Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.196' (ECDSA) to the list of known hosts. 2020/05/02 23:13:48 fuzzer started 2020/05/02 23:13:48 connecting to host at 10.128.0.26:37379 2020/05/02 23:13:48 checking machine... 2020/05/02 23:13:48 checking revisions... 2020/05/02 23:13:48 testing simple program... syzkaller login: [ 55.078555][ T7044] IPVS: ftp: loaded support on port[0] = 21 2020/05/02 23:13:49 building call list... [ 55.449680][ T562] tipc: TX() has been purged, node left! [ 56.623974][ T7030] can: request_module (can-proto-0) failed. executing program [ 58.745181][ T7030] can: request_module (can-proto-0) failed. [ 58.756618][ T7030] can: request_module (can-proto-0) failed. [ 59.209915][ T7030] ================================================================== [ 59.218245][ T7030] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 59.225434][ T7030] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7030 [ 59.233296][ T7030] [ 59.235629][ T7030] CPU: 0 PID: 7030 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 59.243838][ T7030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.253883][ T7030] Call Trace: [ 59.257198][ T7030] dump_stack+0x188/0x20d [ 59.261633][ T7030] ? x25_disconnect+0x253/0x370 [ 59.266486][ T7030] ? __sock_release+0x280/0x280 [ 59.271332][ T7030] __kasan_report.cold+0x5/0x4d [ 59.276172][ T7030] ? rcu_read_lock_held+0x1/0xb0 [ 59.281087][ T7030] ? x25_disconnect+0x253/0x370 [ 59.285929][ T7030] ? x25_disconnect+0x253/0x370 [ 59.290754][ T7030] kasan_report+0x33/0x50 [ 59.295077][ T7030] check_memory_region+0x141/0x190 [ 59.300166][ T7030] x25_disconnect+0x253/0x370 [ 59.304910][ T7030] x25_release+0x345/0x420 [ 59.309309][ T7030] __sock_release+0xcd/0x280 [ 59.313890][ T7030] sock_close+0x18/0x20 [ 59.318038][ T7030] __fput+0x33e/0x880 [ 59.322001][ T7030] task_work_run+0xf4/0x1b0 [ 59.326485][ T7030] exit_to_usermode_loop+0x2fa/0x360 [ 59.331751][ T7030] do_syscall_64+0x6b1/0x7d0 [ 59.336324][ T7030] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.342208][ T7030] RIP: 0033:0x4afb40 [ 59.346096][ T7030] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.365686][ T7030] RSP: 002b:000000c0000794f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 59.374092][ T7030] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 59.382054][ T7030] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.390002][ T7030] RBP: 000000c000079538 R08: 0000000000000000 R09: 0000000000000000 [ 59.398037][ T7030] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 59.405999][ T7030] R13: 0000000000000162 R14: 0000000000000161 R15: 0000000000000200 [ 59.413959][ T7030] ================================================================== [ 59.422136][ T7030] Disabling lock debugging due to kernel taint [ 59.428343][ T7030] Kernel panic - not syncing: panic_on_warn set ... [ 59.434931][ T7030] CPU: 0 PID: 7030 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 59.444545][ T7030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.454575][ T7030] Call Trace: [ 59.457859][ T7030] dump_stack+0x188/0x20d [ 59.462185][ T7030] ? __sock_release+0x280/0x280 [ 59.467221][ T7030] panic+0x2e3/0x75c [ 59.471090][ T7030] ? add_taint.cold+0x16/0x16 [ 59.475760][ T7030] ? x25_disconnect+0x253/0x370 [ 59.480616][ T7030] ? trace_hardirqs_on+0x55/0x220 [ 59.485629][ T7030] ? x25_disconnect+0x253/0x370 [ 59.490467][ T7030] ? __sock_release+0x280/0x280 [ 59.495314][ T7030] end_report+0x4d/0x53 [ 59.499556][ T7030] __kasan_report.cold+0xd/0x4d [ 59.504382][ T7030] ? rcu_read_lock_held+0x1/0xb0 [ 59.509302][ T7030] ? x25_disconnect+0x253/0x370 [ 59.514141][ T7030] ? x25_disconnect+0x253/0x370 [ 59.518981][ T7030] kasan_report+0x33/0x50 [ 59.523303][ T7030] check_memory_region+0x141/0x190 [ 59.528638][ T7030] x25_disconnect+0x253/0x370 [ 59.533315][ T7030] x25_release+0x345/0x420 [ 59.537728][ T7030] __sock_release+0xcd/0x280 [ 59.542297][ T7030] sock_close+0x18/0x20 [ 59.546428][ T7030] __fput+0x33e/0x880 [ 59.550399][ T7030] task_work_run+0xf4/0x1b0 [ 59.554920][ T7030] exit_to_usermode_loop+0x2fa/0x360 [ 59.560212][ T7030] do_syscall_64+0x6b1/0x7d0 [ 59.565321][ T7030] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.571190][ T7030] RIP: 0033:0x4afb40 [ 59.575059][ T7030] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.594811][ T7030] RSP: 002b:000000c0000794f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 59.603445][ T7030] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 59.611533][ T7030] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.619508][ T7030] RBP: 000000c000079538 R08: 0000000000000000 R09: 0000000000000000 [ 59.627478][ T7030] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 59.635442][ T7030] R13: 0000000000000162 R14: 0000000000000161 R15: 0000000000000200 [ 59.644860][ T7030] Kernel Offset: disabled [ 59.649189][ T7030] Rebooting in 86400 seconds..