[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 14.862138] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.268256] random: sshd: uninitialized urandom read (32 bytes read) [ 18.629996] random: sshd: uninitialized urandom read (32 bytes read) [ 19.141380] random: sshd: uninitialized urandom read (32 bytes read) [ 19.280785] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.59' (ECDSA) to the list of known hosts. [ 24.829870] random: sshd: uninitialized urandom read (32 bytes read) executing program executing program [ 25.032662] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080 [ 25.041039] IP: [] l2tp_session_free+0x11c/0x200 [ 25.047604] PGD 1ba3d3067 [ 25.050248] PUD 1ba21c067 PMD 0 [ 25.053737] [ 25.055484] Oops: 0002 [#1] PREEMPT SMP KASAN [ 25.059956] Dumping ftrace buffer: [ 25.063468] (ftrace buffer empty) [ 25.067273] Modules linked in: [ 25.070565] CPU: 1 PID: 3802 Comm: syz-executor213 Not tainted 4.9.120-gf85543b #24 [ 25.078335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.087754] task: ffff8801b6dfb000 task.stack: ffff8801b7088000 [ 25.093791] RIP: 0010:[] [] l2tp_session_free+0x11c/0x200 [ 25.102651] RSP: 0018:ffff8801b708fca0 EFLAGS: 00010246 [ 25.108077] RAX: dffffc0000000000 RBX: ffff8801b6d24780 RCX: 0000000000000000 [ 25.115325] RDX: 1ffff10036e57210 RSI: ffffffff836c29a1 RDI: ffff8801b72b9080 [ 25.122813] RBP: ffff8801b708fcc0 R08: ffff8801b6dfb8e8 R09: 0000000000000000 [ 25.130079] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801b72b8f00 [ 25.137329] R13: ffff8801b6d24788 R14: 0000000000000000 R15: ffffffff83018be0 [ 25.144578] FS: 00000000018c8880(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 25.152779] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 25.158641] CR2: 0000000000000080 CR3: 00000001bfc80000 CR4: 00000000001606f0 [ 25.165890] Stack: [ 25.168016] ffff8801b5d71100 ffff8801b6d24780 ffff8801b5d714d0 ffff8801b5d713d8 [ 25.176022] ffff8801b708fce8 ffffffff836ca2b2 ffff8801b5d71540 ffff8801b5d71100 [ 25.184099] ffffffff836ca1e0 ffff8801b708fd20 ffffffff830260f5 ffff8801b5d71540 [ 25.192097] Call Trace: [ 25.194660] [] pppol2tp_session_destruct+0xd2/0x110 [ 25.201300] [] ? pppol2tp_seq_start+0x4e0/0x4e0 [ 25.207622] [] __sk_destruct+0x55/0x590 [ 25.213235] [] ? sock_release+0x1c0/0x1c0 [ 25.219016] [] sk_destruct+0x63/0x80 [ 25.224359] [] __sk_free+0x4f/0x220 [ 25.229611] [] sk_free+0x2b/0x40 [ 25.234608] [] pppol2tp_release+0x239/0x2e0 [ 25.240554] [] sock_release+0x96/0x1c0 [ 25.246175] [] sock_close+0x16/0x20 [ 25.251486] [] __fput+0x263/0x700 [ 25.256579] [] ____fput+0x15/0x20 [ 25.261657] [] task_work_run+0x10c/0x180 [ 25.267341] [] exit_to_usermode_loop+0xfc/0x120 [ 25.273634] [] do_syscall_64+0x364/0x490 [ 25.279327] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 25.286227] Code: 49 8d bc 24 80 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 c6 00 00 00 4d 8b b4 24 80 01 00 00 41 ff 8e 80 00 00 00 74 69 e8 15 de c9 fd 4c 89 ea 48 b8 00 [ 25.313707] RIP [] l2tp_session_free+0x11c/0x200 [ 25.320212] RSP [ 25.323811] CR2: 0000000000000080 [ 25.327989] ---[ end trace 8297509cb4c730b6 ]--- [ 25.332787] Kernel panic - not syncing: Fatal exception [ 25.338585] Dumping ftrace buffer: [ 25.342108] (ftrace buffer empty) [ 25.345805] Kernel Offset: disabled [ 25.349412] Rebooting in 86400 seconds..