[ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started OpenBSD Secure Shell server. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.199' (ECDSA) to the list of known hosts. 2020/05/01 19:27:12 fuzzer started 2020/05/01 19:27:13 connecting to host at 10.128.0.26:37547 2020/05/01 19:27:13 checking machine... 2020/05/01 19:27:13 checking revisions... 2020/05/01 19:27:13 testing simple program... syzkaller login: [ 56.237991][ T7056] IPVS: ftp: loaded support on port[0] = 21 2020/05/01 19:27:13 building call list... [ 56.635193][ T311] tipc: TX() has been purged, node left! [ 57.777564][ T7042] can: request_module (can-proto-0) failed. executing program [ 59.939554][ T7042] can: request_module (can-proto-0) failed. [ 59.951071][ T7042] can: request_module (can-proto-0) failed. [ 60.374985][ T7042] ================================================================== [ 60.383303][ T7042] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 60.390498][ T7042] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7042 [ 60.398527][ T7042] [ 60.400842][ T7042] CPU: 0 PID: 7042 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 60.409064][ T7042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.419111][ T7042] Call Trace: [ 60.422387][ T7042] dump_stack+0x188/0x20d [ 60.426713][ T7042] ? x25_disconnect+0x253/0x370 [ 60.432715][ T7042] ? __sock_release+0x280/0x280 [ 60.437586][ T7042] __kasan_report.cold+0x5/0x4d [ 60.442438][ T7042] ? rcu_read_lock_held+0x1/0xb0 [ 60.447367][ T7042] ? x25_disconnect+0x253/0x370 [ 60.452210][ T7042] ? x25_disconnect+0x253/0x370 [ 60.457055][ T7042] kasan_report+0x33/0x50 [ 60.461364][ T7042] check_memory_region+0x141/0x190 [ 60.466473][ T7042] x25_disconnect+0x253/0x370 [ 60.471142][ T7042] x25_release+0x345/0x420 [ 60.476606][ T7042] __sock_release+0xcd/0x280 [ 60.481189][ T7042] sock_close+0x18/0x20 [ 60.485321][ T7042] __fput+0x33e/0x880 [ 60.489283][ T7042] task_work_run+0xf4/0x1b0 [ 60.493783][ T7042] exit_to_usermode_loop+0x2fa/0x360 [ 60.499049][ T7042] do_syscall_64+0x6b1/0x7d0 [ 60.503633][ T7042] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 60.509516][ T7042] RIP: 0033:0x4afb40 [ 60.513395][ T7042] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 60.533061][ T7042] RSP: 002b:000000c0001f94f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 60.541449][ T7042] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 60.549396][ T7042] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.557689][ T7042] RBP: 000000c0001f9538 R08: 0000000000000000 R09: 0000000000000000 [ 60.565651][ T7042] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 60.573615][ T7042] R13: 0000000000000162 R14: 0000000000000161 R15: 0000000000000200 [ 60.581589][ T7042] ================================================================== [ 60.589637][ T7042] Disabling lock debugging due to kernel taint [ 60.595819][ T7042] Kernel panic - not syncing: panic_on_warn set ... [ 60.602402][ T7042] CPU: 0 PID: 7042 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 60.612104][ T7042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.622147][ T7042] Call Trace: [ 60.625433][ T7042] dump_stack+0x188/0x20d [ 60.629753][ T7042] ? __sock_release+0x280/0x280 [ 60.634595][ T7042] panic+0x2e3/0x75c [ 60.638465][ T7042] ? add_taint.cold+0x16/0x16 [ 60.643136][ T7042] ? x25_disconnect+0x253/0x370 [ 60.647976][ T7042] ? trace_hardirqs_on+0x55/0x220 [ 60.653160][ T7042] ? x25_disconnect+0x253/0x370 [ 60.657984][ T7042] ? __sock_release+0x280/0x280 [ 60.662804][ T7042] end_report+0x4d/0x53 [ 60.666937][ T7042] __kasan_report.cold+0xd/0x4d [ 60.671774][ T7042] ? rcu_read_lock_held+0x1/0xb0 [ 60.676701][ T7042] ? x25_disconnect+0x253/0x370 [ 60.681612][ T7042] ? x25_disconnect+0x253/0x370 [ 60.686449][ T7042] kasan_report+0x33/0x50 [ 60.690764][ T7042] check_memory_region+0x141/0x190 [ 60.695886][ T7042] x25_disconnect+0x253/0x370 [ 60.700538][ T7042] x25_release+0x345/0x420 [ 60.704928][ T7042] __sock_release+0xcd/0x280 [ 60.709491][ T7042] sock_close+0x18/0x20 [ 60.713620][ T7042] __fput+0x33e/0x880 [ 60.717575][ T7042] task_work_run+0xf4/0x1b0 [ 60.722052][ T7042] exit_to_usermode_loop+0x2fa/0x360 [ 60.727308][ T7042] do_syscall_64+0x6b1/0x7d0 [ 60.731893][ T7042] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 60.737758][ T7042] RIP: 0033:0x4afb40 [ 60.741642][ T7042] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 60.761229][ T7042] RSP: 002b:000000c0001f94f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 60.769623][ T7042] RAX: 0000000000000000 RBX: 000000c00002e500 RCX: 00000000004afb40 [ 60.777591][ T7042] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 60.785540][ T7042] RBP: 000000c0001f9538 R08: 0000000000000000 R09: 0000000000000000 [ 60.793505][ T7042] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 60.801478][ T7042] R13: 0000000000000162 R14: 0000000000000161 R15: 0000000000000200 [ 60.810851][ T7042] Kernel Offset: disabled [ 60.815174][ T7042] Rebooting in 86400 seconds..