[  OK  ] Reached target Login Prompts.
[  OK  ] Reached target Multi-User System.
[  OK  ] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[  OK  ] Started Update UTMP about System Runlevel Changes.


Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.82' (ECDSA) to the list of known hosts.
syzkaller login: [  103.744474] audit: type=1400 audit(1596740174.982:8): avc:  denied  { execmem } for  pid=6341 comm="syz-executor110" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[  103.981883] IPVS: ftp: loaded support on port[0] = 21
executing program
executing program
executing program
executing program
executing program
executing program
[  105.946189] list_del corruption, ffff8880977c4f28->next is LIST_POISON1 (dead000000000100)
[  105.955665] ------------[ cut here ]------------
[  105.960407] kernel BUG at lib/list_debug.c:45!
[  105.965013] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  105.970371] Modules linked in:
[  105.973543] CPU: 0 PID: 1202 Comm: kworker/u5:0 Not tainted 4.14.192-syzkaller #0
[  105.981137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  105.990488] Workqueue: hci0 hci_rx_work
[  105.994441] task: ffff8880a79e46c0 task.stack: ffff8880a7a70000
[  106.000475] RIP: 0010:__list_del_entry_valid.cold+0x23/0x55
[  106.006172] RSP: 0018:ffff8880a7a779b8 EFLAGS: 00010282
[  106.011510] RAX: 000000000000004e RBX: ffff88809b2906c0 RCX: 0000000000000000
[  106.018755] RDX: 0000000000000000 RSI: ffffffff86ac0dc0 RDI: ffffed1014f4ef2d
[  106.025999] RBP: ffff8880977c4f28 R08: 000000000000004e R09: 0000000000000000
[  106.033254] R10: 0000000000000000 R11: 0000000000000000 R12: dead000000000200
[  106.040499] R13: dead000000000100 R14: ffff8880977c4ac0 R15: ffff88809df00200
[  106.047744] FS:  0000000000000000(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000
[  106.055944] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  106.061800] CR2: 0000563894bfd5a8 CR3: 0000000094360000 CR4: 00000000001406f0
[  106.069045] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  106.076300] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  106.083545] Call Trace:
[  106.086118]  l2cap_chan_put+0x50/0x1b0
[  106.089991]  l2cap_recv_frame+0xb9a/0x95c0
[  106.094201]  ? trace_hardirqs_on+0x10/0x10
[  106.098410]  ? __lock_acquire+0x5fc/0x3f20
[  106.102632]  ? __lock_acquire+0x5fc/0x3f20
[  106.106850]  ? l2cap_ertm_init+0xb70/0xb70
[  106.111070]  ? lock_acquire+0x170/0x3f0
[  106.115027]  ? hci_rx_work+0x278/0x970
[  106.119066]  ? trace_hardirqs_on+0x10/0x10
[  106.123274]  ? hci_rx_work+0x278/0x970
[  106.127138]  ? hci_rx_work+0x3a2/0x970
[  106.131000]  ? lock_downgrade+0x740/0x740
[  106.135125]  ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[  106.140556]  ? __mutex_unlock_slowpath+0x75/0x770
[  106.145395]  l2cap_recv_acldata+0x7a6/0x8b0
[  106.149691]  hci_rx_work+0x3d1/0x970
[  106.153380]  process_one_work+0x793/0x14a0
[  106.157602]  ? work_busy+0x320/0x320
[  106.161289]  ? worker_thread+0x158/0xff0
[  106.165323]  ? _raw_spin_unlock_irq+0x24/0x80
[  106.169805]  worker_thread+0x5cc/0xff0
[  106.173669]  ? rescuer_thread+0xc80/0xc80
[  106.177803]  kthread+0x30d/0x420
[  106.181145]  ? kthread_create_on_node+0xd0/0xd0
[  106.185787]  ret_from_fork+0x24/0x30
[  106.189473] Code: e6 e8 68 b1 44 fe 0f 0b 48 89 ee 48 c7 c7 60 5e e4 86 e8 57 b1 44 fe 0f 0b 4c 89 ea 48 89 ee 48 c7 c7 a0 5d e4 86 e8 43 b1 44 fe <0f> 0b 4c 89 e2 48 89 ee 48 c7 c7 00 5e e4 86 e8 2f b1 44 fe 0f 
[  106.208560] RIP: __list_del_entry_valid.cold+0x23/0x55 RSP: ffff8880a7a779b8
[  106.215748] ---[ end trace 359a8ca72f17405e ]---
[  106.220481] Kernel panic - not syncing: Fatal exception
[  106.227083] Kernel Offset: disabled
[  106.230701] Rebooting in 86400 seconds..