[   52.148946] Bluetooth: hci2: command 0x0419 tx timeout
[   52.170455] Bluetooth: hci3: command 0x0419 tx timeout
[   52.219222] Bluetooth: hci4: command 0x0419 tx timeout
[   52.225583] Bluetooth: hci5: command 0x0419 tx timeout
[  165.249075] Bluetooth: hci0: command 0x0406 tx timeout
[  170.370864] Bluetooth: hci1: command 0x0406 tx timeout
[  170.378123] Bluetooth: hci5: command 0x0406 tx timeout
[  170.426296] Bluetooth: hci3: command 0x0406 tx timeout
[  170.478387] Bluetooth: hci2: command 0x0406 tx timeout
[  170.500119] Bluetooth: hci4: command 0x0406 tx timeout
[  399.886090] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  399.893395] batman_adv: batadv0: Removing interface: batadv_slave_0
[  399.901441] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  399.908629] batman_adv: batadv0: Removing interface: batadv_slave_1
[  399.917527] device bridge_slave_1 left promiscuous mode
[  399.923545] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.964550] device bridge_slave_0 left promiscuous mode
[  399.970193] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.026967] device veth1_macvtap left promiscuous mode
[  400.032908] device veth0_macvtap left promiscuous mode
[  400.038569] device veth1_vlan left promiscuous mode
[  400.045208] device veth0_vlan left promiscuous mode
[  400.155402] device hsr_slave_1 left promiscuous mode
[  400.195178] device hsr_slave_0 left promiscuous mode
[  400.238229] team0 (unregistering): Port device team_slave_1 removed
[  400.250046] team0 (unregistering): Port device team_slave_0 removed
[  400.260418] bond0 (unregistering): Releasing backup interface bond_slave_1
[  400.307376] bond0 (unregistering): Releasing backup interface bond_slave_0
[  400.361461] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.0.38' (ECDSA) to the list of known hosts.
[  400.569544] IPVS: ftp: loaded support on port[0] = 21
[  402.237335] list_del corruption, ffff8881d9ec7a88->next is LIST_POISON1 (dead000000000100)
[  402.247254] ------------[ cut here ]------------
[  402.252020] kernel BUG at lib/list_debug.c:47!
[  402.256738] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  402.262233] CPU: 0 PID: 1231 Comm: kworker/u5:0 Not tainted 4.19.190-syzkaller #0
[  402.270024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  402.279712] Workqueue: hci0 hci_rx_work
[  402.284277] RIP: 0010:__list_del_entry_valid.cold.1+0x26/0x4a
[  402.290365] Code: f9 ff 0f 0b 4c 89 e2 48 89 de 48 c7 c7 80 a0 67 87 e8 e7 67 f9 ff 0f 0b 4c 89 ea 48 89 de 48 c7 c7 20 a0 67 87 e8 d3 67 f9 ff <0f> 0b 48 89 de 48 c7 c7 40 a1 67 87 e8 c2 67 f9 ff 0f 0b 48 89 de
[  402.309528] RSP: 0018:ffff8881f29376f8 EFLAGS: 00010282
[  402.314991] RAX: 000000000000004e RBX: ffff8881d9ec7a88 RCX: 0000000000000000
[  402.322501] RDX: 0000000000000000 RSI: ffffffff87679d80 RDI: ffffffff8a1a0aa0
[  402.330095] RBP: ffff8881f2937710 R08: ffffed103ed05081 R09: ffffed103ed05080
[  402.337432] R10: ffffed103ed05080 R11: ffff8881f6828407 R12: dead000000000200
[  402.344955] R13: dead000000000100 R14: ffff8881e7bcb8c0 R15: ffff8881e7bcb940
[  402.352565] FS:  0000000000000000(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000
[  402.361485] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  402.367799] CR2: 0000000002416608 CR3: 000000000846d003 CR4: 00000000001606f0
[  402.375440] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  402.383830] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  402.392240] Call Trace:
[  402.394825]  l2cap_chan_put+0x49/0x1a0
[  402.398901]  l2cap_recv_frame+0xf29/0xa430
[  402.404005]  ? hci_event_packet+0x5ec/0x7230
[  402.408670]  ? quarantine_put+0xda/0x1c0
[  402.412885]  ? __kasan_slab_free+0x1b0/0x220
[  402.417423]  ? l2cap_ertm_init+0xa30/0xa30
[  402.421865]  ? kthread+0x347/0x410
[  402.425930]  ? ret_from_fork+0x24/0x30
[  402.430232]  ? __lock_acquire+0x764/0x47c0
[  402.434794]  ? update_group_capacity+0xb60/0xb60
[  402.439616]  ? lock_downgrade+0x860/0x860
[  402.443956]  ? __lock_acquire+0x764/0x47c0
[  402.448318]  ? mark_held_locks+0x130/0x130
[  402.452535]  ? __lock_acquire+0x764/0x47c0
[  402.457018]  ? mark_held_locks+0x130/0x130
[  402.461797]  ? __lock_acquire+0x764/0x47c0
[  402.466641]  ? hci_rx_work+0x231/0x8f0
[  402.470605]  ? lock_acquire+0x180/0x3a0
[  402.474649]  ? hci_rx_work+0x231/0x8f0
[  402.478517]  ? mark_held_locks+0x130/0x130
[  402.483039]  ? hci_rx_work+0x5a1/0x8f0
[  402.487090]  ? lock_downgrade+0x860/0x860
[  402.491312]  ? mark_held_locks+0xc7/0x130
[  402.495835]  ? kasan_check_write+0x14/0x20
[  402.500386]  ? __mutex_unlock_slowpath+0xe8/0x6a0
[  402.505410]  ? wait_for_completion_io+0x20/0x20
[  402.510066]  l2cap_recv_acldata+0x756/0x8a0
[  402.514397]  hci_rx_work+0x5d6/0x8f0
[  402.518381]  process_one_work+0x7b9/0x15a0
[  402.522606]  ? pwq_dec_nr_in_flight+0x2c0/0x2c0
[  402.527595]  ? lock_acquire+0x180/0x3a0
[  402.531556]  ? kasan_check_write+0x14/0x20
[  402.535772]  ? do_raw_spin_lock+0xd0/0x240
[  402.539988]  worker_thread+0x85/0xb60
[  402.543768]  ? __kthread_parkme+0x37/0x1c0
[  402.547985]  kthread+0x347/0x410
[  402.551355]  ? process_one_work+0x15a0/0x15a0
[  402.555831]  ? kthread_park+0x100/0x100
[  402.559979]  ret_from_fork+0x24/0x30
[  402.564019] Modules linked in:
[  402.567280] ---[ end trace e299644449e56ea8 ]---
[  402.572308] RIP: 0010:__list_del_entry_valid.cold.1+0x26/0x4a
[  402.578384] Code: f9 ff 0f 0b 4c 89 e2 48 89 de 48 c7 c7 80 a0 67 87 e8 e7 67 f9 ff 0f 0b 4c 89 ea 48 89 de 48 c7 c7 20 a0 67 87 e8 d3 67 f9 ff <0f> 0b 48 89 de 48 c7 c7 40 a1 67 87 e8 c2 67 f9 ff 0f 0b 48 89 de
[  402.598019] RSP: 0018:ffff8881f29376f8 EFLAGS: 00010282
[  402.603805] RAX: 000000000000004e RBX: ffff8881d9ec7a88 RCX: 0000000000000000
[  402.611355] RDX: 0000000000000000 RSI: ffffffff87679d80 RDI: ffffffff8a1a0aa0
[  402.618898] RBP: ffff8881f2937710 R08: ffffed103ed05081 R09: ffffed103ed05080
[  402.626773] R10: ffffed103ed05080 R11: ffff8881f6828407 R12: dead000000000200
[  402.634036] R13: dead000000000100 R14: ffff8881e7bcb8c0 R15: ffff8881e7bcb940
[  402.641507] FS:  0000000000000000(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000
[  402.650495] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  402.656817] CR2: 0000000002416608 CR3: 000000000846d003 CR4: 00000000001606f0
[  402.664514] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  402.672125] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  402.679659] Kernel panic - not syncing: Fatal exception
[  402.687721] Kernel Offset: disabled
[  402.692001] Rebooting in 86400 seconds..