[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   13.868615] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   19.372317] random: sshd: uninitialized urandom read (32 bytes read)
[   19.812785] random: sshd: uninitialized urandom read (32 bytes read)
[   20.328739] random: sshd: uninitialized urandom read (32 bytes read)
[   20.478412] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.0' (ECDSA) to the list of known hosts.
[   25.980635] random: sshd: uninitialized urandom read (32 bytes read)
2018/08/22 16:13:13 parsed 1 programs
[   27.610190] random: cc1: uninitialized urandom read (8 bytes read)
2018/08/22 16:13:16 executed programs: 0
[   29.217377] IPVS: Creating netns size=2536 id=1
[   29.345159] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   29.357480] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   29.402820] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   29.414960] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   29.459224] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   29.470899] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   29.483388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   29.497121] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   30.003964] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   30.029212] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   30.035362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   30.042840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   30.265976] hrtimer: interrupt took 11905 ns
[   30.297868] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9
[   30.312933] l2tp_core: tunl 4: sockfd_lookup(fd=6) returned -9
[   30.408834] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080
[   30.417128] IP: [<ffffffff836c8e30>] l2tp_session_create+0xc60/0x16f0
[   30.423817] PGD 1da3c4067 [   30.426457] PUD 1da3da067 
PMD 0 [   30.429934] 
[   30.431556] Oops: 0002 [#1] PREEMPT SMP KASAN
[   30.436027] Dumping ftrace buffer:
[   30.439541]    (ftrace buffer empty)
[   30.443229] Modules linked in:
[   30.446521] CPU: 0 PID: 4258 Comm: syz-executor0 Not tainted 4.9.123-g8dd3fc2 #27
[   30.454119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   30.463527] task: ffff8801d56e6000 task.stack: ffff8801be0c8000
[   30.469570] RIP: 0010:[<ffffffff836c8e30>]  [<ffffffff836c8e30>] l2tp_session_create+0xc60/0x16f0
[   30.478762] RSP: 0018:ffff8801be0cfac0  EFLAGS: 00010246
[   30.484186] RAX: 0000000000000000 RBX: ffff8801d7f84f00 RCX: 1ffff1003aadcd1d
[   30.491434] RDX: 1ffff1003aff0ab0 RSI: ffff8801d56e68c8 RDI: ffff8801d7f85580
[   30.498765] RBP: ffff8801be0cfb60 R08: ffff8801d56e68e8 R09: 0000000000000000
[   30.506115] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801d7f85458
[   30.513364] R13: 0000000000000000 R14: ffff8801d7f85400 R15: ffff8801be0cfc78
[   30.520611] FS:  00007f7202a38700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000
[   30.528817] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   30.534681] CR2: 0000000000000080 CR3: 00000001d8727000 CR4: 00000000001606f0
[   30.541931] Stack:
[   30.544058]  0000000000000201 ffffffff836ca141 ffff8801be0cfae0 ffffffff81237f0d
[   30.552047]  ffff8801d7f85400 ffff8801d7f85058 ffff8801d7f85458 ffff8801d7f85050
[   30.560206]  ffff8801d7f84fb0 ffff8801d7f85420 0000000000000000 0000000000000000
[   30.568199] Call Trace:
[   30.570766]  [<ffffffff836ca141>] ? l2tp_session_get+0x1d1/0x790
[   30.576941]  [<ffffffff81237f0d>] ? trace_hardirqs_on+0xd/0x10
[   30.582902]  [<ffffffff836cdfe7>] pppol2tp_connect+0x10d7/0x18f0
[   30.589031]  [<ffffffff836ccf10>] ? pppol2tp_seq_show+0xc30/0xc30
[   30.595243]  [<ffffffff81cf90cf>] ? security_socket_connect+0x8f/0xc0
[   30.601858]  [<ffffffff8301e958>] SYSC_connect+0x1b8/0x300
[   30.607470]  [<ffffffff8301e7a0>] ? SYSC_bind+0x280/0x280
[   30.612987]  [<ffffffff83a01907>] ? _raw_spin_unlock_irq+0x27/0x50
[   30.619287]  [<ffffffff812db710>] ? do_futex+0x17c0/0x17c0
[   30.624888]  [<ffffffff839f0dc5>] ? __schedule+0x655/0x1bd0
[   30.630573]  [<ffffffff83020830>] ? move_addr_to_kernel+0x50/0x50
[   30.636784]  [<ffffffff83021224>] SyS_connect+0x24/0x30
[   30.642121]  [<ffffffff83021200>] ? SyS_accept+0x30/0x30
[   30.647545]  [<ffffffff81006316>] do_syscall_64+0x1a6/0x490
[   30.653227]  [<ffffffff83a01c93>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
[   30.660125] Code: 00 00 49 8d be 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 7b 09 00 00 49 8b 86 80 01 00 00 <f0> ff 80 80 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 55 d0 
[   30.686969] RIP  [<ffffffff836c8e30>] l2tp_session_create+0xc60/0x16f0
[   30.693739]  RSP <ffff8801be0cfac0>
[   30.697342] CR2: 0000000000000080
[   30.701028] ---[ end trace 66edd3b8b10661da ]---
[   30.705768] Kernel panic - not syncing: Fatal exception
[   30.711376] Dumping ftrace buffer:
[   30.715078]    (ftrace buffer empty)
[   30.718766] Kernel Offset: disabled
[   30.722377] Rebooting in 86400 seconds..