Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.210' (ECDSA) to the list of known hosts. 2020/04/28 10:54:39 fuzzer started 2020/04/28 10:54:41 connecting to host at 10.128.0.26:45903 2020/04/28 10:54:41 checking machine... 2020/04/28 10:54:41 checking revisions... 2020/04/28 10:54:41 testing simple program... syzkaller login: [ 56.697890][ T7052] IPVS: ftp: loaded support on port[0] = 21 2020/04/28 10:54:41 building call list... [ 57.035319][ T235] tipc: TX() has been purged, node left! [ 58.427204][ T7078] can: request_module (can-proto-0) failed. executing program [ 60.019680][ T7078] can: request_module (can-proto-0) failed. [ 60.031110][ T7078] can: request_module (can-proto-0) failed. [ 60.484405][ T7078] ================================================================== [ 60.492861][ T7078] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 60.500053][ T7078] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7078 [ 60.507923][ T7078] [ 60.510237][ T7078] CPU: 0 PID: 7078 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 60.518461][ T7078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.528497][ T7078] Call Trace: [ 60.531788][ T7078] dump_stack+0x188/0x20d [ 60.536100][ T7078] ? x25_disconnect+0x253/0x370 [ 60.540929][ T7078] ? __sock_release+0x280/0x280 [ 60.545765][ T7078] __kasan_report.cold+0x5/0x4d [ 60.550593][ T7078] ? rcu_read_lock_held+0x1/0xb0 [ 60.555505][ T7078] ? x25_disconnect+0x253/0x370 [ 60.560343][ T7078] ? x25_disconnect+0x253/0x370 [ 60.565181][ T7078] kasan_report+0x33/0x50 [ 60.569487][ T7078] check_memory_region+0x141/0x190 [ 60.574572][ T7078] x25_disconnect+0x253/0x370 [ 60.579224][ T7078] x25_release+0x345/0x420 [ 60.583639][ T7078] __sock_release+0xcd/0x280 [ 60.588215][ T7078] sock_close+0x18/0x20 [ 60.592346][ T7078] __fput+0x33e/0x880 [ 60.596323][ T7078] task_work_run+0xf4/0x1b0 [ 60.600816][ T7078] exit_to_usermode_loop+0x2fa/0x360 [ 60.606079][ T7078] do_syscall_64+0x6b1/0x7d0 [ 60.610648][ T7078] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 60.616513][ T7078] RIP: 0033:0x4afb40 [ 60.620384][ T7078] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 60.639962][ T7078] RSP: 002b:000000c0001e94f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 60.648354][ T7078] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 60.656299][ T7078] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.664246][ T7078] RBP: 000000c0001e9538 R08: 0000000000000000 R09: 0000000000000000 [ 60.672215][ T7078] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 60.680192][ T7078] R13: 0000000000000164 R14: 0000000000000163 R15: 0000000000000200 [ 60.688155][ T7078] ================================================================== [ 60.696204][ T7078] Disabling lock debugging due to kernel taint [ 60.702444][ T7078] Kernel panic - not syncing: panic_on_warn set ... [ 60.709033][ T7078] CPU: 0 PID: 7078 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 60.718658][ T7078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.728696][ T7078] Call Trace: [ 60.731964][ T7078] dump_stack+0x188/0x20d [ 60.736268][ T7078] ? __sock_release+0x280/0x280 [ 60.741176][ T7078] panic+0x2e3/0x75c [ 60.745051][ T7078] ? add_taint.cold+0x16/0x16 [ 60.749702][ T7078] ? x25_disconnect+0x253/0x370 [ 60.754524][ T7078] ? trace_hardirqs_on+0x55/0x220 [ 60.759533][ T7078] ? x25_disconnect+0x253/0x370 [ 60.764356][ T7078] ? __sock_release+0x280/0x280 [ 60.769177][ T7078] end_report+0x4d/0x53 [ 60.773310][ T7078] __kasan_report.cold+0xd/0x4d [ 60.778150][ T7078] ? rcu_read_lock_held+0x1/0xb0 [ 60.783059][ T7078] ? x25_disconnect+0x253/0x370 [ 60.787882][ T7078] ? x25_disconnect+0x253/0x370 [ 60.792704][ T7078] kasan_report+0x33/0x50 [ 60.797007][ T7078] check_memory_region+0x141/0x190 [ 60.802090][ T7078] x25_disconnect+0x253/0x370 [ 60.806739][ T7078] x25_release+0x345/0x420 [ 60.811128][ T7078] __sock_release+0xcd/0x280 [ 60.815692][ T7078] sock_close+0x18/0x20 [ 60.819820][ T7078] __fput+0x33e/0x880 [ 60.823775][ T7078] task_work_run+0xf4/0x1b0 [ 60.828253][ T7078] exit_to_usermode_loop+0x2fa/0x360 [ 60.833508][ T7078] do_syscall_64+0x6b1/0x7d0 [ 60.838071][ T7078] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 60.843933][ T7078] RIP: 0033:0x4afb40 [ 60.847830][ T7078] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 60.867504][ T7078] RSP: 002b:000000c0001e94f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 60.875898][ T7078] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 60.883843][ T7078] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.891788][ T7078] RBP: 000000c0001e9538 R08: 0000000000000000 R09: 0000000000000000 [ 60.899745][ T7078] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 60.907688][ T7078] R13: 0000000000000164 R14: 0000000000000163 R15: 0000000000000200 [ 60.917038][ T7078] Kernel Offset: disabled [ 60.921361][ T7078] Rebooting in 86400 seconds..