------------[ cut here ]------------
workqueue: cannot queue hci_cmd_timeout on wq hci1
WARNING: kernel/workqueue.c:2298 at __queue_work+0xd1f/0xfc0, CPU#1: syz.4.27890/8923
Modules linked in:
CPU: 1 UID: 0 PID: 8923 Comm: syz.4.27890 Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:__queue_work+0xd4a/0xfc0
Code: 83 c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 67 ce a3 00 49 8b 75 00 49 81 c7 70 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc
RSP: 0000:ffffc90000a08bf0 EFLAGS: 00010082
RAX: 1ffff11037ddb94e RBX: 0000000000000008 RCX: ffff8881adcdbb00
RDX: ffff88816f735170 RSI: ffffffff8a9b7140 RDI: ffffffff90339d70
RBP: 0000000000000100 R08: ffffffff9030a6f7 R09: 1ffffffff20614de
R10: dffffc0000000000 R11: ffffffff818d3630 R12: dffffc0000000000
R13: ffff8881beedca70 R14: ffffffff90339d70 R15: ffff88816f735170
FS:  0000555572473500(0000) GS:ffff8882a9293000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f7288e0a0b0 CR3: 00000001a2862000 CR4: 00000000000006f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
 <IRQ>
 call_timer_fn+0x192/0x5e0
 __run_timer_base+0x67e/0x8b0
 run_timer_softirq+0xb7/0x170
 handle_softirqs+0x22a/0x840
 __irq_exit_rcu+0xca/0x220
 irq_exit_rcu+0x9/0x30
 sysvec_apic_timer_interrupt+0xa6/0xc0
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:lock_acquire+0x221/0x350
Code: ff ff ff e8 e1 54 06 0a f7 44 24 08 00 02 00 00 0f 84 3a ff ff ff 65 48 8b 05 cb 2f 97 11 48 3b 44 24 58 75 33 fb 48 83 c4 60 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d 98 5c 92
RSP: 0000:ffffc9000754f1d8 EFLAGS: 00000286
RAX: 37c570b722b4e100 RBX: 0000000000000000 RCX: 0000000000000046
RDX: 000000004a854d8e RSI: ffffffff8e21bb17 RDI: ffffffff8c28b0e0
RBP: ffffffff8176e256 R08: ffffffff8176e256 R09: ffffffff8e95cda0
R10: ffffc9000754f338 R11: ffffffff81b0d910 R12: 0000000000000002
R13: ffffffff8e95cda0 R14: 0000000000000000 R15: 0000000000000246
 unwind_next_frame+0xc3/0x2550
 arch_stack_walk+0x11b/0x150
 stack_trace_save+0xa9/0x100
 save_stack+0x122/0x230
 __set_page_owner+0x8d/0x4c0
 post_alloc_hook+0x1f9/0x250
 get_page_from_freelist+0x24ba/0x2540
 __alloc_frozen_pages_noprof+0x18d/0x380
 alloc_pages_mpol+0x235/0x490
 folio_alloc_mpol_noprof+0x39/0x160
 vma_alloc_folio_noprof+0xe1/0x1e0
 do_wp_page+0x118a/0x4cc0
 handle_mm_fault+0x151d/0x3170
 do_user_addr_fault+0xa73/0x1340
 exc_page_fault+0x6a/0xc0
 asm_exc_page_fault+0x26/0x30
RIP: 0033:0x7f7288a507fc
Code: 23 83 c0 01 44 39 d0 75 dc 48 89 f0 25 ff 1f 00 00 49 89 34 c1 41 88 3c 00 31 c0 c3 66 90 41 38 3c 10 74 0b 41 88 3c 10 31 c0 <49> 89 34 d1 c3 b8 01 00 00 00 c3 66 0f 1f 84 00 00 00 00 00 48 83
RSP: 002b:00007ffeead9c028 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffffffff81be3016 RCX: 0000000000000000
RDX: 0000000000001016 RSI: ffffffff81be3016 RDI: 0000000000000000
RBP: 0000000000000000 R08: 00007f7288e00000 R09: 00007f7288e02000
R10: 0000000081be301a R11: 0000000000000000 R12: 00007f7288e16038
R13: 000000000000003c R14: ffffffff81be3016 R15: 00007f7289945720
 </TASK>
