[   55.189640][ T4588] RAX: ffffffffffffffda RBX: 0000563a6fe05eb0 RCX: 00007f27adbdc840
[   55.197604][ T4588] RDX: 0000563a6ed00fe3 RSI: 00000000000a0800 RDI: 0000563a6fe05f90
[   55.205569][ T4588] RBP: 00007ffeb51fc200 R08: 0000563a6ed00670 R09: 0000000000000020
[   55.213531][ T4588] R10: 0000563a6ed00d0c R11: 0000000000000246 R12: 00007ffeb51fc150
[   55.221489][ T4588] R13: 0000563a6fdf3880 R14: 0000000000000003 R15: 000000000000000e

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.73' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   67.284310][ T6571] general protection fault, probably for non-canonical address 0xdffffc0000000023: 0000 [#1] PREEMPT SMP KASAN
[   67.296032][ T6571] KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f]
[   67.304422][ T6571] CPU: 0 PID: 6571 Comm: syz-executor935 Not tainted 5.14.0-rc5-next-20210816-syzkaller #0
[   67.314375][ T6571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   67.324443][ T6571] RIP: 0010:destroy_workqueue+0x2e/0x800
[   67.330062][ T6571] Code: 49 89 fe 41 55 41 54 55 53 48 83 ec 08 e8 6a 5e 29 00 49 8d be 18 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 2e 07 00 00 49 8b 9e 18 01 00 00 48 85 db 74 19
[   67.349688][ T6571] RSP: 0018:ffffc90002ccfa90 EFLAGS: 00010202
[   67.355768][ T6571] RAX: dffffc0000000000 RBX: dffffc0000000000 RCX: 0000000000000000
[   67.363719][ T6571] RDX: 0000000000000023 RSI: ffffffff814c61b6 RDI: 0000000000000118
[   67.371675][ T6571] RBP: ffff8880159ad340 R08: 0000000000000000 R09: 0000000000000000
[   67.379623][ T6571] R10: ffffffff81a3b178 R11: 0000000000000000 R12: ffff8880159ac000
[   67.387569][ T6571] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   67.395516][ T6571] FS:  0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[   67.404427][ T6571] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   67.410990][ T6571] CR2: 0000000000480da8 CR3: 000000000b68e000 CR4: 00000000001506f0
[   67.418942][ T6571] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   67.426927][ T6571] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   67.434878][ T6571] Call Trace:
[   67.438143][ T6571]  hci_release_dev+0x125/0xb70
[   67.442903][ T6571]  ? devres_release_all+0x1b4/0x240
[   67.448092][ T6571]  ? hci_bdaddr_list_clear+0x200/0x200
[   67.453538][ T6571]  ? kfree+0x38a/0x530
[   67.457595][ T6571]  ? hci_uart_tty_close+0x17c/0x2a0
[   67.462779][ T6571]  bt_host_release+0x15/0x20
[   67.467356][ T6571]  ? __match_tty+0x90/0x90
[   67.471753][ T6571]  device_release+0x9f/0x240
[   67.476330][ T6571]  kobject_put+0x1c8/0x540
[   67.480733][ T6571]  put_device+0x1b/0x30
[   67.484879][ T6571]  hci_uart_tty_close+0x1e4/0x2a0
[   67.489886][ T6571]  ? hci_uart_close+0x70/0x70
[   67.494590][ T6571]  tty_ldisc_close+0x110/0x190
[   67.499336][ T6571]  tty_ldisc_kill+0x94/0x150
[   67.503914][ T6571]  tty_ldisc_release+0xe3/0x2a0
[   67.508744][ T6571]  tty_release_struct+0x20/0xe0
[   67.513584][ T6571]  tty_release+0xc70/0x1200
[   67.518073][ T6571]  __fput+0x288/0x9f0
[   67.522044][ T6571]  ? tty_release_struct+0xe0/0xe0
[   67.527058][ T6571]  ? _raw_spin_unlock_irq+0x1f/0x40
[   67.532285][ T6571]  task_work_run+0xdd/0x1a0
[   67.536794][ T6571]  do_exit+0xbae/0x2a30
[   67.540931][ T6571]  ? __context_tracking_exit+0xb8/0xe0
[   67.546371][ T6571]  ? lock_downgrade+0x6e0/0x6e0
[   67.551203][ T6571]  ? lock_downgrade+0x6e0/0x6e0
[   67.556037][ T6571]  ? mm_update_next_owner+0x7a0/0x7a0
[   67.561392][ T6571]  ? get_vtime_delta+0x26e/0x420
[   67.566314][ T6571]  do_group_exit+0x125/0x310
[   67.570888][ T6571]  __x64_sys_exit_group+0x3a/0x50
[   67.575947][ T6571]  do_syscall_64+0x35/0xb0
[   67.580349][ T6571]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   67.586224][ T6571] RIP: 0033:0x43da49
[   67.590100][ T6571] Code: Unable to access opcode bytes at RIP 0x43da1f.
[   67.596919][ T6571] RSP: 002b:00007fff5fbc4d58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   67.605313][ T6571] RAX: ffffffffffffffda RBX: 00000000004ae230 RCX: 000000000043da49
[   67.613263][ T6571] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[   67.621260][ T6571] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000400488
[   67.629210][ T6571] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004ae230
[   67.637158][ T6571] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[   67.645113][ T6571] Modules linked in:
[   67.650397][ T6571] ---[ end trace 65f46286e67d6fd4 ]---
[   67.655882][ T6571] RIP: 0010:destroy_workqueue+0x2e/0x800
[   67.661522][ T6571] Code: 49 89 fe 41 55 41 54 55 53 48 83 ec 08 e8 6a 5e 29 00 49 8d be 18 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 2e 07 00 00 49 8b 9e 18 01 00 00 48 85 db 74 19
[   67.681234][ T6571] RSP: 0018:ffffc90002ccfa90 EFLAGS: 00010202
[   67.687545][ T6571] RAX: dffffc0000000000 RBX: dffffc0000000000 RCX: 0000000000000000
[   67.695987][ T6571] RDX: 0000000000000023 RSI: ffffffff814c61b6 RDI: 0000000000000118
[   67.703989][ T6571] RBP: ffff8880159ad340 R08: 0000000000000000 R09: 0000000000000000
[   67.711968][ T6571] R10: ffffffff81a3b178 R11: 0000000000000000 R12: ffff8880159ac000
[   67.719990][ T6571] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   67.728007][ T6571] FS:  0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[   67.736968][ T6571] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   67.743912][ T6571] CR2: 00007f5effc60000 CR3: 000000001ce8d000 CR4: 00000000001506e0
[   67.751870][ T6571] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   67.759852][ T6571] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   67.767851][ T6571] Kernel panic - not syncing: Fatal exception
[   67.775900][ T6571] Kernel Offset: disabled
[   67.780211][ T6571] Rebooting in 86400 seconds..