[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.206' (ECDSA) to the list of known hosts. 2020/04/27 22:08:30 fuzzer started 2020/04/27 22:08:33 connecting to host at 10.128.0.26:33191 2020/04/27 22:08:33 checking machine... 2020/04/27 22:08:33 checking revisions... 2020/04/27 22:08:33 testing simple program... syzkaller login: [ 61.056834][ T7199] IPVS: ftp: loaded support on port[0] = 21 2020/04/27 22:08:33 building call list... [ 61.465312][ T174] tipc: TX() has been purged, node left! [ 62.829108][ T7176] can: request_module (can-proto-0) failed. executing program [ 64.628187][ T7176] can: request_module (can-proto-0) failed. [ 64.639440][ T7176] can: request_module (can-proto-0) failed. [ 65.113767][ T7176] ================================================================== [ 65.122157][ T7176] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 65.129529][ T7176] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7176 [ 65.137402][ T7176] [ 65.140246][ T7176] CPU: 1 PID: 7176 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 65.148467][ T7176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.158528][ T7176] Call Trace: [ 65.161806][ T7176] dump_stack+0x188/0x20d [ 65.166119][ T7176] ? x25_disconnect+0x253/0x370 [ 65.170950][ T7176] ? __sock_release+0x280/0x280 [ 65.175807][ T7176] __kasan_report.cold+0x5/0x4d [ 65.180657][ T7176] ? rcu_read_lock_held+0x1/0xb0 [ 65.185581][ T7176] ? x25_disconnect+0x253/0x370 [ 65.190498][ T7176] ? x25_disconnect+0x253/0x370 [ 65.195328][ T7176] kasan_report+0x33/0x50 [ 65.199655][ T7176] check_memory_region+0x141/0x190 [ 65.204777][ T7176] x25_disconnect+0x253/0x370 [ 65.209524][ T7176] x25_release+0x345/0x420 [ 65.213921][ T7176] __sock_release+0xcd/0x280 [ 65.218491][ T7176] sock_close+0x18/0x20 [ 65.222622][ T7176] __fput+0x33e/0x880 [ 65.226587][ T7176] task_work_run+0xf4/0x1b0 [ 65.231083][ T7176] exit_to_usermode_loop+0x2fa/0x360 [ 65.236360][ T7176] do_syscall_64+0x6b1/0x7d0 [ 65.240963][ T7176] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 65.246940][ T7176] RIP: 0033:0x4afb40 [ 65.250916][ T7176] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 65.270766][ T7176] RSP: 002b:000000c0000754f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 65.279172][ T7176] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 65.287230][ T7176] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 65.295194][ T7176] RBP: 000000c000075538 R08: 0000000000000000 R09: 0000000000000000 [ 65.303144][ T7176] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 65.311101][ T7176] R13: 0000000000000164 R14: 0000000000000163 R15: 0000000000000200 [ 65.319147][ T7176] ================================================================== [ 65.327205][ T7176] Disabling lock debugging due to kernel taint [ 65.333438][ T7176] Kernel panic - not syncing: panic_on_warn set ... [ 65.340025][ T7176] CPU: 1 PID: 7176 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 65.349664][ T7176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.359868][ T7176] Call Trace: [ 65.363136][ T7176] dump_stack+0x188/0x20d [ 65.367532][ T7176] ? __sock_release+0x280/0x280 [ 65.372355][ T7176] panic+0x2e3/0x75c [ 65.376222][ T7176] ? add_taint.cold+0x16/0x16 [ 65.380905][ T7176] ? x25_disconnect+0x253/0x370 [ 65.385739][ T7176] ? trace_hardirqs_on+0x55/0x220 [ 65.390841][ T7176] ? x25_disconnect+0x253/0x370 [ 65.395667][ T7176] ? __sock_release+0x280/0x280 [ 65.400747][ T7176] end_report+0x4d/0x53 [ 65.405057][ T7176] __kasan_report.cold+0xd/0x4d [ 65.409899][ T7176] ? rcu_read_lock_held+0x1/0xb0 [ 65.414823][ T7176] ? x25_disconnect+0x253/0x370 [ 65.419917][ T7176] ? x25_disconnect+0x253/0x370 [ 65.424761][ T7176] kasan_report+0x33/0x50 [ 65.429082][ T7176] check_memory_region+0x141/0x190 [ 65.434174][ T7176] x25_disconnect+0x253/0x370 [ 65.438837][ T7176] x25_release+0x345/0x420 [ 65.443244][ T7176] __sock_release+0xcd/0x280 [ 65.447809][ T7176] sock_close+0x18/0x20 [ 65.451978][ T7176] __fput+0x33e/0x880 [ 65.456472][ T7176] task_work_run+0xf4/0x1b0 [ 65.460952][ T7176] exit_to_usermode_loop+0x2fa/0x360 [ 65.466228][ T7176] do_syscall_64+0x6b1/0x7d0 [ 65.470919][ T7176] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 65.476884][ T7176] RIP: 0033:0x4afb40 [ 65.480779][ T7176] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 65.500798][ T7176] RSP: 002b:000000c0000754f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 65.509181][ T7176] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 65.517124][ T7176] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 65.525080][ T7176] RBP: 000000c000075538 R08: 0000000000000000 R09: 0000000000000000 [ 65.533110][ T7176] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 65.541197][ T7176] R13: 0000000000000164 R14: 0000000000000163 R15: 0000000000000200 [ 65.550411][ T7176] Kernel Offset: disabled [ 65.554732][ T7176] Rebooting in 86400 seconds..