[ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Started OpenBSD Secure Shell server. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.205' (ECDSA) to the list of known hosts. 2020/04/28 10:54:39 fuzzer started 2020/04/28 10:54:40 connecting to host at 10.128.0.26:33175 2020/04/28 10:54:40 checking machine... 2020/04/28 10:54:40 checking revisions... 2020/04/28 10:54:40 testing simple program... syzkaller login: [ 57.347926][ T7020] IPVS: ftp: loaded support on port[0] = 21 2020/04/28 10:54:41 building call list... [ 57.759006][ T21] tipc: TX() has been purged, node left! [ 59.159747][ T7004] can: request_module (can-proto-0) failed. executing program [ 61.002802][ T7004] can: request_module (can-proto-0) failed. [ 61.013931][ T7004] can: request_module (can-proto-0) failed. [ 61.458426][ T7004] ================================================================== [ 61.466823][ T7004] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 61.473994][ T7004] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7004 [ 61.481853][ T7004] [ 61.484164][ T7004] CPU: 0 PID: 7004 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 61.492371][ T7004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.502409][ T7004] Call Trace: [ 61.505680][ T7004] dump_stack+0x188/0x20d [ 61.509988][ T7004] ? x25_disconnect+0x253/0x370 [ 61.514825][ T7004] ? __sock_release+0x280/0x280 [ 61.519667][ T7004] __kasan_report.cold+0x5/0x4d [ 61.524494][ T7004] ? rcu_read_lock_held+0x1/0xb0 [ 61.529415][ T7004] ? x25_disconnect+0x253/0x370 [ 61.534241][ T7004] ? x25_disconnect+0x253/0x370 [ 61.539071][ T7004] kasan_report+0x33/0x50 [ 61.543384][ T7004] check_memory_region+0x141/0x190 [ 61.548469][ T7004] x25_disconnect+0x253/0x370 [ 61.553134][ T7004] x25_release+0x345/0x420 [ 61.557527][ T7004] __sock_release+0xcd/0x280 [ 61.562105][ T7004] sock_close+0x18/0x20 [ 61.566246][ T7004] __fput+0x33e/0x880 [ 61.570206][ T7004] task_work_run+0xf4/0x1b0 [ 61.574695][ T7004] exit_to_usermode_loop+0x2fa/0x360 [ 61.579955][ T7004] do_syscall_64+0x6b1/0x7d0 [ 61.584522][ T7004] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 61.590407][ T7004] RIP: 0033:0x4afb40 [ 61.594289][ T7004] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 61.615010][ T7004] RSP: 002b:000000c0000794f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 61.623394][ T7004] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 61.631349][ T7004] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 61.639304][ T7004] RBP: 000000c000079538 R08: 0000000000000000 R09: 0000000000000000 [ 61.647258][ T7004] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 61.655201][ T7004] R13: 0000000000000163 R14: 0000000000000162 R15: 0000000000000200 [ 61.663172][ T7004] ================================================================== [ 61.671209][ T7004] Disabling lock debugging due to kernel taint [ 61.677394][ T7004] Kernel panic - not syncing: panic_on_warn set ... [ 61.683975][ T7004] CPU: 0 PID: 7004 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 61.693583][ T7004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.703623][ T7004] Call Trace: [ 61.706898][ T7004] dump_stack+0x188/0x20d [ 61.711216][ T7004] ? __sock_release+0x280/0x280 [ 61.716046][ T7004] panic+0x2e3/0x75c [ 61.719915][ T7004] ? add_taint.cold+0x16/0x16 [ 61.724563][ T7004] ? x25_disconnect+0x253/0x370 [ 61.729386][ T7004] ? trace_hardirqs_on+0x55/0x220 [ 61.734390][ T7004] ? x25_disconnect+0x253/0x370 [ 61.739211][ T7004] ? __sock_release+0x280/0x280 [ 61.744033][ T7004] end_report+0x4d/0x53 [ 61.748158][ T7004] __kasan_report.cold+0xd/0x4d [ 61.752979][ T7004] ? rcu_read_lock_held+0x1/0xb0 [ 61.757897][ T7004] ? x25_disconnect+0x253/0x370 [ 61.762730][ T7004] ? x25_disconnect+0x253/0x370 [ 61.767559][ T7004] kasan_report+0x33/0x50 [ 61.771877][ T7004] check_memory_region+0x141/0x190 [ 61.776971][ T7004] x25_disconnect+0x253/0x370 [ 61.781628][ T7004] x25_release+0x345/0x420 [ 61.786021][ T7004] __sock_release+0xcd/0x280 [ 61.790589][ T7004] sock_close+0x18/0x20 [ 61.794715][ T7004] __fput+0x33e/0x880 [ 61.798669][ T7004] task_work_run+0xf4/0x1b0 [ 61.803143][ T7004] exit_to_usermode_loop+0x2fa/0x360 [ 61.808398][ T7004] do_syscall_64+0x6b1/0x7d0 [ 61.812960][ T7004] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 61.818820][ T7004] RIP: 0033:0x4afb40 [ 61.822686][ T7004] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 61.842355][ T7004] RSP: 002b:000000c0000794f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 61.850822][ T7004] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 61.859988][ T7004] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 61.867940][ T7004] RBP: 000000c000079538 R08: 0000000000000000 R09: 0000000000000000 [ 61.875892][ T7004] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 61.883853][ T7004] R13: 0000000000000163 R14: 0000000000000162 R15: 0000000000000200 [ 61.893087][ T7004] Kernel Offset: disabled [ 61.897400][ T7004] Rebooting in 86400 seconds..