[ OK ] Started Getty on tty3. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Started Getty on tty2. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.10' (ECDSA) to the list of known hosts. 2020/04/30 01:48:50 fuzzer started 2020/04/30 01:48:52 connecting to host at 10.128.0.26:43445 2020/04/30 01:48:52 checking machine... 2020/04/30 01:48:52 checking revisions... 2020/04/30 01:48:52 testing simple program... syzkaller login: [ 59.626174][ T7107] IPVS: ftp: loaded support on port[0] = 21 2020/04/30 01:48:52 building call list... [ 60.018536][ T194] tipc: TX() has been purged, node left! [ 61.238225][ T7093] can: request_module (can-proto-0) failed. executing program [ 63.041816][ T7093] can: request_module (can-proto-0) failed. [ 63.053609][ T7093] can: request_module (can-proto-0) failed. [ 63.548955][ T7093] ================================================================== [ 63.557662][ T7093] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 63.564845][ T7093] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7093 [ 63.572720][ T7093] [ 63.575051][ T7093] CPU: 0 PID: 7093 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 63.583279][ T7093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.593322][ T7093] Call Trace: [ 63.597158][ T7093] dump_stack+0x188/0x20d [ 63.601481][ T7093] ? x25_disconnect+0x253/0x370 [ 63.606320][ T7093] ? __sock_release+0x280/0x280 [ 63.611153][ T7093] __kasan_report.cold+0x5/0x4d [ 63.616019][ T7093] ? rcu_read_lock_held+0x1/0xb0 [ 63.620955][ T7093] ? x25_disconnect+0x253/0x370 [ 63.625810][ T7093] ? x25_disconnect+0x253/0x370 [ 63.630639][ T7093] kasan_report+0x33/0x50 [ 63.634964][ T7093] check_memory_region+0x141/0x190 [ 63.640059][ T7093] x25_disconnect+0x253/0x370 [ 63.644730][ T7093] x25_release+0x345/0x420 [ 63.649130][ T7093] __sock_release+0xcd/0x280 [ 63.653798][ T7093] sock_close+0x18/0x20 [ 63.657935][ T7093] __fput+0x33e/0x880 [ 63.661900][ T7093] task_work_run+0xf4/0x1b0 [ 63.666386][ T7093] exit_to_usermode_loop+0x2fa/0x360 [ 63.671653][ T7093] do_syscall_64+0x6b1/0x7d0 [ 63.676449][ T7093] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 63.682320][ T7093] RIP: 0033:0x4afb40 [ 63.686204][ T7093] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 63.706146][ T7093] RSP: 002b:000000c0001f54f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 63.715167][ T7093] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 63.723117][ T7093] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 63.731063][ T7093] RBP: 000000c0001f5538 R08: 0000000000000000 R09: 0000000000000000 [ 63.739020][ T7093] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 63.746970][ T7093] R13: 0000000000000167 R14: 0000000000000166 R15: 0000000000000200 [ 63.754937][ T7093] ================================================================== [ 63.762971][ T7093] Disabling lock debugging due to kernel taint [ 63.769174][ T7093] Kernel panic - not syncing: panic_on_warn set ... [ 63.775756][ T7093] CPU: 0 PID: 7093 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 63.785392][ T7093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.796232][ T7093] Call Trace: [ 63.799506][ T7093] dump_stack+0x188/0x20d [ 63.803836][ T7093] ? __sock_release+0x280/0x280 [ 63.808683][ T7093] panic+0x2e3/0x75c [ 63.812566][ T7093] ? add_taint.cold+0x16/0x16 [ 63.817219][ T7093] ? x25_disconnect+0x253/0x370 [ 63.822058][ T7093] ? trace_hardirqs_on+0x55/0x220 [ 63.827058][ T7093] ? x25_disconnect+0x253/0x370 [ 63.831882][ T7093] ? __sock_release+0x280/0x280 [ 63.836725][ T7093] end_report+0x4d/0x53 [ 63.840868][ T7093] __kasan_report.cold+0xd/0x4d [ 63.845699][ T7093] ? rcu_read_lock_held+0x1/0xb0 [ 63.850608][ T7093] ? x25_disconnect+0x253/0x370 [ 63.855434][ T7093] ? x25_disconnect+0x253/0x370 [ 63.860262][ T7093] kasan_report+0x33/0x50 [ 63.864564][ T7093] check_memory_region+0x141/0x190 [ 63.869649][ T7093] x25_disconnect+0x253/0x370 [ 63.874309][ T7093] x25_release+0x345/0x420 [ 63.878700][ T7093] __sock_release+0xcd/0x280 [ 63.883260][ T7093] sock_close+0x18/0x20 [ 63.887405][ T7093] __fput+0x33e/0x880 [ 63.891372][ T7093] task_work_run+0xf4/0x1b0 [ 63.895849][ T7093] exit_to_usermode_loop+0x2fa/0x360 [ 63.901128][ T7093] do_syscall_64+0x6b1/0x7d0 [ 63.905699][ T7093] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 63.911565][ T7093] RIP: 0033:0x4afb40 [ 63.915441][ T7093] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 63.935295][ T7093] RSP: 002b:000000c0001f54f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 63.943686][ T7093] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 63.951627][ T7093] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 63.959578][ T7093] RBP: 000000c0001f5538 R08: 0000000000000000 R09: 0000000000000000 [ 63.967534][ T7093] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 63.975486][ T7093] R13: 0000000000000167 R14: 0000000000000166 R15: 0000000000000200 [ 63.984697][ T7093] Kernel Offset: disabled [ 63.989012][ T7093] Rebooting in 86400 seconds..