Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.15.200' (ECDSA) to the list of known hosts. syzkaller login: [ 62.197778][ T6833] IPVS: ftp: loaded support on port[0] = 21 executing program [ 63.268097][ T6860] ================================================================== [ 63.276380][ T6860] BUG: KASAN: null-ptr-deref in amp_read_loc_assoc_final_data+0x120/0x1f0 [ 63.284890][ T6860] Write of size 8 at addr 0000000000000030 by task kworker/u5:2/6860 [ 63.292955][ T6860] [ 63.295304][ T6860] CPU: 0 PID: 6860 Comm: kworker/u5:2 Not tainted 5.8.0-rc7-syzkaller #0 [ 63.303721][ T6860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.313809][ T6860] Workqueue: hci0 hci_rx_work [ 63.318491][ T6860] Call Trace: [ 63.321804][ T6860] dump_stack+0x18f/0x20d [ 63.326160][ T6860] ? amp_read_loc_assoc_final_data+0x120/0x1f0 [ 63.332334][ T6860] ? amp_read_loc_assoc_final_data+0x120/0x1f0 [ 63.338505][ T6860] kasan_report.cold+0x5/0x37 [ 63.343204][ T6860] ? amp_read_loc_assoc_final_data+0x120/0x1f0 [ 63.349377][ T6860] check_memory_region+0x13d/0x180 [ 63.354505][ T6860] amp_read_loc_assoc_final_data+0x120/0x1f0 [ 63.360504][ T6860] ? amp_read_loc_assoc+0x1a0/0x1a0 [ 63.365715][ T6860] ? find_held_lock+0x2d/0x110 [ 63.370500][ T6860] ? hci_event_packet+0x4123/0x86f5 [ 63.375722][ T6860] ? lock_downgrade+0x820/0x820 [ 63.380602][ T6860] hci_event_packet+0x415e/0x86f5 [ 63.385645][ T6860] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 63.391647][ T6860] ? hci_cmd_complete_evt+0xc6e0/0xc6e0 [ 63.397216][ T6860] ? lock_acquire+0x1f1/0xad0 [ 63.401901][ T6860] ? skb_dequeue+0x1c/0x180 [ 63.406503][ T6860] ? find_held_lock+0x2d/0x110 [ 63.412149][ T6860] ? mark_lock+0xbc/0x1710 [ 63.416577][ T6860] ? mark_held_locks+0x9f/0xe0 [ 63.421351][ T6860] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 63.427246][ T6860] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 63.433236][ T6860] ? trace_hardirqs_on+0x5f/0x220 [ 63.438258][ T6860] ? lockdep_hardirqs_on+0x6a/0xe0 [ 63.445708][ T6860] hci_rx_work+0x22e/0xb10 [ 63.450113][ T6860] process_one_work+0x94c/0x1670 [ 63.455034][ T6860] ? lock_release+0x8d0/0x8d0 [ 63.459715][ T6860] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 63.465082][ T6860] ? rwlock_bug.part.0+0x90/0x90 [ 63.470012][ T6860] ? lockdep_hardirqs_off+0x66/0xa0 [ 63.475195][ T6860] worker_thread+0x64c/0x1120 [ 63.479853][ T6860] ? __kthread_parkme+0x13f/0x1e0 [ 63.484853][ T6860] ? process_one_work+0x1670/0x1670 [ 63.490028][ T6860] kthread+0x3b5/0x4a0 [ 63.494076][ T6860] ? __kthread_bind_mask+0xc0/0xc0 [ 63.499183][ T6860] ? __kthread_bind_mask+0xc0/0xc0 [ 63.504272][ T6860] ret_from_fork+0x1f/0x30 [ 63.508669][ T6860] ================================================================== [ 63.516701][ T6860] Disabling lock debugging due to kernel taint [ 63.523548][ T6860] Kernel panic - not syncing: panic_on_warn set ... [ 63.530150][ T6860] CPU: 0 PID: 6860 Comm: kworker/u5:2 Tainted: G B 5.8.0-rc7-syzkaller #0 [ 63.539941][ T6860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.549999][ T6860] Workqueue: hci0 hci_rx_work [ 63.554655][ T6860] Call Trace: [ 63.557925][ T6860] dump_stack+0x18f/0x20d [ 63.562230][ T6860] ? amp_read_loc_assoc_final_data+0xd0/0x1f0 [ 63.568271][ T6860] panic+0x2e3/0x75c [ 63.572138][ T6860] ? __warn_printk+0xf3/0xf3 [ 63.576705][ T6860] ? preempt_schedule_common+0x59/0xc0 [ 63.582135][ T6860] ? amp_read_loc_assoc_final_data+0x120/0x1f0 [ 63.588264][ T6860] ? preempt_schedule_thunk+0x16/0x18 [ 63.593609][ T6860] ? trace_hardirqs_on+0x55/0x220 [ 63.598606][ T6860] ? amp_read_loc_assoc_final_data+0x120/0x1f0 [ 63.604733][ T6860] ? amp_read_loc_assoc_final_data+0x120/0x1f0 [ 63.610862][ T6860] end_report+0x4d/0x53 [ 63.614991][ T6860] kasan_report.cold+0xd/0x37 [ 63.619642][ T6860] ? amp_read_loc_assoc_final_data+0x120/0x1f0 [ 63.625855][ T6860] check_memory_region+0x13d/0x180 [ 63.630939][ T6860] amp_read_loc_assoc_final_data+0x120/0x1f0 [ 63.636891][ T6860] ? amp_read_loc_assoc+0x1a0/0x1a0 [ 63.642063][ T6860] ? find_held_lock+0x2d/0x110 [ 63.646802][ T6860] ? hci_event_packet+0x4123/0x86f5 [ 63.651973][ T6860] ? lock_downgrade+0x820/0x820 [ 63.656801][ T6860] hci_event_packet+0x415e/0x86f5 [ 63.661801][ T6860] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 63.667759][ T6860] ? hci_cmd_complete_evt+0xc6e0/0xc6e0 [ 63.673278][ T6860] ? lock_acquire+0x1f1/0xad0 [ 63.677931][ T6860] ? skb_dequeue+0x1c/0x180 [ 63.682408][ T6860] ? find_held_lock+0x2d/0x110 [ 63.687150][ T6860] ? mark_lock+0xbc/0x1710 [ 63.691542][ T6860] ? mark_held_locks+0x9f/0xe0 [ 63.696283][ T6860] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 63.702064][ T6860] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 63.708016][ T6860] ? trace_hardirqs_on+0x5f/0x220 [ 63.713017][ T6860] ? lockdep_hardirqs_on+0x6a/0xe0 [ 63.718169][ T6860] hci_rx_work+0x22e/0xb10 [ 63.722564][ T6860] process_one_work+0x94c/0x1670 [ 63.727478][ T6860] ? lock_release+0x8d0/0x8d0 [ 63.732140][ T6860] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 63.737511][ T6860] ? rwlock_bug.part.0+0x90/0x90 [ 63.742428][ T6860] ? lockdep_hardirqs_off+0x66/0xa0 [ 63.747601][ T6860] worker_thread+0x64c/0x1120 [ 63.752254][ T6860] ? __kthread_parkme+0x13f/0x1e0 [ 63.757255][ T6860] ? process_one_work+0x1670/0x1670 [ 63.762428][ T6860] kthread+0x3b5/0x4a0 [ 63.766470][ T6860] ? __kthread_bind_mask+0xc0/0xc0 [ 63.771555][ T6860] ? __kthread_bind_mask+0xc0/0xc0 [ 63.776643][ T6860] ret_from_fork+0x1f/0x30 [ 63.782332][ T6860] Kernel Offset: disabled [ 63.786655][ T6860] Rebooting in 86400 seconds..