[ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.59' (ECDSA) to the list of known hosts. 2020/05/01 19:57:20 fuzzer started 2020/05/01 19:57:20 connecting to host at 10.128.0.26:33555 2020/05/01 19:57:20 checking machine... 2020/05/01 19:57:20 checking revisions... 2020/05/01 19:57:20 testing simple program... syzkaller login: [ 56.921271][ T7047] IPVS: ftp: loaded support on port[0] = 21 2020/05/01 19:57:21 building call list... [ 57.308853][ T30] tipc: TX() has been purged, node left! [ 58.544918][ T7043] can: request_module (can-proto-0) failed. executing program [ 60.543068][ T7043] can: request_module (can-proto-0) failed. [ 60.554601][ T7043] can: request_module (can-proto-0) failed. [ 61.018112][ T7043] ================================================================== [ 61.026318][ T7043] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 61.033728][ T7043] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7043 [ 61.041691][ T7043] [ 61.044010][ T7043] CPU: 1 PID: 7043 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 61.052239][ T7043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.062386][ T7043] Call Trace: [ 61.065685][ T7043] dump_stack+0x188/0x20d [ 61.070445][ T7043] ? x25_disconnect+0x253/0x370 [ 61.075362][ T7043] ? __sock_release+0x280/0x280 [ 61.080601][ T7043] __kasan_report.cold+0x5/0x4d [ 61.085444][ T7043] ? rcu_read_lock_held+0x1/0xb0 [ 61.090388][ T7043] ? x25_disconnect+0x253/0x370 [ 61.095227][ T7043] ? x25_disconnect+0x253/0x370 [ 61.100064][ T7043] kasan_report+0x33/0x50 [ 61.104484][ T7043] check_memory_region+0x141/0x190 [ 61.109597][ T7043] x25_disconnect+0x253/0x370 [ 61.114267][ T7043] x25_release+0x345/0x420 [ 61.118693][ T7043] __sock_release+0xcd/0x280 [ 61.123264][ T7043] sock_close+0x18/0x20 [ 61.127412][ T7043] __fput+0x33e/0x880 [ 61.131410][ T7043] task_work_run+0xf4/0x1b0 [ 61.135906][ T7043] exit_to_usermode_loop+0x2fa/0x360 [ 61.141623][ T7043] do_syscall_64+0x6b1/0x7d0 [ 61.146235][ T7043] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 61.152114][ T7043] RIP: 0033:0x4afb40 [ 61.156024][ T7043] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 61.175727][ T7043] RSP: 002b:000000c0000794f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 61.184246][ T7043] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 61.192199][ T7043] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 61.200150][ T7043] RBP: 000000c000079538 R08: 0000000000000000 R09: 0000000000000000 [ 61.208118][ T7043] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 61.216068][ T7043] R13: 0000000000000162 R14: 0000000000000161 R15: 0000000000000200 [ 61.224045][ T7043] ================================================================== [ 61.232098][ T7043] Disabling lock debugging due to kernel taint [ 61.238312][ T7043] Kernel panic - not syncing: panic_on_warn set ... [ 61.244898][ T7043] CPU: 1 PID: 7043 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 61.254538][ T7043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.264569][ T7043] Call Trace: [ 61.267840][ T7043] dump_stack+0x188/0x20d [ 61.272152][ T7043] ? __sock_release+0x280/0x280 [ 61.276992][ T7043] panic+0x2e3/0x75c [ 61.281413][ T7043] ? add_taint.cold+0x16/0x16 [ 61.286099][ T7043] ? x25_disconnect+0x253/0x370 [ 61.290951][ T7043] ? trace_hardirqs_on+0x55/0x220 [ 61.296254][ T7043] ? x25_disconnect+0x253/0x370 [ 61.301206][ T7043] ? __sock_release+0x280/0x280 [ 61.306040][ T7043] end_report+0x4d/0x53 [ 61.310197][ T7043] __kasan_report.cold+0xd/0x4d [ 61.315051][ T7043] ? rcu_read_lock_held+0x1/0xb0 [ 61.319969][ T7043] ? x25_disconnect+0x253/0x370 [ 61.324826][ T7043] ? x25_disconnect+0x253/0x370 [ 61.329969][ T7043] kasan_report+0x33/0x50 [ 61.334317][ T7043] check_memory_region+0x141/0x190 [ 61.339432][ T7043] x25_disconnect+0x253/0x370 [ 61.344089][ T7043] x25_release+0x345/0x420 [ 61.348486][ T7043] __sock_release+0xcd/0x280 [ 61.353134][ T7043] sock_close+0x18/0x20 [ 61.364658][ T7043] __fput+0x33e/0x880 [ 61.368645][ T7043] task_work_run+0xf4/0x1b0 [ 61.373150][ T7043] exit_to_usermode_loop+0x2fa/0x360 [ 61.378419][ T7043] do_syscall_64+0x6b1/0x7d0 [ 61.382991][ T7043] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 61.388968][ T7043] RIP: 0033:0x4afb40 [ 61.392871][ T7043] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 61.412449][ T7043] RSP: 002b:000000c0000794f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 61.421540][ T7043] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 61.429494][ T7043] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 61.437440][ T7043] RBP: 000000c000079538 R08: 0000000000000000 R09: 0000000000000000 [ 61.445401][ T7043] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 61.453376][ T7043] R13: 0000000000000162 R14: 0000000000000161 R15: 0000000000000200 [ 61.462629][ T7043] Kernel Offset: disabled [ 61.467076][ T7043] Rebooting in 86400 seconds..