[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 20.509318] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 22.066123] random: sshd: uninitialized urandom read (32 bytes read) [ 22.504734] random: sshd: uninitialized urandom read (32 bytes read) [ 23.031751] random: sshd: uninitialized urandom read (32 bytes read) [ 23.219695] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.9' (ECDSA) to the list of known hosts. [ 28.689760] random: sshd: uninitialized urandom read (32 bytes read) [ 28.788604] IPVS: ftp: loaded support on port[0] = 21 [ 28.915941] bridge0: port 1(bridge_slave_0) entered blocking state [ 28.922407] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.930091] device bridge_slave_0 entered promiscuous mode [ 28.946678] bridge0: port 2(bridge_slave_1) entered blocking state [ 28.953074] bridge0: port 2(bridge_slave_1) entered disabled state [ 28.960382] device bridge_slave_1 entered promiscuous mode [ 28.975873] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 28.992232] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 29.033802] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 29.051908] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 29.114577] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 29.121942] team0: Port device team_slave_0 added [ 29.137205] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 29.144543] team0: Port device team_slave_1 added [ 29.159595] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 29.177304] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 29.196268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 29.213888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 29.335936] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.342407] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.349368] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.355741] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 29.763899] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 29.770045] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.813355] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 29.855488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 29.863924] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 29.904800] 8021q: adding VLAN 0 to HW filter on device team0 executing program [ 30.144730] BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:425/tfrc_rx_hist_sample_rtt() [ 30.158144] CPU: 1 PID: 4666 Comm: syz-executor223 Not tainted 4.18.0-rc8+ #182 [ 30.165588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.174942] Call Trace: [ 30.177548] [ 30.179706] dump_stack+0x1c9/0x2b4 [ 30.183339] ? dump_stack_print_info.cold.2+0x52/0x52 [ 30.188529] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 30.194070] ? tfrc_rx_handle_loss+0x67c/0x1eb0 [ 30.198736] ? rcu_is_watching+0x8c/0x150 [ 30.202881] tfrc_rx_hist_sample_rtt.cold.3+0x54/0x5c [ 30.208072] ccid3_hc_rx_packet_recv+0x5c4/0xeb0 [ 30.212826] ? dccp_parse_options+0x493/0x11f0 [ 30.217403] ? ccid3_hc_tx_send_packet+0x880/0x880 [ 30.222327] dccp_deliver_input_to_ccids+0xf0/0x280 [ 30.227337] dccp_rcv_established+0x87/0xb0 [ 30.231657] dccp_v4_do_rcv+0x153/0x180 [ 30.235625] __sk_receive_skb+0x3c0/0xd90 [ 30.239766] ? __inet_lookup_established+0x462/0x690 [ 30.244861] ? sk_free+0x50/0x50 [ 30.248218] ? inet_lhash2_lookup+0x6e0/0x6e0 [ 30.252701] ? reqsk_fastopen_remove+0x680/0x680 [ 30.257449] ? lock_downgrade+0x8f0/0x8f0 [ 30.261600] ? dccp_invalid_packet+0x64/0x890 [ 30.266098] dccp_v4_rcv+0x10f9/0x1f58 [ 30.269983] ? dccp_v4_err+0x1860/0x1860 [ 30.274052] ? __lock_is_held+0xb5/0x140 [ 30.278114] ip_local_deliver_finish+0x2eb/0xda0 [ 30.282866] ? inet_add_protocol.cold.0+0x21/0x21 [ 30.287703] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 30.292716] ? nf_hook_slow+0x11e/0x1c0 [ 30.296702] ip_local_deliver+0x1e9/0x750 [ 30.300867] ? nf_conntrack_update+0xc80/0xc80 [ 30.305457] ? ip_call_ra_chain+0x730/0x730 [ 30.309770] ? print_usage_bug+0xc0/0xc0 [ 30.313824] ? inet_add_protocol.cold.0+0x21/0x21 [ 30.318658] ? print_usage_bug+0xc0/0xc0 [ 30.322712] ? graph_lock+0x170/0x170 [ 30.326502] ? __lock_acquire+0x7fc/0x5020 [ 30.330725] ? select_idle_sibling+0xcc/0xd90 [ 30.335213] ip_rcv_finish+0x823/0x2220 [ 30.339178] ? ip_local_deliver_finish+0xda0/0xda0 [ 30.344101] ? lock_downgrade+0x8f0/0x8f0 [ 30.348241] ? kasan_check_read+0x11/0x20 [ 30.352372] ? rcu_is_watching+0x8c/0x150 [ 30.356508] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 30.360904] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 30.365909] ? nf_hook_slow+0x11e/0x1c0 [ 30.369872] ip_rcv+0xa18/0x1284 [ 30.373227] ? ip_local_deliver+0x750/0x750 [ 30.377535] ? trace_hardirqs_on+0x10/0x10 [ 30.381760] ? ip_local_deliver_finish+0xda0/0xda0 [ 30.386681] ? __lock_is_held+0xb5/0x140 [ 30.390740] ? ip_local_deliver+0x750/0x750 [ 30.395066] __netif_receive_skb_core+0x23d0/0x35b0 [ 30.400084] ? nf_ingress+0xa30/0xa30 [ 30.403885] ? __lock_acquire+0x7fc/0x5020 [ 30.408119] ? trace_hardirqs_on+0x10/0x10 [ 30.412360] ? trace_hardirqs_on+0x10/0x10 [ 30.416593] ? find_held_lock+0x36/0x1c0 [ 30.420661] ? lock_downgrade+0x8f0/0x8f0 [ 30.424815] ? __lock_acquire+0x7fc/0x5020 [ 30.429054] ? rcu_is_watching+0x8c/0x150 [ 30.433201] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 30.437629] ? print_usage_bug+0xc0/0xc0 [ 30.441687] ? graph_lock+0x170/0x170 [ 30.445484] ? graph_lock+0x170/0x170 [ 30.449281] ? __kernel_text_address+0xd/0x40 [ 30.453777] ? unwind_get_return_address+0x61/0xa0 [ 30.458817] ? find_held_lock+0x36/0x1c0 [ 30.462877] ? print_usage_bug+0xc0/0xc0 [ 30.466948] ? lock_acquire+0x1e4/0x540 [ 30.470918] ? process_backlog+0x1a6/0x760 [ 30.475156] ? kasan_check_read+0x11/0x20 [ 30.479305] ? rcu_is_watching+0x8c/0x150 [ 30.483449] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 30.487854] __netif_receive_skb+0x2c/0x1e0 [ 30.492168] process_backlog+0x219/0x760 [ 30.496225] net_rx_action+0x7da/0x1980 [ 30.500192] ? lock_downgrade+0x8f0/0x8f0 [ 30.504333] ? napi_complete_done+0x6c0/0x6c0 [ 30.508821] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 30.513922] ? find_held_lock+0x36/0x1c0 [ 30.517978] ? lock_downgrade+0x8f0/0x8f0 [ 30.522120] ? kasan_check_read+0x11/0x20 [ 30.526256] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 30.530660] ? rebalance_domains+0x379/0xd90 [ 30.535065] ? load_balance+0x3640/0x3640 [ 30.539203] ? rcu_pm_notify+0xc0/0xc0 [ 30.543087] ? print_usage_bug+0xc0/0xc0 [ 30.547138] ? __do_softirq+0x780/0xb17 [ 30.551103] ? graph_lock+0x170/0x170 [ 30.554894] ? scheduler_ipi+0x1a8/0xa50 [ 30.558948] ? migration_cpu_stop+0x470/0x470 [ 30.563436] ? __lock_is_held+0xb5/0x140 [ 30.567495] __do_softirq+0x2e8/0xb17 [ 30.571298] ? __irqentry_text_end+0x1f97a8/0x1f97a8 [ 30.576395] ? smp_reschedule_interrupt+0xf5/0x670 [ 30.581325] ? smp_thermal_interrupt+0x820/0x820 [ 30.586078] ? _raw_spin_unlock+0x22/0x30 [ 30.590222] ? handle_edge_irq+0x330/0x870 [ 30.594452] ? task_prio+0x50/0x50 [ 30.597992] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.602834] do_softirq_own_stack+0x2a/0x40 [ 30.607140] [ 30.609368] do_softirq.part.17+0x155/0x1a0 [ 30.613683] ? ip_finish_output2+0xa87/0x1860 [ 30.618172] __local_bh_enable_ip+0x1ec/0x230 [ 30.622665] ip_finish_output2+0xaba/0x1860 [ 30.626987] ? ip_copy_metadata+0xb30/0xb30 [ 30.631323] ? graph_lock+0x170/0x170 [ 30.635123] ? nf_ct_deliver_cached_events+0x558/0x7d0 [ 30.640400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.645939] ? ipv4_mtu+0x37d/0x590 [ 30.649567] ? __lock_is_held+0xb5/0x140 [ 30.653634] ip_finish_output+0x841/0xfa0 [ 30.657781] ? ip_finish_output+0x841/0xfa0 [ 30.662109] ? ip_fragment.constprop.49+0x240/0x240 [ 30.667126] ? kasan_check_read+0x11/0x20 [ 30.671273] ? rcu_is_watching+0x8c/0x150 [ 30.675420] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 30.679834] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 30.684849] ? nf_hook_slow+0x11e/0x1c0 [ 30.688829] ip_output+0x223/0x880 [ 30.692369] ? __ip_local_out+0x5e3/0xb50 [ 30.696518] ? ip_mc_output+0x15d0/0x15d0 [ 30.700677] ? ip_fragment.constprop.49+0x240/0x240 [ 30.705691] ? __lock_is_held+0xb5/0x140 [ 30.709755] ip_local_out+0xc5/0x1b0 [ 30.713468] ip_queue_xmit+0x9df/0x1f80 [ 30.717446] ? ip_build_and_send_pkt+0xc80/0xc80 [ 30.722202] ? skb_send_sock+0x50/0x50 [ 30.726090] ? reqsk_fastopen_remove+0x651/0x680 [ 30.730849] ? dccp_insert_option_padding+0xbc/0xe0 [ 30.735869] ? dccp_v4_send_check+0x1a6/0x3d0 [ 30.740364] dccp_transmit_skb+0x999/0x12e0 [ 30.744688] dccp_xmit_packet+0x25e/0x7b0 [ 30.748838] ? dccp_send_sync+0x270/0x270 [ 30.752983] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 30.757997] ? ccid3_hc_tx_send_packet+0x35a/0x880 [ 30.762936] dccp_write_xmit+0x190/0x1f0 [ 30.766993] dccp_sendmsg+0x8db/0x1030 [ 30.770887] ? dccp_getsockopt+0xf0/0xf0 [ 30.774941] ? rw_copy_check_uvector+0x30d/0x3e0 [ 30.779694] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 30.785225] ? import_iovec+0x269/0x470 [ 30.789192] ? dup_iter+0x270/0x270 [ 30.792814] inet_sendmsg+0x1a1/0x690 [ 30.796606] ? copy_msghdr_from_user+0x3c4/0x580 [ 30.801355] ? ipip_gro_receive+0x100/0x100 [ 30.805669] ? move_addr_to_kernel.part.20+0x100/0x100 [ 30.810937] ? security_socket_sendmsg+0x94/0xc0 [ 30.815683] ? ipip_gro_receive+0x100/0x100 [ 30.819996] sock_sendmsg+0xd5/0x120 [ 30.823712] ___sys_sendmsg+0x7fd/0x930 [ 30.827678] ? copy_msghdr_from_user+0x580/0x580 [ 30.832424] ? kasan_check_write+0x14/0x20 [ 30.836690] ? trace_hardirqs_off+0xd/0x10 [ 30.840917] ? __fget_light+0x2f7/0x440 [ 30.844878] ? fget_raw+0x20/0x20 [ 30.848319] ? trace_hardirqs_off+0xd/0x10 [ 30.852546] ? quarantine_put+0x10d/0x1b0 [ 30.856684] ? kfree+0x111/0x260 [ 30.860051] ? do_dccp_setsockopt.isra.10+0x1fc/0x7b0 [ 30.865243] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 30.870263] ? trace_hardirqs_on+0xd/0x10 [ 30.874418] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 30.879971] ? sockfd_lookup_light+0xc5/0x160 [ 30.884471] __sys_sendmsg+0x11d/0x290 [ 30.888363] ? __ia32_sys_shutdown+0x80/0x80 [ 30.892777] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 30.898326] ? fput+0x130/0x1a0 [ 30.901613] ? __x64_sys_futex+0x47f/0x6a0 [ 30.905861] ? syscall_slow_exit_work+0x500/0x500 [ 30.910713] __x64_sys_sendmsg+0x78/0xb0 [ 30.914784] do_syscall_64+0x1b9/0x820 [ 30.918688] ? finish_task_switch+0x1d3/0x870 [ 30.923200] ? syscall_return_slowpath+0x5e0/0x5e0 [ 30.928166] ? syscall_return_slowpath+0x31d/0x5e0 [ 30.933102] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 30.938474] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.943330] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 30.948520] RIP: 0033:0x446a89 [ 30.951703] Code: e8 cc b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 30.970895] RSP: 002b:00007f2cdc874da8 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 30.978602] RAX: ffffffffffffffda RBX: 00000000006dec48 RCX: 0000000000446a89 [ 30.985869] RDX: 0000000004000080 RSI: 00000000200030c0 RDI: 0000000000000005 [ 30.993132] RBP: 00000000006dec40 R08: 0000000000000000 R09: 0000000000000000 [ 31.000391] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dec4c [ 31.007651] R13: 00000000004b0200 R14: 0000000020001f80 R15: 0000000000000000 [