Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.136' (ECDSA) to the list of known hosts. 2020/05/06 00:18:42 fuzzer started 2020/05/06 00:18:42 connecting to host at 10.128.0.26:40903 2020/05/06 00:18:42 checking machine... 2020/05/06 00:18:42 checking revisions... 2020/05/06 00:18:42 testing simple program... syzkaller login: [ 55.621585][ T7042] IPVS: ftp: loaded support on port[0] = 21 2020/05/06 00:18:43 building call list... [ 56.005189][ T7] tipc: TX() has been purged, node left! [ 57.222039][ T7040] can: request_module (can-proto-0) failed. executing program [ 59.120593][ T7040] can: request_module (can-proto-0) failed. [ 59.132011][ T7040] can: request_module (can-proto-0) failed. [ 59.583811][ T7040] ================================================================== [ 59.592129][ T7040] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 59.599325][ T7040] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7040 [ 59.607225][ T7040] [ 59.609548][ T7040] CPU: 0 PID: 7040 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 59.618299][ T7040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.628435][ T7040] Call Trace: [ 59.631741][ T7040] dump_stack+0x188/0x20d [ 59.636073][ T7040] ? x25_disconnect+0x253/0x370 [ 59.640902][ T7040] ? __sock_release+0x280/0x280 [ 59.645751][ T7040] __kasan_report.cold+0x5/0x4d [ 59.650587][ T7040] ? rcu_read_lock_held+0x1/0xb0 [ 59.655502][ T7040] ? x25_disconnect+0x253/0x370 [ 59.660329][ T7040] ? x25_disconnect+0x253/0x370 [ 59.665171][ T7040] kasan_report+0x33/0x50 [ 59.669480][ T7040] check_memory_region+0x141/0x190 [ 59.674595][ T7040] x25_disconnect+0x253/0x370 [ 59.679265][ T7040] x25_release+0x345/0x420 [ 59.683660][ T7040] __sock_release+0xcd/0x280 [ 59.688229][ T7040] sock_close+0x18/0x20 [ 59.692374][ T7040] __fput+0x33e/0x880 [ 59.696334][ T7040] task_work_run+0xf4/0x1b0 [ 59.700924][ T7040] exit_to_usermode_loop+0x2fa/0x360 [ 59.706189][ T7040] do_syscall_64+0x6b1/0x7d0 [ 59.711389][ T7040] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.717279][ T7040] RIP: 0033:0x4afb40 [ 59.721173][ T7040] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.742909][ T7040] RSP: 002b:000000c0001b9478 EFLAGS: 00000212 ORIG_RAX: 0000000000000003 [ 59.751326][ T7040] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 59.759280][ T7040] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.767243][ T7040] RBP: 000000c0001b94b8 R08: 0000000000000000 R09: 0000000000000000 [ 59.775373][ T7040] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 59.785069][ T7040] R13: 000000000000015f R14: 000000000000015e R15: 0000000000000200 [ 59.793282][ T7040] ================================================================== [ 59.801324][ T7040] Disabling lock debugging due to kernel taint [ 59.807621][ T7040] Kernel panic - not syncing: panic_on_warn set ... [ 59.814209][ T7040] CPU: 0 PID: 7040 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 59.823832][ T7040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.833877][ T7040] Call Trace: [ 59.837153][ T7040] dump_stack+0x188/0x20d [ 59.841456][ T7040] ? __sock_release+0x280/0x280 [ 59.846366][ T7040] panic+0x2e3/0x75c [ 59.850343][ T7040] ? add_taint.cold+0x16/0x16 [ 59.855006][ T7040] ? x25_disconnect+0x253/0x370 [ 59.859834][ T7040] ? trace_hardirqs_on+0x55/0x220 [ 59.864835][ T7040] ? x25_disconnect+0x253/0x370 [ 59.869673][ T7040] ? __sock_release+0x280/0x280 [ 59.874517][ T7040] end_report+0x4d/0x53 [ 59.878657][ T7040] __kasan_report.cold+0xd/0x4d [ 59.883481][ T7040] ? rcu_read_lock_held+0x1/0xb0 [ 59.888397][ T7040] ? x25_disconnect+0x253/0x370 [ 59.893238][ T7040] ? x25_disconnect+0x253/0x370 [ 59.898058][ T7040] kasan_report+0x33/0x50 [ 59.902374][ T7040] check_memory_region+0x141/0x190 [ 59.907480][ T7040] x25_disconnect+0x253/0x370 [ 59.912134][ T7040] x25_release+0x345/0x420 [ 59.916527][ T7040] __sock_release+0xcd/0x280 [ 59.921089][ T7040] sock_close+0x18/0x20 [ 59.925232][ T7040] __fput+0x33e/0x880 [ 59.929186][ T7040] task_work_run+0xf4/0x1b0 [ 59.933684][ T7040] exit_to_usermode_loop+0x2fa/0x360 [ 59.938940][ T7040] do_syscall_64+0x6b1/0x7d0 [ 59.943662][ T7040] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.949607][ T7040] RIP: 0033:0x4afb40 [ 59.953532][ T7040] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.973108][ T7040] RSP: 002b:000000c0001b9478 EFLAGS: 00000212 ORIG_RAX: 0000000000000003 [ 59.981498][ T7040] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 59.989450][ T7040] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.997396][ T7040] RBP: 000000c0001b94b8 R08: 0000000000000000 R09: 0000000000000000 [ 60.005352][ T7040] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 60.013305][ T7040] R13: 000000000000015f R14: 000000000000015e R15: 0000000000000200 [ 60.022819][ T7040] Kernel Offset: disabled [ 60.027135][ T7040] Rebooting in 86400 seconds..