program:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, &(0x7f0000000100), 0x8) (async)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0418"], 0x1a) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767562a90a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5}, 0x48) (async)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="5800000002160102000000004ef18a92a6e0c8cb3800000052232c7a697e00000000000900020073797a3100000000050004000000000011000300686173b2536e65742c6e6574000000000c000780080006400007000405000501000000"], 0x58}, 0x1, 0x0, 0x0, 0x20044000}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

[   84.664397][ T5308] Bluetooth: hci0: command tx timeout
[   84.771820][ T4675] ------------[ cut here ]------------
[   84.774577][ T4675] WARNING: CPU: 0 PID: 4675 at net/bluetooth/hci_conn.c:567 hci_conn_timeout+0xff/0x290
[   84.778587][ T4675] Modules linked in:
[   84.780377][ T4675] CPU: 0 UID: 0 PID: 4675 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full) 
[   84.785219][ T4675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   84.790089][ T4675] Workqueue: hci0 hci_conn_timeout
[   84.792002][ T4675] RIP: 0010:hci_conn_timeout+0xff/0x290
[   84.794617][ T4675] Code: 48 89 df e8 e3 1e 09 00 eb 07 e8 cc dc 86 f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 87 c4 fe ff e8 b2 dc 86 f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[   84.802548][ T4675] RSP: 0018:ffffc90002127a50 EFLAGS: 00010293
[   84.805323][ T4675] RAX: ffffffff8a37a96e RBX: ffff888037d90000 RCX: ffff88801f264900
[   84.808396][ T4675] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   84.811477][ T4675] RBP: 00000000ffffffff R08: ffff888037d90013 R09: 1ffff11006fb2002
[   84.814807][ T4675] R10: dffffc0000000000 R11: ffffed1006fb2003 R12: dffffc0000000000
[   84.818031][ T4675] R13: ffff88801f304f18 R14: ffff888037d90948 R15: ffff888037d90010
[   84.821421][ T4675] FS:  0000000000000000(0000) GS:ffff88808d973000(0000) knlGS:0000000000000000
[   84.825351][ T4675] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   84.828249][ T4675] CR2: 00007fc2f79b7190 CR3: 0000000040879000 CR4: 0000000000352ef0
[   84.831686][ T4675] Call Trace:
[   84.833237][ T4675]  <TASK>
[   84.834766][ T4675]  ? process_scheduled_works+0x9ef/0x17b0
[   84.837256][ T4675]  process_scheduled_works+0xade/0x17b0
[   84.839655][ T4675]  ? __pfx_process_scheduled_works+0x10/0x10
[   84.842198][ T4675]  worker_thread+0x8a0/0xda0
[   84.844459][ T4675]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   84.847140][ T4675]  ? __kthread_parkme+0x7b/0x200
[   84.849346][ T4675]  kthread+0x711/0x8a0
[   84.851209][ T4675]  ? __pfx_worker_thread+0x10/0x10
[   84.853444][ T4675]  ? __pfx_kthread+0x10/0x10
[   84.855416][ T4675]  ? _raw_spin_unlock_irq+0x23/0x50
[   84.857616][ T4675]  ? lockdep_hardirqs_on+0x9c/0x150
[   84.859846][ T4675]  ? __pfx_kthread+0x10/0x10
[   84.861888][ T4675]  ret_from_fork+0x436/0x7d0
[   84.864097][ T4675]  ? __pfx_ret_from_fork+0x10/0x10
[   84.866296][ T4675]  ? __pfx_kthread+0x10/0x10
[   84.868415][ T4675]  ret_from_fork_asm+0x1a/0x30
[   84.870529][ T4675]  </TASK>
[   84.871928][ T4675] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   84.875082][ T4675] CPU: 0 UID: 0 PID: 4675 Comm: kworker/u5:1 Not tainted syzkaller #0 PREEMPT(full) 
[   84.879094][ T4675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   84.883841][ T4675] Workqueue: hci0 hci_conn_timeout
[   84.886115][ T4675] Call Trace:
[   84.887662][ T4675]  <TASK>
[   84.889027][ T4675]  dump_stack_lvl+0x99/0x250
[   84.891137][ T4675]  ? __asan_memcpy+0x40/0x70
[   84.893243][ T4675]  ? __pfx_dump_stack_lvl+0x10/0x10
[   84.895601][ T4675]  ? __pfx__printk+0x10/0x10
[   84.897620][ T4675]  vpanic+0x281/0x750
[   84.899489][ T4675]  ? __pfx__printk+0x10/0x10
[   84.901518][ T4675]  ? __pfx_vpanic+0x10/0x10
[   84.903536][ T4675]  ? is_bpf_text_address+0x292/0x2b0
[   84.905809][ T4675]  panic+0xb9/0xc0
[   84.907477][ T4675]  ? __pfx_panic+0x10/0x10
[   84.909453][ T4675]  __warn+0x31b/0x4b0
[   84.911174][ T4675]  ? hci_conn_timeout+0xff/0x290
[   84.913310][ T4675]  ? hci_conn_timeout+0xff/0x290
[   84.915479][ T4675]  report_bug+0x2be/0x4f0
[   84.917329][ T4675]  ? hci_conn_timeout+0xff/0x290
[   84.919485][ T4675]  ? hci_conn_timeout+0xff/0x290
[   84.921618][ T4675]  ? hci_conn_timeout+0x101/0x290
[   84.923825][ T4675]  handle_bug+0x84/0x160
[   84.925701][ T4675]  exc_invalid_op+0x1a/0x50
[   84.927647][ T4675]  asm_exc_invalid_op+0x1a/0x20
[   84.929736][ T4675] RIP: 0010:hci_conn_timeout+0xff/0x290
[   84.932097][ T4675] Code: 48 89 df e8 e3 1e 09 00 eb 07 e8 cc dc 86 f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 87 c4 fe ff e8 b2 dc 86 f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[   84.940427][ T4675] RSP: 0018:ffffc90002127a50 EFLAGS: 00010293
[   84.943049][ T4675] RAX: ffffffff8a37a96e RBX: ffff888037d90000 RCX: ffff88801f264900
[   84.946463][ T4675] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[   84.949838][ T4675] RBP: 00000000ffffffff R08: ffff888037d90013 R09: 1ffff11006fb2002
[   84.953214][ T4675] R10: dffffc0000000000 R11: ffffed1006fb2003 R12: dffffc0000000000
[   84.956539][ T4675] R13: ffff88801f304f18 R14: ffff888037d90948 R15: ffff888037d90010
[   84.959867][ T4675]  ? hci_conn_timeout+0xfe/0x290
[   84.961971][ T4675]  ? process_scheduled_works+0x9ef/0x17b0
[   84.964406][ T4675]  process_scheduled_works+0xade/0x17b0
[   84.966811][ T4675]  ? __pfx_process_scheduled_works+0x10/0x10
[   84.969329][ T4675]  worker_thread+0x8a0/0xda0
[   84.971334][ T4675]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   84.974068][ T4675]  ? __kthread_parkme+0x7b/0x200
[   84.976135][ T4675]  kthread+0x711/0x8a0
[   84.977879][ T4675]  ? __pfx_worker_thread+0x10/0x10
[   84.979910][ T4675]  ? __pfx_kthread+0x10/0x10
[   84.981845][ T4675]  ? _raw_spin_unlock_irq+0x23/0x50
[   84.984019][ T4675]  ? lockdep_hardirqs_on+0x9c/0x150
[   84.986188][ T4675]  ? __pfx_kthread+0x10/0x10
[   84.988168][ T4675]  ret_from_fork+0x436/0x7d0
[   84.990142][ T4675]  ? __pfx_ret_from_fork+0x10/0x10
[   84.992348][ T4675]  ? __pfx_kthread+0x10/0x10
[   84.994385][ T4675]  ret_from_fork_asm+0x1a/0x30
[   84.996428][ T4675]  </TASK>
[   84.998115][ T4675] Kernel Offset: disabled
[   85.000018][ T4675] Rebooting in 86400 seconds..