[ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.34' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 29.285811] IPVS: ftp: loaded support on port[0] = 21 [ 29.335529] list_del corruption. prev->next should be ffff8880b37e7820, but was ffff8880af630338 [ 29.345034] ------------[ cut here ]------------ [ 29.349786] kernel BUG at lib/list_debug.c:51! [ 29.354431] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 29.359783] Modules linked in: [ 29.362961] CPU: 0 PID: 7983 Comm: syz-executor938 Not tainted 4.14.206-syzkaller #0 [ 29.370815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.380146] task: ffff8880b2ea0480 task.stack: ffff8880b3d98000 [ 29.386187] RIP: 0010:__list_del_entry_valid.cold+0xf/0x55 [ 29.391783] RSP: 0018:ffff8880b3d9fa10 EFLAGS: 00010286 [ 29.397125] RAX: 0000000000000054 RBX: ffff8880af630301 RCX: 0000000000000000 [ 29.404371] RDX: 0000000000000000 RSI: ffffffff878bb940 RDI: ffffed10167b3f38 [ 29.411627] RBP: ffff8880b37e7820 R08: 0000000000000054 R09: 0000000000000000 [ 29.418872] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880b3839ba0 [ 29.426225] R13: ffff8880b3839ba0 R14: ffff888095650e80 R15: 0000000000000000 [ 29.433484] FS: 0000000001a57880(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000 [ 29.441689] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 29.447546] CR2: 0000000020000200 CR3: 0000000008e6a000 CR4: 00000000001406f0 [ 29.454793] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 29.462051] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 29.469303] Call Trace: [ 29.471877] klist_dec_and_del+0x7b/0x460 [ 29.476002] ? __device_link_free_srcu+0xa0/0xa0 [ 29.480731] klist_put+0x71/0x140 [ 29.484162] device_del+0x12d/0xa80 [ 29.487764] ? klist_iter_exit+0xc/0x80 [ 29.491713] ? device_find_child+0x107/0x140 [ 29.496095] ? __device_links_no_driver+0x1b0/0x1b0 [ 29.501091] hci_conn_del_sysfs+0xca/0x160 [ 29.505301] hci_conn_cleanup+0x216/0x500 [ 29.509426] hci_conn_del+0x253/0x6f0 [ 29.513201] hci_conn_hash_flush+0x19c/0x260 [ 29.517585] hci_dev_do_close+0x535/0xca0 [ 29.521707] ? __fsnotify_inode_delete+0x20/0x20 [ 29.526443] hci_unregister_dev+0x17f/0x8c0 [ 29.530742] ? fcntl_setlk+0xdb0/0xdb0 [ 29.534606] ? vhci_close_dev+0x50/0x50 [ 29.538570] vhci_release+0x70/0xe0 [ 29.542174] __fput+0x25f/0x7a0 [ 29.545555] task_work_run+0x11f/0x190 [ 29.549431] do_exit+0xa08/0x27f0 [ 29.552885] ? mm_update_next_owner+0x5b0/0x5b0 [ 29.557536] ? vfs_write+0x319/0x4d0 [ 29.561242] ? SyS_write+0x14d/0x210 [ 29.564960] do_group_exit+0x100/0x2e0 [ 29.568828] SyS_exit_group+0x19/0x20 [ 29.572602] ? do_group_exit+0x2e0/0x2e0 [ 29.576638] do_syscall_64+0x1d5/0x640 [ 29.580508] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 29.585688] RIP: 0033:0x445098 [ 29.588862] RSP: 002b:00007fff37dc1468 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 29.596570] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000445098 [ 29.603815] RDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001 [ 29.611062] RBP: 00000000004ccdf0 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 29.618325] R10: 0000000000000015 R11: 0000000000000246 R12: 0000000000000001 [ 29.625570] R13: 00000000006e0200 R14: 0000000000000000 R15: 0000000000000000 [ 29.632829] Code: 87 e8 0c 06 24 fe 0f 0b 48 89 f1 48 c7 c7 60 ce cc 87 4c 89 e6 e8 f8 05 24 fe 0f 0b 48 89 ee 48 c7 c7 00 d0 cc 87 e8 e7 05 24 fe <0f> 0b 4c 89 ea 48 89 ee 48 c7 c7 40 cf cc 87 e8 d3 05 24 fe 0f [ 29.651923] RIP: __list_del_entry_valid.cold+0xf/0x55 RSP: ffff8880b3d9fa10 [ 29.659065] ---[ end trace bfce0647d1db5d95 ]--- [ 29.663814] Kernel panic - not syncing: Fatal exception [ 29.669205] Kernel Offset: disabled [ 29.672815] Rebooting in 86400 seconds..