[ 53.706337][ T8993] Bluetooth: hci5: command 0x0419 tx timeout [ 53.779582][ T8993] Bluetooth: hci3: command 0x0419 tx timeout [ 53.786900][ T8993] Bluetooth: hci2: command 0x0419 tx timeout [ 53.860683][ T8993] Bluetooth: hci1: command 0x0419 tx timeout [ 170.327712][ T8993] Bluetooth: hci0: command 0x0406 tx timeout [ 170.340008][ T8993] Bluetooth: hci1: command 0x0406 tx timeout [ 170.387117][ T8993] Bluetooth: hci3: command 0x0406 tx timeout [ 170.424294][ T8993] Bluetooth: hci2: command 0x0406 tx timeout [ 170.451440][ T8993] Bluetooth: hci5: command 0x0406 tx timeout [ 170.487861][ T8993] Bluetooth: hci4: command 0x0406 tx timeout [ 469.872147][ T8] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 469.882217][ T8] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 469.894330][ T8] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 469.903167][ T8] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 469.911696][T10756] kasan: CONFIG_KASAN_INLINE enabled Warning: Permanently added '10.128.1.60' (ECDSA) to the list of known hosts. [ 469.918541][T10756] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 469.926872][T10756] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 469.934014][T10756] CPU: 0 PID: 10756 Comm: kworker/u4:8 Not tainted 5.2.0-rc6-syzkaller #0 [ 469.942679][T10756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 469.953310][T10756] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet [ 469.961098][T10756] RIP: 0010:batadv_iv_ogm_queue_add+0x9b/0xe50 [ 469.967404][T10756] Code: 44 89 8d 64 ff ff ff c7 02 f1 f1 f1 f1 c7 42 04 04 f2 f2 f2 48 89 fa 65 48 8b 0c 25 28 00 00 00 48 89 4d d0 31 c9 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 99 0b 00 00 [ 469.986989][T10756] RSP: 0018:ffff888099d9fac0 EFLAGS: 00010246 [ 469.993031][T10756] RAX: dffffc0000000000 RBX: ffff88809c2d4c80 RCX: 0000000000000000 [ 470.001047][T10756] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 470.009001][T10756] RBP: ffff888099d9fbd8 R08: ffff8880a3fdb900 R09: 0000000000000001 [ 470.016956][T10756] R10: ffffed10133b3f8f R11: 0000000000000003 R12: ffff8880a3fdb900 [ 470.024911][T10756] R13: dffffc0000000000 R14: ffffed10147fb72e R15: 000000000000003c [ 470.032867][T10756] FS: 0000000000000000(0000) GS:ffff8880ba200000(0000) knlGS:0000000000000000 [ 470.041819][T10756] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 470.048385][T10756] CR2: 00005559bfb66160 CR3: 00000000a3ddc000 CR4: 00000000001406f0 [ 470.056384][T10756] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 470.064484][T10756] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 470.072485][T10756] Call Trace: [ 470.075825][T10756] ? rcu_preempt_deferred_qs_irqrestore+0x191/0xae0 [ 470.082396][T10756] ? trace_hardirqs_on+0x28/0x190 [ 470.087492][T10756] ? batadv_iv_ogm_iface_enable+0x370/0x370 [ 470.093372][T10756] ? lock_acquire+0x111/0x2d0 [ 470.098149][T10756] ? batadv_iv_ogm_schedule+0x916/0xe80 [ 470.103799][T10756] ? kasan_check_read+0x11/0x20 [ 470.108783][T10756] batadv_iv_ogm_schedule+0xb47/0xe80 [ 470.114285][T10756] ? batadv_iv_ogm_queue_add+0xe50/0xe50 [ 470.119901][T10756] batadv_iv_send_outstanding_bat_ogm_packet+0x4a2/0x790 [ 470.126908][T10756] process_one_work+0x7b9/0x15e0 [ 470.131953][T10756] ? pwq_dec_nr_in_flight+0x2c0/0x2c0 [ 470.137493][T10756] ? lock_acquire+0x111/0x2d0 [ 470.142258][T10756] ? _raw_spin_lock_irq+0xe/0x50 [ 470.147236][T10756] worker_thread+0x85/0xb60 [ 470.151720][T10756] ? __kthread_parkme+0x47/0x190 [ 470.156636][T10756] kthread+0x324/0x3e0 [ 470.160685][T10756] ? process_one_work+0x15e0/0x15e0 [ 470.165862][T10756] ? kthread_park+0x120/0x120 [ 470.170704][T10756] ret_from_fork+0x24/0x30 [ 470.175661][T10756] Modules linked in: [ 470.180500][T10756] ---[ end trace c06a7bab4e4a968d ]--- [ 470.186006][T10756] RIP: 0010:batadv_iv_ogm_queue_add+0x9b/0xe50 [ 470.192484][T10756] Code: 44 89 8d 64 ff ff ff c7 02 f1 f1 f1 f1 c7 42 04 04 f2 f2 f2 48 89 fa 65 48 8b 0c 25 28 00 00 00 48 89 4d d0 31 c9 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 99 0b 00 00 [ 470.212697][T10756] RSP: 0018:ffff888099d9fac0 EFLAGS: 00010246 [ 470.219019][T10756] RAX: dffffc0000000000 RBX: ffff88809c2d4c80 RCX: 0000000000000000 [ 470.227277][T10756] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 470.235409][T10756] RBP: ffff888099d9fbd8 R08: ffff8880a3fdb900 R09: 0000000000000001 [ 470.243782][T10756] R10: ffffed10133b3f8f R11: 0000000000000003 R12: ffff8880a3fdb900 [ 470.252212][T10756] R13: dffffc0000000000 R14: ffffed10147fb72e R15: 000000000000003c [ 470.260223][T10756] FS: 0000000000000000(0000) GS:ffff8880ba200000(0000) knlGS:0000000000000000 [ 470.269366][T10756] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 470.276164][T10756] CR2: 00005559bfb66160 CR3: 00000000a3ddc000 CR4: 00000000001406f0 [ 470.284307][T10756] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 470.292370][T10756] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 470.300658][T10756] Kernel panic - not syncing: Fatal exception [ 470.307908][T10756] Kernel Offset: disabled [ 470.312328][T10756] Rebooting in 86400 seconds..