[ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.80' (ECDSA) to the list of known hosts. 2020/05/01 05:44:39 fuzzer started 2020/05/01 05:44:39 connecting to host at 10.128.0.26:41533 2020/05/01 05:44:39 checking machine... 2020/05/01 05:44:39 checking revisions... 2020/05/01 05:44:39 testing simple program... syzkaller login: [ 55.471816][ T7060] IPVS: ftp: loaded support on port[0] = 21 2020/05/01 05:44:40 building call list... [ 55.836850][ T7009] tipc: TX() has been purged, node left! [ 57.015440][ T7050] can: request_module (can-proto-0) failed. executing program [ 58.991591][ T7050] can: request_module (can-proto-0) failed. [ 59.003758][ T7050] can: request_module (can-proto-0) failed. [ 59.545549][ T7050] ================================================================== [ 59.553890][ T7050] BUG: KASAN: null-ptr-deref in x25_disconnect+0x253/0x370 [ 59.561080][ T7050] Write of size 4 at addr 00000000000000d8 by task syz-fuzzer/7050 [ 59.568956][ T7050] [ 59.571267][ T7050] CPU: 1 PID: 7050 Comm: syz-fuzzer Not tainted 5.7.0-rc2-syzkaller #0 [ 59.579491][ T7050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.589650][ T7050] Call Trace: [ 59.592928][ T7050] dump_stack+0x188/0x20d [ 59.597243][ T7050] ? x25_disconnect+0x253/0x370 [ 59.602075][ T7050] ? __sock_release+0x280/0x280 [ 59.606917][ T7050] __kasan_report.cold+0x5/0x4d [ 59.611774][ T7050] ? rcu_read_lock_held+0x1/0xb0 [ 59.616719][ T7050] ? x25_disconnect+0x253/0x370 [ 59.621555][ T7050] ? x25_disconnect+0x253/0x370 [ 59.626383][ T7050] kasan_report+0x33/0x50 [ 59.630698][ T7050] check_memory_region+0x141/0x190 [ 59.635809][ T7050] x25_disconnect+0x253/0x370 [ 59.640464][ T7050] x25_release+0x345/0x420 [ 59.644878][ T7050] __sock_release+0xcd/0x280 [ 59.649460][ T7050] sock_close+0x18/0x20 [ 59.653608][ T7050] __fput+0x33e/0x880 [ 59.657576][ T7050] task_work_run+0xf4/0x1b0 [ 59.662063][ T7050] exit_to_usermode_loop+0x2fa/0x360 [ 59.667331][ T7050] do_syscall_64+0x6b1/0x7d0 [ 59.671987][ T7050] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.678746][ T7050] RIP: 0033:0x4afb40 [ 59.682636][ T7050] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.702216][ T7050] RSP: 002b:000000c0001eb4f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 59.710604][ T7050] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 59.718571][ T7050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.726519][ T7050] RBP: 000000c0001eb538 R08: 0000000000000000 R09: 0000000000000000 [ 59.734492][ T7050] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 59.742558][ T7050] R13: 0000000000000167 R14: 0000000000000166 R15: 0000000000000200 [ 59.750695][ T7050] ================================================================== [ 59.758740][ T7050] Disabling lock debugging due to kernel taint [ 59.764977][ T7050] Kernel panic - not syncing: panic_on_warn set ... [ 59.771566][ T7050] CPU: 1 PID: 7050 Comm: syz-fuzzer Tainted: G B 5.7.0-rc2-syzkaller #0 [ 59.781326][ T7050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.791355][ T7050] Call Trace: [ 59.794642][ T7050] dump_stack+0x188/0x20d [ 59.798952][ T7050] ? __sock_release+0x280/0x280 [ 59.803792][ T7050] panic+0x2e3/0x75c [ 59.807679][ T7050] ? add_taint.cold+0x16/0x16 [ 59.812339][ T7050] ? x25_disconnect+0x253/0x370 [ 59.817171][ T7050] ? trace_hardirqs_on+0x55/0x220 [ 59.822174][ T7050] ? x25_disconnect+0x253/0x370 [ 59.827014][ T7050] ? __sock_release+0x280/0x280 [ 59.831849][ T7050] end_report+0x4d/0x53 [ 59.835998][ T7050] __kasan_report.cold+0xd/0x4d [ 59.840842][ T7050] ? rcu_read_lock_held+0x1/0xb0 [ 59.845808][ T7050] ? x25_disconnect+0x253/0x370 [ 59.850634][ T7050] ? x25_disconnect+0x253/0x370 [ 59.855457][ T7050] kasan_report+0x33/0x50 [ 59.859762][ T7050] check_memory_region+0x141/0x190 [ 59.864863][ T7050] x25_disconnect+0x253/0x370 [ 59.869518][ T7050] x25_release+0x345/0x420 [ 59.874045][ T7050] __sock_release+0xcd/0x280 [ 59.878617][ T7050] sock_close+0x18/0x20 [ 59.882755][ T7050] __fput+0x33e/0x880 [ 59.886716][ T7050] task_work_run+0xf4/0x1b0 [ 59.891334][ T7050] exit_to_usermode_loop+0x2fa/0x360 [ 59.896618][ T7050] do_syscall_64+0x6b1/0x7d0 [ 59.901211][ T7050] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 59.907095][ T7050] RIP: 0033:0x4afb40 [ 59.910966][ T7050] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 59.930545][ T7050] RSP: 002b:000000c0001eb4f8 EFLAGS: 00000216 ORIG_RAX: 0000000000000003 [ 59.938986][ T7050] RAX: 0000000000000000 RBX: 000000c00002c000 RCX: 00000000004afb40 [ 59.947046][ T7050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 59.955019][ T7050] RBP: 000000c0001eb538 R08: 0000000000000000 R09: 0000000000000000 [ 59.963099][ T7050] R10: 0000000000000000 R11: 0000000000000216 R12: ffffffffffffffff [ 59.971064][ T7050] R13: 0000000000000167 R14: 0000000000000166 R15: 0000000000000200 [ 59.980384][ T7050] Kernel Offset: disabled [ 59.984738][ T7050] Rebooting in 86400 seconds..