program:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000100), 0x8) (async)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0418"], 0x1a) (async)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
[ 75.631867][ T5332] Bluetooth: hci0: command tx timeout
[ 75.663666][ T4701] ------------[ cut here ]------------
[ 75.667145][ T4701] WARNING: CPU: 0 PID: 4701 at net/bluetooth/hci_conn.c:568 hci_conn_timeout+0xff/0x290
[ 75.671408][ T4701] Modules linked in:
[ 75.673223][ T4701] CPU: 0 UID: 0 PID: 4701 Comm: kworker/u5:1 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full)
[ 75.684144][ T4701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 75.692436][ T4701] Workqueue: hci0 hci_conn_timeout
[ 75.695098][ T4701] RIP: 0010:hci_conn_timeout+0xff/0x290
[ 75.697349][ T4701] Code: 48 89 df e8 23 05 09 00 eb 07 e8 1c d5 46 f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 37 ca fe ff e8 02 d5 46 f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[ 75.705623][ T4701] RSP: 0018:ffffc9000213fa50 EFLAGS: 00010293
[ 75.708432][ T4701] RAX: ffffffff8a78e65e RBX: ffff888052ad8000 RCX: ffff88801f2fa440
[ 75.712381][ T4701] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[ 75.715983][ T4701] RBP: 00000000ffffffff R08: ffff888052ad8013 R09: 1ffff1100a55b002
[ 75.719377][ T4701] R10: dffffc0000000000 R11: ffffed100a55b003 R12: dffffc0000000000
[ 75.722685][ T4701] R13: ffff88801f3da918 R14: ffff888052ad8948 R15: ffff888052ad8010
[ 75.725758][ T4701] FS: 0000000000000000(0000) GS:ffff88808d211000(0000) knlGS:0000000000000000
[ 75.729192][ T4701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 75.732041][ T4701] CR2: 00007fd4a6e20fc8 CR3: 00000000401b3000 CR4: 0000000000352ef0
[ 75.735333][ T4701] Call Trace:
[ 75.736875][ T4701]
[ 75.738171][ T4701] ? process_scheduled_works+0x9ef/0x17b0
[ 75.740837][ T4701] process_scheduled_works+0xade/0x17b0
[ 75.743306][ T4701] ? __pfx_process_scheduled_works+0x10/0x10
[ 75.745958][ T4701] worker_thread+0x8a0/0xda0
[ 75.748076][ T4701] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 75.750950][ T4701] ? __kthread_parkme+0x7b/0x200
[ 75.753039][ T4701] kthread+0x70e/0x8a0
[ 75.754843][ T4701] ? __pfx_worker_thread+0x10/0x10
[ 75.757252][ T4701] ? __pfx_kthread+0x10/0x10
[ 75.759553][ T4701] ? _raw_spin_unlock_irq+0x23/0x50
[ 75.761938][ T4701] ? lockdep_hardirqs_on+0x9c/0x150
[ 75.764236][ T4701] ? __pfx_kthread+0x10/0x10
[ 75.766090][ T4701] ret_from_fork+0x3f9/0x770
[ 75.768167][ T4701] ? __pfx_ret_from_fork+0x10/0x10
[ 75.770408][ T4701] ? __pfx_kthread+0x10/0x10
[ 75.772476][ T4701] ret_from_fork_asm+0x1a/0x30
[ 75.774617][ T4701]
[ 75.776031][ T4701] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 75.779203][ T4701] CPU: 0 UID: 0 PID: 4701 Comm: kworker/u5:1 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full)
[ 75.784767][ T4701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 75.789706][ T4701] Workqueue: hci0 hci_conn_timeout
[ 75.792199][ T4701] Call Trace:
[ 75.793762][ T4701]
[ 75.795156][ T4701] dump_stack_lvl+0x99/0x250
[ 75.797292][ T4701] ? __asan_memcpy+0x40/0x70
[ 75.799274][ T4701] ? __pfx_dump_stack_lvl+0x10/0x10
[ 75.801383][ T4701] ? __pfx__printk+0x10/0x10
[ 75.803432][ T4701] vpanic+0x281/0x750
[ 75.805096][ T4701] ? __pfx__printk+0x10/0x10
[ 75.807101][ T4701] ? __pfx_vpanic+0x10/0x10
[ 75.809229][ T4701] ? is_bpf_text_address+0x292/0x2b0
[ 75.811544][ T4701] panic+0xb9/0xc0
[ 75.813327][ T4701] ? __pfx_panic+0x10/0x10
[ 75.815645][ T4701] __warn+0x31b/0x4b0
[ 75.817256][ T4701] ? hci_conn_timeout+0xff/0x290
[ 75.819207][ T4701] ? hci_conn_timeout+0xff/0x290
[ 75.821220][ T4701] report_bug+0x2be/0x4f0
[ 75.822991][ T4701] ? hci_conn_timeout+0xff/0x290
[ 75.825067][ T4701] ? hci_conn_timeout+0xff/0x290
[ 75.827299][ T4701] ? hci_conn_timeout+0x101/0x290
[ 75.829736][ T4701] handle_bug+0x84/0x160
[ 75.831754][ T4701] exc_invalid_op+0x1a/0x50
[ 75.833863][ T4701] asm_exc_invalid_op+0x1a/0x20
[ 75.835969][ T4701] RIP: 0010:hci_conn_timeout+0xff/0x290
[ 75.838563][ T4701] Code: 48 89 df e8 23 05 09 00 eb 07 e8 1c d5 46 f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 37 ca fe ff e8 02 d5 46 f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[ 75.846624][ T4701] RSP: 0018:ffffc9000213fa50 EFLAGS: 00010293
[ 75.849387][ T4701] RAX: ffffffff8a78e65e RBX: ffff888052ad8000 RCX: ffff88801f2fa440
[ 75.853093][ T4701] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[ 75.856916][ T4701] RBP: 00000000ffffffff R08: ffff888052ad8013 R09: 1ffff1100a55b002
[ 75.860628][ T4701] R10: dffffc0000000000 R11: ffffed100a55b003 R12: dffffc0000000000
[ 75.864160][ T4701] R13: ffff88801f3da918 R14: ffff888052ad8948 R15: ffff888052ad8010
[ 75.867696][ T4701] ? hci_conn_timeout+0xfe/0x290
[ 75.870041][ T4701] ? process_scheduled_works+0x9ef/0x17b0
[ 75.872359][ T4701] process_scheduled_works+0xade/0x17b0
[ 75.874814][ T4701] ? __pfx_process_scheduled_works+0x10/0x10
[ 75.877398][ T4701] worker_thread+0x8a0/0xda0
[ 75.879352][ T4701] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 75.882038][ T4701] ? __kthread_parkme+0x7b/0x200
[ 75.884086][ T4701] kthread+0x70e/0x8a0
[ 75.885833][ T4701] ? __pfx_worker_thread+0x10/0x10
[ 75.888065][ T4701] ? __pfx_kthread+0x10/0x10
[ 75.889989][ T4701] ? _raw_spin_unlock_irq+0x23/0x50
[ 75.892158][ T4701] ? lockdep_hardirqs_on+0x9c/0x150
[ 75.894505][ T4701] ? __pfx_kthread+0x10/0x10
[ 75.896666][ T4701] ret_from_fork+0x3f9/0x770
[ 75.898660][ T4701] ? __pfx_ret_from_fork+0x10/0x10
[ 75.900919][ T4701] ? __pfx_kthread+0x10/0x10
[ 75.902818][ T4701] ret_from_fork_asm+0x1a/0x30
[ 75.904893][ T4701]
[ 75.906563][ T4701] Kernel Offset: disabled
[ 75.908486][ T4701] Rebooting in 86400 seconds..