[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   17.753047] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   27.441141] random: sshd: uninitialized urandom read (32 bytes read)
[   28.124721] random: sshd: uninitialized urandom read (32 bytes read)
[   28.646884] random: sshd: uninitialized urandom read (32 bytes read)
[   28.782861] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.12' (ECDSA) to the list of known hosts.
[   34.322118] random: sshd: uninitialized urandom read (32 bytes read)
2018/08/17 19:04:00 parsed 1 programs
[   36.194338] random: cc1: uninitialized urandom read (8 bytes read)
2018/08/17 19:04:03 executed programs: 0
[   38.052218] IPVS: Creating netns size=2536 id=1
[   38.075514] IPVS: Creating netns size=2536 id=2
[   38.093530] IPVS: Creating netns size=2536 id=3
[   38.127391] IPVS: Creating netns size=2536 id=4
[   38.150018] IPVS: Creating netns size=2536 id=5
[   38.170493] IPVS: Creating netns size=2536 id=6
[   38.193803] IPVS: Creating netns size=2536 id=7
[   38.224278] IPVS: Creating netns size=2536 id=8
[   38.431872] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   38.460568] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   38.468051] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   38.477884] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   38.554323] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   38.577325] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   38.623050] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   38.636104] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   38.648326] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   38.659781] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   38.667101] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   38.674456] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   38.690871] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   38.706076] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   38.734830] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   38.767033] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   38.785556] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   38.794309] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   38.803754] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   38.813212] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   38.823740] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   38.837717] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   38.858147] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   38.867004] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   38.876245] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   38.884059] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   38.892351] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   38.906527] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   38.925818] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   38.934827] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   38.945509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   38.966592] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   38.983339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   39.000888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   39.012048] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   39.019005] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   39.040022] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   39.047304] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   39.057697] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   39.071839] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   39.083957] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   39.100777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   39.108396] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[   39.117334] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   39.130305] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[   39.153405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   39.176397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   39.184627] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   39.206969] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   39.221415] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   39.270482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   39.287882] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   39.305159] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   39.321788] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   39.329269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   39.342915] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   39.351753] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   39.361557] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[   39.376972] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   39.400300] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   39.412231] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   39.420537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   39.432789] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[   39.446830] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   39.458535] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   39.468114] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   39.476103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   39.484530] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   39.492050] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   39.504038] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   39.514318] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   39.522945] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   39.534751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   39.544541] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   39.556607] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   39.567111] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   39.578161] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   39.591190] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   42.017469] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   42.161929] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   42.175905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   42.186813] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.226124] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   42.245624] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   42.403168] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   42.409319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   42.416703] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.426161] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   42.435837] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   42.444569] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   42.454210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.511349] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   42.563081] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   42.588002] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   42.599022] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   42.608715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   42.617180] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.628236] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   42.672433] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   42.678911] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   42.687289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.720816] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   42.726962] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   42.737184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.756802] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   42.767818] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   42.776975] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.817478] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   42.832638] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   42.840747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
2018/08/17 19:04:09 executed programs: 8
[   44.102249] l2tp_core: tunl 4: sockfd_lookup(fd=5) returned -9
[   44.672591] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080
[   44.680895] IP: [<ffffffff836c6e40>] l2tp_session_create+0xc60/0x16f0
[   44.687629] PGD 1d6ec0067 [   44.690300] PUD 1ba590067 
PMD 0 [   44.693831] 
[   44.695463] Oops: 0002 [#1] PREEMPT SMP KASAN
[   44.699943] Dumping ftrace buffer:
[   44.703610]    (ftrace buffer empty)
[   44.707303] Modules linked in:
[   44.710609] CPU: 0 PID: 7127 Comm: syz-executor5 Not tainted 4.9.120-gf85543b #28
[   44.718209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   44.727548] task: ffff8801b6b29800 task.stack: ffff8801b7950000
[   44.733592] RIP: 0010:[<ffffffff836c6e40>]  [<ffffffff836c6e40>] l2tp_session_create+0xc60/0x16f0
[   44.742748] RSP: 0018:ffff8801b7957ab0  EFLAGS: 00010246
[   44.748182] RAX: 0000000000000000 RBX: ffff8801b600f400 RCX: 1ffff10036d6541d
[   44.755449] RDX: 1ffff1003a951430 RSI: ffff8801b6b2a0c8 RDI: ffff8801d4a8a180
[   44.762725] RBP: ffff8801b7957b50 R08: ffff8801b6b2a0e8 R09: 0000000000000000
[   44.769981] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801d4a8a058
[   44.777247] R13: 0000000000000000 R14: ffff8801d4a8a000 R15: 0000000000000000
[   44.784503] FS:  0000000000000000(0000) GS:ffff8801db200000(0063) knlGS:00000000f7780b40
[   44.792728] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   44.798594] CR2: 0000000000000080 CR3: 00000001c2f46000 CR4: 00000000001606f0
[   44.805851] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   44.813105] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   44.820358] Stack:
[   44.822500]  ffffffff836c70b7 0000000000000000 ffff8801d8568848 0000000000000000
[   44.830568]  ffff8801d4a8a000 ffff8801b600f558 ffff8801d4a8a058 ffff8801b600f550
[   44.838682]  ffff8801b600f4b0 ffff8801d4a8a020 ffff8801d8568000 0000000000000000
[   44.846833] Call Trace:
[   44.849416]  [<ffffffff836c70b7>] ? l2tp_session_create+0xed7/0x16f0
[   44.855904]  [<ffffffff836cbff7>] pppol2tp_connect+0x10d7/0x18f0
[   44.862037]  [<ffffffff836caf20>] ? pppol2tp_seq_show+0xc30/0xc30
[   44.868263]  [<ffffffff81cf76ff>] ? security_socket_connect+0x8f/0xc0
[   44.874829]  [<ffffffff8301c958>] SYSC_connect+0x1b8/0x300
[   44.880438]  [<ffffffff8301c7a0>] ? SYSC_bind+0x280/0x280
[   44.885974]  [<ffffffff815da430>] ? get_unused_fd_flags+0xd0/0xd0
[   44.892201]  [<ffffffff812dba90>] ? compat_SyS_get_robust_list+0x310/0x310
[   44.899254]  [<ffffffff8301e951>] ? SyS_socket+0x121/0x1b0
[   44.904904]  [<ffffffff8301e830>] ? move_addr_to_kernel+0x50/0x50
[   44.911123]  [<ffffffff8301f224>] SyS_connect+0x24/0x30
[   44.916472]  [<ffffffff8301f200>] ? SyS_accept+0x30/0x30
[   44.921909]  [<ffffffff81006da7>] do_fast_syscall_32+0x2f7/0x870
[   44.928049]  [<ffffffff81003036>] ? trace_hardirqs_off_thunk+0x1a/0x1c
[   44.934719]  [<ffffffff83a013d0>] entry_SYSENTER_compat+0x90/0xa2
[   44.940933] Code: 00 00 49 8d be 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 7b 09 00 00 49 8b 86 80 01 00 00 <f0> ff 80 80 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 55 d0 
[   44.968843] RIP  [<ffffffff836c6e40>] l2tp_session_create+0xc60/0x16f0
[   44.975631]  RSP <ffff8801b7957ab0>
[   44.979288] CR2: 0000000000000080
[   44.986877] ---[ end trace f46e4909e44c1abb ]---
[   44.991755] Kernel panic - not syncing: Fatal exception
[   44.997606] Dumping ftrace buffer:
[   45.001143]    (ftrace buffer empty)
[   45.004835] Kernel Offset: disabled
[   45.008489] Rebooting in 86400 seconds..