[ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.45' (ECDSA) to the list of known hosts. syzkaller login: [ 29.781552] IPVS: ftp: loaded support on port[0] = 21 executing program [ 29.838870] list_del corruption. prev->next should be ffff8880b392a120, but was ffff8880b38dc378 [ 29.848331] ------------[ cut here ]------------ [ 29.853238] kernel BUG at lib/list_debug.c:51! [ 29.857910] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 29.863285] Modules linked in: [ 29.866467] CPU: 1 PID: 7992 Comm: syz-executor527 Not tainted 4.14.203-syzkaller #0 [ 29.874326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.883677] task: ffff888095be2400 task.stack: ffff888095988000 [ 29.889728] RIP: 0010:__list_del_entry_valid.cold+0xf/0x55 [ 29.895324] RSP: 0018:ffff88809598fa10 EFLAGS: 00010286 [ 29.900663] RAX: 0000000000000054 RBX: ffff8880b38dc341 RCX: 0000000000000000 [ 29.908009] RDX: 0000000000000000 RSI: ffffffff878bb940 RDI: ffffed1012b31f38 [ 29.915285] RBP: ffff8880b392a120 R08: 0000000000000054 R09: 0000000000000000 [ 29.922553] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880b4d52d60 [ 29.929825] R13: ffff8880b4d52d60 R14: ffff888095df8b80 R15: 0000000000000000 [ 29.937073] FS: 00000000010be880(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000 [ 29.945274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 29.951148] CR2: 0000562b2e94a0a8 CR3: 00000000a4226000 CR4: 00000000001406e0 [ 29.958399] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 29.965646] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 29.972906] Call Trace: [ 29.975496] klist_dec_and_del+0x7b/0x460 [ 29.979626] ? __device_link_free_srcu+0xa0/0xa0 [ 29.984444] klist_put+0x71/0x140 [ 29.987875] device_del+0x12d/0xa80 [ 29.991479] ? klist_iter_exit+0xc/0x80 [ 29.995502] ? device_find_child+0x107/0x140 [ 30.000062] ? __device_links_no_driver+0x1b0/0x1b0 [ 30.005064] hci_conn_del_sysfs+0xca/0x160 [ 30.009314] hci_conn_cleanup+0x216/0x500 [ 30.013653] hci_conn_del+0x253/0x6f0 [ 30.017533] hci_conn_hash_flush+0x19c/0x260 [ 30.021938] hci_dev_do_close+0x535/0xca0 [ 30.026064] ? __fsnotify_inode_delete+0x20/0x20 [ 30.030800] hci_unregister_dev+0x17f/0x8c0 [ 30.035117] ? fcntl_setlk+0xdb0/0xdb0 [ 30.039067] ? vhci_close_dev+0x50/0x50 [ 30.043015] vhci_release+0x70/0xe0 [ 30.046636] __fput+0x25f/0x7a0 [ 30.049893] task_work_run+0x11f/0x190 [ 30.053757] do_exit+0xa08/0x27f0 [ 30.057186] ? mm_update_next_owner+0x5b0/0x5b0 [ 30.061840] ? vfs_write+0x319/0x4d0 [ 30.065529] ? SyS_write+0x14d/0x210 [ 30.069233] do_group_exit+0x100/0x2e0 [ 30.073113] SyS_exit_group+0x19/0x20 [ 30.076891] ? do_group_exit+0x2e0/0x2e0 [ 30.080926] do_syscall_64+0x1d5/0x640 [ 30.084810] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.089975] RIP: 0033:0x445098 [ 30.093249] RSP: 002b:00007fff8f7ff758 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 30.101017] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000445098 [ 30.108609] RDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001 [ 30.115946] RBP: 00000000004ccdf0 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 30.123217] R10: 0000000000000015 R11: 0000000000000246 R12: 0000000000000001 [ 30.130477] R13: 00000000006e0200 R14: 0000000000000000 R15: 0000000000000000 [ 30.137732] Code: 87 e8 6c 15 24 fe 0f 0b 48 89 f1 48 c7 c7 20 ce cc 87 4c 89 e6 e8 58 15 24 fe 0f 0b 48 89 ee 48 c7 c7 c0 cf cc 87 e8 47 15 24 fe <0f> 0b 4c 89 ea 48 89 ee 48 c7 c7 00 cf cc 87 e8 33 15 24 fe 0f [ 30.156997] RIP: __list_del_entry_valid.cold+0xf/0x55 RSP: ffff88809598fa10 [ 30.164154] ---[ end trace e7c8d24b82958878 ]--- [ 30.168935] Kernel panic - not syncing: Fatal exception [ 30.175054] Kernel Offset: disabled [ 30.178684] Rebooting in 86400 seconds..