[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.65' (ECDSA) to the list of known hosts. 2020/05/01 19:57:25 fuzzer started 2020/05/01 19:57:25 connecting to host at 10.128.0.26:38983 2020/05/01 19:57:25 checking machine... 2020/05/01 19:57:25 checking revisions... 2020/05/01 19:57:25 testing simple program... syzkaller login: [ 54.794436][ T7043] IPVS: ftp: loaded support on port[0] = 21 2020/05/01 19:57:26 building call list... [ 55.174986][ T33] tipc: TX() has been purged, node left! [ 56.410848][ T7041] can: request_module (can-proto-0) failed. executing program [ 58.419163][ T7041] can: request_module (can-proto-0) failed. [ 58.430727][ T7041] can: request_module (can-proto-0) failed. [ 58.904268][ T7041] ================================================================== [ 58.912561][ T7041] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 58.919841][ T7041] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7041 [ 58.927709][ T7041] [ 58.930127][ T7041] CPU: 1 PID: 7041 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 58.938353][ T7041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 58.948579][ T7041] Call Trace: [ 58.951868][ T7041] dump_stack+0x188/0x20d [ 58.956269][ T7041] ? x25_disconnect+0x253/0x370 [ 58.961880][ T7041] ? __sock_release+0x280/0x280 [ 58.966723][ T7041] __kasan_report.cold+0x5/0x4d [ 58.971723][ T7041] ? rcu_read_lock_held+0x1/0xb0 [ 58.977315][ T7041] ? x25_disconnect+0x253/0x370 [ 58.982158][ T7041] ? x25_disconnect+0x253/0x370 [ 58.986990][ T7041] kasan_report+0x33/0x50 [ 58.991305][ T7041] check_memory_region+0x141/0x190 [ 58.996405][ T7041] x25_disconnect+0x253/0x370 [ 59.001073][ T7041] x25_release+0x345/0x420 [ 59.005579][ T7041] __sock_release+0xcd/0x280 [ 59.010204][ T7041] sock_close+0x18/0x20 [ 59.014524][ T7041] __fput+0x33e/0x880 [ 59.018538][ T7041] task_work_run+0xf4/0x1b0 [ 59.023031][ T7041] exit_to_usermode_loop+0x2fa/0x360 [ 59.028839][ T7041] do_syscall_64+0x6b1/0x7d0 [ 59.033414][ T7041] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.039281][ T7041] RIP: 0033:0x4afb40 [ 59.043178][ T7041] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.062798][ T7041] RSP: 002b:000000c0001f54f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 59.071207][ T7041] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 59.079183][ T7041] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.087151][ T7041] RBP: 000000c0001f5538 R08: 0000000000000000 R09: 0000000000000000 [ 59.095199][ T7041] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 59.103151][ T7041] R13: 0000000000000161 R14: 0000000000000160 R15: 0000000000000200 [ 59.111136][ T7041] ================================================================== [ 59.119208][ T7041] Disabling lock debugging due to kernel taint [ 59.125489][ T7041] Kernel panic - not syncing: panic_on_warn set ... [ 59.132082][ T7041] CPU: 1 PID: 7041 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 59.141711][ T7041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.151756][ T7041] Call Trace: [ 59.155031][ T7041] dump_stack+0x188/0x20d [ 59.159353][ T7041] ? __sock_release+0x280/0x280 [ 59.164193][ T7041] panic+0x2e3/0x75c [ 59.168066][ T7041] ? add_taint.cold+0x16/0x16 [ 59.172732][ T7041] ? x25_disconnect+0x253/0x370 [ 59.177574][ T7041] ? trace_hardirqs_on+0x55/0x220 [ 59.182588][ T7041] ? x25_disconnect+0x253/0x370 [ 59.187429][ T7041] ? __sock_release+0x280/0x280 [ 59.192256][ T7041] end_report+0x4d/0x53 [ 59.196393][ T7041] __kasan_report.cold+0xd/0x4d [ 59.201313][ T7041] ? rcu_read_lock_held+0x1/0xb0 [ 59.206244][ T7041] ? x25_disconnect+0x253/0x370 [ 59.211099][ T7041] ? x25_disconnect+0x253/0x370 [ 59.216714][ T7041] kasan_report+0x33/0x50 [ 59.221544][ T7041] check_memory_region+0x141/0x190 [ 59.226631][ T7041] x25_disconnect+0x253/0x370 [ 59.231286][ T7041] x25_release+0x345/0x420 [ 59.235696][ T7041] __sock_release+0xcd/0x280 [ 59.240259][ T7041] sock_close+0x18/0x20 [ 59.244390][ T7041] __fput+0x33e/0x880 [ 59.248349][ T7041] task_work_run+0xf4/0x1b0 [ 59.252930][ T7041] exit_to_usermode_loop+0x2fa/0x360 [ 59.258203][ T7041] do_syscall_64+0x6b1/0x7d0 [ 59.262871][ T7041] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.268738][ T7041] RIP: 0033:0x4afb40 [ 59.272622][ T7041] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.292202][ T7041] RSP: 002b:000000c0001f54f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 59.300586][ T7041] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 59.308548][ T7041] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.316494][ T7041] RBP: 000000c0001f5538 R08: 0000000000000000 R09: 0000000000000000 [ 59.324456][ T7041] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 59.332404][ T7041] R13: 0000000000000161 R14: 0000000000000160 R15: 0000000000000200 [ 59.341742][ T7041] Kernel Offset: disabled [ 59.346077][ T7041] Rebooting in 86400 seconds..