[ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.173' (ECDSA) to the list of known hosts. 2020/04/28 11:00:48 fuzzer started 2020/04/28 11:00:50 connecting to host at 10.128.0.26:34009 2020/04/28 11:00:50 checking machine... 2020/04/28 11:00:50 checking revisions... 2020/04/28 11:00:50 testing simple program... syzkaller login: [ 57.459580][ T7045] ld (7045) used greatest stack depth: 23088 bytes left [ 57.711404][ T7052] IPVS: ftp: loaded support on port[0] = 21 2020/04/28 11:00:51 building call list... [ 58.137671][ T7] tipc: TX() has been purged, node left! [ 59.443662][ T7035] can: request_module (can-proto-0) failed. executing program [ 61.281520][ T7035] can: request_module (can-proto-0) failed. [ 61.293397][ T7035] can: request_module (can-proto-0) failed. [ 61.737224][ T7035] ================================================================== [ 61.745839][ T7035] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 61.753041][ T7035] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7035 [ 61.760921][ T7035] [ 61.763268][ T7035] CPU: 1 PID: 7035 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 61.771509][ T7035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.782002][ T7035] Call Trace: [ 61.785282][ T7035] dump_stack+0x188/0x20d [ 61.789705][ T7035] ? x25_disconnect+0x253/0x370 [ 61.794540][ T7035] ? __sock_release+0x280/0x280 [ 61.799374][ T7035] __kasan_report.cold+0x5/0x4d [ 61.804311][ T7035] ? rcu_read_lock_held+0x1/0xb0 [ 61.809277][ T7035] ? x25_disconnect+0x253/0x370 [ 61.814155][ T7035] ? x25_disconnect+0x253/0x370 [ 61.819007][ T7035] kasan_report+0x33/0x50 [ 61.823317][ T7035] check_memory_region+0x141/0x190 [ 61.828410][ T7035] x25_disconnect+0x253/0x370 [ 61.833085][ T7035] x25_release+0x345/0x420 [ 61.837483][ T7035] __sock_release+0xcd/0x280 [ 61.842050][ T7035] sock_close+0x18/0x20 [ 61.846365][ T7035] __fput+0x33e/0x880 [ 61.850603][ T7035] task_work_run+0xf4/0x1b0 [ 61.855092][ T7035] exit_to_usermode_loop+0x2fa/0x360 [ 61.860358][ T7035] do_syscall_64+0x6b1/0x7d0 [ 61.864947][ T7035] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 61.870850][ T7035] RIP: 0033:0x4afb40 [ 61.874754][ T7035] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 61.894430][ T7035] RSP: 002b:000000c0001a94f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 61.902822][ T7035] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 61.910771][ T7035] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 61.918732][ T7035] RBP: 000000c0001a9538 R08: 0000000000000000 R09: 0000000000000000 [ 61.926787][ T7035] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 61.934849][ T7035] R13: 0000000000000163 R14: 0000000000000162 R15: 0000000000000200 [ 61.942833][ T7035] ================================================================== [ 61.950875][ T7035] Disabling lock debugging due to kernel taint [ 61.957072][ T7035] Kernel panic - not syncing: panic_on_warn set ... [ 61.963684][ T7035] CPU: 1 PID: 7035 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 61.973298][ T7035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.984068][ T7035] Call Trace: [ 61.987434][ T7035] dump_stack+0x188/0x20d [ 61.991751][ T7035] ? __sock_release+0x280/0x280 [ 61.996777][ T7035] panic+0x2e3/0x75c [ 62.000650][ T7035] ? add_taint.cold+0x16/0x16 [ 62.005305][ T7035] ? x25_disconnect+0x253/0x370 [ 62.010137][ T7035] ? trace_hardirqs_on+0x55/0x220 [ 62.015150][ T7035] ? x25_disconnect+0x253/0x370 [ 62.019990][ T7035] ? __sock_release+0x280/0x280 [ 62.024846][ T7035] end_report+0x4d/0x53 [ 62.029003][ T7035] __kasan_report.cold+0xd/0x4d [ 62.033831][ T7035] ? rcu_read_lock_held+0x1/0xb0 [ 62.038748][ T7035] ? x25_disconnect+0x253/0x370 [ 62.043579][ T7035] ? x25_disconnect+0x253/0x370 [ 62.048414][ T7035] kasan_report+0x33/0x50 [ 62.053044][ T7035] check_memory_region+0x141/0x190 [ 62.058238][ T7035] x25_disconnect+0x253/0x370 [ 62.062891][ T7035] x25_release+0x345/0x420 [ 62.067296][ T7035] __sock_release+0xcd/0x280 [ 62.071866][ T7035] sock_close+0x18/0x20 [ 62.076022][ T7035] __fput+0x33e/0x880 [ 62.080005][ T7035] task_work_run+0xf4/0x1b0 [ 62.084586][ T7035] exit_to_usermode_loop+0x2fa/0x360 [ 62.089855][ T7035] do_syscall_64+0x6b1/0x7d0 [ 62.094424][ T7035] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 62.100307][ T7035] RIP: 0033:0x4afb40 [ 62.104191][ T7035] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 62.123773][ T7035] RSP: 002b:000000c0001a94f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 62.132160][ T7035] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 62.140104][ T7035] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 62.148064][ T7035] RBP: 000000c0001a9538 R08: 0000000000000000 R09: 0000000000000000 [ 62.156036][ T7035] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 62.163994][ T7035] R13: 0000000000000163 R14: 0000000000000162 R15: 0000000000000200 [ 62.173583][ T7035] Kernel Offset: disabled [ 62.177918][ T7035] Rebooting in 86400 seconds..