[ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.46' (ECDSA) to the list of known hosts. 2020/04/27 22:08:35 fuzzer started 2020/04/27 22:08:36 connecting to host at 10.128.0.26:46495 2020/04/27 22:08:36 checking machine... 2020/04/27 22:08:36 checking revisions... 2020/04/27 22:08:36 testing simple program... syzkaller login: [ 55.496402][ T7163] IPVS: ftp: loaded support on port[0] = 21 2020/04/27 22:08:36 building call list... [ 55.866183][ T103] tipc: TX() has been purged, node left! [ 57.052321][ T7147] can: request_module (can-proto-0) failed. executing program [ 59.020084][ T7147] can: request_module (can-proto-0) failed. [ 59.032066][ T7147] can: request_module (can-proto-0) failed. [ 59.455398][ T7147] ================================================================== [ 59.463588][ T7147] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 59.470773][ T7147] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7147 [ 59.478632][ T7147] [ 59.480939][ T7147] CPU: 0 PID: 7147 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 59.489145][ T7147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.499171][ T7147] Call Trace: [ 59.502437][ T7147] dump_stack+0x188/0x20d [ 59.506752][ T7147] ? x25_disconnect+0x253/0x370 [ 59.511583][ T7147] ? __sock_release+0x280/0x280 [ 59.516413][ T7147] __kasan_report.cold+0x5/0x4d [ 59.521250][ T7147] ? rcu_read_lock_held+0x1/0xb0 [ 59.526160][ T7147] ? x25_disconnect+0x253/0x370 [ 59.531004][ T7147] ? x25_disconnect+0x253/0x370 [ 59.535836][ T7147] kasan_report+0x33/0x50 [ 59.540141][ T7147] check_memory_region+0x141/0x190 [ 59.545226][ T7147] x25_disconnect+0x253/0x370 [ 59.549892][ T7147] x25_release+0x345/0x420 [ 59.554291][ T7147] __sock_release+0xcd/0x280 [ 59.558984][ T7147] sock_close+0x18/0x20 [ 59.563167][ T7147] __fput+0x33e/0x880 [ 59.567244][ T7147] task_work_run+0xf4/0x1b0 [ 59.571758][ T7147] exit_to_usermode_loop+0x2fa/0x360 [ 59.577031][ T7147] do_syscall_64+0x6b1/0x7d0 [ 59.581617][ T7147] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.587489][ T7147] RIP: 0033:0x4afb40 [ 59.591359][ T7147] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.610935][ T7147] RSP: 002b:000000c0001e94f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 59.619331][ T7147] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 59.627278][ T7147] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.635223][ T7147] RBP: 000000c0001e9538 R08: 0000000000000000 R09: 0000000000000000 [ 59.643169][ T7147] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 59.651128][ T7147] R13: 0000000000000164 R14: 0000000000000163 R15: 0000000000000200 [ 59.659084][ T7147] ================================================================== [ 59.667115][ T7147] Disabling lock debugging due to kernel taint [ 59.673383][ T7147] Kernel panic - not syncing: panic_on_warn set ... [ 59.679988][ T7147] CPU: 0 PID: 7147 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 59.689602][ T7147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.699634][ T7147] Call Trace: [ 59.702919][ T7147] dump_stack+0x188/0x20d [ 59.707222][ T7147] ? __sock_release+0x280/0x280 [ 59.712042][ T7147] panic+0x2e3/0x75c [ 59.715908][ T7147] ? add_taint.cold+0x16/0x16 [ 59.720573][ T7147] ? x25_disconnect+0x253/0x370 [ 59.725406][ T7147] ? trace_hardirqs_on+0x55/0x220 [ 59.730412][ T7147] ? x25_disconnect+0x253/0x370 [ 59.735232][ T7147] ? __sock_release+0x280/0x280 [ 59.740051][ T7147] end_report+0x4d/0x53 [ 59.744206][ T7147] __kasan_report.cold+0xd/0x4d [ 59.749040][ T7147] ? rcu_read_lock_held+0x1/0xb0 [ 59.753945][ T7147] ? x25_disconnect+0x253/0x370 [ 59.758767][ T7147] ? x25_disconnect+0x253/0x370 [ 59.763604][ T7147] kasan_report+0x33/0x50 [ 59.767919][ T7147] check_memory_region+0x141/0x190 [ 59.773000][ T7147] x25_disconnect+0x253/0x370 [ 59.777649][ T7147] x25_release+0x345/0x420 [ 59.782036][ T7147] __sock_release+0xcd/0x280 [ 59.786595][ T7147] sock_close+0x18/0x20 [ 59.790728][ T7147] __fput+0x33e/0x880 [ 59.794683][ T7147] task_work_run+0xf4/0x1b0 [ 59.799160][ T7147] exit_to_usermode_loop+0x2fa/0x360 [ 59.804416][ T7147] do_syscall_64+0x6b1/0x7d0 [ 59.808980][ T7147] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.814929][ T7147] RIP: 0033:0x4afb40 [ 59.818795][ T7147] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.838375][ T7147] RSP: 002b:000000c0001e94f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 59.846760][ T7147] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 59.854704][ T7147] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.862647][ T7147] RBP: 000000c0001e9538 R08: 0000000000000000 R09: 0000000000000000 [ 59.870764][ T7147] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 59.878721][ T7147] R13: 0000000000000164 R14: 0000000000000163 R15: 0000000000000200 [ 59.887849][ T7147] Kernel Offset: disabled [ 59.892248][ T7147] Rebooting in 86400 seconds..