[ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.156' (ECDSA) to the list of known hosts. 2020/05/02 23:13:58 fuzzer started 2020/05/02 23:13:58 connecting to host at 10.128.0.26:33233 2020/05/02 23:13:58 checking machine... 2020/05/02 23:13:58 checking revisions... 2020/05/02 23:13:58 testing simple program... syzkaller login: [ 56.132412][ T7180] IPVS: ftp: loaded support on port[0] = 21 2020/05/02 23:13:59 building call list... [ 56.506591][ T21] tipc: TX() has been purged, node left! [ 57.766724][ T7177] can: request_module (can-proto-0) failed. executing program [ 59.753485][ T7177] can: request_module (can-proto-0) failed. [ 59.767811][ T7177] can: request_module (can-proto-0) failed. [ 60.267078][ T7177] ================================================================== [ 60.275420][ T7177] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 60.282906][ T7177] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7177 [ 60.290787][ T7177] [ 60.293106][ T7177] CPU: 1 PID: 7177 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 60.301327][ T7177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.311469][ T7177] Call Trace: [ 60.314789][ T7177] dump_stack+0x188/0x20d [ 60.319136][ T7177] ? x25_disconnect+0x253/0x370 [ 60.324009][ T7177] ? __sock_release+0x280/0x280 [ 60.328862][ T7177] __kasan_report.cold+0x5/0x4d [ 60.333823][ T7177] ? rcu_read_lock_held+0x1/0xb0 [ 60.338771][ T7177] ? x25_disconnect+0x253/0x370 [ 60.344315][ T7177] ? x25_disconnect+0x253/0x370 [ 60.349152][ T7177] kasan_report+0x33/0x50 [ 60.353549][ T7177] check_memory_region+0x141/0x190 [ 60.358901][ T7177] x25_disconnect+0x253/0x370 [ 60.363574][ T7177] x25_release+0x345/0x420 [ 60.368064][ T7177] __sock_release+0xcd/0x280 [ 60.372734][ T7177] sock_close+0x18/0x20 [ 60.376887][ T7177] __fput+0x33e/0x880 [ 60.380941][ T7177] task_work_run+0xf4/0x1b0 [ 60.385437][ T7177] exit_to_usermode_loop+0x2fa/0x360 [ 60.390711][ T7177] do_syscall_64+0x6b1/0x7d0 [ 60.395305][ T7177] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 60.401176][ T7177] RIP: 0033:0x4afb40 [ 60.405320][ T7177] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 60.424926][ T7177] RSP: 002b:000000c0000774f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 60.437415][ T7177] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 60.445386][ T7177] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.453374][ T7177] RBP: 000000c000077538 R08: 0000000000000000 R09: 0000000000000000 [ 60.461473][ T7177] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 60.469452][ T7177] R13: 0000000000000162 R14: 0000000000000161 R15: 0000000000000200 [ 60.477648][ T7177] ================================================================== [ 60.488182][ T7177] Disabling lock debugging due to kernel taint [ 60.494922][ T7177] Kernel panic - not syncing: panic_on_warn set ... [ 60.501601][ T7177] CPU: 1 PID: 7177 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 60.511248][ T7177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.521282][ T7177] Call Trace: [ 60.524560][ T7177] dump_stack+0x188/0x20d [ 60.528960][ T7177] ? __sock_release+0x280/0x280 [ 60.533787][ T7177] panic+0x2e3/0x75c [ 60.537675][ T7177] ? add_taint.cold+0x16/0x16 [ 60.542353][ T7177] ? x25_disconnect+0x253/0x370 [ 60.547201][ T7177] ? trace_hardirqs_on+0x55/0x220 [ 60.552223][ T7177] ? x25_disconnect+0x253/0x370 [ 60.557049][ T7177] ? __sock_release+0x280/0x280 [ 60.562492][ T7177] end_report+0x4d/0x53 [ 60.566824][ T7177] __kasan_report.cold+0xd/0x4d [ 60.571936][ T7177] ? rcu_read_lock_held+0x1/0xb0 [ 60.576851][ T7177] ? x25_disconnect+0x253/0x370 [ 60.581700][ T7177] ? x25_disconnect+0x253/0x370 [ 60.586551][ T7177] kasan_report+0x33/0x50 [ 60.590883][ T7177] check_memory_region+0x141/0x190 [ 60.596181][ T7177] x25_disconnect+0x253/0x370 [ 60.600837][ T7177] x25_release+0x345/0x420 [ 60.605232][ T7177] __sock_release+0xcd/0x280 [ 60.609810][ T7177] sock_close+0x18/0x20 [ 60.613961][ T7177] __fput+0x33e/0x880 [ 60.617927][ T7177] task_work_run+0xf4/0x1b0 [ 60.622423][ T7177] exit_to_usermode_loop+0x2fa/0x360 [ 60.627700][ T7177] do_syscall_64+0x6b1/0x7d0 [ 60.632618][ T7177] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 60.638493][ T7177] RIP: 0033:0x4afb40 [ 60.642381][ T7177] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 60.662176][ T7177] RSP: 002b:000000c0000774f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 60.670581][ T7177] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 60.678543][ T7177] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.686520][ T7177] RBP: 000000c000077538 R08: 0000000000000000 R09: 0000000000000000 [ 60.694480][ T7177] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 60.702454][ T7177] R13: 0000000000000162 R14: 0000000000000161 R15: 0000000000000200 [ 60.711789][ T7177] Kernel Offset: disabled [ 60.716130][ T7177] Rebooting in 86400 seconds..