[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.150' (ECDSA) to the list of known hosts. 2020/05/05 12:11:54 fuzzer started 2020/05/05 12:11:54 connecting to host at 10.128.0.26:45075 2020/05/05 12:11:54 checking machine... 2020/05/05 12:11:54 checking revisions... 2020/05/05 12:11:54 testing simple program... syzkaller login: [ 55.324886][ T7020] IPVS: ftp: loaded support on port[0] = 21 2020/05/05 12:11:55 building call list... [ 55.705284][ T209] tipc: TX() has been purged, node left! [ 56.943427][ T7015] can: request_module (can-proto-0) failed. executing program [ 58.871546][ T7015] can: request_module (can-proto-0) failed. [ 58.883601][ T7015] can: request_module (can-proto-0) failed. [ 59.366014][ T7015] ================================================================== [ 59.375266][ T7015] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 59.382456][ T7015] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7015 [ 59.390668][ T7015] [ 59.393945][ T7015] CPU: 1 PID: 7015 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 59.402997][ T7015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.414713][ T7015] Call Trace: [ 59.418800][ T7015] dump_stack+0x188/0x20d [ 59.423540][ T7015] ? x25_disconnect+0x253/0x370 [ 59.428950][ T7015] ? __sock_release+0x280/0x280 [ 59.434031][ T7015] __kasan_report.cold+0x5/0x4d [ 59.438894][ T7015] ? rcu_read_lock_held+0x1/0xb0 [ 59.443996][ T7015] ? x25_disconnect+0x253/0x370 [ 59.449218][ T7015] ? x25_disconnect+0x253/0x370 [ 59.454316][ T7015] kasan_report+0x33/0x50 [ 59.458845][ T7015] check_memory_region+0x141/0x190 [ 59.464168][ T7015] x25_disconnect+0x253/0x370 [ 59.469574][ T7015] x25_release+0x345/0x420 [ 59.474187][ T7015] __sock_release+0xcd/0x280 [ 59.478784][ T7015] sock_close+0x18/0x20 [ 59.483147][ T7015] __fput+0x33e/0x880 [ 59.487251][ T7015] task_work_run+0xf4/0x1b0 [ 59.491787][ T7015] exit_to_usermode_loop+0x2fa/0x360 [ 59.497532][ T7015] do_syscall_64+0x6b1/0x7d0 [ 59.502468][ T7015] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.508539][ T7015] RIP: 0033:0x4afb40 [ 59.512842][ T7015] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.534088][ T7015] RSP: 002b:000000c0001d5478 EFLAGS: 00000212 ORIG_RAX: 0000000000000003 [ 59.542765][ T7015] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 59.550918][ T7015] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.559014][ T7015] RBP: 000000c0001d54b8 R08: 0000000000000000 R09: 0000000000000000 [ 59.567245][ T7015] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 59.575216][ T7015] R13: 0000000000000160 R14: 000000000000015f R15: 0000000000000200 [ 59.583730][ T7015] ================================================================== [ 59.591839][ T7015] Disabling lock debugging due to kernel taint [ 59.598079][ T7015] Kernel panic - not syncing: panic_on_warn set ... [ 59.604689][ T7015] CPU: 1 PID: 7015 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 59.614466][ T7015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.624507][ T7015] Call Trace: [ 59.627806][ T7015] dump_stack+0x188/0x20d [ 59.632401][ T7015] ? __sock_release+0x280/0x280 [ 59.637244][ T7015] panic+0x2e3/0x75c [ 59.641128][ T7015] ? add_taint.cold+0x16/0x16 [ 59.645919][ T7015] ? x25_disconnect+0x253/0x370 [ 59.650772][ T7015] ? trace_hardirqs_on+0x55/0x220 [ 59.655857][ T7015] ? x25_disconnect+0x253/0x370 [ 59.660761][ T7015] ? __sock_release+0x280/0x280 [ 59.665656][ T7015] end_report+0x4d/0x53 [ 59.669806][ T7015] __kasan_report.cold+0xd/0x4d [ 59.675093][ T7015] ? rcu_read_lock_held+0x1/0xb0 [ 59.680234][ T7015] ? x25_disconnect+0x253/0x370 [ 59.685149][ T7015] ? x25_disconnect+0x253/0x370 [ 59.690028][ T7015] kasan_report+0x33/0x50 [ 59.694376][ T7015] check_memory_region+0x141/0x190 [ 59.699510][ T7015] x25_disconnect+0x253/0x370 [ 59.704266][ T7015] x25_release+0x345/0x420 [ 59.708842][ T7015] __sock_release+0xcd/0x280 [ 59.713992][ T7015] sock_close+0x18/0x20 [ 59.718145][ T7015] __fput+0x33e/0x880 [ 59.722132][ T7015] task_work_run+0xf4/0x1b0 [ 59.726937][ T7015] exit_to_usermode_loop+0x2fa/0x360 [ 59.732519][ T7015] do_syscall_64+0x6b1/0x7d0 [ 59.737403][ T7015] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.743410][ T7015] RIP: 0033:0x4afb40 [ 59.747353][ T7015] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.767172][ T7015] RSP: 002b:000000c0001d5478 EFLAGS: 00000212 ORIG_RAX: 0000000000000003 [ 59.775913][ T7015] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 59.783876][ T7015] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.791987][ T7015] RBP: 000000c0001d54b8 R08: 0000000000000000 R09: 0000000000000000 [ 59.800030][ T7015] R10: 0000000000000000 R11: 0000000000000212 R12: ffffffffffffffff [ 59.808016][ T7015] R13: 0000000000000160 R14: 000000000000015f R15: 0000000000000200 [ 59.817888][ T7015] Kernel Offset: disabled [ 59.822833][ T7015] Rebooting in 86400 seconds..