[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 15.629993] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 28.567396] random: sshd: uninitialized urandom read (32 bytes read) [ 28.806128] random: sshd: uninitialized urandom read (32 bytes read) [ 29.182485] random: sshd: uninitialized urandom read (32 bytes read) [ 41.407907] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.33' (ECDSA) to the list of known hosts. [ 46.797707] random: sshd: uninitialized urandom read (32 bytes read) 2018/08/15 06:04:53 parsed 1 programs [ 47.885318] random: cc1: uninitialized urandom read (8 bytes read) 2018/08/15 06:04:55 executed programs: 0 [ 48.876024] IPVS: Creating netns size=2536 id=1 [ 48.912599] IPVS: Creating netns size=2536 id=2 [ 48.946631] IPVS: Creating netns size=2536 id=3 [ 48.973214] IPVS: Creating netns size=2536 id=4 [ 49.001735] IPVS: Creating netns size=2536 id=5 [ 49.034576] IPVS: Creating netns size=2536 id=6 [ 49.067251] IPVS: Creating netns size=2536 id=7 [ 49.090420] IPVS: Creating netns size=2536 id=8 [ 49.145396] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 49.199824] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 49.339369] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 49.370534] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 49.482698] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 49.499030] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 49.515328] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 49.543437] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 49.553230] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 49.578494] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 49.618285] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 49.652592] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 49.681864] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 49.718589] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 49.756943] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 49.790935] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 49.816414] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 49.824644] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 49.840250] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 49.848653] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.858018] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 49.879835] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 49.888646] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 49.897526] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 49.909732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.929872] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 49.943663] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 49.954665] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 49.979199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.001886] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 50.022311] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 50.045115] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 50.053874] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.064898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.089007] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 50.100983] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 50.126115] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.133687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.153843] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 50.164812] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 50.172021] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 50.185191] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 50.199213] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 50.212299] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 50.228397] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 50.238411] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 50.245574] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 50.254626] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 50.275701] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 50.284160] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.291792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.322178] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 50.333025] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 50.344954] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.352596] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.361338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.369225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.383656] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 50.399119] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.408745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.424985] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 50.457329] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 50.480405] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 50.518313] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 50.535911] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.543376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.555980] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 50.566033] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 50.573671] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 50.587932] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 50.596875] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.607049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.619407] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 50.633490] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 50.645412] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 50.654495] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.662032] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.681365] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 50.698967] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.706996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.719690] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 50.729153] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 50.736345] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 50.746116] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.754196] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.761857] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.770179] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.778488] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.786306] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.797249] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 50.813071] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.826828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 53.384623] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.418238] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.540650] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 53.558189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 53.567545] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.580998] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 53.596588] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 53.604345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.727811] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.740019] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.861668] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 53.876671] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 53.883455] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.898197] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 53.908655] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 53.916915] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.992252] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.039378] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.085881] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.166739] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.174137] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.183095] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.194445] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.201183] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.209477] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.216466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.259605] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.269045] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.276348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.363156] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.384575] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.391347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/08/15 06:05:01 executed programs: 8 [ 55.359658] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080 [ 55.367961] IP: [] l2tp_session_create+0xc60/0x16f0 [ 55.374664] PGD 1da258067 [ 55.377319] PUD 1d7918067 PMD 0 [ 55.380844] [ 55.382478] Oops: 0002 [#1] PREEMPT SMP KASAN [ 55.386958] Dumping ftrace buffer: [ 55.390484] (ftrace buffer empty) [ 55.394184] Modules linked in: [ 55.397502] CPU: 0 PID: 6779 Comm: syz-executor6 Not tainted 4.9.119-g9dc978d #23 [ 55.405108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 55.414449] task: ffff8801c5e9c800 task.stack: ffff8801cb768000 [ 55.420494] RIP: 0010:[] [] l2tp_session_create+0xc60/0x16f0 [ 55.429729] RSP: 0018:ffff8801cb76fac0 EFLAGS: 00010246 [ 55.435167] RAX: 0000000000000000 RBX: ffff8801c9caea00 RCX: 1ffff10038bd3a1d [ 55.442425] RDX: 1ffff1003a78c5c0 RSI: ffff8801c5e9d0c8 RDI: ffff8801d3c62e00 [ 55.449684] RBP: ffff8801cb76fb60 R08: ffff8801c5e9d0e8 R09: 0000000000000000 [ 55.456953] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801d3c62cd8 [ 55.464211] R13: 0000000000000000 R14: ffff8801d3c62c80 R15: 0000000000000000 [ 55.471470] FS: 00007f422b51a700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 55.479682] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 55.485642] CR2: 0000000000000080 CR3: 00000001d306c000 CR4: 00000000001606f0 [ 55.492962] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 55.500234] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 55.507488] Stack: [ 55.509625] ffffffff836c40b7 0000000000000000 ffff8801cdf4bb48 0000000000000000 [ 55.517703] ffff8801d3c62c80 ffff8801c9caeb58 ffff8801d3c62cd8 ffff8801c9caeb50 [ 55.525812] ffff8801c9caeab0 ffff8801d3c62ca0 ffff8801cdf4b300 0000000000000000 [ 55.533968] Call Trace: [ 55.536546] [] ? l2tp_session_create+0xed7/0x16f0 [ 55.543116] [] pppol2tp_connect+0x10d7/0x18f0 [ 55.549330] [] ? pppol2tp_seq_show+0xc30/0xc30 [ 55.555557] [] ? security_socket_connect+0x8f/0xc0 [ 55.562126] [] SYSC_connect+0x1b8/0x300 [ 55.567741] [] ? SYSC_bind+0x280/0x280 [ 55.573289] [] ? get_unused_fd_flags+0xd0/0xd0 [ 55.579520] [] ? do_futex+0x17c0/0x17c0 [ 55.585273] [] ? SyS_socket+0x121/0x1b0 [ 55.590887] [] ? move_addr_to_kernel+0x50/0x50 [ 55.597106] [] SyS_connect+0x24/0x30 [ 55.602458] [] ? SyS_accept+0x30/0x30 [ 55.607898] [] do_syscall_64+0x1a6/0x490 [ 55.613596] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 55.620533] Code: 00 00 49 8d be 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 7b 09 00 00 49 8b 86 80 01 00 00 ff 80 80 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 55 d0 [ 55.648497] RIP [] l2tp_session_create+0xc60/0x16f0 [ 55.655285] RSP [ 55.658900] CR2: 0000000000000080 [ 55.670590] ---[ end trace b674b175d95b083d ]--- [ 55.681033] Kernel panic - not syncing: Fatal exception [ 55.687044] Dumping ftrace buffer: [ 55.690586] (ftrace buffer empty) [ 55.694284] Kernel Offset: disabled [ 55.697902] Rebooting in 86400 seconds..