[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.157' (ECDSA) to the list of known hosts. 2020/04/30 14:33:50 fuzzer started 2020/04/30 14:33:50 connecting to host at 10.128.0.26:41281 2020/04/30 14:33:50 checking machine... 2020/04/30 14:33:50 checking revisions... 2020/04/30 14:33:50 testing simple program... syzkaller login: [ 60.315069][ T7062] IPVS: ftp: loaded support on port[0] = 21 2020/04/30 14:33:51 building call list... [ 60.741190][ T57] tipc: TX() has been purged, node left! [ 61.920241][ T7046] can: request_module (can-proto-0) failed. executing program [ 63.885940][ T7046] can: request_module (can-proto-0) failed. [ 63.897988][ T7046] can: request_module (can-proto-0) failed. [ 64.360684][ T7046] ================================================================== [ 64.368894][ T7046] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 64.376075][ T7046] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7046 [ 64.383955][ T7046] [ 64.386271][ T7046] CPU: 0 PID: 7046 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 64.394500][ T7046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.404662][ T7046] Call Trace: [ 64.407943][ T7046] dump_stack+0x188/0x20d [ 64.412266][ T7046] ? x25_disconnect+0x253/0x370 [ 64.417094][ T7046] ? __sock_release+0x280/0x280 [ 64.421921][ T7046] __kasan_report.cold+0x5/0x4d [ 64.426751][ T7046] ? rcu_read_lock_held+0x1/0xb0 [ 64.431662][ T7046] ? x25_disconnect+0x253/0x370 [ 64.436501][ T7046] ? x25_disconnect+0x253/0x370 [ 64.441325][ T7046] kasan_report+0x33/0x50 [ 64.445654][ T7046] check_memory_region+0x141/0x190 [ 64.451012][ T7046] x25_disconnect+0x253/0x370 [ 64.455674][ T7046] x25_release+0x345/0x420 [ 64.460078][ T7046] __sock_release+0xcd/0x280 [ 64.464645][ T7046] sock_close+0x18/0x20 [ 64.468775][ T7046] __fput+0x33e/0x880 [ 64.472746][ T7046] task_work_run+0xf4/0x1b0 [ 64.477229][ T7046] exit_to_usermode_loop+0x2fa/0x360 [ 64.482496][ T7046] do_syscall_64+0x6b1/0x7d0 [ 64.487061][ T7046] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 64.492927][ T7046] RIP: 0033:0x4afb40 [ 64.496797][ T7046] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 64.516473][ T7046] RSP: 002b:000000c0002014f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 64.524870][ T7046] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 64.532826][ T7046] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 64.540772][ T7046] RBP: 000000c000201538 R08: 0000000000000000 R09: 0000000000000000 [ 64.548827][ T7046] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 64.556774][ T7046] R13: 0000000000000167 R14: 0000000000000166 R15: 0000000000000200 [ 64.564745][ T7046] ================================================================== [ 64.572789][ T7046] Disabling lock debugging due to kernel taint [ 64.578978][ T7046] Kernel panic - not syncing: panic_on_warn set ... [ 64.585927][ T7046] CPU: 0 PID: 7046 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 64.595547][ T7046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.605588][ T7046] Call Trace: [ 64.608877][ T7046] dump_stack+0x188/0x20d [ 64.613184][ T7046] ? __sock_release+0x280/0x280 [ 64.618016][ T7046] panic+0x2e3/0x75c [ 64.621901][ T7046] ? add_taint.cold+0x16/0x16 [ 64.626551][ T7046] ? x25_disconnect+0x253/0x370 [ 64.631386][ T7046] ? trace_hardirqs_on+0x55/0x220 [ 64.636406][ T7046] ? x25_disconnect+0x253/0x370 [ 64.641228][ T7046] ? __sock_release+0x280/0x280 [ 64.646049][ T7046] end_report+0x4d/0x53 [ 64.650178][ T7046] __kasan_report.cold+0xd/0x4d [ 64.655002][ T7046] ? rcu_read_lock_held+0x1/0xb0 [ 64.659910][ T7046] ? x25_disconnect+0x253/0x370 [ 64.664748][ T7046] ? x25_disconnect+0x253/0x370 [ 64.669566][ T7046] kasan_report+0x33/0x50 [ 64.673876][ T7046] check_memory_region+0x141/0x190 [ 64.678971][ T7046] x25_disconnect+0x253/0x370 [ 64.683621][ T7046] x25_release+0x345/0x420 [ 64.688009][ T7046] __sock_release+0xcd/0x280 [ 64.692571][ T7046] sock_close+0x18/0x20 [ 64.696699][ T7046] __fput+0x33e/0x880 [ 64.700665][ T7046] task_work_run+0xf4/0x1b0 [ 64.705144][ T7046] exit_to_usermode_loop+0x2fa/0x360 [ 64.710407][ T7046] do_syscall_64+0x6b1/0x7d0 [ 64.714977][ T7046] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 64.720841][ T7046] RIP: 0033:0x4afb40 [ 64.724723][ T7046] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 64.744305][ T7046] RSP: 002b:000000c0002014f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 64.752685][ T7046] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 64.760627][ T7046] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 64.768570][ T7046] RBP: 000000c000201538 R08: 0000000000000000 R09: 0000000000000000 [ 64.776528][ T7046] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 64.784481][ T7046] R13: 0000000000000167 R14: 0000000000000166 R15: 0000000000000200 [ 64.793676][ T7046] Kernel Offset: disabled [ 64.798032][ T7046] Rebooting in 86400 seconds..