[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 13.159696] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 19.665816] random: sshd: uninitialized urandom read (32 bytes read) [ 19.892650] random: sshd: uninitialized urandom read (32 bytes read) [ 20.428115] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.19' (ECDSA) to the list of known hosts. [ 26.291399] urandom_read: 1 callbacks suppressed [ 26.291403] random: sshd: uninitialized urandom read (32 bytes read) 2018/08/28 08:06:29 parsed 1 programs [ 27.933946] random: cc1: uninitialized urandom read (8 bytes read) 2018/08/28 08:06:31 executed programs: 0 [ 29.082191] IPVS: Creating netns size=2536 id=1 [ 29.114558] IPVS: Creating netns size=2536 id=2 [ 29.159194] IPVS: Creating netns size=2536 id=3 [ 29.205214] IPVS: Creating netns size=2536 id=4 [ 29.252432] IPVS: Creating netns size=2536 id=5 [ 29.310505] IPVS: Creating netns size=2536 id=6 [ 29.348571] IPVS: Creating netns size=2536 id=7 [ 29.387560] IPVS: Creating netns size=2536 id=8 [ 29.447458] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 29.478891] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 29.534833] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 29.548848] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 29.624487] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 29.645292] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 29.658138] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 29.666922] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 29.722491] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 29.733201] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 29.753500] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 29.767823] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 29.809915] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 29.826807] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 29.838852] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 29.846177] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 29.860577] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 29.876681] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 29.893177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 29.933814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 29.942717] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 29.958157] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 29.969923] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 29.978631] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 30.013232] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 30.021777] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 30.033859] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 30.046443] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 30.058822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 30.072969] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 30.080146] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 30.092822] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 30.101182] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 30.109549] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 30.117875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 30.135524] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 30.153945] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 30.172881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 30.188640] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 30.203322] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 30.253158] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 30.279787] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 30.287727] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 30.295689] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 30.305291] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 30.313488] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 30.320742] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 30.334112] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 30.340989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 30.348960] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 30.363644] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 30.372747] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 30.386571] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 30.396356] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 30.411129] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 30.419428] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 30.435049] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 30.443320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 30.457563] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 30.467479] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 30.480146] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 30.490139] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 30.506181] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 30.514950] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 30.525898] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 30.538765] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 30.548310] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 30.559473] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 30.569220] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 30.582724] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 30.596144] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 30.608883] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 30.622271] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 30.630333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 30.640117] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 30.651079] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 30.659754] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 30.669241] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 30.679977] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 30.688454] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 30.695990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 30.705185] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 30.719427] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 30.732248] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 33.239535] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 33.264997] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 33.315970] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 33.444035] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 33.455661] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 33.465902] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.484858] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 33.491226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 33.498564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.552689] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 33.573668] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 33.580445] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.779041] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 33.835168] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 33.942852] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 33.960623] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 33.970040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 33.978442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.992626] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 34.002249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.009015] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.045030] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 34.083617] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 34.089770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.097411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.205370] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 34.216823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.224542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.238780] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 34.409710] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 34.429918] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.437419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/08/28 08:06:37 executed programs: 8 [ 35.471191] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080 [ 35.479453] IP: [] l2tp_session_create+0xc60/0x16f0 [ 35.486140] PGD 1be1da067 [ 35.488785] PUD 1be2ba067 PMD 0 [ 35.492269] [ 35.493909] Oops: 0002 [#1] PREEMPT SMP KASAN [ 35.498380] Dumping ftrace buffer: [ 35.501892] (ftrace buffer empty) [ 35.505578] Modules linked in: [ 35.508882] CPU: 0 PID: 6890 Comm: syz-executor7 Not tainted 4.9.124-g09eb2ba #35 [ 35.516490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.525824] task: ffff8801cb6f1800 task.stack: ffff8801cf260000 [ 35.531854] RIP: 0010:[] [] l2tp_session_create+0xc60/0x16f0 [ 35.541004] RSP: 0018:ffff8801cf267ab0 EFLAGS: 00010246 [ 35.546440] RAX: 0000000000000000 RBX: ffff8801d30dcf00 RCX: 1ffff100396de41d [ 35.553711] RDX: 1ffff10037a12ab0 RSI: ffff8801cb6f20c8 RDI: ffff8801bd095580 [ 35.561034] RBP: ffff8801cf267b50 R08: ffff8801cb6f20e8 R09: 0000000000000000 [ 35.568317] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801bd095458 [ 35.575578] R13: 0000000000000000 R14: ffff8801bd095400 R15: 0000000000000000 [ 35.582843] FS: 0000000000000000(0000) GS:ffff8801db200000(0063) knlGS:00000000f777db40 [ 35.591057] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 35.596935] CR2: 0000000000000080 CR3: 00000001d7b85000 CR4: 00000000001606f0 [ 35.604189] Stack: [ 35.606326] ffffffff836c8e27 ffffffff836c9ec1 ffff8801bad8ee48 0000000000000000 [ 35.614384] ffff8801bd095400 ffff8801d30dd058 ffff8801bd095458 ffff8801d30dd050 [ 35.622390] ffff8801d30dcfb0 ffff8801bd095420 ffff8801bad8e600 0000000000000000 [ 35.630464] Call Trace: [ 35.633057] [] ? l2tp_session_create+0xed7/0x16f0 [ 35.639539] [] ? l2tp_session_get+0x1d1/0x790 [ 35.645679] [] pppol2tp_connect+0x10d7/0x18f0 [ 35.651801] [] ? pppol2tp_seq_show+0xc30/0xc30 [ 35.658021] [] ? security_socket_connect+0x8f/0xc0 [ 35.664577] [] SYSC_connect+0x1b8/0x300 [ 35.670179] [] ? SYSC_bind+0x280/0x280 [ 35.675693] [] ? get_unused_fd_flags+0xd0/0xd0 [ 35.681910] [] ? compat_SyS_get_robust_list+0x310/0x310 [ 35.688906] [] ? SyS_socket+0x121/0x1b0 [ 35.694517] [] ? move_addr_to_kernel+0x50/0x50 [ 35.700735] [] SyS_connect+0x24/0x30 [ 35.706088] [] ? SyS_accept+0x30/0x30 [ 35.711520] [] do_fast_syscall_32+0x2f7/0x870 [ 35.717647] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 35.724295] [] entry_SYSENTER_compat+0x90/0xa2 [ 35.730500] Code: 00 00 49 8d be 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 7b 09 00 00 49 8b 86 80 01 00 00 ff 80 80 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 55 d0 [ 35.757875] RIP [] l2tp_session_create+0xc60/0x16f0 [ 35.764648] RSP [ 35.768276] CR2: 0000000000000080 [ 35.773085] ---[ end trace effa57cbcd59bb5c ]--- [ 35.777863] Kernel panic - not syncing: Fatal exception [ 35.783573] Dumping ftrace buffer: [ 35.787099] (ftrace buffer empty) [ 35.790783] Kernel Offset: disabled [ 35.794384] Rebooting in 86400 seconds..