[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.159' (ECDSA) to the list of known hosts. executing program executing program syzkaller login: [ 71.570680][ T7044] ================================================================== [ 71.579268][ T7044] BUG: KASAN: null-ptr-deref in choke_reset+0x208/0x340 [ 71.586204][ T7044] Write of size 8 at addr 0000000000000000 by task syz-executor768/7044 [ 71.595633][ T7044] [ 71.597972][ T7044] CPU: 0 PID: 7044 Comm: syz-executor768 Not tainted 5.7.0-rc1-syzkaller #0 [ 71.606758][ T7044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 71.617543][ T7044] Call Trace: [ 71.620834][ T7044] dump_stack+0x188/0x20d [ 71.625341][ T7044] ? choke_reset+0x208/0x340 [ 71.629934][ T7044] __kasan_report.cold+0x5/0x4d [ 71.635179][ T7044] ? choke_reset+0x208/0x340 [ 71.640254][ T7044] ? choke_reset+0x208/0x340 [ 71.644850][ T7044] kasan_report+0x33/0x50 [ 71.649742][ T7044] check_memory_region+0x141/0x190 [ 71.654947][ T7044] memset+0x20/0x40 [ 71.658743][ T7044] choke_reset+0x208/0x340 [ 71.663147][ T7044] ? choke_destroy+0x40/0x40 [ 71.667826][ T7044] qdisc_reset+0x6b/0x520 [ 71.672163][ T7044] dev_deactivate_queue.constprop.0+0x13c/0x240 [ 71.678420][ T7044] dev_deactivate_many+0xe2/0xba0 [ 71.683447][ T7044] ? __is_module_percpu_address+0x257/0x350 [ 71.689416][ T7044] dev_deactivate+0xf8/0x1c0 [ 71.694965][ T7044] ? dev_deactivate_many+0xba0/0xba0 [ 71.700243][ T7044] ? is_dynamic_key+0x12a/0x1a0 [ 71.705088][ T7044] ? choke_dequeue+0x4b0/0x4b0 [ 71.709837][ T7044] qdisc_graft+0xd25/0x1120 [ 71.714342][ T7044] ? tc_dump_tclass+0x480/0x480 [ 71.719179][ T7044] ? tc_get_qdisc+0xaf0/0xaf0 [ 71.724023][ T7044] ? nla_memcpy+0xa0/0xa0 [ 71.728356][ T7044] ? ns_capable_common+0xe2/0x100 [ 71.733363][ T7044] tc_modify_qdisc+0xbab/0x1a00 [ 71.738330][ T7044] ? qdisc_create+0x1140/0x1140 [ 71.743363][ T7044] ? mutex_trylock+0x2c0/0x2c0 [ 71.748254][ T7044] ? find_held_lock+0x2d/0x110 [ 71.753025][ T7044] ? qdisc_create+0x1140/0x1140 [ 71.757970][ T7044] rtnetlink_rcv_msg+0x44e/0xad0 [ 71.763000][ T7044] ? rtnl_bridge_getlink+0x870/0x870 [ 71.768351][ T7044] ? lock_acquire+0x1f2/0x8f0 [ 71.773039][ T7044] ? netlink_deliver_tap+0x146/0xb50 [ 71.778343][ T7044] netlink_rcv_skb+0x15a/0x410 [ 71.783299][ T7044] ? rtnl_bridge_getlink+0x870/0x870 [ 71.788768][ T7044] ? netlink_ack+0xa10/0xa10 [ 71.793658][ T7044] netlink_unicast+0x537/0x740 [ 71.799408][ T7044] ? netlink_attachskb+0x810/0x810 [ 71.804708][ T7044] ? _copy_from_iter_full+0x25c/0x870 [ 71.810071][ T7044] ? __phys_addr_symbol+0x2c/0x70 [ 71.815103][ T7044] ? __check_object_size+0x171/0x437 [ 71.820392][ T7044] netlink_sendmsg+0x882/0xe10 [ 71.825152][ T7044] ? aa_af_perm+0x260/0x260 [ 71.829751][ T7044] ? netlink_unicast+0x740/0x740 [ 71.834693][ T7044] ? netlink_unicast+0x740/0x740 [ 71.839619][ T7044] sock_sendmsg+0xcf/0x120 [ 71.844027][ T7044] ____sys_sendmsg+0x6bf/0x7e0 [ 71.848790][ T7044] ? print_usage_bug+0x240/0x240 [ 71.854004][ T7044] ? kernel_sendmsg+0x50/0x50 [ 71.858700][ T7044] ___sys_sendmsg+0x100/0x170 [ 71.863495][ T7044] ? sendmsg_copy_msghdr+0x70/0x70 [ 71.868616][ T7044] ? mark_held_locks+0xe0/0xe0 [ 71.873377][ T7044] ? __this_cpu_preempt_check+0x28/0x190 [ 71.879173][ T7044] ? percpu_counter_add_batch+0x123/0x180 [ 71.884984][ T7044] ? find_held_lock+0x2d/0x110 [ 71.889791][ T7044] ? __fd_install+0x1b4/0x600 [ 71.894525][ T7044] ? lock_downgrade+0x840/0x840 [ 71.899380][ T7044] ? __fget_light+0x1ab/0x270 [ 71.904060][ T7044] __sys_sendmsg+0xec/0x1b0 [ 71.908586][ T7044] ? __sys_sendmsg_sock+0xb0/0xb0 [ 71.913607][ T7044] ? trace_hardirqs_off_caller+0x55/0x230 [ 71.919313][ T7044] ? do_syscall_64+0x21/0x7d0 [ 71.923973][ T7044] do_syscall_64+0xf6/0x7d0 [ 71.928465][ T7044] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 71.934356][ T7044] RIP: 0033:0x441409 [ 71.938846][ T7044] Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 71.958519][ T7044] RSP: 002b:00007ffc6de6e258 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 71.967350][ T7044] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441409 [ 71.975304][ T7044] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 71.983256][ T7044] RBP: 0000000000011779 R08: 00000000004002c8 R09: 00000000004002c8 [ 71.991222][ T7044] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000402230 [ 71.999187][ T7044] R13: 00000000004022c0 R14: 0000000000000000 R15: 0000000000000000 [ 72.007238][ T7044] ================================================================== [ 72.015285][ T7044] Disabling lock debugging due to kernel taint [ 72.021732][ T7044] Kernel panic - not syncing: panic_on_warn set ... [ 72.028422][ T7044] CPU: 0 PID: 7044 Comm: syz-executor768 Tainted: G B 5.7.0-rc1-syzkaller #0 [ 72.038479][ T7044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 72.049048][ T7044] Call Trace: [ 72.052324][ T7044] dump_stack+0x188/0x20d [ 72.056633][ T7044] panic+0x2e3/0x75c [ 72.060531][ T7044] ? add_taint.cold+0x16/0x16 [ 72.065196][ T7044] ? retint_kernel+0x2b/0x2b [ 72.069987][ T7044] ? choke_reset+0x208/0x340 [ 72.074645][ T7044] ? trace_hardirqs_on+0x55/0x220 [ 72.079668][ T7044] ? choke_reset+0x208/0x340 [ 72.084339][ T7044] end_report+0x4d/0x53 [ 72.088474][ T7044] __kasan_report.cold+0xd/0x4d [ 72.093306][ T7044] ? choke_reset+0x208/0x340 [ 72.097969][ T7044] ? choke_reset+0x208/0x340 [ 72.102541][ T7044] kasan_report+0x33/0x50 [ 72.106853][ T7044] check_memory_region+0x141/0x190 [ 72.111947][ T7044] memset+0x20/0x40 [ 72.115759][ T7044] choke_reset+0x208/0x340 [ 72.120201][ T7044] ? choke_destroy+0x40/0x40 [ 72.124862][ T7044] qdisc_reset+0x6b/0x520 [ 72.129176][ T7044] dev_deactivate_queue.constprop.0+0x13c/0x240 [ 72.135393][ T7044] dev_deactivate_many+0xe2/0xba0 [ 72.140400][ T7044] ? __is_module_percpu_address+0x257/0x350 [ 72.146281][ T7044] dev_deactivate+0xf8/0x1c0 [ 72.150849][ T7044] ? dev_deactivate_many+0xba0/0xba0 [ 72.156214][ T7044] ? is_dynamic_key+0x12a/0x1a0 [ 72.161495][ T7044] ? choke_dequeue+0x4b0/0x4b0 [ 72.166239][ T7044] qdisc_graft+0xd25/0x1120 [ 72.170751][ T7044] ? tc_dump_tclass+0x480/0x480 [ 72.175825][ T7044] ? tc_get_qdisc+0xaf0/0xaf0 [ 72.180678][ T7044] ? nla_memcpy+0xa0/0xa0 [ 72.185092][ T7044] ? ns_capable_common+0xe2/0x100 [ 72.190147][ T7044] tc_modify_qdisc+0xbab/0x1a00 [ 72.194982][ T7044] ? qdisc_create+0x1140/0x1140 [ 72.200735][ T7044] ? mutex_trylock+0x2c0/0x2c0 [ 72.205583][ T7044] ? find_held_lock+0x2d/0x110 [ 72.210334][ T7044] ? qdisc_create+0x1140/0x1140 [ 72.215307][ T7044] rtnetlink_rcv_msg+0x44e/0xad0 [ 72.220562][ T7044] ? rtnl_bridge_getlink+0x870/0x870 [ 72.225866][ T7044] ? lock_acquire+0x1f2/0x8f0 [ 72.230558][ T7044] ? netlink_deliver_tap+0x146/0xb50 [ 72.235862][ T7044] netlink_rcv_skb+0x15a/0x410 [ 72.240787][ T7044] ? rtnl_bridge_getlink+0x870/0x870 [ 72.246066][ T7044] ? netlink_ack+0xa10/0xa10 [ 72.250664][ T7044] netlink_unicast+0x537/0x740 [ 72.255422][ T7044] ? netlink_attachskb+0x810/0x810 [ 72.260528][ T7044] ? _copy_from_iter_full+0x25c/0x870 [ 72.265947][ T7044] ? __phys_addr_symbol+0x2c/0x70 [ 72.271058][ T7044] ? __check_object_size+0x171/0x437 [ 72.276335][ T7044] netlink_sendmsg+0x882/0xe10 [ 72.281210][ T7044] ? aa_af_perm+0x260/0x260 [ 72.285693][ T7044] ? netlink_unicast+0x740/0x740 [ 72.290732][ T7044] ? netlink_unicast+0x740/0x740 [ 72.295802][ T7044] sock_sendmsg+0xcf/0x120 [ 72.300209][ T7044] ____sys_sendmsg+0x6bf/0x7e0 [ 72.304961][ T7044] ? print_usage_bug+0x240/0x240 [ 72.309882][ T7044] ? kernel_sendmsg+0x50/0x50 [ 72.314632][ T7044] ___sys_sendmsg+0x100/0x170 [ 72.319318][ T7044] ? sendmsg_copy_msghdr+0x70/0x70 [ 72.324514][ T7044] ? mark_held_locks+0xe0/0xe0 [ 72.329265][ T7044] ? __this_cpu_preempt_check+0x28/0x190 [ 72.334976][ T7044] ? percpu_counter_add_batch+0x123/0x180 [ 72.341213][ T7044] ? find_held_lock+0x2d/0x110 [ 72.346061][ T7044] ? __fd_install+0x1b4/0x600 [ 72.350731][ T7044] ? lock_downgrade+0x840/0x840 [ 72.355854][ T7044] ? __fget_light+0x1ab/0x270 [ 72.360803][ T7044] __sys_sendmsg+0xec/0x1b0 [ 72.365898][ T7044] ? __sys_sendmsg_sock+0xb0/0xb0 [ 72.370913][ T7044] ? trace_hardirqs_off_caller+0x55/0x230 [ 72.376622][ T7044] ? do_syscall_64+0x21/0x7d0 [ 72.381400][ T7044] do_syscall_64+0xf6/0x7d0 [ 72.385902][ T7044] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 72.391774][ T7044] RIP: 0033:0x441409 [ 72.395649][ T7044] Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 72.415260][ T7044] RSP: 002b:00007ffc6de6e258 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.423689][ T7044] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441409 [ 72.432344][ T7044] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 72.440317][ T7044] RBP: 0000000000011779 R08: 00000000004002c8 R09: 00000000004002c8 [ 72.448287][ T7044] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000402230 [ 72.456259][ T7044] R13: 00000000004022c0 R14: 0000000000000000 R15: 0000000000000000 [ 72.465898][ T7044] Kernel Offset: disabled [ 72.470269][ T7044] Rebooting in 86400 seconds..