[  404.538812] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  404.545691] batman_adv: batadv0: Removing interface: batadv_slave_0
[  404.554375] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  404.561194] batman_adv: batadv0: Removing interface: batadv_slave_1
[  404.571197] device bridge_slave_1 left promiscuous mode
[  404.577062] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.619638] device bridge_slave_0 left promiscuous mode
[  404.625383] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.673048] device veth1_macvtap left promiscuous mode
[  404.679171] device veth0_macvtap left promiscuous mode
[  404.684479] device veth1_vlan left promiscuous mode
[  404.690093] device veth0_vlan left promiscuous mode
[  404.789993] device hsr_slave_1 left promiscuous mode
[  404.828853] device hsr_slave_0 left promiscuous mode
[  404.873595] team0 (unregistering): Port device team_slave_1 removed
[  404.883072] team0 (unregistering): Port device team_slave_0 removed
[  404.893374] bond0 (unregistering): Releasing backup interface bond_slave_1
[  404.940149] bond0 (unregistering): Releasing backup interface bond_slave_0
[  404.997914] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.15.202' (ECDSA) to the list of known hosts.
[  406.396472] ==================================================================
[  406.404065] BUG: KASAN: null-ptr-deref in __tcf_idr_release+0x30/0x90
[  406.410791] Read of size 4 at addr 0000000000000010 by task syz-executor414/8886
[  406.418557] 
[  406.420176] CPU: 0 PID: 8886 Comm: syz-executor414 Not tainted 4.19.169-syzkaller #0
[  406.428041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  406.437485] Call Trace:
[  406.440062]  dump_stack+0x123/0x171
[  406.443696]  kasan_report.cold.9+0x6d/0x2fe
[  406.448005]  ? __tcf_idr_release+0x30/0x90
[  406.452226]  check_memory_region+0x13e/0x1b0
[  406.456616]  kasan_check_read+0x11/0x20
[  406.460582]  __tcf_idr_release+0x30/0x90
[  406.464626]  tcf_generic_walker+0x595/0x930
[  406.468931]  ? kasan_unpoison_shadow+0x35/0x50
[  406.473525]  ? tcf_action_dump_1+0x5a0/0x5a0
[  406.478247]  ? tcf_ife_walker+0xdd/0x1d0
[  406.482358]  ? lock_downgrade+0x860/0x860
[  406.486506]  ? kasan_check_read+0x11/0x20
[  406.490742]  tcf_ife_walker+0x113/0x1d0
[  406.494758]  tca_action_gd+0xd27/0x1480
[  406.498833]  ? tca_get_fill.constprop.37+0x4d0/0x4d0
[  406.503931]  ? __lock_acquire+0x792/0x4980
[  406.508224]  ? mark_held_locks+0x130/0x130
[  406.512704]  ? rtnetlink_rcv_msg+0x301/0x8f0
[  406.517302]  ? nla_parse+0x34/0x280
[  406.521033]  tc_ctl_action+0x1fe/0x3d0
[  406.524905]  ? tcf_action_add+0x320/0x320
[  406.529238]  rtnetlink_rcv_msg+0x34f/0x8f0
[  406.533635]  ? rtnetlink_put_metrics+0x490/0x490
[  406.538377]  ? find_held_lock+0x36/0x1d0
[  406.542703]  netlink_rcv_skb+0x13e/0x3d0
[  406.546762]  ? lock_downgrade+0x860/0x860
[  406.550898]  ? rtnetlink_put_metrics+0x490/0x490
[  406.555838]  ? netlink_ack+0xa50/0xa50
[  406.559709]  ? netlink_deliver_tap+0x182/0xb00
[  406.564276]  ? kasan_check_read+0x11/0x20
[  406.568888]  rtnetlink_rcv+0x10/0x20
[  406.572965]  netlink_unicast+0x443/0x650
[  406.577033]  ? netlink_attachskb+0x6c0/0x6c0
[  406.581457]  ? _copy_from_iter_full+0x182/0x720
[  406.586124]  ? __check_object_size+0x1ef/0x310
[  406.590693]  netlink_sendmsg+0x765/0xc40
[  406.595023]  ? netlink_unicast+0x650/0x650
[  406.599260]  ? apparmor_socket_sendmsg+0x1b/0x20
[  406.604092]  ? netlink_unicast+0x650/0x650
[  406.608319]  sock_sendmsg+0xb5/0xf0
[  406.611931]  ___sys_sendmsg+0x647/0x950
[  406.615912]  ? find_held_lock+0x36/0x1d0
[  406.619973]  ? copy_msghdr_from_user+0x3e0/0x3e0
[  406.624734]  ? __fget+0x278/0x400
[  406.628170]  ? kasan_check_read+0x11/0x20
[  406.632326]  ? __fget+0x295/0x400
[  406.635936]  ? ksys_dup3+0x2e0/0x2e0
[  406.639632]  ? copy_page_range+0x1950/0x1950
[  406.644141]  ? __fget_light+0x174/0x1e0
[  406.648189]  ? find_held_lock+0x36/0x1d0
[  406.652863]  ? __fdget+0xe/0x10
[  406.656409]  __sys_sendmsg+0xd9/0x180
[  406.660280]  ? __ia32_sys_shutdown+0x70/0x70
[  406.664777]  ? __x64_sys_futex+0x1cb/0x3a0
[  406.669600]  ? up_read+0x1a/0x110
[  406.673056]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  406.678570]  __x64_sys_sendmsg+0x73/0xb0
[  406.682675]  do_syscall_64+0xd0/0x4e0
[  406.686471]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  406.691674] RIP: 0033:0x4469a9
[  406.694969] Code: e8 0c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db 06 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  406.714161] RSP: 002b:00007ff42de32da8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  406.722206] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 00000000004469a9
[  406.729646] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003
[  406.737171] RBP: 00000000006dbc20 R08: 0000000000000008 R09: 0000000000000000
[  406.744456] R10: 000000000000000c R11: 0000000000000246 R12: 00000000006dbc2c
[  406.751708] R13: 0000000020000400 R14: 00000000004ae868 R15: 000000000000002d
[  406.758981] ==================================================================
[  406.766323] Disabling lock debugging due to kernel taint
[  406.773431] Kernel panic - not syncing: panic_on_warn set ...
[  406.773431] 
[  406.780821] CPU: 0 PID: 8886 Comm: syz-executor414 Tainted: G    B             4.19.169-syzkaller #0
[  406.790177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  406.799907] Call Trace:
[  406.802480]  dump_stack+0x123/0x171
[  406.806090]  panic+0x1cd/0x375
[  406.809266]  ? __warn_printk+0xd6/0xd6
[  406.813142]  ? ___preempt_schedule+0x16/0x18
[  406.817533]  kasan_end_report+0x47/0x4f
[  406.821500]  kasan_report.cold.9+0x76/0x2fe
[  406.825834]  ? __tcf_idr_release+0x30/0x90
[  406.830348]  check_memory_region+0x13e/0x1b0
[  406.834839]  kasan_check_read+0x11/0x20
[  406.838925]  __tcf_idr_release+0x30/0x90
[  406.842987]  tcf_generic_walker+0x595/0x930
[  406.847451]  ? kasan_unpoison_shadow+0x35/0x50
[  406.852022]  ? tcf_action_dump_1+0x5a0/0x5a0
[  406.856425]  ? tcf_ife_walker+0xdd/0x1d0
[  406.860470]  ? lock_downgrade+0x860/0x860
[  406.864710]  ? kasan_check_read+0x11/0x20
[  406.868844]  tcf_ife_walker+0x113/0x1d0
[  406.872805]  tca_action_gd+0xd27/0x1480
[  406.876768]  ? tca_get_fill.constprop.37+0x4d0/0x4d0
[  406.881853]  ? __lock_acquire+0x792/0x4980
[  406.886077]  ? mark_held_locks+0x130/0x130
[  406.890327]  ? rtnetlink_rcv_msg+0x301/0x8f0
[  406.894724]  ? nla_parse+0x34/0x280
[  406.898422]  tc_ctl_action+0x1fe/0x3d0
[  406.902293]  ? tcf_action_add+0x320/0x320
[  406.906430]  rtnetlink_rcv_msg+0x34f/0x8f0
[  406.910643]  ? rtnetlink_put_metrics+0x490/0x490
[  406.915394]  ? find_held_lock+0x36/0x1d0
[  406.919524]  netlink_rcv_skb+0x13e/0x3d0
[  406.923580]  ? lock_downgrade+0x860/0x860
[  406.927707]  ? rtnetlink_put_metrics+0x490/0x490
[  406.932631]  ? netlink_ack+0xa50/0xa50
[  406.936495]  ? netlink_deliver_tap+0x182/0xb00
[  406.941057]  ? kasan_check_read+0x11/0x20
[  406.945208]  rtnetlink_rcv+0x10/0x20
[  406.949006]  netlink_unicast+0x443/0x650
[  406.953050]  ? netlink_attachskb+0x6c0/0x6c0
[  406.957452]  ? _copy_from_iter_full+0x182/0x720
[  406.962131]  ? __check_object_size+0x1ef/0x310
[  406.966780]  netlink_sendmsg+0x765/0xc40
[  406.970830]  ? netlink_unicast+0x650/0x650
[  406.975045]  ? apparmor_socket_sendmsg+0x1b/0x20
[  406.979790]  ? netlink_unicast+0x650/0x650
[  406.984010]  sock_sendmsg+0xb5/0xf0
[  406.987623]  ___sys_sendmsg+0x647/0x950
[  406.991580]  ? find_held_lock+0x36/0x1d0
[  406.995634]  ? copy_msghdr_from_user+0x3e0/0x3e0
[  407.000377]  ? __fget+0x278/0x400
[  407.003815]  ? kasan_check_read+0x11/0x20
[  407.007941]  ? __fget+0x295/0x400
[  407.011396]  ? ksys_dup3+0x2e0/0x2e0
[  407.015093]  ? copy_page_range+0x1950/0x1950
[  407.019585]  ? __fget_light+0x174/0x1e0
[  407.023798]  ? find_held_lock+0x36/0x1d0
[  407.027834]  ? __fdget+0xe/0x10
[  407.031178]  __sys_sendmsg+0xd9/0x180
[  407.034974]  ? __ia32_sys_shutdown+0x70/0x70
[  407.039381]  ? __x64_sys_futex+0x1cb/0x3a0
[  407.043592]  ? up_read+0x1a/0x110
[  407.047120]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  407.052465]  __x64_sys_sendmsg+0x73/0xb0
[  407.056510]  do_syscall_64+0xd0/0x4e0
[  407.060365]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  407.065542] RIP: 0033:0x4469a9
[  407.068755] Code: e8 0c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db 06 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  407.087637] RSP: 002b:00007ff42de32da8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  407.095323] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 00000000004469a9
[  407.102589] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003
[  407.109839] RBP: 00000000006dbc20 R08: 0000000000000008 R09: 0000000000000000
[  407.117087] R10: 000000000000000c R11: 0000000000000246 R12: 00000000006dbc2c
[  407.124334] R13: 0000000020000400 R14: 00000000004ae868 R15: 000000000000002d
[  407.133285] Kernel Offset: disabled
[  407.136904] Rebooting in 86400 seconds..