[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 17.884115] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 18.599968] random: sshd: uninitialized urandom read (32 bytes read) [ 18.963203] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 19.876901] random: sshd: uninitialized urandom read (32 bytes read) [ 20.038136] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.50' (ECDSA) to the list of known hosts. [ 25.533425] random: sshd: uninitialized urandom read (32 bytes read) net.ipv6.conf.syz_tun.accept_dad = 0 [ 25.629642] IPVS: ftp: loaded support on port[0] = 21 net.ipv6.conf.syz_tun.router_solicitations = 0 executing program [ 25.760083] ------------[ cut here ]------------ [ 25.765105] kernel BUG at net/ipv6/route.c:1268! [ 25.769915] invalid opcode: 0000 [#1] SMP KASAN [ 25.774604] CPU: 1 PID: 4352 Comm: syz-executor993 Not tainted 4.18.0-rc6+ #33 [ 25.781970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.791325] RIP: 0010:ip6_pol_route+0x9e3/0x1250 [ 25.796085] Code: 31 e4 e8 40 ea 04 fc 4c 89 e0 f0 4c 0f b1 33 31 ff 49 89 c4 48 89 c6 e8 eb 23 c7 fb 4d 85 e4 0f 84 0d fa ff ff e8 ad 22 c7 fb <0f> 0b e8 a6 22 c7 fb e8 01 8f b1 fb 31 ff 89 c6 88 85 e0 fd ff ff [ 25.815219] RSP: 0018:ffff8801b726ed48 EFLAGS: 00010293 [ 25.820585] RAX: ffff8801b849a5c0 RBX: ffffe8ffffd5c8d8 RCX: ffffffff85b4f515 [ 25.827850] RDX: 0000000000000000 RSI: ffffffff85b4f523 RDI: 0000000000000007 [ 25.835129] RBP: ffff8801b726ef78 R08: ffff8801b849a5c0 R09: fffff91ffffab91b [ 25.842397] R10: fffff91ffffab91b R11: ffffe8ffffd5c8df R12: ffff8801c3faf2c0 [ 25.849661] R13: 0000000000000001 R14: ffff8801bb308080 R15: 0000000000000001 [ 25.857008] FS: 00007f5148ef3700(0000) GS:ffff8801db100000(0000) knlGS:0000000000000000 [ 25.865226] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 25.871107] CR2: 0000000002409898 CR3: 00000001af4b9000 CR4: 00000000001406e0 [ 25.878367] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 25.885628] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 25.892879] Call Trace: [ 25.895464] ? ip6_pol_route_lookup+0x1120/0x1120 [ 25.900311] ? __lock_acquire+0x7fc/0x5020 [ 25.904559] ? print_usage_bug+0xc0/0xc0 [ 25.908615] ? print_usage_bug+0xc0/0xc0 [ 25.912669] ? graph_lock+0x170/0x170 [ 25.916462] ? graph_lock+0x170/0x170 [ 25.920257] ? print_usage_bug+0xc0/0xc0 [ 25.924307] ? find_held_lock+0x36/0x1c0 [ 25.928366] ip6_pol_route_output+0x54/0x70 [ 25.932673] fib6_rule_lookup+0x26e/0x700 [ 25.936842] ? ip6_pol_route_input+0x80/0x80 [ 25.941262] ? fib6_lookup+0x480/0x480 [ 25.945144] ? rcu_is_watching+0x8c/0x150 [ 25.949278] ? trace_hardirqs_on+0x10/0x10 [ 25.953495] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 25.957910] ip6_route_output_flags+0x2c5/0x350 [ 25.962567] ip6_dst_lookup_tail+0x1278/0x1da0 [ 25.967144] ? kernel_text_address+0x79/0xf0 [ 25.971544] ? unwind_get_return_address+0x61/0xa0 [ 25.976457] ? dst_output+0x180/0x180 [ 25.980251] ? graph_lock+0x170/0x170 [ 25.984039] ? graph_lock+0x170/0x170 [ 25.987839] ? __lock_acquire+0x7fc/0x5020 [ 25.992094] ? save_stack+0xa9/0xd0 [ 25.995708] ? __lock_is_held+0xb5/0x140 [ 25.999757] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 26.005291] ? __sk_dst_check+0x1ef/0x410 [ 26.009424] ip6_dst_lookup_flow+0xc8/0x270 [ 26.013729] ? ip6_dst_lookup+0x60/0x60 [ 26.017714] inet6_csk_route_socket+0x8cb/0x1030 [ 26.022465] ? ip6_dst_check+0x461/0xaf0 [ 26.026508] ? inet6_csk_route_req+0x820/0x820 [ 26.031099] ? skb_free_head+0x99/0xc0 [ 26.034981] ? trace_hardirqs_on_caller+0x19e/0x5c0 [ 26.039980] ? trace_hardirqs_on+0xd/0x10 [ 26.044374] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 26.049894] ? graph_lock+0x170/0x170 [ 26.053687] ? kasan_check_write+0x14/0x20 [ 26.057920] ? pskb_expand_head+0x6b3/0x10e0 [ 26.062322] ? rcu_read_lock_sched_held+0x108/0x120 [ 26.067323] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 26.072606] inet6_csk_xmit+0x118/0x630 [ 26.076565] ? inet6_csk_xmit+0x118/0x630 [ 26.080698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 26.086238] ? inet6_csk_update_pmtu+0x190/0x190 [ 26.090976] ? __sk_dst_check+0x1ef/0x410 [ 26.095115] ? sock_alloc_send_skb+0x40/0x40 [ 26.099517] l2tp_xmit_skb+0x1406/0x17c0 [ 26.103567] ? l2tp_session_create+0xb60/0xb60 [ 26.108223] ? iov_iter_advance+0x14e0/0x14e0 [ 26.112715] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 26.118236] ? _copy_from_user+0xdf/0x150 [ 26.122376] ? pppol2tp_sendmsg+0x45a/0x6c0 [ 26.126681] pppol2tp_sendmsg+0x4ae/0x6c0 [ 26.130821] ? move_addr_to_kernel.part.20+0x100/0x100 [ 26.136099] ? pppol2tp_getsockopt+0x950/0x950 [ 26.140669] sock_sendmsg+0xd5/0x120 [ 26.144378] ___sys_sendmsg+0x51d/0x930 [ 26.148344] ? graph_lock+0x170/0x170 [ 26.152132] ? copy_msghdr_from_user+0x580/0x580 [ 26.156891] ? __schedule+0x884/0x1ed0 [ 26.160777] ? find_held_lock+0x36/0x1c0 [ 26.164832] ? lock_downgrade+0x8f0/0x8f0 [ 26.168987] ? rcu_note_context_switch+0x730/0x730 [ 26.173918] ? check_same_owner+0x340/0x340 [ 26.178228] __sys_sendmmsg+0x240/0x6f0 [ 26.182186] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 26.186503] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 26.192034] ? fput+0x130/0x1a0 [ 26.195308] ? __sys_connect+0x1d1/0x4c0 [ 26.199361] ? __ia32_sys_accept+0xb0/0xb0 [ 26.203586] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 26.208165] __x64_sys_sendmmsg+0x9d/0x100 [ 26.212384] do_syscall_64+0x1b9/0x820 [ 26.216269] ? finish_task_switch+0x1d3/0x870 [ 26.220748] ? syscall_return_slowpath+0x5e0/0x5e0 [ 26.225675] ? syscall_return_slowpath+0x31d/0x5e0 [ 26.230614] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 26.235981] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 26.240827] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 26.246003] RIP: 0033:0x446ad9 [ 26.249189] Code: e8 dc bd 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 06 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 26.268310] RSP: 002b:00007f5148ef2db8 EFLAGS: 00000297 ORIG_RAX: 0000000000000133 [ 26.276020] RAX: ffffffffffffffda RBX: 00000000006dcc48 RCX: 0000000000446ad9 [ 26.283289] RDX: 00000000000003e8 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 26.290543] RBP: 00000000006dcc40 R08: 0000000000000000 R09: 0000000000000000 [ 26.297795] R10: 0000000000000000 R11: 0000000000000297 R12: 00000000006dcc4c [ 26.305051] R13: 00007ffda8d890df R14: 00007f5148ef39c0 R15: 0000000000000000 [ 26.312311] Modules linked in: [ 26.315488] Dumping ftrace buffer: [ 26.319009] (ftrace buffer empty) [ 26.322751] ---[ end trace dff46a737d1ea361 ]--- [ 26.327536] RIP: 0010:ip6_pol_route+0x9e3/0x1250 [ 26.332320] Code: 31 e4 e8 40 ea 04 fc 4c 89 e0 f0 4c 0f b1 33 31 ff 49 89 c4 48 89 c6 e8 eb 23 c7 fb 4d 85 e4 0f 84 0d fa ff ff e8 ad 22 c7 fb <0f> 0b e8 a6 22 c7 fb e8 01 8f b1 fb 31 ff 89 c6 88 85 e0 fd ff ff [ 26.351749] RSP: 0018:ffff8801b726ed48 EFLAGS: 00010293 [ 26.357127] RAX: ffff8801b849a5c0 RBX: ffffe8ffffd5c8d8 RCX: ffffffff85b4f515 [ 26.364412] RDX: 0000000000000000 RSI: ffffffff85b4f523 RDI: 0000000000000007 [ 26.371701] RBP: ffff8801b726ef78 R08: ffff8801b849a5c0 R09: fffff91ffffab91b [ 26.378979] R10: fffff91ffffab91b R11: ffffe8ffffd5c8df R12: ffff8801c3faf2c0 [ 26.386443] R13: 0000000000000001 R14: ffff8801bb308080 R15: 0000000000000001 [ 26.393727] FS: 00007f5148ef3700(0000) GS:ffff8801db100000(0000) knlGS:0000000000000000 [ 26.401983] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 26.407879] CR2: 0000000002409898 CR3: 00000001af4b9000 CR4: 00000000001406e0 [ 26.415159] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 26.422447] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 26.429734] Kernel panic - not syncing: Fatal exception in interrupt [ 26.436786] Dumping ftrace buffer: [ 26.440333] (ftrace buffer empty) [ 26.444036] Kernel Offset: disabled [ 26.447741] Rebooting in 86400 seconds..