[ 415.147363] Bluetooth: hci1: command 0x0401 tx timeout [ 417.227224] Bluetooth: hci1: command 0x0401 tx timeout Warning: Permanently added '10.128.10.15' (ECDSA) to the list of known hosts. [ 419.307126] Bluetooth: hci1: command 0x0401 tx timeout [ 419.983235] IPVS: ftp: loaded support on port[0] = 21 *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated [ 421.306943] Bluetooth: hci3: command 0x0406 tx timeout [ 421.386948] Bluetooth: hci1: command 0x0401 tx timeout [ 422.026979] Bluetooth: hci6: command 0x0409 tx timeout [ 423.466855] Bluetooth: hci1: command 0x0401 tx timeout [ 424.106849] Bluetooth: hci6: command 0x041b tx timeout [ 425.546709] Bluetooth: hci1: command 0x0401 tx timeout [ 426.186712] Bluetooth: hci6: command 0x040f tx timeout [ 427.626679] Bluetooth: hci1: command 0x0401 tx timeout [ 428.266587] Bluetooth: hci6: command 0x0419 tx timeout [ 429.706466] Bluetooth: hci1: command 0x0401 tx timeout [ 431.786551] Bluetooth: hci1: command 0x0401 tx timeout [ 433.866423] Bluetooth: hci1: command 0x0401 tx timeout [ 435.946109] Bluetooth: hci1: command 0x0401 tx timeout [ 438.026119] Bluetooth: hci1: command 0x0401 tx timeout [ 440.105902] Bluetooth: hci1: command 0x0401 tx timeout [ 442.185871] Bluetooth: hci1: command 0x0401 tx timeout [ 444.265640] Bluetooth: hci1: command 0x0401 tx timeout [ 446.345488] Bluetooth: hci1: command 0x0401 tx timeout [ 448.425348] Bluetooth: hci1: command 0x0401 tx timeout [ 450.505299] Bluetooth: hci1: command 0x0401 tx timeout [ 452.585152] Bluetooth: hci1: command 0x0401 tx timeout [ 454.665018] Bluetooth: hci1: command 0x0401 tx timeout [ 456.744943] Bluetooth: hci1: command 0x0401 tx timeout [ 458.824796] Bluetooth: hci1: command 0x0401 tx timeout [ 460.904657] Bluetooth: hci1: command 0x0401 tx timeout [ 462.984539] Bluetooth: hci1: command 0x0401 tx timeout [ 465.064445] Bluetooth: hci1: command 0x0401 tx timeout [ 467.144296] Bluetooth: hci1: command 0x0401 tx timeout [ 469.224175] Bluetooth: hci1: command 0x0401 tx timeout [ 469.944082] kasan: CONFIG_KASAN_INLINE enabled [ 469.950305] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 469.960117] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 469.968114] CPU: 1 PID: 21104 Comm: syz-executor706 Not tainted 4.19.177-syzkaller #0 [ 469.977700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 469.988971] RIP: 0010:__queue_work+0x163/0xdf0 [ 469.994481] Code: e8 92 d2 ee ff 4c 89 e7 89 c6 e8 d8 80 ff ff 48 89 df 49 89 c6 e8 bd dc ff ff 48 85 c0 0f 84 9d 02 00 00 4c 89 f2 48 c1 ea 03 <42> 80 3c 3a 00 0f 85 45 0b 00 00 49 39 06 0f 85 b4 04 00 00 48 89 [ 470.022024] RSP: 0018:ffff8881db14f670 EFLAGS: 00010046 [ 470.028757] RAX: ffff8881f2871200 RBX: ffff8881e28ae1e8 RCX: ffff8881f6000068 [ 470.044025] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000000 [ 470.057597] RBP: ffff8881db14f6e0 R08: ffffffff8855af20 R09: ffffffff8855af60 [ 470.069926] R10: 0000000000000000 R11: 0000000000000040 R12: ffff8881ea552800 [ 470.080284] R13: 0000000000000001 R14: 0000000000000000 R15: dffffc0000000000 [ 470.092452] FS: 000000000193a400(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000 [ 470.103536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 470.112599] CR2: 0000000000533198 CR3: 00000001f5194001 CR4: 00000000001606e0 [ 470.122123] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 470.132804] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 470.143667] Call Trace: [ 470.146687] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 470.156029] ? queue_work_on+0x8c/0x180 [ 470.161408] queue_work_on+0x140/0x180 [ 470.166774] req_run+0x2b2/0x590 [ 470.172186] __hci_req_sync+0x1bb/0x830 [ 470.180090] ? hci_unregister_cb+0x160/0x160 [ 470.187206] ? hci_req_sync_cancel+0xc0/0xc0 [ 470.194243] ? hci_inquiry+0x56c/0x760 [ 470.200062] ? lock_downgrade+0x860/0x860 [ 470.206271] ? hci_unregister_cb+0x160/0x160 [ 470.212284] hci_req_sync+0x70/0xb0 [ 470.217098] hci_inquiry+0x58d/0x760 [ 470.221660] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 470.227357] ? __local_bh_enable_ip+0x160/0x250 [ 470.234606] ? hci_inquiry_cache_update_resolve+0x590/0x590 [ 470.241401] ? __x32_compat_sys_waitid+0x82/0x140 [ 470.249576] ? _raw_spin_unlock_bh+0x30/0x40 [ 470.258773] hci_sock_ioctl+0x19e/0x600 [ 470.266893] ? hci_sock_sendmsg+0x2440/0x2440 [ 470.274163] ? pagevec_lru_move_fn+0x1b3/0x290 [ 470.281230] ? __put_compound_page+0xa0/0xa0 [ 470.288250] sock_do_ioctl+0xd9/0x230 [ 470.295261] ? compat_ifr_data_ioctl+0x100/0x100 [ 470.302717] ? pagevec_lru_move_fn+0x1e4/0x290 [ 470.310990] ? do_huge_pmd_anonymous_page+0xdb8/0x1dd0 [ 470.323348] ? lock_downgrade+0x860/0x860 [ 470.331501] ? do_raw_spin_unlock+0x177/0x260 [ 470.341331] sock_ioctl+0x281/0x500 [ 470.351165] ? dlci_ioctl_set+0x30/0x30 [ 470.358654] ? prep_transhuge_page+0xa0/0xa0 [ 470.371041] ? kasan_check_write+0x14/0x20 [ 470.381173] ? do_raw_spin_lock+0xd0/0x240 [ 470.390335] ? __handle_mm_fault+0x21a4/0x4100 [ 470.399396] do_vfs_ioctl+0x196/0x10c0 [ 470.405083] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 470.413104] ? ioctl_preallocate+0x1c0/0x1c0 [ 470.420947] ? __do_page_fault+0x53a/0xb30 [ 470.429648] ? lock_downgrade+0x860/0x860 [ 470.437413] ? kasan_check_read+0x11/0x20 [ 470.444598] ? up_read+0x1a/0x110 [ 470.453146] ? __do_page_fault+0x53a/0xb30 [ 470.463693] ? kasan_check_read+0x11/0x20 [ 470.476461] ? __fget_light+0x52/0x1e0 [ 470.486867] ksys_ioctl+0x62/0x90 [ 470.499121] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 470.507131] __x64_sys_ioctl+0x6e/0xb0 [ 470.512112] do_syscall_64+0xd0/0x4e0 [ 470.517217] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 470.524107] RIP: 0033:0x447429 [ 470.528652] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 16 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 470.556184] RSP: 002b:00007ffcd441e578 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 470.565711] RAX: ffffffffffffffda RBX: 000000000193a3bc RCX: 0000000000447429 [ 470.576095] RDX: 0000000020000200 RSI: 00000000800448f0 RDI: 0000000000000004 [ 470.586316] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000 [ 470.594936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 470.604905] R13: 0000000000000016 R14: 00007ffcd441e5f0 R15: 0000000000000011 [ 470.615232] Modules linked in: [ 470.619691] ---[ end trace 775fb235d1bc182a ]--- [ 470.626281] RIP: 0010:__queue_work+0x163/0xdf0 [ 470.633072] Code: e8 92 d2 ee ff 4c 89 e7 89 c6 e8 d8 80 ff ff 48 89 df 49 89 c6 e8 bd dc ff ff 48 85 c0 0f 84 9d 02 00 00 4c 89 f2 48 c1 ea 03 <42> 80 3c 3a 00 0f 85 45 0b 00 00 49 39 06 0f 85 b4 04 00 00 48 89 [ 470.664190] RSP: 0018:ffff8881db14f670 EFLAGS: 00010046 [ 470.672417] RAX: ffff8881f2871200 RBX: ffff8881e28ae1e8 RCX: ffff8881f6000068 [ 470.686121] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000000 [ 470.698349] RBP: ffff8881db14f6e0 R08: ffffffff8855af20 R09: ffffffff8855af60 [ 470.713781] R10: 0000000000000000 R11: 0000000000000040 R12: ffff8881ea552800 [ 470.731575] R13: 0000000000000001 R14: 0000000000000000 R15: dffffc0000000000 [ 470.745799] FS: 000000000193a400(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000 [ 470.759323] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 470.769610] CR2: 0000000000533198 CR3: 00000001f5194001 CR4: 00000000001606e0 [ 470.783363] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 470.794632] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 470.806207] Kernel panic - not syncing: Fatal exception [ 470.818898] Kernel Offset: disabled [ 470.824320] Rebooting in 86400 seconds..