[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   16.130763] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   18.500344] random: sshd: uninitialized urandom read (32 bytes read)
[   18.925179] random: sshd: uninitialized urandom read (32 bytes read)
[   19.465813] random: sshd: uninitialized urandom read (32 bytes read)
[   30.702368] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.41' (ECDSA) to the list of known hosts.
[   36.209254] random: sshd: uninitialized urandom read (32 bytes read)
2018/08/15 06:11:08 parsed 1 programs
[   37.589401] random: cc1: uninitialized urandom read (8 bytes read)
2018/08/15 06:11:09 executed programs: 0
[   38.519495] IPVS: Creating netns size=2536 id=1
[   38.550654] IPVS: Creating netns size=2536 id=2
[   38.590033] IPVS: Creating netns size=2536 id=3
[   38.631328] IPVS: Creating netns size=2536 id=4
[   38.681721] IPVS: Creating netns size=2536 id=5
[   38.735080] IPVS: Creating netns size=2536 id=6
[   38.785308] IPVS: Creating netns size=2536 id=7
[   38.833410] IPVS: Creating netns size=2536 id=8
[   38.884590] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   38.933299] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   39.118954] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   39.159260] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   39.179120] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   39.187562] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   39.201858] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   39.218916] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   39.328532] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   39.374893] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   39.399913] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   39.419498] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   39.443043] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   39.461957] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   39.471937] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   39.506229] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   39.529363] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   39.538721] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   39.548713] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   39.580317] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   39.623574] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   39.640620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   39.672108] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   39.688154] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   39.701889] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   39.717820] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   39.734589] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   39.749286] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   39.763657] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   39.775498] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   39.786417] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   39.802478] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   39.810657] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   39.821420] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   39.857485] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   39.867816] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   39.876743] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   39.884866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   39.902896] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   39.918846] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   39.930643] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   39.939043] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   39.948175] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   39.959568] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   39.967205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   39.976148] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   39.992790] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   40.009990] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   40.018327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   40.049951] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   40.059367] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   40.093530] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   40.109187] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   40.125758] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   40.169778] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   40.185567] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   40.193448] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   40.203311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   40.213702] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   40.225554] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   40.236253] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   40.246044] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   40.255457] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   40.263967] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   40.273430] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   40.284914] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   40.292992] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   40.301447] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   40.309893] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   40.317740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   40.325607] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   40.336654] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   40.345752] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   40.353281] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   40.363300] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   40.374897] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   40.382576] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   40.390483] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   40.398105] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   40.410491] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   40.420741] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   40.430348] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   40.448125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   40.465439] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   40.475312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   40.482814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   40.497103] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   40.512550] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   40.524220] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   40.541316] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   40.552040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   40.568560] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   41.319570] ip (5055) used greatest stack depth: 23208 bytes left
[   43.112952] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.256650] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   43.265960] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   43.274546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.287470] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.361327] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.459117] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   43.470800] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   43.478318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.522096] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   43.537051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   43.546122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.612844] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.650765] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.666067] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.710638] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.765288] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   43.778100] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   43.788343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.800946] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   43.809438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   43.817805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.840447] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   43.849344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   43.865279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.882750] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   43.918182] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   43.935069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   43.941836] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   44.047466] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   44.061225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   44.068721] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
2018/08/15 06:11:16 executed programs: 8
[   44.991776] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080
[   45.000227] IP: [<ffffffff836c3e40>] l2tp_session_create+0xc60/0x16f0
[   45.006964] PGD 1cd70f067 [   45.009622] PUD 1be1e7067 
PMD 0 [   45.013132] 
[   45.014767] Oops: 0002 [#1] PREEMPT SMP KASAN
[   45.019251] Dumping ftrace buffer:
[   45.022777]    (ftrace buffer empty)
[   45.026474] Modules linked in:
[   45.029791] CPU: 1 PID: 6872 Comm: syz-executor0 Not tainted 4.9.119-g9dc978d #27
[   45.037397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   45.046739] task: ffff8801b992b000 task.stack: ffff8801b9a88000
[   45.052780] RIP: 0010:[<ffffffff836c3e40>]  [<ffffffff836c3e40>] l2tp_session_create+0xc60/0x16f0
[   45.061919] RSP: 0018:ffff8801b9a8fab0  EFLAGS: 00010246
[   45.067354] RAX: 0000000000000000 RBX: ffff8801b991d900 RCX: 1ffff1003732571d
[   45.074613] RDX: 1ffff1003a7daeb0 RSI: ffff8801b992b8c8 RDI: ffff8801d3ed7580
[   45.081871] RBP: ffff8801b9a8fb50 R08: ffff8801b992b8e8 R09: 0000000000000000
[   45.089132] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801d3ed7458
[   45.096480] R13: 0000000000000000 R14: ffff8801d3ed7400 R15: 0000000000000000
[   45.103749] FS:  0000000000000000(0000) GS:ffff8801db300000(0063) knlGS:00000000f773ab40
[   45.111975] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   45.117846] CR2: 0000000000000080 CR3: 00000001d328d000 CR4: 00000000001606f0
[   45.125118] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   45.132442] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   45.139711] Stack:
[   45.141850]  ffffffff836c40b7 ffffffff836c5151 ffff8801d965ee48 0000000000000000
[   45.149939]  ffff8801d3ed7400 ffff8801b991da58 ffff8801d3ed7458 ffff8801b991da50
[   45.157990]  ffff8801b991d9b0 ffff8801d3ed7420 ffff8801d965e600 0000000000000000
[   45.166056] Call Trace:
[   45.168638]  [<ffffffff836c40b7>] ? l2tp_session_create+0xed7/0x16f0
[   45.175121]  [<ffffffff836c5151>] ? l2tp_session_get+0x1d1/0x790
[   45.181257]  [<ffffffff836c8ff7>] pppol2tp_connect+0x10d7/0x18f0
[   45.187394]  [<ffffffff836c7f20>] ? pppol2tp_seq_show+0xc30/0xc30
[   45.193621]  [<ffffffff81cf429f>] ? security_socket_connect+0x8f/0xc0
[   45.200192]  [<ffffffff83019958>] SYSC_connect+0x1b8/0x300
[   45.205806]  [<ffffffff830197a0>] ? SYSC_bind+0x280/0x280
[   45.211332]  [<ffffffff815d79c0>] ? get_unused_fd_flags+0xd0/0xd0
[   45.217564]  [<ffffffff812d9d70>] ? compat_SyS_get_robust_list+0x310/0x310
[   45.224569]  [<ffffffff8301b951>] ? SyS_socket+0x121/0x1b0
[   45.230185]  [<ffffffff8301b830>] ? move_addr_to_kernel+0x50/0x50
[   45.236653]  [<ffffffff8301c224>] SyS_connect+0x24/0x30
[   45.242034]  [<ffffffff8301c200>] ? SyS_accept+0x30/0x30
[   45.247488]  [<ffffffff81006da7>] do_fast_syscall_32+0x2f7/0x870
[   45.253621]  [<ffffffff81003036>] ? trace_hardirqs_off_thunk+0x1a/0x1c
[   45.260280]  [<ffffffff839fe3d0>] entry_SYSENTER_compat+0x90/0xa2
[   45.266496] Code: 00 00 49 8d be 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 7b 09 00 00 49 8b 86 80 01 00 00 <f0> ff 80 80 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 55 d0 
[   45.294605] RIP  [<ffffffff836c3e40>] l2tp_session_create+0xc60/0x16f0
[   45.301404]  RSP <ffff8801b9a8fab0>
[   45.305040] CR2: 0000000000000080
[   45.311720] ---[ end trace adcb6effaff38d67 ]---
[   45.318244] Kernel panic - not syncing: Fatal exception
[   45.324306] Dumping ftrace buffer:
[   45.327847]    (ftrace buffer empty)
[   45.331547] Kernel Offset: disabled
[   45.335165] Rebooting in 86400 seconds..