][   T48]  </TASK>
[   73.685846][   T48] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   73.688504][   T48] CPU: 0 UID: 0 PID: 48 Comm: kworker/u5:0 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[   73.692528][   T48] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.696844][   T48] Workqueue: hci0 hci_conn_timeout
[   73.698745][   T48] Call Trace:
[   73.699951][   T48]  <TASK>
[   73.701028][   T48]  dump_stack_lvl+0x241/0x360
[   73.702715][   T48]  ? __pfx_dump_stack_lvl+0x10/0x10
[   73.704480][   T48]  ? __pfx__printk+0x10/0x10
[   73.706125][   T48]  ? _printk+0xd5/0x120
[   73.707865][   T48]  ? __init_begin+0x41000/0x41000
[   73.709701][   T48]  ? vscnprintf+0x5d/0x90
[   73.711253][   T48]  panic+0x349/0x880
[   73.712723][   T48]  ? __warn+0x177/0x4e0
[   73.714221][   T48]  ? __pfx_panic+0x10/0x10
[   73.715840][   T48]  ? show_trace_log_lvl+0x3b2/0x410
[   73.717691][   T48]  ? ret_from_fork_asm+0x1a/0x30
[   73.719478][   T48]  __warn+0x34b/0x4e0
[   73.720915][   T48]  ? hci_conn_timeout+0xfb/0x290
[   73.722621][   T48]  report_bug+0x2b3/0x500
[   73.724163][   T48]  ? hci_conn_timeout+0xfb/0x290
[   73.725949][   T48]  handle_bug+0x60/0x90
[   73.727507][   T48]  exc_invalid_op+0x1a/0x50
[   73.729225][   T48]  asm_exc_invalid_op+0x1a/0x20
[   73.730906][   T48] RIP: 0010:hci_conn_timeout+0xfb/0x290
[   73.732765][   T48] Code: 4c 89 f7 e8 47 a4 09 00 eb 07 e8 c0 f1 de f6 b0 13 0f b6 f0 4c 89 f7 5b 41 5c 41 5e 41 5f 5d e9 cb ba fe ff e8 a6 f1 de f6 90 <0f> 0b 90 eb 8f 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 36 ff ff ff 48
[   73.739827][   T48] RSP: 0018:ffffc90000637b90 EFLAGS: 00010293
[   73.741847][   T48] RAX: ffffffff8ab6ee6a RBX: ffff888043aac8e8 RCX: ffff88801e274880
[   73.744556][   T48] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   73.747302][   T48] RBP: 00000000ffffffff R08: ffffffff8ab6edd3 R09: 1ffff11008755802
[   73.750089][   T48] R10: dffffc0000000000 R11: ffffed1008755803 R12: dffffc0000000000
[   73.753061][   T48] R13: ffffffff815f5b16 R14: ffff888043aac000 R15: 0000000001400000
[   73.755898][   T48]  ? process_scheduled_works+0x976/0x1850
[   73.757977][   T48]  ? hci_conn_timeout+0x63/0x290
[   73.759757][   T48]  ? hci_conn_timeout+0xfa/0x290
[   73.761546][   T48]  process_scheduled_works+0xa63/0x1850
[   73.763564][   T48]  ? __pfx_process_scheduled_works+0x10/0x10
[   73.765695][   T48]  ? assign_work+0x364/0x3d0
[   73.767349][   T48]  worker_thread+0x870/0xd30
[   73.769038][   T48]  ? __kthread_parkme+0x169/0x1d0
[   73.770952][   T48]  ? __pfx_worker_thread+0x10/0x10
[   73.772780][   T48]  kthread+0x2f0/0x390
[   73.774177][   T48]  ? __pfx_worker_thread+0x10/0x10
[   73.776013][   T48]  ? __pfx_kthread+0x10/0x10
[   73.777773][   T48]  ret_from_fork+0x4b/0x80
[   73.779411][   T48]  ? __pfx_kthread+0x10/0x10
[   73.781091][   T48]  ret_from_fork_asm+0x1a/0x30
[   73.782804][   T48]  </TASK>
[   73.784169][   T48] Kernel Offset: disabled
[   73.785775][   T48] Rebooting in 86400 seconds..