[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 12.885087] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 25.566340] random: sshd: uninitialized urandom read (32 bytes read) [ 25.971050] random: sshd: uninitialized urandom read (32 bytes read) [ 26.443435] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.28' (ECDSA) to the list of known hosts. [ 32.054258] urandom_read: 1 callbacks suppressed [ 32.054261] random: sshd: uninitialized urandom read (32 bytes read) 2018/08/29 07:06:28 parsed 1 programs [ 33.630907] random: cc1: uninitialized urandom read (8 bytes read) 2018/08/29 07:06:30 executed programs: 0 [ 34.698052] IPVS: Creating netns size=2536 id=1 [ 34.730828] IPVS: Creating netns size=2536 id=2 [ 34.767683] IPVS: Creating netns size=2536 id=3 [ 34.809021] IPVS: Creating netns size=2536 id=4 [ 34.852931] IPVS: Creating netns size=2536 id=5 [ 34.885828] IPVS: Creating netns size=2536 id=6 [ 34.941367] IPVS: Creating netns size=2536 id=7 [ 34.991032] IPVS: Creating netns size=2536 id=8 [ 35.134319] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 35.148850] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 35.166210] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 35.195055] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 35.315162] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 35.336005] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 35.352234] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 35.361435] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 35.374344] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 35.386459] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 35.394739] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 35.422135] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 35.477709] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 35.534552] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 35.546327] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 35.587242] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 35.607477] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 35.636422] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 35.647895] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 35.657135] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 35.665028] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 35.674826] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 35.689168] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 35.699640] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 35.706874] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 35.721002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 35.750979] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 35.767457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 35.789642] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 35.806236] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 35.832949] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 35.844669] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 35.860057] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 35.884112] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 35.902597] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 35.924037] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 35.952497] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 35.963980] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 35.981363] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 35.999996] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 36.031924] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 36.038850] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.047416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 36.057083] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 36.064893] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 36.085889] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 36.095001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.103073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 36.112502] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 36.127390] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 36.137540] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 36.148671] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 36.160464] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.167984] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 36.180689] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 36.190137] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 36.197552] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 36.206422] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 36.213607] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.224219] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 36.235143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.243097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 36.250718] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.258249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 36.270511] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 36.277994] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 36.287405] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 36.296755] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 36.304404] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.312942] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 36.320547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.327939] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 36.337990] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 36.352969] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 36.388694] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 36.397374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.405598] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 36.423008] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 36.433908] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.447736] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 36.587131] ip (4675) used greatest stack depth: 23352 bytes left [ 36.628169] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 36.674549] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 36.726441] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 36.738501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.746918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 36.762769] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 36.780086] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.787701] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 38.856447] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 38.963441] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 39.011434] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 39.024471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.033311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.140153] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 39.146361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.154416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.218448] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 39.291478] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 39.334547] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 39.347935] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 39.356684] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.365724] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.380877] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 39.448091] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 39.462224] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 39.470712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.477467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.490594] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 39.498360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.506208] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.550630] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 39.557097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.566127] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.579033] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 39.587035] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.595835] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.800897] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 39.930983] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 39.938435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.948527] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/08/29 07:06:36 executed programs: 8 [ 40.201301] l2tp_core: tunl 4: sockfd_lookup(fd=5) returned -9 [ 41.366584] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080 [ 41.374877] IP: [] l2tp_session_create+0xc60/0x16f0 [ 41.381588] PGD 1ca3c8067 [ 41.384244] PUD 1bcab1067 PMD 0 [ 41.387744] [ 41.389374] Oops: 0002 [#1] PREEMPT SMP KASAN [ 41.393855] Dumping ftrace buffer: [ 41.397416] (ftrace buffer empty) [ 41.401113] Modules linked in: [ 41.404405] CPU: 1 PID: 7087 Comm: syz-executor3 Not tainted 4.9.124-g09eb2ba #35 [ 41.411998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.421353] task: ffff8801b90c3000 task.stack: ffff8801b6ee0000 [ 41.427472] RIP: 0010:[] [] l2tp_session_create+0xc60/0x16f0 [ 41.436586] RSP: 0018:ffff8801b6ee7ab0 EFLAGS: 00010246 [ 41.442009] RAX: 0000000000000000 RBX: ffff8801cc341680 RCX: 1ffff1003721871d [ 41.449253] RDX: 1ffff10039ea9ab0 RSI: ffff8801b90c38c8 RDI: ffff8801cf54d580 [ 41.456515] RBP: ffff8801b6ee7b50 R08: ffff8801b90c38e8 R09: 0000000000000000 [ 41.463773] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801cf54d458 [ 41.471033] R13: 0000000000000000 R14: ffff8801cf54d400 R15: 0000000000000000 [ 41.478282] FS: 0000000000000000(0000) GS:ffff8801db300000(0063) knlGS:00000000f778db40 [ 41.486495] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 41.492353] CR2: 0000000000000080 CR3: 00000001bdb08000 CR4: 00000000001606f0 [ 41.499601] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 41.506856] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 41.514099] Stack: [ 41.516226] ffffffff836c8e27 ffffffff836c9ec1 ffff8801d99dbb48 0000000000000000 [ 41.524251] ffff8801cf54d400 ffff8801cc3417d8 ffff8801cf54d458 ffff8801cc3417d0 [ 41.532282] ffff8801cc341730 ffff8801cf54d420 ffff8801d99db300 0000000000000000 [ 41.540307] Call Trace: [ 41.543047] [] ? l2tp_session_create+0xed7/0x16f0 [ 41.549516] [] ? l2tp_session_get+0x1d1/0x790 [ 41.555643] [] pppol2tp_connect+0x10d7/0x18f0 [ 41.561773] [] ? pppol2tp_seq_show+0xc30/0xc30 [ 41.567981] [] ? security_socket_connect+0x8f/0xc0 [ 41.574538] [] SYSC_connect+0x1b8/0x300 [ 41.580139] [] ? SYSC_bind+0x280/0x280 [ 41.585666] [] ? get_unused_fd_flags+0xd0/0xd0 [ 41.591876] [] ? compat_SyS_get_robust_list+0x310/0x310 [ 41.598863] [] ? SyS_socket+0x121/0x1b0 [ 41.604464] [] ? move_addr_to_kernel+0x50/0x50 [ 41.610761] [] SyS_connect+0x24/0x30 [ 41.616101] [] ? SyS_accept+0x30/0x30 [ 41.621531] [] do_fast_syscall_32+0x2f7/0x870 [ 41.627655] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 41.634297] [] entry_SYSENTER_compat+0x90/0xa2 [ 41.640503] Code: 00 00 49 8d be 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 7b 09 00 00 49 8b 86 80 01 00 00 ff 80 80 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 55 d0 [ 41.667599] RIP [] l2tp_session_create+0xc60/0x16f0 [ 41.674370] RSP [ 41.677987] CR2: 0000000000000080 [ 41.682720] ---[ end trace 92a9ec40855c150d ]--- [ 41.687537] Kernel panic - not syncing: Fatal exception [ 41.693325] Dumping ftrace buffer: [ 41.696842] (ftrace buffer empty) [ 41.700526] Kernel Offset: disabled [ 41.704129] Rebooting in 86400 seconds..