[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 15.951142] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 20.648357] random: sshd: uninitialized urandom read (32 bytes read) [ 20.982579] random: sshd: uninitialized urandom read (32 bytes read) [ 21.496701] random: sshd: uninitialized urandom read (32 bytes read) [ 23.998412] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.28' (ECDSA) to the list of known hosts. [ 29.409752] random: sshd: uninitialized urandom read (32 bytes read) executing program executing program [ 29.605555] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080 [ 29.613770] IP: [] l2tp_session_free+0x11c/0x200 [ 29.620193] PGD 1cb79a067 [ 29.622844] PUD 1cb3bb067 PMD 0 [ 29.626347] [ 29.627976] Oops: 0002 [#1] PREEMPT SMP KASAN [ 29.632445] Dumping ftrace buffer: [ 29.635962] (ftrace buffer empty) [ 29.639772] Modules linked in: [ 29.643084] CPU: 1 PID: 3798 Comm: syz-executor558 Not tainted 4.9.119-g9dc978d #23 [ 29.650853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.660186] task: ffff8801b9cf6000 task.stack: ffff8801b6de0000 [ 29.666220] RIP: 0010:[] [] l2tp_session_free+0x11c/0x200 [ 29.675097] RSP: 0018:ffff8801b6de7ca0 EFLAGS: 00010246 [ 29.680582] RAX: dffffc0000000000 RBX: ffff8801b709c500 RCX: 0000000000000000 [ 29.687834] RDX: 1ffff1003919a750 RSI: ffffffff836bf9a1 RDI: ffff8801c8cd3a80 [ 29.695086] RBP: ffff8801b6de7cc0 R08: ffff8801b9cf68e8 R09: 0000000000000000 [ 29.702333] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801c8cd3900 [ 29.709592] R13: ffff8801b709c508 R14: 0000000000000000 R15: ffffffff83015be0 [ 29.716842] FS: 00000000021e9880(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 29.725044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 29.730903] CR2: 0000000000000080 CR3: 00000001cbbad000 CR4: 00000000001606f0 [ 29.738153] Stack: [ 29.740282] ffff8801b6e6a200 ffff8801b709c500 ffff8801b6e6a5d0 ffff8801b6e6a4d8 [ 29.748295] ffff8801b6de7ce8 ffffffff836c72b2 ffff8801b6e6a640 ffff8801b6e6a200 [ 29.756393] ffffffff836c71e0 ffff8801b6de7d20 ffffffff830230f5 ffff8801b6e6a640 [ 29.764411] Call Trace: [ 29.767005] [] pppol2tp_session_destruct+0xd2/0x110 [ 29.773683] [] ? pppol2tp_seq_start+0x4e0/0x4e0 [ 29.779980] [] __sk_destruct+0x55/0x590 [ 29.785593] [] ? sock_release+0x1c0/0x1c0 [ 29.791382] [] sk_destruct+0x63/0x80 [ 29.796728] [] __sk_free+0x4f/0x220 [ 29.801982] [] sk_free+0x2b/0x40 [ 29.806978] [] pppol2tp_release+0x239/0x2e0 [ 29.812924] [] sock_release+0x96/0x1c0 [ 29.818441] [] sock_close+0x16/0x20 [ 29.823698] [] __fput+0x263/0x700 [ 29.828788] [] ____fput+0x15/0x20 [ 29.834007] [] task_work_run+0x10c/0x180 [ 29.839695] [] exit_to_usermode_loop+0xfc/0x120 [ 29.845993] [] do_syscall_64+0x364/0x490 [ 29.851684] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 29.858588] Code: 49 8d bc 24 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 c6 00 00 00 4d 8b b4 24 80 01 00 00 41 ff 8e 80 00 00 00 74 69 e8 f5 f0 c9 fd 4c 89 ea 48 b8 00 [ 29.885671] RIP [] l2tp_session_free+0x11c/0x200 [ 29.892180] RSP [ 29.895779] CR2: 0000000000000080 [ 29.899305] ---[ end trace dda66573753b2ff1 ]--- [ 29.904058] Kernel panic - not syncing: Fatal exception [ 29.909687] Dumping ftrace buffer: [ 29.913254] (ftrace buffer empty) [ 29.916948] Kernel Offset: disabled [ 29.920549] Rebooting in 86400 seconds..