[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 13.186434] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 25.070289] random: sshd: uninitialized urandom read (32 bytes read) [ 25.304443] random: sshd: uninitialized urandom read (32 bytes read) [ 25.691754] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.59' (ECDSA) to the list of known hosts. [ 31.354328] urandom_read: 1 callbacks suppressed [ 31.354331] random: sshd: uninitialized urandom read (32 bytes read) 2018/08/22 05:23:26 parsed 1 programs [ 32.851744] random: cc1: uninitialized urandom read (8 bytes read) 2018/08/22 05:23:28 executed programs: 0 [ 33.926331] IPVS: Creating netns size=2536 id=1 [ 34.053863] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 34.065640] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 34.110151] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 34.121885] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 34.166874] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 34.178685] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 34.191362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 34.212501] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 34.729913] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 34.755010] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 34.761246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.768033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.975831] hrtimer: interrupt took 22677 ns [ 35.026699] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9 [ 35.136814] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9 [ 35.307522] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9 [ 35.338501] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9 [ 35.437227] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9 [ 35.486231] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9 [ 35.607227] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9 [ 35.779385] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9 [ 35.808232] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9 [ 35.948002] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9 [ 36.011562] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080 [ 36.019843] IP: [] l2tp_session_create+0xc60/0x16f0 [ 36.026539] PGD 1cf850067 [ 36.029217] PUD 1cf98f067 PMD 0 [ 36.032703] [ 36.034331] Oops: 0002 [#1] PREEMPT SMP KASAN [ 36.038802] Dumping ftrace buffer: [ 36.042313] (ftrace buffer empty) [ 36.045996] Modules linked in: [ 36.049290] CPU: 0 PID: 4640 Comm: syz-executor0 Not tainted 4.9.122-g54068d6 #26 [ 36.056884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 36.066222] task: ffff8801cf173000 task.stack: ffff8801ce1f0000 [ 36.072264] RIP: 0010:[] [] l2tp_session_create+0xc60/0x16f0 [ 36.081376] RSP: 0018:ffff8801ce1f7ac0 EFLAGS: 00010246 [ 36.086797] RAX: 0000000000000000 RBX: ffff8801cfc60000 RCX: 1ffff10039e2e71d [ 36.094040] RDX: 1ffff10039f8c2b0 RSI: ffff8801cf1738c8 RDI: ffff8801cfc61580 [ 36.101298] RBP: ffff8801ce1f7b60 R08: ffff8801cf1738e8 R09: 0000000000000000 [ 36.108546] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801cfc61458 [ 36.115795] R13: 0000000000000000 R14: ffff8801cfc61400 R15: ffff8801ce1f7c78 [ 36.123049] FS: 00007ff280b31700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 36.131249] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 36.137105] CR2: 0000000000000080 CR3: 00000001cf68b000 CR4: 00000000001606f0 [ 36.144347] Stack: [ 36.146472] 0000000000000201 ffffffff836c9151 ffff8801ce1f7ae0 ffffffff81237ecd [ 36.154460] ffff8801cfc61400 ffff8801cfc60158 ffff8801cfc61458 ffff8801cfc60150 [ 36.162448] ffff8801cfc600b0 ffff8801cfc61420 0000000000000000 0000000000000000 [ 36.170476] Call Trace: [ 36.173040] [] ? l2tp_session_get+0x1d1/0x790 [ 36.179259] [] ? trace_hardirqs_on+0xd/0x10 [ 36.185213] [] pppol2tp_connect+0x10d7/0x18f0 [ 36.191334] [] ? pppol2tp_seq_show+0xc30/0xc30 [ 36.197541] [] ? security_socket_connect+0x8f/0xc0 [ 36.204096] [] SYSC_connect+0x1b8/0x300 [ 36.209693] [] ? SYSC_bind+0x280/0x280 [ 36.215217] [] ? do_futex+0x17c0/0x17c0 [ 36.220819] [] ? move_addr_to_kernel+0x50/0x50 [ 36.227024] [] ? SYSC_perf_event_open+0x211/0x26e0 [ 36.233579] [] SyS_connect+0x24/0x30 [ 36.238914] [] ? SyS_accept+0x30/0x30 [ 36.244407] [] do_syscall_64+0x1a6/0x490 [ 36.250102] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 36.256998] Code: 00 00 49 8d be 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 7b 09 00 00 49 8b 86 80 01 00 00 ff 80 80 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 55 d0 [ 36.284002] RIP [] l2tp_session_create+0xc60/0x16f0 [ 36.290771] RSP [ 36.294433] CR2: 0000000000000080 [ 36.298797] ---[ end trace 4c4dcb2d53cab42e ]--- [ 36.303539] Kernel panic - not syncing: Fatal exception [ 36.309255] Dumping ftrace buffer: [ 36.312769] (ftrace buffer empty) [ 36.316461] Kernel Offset: disabled [ 36.320075] Rebooting in 86400 seconds..