Starting Load/Save RF Kill Switch Status...
[�[0;32m OK �[0m] Started Load/Save RF Kill Switch Status.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.0.35' (ECDSA) to the list of known hosts.
2021/04/24 23:56:24 fuzzer started
2021/04/24 23:56:25 dialing manager at 10.128.0.169:43581
2021/04/24 23:56:25 syscalls: 3560
2021/04/24 23:56:25 code coverage: enabled
2021/04/24 23:56:25 comparison tracing: enabled
2021/04/24 23:56:25 extra coverage: enabled
2021/04/24 23:56:25 setuid sandbox: enabled
2021/04/24 23:56:25 namespace sandbox: enabled
2021/04/24 23:56:25 Android sandbox: /sys/fs/selinux/policy does not exist
2021/04/24 23:56:25 fault injection: enabled
2021/04/24 23:56:25 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2021/04/24 23:56:25 net packet injection: enabled
2021/04/24 23:56:25 net device setup: enabled
2021/04/24 23:56:25 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2021/04/24 23:56:25 devlink PCI setup: PCI device 0000:00:10.0 is not available
2021/04/24 23:56:25 USB emulation: enabled
2021/04/24 23:56:25 hci packet injection: enabled
2021/04/24 23:56:25 wifi device emulation: enabled
2021/04/24 23:56:25 802.15.4 emulation: enabled
2021/04/24 23:56:25 fetching corpus: 0, signal 0/2000 (executing program)
syzkaller login: [ 70.341858][ T4827] general protection fault, probably for non-canonical address 0xdffffc00000000cd: 0000 [#1] PREEMPT SMP KASAN
[ 70.353618][ T4827] KASAN: null-ptr-deref in range [0x0000000000000668-0x000000000000066f]
[ 70.362046][ T4827] CPU: 0 PID: 4827 Comm: kworker/0:3 Not tainted 5.12.0-rc8-next-20210423-syzkaller #0
[ 70.371700][ T4827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 70.381775][ T4827] Workqueue: cgroup_destroy css_free_rwork_fn
[ 70.387890][ T4827] RIP: 0010:css_free_rwork_fn+0xe2/0x10f0
[ 70.393643][ T4827] Code: ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e 64 04 00 00 48 8d 7d 20 8b 5b a0 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 9d 0d 00 00 4c 89 f7 ff 55 20 48 c7 c7 e0 bd fb
[ 70.413331][ T4827] RSP: 0018:ffffc9000b8e7cc8 EFLAGS: 00010203
[ 70.419423][ T4827] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 70.427419][ T4827] RDX: 00000000000000cd RSI: ffffffff816e6972 RDI: 000000000000066e
[ 70.435412][ T4827] RBP: 000000000000064e R08: 0000000000000001 R09: ffffffff90207957
[ 70.443750][ T4827] R10: 0000000000000001 R11: 0000000000084087 R12: 00000870ffffea00
[ 70.451723][ T4827] R13: ffff8880290a0000 R14: ffff888014528000 R15: ffff8880b9c34a80
[ 70.459688][ T4827] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[ 70.468780][ T4827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 70.475756][ T4827] CR2: 00007fe2b482f6b8 CR3: 0000000024405000 CR4: 00000000001506f0
[ 70.483772][ T4827] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 70.491738][ T4827] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 70.499724][ T4827] Call Trace:
[ 70.503022][ T4827] process_one_work+0x98d/0x1600
[ 70.507970][ T4827] ? pwq_dec_nr_in_flight+0x320/0x320
[ 70.513353][ T4827] ? rwlock_bug.part.0+0x90/0x90
[ 70.518279][ T4827] ? _raw_spin_lock_irq+0x41/0x50
[ 70.523392][ T4827] worker_thread+0x64c/0x1120
[ 70.528338][ T4827] ? __kthread_parkme+0x13f/0x1e0
[ 70.533372][ T4827] ? process_one_work+0x1600/0x1600
[ 70.538663][ T4827] kthread+0x3b1/0x4a0
[ 70.542724][ T4827] ? __kthread_bind_mask+0xc0/0xc0
[ 70.547847][ T4827] ret_from_fork+0x1f/0x30
[ 70.552362][ T4827] Modules linked in:
[ 70.562115][ T4827] ---[ end trace ca06c9e83614f55b ]---
[ 70.569567][ T4827] RIP: 0010:css_free_rwork_fn+0xe2/0x10f0
[ 70.576809][ T4827] Code: ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e 64 04 00 00 48 8d 7d 20 8b 5b a0 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 9d 0d 00 00 4c 89 f7 ff 55 20 48 c7 c7 e0 bd fb
[ 70.600253][ T4827] RSP: 0018:ffffc9000b8e7cc8 EFLAGS: 00010203
[ 70.607891][ T4827] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 70.616325][ T4827] RDX: 00000000000000cd RSI: ffffffff816e6972 RDI: 000000000000066e
[ 70.624622][ T4827] RBP: 000000000000064e R08: 0000000000000001 R09: ffffffff90207957
[ 70.633149][ T4827] R10: 0000000000000001 R11: 0000000000084087 R12: 00000870ffffea00
[ 70.641581][ T4827] R13: ffff8880290a0000 R14: ffff888014528000 R15: ffff8880b9c34a80
[ 70.649834][ T4827] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[ 70.659164][ T4827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 70.666076][ T4827] CR2: 00007ff17803f028 CR3: 0000000013177000 CR4: 00000000001506f0
[ 70.674481][ T4827] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 70.682923][ T4827] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 70.691398][ T4827] Kernel panic - not syncing: Fatal exception
[ 70.698526][ T4827] Kernel Offset: disabled
[ 70.703701][ T4827] Rebooting in 86400 seconds..