[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 19.410209] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 23.095429] random: sshd: uninitialized urandom read (32 bytes read) [ 23.323138] random: sshd: uninitialized urandom read (32 bytes read) [ 23.816270] random: sshd: uninitialized urandom read (32 bytes read) [ 33.671532] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.2' (ECDSA) to the list of known hosts. [ 39.175909] random: sshd: uninitialized urandom read (32 bytes read) [ 39.297398] IPVS: ftp: loaded support on port[0] = 21 [ 39.434245] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.440929] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.449720] device bridge_slave_0 entered promiscuous mode [ 39.467095] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.474163] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.481830] device bridge_slave_1 entered promiscuous mode [ 39.497877] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 39.513949] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 39.555449] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 39.574231] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 39.635551] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 39.642881] team0: Port device team_slave_0 added [ 39.659271] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 39.666701] team0: Port device team_slave_1 added [ 39.681656] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 39.698554] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 39.715171] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 39.732557] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 39.859491] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.866207] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.873455] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.880144] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 40.360258] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 40.366507] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.411262] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 40.419957] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 40.468350] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 40.474807] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 40.482381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.529785] 8021q: adding VLAN 0 to HW filter on device team0 executing program [ 40.818274] BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:425/tfrc_rx_hist_sample_rtt() [ 40.861039] CPU: 0 PID: 4647 Comm: syz-executor545 Not tainted 4.18.0-rc8+ #182 [ 40.869807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.880186] Call Trace: [ 40.882811] [ 40.885271] dump_stack+0x1c9/0x2b4 [ 40.888922] ? dump_stack_print_info.cold.2+0x52/0x52 [ 40.894213] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 40.901353] ? tfrc_rx_handle_loss+0x67c/0x1eb0 [ 40.909314] ? rcu_is_watching+0x8c/0x150 [ 40.913680] tfrc_rx_hist_sample_rtt.cold.3+0x54/0x5c [ 40.921275] ccid3_hc_rx_packet_recv+0x5c4/0xeb0 [ 40.926226] ? dccp_parse_options+0x493/0x11f0 [ 40.946222] ? ccid3_hc_tx_send_packet+0x880/0x880 [ 40.955170] dccp_deliver_input_to_ccids+0xf0/0x280 [ 40.971833] dccp_rcv_established+0x87/0xb0 [ 40.995485] dccp_v4_do_rcv+0x153/0x180 [ 41.003708] __sk_receive_skb+0x3c0/0xd90 [ 41.008595] ? __inet_lookup_established+0x462/0x690 [ 41.021449] ? sk_free+0x50/0x50 [ 41.031875] ? inet_lhash2_lookup+0x6e0/0x6e0 [ 41.064356] ? reqsk_fastopen_remove+0x680/0x680 [ 41.098893] ? lock_downgrade+0x8f0/0x8f0 [ 41.103044] ? dccp_invalid_packet+0x64/0x890 [ 41.107673] dccp_v4_rcv+0x10f9/0x1f58 [ 41.111566] ? dccp_v4_err+0x1860/0x1860 [ 41.115619] ? __lock_is_held+0xb5/0x140 [ 41.119667] ip_local_deliver_finish+0x2eb/0xda0 [ 41.124415] ? inet_add_protocol.cold.0+0x21/0x21 [ 41.129252] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 41.134260] ? nf_hook_slow+0x11e/0x1c0 [ 41.138219] ip_local_deliver+0x1e9/0x750 [ 41.142348] ? nf_conntrack_update+0xc80/0xc80 [ 41.146997] ? ip_call_ra_chain+0x730/0x730 [ 41.151322] ? inet_add_protocol.cold.0+0x21/0x21 [ 41.156149] ? print_usage_bug+0xc0/0xc0 [ 41.160261] ? graph_lock+0x170/0x170 [ 41.164050] ? graph_lock+0x170/0x170 [ 41.167839] ? select_idle_sibling+0xcc/0xd90 [ 41.172324] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.177853] ip_rcv_finish+0x823/0x2220 [ 41.181823] ? ip_local_deliver_finish+0xda0/0xda0 [ 41.186740] ? lock_downgrade+0x8f0/0x8f0 [ 41.190872] ? kasan_check_read+0x11/0x20 [ 41.195004] ? rcu_is_watching+0x8c/0x150 [ 41.199208] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 41.203606] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 41.208662] ? nf_hook_slow+0x11e/0x1c0 [ 41.212633] ip_rcv+0xa18/0x1284 [ 41.215994] ? ip_local_deliver+0x750/0x750 [ 41.220301] ? update_group_capacity+0xd30/0xd30 [ 41.225040] ? ip_local_deliver_finish+0xda0/0xda0 [ 41.230067] ? __lock_is_held+0xb5/0x140 [ 41.234128] ? ip_local_deliver+0x750/0x750 [ 41.238538] __netif_receive_skb_core+0x23d0/0x35b0 [ 41.243558] ? nf_ingress+0xa30/0xa30 [ 41.247411] ? __lock_acquire+0x7fc/0x5020 [ 41.251639] ? __lock_acquire+0x7fc/0x5020 [ 41.255864] ? __lock_acquire+0x7fc/0x5020 [ 41.260136] ? trace_hardirqs_on+0x10/0x10 [ 41.264360] ? print_usage_bug+0xc0/0xc0 [ 41.268416] ? __lock_acquire+0x7fc/0x5020 [ 41.272698] ? __lock_acquire+0x7fc/0x5020 [ 41.276925] ? __lock_acquire+0x7fc/0x5020 [ 41.281142] ? trace_hardirqs_on+0x10/0x10 [ 41.285367] ? graph_lock+0x170/0x170 [ 41.289495] ? graph_lock+0x170/0x170 [ 41.293279] ? trace_hardirqs_on+0x10/0x10 [ 41.297560] ? graph_lock+0x170/0x170 [ 41.301354] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.306873] ? run_posix_cpu_timers+0x6c7/0x2580 [ 41.311608] ? rcu_is_watching+0x8c/0x150 [ 41.315745] ? find_held_lock+0x36/0x1c0 [ 41.319948] ? print_usage_bug+0xc0/0xc0 [ 41.324003] ? lock_acquire+0x1e4/0x540 [ 41.327965] ? process_backlog+0x1a6/0x760 [ 41.332394] ? kasan_check_read+0x11/0x20 [ 41.336564] ? rcu_is_watching+0x8c/0x150 [ 41.340756] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 41.345158] __netif_receive_skb+0x2c/0x1e0 [ 41.349469] process_backlog+0x219/0x760 [ 41.353522] net_rx_action+0x7da/0x1980 [ 41.357490] ? napi_complete_done+0x6c0/0x6c0 [ 41.362081] ? rcu_read_lock_sched_held+0x108/0x120 [ 41.367100] ? rcu_process_callbacks+0x1251/0x1850 [ 41.372023] ? call_rcu_sched+0x20/0x20 [ 41.375983] ? load_balance+0x3640/0x3640 [ 41.380120] ? enqueue_hrtimer+0x18e/0x540 [ 41.384346] ? rcu_is_watching+0x8c/0x150 [ 41.388490] ? find_held_lock+0x36/0x1c0 [ 41.392551] ? run_rebalance_domains+0x365/0x4c0 [ 41.397290] ? kasan_check_read+0x11/0x20 [ 41.401417] ? rcu_is_watching+0x8c/0x150 [ 41.405547] ? rcu_pm_notify+0xc0/0xc0 [ 41.409427] ? print_usage_bug+0xc0/0xc0 [ 41.413476] ? __do_softirq+0x780/0xb17 [ 41.417494] ? graph_lock+0x170/0x170 [ 41.421291] ? __irqentry_text_end+0x1f97a8/0x1f97a8 [ 41.426392] ? __lock_is_held+0xb5/0x140 [ 41.430444] __do_softirq+0x2e8/0xb17 [ 41.434378] ? __irqentry_text_end+0x1f97a8/0x1f97a8 [ 41.439587] ? irq_exit+0xbb/0x210 [ 41.443233] ? smp_apic_timer_interrupt+0x186/0x730 [ 41.448235] ? smp_call_function_single_interrupt+0x660/0x660 [ 41.454104] ? _raw_spin_unlock+0x22/0x30 [ 41.458236] ? handle_edge_irq+0x330/0x870 [ 41.462563] ? task_prio+0x50/0x50 [ 41.466203] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 41.471039] do_softirq_own_stack+0x2a/0x40 [ 41.475339] [ 41.477564] do_softirq.part.17+0x155/0x1a0 [ 41.481873] ? ip_finish_output2+0xa87/0x1860 [ 41.486349] __local_bh_enable_ip+0x1ec/0x230 [ 41.490834] ip_finish_output2+0xaba/0x1860 [ 41.495150] ? ip_copy_metadata+0xb30/0xb30 [ 41.499454] ? graph_lock+0x170/0x170 [ 41.503386] ? nf_ct_deliver_cached_events+0x558/0x7d0 [ 41.508664] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.514192] ? ipv4_mtu+0x37d/0x590 [ 41.517809] ? __lock_is_held+0xb5/0x140 [ 41.521865] ip_finish_output+0x841/0xfa0 [ 41.526005] ? ip_finish_output+0x841/0xfa0 [ 41.530313] ? ip_fragment.constprop.49+0x240/0x240 [ 41.535313] ? kasan_check_read+0x11/0x20 [ 41.539440] ? rcu_is_watching+0x8c/0x150 [ 41.543575] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 41.547981] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 41.552983] ? nf_hook_slow+0x11e/0x1c0 [ 41.556941] ip_output+0x223/0x880 [ 41.560464] ? __ip_local_out+0x5e3/0xb50 [ 41.564592] ? ip_mc_output+0x15d0/0x15d0 [ 41.568729] ? ip_fragment.constprop.49+0x240/0x240 [ 41.573819] ? __lock_is_held+0xb5/0x140 [ 41.577874] ip_local_out+0xc5/0x1b0 [ 41.581578] ip_queue_xmit+0x9df/0x1f80 [ 41.585539] ? ip_build_and_send_pkt+0xc80/0xc80 [ 41.590286] ? skb_send_sock+0x50/0x50 [ 41.594210] ? reqsk_fastopen_remove+0x651/0x680 [ 41.598954] ? dccp_insert_option_padding+0xbc/0xe0 [ 41.604063] ? dccp_v4_send_check+0x1a6/0x3d0 [ 41.608546] dccp_transmit_skb+0x999/0x12e0 [ 41.612863] dccp_xmit_packet+0x25e/0x7b0 [ 41.616996] ? dccp_send_sync+0x270/0x270 [ 41.621130] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 41.626135] ? ccid3_hc_tx_send_packet+0x35a/0x880 [ 41.631181] dccp_write_xmit+0x190/0x1f0 [ 41.635242] dccp_sendmsg+0x8db/0x1030 [ 41.639181] ? dccp_getsockopt+0xf0/0xf0 [ 41.643243] ? rw_copy_check_uvector+0x30d/0x3e0 [ 41.648001] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 41.653598] ? import_iovec+0x269/0x470 [ 41.657562] ? dup_iter+0x270/0x270 [ 41.661179] inet_sendmsg+0x1a1/0x690 [ 41.665059] ? copy_msghdr_from_user+0x3c4/0x580 [ 41.669808] ? ipip_gro_receive+0x100/0x100 [ 41.674120] ? move_addr_to_kernel.part.20+0x100/0x100 [ 41.679454] ? security_socket_sendmsg+0x94/0xc0 [ 41.684201] ? ipip_gro_receive+0x100/0x100 [ 41.688507] sock_sendmsg+0xd5/0x120 [ 41.692204] ___sys_sendmsg+0x7fd/0x930 [ 41.696172] ? copy_msghdr_from_user+0x580/0x580 [ 41.700917] ? lock_downgrade+0x8f0/0x8f0 [ 41.705059] ? __fget_light+0x2f7/0x440 [ 41.709023] ? fget_raw+0x20/0x20 [ 41.712458] ? __fd_install+0x2db/0x880 [ 41.716528] ? get_unused_fd_flags+0x1a0/0x1a0 [ 41.721112] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 41.726730] ? sockfd_lookup_light+0xc5/0x160 [ 41.731225] __sys_sendmsg+0x11d/0x290 [ 41.735118] ? __ia32_sys_shutdown+0x80/0x80 [ 41.739541] ? __x64_sys_futex+0x47f/0x6a0 [ 41.743812] ? fd_install+0x4d/0x60 [ 41.747465] ? syscall_slow_exit_work+0x500/0x500 [ 41.752315] ? _raw_spin_unlock_irq+0x27/0x70 [ 41.756818] __x64_sys_sendmsg+0x78/0xb0 [ 41.760889] do_syscall_64+0x1b9/0x820 [ 41.764782] ? finish_task_switch+0x1d3/0x870 [ 41.769308] ? syscall_return_slowpath+0x5e0/0x5e0 [ 41.774243] ? syscall_return_slowpath+0x31d/0x5e0 [ 41.779183] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 41.784551] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 41.789400] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 41.794588] RIP: 0033:0x446a49 [ 41.797773] Code: e8 cc b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 41.817184] RSP: 002b:00007f4a0cad0da8 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 41.825088] RAX: ffffffffffffffda RBX: 00000000006dec58 RCX: 0000000000446a49 [ 41.832891] RDX: 0000000004000080 RSI: 00000000200030c0 RDI: 0000000000000005 [ 41.840428] RBP: 00000000006dec50 R08: 0000000000000000 R09: 0000000000000000 [ 41.847703] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dec5c [ 41.854979] R13: 00000000004b01c0 R14: 0000000020001f80 R15: 0000000000000001