Starting Load/Save RF Kill Switch Status... Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.35' (ECDSA) to the list of known hosts. 2021/05/02 13:35:34 fuzzer started 2021/05/02 13:35:35 dialing manager at 10.128.0.169:44661 2021/05/02 13:35:35 syscalls: 3571 2021/05/02 13:35:35 code coverage: enabled 2021/05/02 13:35:35 comparison tracing: enabled 2021/05/02 13:35:35 extra coverage: enabled 2021/05/02 13:35:35 setuid sandbox: enabled 2021/05/02 13:35:35 namespace sandbox: enabled 2021/05/02 13:35:35 Android sandbox: /sys/fs/selinux/policy does not exist 2021/05/02 13:35:35 fault injection: enabled 2021/05/02 13:35:35 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/05/02 13:35:35 net packet injection: enabled 2021/05/02 13:35:35 net device setup: enabled 2021/05/02 13:35:35 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2021/05/02 13:35:35 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/05/02 13:35:35 USB emulation: enabled 2021/05/02 13:35:35 hci packet injection: enabled 2021/05/02 13:35:35 wifi device emulation: enabled 2021/05/02 13:35:35 802.15.4 emulation: enabled 2021/05/02 13:35:35 fetching corpus: 0, signal 0/2000 (executing program) 2021/05/02 13:35:35 fetching corpus: 50, signal 53583/57299 (executing program) 2021/05/02 13:35:35 fetching corpus: 100, signal 91118/96423 (executing program) 2021/05/02 13:35:35 fetching corpus: 150, signal 108909/115808 (executing program) 2021/05/02 13:35:36 fetching corpus: 200, signal 126752/135118 (executing program) 2021/05/02 13:35:36 fetching corpus: 250, signal 142719/152473 (executing program) 2021/05/02 13:35:36 fetching corpus: 300, signal 159698/170745 (executing program) 2021/05/02 13:35:36 fetching corpus: 350, signal 173114/185474 (executing program) 2021/05/02 13:35:36 fetching corpus: 400, signal 190805/204288 (executing program) 2021/05/02 13:35:36 fetching corpus: 450, signal 201118/215890 (executing program) 2021/05/02 13:35:37 fetching corpus: 500, signal 216282/232088 (executing program) 2021/05/02 13:35:37 fetching corpus: 550, signal 224671/241665 (executing program) 2021/05/02 13:35:37 fetching corpus: 600, signal 234319/252414 (executing program) 2021/05/02 13:35:37 Manager.Poll call failed: reading body read tcp 10.128.1.35:56612->10.128.0.169:44661: read: bad address syzkaller login: [ 79.353740][ T8441] general protection fault, probably for non-canonical address 0xdffffc0000175ec1: 0000 [#1] PREEMPT SMP KASAN [ 79.366336][ T8441] KASAN: probably user-memory-access in range [0x0000000000baf608-0x0000000000baf60f] [ 79.376471][ T8441] CPU: 1 PID: 8441 Comm: syz-fuzzer Not tainted 5.12.0-rc8-next-20210423-syzkaller #0 [ 79.386511][ T8441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.399337][ T8441] RIP: 0010:skb_release_data+0x3a0/0x750 [ 79.406176][ T8441] Code: 48 8b 04 24 48 c1 e8 03 42 80 3c 30 00 0f 85 d3 02 00 00 49 63 c4 48 c1 e0 04 4a 8b 6c 28 30 48 8d 7d 08 48 89 f8 48 c1 e8 03 <42> 80 3c 30 00 0f 85 a7 02 00 00 48 8b 45 08 31 ff 48 89 c3 48 89 [ 79.427577][ T8441] RSP: 0018:ffffc90001bef960 EFLAGS: 00010202 [ 79.433663][ T8441] RAX: 0000000000175ec1 RBX: 0000000000000011 RCX: 0000000000000000 [ 79.441630][ T8441] RDX: ffff88802cfb5580 RSI: ffffffff8703c746 RDI: 0000000000baf608 [ 79.449611][ T8441] RBP: 0000000000baf600 R08: 0000000000000011 R09: 0000000000baf600 [ 79.457668][ T8441] R10: ffffffff8703c733 R11: 0000000000000000 R12: 0000000000000010 [ 79.465656][ T8441] R13: ffff88802ebcfecc R14: dffffc0000000000 R15: ffff888012eceb40 [ 79.473643][ T8441] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 79.482596][ T8441] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.489221][ T8441] CR2: 0000563ee72723b8 CR3: 000000000bc8e000 CR4: 00000000001506e0 [ 79.497242][ T8441] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 79.505268][ T8441] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 79.513268][ T8441] Call Trace: [ 79.517722][ T8441] __kfree_skb+0x46/0x60 [ 79.522368][ T8441] __tcp_close+0x230/0x1170 [ 79.526944][ T8441] tcp_close+0x29/0xc0 [ 79.531079][ T8441] inet_release+0x12e/0x280 [ 79.535646][ T8441] __sock_release+0xcd/0x280 [ 79.540292][ T8441] sock_close+0x18/0x20 [ 79.544491][ T8441] __fput+0x288/0x920 [ 79.548525][ T8441] ? __sock_release+0x280/0x280 [ 79.553603][ T8441] task_work_run+0xdd/0x1a0 [ 79.558268][ T8441] do_exit+0xbfc/0x2a70 [ 79.562466][ T8441] ? find_held_lock+0x2d/0x110 [ 79.567293][ T8441] ? mm_update_next_owner+0x7a0/0x7a0 [ 79.572697][ T8441] ? get_signal+0x337/0x2150 [ 79.577403][ T8441] ? lock_downgrade+0x6e0/0x6e0 [ 79.582272][ T8441] do_group_exit+0x125/0x310 [ 79.586882][ T8441] get_signal+0x47f/0x2150 [ 79.591311][ T8441] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 79.597142][ T8441] arch_do_signal_or_restart+0x2a8/0x1eb0 [ 79.602886][ T8441] ? hrtimer_nanosleep+0x22b/0x4a0 [ 79.608035][ T8441] ? nanosleep_copyout+0x100/0x100 [ 79.613167][ T8441] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 79.619456][ T8441] ? copy_siginfo_to_user32+0xa0/0xa0 [ 79.624856][ T8441] ? put_timespec64+0x120/0x120 [ 79.629754][ T8441] ? lock_downgrade+0x6e0/0x6e0 [ 79.634630][ T8441] exit_to_user_mode_prepare+0x171/0x280 [ 79.640307][ T8441] syscall_exit_to_user_mode+0x19/0x60 [ 79.645790][ T8441] do_syscall_64+0x47/0xb0 [ 79.650236][ T8441] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 79.656159][ T8441] RIP: 0033:0x46dabd [ 79.660078][ T8441] Code: Unable to access opcode bytes at RIP 0x46da93. [ 79.666932][ T8441] RSP: 002b:000000c00003df18 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 79.675406][ T8441] RAX: 0000000000000000 RBX: 0000000000001400 RCX: 000000000046dabd [ 79.683674][ T8441] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000c00003df18 [ 79.691677][ T8441] RBP: 000000c00003df28 R08: 0000000000001a4c R09: 00007ffc6f91f080 [ 79.699690][ T8441] R10: 00007ffc6f91f090 R11: 0000000000000206 R12: 000000000043b6a0 [ 79.707677][ T8441] R13: 0000000000000000 R14: 0000000000947a14 R15: 0000000000000000 [ 79.715669][ T8441] Modules linked in: [ 79.721802][ T8441] ---[ end trace 7c9389ddd2922711 ]--- [ 79.727577][ T8441] RIP: 0010:skb_release_data+0x3a0/0x750 [ 79.733612][ T8441] Code: 48 8b 04 24 48 c1 e8 03 42 80 3c 30 00 0f 85 d3 02 00 00 49 63 c4 48 c1 e0 04 4a 8b 6c 28 30 48 8d 7d 08 48 89 f8 48 c1 e8 03 <42> 80 3c 30 00 0f 85 a7 02 00 00 48 8b 45 08 31 ff 48 89 c3 48 89 [ 79.753443][ T8441] RSP: 0018:ffffc90001bef960 EFLAGS: 00010202 [ 79.759533][ T8441] RAX: 0000000000175ec1 RBX: 0000000000000011 RCX: 0000000000000000 [ 79.767590][ T8441] RDX: ffff88802cfb5580 RSI: ffffffff8703c746 RDI: 0000000000baf608 [ 79.775901][ T8441] RBP: 0000000000baf600 R08: 0000000000000011 R09: 0000000000baf600 [ 79.786344][ T8441] R10: ffffffff8703c733 R11: 0000000000000000 R12: 0000000000000010 [ 79.794405][ T8441] R13: ffff88802ebcfecc R14: dffffc0000000000 R15: ffff888012eceb40 [ 79.802725][ T8441] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 79.811764][ T8441] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.818431][ T8441] CR2: 000000c001dc4000 CR3: 0000000025508000 CR4: 00000000001506f0 [ 79.826929][ T8441] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 79.835419][ T8441] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 79.843797][ T8441] Kernel panic - not syncing: Fatal exception [ 79.850639][ T8441] Kernel Offset: disabled [ 79.854980][ T8441] Rebooting in 86400 seconds..