[ 45.996681] Bluetooth: hci3: command 0x0419 tx timeout [ 46.038738] Bluetooth: hci2: command 0x0419 tx timeout [ 46.081118] Bluetooth: hci1: command 0x0419 tx timeout [ 46.103648] Bluetooth: hci4: command 0x0419 tx timeout [ 159.962900] Bluetooth: hci0: command 0x0406 tx timeout [ 159.985803] Bluetooth: hci5: command 0x0406 tx timeout [ 160.024307] Bluetooth: hci3: command 0x0406 tx timeout [ 160.063553] Bluetooth: hci2: command 0x0406 tx timeout [ 160.104379] Bluetooth: hci1: command 0x0406 tx timeout [ 160.151709] Bluetooth: hci4: command 0x0406 tx timeout [ 460.779954] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 460.787403] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 460.798107] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 460.805411] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 460.815827] device bridge_slave_1 left promiscuous mode [ 460.822422] bridge0: port 2(bridge_slave_1) entered disabled state [ 460.832801] device bridge_slave_0 left promiscuous mode [ 460.838218] bridge0: port 1(bridge_slave_0) entered disabled state [ 460.853493] device veth1_macvtap left promiscuous mode [ 460.859028] device veth0_macvtap left promiscuous mode [ 460.864955] device veth1_vlan left promiscuous mode [ 460.870205] device veth0_vlan left promiscuous mode [ 460.945464] device hsr_slave_1 left promiscuous mode [ 460.954782] device hsr_slave_0 left promiscuous mode [ 460.968724] team0 (unregistering): Port device team_slave_1 removed [ 460.978889] team0 (unregistering): Port device team_slave_0 removed [ 460.988874] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 460.998839] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 461.028857] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.1.2' (ECDSA) to the list of known hosts. [ 462.810771] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 462.817536] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 462.825486] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 462.832487] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 462.839859] device bridge_slave_1 left promiscuous mode [ 462.845635] bridge0: port 2(bridge_slave_1) entered disabled state [ 462.853638] device bridge_slave_0 left promiscuous mode [ 462.859063] bridge0: port 1(bridge_slave_0) entered disabled state [ 462.868071] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 462.874911] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 462.882379] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 462.889086] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 462.896731] device bridge_slave_1 left promiscuous mode [ 462.902580] bridge0: port 2(bridge_slave_1) entered disabled state [ 462.909473] device bridge_slave_0 left promiscuous mode [ 462.915118] bridge0: port 1(bridge_slave_0) entered disabled state [ 462.924064] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 462.930743] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 462.937757] kasan: CONFIG_KASAN_INLINE enabled [ 462.942637] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 462.950066] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 462.956281] CPU: 1 PID: 883 Comm: kworker/u4:4 Not tainted 5.0.0-syzkaller #0 [ 462.963537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 462.973002] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet [ 462.980096] RIP: 0010:batadv_iv_ogm_queue_add+0x9b/0xe50 [ 462.985515] Code: 44 89 8d 64 ff ff ff c7 02 f1 f1 f1 f1 c7 42 04 04 f2 f2 f2 48 89 fa 65 48 8b 0c 25 28 00 00 00 48 89 4d d0 31 c9 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 99 0b 00 00 [ 463.004402] RSP: 0018:ffff8880a8147ac0 EFLAGS: 00010246 [ 463.009738] RAX: dffffc0000000000 RBX: ffff888096462340 RCX: 0000000000000000 [ 463.017339] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 463.024597] RBP: ffff8880a8147bd8 R08: ffff888096ee6a00 R09: 0000000000000001 [ 463.031849] R10: ffffed1015028f8f R11: 0000000000000003 R12: ffff888096ee6a00 [ 463.039119] R13: dffffc0000000000 R14: ffffed1012ddcd4e R15: 000000000000003c [ 463.046366] FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 463.054565] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 463.060422] CR2: 000056335b05f1d8 CR3: 000000009671f000 CR4: 00000000001406e0 [ 463.067667] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 463.074910] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 463.082154] Call Trace: [ 463.084720] ? batadv_iv_ogm_iface_enable+0x370/0x370 [ 463.089964] ? lock_acquire+0x180/0x3a0 [ 463.094002] ? kasan_check_read+0x11/0x20 [ 463.098182] batadv_iv_ogm_schedule+0xb47/0xe80 [ 463.102827] ? batadv_iv_ogm_queue_add+0xe50/0xe50 [ 463.107741] batadv_iv_send_outstanding_bat_ogm_packet+0x4a2/0x790 [ 463.114136] ? rcu_lockdep_current_cpu_online+0xe5/0x130 [ 463.119616] process_one_work+0x7b9/0x15e0 [ 463.123834] ? pwq_dec_nr_in_flight+0x2c0/0x2c0 [ 463.128480] ? lock_acquire+0x180/0x3a0 [ 463.132483] ? _raw_spin_lock_irq+0x3c/0x90 [ 463.136781] worker_thread+0x85/0xb60 [ 463.140563] ? __kthread_parkme+0x47/0x190 [ 463.144779] kthread+0x324/0x3e0 [ 463.148116] ? process_one_work+0x15e0/0x15e0 [ 463.152590] ? kthread_park+0x120/0x120 [ 463.156538] ret_from_fork+0x24/0x30 [ 463.160229] Modules linked in: [ 463.163693] ---[ end trace 03fb34c68640babf ]--- [ 463.168447] RIP: 0010:batadv_iv_ogm_queue_add+0x9b/0xe50 [ 463.173938] Code: 44 89 8d 64 ff ff ff c7 02 f1 f1 f1 f1 c7 42 04 04 f2 f2 f2 48 89 fa 65 48 8b 0c 25 28 00 00 00 48 89 4d d0 31 c9 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 99 0b 00 00 [ 463.192883] RSP: 0018:ffff8880a8147ac0 EFLAGS: 00010246 [ 463.198316] RAX: dffffc0000000000 RBX: ffff888096462340 RCX: 0000000000000000 [ 463.205621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 463.212931] RBP: ffff8880a8147bd8 R08: ffff888096ee6a00 R09: 0000000000000001 [ 463.220201] R10: ffffed1015028f8f R11: 0000000000000003 R12: ffff888096ee6a00 [ 463.227495] R13: dffffc0000000000 R14: ffffed1012ddcd4e R15: 000000000000003c [ 463.234795] FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 463.243144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 463.249011] CR2: 000056335b05f1d8 CR3: 000000009671f000 CR4: 00000000001406e0 [ 463.256310] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 463.263617] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 463.270880] Kernel panic - not syncing: Fatal exception [ 463.277672] Kernel Offset: disabled [ 463.281284] Rebooting in 86400 seconds..