[ OK ] Started Getty on tty6. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.216' (ECDSA) to the list of known hosts. 2020/05/01 19:27:12 fuzzer started 2020/05/01 19:27:13 connecting to host at 10.128.0.26:45915 2020/05/01 19:27:13 checking machine... 2020/05/01 19:27:13 checking revisions... 2020/05/01 19:27:13 testing simple program... syzkaller login: [ 55.707260][ T7023] IPVS: ftp: loaded support on port[0] = 21 2020/05/01 19:27:13 building call list... [ 56.089655][ T21] tipc: TX() has been purged, node left! [ 57.358718][ T7007] can: request_module (can-proto-0) failed. executing program [ 59.373593][ T7007] can: request_module (can-proto-0) failed. [ 59.385281][ T7007] can: request_module (can-proto-0) failed. [ 59.859744][ T7007] ================================================================== [ 59.868166][ T7007] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 59.875359][ T7007] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7007 [ 59.887388][ T7007] [ 59.889699][ T7007] CPU: 0 PID: 7007 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 59.897913][ T7007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.907986][ T7007] Call Trace: [ 59.911264][ T7007] dump_stack+0x188/0x20d [ 59.915574][ T7007] ? x25_disconnect+0x253/0x370 [ 59.920402][ T7007] ? __sock_release+0x280/0x280 [ 59.925244][ T7007] __kasan_report.cold+0x5/0x4d [ 59.930695][ T7007] ? rcu_read_lock_held+0x1/0xb0 [ 59.935608][ T7007] ? x25_disconnect+0x253/0x370 [ 59.940445][ T7007] ? x25_disconnect+0x253/0x370 [ 59.945271][ T7007] kasan_report+0x33/0x50 [ 59.949577][ T7007] check_memory_region+0x141/0x190 [ 59.954674][ T7007] x25_disconnect+0x253/0x370 [ 59.959351][ T7007] x25_release+0x345/0x420 [ 59.963761][ T7007] __sock_release+0xcd/0x280 [ 59.968507][ T7007] sock_close+0x18/0x20 [ 59.972651][ T7007] __fput+0x33e/0x880 [ 59.976624][ T7007] task_work_run+0xf4/0x1b0 [ 59.981148][ T7007] exit_to_usermode_loop+0x2fa/0x360 [ 59.986437][ T7007] do_syscall_64+0x6b1/0x7d0 [ 59.991016][ T7007] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.996901][ T7007] RIP: 0033:0x4afb40 [ 60.000800][ T7007] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 60.020399][ T7007] RSP: 002b:000000c00007b4f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 60.029276][ T7007] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 60.038288][ T7007] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.047092][ T7007] RBP: 000000c00007b538 R08: 0000000000000000 R09: 0000000000000000 [ 60.055153][ T7007] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 60.063149][ T7007] R13: 0000000000000162 R14: 0000000000000161 R15: 0000000000000200 [ 60.071113][ T7007] ================================================================== [ 60.079147][ T7007] Disabling lock debugging due to kernel taint [ 60.085532][ T7007] Kernel panic - not syncing: panic_on_warn set ... [ 60.092128][ T7007] CPU: 0 PID: 7007 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 60.101884][ T7007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.111922][ T7007] Call Trace: [ 60.115197][ T7007] dump_stack+0x188/0x20d [ 60.119517][ T7007] ? __sock_release+0x280/0x280 [ 60.124365][ T7007] panic+0x2e3/0x75c [ 60.128244][ T7007] ? add_taint.cold+0x16/0x16 [ 60.132913][ T7007] ? x25_disconnect+0x253/0x370 [ 60.137746][ T7007] ? trace_hardirqs_on+0x55/0x220 [ 60.142744][ T7007] ? x25_disconnect+0x253/0x370 [ 60.147590][ T7007] ? __sock_release+0x280/0x280 [ 60.152415][ T7007] end_report+0x4d/0x53 [ 60.156555][ T7007] __kasan_report.cold+0xd/0x4d [ 60.161383][ T7007] ? rcu_read_lock_held+0x1/0xb0 [ 60.166292][ T7007] ? x25_disconnect+0x253/0x370 [ 60.171190][ T7007] ? x25_disconnect+0x253/0x370 [ 60.176052][ T7007] kasan_report+0x33/0x50 [ 60.180389][ T7007] check_memory_region+0x141/0x190 [ 60.188799][ T7007] x25_disconnect+0x253/0x370 [ 60.193463][ T7007] x25_release+0x345/0x420 [ 60.197858][ T7007] __sock_release+0xcd/0x280 [ 60.202517][ T7007] sock_close+0x18/0x20 [ 60.206683][ T7007] __fput+0x33e/0x880 [ 60.210650][ T7007] task_work_run+0xf4/0x1b0 [ 60.215150][ T7007] exit_to_usermode_loop+0x2fa/0x360 [ 60.220447][ T7007] do_syscall_64+0x6b1/0x7d0 [ 60.225031][ T7007] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 60.230906][ T7007] RIP: 0033:0x4afb40 [ 60.234798][ T7007] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 60.255213][ T7007] RSP: 002b:000000c00007b4f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 60.263630][ T7007] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 60.271591][ T7007] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.279537][ T7007] RBP: 000000c00007b538 R08: 0000000000000000 R09: 0000000000000000 [ 60.287497][ T7007] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 60.295442][ T7007] R13: 0000000000000162 R14: 0000000000000161 R15: 0000000000000200 [ 60.304717][ T7007] Kernel Offset: disabled [ 60.309055][ T7007] Rebooting in 86400 seconds..