[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 13.787933] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 15.952659] random: sshd: uninitialized urandom read (32 bytes read) [ 16.285892] random: sshd: uninitialized urandom read (32 bytes read) [ 16.787445] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.55' (ECDSA) to the list of known hosts. [ 22.510491] urandom_read: 1 callbacks suppressed [ 22.510495] random: sshd: uninitialized urandom read (32 bytes read) 2018/08/24 04:53:05 parsed 1 programs [ 23.960570] random: cc1: uninitialized urandom read (8 bytes read) 2018/08/24 04:53:07 executed programs: 0 [ 25.346199] IPVS: Creating netns size=2536 id=1 [ 25.378001] IPVS: Creating netns size=2536 id=2 [ 25.413914] IPVS: Creating netns size=2536 id=3 [ 25.452641] IPVS: Creating netns size=2536 id=4 [ 25.496547] IPVS: Creating netns size=2536 id=5 [ 25.551862] IPVS: Creating netns size=2536 id=6 [ 25.593919] IPVS: Creating netns size=2536 id=7 [ 25.671705] IPVS: Creating netns size=2536 id=8 [ 25.822044] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 25.832810] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 25.868922] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 25.891523] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 26.065154] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 26.082133] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 26.112942] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 26.127244] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 26.139996] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 26.189946] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 26.197887] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 26.232307] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 26.274724] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 26.330307] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 26.372243] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 26.396569] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 26.428948] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 26.452369] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 26.461911] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 26.476653] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 26.493178] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 26.521535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 26.535709] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 26.543516] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 26.551912] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 26.567937] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 26.577638] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 26.585545] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 26.597159] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 26.606635] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 26.613805] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 26.622423] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 26.630147] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 26.638343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 26.647551] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 26.671365] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 26.683042] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 26.692861] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 26.713131] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 26.758668] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 26.832423] ip (4432) used greatest stack depth: 24376 bytes left [ 26.869340] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 26.898372] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 26.911489] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 26.919369] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 26.934511] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 26.953502] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 26.962770] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 26.971971] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 26.983574] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 26.995291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 27.012585] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 27.022502] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 27.031306] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 27.049381] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 27.059063] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 27.076981] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.084481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 27.101929] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 27.109599] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 27.118476] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 27.127657] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.135168] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 27.142815] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.150293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 27.163469] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 27.172314] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 27.179900] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 27.187776] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 27.196320] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 27.204174] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.212567] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 27.220745] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.228642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 27.236301] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.243676] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 27.256346] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 27.263630] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.275978] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 27.284741] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 27.297719] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.305207] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 27.316261] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 27.332285] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 27.358035] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.365532] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 27.381629] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 27.430019] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 27.437085] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.444503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 27.471409] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 27.488194] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.495687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 28.204235] ip (5019) used greatest stack depth: 23976 bytes left [ 30.098018] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 30.141267] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 30.276605] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 30.287480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 30.298162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 30.310907] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 30.333902] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 30.363909] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 30.483345] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 30.541285] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 30.613248] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 30.624603] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 30.633012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 30.646100] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 30.714573] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 30.730756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 30.738872] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 30.786469] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 30.814967] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 30.834994] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 30.847183] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 30.853942] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 30.876561] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 30.937756] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 30.945552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 30.952665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 31.007370] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 31.015186] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 31.026111] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 31.040064] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 31.053788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 31.064598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/08/24 04:53:13 executed programs: 8 [ 32.421074] l2tp_core: tunl 4: sockfd_lookup(fd=5) returned -9 [ 34.088921] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080 [ 34.097342] IP: [] l2tp_session_create+0xc60/0x16f0 [ 34.104062] PGD 1d0056067 [ 34.106750] PUD 1c7c69067 PMD 0 [ 34.110312] [ 34.111958] Oops: 0002 [#1] PREEMPT SMP KASAN [ 34.116444] Dumping ftrace buffer: [ 34.119971] (ftrace buffer empty) [ 34.123671] Modules linked in: [ 34.126980] CPU: 0 PID: 7524 Comm: syz-executor2 Not tainted 4.9.123-g7fa8c15 #32 [ 34.134584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.143914] task: ffff8801d957b000 task.stack: ffff8801d94b0000 [ 34.149944] RIP: 0010:[] [] l2tp_session_create+0xc60/0x16f0 [ 34.159069] RSP: 0018:ffff8801d94b7ab0 EFLAGS: 00010246 [ 34.164494] RAX: 0000000000000000 RBX: ffff8801d7383180 RCX: 1ffff1003b2af71d [ 34.171739] RDX: 1ffff1003875a080 RSI: ffff8801d957b8c8 RDI: ffff8801c3ad0400 [ 34.179009] RBP: ffff8801d94b7b50 R08: ffff8801d957b8e8 R09: 0000000000000000 [ 34.186288] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801c3ad02d8 [ 34.193545] R13: 0000000000000000 R14: ffff8801c3ad0280 R15: 0000000000000000 [ 34.200795] FS: 0000000000000000(0000) GS:ffff8801db200000(0063) knlGS:00000000f773eb40 [ 34.209016] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 34.214885] CR2: 0000000000000080 CR3: 00000001da249000 CR4: 00000000001606f0 [ 34.222130] Stack: [ 34.224256] ffffffff836c91a7 ffffffff836ca241 ffff8801b5825d48 0000000000000000 [ 34.232273] ffff8801c3ad0280 ffff8801d73832d8 ffff8801c3ad02d8 ffff8801d73832d0 [ 34.240309] ffff8801d7383230 ffff8801c3ad02a0 ffff8801b5825500 0000000000000000 [ 34.248319] Call Trace: [ 34.250883] [] ? l2tp_session_create+0xed7/0x16f0 [ 34.257350] [] ? l2tp_session_get+0x1d1/0x790 [ 34.263482] [] pppol2tp_connect+0x10d7/0x18f0 [ 34.269612] [] ? pppol2tp_seq_show+0xc30/0xc30 [ 34.275827] [] ? security_socket_connect+0x8f/0xc0 [ 34.282649] [] SYSC_connect+0x1b8/0x300 [ 34.288249] [] ? SYSC_bind+0x280/0x280 [ 34.293780] [] ? get_unused_fd_flags+0xd0/0xd0 [ 34.299995] [] ? compat_SyS_get_robust_list+0x310/0x310 [ 34.306985] [] ? SyS_socket+0x121/0x1b0 [ 34.312585] [] ? move_addr_to_kernel+0x50/0x50 [ 34.318794] [] SyS_connect+0x24/0x30 [ 34.324133] [] ? SyS_accept+0x30/0x30 [ 34.329560] [] do_fast_syscall_32+0x2f7/0x870 [ 34.335683] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 34.342327] [] entry_SYSENTER_compat+0x90/0xa2 [ 34.348537] Code: 00 00 49 8d be 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 7b 09 00 00 49 8b 86 80 01 00 00 ff 80 80 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 55 d0 [ 34.375791] RIP [] l2tp_session_create+0xc60/0x16f0 [ 34.382586] RSP [ 34.386208] CR2: 0000000000000080 [ 34.390401] ---[ end trace e70e50990d62f3b1 ]--- [ 34.395158] Kernel panic - not syncing: Fatal exception [ 34.400844] Dumping ftrace buffer: [ 34.404369] (ftrace buffer empty) [ 34.408054] Kernel Offset: disabled [ 34.411653] Rebooting in 86400 seconds..