[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.128' (ECDSA) to the list of known hosts. 2020/04/30 14:33:55 fuzzer started 2020/04/30 14:33:55 connecting to host at 10.128.0.26:42433 2020/04/30 14:33:55 checking machine... 2020/04/30 14:33:55 checking revisions... 2020/04/30 14:33:55 testing simple program... syzkaller login: [ 55.964433][ T7039] IPVS: ftp: loaded support on port[0] = 21 2020/04/30 14:33:55 building call list... [ 56.346883][ T208] tipc: TX() has been purged, node left! [ 57.703203][ T7037] can: request_module (can-proto-0) failed. executing program [ 59.572298][ T7037] can: request_module (can-proto-0) failed. [ 59.584259][ T7037] can: request_module (can-proto-0) failed. [ 60.057259][ T7037] ================================================================== [ 60.065807][ T7037] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 60.073081][ T7037] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7037 [ 60.080960][ T7037] [ 60.083294][ T7037] CPU: 0 PID: 7037 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 60.091522][ T7037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.101755][ T7037] Call Trace: [ 60.105036][ T7037] dump_stack+0x188/0x20d [ 60.109359][ T7037] ? x25_disconnect+0x253/0x370 [ 60.114191][ T7037] ? __sock_release+0x280/0x280 [ 60.119132][ T7037] __kasan_report.cold+0x5/0x4d [ 60.123970][ T7037] ? rcu_read_lock_held+0x1/0xb0 [ 60.128894][ T7037] ? x25_disconnect+0x253/0x370 [ 60.133737][ T7037] ? x25_disconnect+0x253/0x370 [ 60.138580][ T7037] kasan_report+0x33/0x50 [ 60.142889][ T7037] check_memory_region+0x141/0x190 [ 60.147990][ T7037] x25_disconnect+0x253/0x370 [ 60.152659][ T7037] x25_release+0x345/0x420 [ 60.157477][ T7037] __sock_release+0xcd/0x280 [ 60.162082][ T7037] sock_close+0x18/0x20 [ 60.166249][ T7037] __fput+0x33e/0x880 [ 60.170233][ T7037] task_work_run+0xf4/0x1b0 [ 60.176143][ T7037] exit_to_usermode_loop+0x2fa/0x360 [ 60.181411][ T7037] do_syscall_64+0x6b1/0x7d0 [ 60.186184][ T7037] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 60.192057][ T7037] RIP: 0033:0x4afb40 [ 60.196028][ T7037] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 60.215706][ T7037] RSP: 002b:000000c00018d4f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 60.224100][ T7037] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 60.232080][ T7037] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.240348][ T7037] RBP: 000000c00018d538 R08: 0000000000000000 R09: 0000000000000000 [ 60.248492][ T7037] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 60.257029][ T7037] R13: 0000000000000167 R14: 0000000000000166 R15: 0000000000000200 [ 60.265121][ T7037] ================================================================== [ 60.273594][ T7037] Disabling lock debugging due to kernel taint [ 60.279880][ T7037] Kernel panic - not syncing: panic_on_warn set ... [ 60.286470][ T7037] CPU: 0 PID: 7037 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 60.296276][ T7037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.306392][ T7037] Call Trace: [ 60.309661][ T7037] dump_stack+0x188/0x20d [ 60.313967][ T7037] ? __sock_release+0x280/0x280 [ 60.318885][ T7037] panic+0x2e3/0x75c [ 60.322762][ T7037] ? add_taint.cold+0x16/0x16 [ 60.327561][ T7037] ? x25_disconnect+0x253/0x370 [ 60.332403][ T7037] ? trace_hardirqs_on+0x55/0x220 [ 60.337412][ T7037] ? x25_disconnect+0x253/0x370 [ 60.342263][ T7037] ? __sock_release+0x280/0x280 [ 60.347095][ T7037] end_report+0x4d/0x53 [ 60.351407][ T7037] __kasan_report.cold+0xd/0x4d [ 60.356243][ T7037] ? rcu_read_lock_held+0x1/0xb0 [ 60.361160][ T7037] ? x25_disconnect+0x253/0x370 [ 60.366086][ T7037] ? x25_disconnect+0x253/0x370 [ 60.371206][ T7037] kasan_report+0x33/0x50 [ 60.375528][ T7037] check_memory_region+0x141/0x190 [ 60.380676][ T7037] x25_disconnect+0x253/0x370 [ 60.385435][ T7037] x25_release+0x345/0x420 [ 60.389952][ T7037] __sock_release+0xcd/0x280 [ 60.394535][ T7037] sock_close+0x18/0x20 [ 60.398670][ T7037] __fput+0x33e/0x880 [ 60.402734][ T7037] task_work_run+0xf4/0x1b0 [ 60.407224][ T7037] exit_to_usermode_loop+0x2fa/0x360 [ 60.412513][ T7037] do_syscall_64+0x6b1/0x7d0 [ 60.417100][ T7037] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 60.422973][ T7037] RIP: 0033:0x4afb40 [ 60.426868][ T7037] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 60.446640][ T7037] RSP: 002b:000000c00018d4f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 60.455138][ T7037] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 60.463291][ T7037] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.471251][ T7037] RBP: 000000c00018d538 R08: 0000000000000000 R09: 0000000000000000 [ 60.479218][ T7037] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 60.487172][ T7037] R13: 0000000000000167 R14: 0000000000000166 R15: 0000000000000200 [ 60.496662][ T7037] Kernel Offset: disabled [ 60.500990][ T7037] Rebooting in 86400 seconds..