[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.11' (ECDSA) to the list of known hosts. 2020/05/10 02:01:44 fuzzer started 2020/05/10 02:01:44 connecting to host at 10.128.0.26:37343 2020/05/10 02:01:44 checking machine... 2020/05/10 02:01:44 checking revisions... 2020/05/10 02:01:44 testing simple program... syzkaller login: [ 54.364068][ T7075] IPVS: ftp: loaded support on port[0] = 21 2020/05/10 02:01:44 building call list... [ 54.712838][ T127] tipc: TX() has been purged, node left! [ 55.929487][ T7055] can: request_module (can-proto-0) failed. executing program [ 57.899026][ T7055] can: request_module (can-proto-0) failed. [ 57.910251][ T7055] can: request_module (can-proto-0) failed. [ 58.381367][ T7055] ================================================================== [ 58.389601][ T7055] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 58.396812][ T7055] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7055 [ 58.404672][ T7055] [ 58.406982][ T7055] CPU: 0 PID: 7055 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 58.415188][ T7055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 58.425328][ T7055] Call Trace: [ 58.428599][ T7055] dump_stack+0x188/0x20d [ 58.432925][ T7055] ? x25_disconnect+0x253/0x370 [ 58.437763][ T7055] ? __sock_release+0x280/0x280 [ 58.442607][ T7055] __kasan_report.cold+0x5/0x4d [ 58.447442][ T7055] ? rcu_read_lock_held+0x1/0xb0 [ 58.452353][ T7055] ? x25_disconnect+0x253/0x370 [ 58.457178][ T7055] ? x25_disconnect+0x253/0x370 [ 58.462001][ T7055] kasan_report+0x33/0x50 [ 58.466312][ T7055] check_memory_region+0x141/0x190 [ 58.471397][ T7055] x25_disconnect+0x253/0x370 [ 58.476060][ T7055] x25_release+0x345/0x420 [ 58.480454][ T7055] __sock_release+0xcd/0x280 [ 58.485020][ T7055] sock_close+0x18/0x20 [ 58.489149][ T7055] __fput+0x33e/0x880 [ 58.493111][ T7055] task_work_run+0xf4/0x1b0 [ 58.497595][ T7055] exit_to_usermode_loop+0x2fa/0x360 [ 58.502855][ T7055] do_syscall_64+0x6b1/0x7d0 [ 58.507422][ T7055] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 58.513826][ T7055] RIP: 0033:0x4afb40 [ 58.517705][ T7055] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 58.537300][ T7055] RSP: 002b:000000c000075478 EFLAGS: 00000212 ORIG_RAX: 0000000000000003 [ 58.545687][ T7055] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 58.553647][ T7055] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 58.561604][ T7055] RBP: 000000c0000754b8 R08: 0000000000000000 R09: 0000000000000000 [ 58.570689][ T7055] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 58.578638][ T7055] R13: 000000000000015f R14: 000000000000015e R15: 0000000000000200 [ 58.586593][ T7055] ================================================================== [ 58.594623][ T7055] Disabling lock debugging due to kernel taint [ 58.600814][ T7055] Kernel panic - not syncing: panic_on_warn set ... [ 58.607396][ T7055] CPU: 0 PID: 7055 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 58.618049][ T7055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 58.628511][ T7055] Call Trace: [ 58.631777][ T7055] dump_stack+0x188/0x20d [ 58.636095][ T7055] ? __sock_release+0x280/0x280 [ 58.640927][ T7055] panic+0x2e3/0x75c [ 58.644798][ T7055] ? add_taint.cold+0x16/0x16 [ 58.649459][ T7055] ? x25_disconnect+0x253/0x370 [ 58.654285][ T7055] ? trace_hardirqs_on+0x55/0x220 [ 58.659287][ T7055] ? x25_disconnect+0x253/0x370 [ 58.664165][ T7055] ? __sock_release+0x280/0x280 [ 58.669006][ T7055] end_report+0x4d/0x53 [ 58.673142][ T7055] __kasan_report.cold+0xd/0x4d [ 58.677975][ T7055] ? rcu_read_lock_held+0x1/0xb0 [ 58.682884][ T7055] ? x25_disconnect+0x253/0x370 [ 58.687706][ T7055] ? x25_disconnect+0x253/0x370 [ 58.692625][ T7055] kasan_report+0x33/0x50 [ 58.696929][ T7055] check_memory_region+0x141/0x190 [ 58.702113][ T7055] x25_disconnect+0x253/0x370 [ 58.706780][ T7055] x25_release+0x345/0x420 [ 58.711166][ T7055] __sock_release+0xcd/0x280 [ 58.715739][ T7055] sock_close+0x18/0x20 [ 58.719868][ T7055] __fput+0x33e/0x880 [ 58.723833][ T7055] task_work_run+0xf4/0x1b0 [ 58.728313][ T7055] exit_to_usermode_loop+0x2fa/0x360 [ 58.733577][ T7055] do_syscall_64+0x6b1/0x7d0 [ 58.738142][ T7055] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 58.744005][ T7055] RIP: 0033:0x4afb40 [ 58.747871][ T7055] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 58.767553][ T7055] RSP: 002b:000000c000075478 EFLAGS: 00000212 ORIG_RAX: 0000000000000003 [ 58.775943][ T7055] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 58.783886][ T7055] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 58.791828][ T7055] RBP: 000000c0000754b8 R08: 0000000000000000 R09: 0000000000000000 [ 58.799772][ T7055] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 58.807717][ T7055] R13: 000000000000015f R14: 000000000000015e R15: 0000000000000200 [ 58.817139][ T7055] Kernel Offset: disabled [ 58.821466][ T7055] Rebooting in 86400 seconds..