[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 12.908923] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 17.210364] random: sshd: uninitialized urandom read (32 bytes read) [ 17.738173] random: sshd: uninitialized urandom read (32 bytes read) [ 18.267147] random: sshd: uninitialized urandom read (32 bytes read) [ 50.392081] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.47' (ECDSA) to the list of known hosts. [ 55.903196] random: sshd: uninitialized urandom read (32 bytes read) 2018/08/23 13:23:21 parsed 1 programs [ 57.417429] random: cc1: uninitialized urandom read (8 bytes read) 2018/08/23 13:23:24 executed programs: 0 [ 58.555733] IPVS: Creating netns size=2536 id=1 [ 58.687263] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 58.698727] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 58.742818] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 58.754865] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 58.801314] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 58.812490] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 58.824691] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.845846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.377782] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.404168] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 59.410390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.417540] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.625265] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9 [ 59.640319] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9 [ 59.652083] hrtimer: interrupt took 16361 ns [ 59.749525] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080 [ 59.757887] IP: [] l2tp_session_create+0xc60/0x16f0 [ 59.764703] PGD 1da3fb067 [ 59.767368] PUD 1b5187067 PMD 0 [ 59.770883] [ 59.772521] Oops: 0002 [#1] PREEMPT SMP KASAN [ 59.777009] Dumping ftrace buffer: [ 59.780669] (ftrace buffer empty) [ 59.784373] Modules linked in: [ 59.787687] CPU: 1 PID: 4252 Comm: syz-executor0 Not tainted 4.9.123-g8dd3fc2 #31 [ 59.795571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.804921] task: ffff8801d4f09800 task.stack: ffff8801d4578000 [ 59.811280] RIP: 0010:[] [] l2tp_session_create+0xc60/0x16f0 [ 59.820769] RSP: 0018:ffff8801d457fab0 EFLAGS: 00010246 [ 59.826496] RAX: 0000000000000000 RBX: ffff8801da347180 RCX: 1ffff1003a9e141d [ 59.833770] RDX: 1ffff1003b468dc0 RSI: ffff8801d4f0a0c8 RDI: ffff8801da346e00 [ 59.841029] RBP: ffff8801d457fb50 R08: ffff8801d4f0a0e8 R09: 0000000000000000 [ 59.848275] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801da346cd8 [ 59.855524] R13: 0000000000000000 R14: ffff8801da346c80 R15: ffff8801d457fc68 [ 59.862877] FS: 0000000000000000(0000) GS:ffff8801db300000(0063) knlGS:00000000f7710b40 [ 59.871095] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 59.876955] CR2: 0000000000000080 CR3: 00000001da1da000 CR4: 00000000001606f0 [ 59.884209] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 59.891455] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 59.898744] Stack: [ 59.901002] 0000000000000201 ffffffff836ca141 ffff8801d457fad0 ffffffff81237f0d [ 59.909002] ffff8801da346c80 ffff8801da3472d8 ffff8801da346cd8 ffff8801da3472d0 [ 59.916998] ffff8801da347230 ffff8801da346ca0 0000000000000000 0000000000000000 [ 59.925069] Call Trace: [ 59.927723] [] ? l2tp_session_get+0x1d1/0x790 [ 59.933853] [] ? trace_hardirqs_on+0xd/0x10 [ 59.939804] [] pppol2tp_connect+0x10d7/0x18f0 [ 59.945927] [] ? pppol2tp_seq_show+0xc30/0xc30 [ 59.952238] [] ? security_socket_connect+0x8f/0xc0 [ 59.958796] [] SYSC_connect+0x1b8/0x300 [ 59.964397] [] ? SYSC_bind+0x280/0x280 [ 59.969913] [] ? compat_SyS_get_robust_list+0x310/0x310 [ 59.976909] [] ? move_addr_to_kernel+0x50/0x50 [ 59.983240] [] SyS_connect+0x24/0x30 [ 59.988591] [] ? SyS_accept+0x30/0x30 [ 59.994031] [] do_fast_syscall_32+0x2f7/0x870 [ 60.000149] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 60.006960] [] entry_SYSENTER_compat+0x90/0xa2 [ 60.013210] Code: 00 00 49 8d be 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 7b 09 00 00 49 8b 86 80 01 00 00 ff 80 80 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 55 d0 [ 60.040177] RIP [] l2tp_session_create+0xc60/0x16f0 [ 60.046947] RSP [ 60.050545] CR2: 0000000000000080 [ 60.054566] ---[ end trace 9c7a1d58c44614aa ]--- [ 60.059309] Kernel panic - not syncing: Fatal exception [ 60.065132] Dumping ftrace buffer: [ 60.068649] (ftrace buffer empty) [ 60.072336] Kernel Offset: disabled [ 60.075942] Rebooting in 86400 seconds..