[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.16' (ECDSA) to the list of known hosts. executing program executing program syzkaller login: [ 63.458117][ T7077] ================================================================== [ 63.466533][ T7077] BUG: KASAN: null-ptr-deref in choke_reset+0x208/0x340 [ 63.473464][ T7077] Write of size 8 at addr 0000000000000000 by task syz-executor703/7077 [ 63.481769][ T7077] [ 63.484087][ T7077] CPU: 1 PID: 7077 Comm: syz-executor703 Not tainted 5.7.0-rc2-syzkaller #0 [ 63.492748][ T7077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.502782][ T7077] Call Trace: [ 63.506082][ T7077] dump_stack+0x188/0x20d [ 63.510414][ T7077] ? choke_reset+0x208/0x340 [ 63.514991][ T7077] __kasan_report.cold+0x5/0x4d [ 63.519826][ T7077] ? choke_reset+0x208/0x340 [ 63.524397][ T7077] ? choke_reset+0x208/0x340 [ 63.529019][ T7077] kasan_report+0x33/0x50 [ 63.533336][ T7077] check_memory_region+0x141/0x190 [ 63.538517][ T7077] memset+0x20/0x40 [ 63.542321][ T7077] choke_reset+0x208/0x340 [ 63.546741][ T7077] ? choke_destroy+0x40/0x40 [ 63.551332][ T7077] qdisc_reset+0x6b/0x520 [ 63.555647][ T7077] dev_deactivate_queue.constprop.0+0x13c/0x240 [ 63.561871][ T7077] dev_deactivate_many+0xe2/0xba0 [ 63.566881][ T7077] ? __is_module_percpu_address+0x257/0x350 [ 63.572756][ T7077] dev_deactivate+0xf8/0x1c0 [ 63.577340][ T7077] ? dev_deactivate_many+0xba0/0xba0 [ 63.582610][ T7077] ? is_dynamic_key+0x12a/0x1a0 [ 63.587446][ T7077] ? choke_dequeue+0x4b0/0x4b0 [ 63.592242][ T7077] qdisc_graft+0xd25/0x1120 [ 63.596734][ T7077] ? tc_dump_tclass+0x480/0x480 [ 63.601700][ T7077] ? tc_get_qdisc+0xaf0/0xaf0 [ 63.606384][ T7077] ? nla_memcpy+0xa0/0xa0 [ 63.610704][ T7077] ? ns_capable_common+0xe2/0x100 [ 63.615826][ T7077] tc_modify_qdisc+0xbab/0x1a00 [ 63.620678][ T7077] ? qdisc_create+0x1140/0x1140 [ 63.625517][ T7077] ? mutex_trylock+0x2c0/0x2c0 [ 63.630263][ T7077] ? find_held_lock+0x2d/0x110 [ 63.635081][ T7077] ? qdisc_create+0x1140/0x1140 [ 63.639916][ T7077] rtnetlink_rcv_msg+0x44e/0xad0 [ 63.644902][ T7077] ? rtnl_bridge_getlink+0x870/0x870 [ 63.650177][ T7077] ? lock_acquire+0x1f2/0x8f0 [ 63.654835][ T7077] ? netlink_deliver_tap+0x146/0xb50 [ 63.660105][ T7077] netlink_rcv_skb+0x15a/0x410 [ 63.664850][ T7077] ? rtnl_bridge_getlink+0x870/0x870 [ 63.670116][ T7077] ? netlink_ack+0xa10/0xa10 [ 63.674696][ T7077] netlink_unicast+0x537/0x740 [ 63.679445][ T7077] ? netlink_attachskb+0x810/0x810 [ 63.684596][ T7077] ? _copy_from_iter_full+0x25c/0x870 [ 63.689957][ T7077] ? __phys_addr_symbol+0x2c/0x70 [ 63.694994][ T7077] ? __check_object_size+0x171/0x437 [ 63.700305][ T7077] netlink_sendmsg+0x882/0xe10 [ 63.705062][ T7077] ? aa_af_perm+0x260/0x260 [ 63.709547][ T7077] ? netlink_unicast+0x740/0x740 [ 63.714471][ T7077] ? netlink_unicast+0x740/0x740 [ 63.719396][ T7077] sock_sendmsg+0xcf/0x120 [ 63.723798][ T7077] ____sys_sendmsg+0x6bf/0x7e0 [ 63.728559][ T7077] ? get_compat_msghdr+0xd1/0x120 [ 63.733565][ T7077] ? kernel_sendmsg+0x50/0x50 [ 63.738236][ T7077] ___sys_sendmsg+0x100/0x170 [ 63.742899][ T7077] ? sendmsg_copy_msghdr+0x70/0x70 [ 63.747996][ T7077] ? mark_held_locks+0xe0/0xe0 [ 63.752750][ T7077] ? __this_cpu_preempt_check+0x28/0x190 [ 63.758367][ T7077] ? percpu_counter_add_batch+0x123/0x180 [ 63.764080][ T7077] ? find_held_lock+0x2d/0x110 [ 63.768846][ T7077] ? __fd_install+0x1b4/0x600 [ 63.773515][ T7077] ? lock_downgrade+0x840/0x840 [ 63.778369][ T7077] ? __fget_light+0x1ab/0x270 [ 63.783046][ T7077] __sys_sendmsg+0xec/0x1b0 [ 63.787531][ T7077] ? __sys_sendmsg_sock+0xb0/0xb0 [ 63.792560][ T7077] ? trace_hardirqs_off_caller+0x55/0x230 [ 63.798263][ T7077] ? do_fast_syscall_32+0xcc/0xe90 [ 63.803372][ T7077] do_fast_syscall_32+0x270/0xe90 [ 63.808402][ T7077] entry_SYSENTER_compat+0x70/0x7f [ 63.813513][ T7077] ================================================================== [ 63.821585][ T7077] Disabling lock debugging due to kernel taint [ 63.827801][ T7077] Kernel panic - not syncing: panic_on_warn set ... [ 63.834394][ T7077] CPU: 1 PID: 7077 Comm: syz-executor703 Tainted: G B 5.7.0-rc2-syzkaller #0 [ 63.844456][ T7077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.854514][ T7077] Call Trace: [ 63.857790][ T7077] dump_stack+0x188/0x20d [ 63.862098][ T7077] panic+0x2e3/0x75c [ 63.865974][ T7077] ? add_taint.cold+0x16/0x16 [ 63.870637][ T7077] ? retint_kernel+0x2b/0x2b [ 63.875202][ T7077] ? choke_reset+0x208/0x340 [ 63.879772][ T7077] ? trace_hardirqs_on+0x55/0x220 [ 63.884833][ T7077] ? choke_reset+0x208/0x340 [ 63.889474][ T7077] end_report+0x4d/0x53 [ 63.893629][ T7077] __kasan_report.cold+0xd/0x4d [ 63.898470][ T7077] ? choke_reset+0x208/0x340 [ 63.903050][ T7077] ? choke_reset+0x208/0x340 [ 63.907628][ T7077] kasan_report+0x33/0x50 [ 63.911974][ T7077] check_memory_region+0x141/0x190 [ 63.917069][ T7077] memset+0x20/0x40 [ 63.920879][ T7077] choke_reset+0x208/0x340 [ 63.925277][ T7077] ? choke_destroy+0x40/0x40 [ 63.929856][ T7077] qdisc_reset+0x6b/0x520 [ 63.934180][ T7077] dev_deactivate_queue.constprop.0+0x13c/0x240 [ 63.940412][ T7077] dev_deactivate_many+0xe2/0xba0 [ 63.945419][ T7077] ? __is_module_percpu_address+0x257/0x350 [ 63.951414][ T7077] dev_deactivate+0xf8/0x1c0 [ 63.955997][ T7077] ? dev_deactivate_many+0xba0/0xba0 [ 63.961266][ T7077] ? is_dynamic_key+0x12a/0x1a0 [ 63.966095][ T7077] ? choke_dequeue+0x4b0/0x4b0 [ 63.970847][ T7077] qdisc_graft+0xd25/0x1120 [ 63.975343][ T7077] ? tc_dump_tclass+0x480/0x480 [ 63.980179][ T7077] ? tc_get_qdisc+0xaf0/0xaf0 [ 63.984846][ T7077] ? nla_memcpy+0xa0/0xa0 [ 63.989163][ T7077] ? ns_capable_common+0xe2/0x100 [ 63.994174][ T7077] tc_modify_qdisc+0xbab/0x1a00 [ 63.999024][ T7077] ? qdisc_create+0x1140/0x1140 [ 64.003985][ T7077] ? mutex_trylock+0x2c0/0x2c0 [ 64.008743][ T7077] ? find_held_lock+0x2d/0x110 [ 64.013495][ T7077] ? qdisc_create+0x1140/0x1140 [ 64.018343][ T7077] rtnetlink_rcv_msg+0x44e/0xad0 [ 64.023284][ T7077] ? rtnl_bridge_getlink+0x870/0x870 [ 64.028558][ T7077] ? lock_acquire+0x1f2/0x8f0 [ 64.033217][ T7077] ? netlink_deliver_tap+0x146/0xb50 [ 64.038528][ T7077] netlink_rcv_skb+0x15a/0x410 [ 64.043293][ T7077] ? rtnl_bridge_getlink+0x870/0x870 [ 64.048570][ T7077] ? netlink_ack+0xa10/0xa10 [ 64.053246][ T7077] netlink_unicast+0x537/0x740 [ 64.058014][ T7077] ? netlink_attachskb+0x810/0x810 [ 64.063111][ T7077] ? _copy_from_iter_full+0x25c/0x870 [ 64.068475][ T7077] ? __phys_addr_symbol+0x2c/0x70 [ 64.073493][ T7077] ? __check_object_size+0x171/0x437 [ 64.078778][ T7077] netlink_sendmsg+0x882/0xe10 [ 64.083555][ T7077] ? aa_af_perm+0x260/0x260 [ 64.088046][ T7077] ? netlink_unicast+0x740/0x740 [ 64.092969][ T7077] ? netlink_unicast+0x740/0x740 [ 64.097897][ T7077] sock_sendmsg+0xcf/0x120 [ 64.102387][ T7077] ____sys_sendmsg+0x6bf/0x7e0 [ 64.107137][ T7077] ? get_compat_msghdr+0xd1/0x120 [ 64.112159][ T7077] ? kernel_sendmsg+0x50/0x50 [ 64.116835][ T7077] ___sys_sendmsg+0x100/0x170 [ 64.121499][ T7077] ? sendmsg_copy_msghdr+0x70/0x70 [ 64.126593][ T7077] ? mark_held_locks+0xe0/0xe0 [ 64.131403][ T7077] ? __this_cpu_preempt_check+0x28/0x190 [ 64.137018][ T7077] ? percpu_counter_add_batch+0x123/0x180 [ 64.142729][ T7077] ? find_held_lock+0x2d/0x110 [ 64.147477][ T7077] ? __fd_install+0x1b4/0x600 [ 64.152130][ T7077] ? lock_downgrade+0x840/0x840 [ 64.156981][ T7077] ? __fget_light+0x1ab/0x270 [ 64.161664][ T7077] __sys_sendmsg+0xec/0x1b0 [ 64.166143][ T7077] ? __sys_sendmsg_sock+0xb0/0xb0 [ 64.171149][ T7077] ? trace_hardirqs_off_caller+0x55/0x230 [ 64.176846][ T7077] ? do_fast_syscall_32+0xcc/0xe90 [ 64.181937][ T7077] do_fast_syscall_32+0x270/0xe90 [ 64.186944][ T7077] entry_SYSENTER_compat+0x70/0x7f [ 64.193280][ T7077] Kernel Offset: disabled [ 64.197630][ T7077] Rebooting in 86400 seconds..