[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   19.855536] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   23.370836] random: sshd: uninitialized urandom read (32 bytes read)
[   23.781262] random: sshd: uninitialized urandom read (32 bytes read)
[   24.586752] random: sshd: uninitialized urandom read (32 bytes read)
[   24.752180] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.29' (ECDSA) to the list of known hosts.
[   30.278395] random: sshd: uninitialized urandom read (32 bytes read)
2018/06/29 13:06:14 parsed 1 programs
[   32.145205] random: cc1: uninitialized urandom read (8 bytes read)
2018/06/29 13:06:17 executed programs: 0
[   33.687344] IPVS: ftp: loaded support on port[0] = 21
[   33.895964] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.902503] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.909910] device bridge_slave_0 entered promiscuous mode
[   33.926654] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.933071] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.940392] device bridge_slave_1 entered promiscuous mode
[   33.955952] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   33.972666] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   34.014939] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   34.033449] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   34.098221] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   34.105797] team0: Port device team_slave_0 added
[   34.121768] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   34.128997] team0: Port device team_slave_1 added
[   34.144753] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   34.162407] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   34.178840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   34.195642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   34.314007] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.320558] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.327560] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.333944] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.756873] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   34.763005] 8021q: adding VLAN 0 to HW filter on device bond0
[   34.806515] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   34.847771] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   34.858460] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   34.864659] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   34.872237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   34.910051] 8021q: adding VLAN 0 to HW filter on device team0
[   35.164052] BUG: unable to handle kernel NULL pointer dereference at 0000000000000000
[   35.172086] PGD 1b1060067 P4D 1b1060067 PUD 1d6504067 PMD 0 
[   35.177986] Oops: 0010 [#1] SMP KASAN
[   35.181770] CPU: 0 PID: 4847 Comm: syz-executor0 Not tainted 4.18.0-rc2+ #24
[   35.188934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   35.198268] RIP: 0010:          (null)
[   35.202127] Code: Bad RIP value.
[   35.205481] RSP: 0018:ffff8801d6867518 EFLAGS: 00010246
[   35.210831] RAX: 0000000000000000 RBX: ffff8801b72a8600 RCX: ffffffff85ec9112
[   35.218258] RDX: ffff8801d6867770 RSI: ffff8801b72a8600 RDI: ffff8801d3211cc0
[   35.225530] RBP: ffff8801d68675c0 R08: ffff8801aae96280 R09: ffffed003b5c46d6
[   35.232786] R10: ffffed003b5c46d6 R11: ffff8801dae236b3 R12: ffff8801d6867770
[   35.240060] R13: ffff8801d3211cc0 R14: ffffffff8818a920 R15: ffff8801aae82040
[   35.247319] FS:  0000000000000000(0000) GS:ffff8801dae00000(0063) knlGS:000000000a2e7900
[   35.255525] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   35.261393] CR2: ffffffffffffffd6 CR3: 00000001d7023000 CR4: 00000000001406f0
[   35.268653] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   35.275935] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   35.283188] Call Trace:
[   35.285762]  ? sock_poll+0x2e1/0x490
[   35.289457]  ? kernel_sendpage_locked+0x120/0x120
[   35.294281]  ? __lock_is_held+0xb5/0x140
[   35.298344]  ? kernel_sendpage_locked+0x120/0x120
[   35.303170]  ep_item_poll.isra.14+0x15c/0x400
[   35.307647]  ? ep_eventpoll_poll+0x200/0x200
[   35.312048]  ep_insert+0x6c1/0x1c20
[   35.315666]  ? __sanitizer_cov_trace_switch+0x53/0x90
[   35.320846]  ? ep_send_events_proc+0xf00/0xf00
[   35.325441]  ? lock_release+0xa30/0xa30
[   35.329403]  ? check_same_owner+0x340/0x340
[   35.333712]  ? clear_tfile_check_list+0x3a0/0x3a0
[   35.338542]  ? rcu_note_context_switch+0x730/0x730
[   35.343454]  ? kasan_check_write+0x14/0x20
[   35.347669]  ? __mutex_lock+0x7e8/0x1820
[   35.351714]  ? __ia32_sys_epoll_ctl+0x7ea/0x10a0
[   35.356449]  ? do_futex+0x249/0x27d0
[   35.360148]  ? do_huge_pmd_anonymous_page+0x519/0x1b60
[   35.365407]  ? mutex_trylock+0x2b0/0x2b0
[   35.369446]  ? __thp_get_unmapped_area+0x180/0x180
[   35.374364]  ? exit_robust_list+0x290/0x290
[   35.378675]  ? lockdep_init_map+0x9/0x10
[   35.382739]  ? debug_mutex_init+0x2d/0x60
[   35.386866]  ? __mutex_init+0x1f7/0x290
[   35.390821]  ? graph_lock+0x170/0x170
[   35.394615]  ? pud_val+0x88/0x100
[   35.398051]  ? pmd_val+0x100/0x100
[   35.401578]  ? find_held_lock+0x36/0x1c0
[   35.405621]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   35.411135]  ? __fget_light+0x2f7/0x440
[   35.415088]  ? fget_raw+0x20/0x20
[   35.418540]  __ia32_sys_epoll_ctl+0xf00/0x10a0
[   35.423121]  ? __x64_sys_epoll_ctl+0x10a0/0x10a0
[   35.427892]  ? __ia32_compat_sys_futex+0x3e6/0x5f0
[   35.432806]  ? __x32_compat_sys_get_robust_list+0x430/0x430
[   35.438501]  ? mm_fault_error+0x380/0x380
[   35.442641]  ? do_fast_syscall_32+0x150/0xfb2
[   35.447128]  do_fast_syscall_32+0x34d/0xfb2
[   35.451439]  ? do_int80_syscall_32+0x890/0x890
[   35.456033]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   35.460799]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   35.466318]  ? syscall_return_slowpath+0x31d/0x5e0
[   35.471229]  ? sysret32_from_system_call+0x5/0x46
[   35.476082]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   35.480905]  entry_SYSENTER_compat+0x70/0x7f
[   35.485302] RIP: 0023:0xf7f1acb9
[   35.488642] Code: 55 08 8b 88 64 cd ff ff 8b 98 68 cd ff ff 89 c8 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 1c 24 c3 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 
[   35.507761] RSP: 002b:00000000ff8ee81c EFLAGS: 00000282 ORIG_RAX: 00000000000000ff
[   35.515451] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000001
[   35.522707] RDX: 0000000000000003 RSI: 0000000020000180 RDI: 0000000000000000
[   35.529962] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   35.537221] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[   35.544469] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   35.551730] Modules linked in:
[   35.554907] Dumping ftrace buffer:
[   35.558443]    (ftrace buffer empty)
[   35.562132] CR2: 0000000000000000
[   35.566133] ---[ end trace 73d9bb66b2288fbb ]---
[   35.570911] RIP: 0010:          (null)
[   35.574824] Code: Bad RIP value.
[   35.578533] RSP: 0018:ffff8801d6867518 EFLAGS: 00010246
[   35.583955] RAX: 0000000000000000 RBX: ffff8801b72a8600 RCX: ffffffff85ec9112
[   35.591322] RDX: ffff8801d6867770 RSI: ffff8801b72a8600 RDI: ffff8801d3211cc0
[   35.598609] RBP: ffff8801d68675c0 R08: ffff8801aae96280 R09: ffffed003b5c46d6
[   35.605900] R10: ffffed003b5c46d6 R11: ffff8801dae236b3 R12: ffff8801d6867770
[   35.613178] R13: ffff8801d3211cc0 R14: ffffffff8818a920 R15: ffff8801aae82040
[   35.620460] FS:  0000000000000000(0000) GS:ffff8801dae00000(0063) knlGS:000000000a2e7900
[   35.628784] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   35.634672] CR2: ffffffffffffffd6 CR3: 00000001d7023000 CR4: 00000000001406f0
[   35.641958] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   35.649231] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   35.656506] Kernel panic - not syncing: Fatal exception
[   35.662355] Dumping ftrace buffer:
[   35.665875]    (ftrace buffer empty)
[   35.669560] Kernel Offset: disabled
[   35.673165] Rebooting in 86400 seconds..