[ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.15' (ECDSA) to the list of known hosts. 2020/05/04 19:08:18 fuzzer started 2020/05/04 19:08:18 connecting to host at 10.128.0.26:36889 2020/05/04 19:08:18 checking machine... 2020/05/04 19:08:18 checking revisions... 2020/05/04 19:08:18 testing simple program... syzkaller login: [ 56.212581][ T7025] IPVS: ftp: loaded support on port[0] = 21 2020/05/04 19:08:19 building call list... [ 56.610305][ T43] tipc: TX() has been purged, node left! [ 57.855427][ T7011] can: request_module (can-proto-0) failed. executing program [ 59.714817][ T7011] can: request_module (can-proto-0) failed. [ 59.726012][ T7011] can: request_module (can-proto-0) failed. [ 60.169445][ T7011] ================================================================== [ 60.177747][ T7011] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 60.185028][ T7011] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7011 [ 60.192891][ T7011] [ 60.195228][ T7011] CPU: 0 PID: 7011 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 60.203454][ T7011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.213484][ T7011] Call Trace: [ 60.216755][ T7011] dump_stack+0x188/0x20d [ 60.221082][ T7011] ? x25_disconnect+0x253/0x370 [ 60.225908][ T7011] ? __sock_release+0x280/0x280 [ 60.230752][ T7011] __kasan_report.cold+0x5/0x4d [ 60.235626][ T7011] ? rcu_read_lock_held+0x1/0xb0 [ 60.240608][ T7011] ? x25_disconnect+0x253/0x370 [ 60.245472][ T7011] ? x25_disconnect+0x253/0x370 [ 60.250314][ T7011] kasan_report+0x33/0x50 [ 60.254635][ T7011] check_memory_region+0x141/0x190 [ 60.259727][ T7011] x25_disconnect+0x253/0x370 [ 60.264384][ T7011] x25_release+0x345/0x420 [ 60.268797][ T7011] __sock_release+0xcd/0x280 [ 60.273382][ T7011] sock_close+0x18/0x20 [ 60.277517][ T7011] __fput+0x33e/0x880 [ 60.281496][ T7011] task_work_run+0xf4/0x1b0 [ 60.286006][ T7011] exit_to_usermode_loop+0x2fa/0x360 [ 60.291271][ T7011] do_syscall_64+0x6b1/0x7d0 [ 60.295855][ T7011] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 60.301724][ T7011] RIP: 0033:0x4afb40 [ 60.306132][ T7011] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 60.326119][ T7011] RSP: 002b:000000c00021b410 EFLAGS: 00000202 ORIG_RAX: 0000000000000003 [ 60.334920][ T7011] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 60.343149][ T7011] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.351113][ T7011] RBP: 000000c00021b450 R08: 0000000000000000 R09: 0000000000000000 [ 60.359063][ T7011] R10: 0000000000000000 R11: 0000000000000202 R12: ffffffffffffffff [ 60.367023][ T7011] R13: 0000000000000168 R14: 0000000000000167 R15: 0000000000000200 [ 60.374984][ T7011] ================================================================== [ 60.383105][ T7011] Disabling lock debugging due to kernel taint [ 60.389318][ T7011] Kernel panic - not syncing: panic_on_warn set ... [ 60.395908][ T7011] CPU: 0 PID: 7011 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 60.405522][ T7011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.415708][ T7011] Call Trace: [ 60.418991][ T7011] dump_stack+0x188/0x20d [ 60.423311][ T7011] ? __sock_release+0x280/0x280 [ 60.428151][ T7011] panic+0x2e3/0x75c [ 60.432035][ T7011] ? add_taint.cold+0x16/0x16 [ 60.436714][ T7011] ? x25_disconnect+0x253/0x370 [ 60.441541][ T7011] ? trace_hardirqs_on+0x55/0x220 [ 60.446539][ T7011] ? x25_disconnect+0x253/0x370 [ 60.451365][ T7011] ? __sock_release+0x280/0x280 [ 60.456189][ T7011] end_report+0x4d/0x53 [ 60.460337][ T7011] __kasan_report.cold+0xd/0x4d [ 60.465164][ T7011] ? rcu_read_lock_held+0x1/0xb0 [ 60.470077][ T7011] ? x25_disconnect+0x253/0x370 [ 60.474901][ T7011] ? x25_disconnect+0x253/0x370 [ 60.479723][ T7011] kasan_report+0x33/0x50 [ 60.484047][ T7011] check_memory_region+0x141/0x190 [ 60.489132][ T7011] x25_disconnect+0x253/0x370 [ 60.493783][ T7011] x25_release+0x345/0x420 [ 60.498259][ T7011] __sock_release+0xcd/0x280 [ 60.502844][ T7011] sock_close+0x18/0x20 [ 60.506983][ T7011] __fput+0x33e/0x880 [ 60.510943][ T7011] task_work_run+0xf4/0x1b0 [ 60.515425][ T7011] exit_to_usermode_loop+0x2fa/0x360 [ 60.520848][ T7011] do_syscall_64+0x6b1/0x7d0 [ 60.525431][ T7011] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 60.531649][ T7011] RIP: 0033:0x4afb40 [ 60.535528][ T7011] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 60.555167][ T7011] RSP: 002b:000000c00021b410 EFLAGS: 00000202 ORIG_RAX: 0000000000000003 [ 60.563552][ T7011] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 60.571511][ T7011] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.579544][ T7011] RBP: 000000c00021b450 R08: 0000000000000000 R09: 0000000000000000 [ 60.587587][ T7011] R10: 0000000000000000 R11: 0000000000000202 R12: ffffffffffffffff [ 60.595533][ T7011] R13: 0000000000000168 R14: 0000000000000167 R15: 0000000000000200 [ 60.604848][ T7011] Kernel Offset: disabled [ 60.609321][ T7011] Rebooting in 86400 seconds..