Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.112' (ECDSA) to the list of known hosts. 2021/05/04 03:54:44 fuzzer started 2021/05/04 03:54:45 dialing manager at 10.128.0.169:34381 2021/05/04 03:54:45 syscalls: 3586 2021/05/04 03:54:45 code coverage: enabled 2021/05/04 03:54:45 comparison tracing: enabled 2021/05/04 03:54:45 extra coverage: enabled 2021/05/04 03:54:45 setuid sandbox: enabled 2021/05/04 03:54:45 namespace sandbox: enabled 2021/05/04 03:54:45 Android sandbox: /sys/fs/selinux/policy does not exist 2021/05/04 03:54:45 fault injection: enabled 2021/05/04 03:54:45 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/05/04 03:54:45 net packet injection: enabled 2021/05/04 03:54:45 net device setup: enabled 2021/05/04 03:54:45 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2021/05/04 03:54:45 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/05/04 03:54:45 USB emulation: enabled 2021/05/04 03:54:45 hci packet injection: enabled 2021/05/04 03:54:45 wifi device emulation: enabled 2021/05/04 03:54:45 802.15.4 emulation: enabled 2021/05/04 03:54:45 fetching corpus: 0, signal 0/2000 (executing program) 2021/05/04 03:54:45 fetching corpus: 50, signal 57841/61495 (executing program) 2021/05/04 03:54:45 fetching corpus: 100, signal 101125/106149 (executing program) 2021/05/04 03:54:46 fetching corpus: 150, signal 134195/140452 (executing program) 2021/05/04 03:54:46 fetching corpus: 200, signal 148014/155592 (executing program) 2021/05/04 03:54:46 fetching corpus: 250, signal 157550/166498 (executing program) 2021/05/04 03:54:46 fetching corpus: 300, signal 166476/176689 (executing program) 2021/05/04 03:54:46 fetching corpus: 350, signal 177879/189278 (executing program) 2021/05/04 03:54:46 fetching corpus: 400, signal 187711/200270 (executing program) 2021/05/04 03:54:46 fetching corpus: 450, signal 194066/207812 (executing program) 2021/05/04 03:54:47 fetching corpus: 500, signal 203560/218334 (executing program) 2021/05/04 03:54:47 fetching corpus: 550, signal 212449/228266 (executing program) 2021/05/04 03:54:47 fetching corpus: 600, signal 219212/236045 (executing program) 2021/05/04 03:54:47 fetching corpus: 650, signal 225526/243417 (executing program) 2021/05/04 03:54:47 fetching corpus: 700, signal 231966/250752 (executing program) 2021/05/04 03:54:47 Manager.Poll call failed: reading body read tcp 10.128.1.112:51484->10.128.0.169:34381: read: bad address syzkaller login: [ 73.902610][ T8449] general protection fault, probably for non-canonical address 0xdffffc00400dbd01: 0000 [#1] PREEMPT SMP KASAN [ 73.914623][ T8449] KASAN: probably user-memory-access in range [0x00000002006de808-0x00000002006de80f] [ 73.924155][ T8449] CPU: 1 PID: 8449 Comm: syz-fuzzer Not tainted 5.12.0-rc8-next-20210423-syzkaller #0 [ 73.933683][ T8449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.943722][ T8449] RIP: 0010:skb_release_data+0x3a0/0x750 [ 73.949359][ T8449] Code: 48 8b 04 24 48 c1 e8 03 42 80 3c 30 00 0f 85 d3 02 00 00 49 63 c4 48 c1 e0 04 4a 8b 6c 28 30 48 8d 7d 08 48 89 f8 48 c1 e8 03 <42> 80 3c 30 00 0f 85 a7 02 00 00 48 8b 45 08 31 ff 48 89 c3 48 89 [ 73.968963][ T8449] RSP: 0018:ffffc9000188f960 EFLAGS: 00010202 [ 73.975010][ T8449] RAX: 00000000400dbd01 RBX: 0000000000000011 RCX: 0000000000000000 [ 73.982963][ T8449] RDX: ffff888024b90000 RSI: ffffffff8703c746 RDI: 00000002006de808 [ 73.990920][ T8449] RBP: 00000002006de800 R08: 0000000000000011 R09: ffffffff90207957 [ 73.998958][ T8449] R10: ffffffff8703c733 R11: 0000000000000009 R12: 0000000000000010 [ 74.006912][ T8449] R13: ffff88802e8e7ecc R14: dffffc0000000000 R15: ffff8880293dac80 [ 74.014866][ T8449] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 74.023787][ T8449] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.030377][ T8449] CR2: 0000000000b8db4c CR3: 000000000bc8e000 CR4: 00000000001506e0 [ 74.038334][ T8449] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.046287][ T8449] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.054239][ T8449] Call Trace: [ 74.057522][ T8449] __kfree_skb+0x46/0x60 [ 74.061753][ T8449] __tcp_close+0x230/0x1170 [ 74.066428][ T8449] tcp_close+0x29/0xc0 [ 74.070532][ T8449] inet_release+0x12e/0x280 [ 74.075023][ T8449] __sock_release+0xcd/0x280 [ 74.079610][ T8449] sock_close+0x18/0x20 [ 74.083756][ T8449] __fput+0x288/0x920 [ 74.087734][ T8449] ? __sock_release+0x280/0x280 [ 74.092571][ T8449] task_work_run+0xdd/0x1a0 [ 74.097058][ T8449] do_exit+0xbfc/0x2a70 [ 74.101197][ T8449] ? find_held_lock+0x2d/0x110 [ 74.105963][ T8449] ? mm_update_next_owner+0x7a0/0x7a0 [ 74.111318][ T8449] ? get_signal+0x337/0x2150 [ 74.115890][ T8449] ? lock_downgrade+0x6e0/0x6e0 [ 74.120727][ T8449] do_group_exit+0x125/0x310 [ 74.125315][ T8449] get_signal+0x47f/0x2150 [ 74.129720][ T8449] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 74.135541][ T8449] arch_do_signal_or_restart+0x2a8/0x1eb0 [ 74.141246][ T8449] ? hrtimer_nanosleep+0x22b/0x4a0 [ 74.146340][ T8449] ? nanosleep_copyout+0x100/0x100 [ 74.151434][ T8449] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 74.157669][ T8449] ? copy_siginfo_to_user32+0xa0/0xa0 [ 74.163039][ T8449] ? put_timespec64+0x120/0x120 [ 74.167890][ T8449] ? lock_downgrade+0x6e0/0x6e0 [ 74.172728][ T8449] exit_to_user_mode_prepare+0x171/0x280 [ 74.178344][ T8449] syscall_exit_to_user_mode+0x19/0x60 [ 74.183785][ T8449] do_syscall_64+0x47/0xb0 [ 74.188220][ T8449] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 74.194110][ T8449] RIP: 0033:0x46dabd [ 74.198000][ T8449] Code: Unable to access opcode bytes at RIP 0x46da93. [ 74.204824][ T8449] RSP: 002b:000000c00003df18 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 74.213216][ T8449] RAX: fffffffffffffdfc RBX: 0000000000000a00 RCX: 000000000046dabd [ 74.221179][ T8449] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000c00003df18 [ 74.229141][ T8449] RBP: 000000c00003df28 R08: 0000000000000c97 R09: 00007ffd073ec080 [ 74.237098][ T8449] R10: 00007ffd073ec090 R11: 0000000000000206 R12: 000000000043b6a0 [ 74.245051][ T8449] R13: 0000000000000000 R14: 0000000000947a7c R15: 0000000000000000 [ 74.253008][ T8449] Modules linked in: [ 74.258664][ T8449] ---[ end trace 8297a29b1969266d ]--- [ 74.264150][ T8449] RIP: 0010:skb_release_data+0x3a0/0x750 [ 74.270832][ T8449] Code: 48 8b 04 24 48 c1 e8 03 42 80 3c 30 00 0f 85 d3 02 00 00 49 63 c4 48 c1 e0 04 4a 8b 6c 28 30 48 8d 7d 08 48 89 f8 48 c1 e8 03 <42> 80 3c 30 00 0f 85 a7 02 00 00 48 8b 45 08 31 ff 48 89 c3 48 89 [ 74.290643][ T8449] RSP: 0018:ffffc9000188f960 EFLAGS: 00010202 [ 74.296758][ T8449] RAX: 00000000400dbd01 RBX: 0000000000000011 RCX: 0000000000000000 [ 74.304730][ T8449] RDX: ffff888024b90000 RSI: ffffffff8703c746 RDI: 00000002006de808 [ 74.312736][ T8449] RBP: 00000002006de800 R08: 0000000000000011 R09: ffffffff90207957 [ 74.320754][ T8449] R10: ffffffff8703c733 R11: 0000000000000009 R12: 0000000000000010 [ 74.328758][ T8449] R13: ffff88802e8e7ecc R14: dffffc0000000000 R15: ffff8880293dac80 [ 74.336762][ T8449] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 74.345882][ T8449] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.352476][ T8449] CR2: 000000c0004e8000 CR3: 000000000bc8e000 CR4: 00000000001506f0 [ 74.360476][ T8449] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.368484][ T8449] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.376600][ T8449] Kernel panic - not syncing: Fatal exception [ 74.383357][ T8449] Kernel Offset: disabled [ 74.387680][ T8449] Rebooting in 86400 seconds..