[ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.164' (ECDSA) to the list of known hosts. 2020/04/29 13:23:24 fuzzer started 2020/04/29 13:23:26 connecting to host at 10.128.0.26:36029 2020/04/29 13:23:26 checking machine... 2020/04/29 13:23:26 checking revisions... 2020/04/29 13:23:26 testing simple program... syzkaller login: [ 59.316463][ T7056] IPVS: ftp: loaded support on port[0] = 21 2020/04/29 13:23:26 building call list... [ 59.699121][ T130] tipc: TX() has been purged, node left! [ 60.835061][ T7039] can: request_module (can-proto-0) failed. executing program [ 62.804835][ T7039] can: request_module (can-proto-0) failed. [ 62.817273][ T7039] can: request_module (can-proto-0) failed. [ 63.269041][ T7039] ================================================================== [ 63.277463][ T7039] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 63.284870][ T7039] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7039 [ 63.292895][ T7039] [ 63.295231][ T7039] CPU: 0 PID: 7039 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 63.303563][ T7039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.313628][ T7039] Call Trace: [ 63.316908][ T7039] dump_stack+0x188/0x20d [ 63.321222][ T7039] ? x25_disconnect+0x253/0x370 [ 63.326054][ T7039] ? __sock_release+0x280/0x280 [ 63.330883][ T7039] __kasan_report.cold+0x5/0x4d [ 63.335719][ T7039] ? rcu_read_lock_held+0x1/0xb0 [ 63.340676][ T7039] ? x25_disconnect+0x253/0x370 [ 63.345515][ T7039] ? x25_disconnect+0x253/0x370 [ 63.350368][ T7039] kasan_report+0x33/0x50 [ 63.354699][ T7039] check_memory_region+0x141/0x190 [ 63.360024][ T7039] x25_disconnect+0x253/0x370 [ 63.364719][ T7039] x25_release+0x345/0x420 [ 63.369142][ T7039] __sock_release+0xcd/0x280 [ 63.373754][ T7039] sock_close+0x18/0x20 [ 63.377896][ T7039] __fput+0x33e/0x880 [ 63.381909][ T7039] task_work_run+0xf4/0x1b0 [ 63.386409][ T7039] exit_to_usermode_loop+0x2fa/0x360 [ 63.391863][ T7039] do_syscall_64+0x6b1/0x7d0 [ 63.396549][ T7039] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 63.402470][ T7039] RIP: 0033:0x4afb40 [ 63.406397][ T7039] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 63.426021][ T7039] RSP: 002b:000000c0001cd4f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 63.434414][ T7039] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 63.442381][ T7039] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 63.450347][ T7039] RBP: 000000c0001cd538 R08: 0000000000000000 R09: 0000000000000000 [ 63.458299][ T7039] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 63.466246][ T7039] R13: 0000000000000162 R14: 0000000000000161 R15: 0000000000000200 [ 63.474207][ T7039] ================================================================== [ 63.482267][ T7039] Disabling lock debugging due to kernel taint [ 63.488465][ T7039] Kernel panic - not syncing: panic_on_warn set ... [ 63.495101][ T7039] CPU: 0 PID: 7039 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 63.507418][ T7039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.517469][ T7039] Call Trace: [ 63.520745][ T7039] dump_stack+0x188/0x20d [ 63.525051][ T7039] ? __sock_release+0x280/0x280 [ 63.529875][ T7039] panic+0x2e3/0x75c [ 63.533763][ T7039] ? add_taint.cold+0x16/0x16 [ 63.538526][ T7039] ? x25_disconnect+0x253/0x370 [ 63.543374][ T7039] ? trace_hardirqs_on+0x55/0x220 [ 63.548389][ T7039] ? x25_disconnect+0x253/0x370 [ 63.553216][ T7039] ? __sock_release+0x280/0x280 [ 63.558196][ T7039] end_report+0x4d/0x53 [ 63.562331][ T7039] __kasan_report.cold+0xd/0x4d [ 63.567185][ T7039] ? rcu_read_lock_held+0x1/0xb0 [ 63.572100][ T7039] ? x25_disconnect+0x253/0x370 [ 63.576942][ T7039] ? x25_disconnect+0x253/0x370 [ 63.581787][ T7039] kasan_report+0x33/0x50 [ 63.586109][ T7039] check_memory_region+0x141/0x190 [ 63.591196][ T7039] x25_disconnect+0x253/0x370 [ 63.595999][ T7039] x25_release+0x345/0x420 [ 63.600403][ T7039] __sock_release+0xcd/0x280 [ 63.605003][ T7039] sock_close+0x18/0x20 [ 63.609155][ T7039] __fput+0x33e/0x880 [ 63.613212][ T7039] task_work_run+0xf4/0x1b0 [ 63.618022][ T7039] exit_to_usermode_loop+0x2fa/0x360 [ 63.623349][ T7039] do_syscall_64+0x6b1/0x7d0 [ 63.628147][ T7039] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 63.634210][ T7039] RIP: 0033:0x4afb40 [ 63.638216][ T7039] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 63.657928][ T7039] RSP: 002b:000000c0001cd4f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 63.666329][ T7039] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 63.674301][ T7039] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 63.682265][ T7039] RBP: 000000c0001cd538 R08: 0000000000000000 R09: 0000000000000000 [ 63.690326][ T7039] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 63.698545][ T7039] R13: 0000000000000162 R14: 0000000000000161 R15: 0000000000000200 [ 63.708073][ T7039] Kernel Offset: disabled [ 63.712436][ T7039] Rebooting in 86400 seconds..