[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   15.449865] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   19.530466] random: sshd: uninitialized urandom read (32 bytes read)
[   19.855742] random: sshd: uninitialized urandom read (32 bytes read)
[   20.353597] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.14' (ECDSA) to the list of known hosts.
[   25.970879] urandom_read: 1 callbacks suppressed
[   25.970882] random: sshd: uninitialized urandom read (32 bytes read)
2018/08/21 08:49:41 parsed 1 programs
[   27.081690] random: cc1: uninitialized urandom read (8 bytes read)
2018/08/21 08:49:42 executed programs: 0
[   28.200472] IPVS: Creating netns size=2536 id=1
[   28.234814] IPVS: Creating netns size=2536 id=2
[   28.271126] IPVS: Creating netns size=2536 id=3
[   28.313417] IPVS: Creating netns size=2536 id=4
[   28.351997] IPVS: Creating netns size=2536 id=5
[   28.395449] IPVS: Creating netns size=2536 id=6
[   28.462804] IPVS: Creating netns size=2536 id=7
[   28.523546] IPVS: Creating netns size=2536 id=8
[   28.635342] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   28.688230] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   28.787648] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   28.818206] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   28.880649] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   28.898519] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   28.910139] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   28.955220] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   28.980756] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   29.018641] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   29.027174] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   29.037082] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   29.062662] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   29.082812] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   29.142698] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   29.165581] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   29.179311] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   29.215127] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   29.231608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   29.253471] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   29.291397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   29.310517] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   29.323193] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   29.334585] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   29.347660] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   29.366029] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   29.378482] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   29.388546] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   29.402649] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   29.410380] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   29.427714] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   29.439876] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   29.463731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   29.471290] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   29.488202] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   29.496501] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   29.519597] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   29.540214] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   29.548170] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   29.567502] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   29.641416] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   29.677548] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   29.690834] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   29.699696] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   29.708054] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   29.717264] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   29.727292] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   29.735445] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   29.743777] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   29.751965] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   29.759578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   29.768786] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   29.776431] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   29.784171] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   29.796000] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   29.803810] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   29.811661] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   29.818739] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   29.827234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   29.835091] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   29.842548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   29.850154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   29.857579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   29.865089] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   29.872769] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   29.885294] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   29.898370] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   29.911040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   29.920237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   29.933725] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   29.961957] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   29.972325] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   29.980006] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   29.990840] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   30.003546] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   30.011915] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   30.022354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   30.036012] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   30.054238] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   30.069172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   30.078168] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   30.090411] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   30.108524] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   30.119516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   30.132111] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   30.149118] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   30.192591] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   30.199602] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   30.208678] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   30.237424] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   30.256070] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   30.264555] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   30.924594] ip (5022) used greatest stack depth: 23976 bytes left
[   32.753115] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   32.811150] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   32.912994] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   32.919130] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   32.929784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   32.989849] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   33.007011] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   33.015215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   33.258253] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   33.325784] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   33.349201] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   33.405460] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   33.445518] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   33.451630] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   33.459166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   33.491609] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   33.510172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   33.517992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   33.525885] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   33.535228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   33.543167] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   33.589681] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   33.602068] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   33.615132] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   33.621858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   33.641629] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   33.767601] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   33.775554] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   33.783408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   33.848173] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   33.860717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   33.868543] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
2018/08/21 08:49:48 executed programs: 8
[   34.867068] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080
[   34.875332] IP: [<ffffffff836c7e40>] l2tp_session_create+0xc60/0x16f0
[   34.882026] PGD 1bb90a067 [   34.884672] PUD 1ce1ff067 
PMD 0 [   34.888152] 
[   34.889779] Oops: 0002 [#1] PREEMPT SMP KASAN
[   34.894266] Dumping ftrace buffer:
[   34.897790]    (ftrace buffer empty)
[   34.901475] Modules linked in:
[   34.904782] CPU: 1 PID: 6877 Comm: syz-executor3 Not tainted 4.9.122-g54068d6 #26
[   34.912372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   34.921702] task: ffff8801ba3f0000 task.stack: ffff8801c3c98000
[   34.927773] RIP: 0010:[<ffffffff836c7e40>]  [<ffffffff836c7e40>] l2tp_session_create+0xc60/0x16f0
[   34.936888] RSP: 0018:ffff8801c3c9fac0  EFLAGS: 00010246
[   34.942312] RAX: 0000000000000000 RBX: ffff8801c8077680 RCX: 1ffff1003747e11d
[   34.949562] RDX: 1ffff1003900efa0 RSI: ffff8801ba3f08c8 RDI: ffff8801c8077d00
[   34.956814] RBP: ffff8801c3c9fb60 R08: ffff8801ba3f08e8 R09: 0000000000000000
[   34.964087] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801c8077bd8
[   34.971335] R13: 0000000000000000 R14: ffff8801c8077b80 R15: 0000000000000000
[   34.978582] FS:  00007fab9019c700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000
[   34.986782] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   34.992637] CR2: 0000000000000080 CR3: 00000001d870c000 CR4: 00000000001606f0
[   34.999909] Stack:
[   35.002035]  ffffffff836c80b7 ffffffff836c9151 ffff8801d8243b48 0000000000000000
[   35.010049]  ffff8801c8077b80 ffff8801c80777d8 ffff8801c8077bd8 ffff8801c80777d0
[   35.018044]  ffff8801c8077730 ffff8801c8077ba0 ffff8801d8243300 0000000000000000
[   35.026055] Call Trace:
[   35.028622]  [<ffffffff836c80b7>] ? l2tp_session_create+0xed7/0x16f0
[   35.035093]  [<ffffffff836c9151>] ? l2tp_session_get+0x1d1/0x790
[   35.041222]  [<ffffffff836ccff7>] pppol2tp_connect+0x10d7/0x18f0
[   35.047360]  [<ffffffff836cbf20>] ? pppol2tp_seq_show+0xc30/0xc30
[   35.053573]  [<ffffffff81cf826f>] ? security_socket_connect+0x8f/0xc0
[   35.060135]  [<ffffffff8301d958>] SYSC_connect+0x1b8/0x300
[   35.065747]  [<ffffffff8301d7a0>] ? SYSC_bind+0x280/0x280
[   35.071265]  [<ffffffff815daf70>] ? get_unused_fd_flags+0xd0/0xd0
[   35.077479]  [<ffffffff812db6d0>] ? do_futex+0x17c0/0x17c0
[   35.083085]  [<ffffffff8301f951>] ? SyS_socket+0x121/0x1b0
[   35.088693]  [<ffffffff8301f830>] ? move_addr_to_kernel+0x50/0x50
[   35.094903]  [<ffffffff83020224>] SyS_connect+0x24/0x30
[   35.100256]  [<ffffffff83020200>] ? SyS_accept+0x30/0x30
[   35.105686]  [<ffffffff81006316>] do_syscall_64+0x1a6/0x490
[   35.111375]  [<ffffffff83a00cd3>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
[   35.118276] Code: 00 00 49 8d be 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 7b 09 00 00 49 8b 86 80 01 00 00 <f0> ff 80 80 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 55 d0 
[   35.145288] RIP  [<ffffffff836c7e40>] l2tp_session_create+0xc60/0x16f0
[   35.152062]  RSP <ffff8801c3c9fac0>
[   35.155669] CR2: 0000000000000080
[   35.163525] ---[ end trace 874d63a2a383b017 ]---
[   35.168370] Kernel panic - not syncing: Fatal exception
[   35.174045] Dumping ftrace buffer:
[   35.177568]    (ftrace buffer empty)
[   35.181255] Kernel Offset: disabled
[   35.184858] Rebooting in 86400 seconds..