[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   25.227173] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   28.575031] random: sshd: uninitialized urandom read (32 bytes read)
[   28.898860] random: sshd: uninitialized urandom read (32 bytes read)
[   29.479931] random: sshd: uninitialized urandom read (32 bytes read)
[   29.659442] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.61' (ECDSA) to the list of known hosts.
[   35.482810] random: sshd: uninitialized urandom read (32 bytes read)
[   35.585917] IPVS: ftp: loaded support on port[0] = 21
[   35.723929] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.730390] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.738375] device bridge_slave_0 entered promiscuous mode
[   35.756111] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.762466] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.769606] device bridge_slave_1 entered promiscuous mode
[   35.785248] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   35.801415] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   35.844675] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   35.863652] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   35.931680] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   35.939293] team0: Port device team_slave_0 added
[   35.954916] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   35.962395] team0: Port device team_slave_1 added
[   35.978593] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   35.996742] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   36.014412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   36.032135] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
[   36.158750] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.165182] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.172109] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.178501] bridge0: port 1(bridge_slave_0) entered forwarding state
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
[   36.640390] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   36.646893] 8021q: adding VLAN 0 to HW filter on device bond0
[   36.681086] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   36.702241] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   36.748585] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   36.754772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   36.762387] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   36.805867] 8021q: adding VLAN 0 to HW filter on device team0
executing program
[   37.093507] BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:425/tfrc_rx_hist_sample_rtt()
[   37.106864] CPU: 1 PID: 4979 Comm: syz-executor205 Not tainted 4.19.0-rc1+ #216
[   37.114293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   37.123639] Call Trace:
[   37.126205]  <IRQ>
[   37.128346]  dump_stack+0x1c9/0x2b4
[   37.131966]  ? dump_stack_print_info.cold.2+0x52/0x52
[   37.137148]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   37.142683]  ? tfrc_rx_handle_loss+0x67c/0x1eb0
[   37.147353]  ? rcu_is_watching+0x8c/0x150
[   37.151498]  tfrc_rx_hist_sample_rtt.cold.3+0x54/0x5c
[   37.156708]  ccid3_hc_rx_packet_recv+0x5c4/0xeb0
[   37.161460]  ? dccp_parse_options+0x493/0x11f0
[   37.166040]  ? ccid3_hc_tx_send_packet+0x880/0x880
[   37.170966]  dccp_deliver_input_to_ccids+0xf0/0x280
[   37.176077]  dccp_rcv_established+0x87/0xb0
[   37.180389]  dccp_v4_do_rcv+0x153/0x180
[   37.184354]  __sk_receive_skb+0x3e5/0xec0
[   37.188491]  ? sk_free+0x50/0x50
[   37.191862]  ? inet_lhash2_lookup+0x6e0/0x6e0
[   37.196360]  ? reqsk_fastopen_remove+0x680/0x680
[   37.201102]  ? lock_downgrade+0x8f0/0x8f0
[   37.205243]  ? dccp_invalid_packet+0x64/0x890
[   37.209753]  dccp_v4_rcv+0x10f9/0x1f58
[   37.213642]  ? dccp_v4_err+0x1860/0x1860
[   37.217730]  ? __lock_is_held+0xb5/0x140
[   37.221799]  ip_local_deliver_finish+0x2eb/0xda0
[   37.226555]  ? ip_sublist_rcv_finish+0x3e0/0x3e0
[   37.231335]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   37.236593]  ? nf_hook_slow+0x11e/0x1c0
[   37.240573]  ip_local_deliver+0x1e9/0x750
[   37.244720]  ? ip_call_ra_chain+0x730/0x730
[   37.249030]  ? ip_sublist_rcv_finish+0x3e0/0x3e0
[   37.253784]  ? kasan_check_read+0x11/0x20
[   37.257916]  ? rcu_is_watching+0x8c/0x150
[   37.262080]  ? rcu_cleanup_dead_rnp+0x200/0x200
[   37.266737]  ip_rcv_finish+0x1f9/0x300
[   37.270610]  ip_rcv+0xed/0x610
[   37.273791]  ? ip_local_deliver+0x750/0x750
[   37.278099]  ? ip_rcv_finish_core.isra.16+0x1f10/0x1f10
[   37.283457]  ? lock_acquire+0x1e4/0x4f0
[   37.287421]  __netif_receive_skb_one_core+0x14d/0x200
[   37.292601]  ? __netif_receive_skb_core+0x39f0/0x39f0
[   37.297774]  ? net_rx_action+0x799/0x1900
[   37.301906]  ? rcu_cleanup_dead_rnp+0x200/0x200
[   37.306572]  __netif_receive_skb+0x2c/0x1e0
[   37.310895]  process_backlog+0x219/0x760
[   37.314944]  net_rx_action+0x799/0x1900
[   37.318910]  ? napi_complete_done+0x6d0/0x6d0
[   37.323404]  ? kasan_check_read+0x11/0x20
[   37.327540]  ? rcu_cleanup_dead_rnp+0x200/0x200
[   37.332223]  ? rebalance_domains+0x379/0xd90
[   37.336617]  ? __lock_is_held+0xb5/0x140
[   37.340673]  ? load_balance+0x3640/0x3640
[   37.344820]  ? print_usage_bug+0xc0/0xc0
[   37.348866]  ? lock_release+0x9f0/0x9f0
[   37.352848]  ? hrtimer_update_softirq_timer+0xa0/0xa0
[   37.358027]  ? find_held_lock+0x36/0x1c0
[   37.362108]  ? graph_lock+0x170/0x170
[   37.365896]  ? run_rebalance_domains+0x365/0x4c0
[   37.370638]  ? print_usage_bug+0xc0/0xc0
[   37.374695]  ? irq_exit+0x1d6/0x210
[   37.378317]  ? trace_hardirqs_on+0x2c0/0x2c0
[   37.382719]  ? __local_bh_enable+0xef/0x130
[   37.387029]  ? __do_softirq+0x74d/0xa74
[   37.390996]  ? graph_lock+0x170/0x170
[   37.394781]  ? mark_held_locks+0xc9/0x160
[   37.398912]  ? scheduler_ipi+0x1a8/0xa50
[   37.402960]  ? __do_softirq+0x278/0xa74
[   37.406937]  ? __lock_is_held+0xb5/0x140
[   37.410998]  __do_softirq+0x2eb/0xa74
[   37.414790]  ? __irqentry_text_end+0x1f9f00/0x1f9f00
[   37.419894]  ? smp_reschedule_interrupt+0xfd/0x5e0
[   37.424832]  ? smp_thermal_interrupt+0x710/0x710
[   37.429589]  ? ret_from_intr+0xb/0x1e
[   37.433395]  ? trace_hardirqs_off_caller+0xbb/0x2b0
[   37.438394]  ? trace_hardirqs_off+0xb8/0x2b0
[   37.442794]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   37.447623]  ? trace_hardirqs_on_caller+0x2b0/0x2b0
[   37.452626]  ? task_prio+0x50/0x50
[   37.456157]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   37.461036]  do_softirq_own_stack+0x2a/0x40
[   37.465345]  </IRQ>
[   37.467593]  do_softirq.part.18+0x157/0x1a0
[   37.471902]  ? ip_finish_output2+0xa87/0x1860
[   37.476399]  __local_bh_enable_ip+0x1ee/0x230
[   37.480882]  ip_finish_output2+0xaba/0x1860
[   37.485190]  ? ip_copy_metadata+0xe20/0xe20
[   37.489496]  ? graph_lock+0x170/0x170
[   37.493302]  ? nf_ct_deliver_cached_events+0x293/0x7e0
[   37.498569]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   37.504100]  ? ipv4_mtu+0x37d/0x590
[   37.507718]  ? __lock_is_held+0xb5/0x140
[   37.511769]  ip_finish_output+0x841/0xfa0
[   37.515901]  ? ip_finish_output+0x841/0xfa0
[   37.520208]  ? ip_fragment.constprop.49+0x240/0x240
[   37.525210]  ? kasan_check_read+0x11/0x20
[   37.529345]  ? rcu_is_watching+0x8c/0x150
[   37.533478]  ? rcu_cleanup_dead_rnp+0x200/0x200
[   37.538134]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   37.543136]  ? nf_hook_slow+0x11e/0x1c0
[   37.547099]  ip_output+0x223/0x880
[   37.550626]  ? __ip_local_out+0x5e3/0xb50
[   37.554763]  ? ip_mc_output+0x15d0/0x15d0
[   37.558906]  ? ip_fragment.constprop.49+0x240/0x240
[   37.563906]  ? __lock_is_held+0xb5/0x140
[   37.567961]  ip_local_out+0xc5/0x1b0
[   37.571700]  __ip_queue_xmit+0x9b6/0x1f20
[   37.575868]  ? ip_build_and_send_pkt+0xc80/0xc80
[   37.580624]  ? __skb_checksum+0x8f0/0x8f0
[   37.584756]  ? skb_send_sock+0x50/0x50
[   37.588653]  ? reqsk_fastopen_remove+0x680/0x680
[   37.593405]  ? dccp_insert_option_padding+0xbc/0xe0
[   37.598431]  ip_queue_xmit+0x56/0x70
[   37.602141]  dccp_transmit_skb+0x999/0x12e0
[   37.606467]  dccp_xmit_packet+0x25e/0x7d0
[   37.610608]  ? kasan_check_write+0x14/0x20
[   37.614829]  ? do_raw_spin_lock+0xc1/0x200
[   37.619161]  ? dccp_send_sync+0x270/0x270
[   37.623297]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   37.628304]  ? ccid3_hc_tx_send_packet+0x35a/0x880
[   37.633221]  dccp_write_xmit+0x190/0x1f0
[   37.637270]  dccp_sendmsg+0xd32/0xf90
[   37.641073]  ? dccp_getsockopt+0xf0/0xf0
[   37.645136]  ? debug_lockdep_rcu_enabled+0x77/0x90
[   37.650062]  ? aa_sk_perm+0x20c/0x8a0
[   37.653854]  ? import_iovec+0x269/0x470
[   37.657823]  ? aa_af_perm+0x5a0/0x5a0
[   37.661631]  inet_sendmsg+0x1a1/0x690
[   37.665426]  ? ipip_gro_receive+0x100/0x100
[   37.669768]  ? apparmor_socket_sendmsg+0x29/0x30
[   37.674522]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   37.680082]  ? security_socket_sendmsg+0x94/0xc0
[   37.684868]  ? ipip_gro_receive+0x100/0x100
[   37.689191]  sock_sendmsg+0xd5/0x120
[   37.692902]  ___sys_sendmsg+0x7fd/0x930
[   37.696878]  ? copy_msghdr_from_user+0x580/0x580
[   37.701633]  ? _raw_spin_unlock_bh+0x30/0x40
[   37.706039]  ? trace_hardirqs_off_caller+0x2b0/0x2b0
[   37.711154]  ? do_raw_spin_trylock+0x1c0/0x1c0
[   37.715734]  ? __fget_light+0x2f7/0x440
[   37.719711]  ? fget_raw+0x20/0x20
[   37.723158]  ? release_sock+0x1ec/0x2c0
[   37.727117]  ? kasan_check_write+0x14/0x20
[   37.731337]  ? __release_sock+0x3a0/0x3a0
[   37.735489]  ? __local_bh_enable_ip+0x161/0x230
[   37.740153]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   37.745687]  ? sockfd_lookup_light+0xc5/0x160
[   37.750200]  __sys_sendmsg+0x11d/0x290
[   37.754108]  ? __ia32_sys_shutdown+0x80/0x80
[   37.758509]  ? __x64_sys_futex+0x47f/0x6a0
[   37.762733]  ? do_syscall_64+0x9a/0x820
[   37.766702]  ? do_syscall_64+0x9a/0x820
[   37.770676]  ? trace_hardirqs_off_caller+0x2b0/0x2b0
[   37.775781]  ? trace_hardirqs_off+0xb8/0x2b0
[   37.780196]  __x64_sys_sendmsg+0x78/0xb0
[   37.784245]  do_syscall_64+0x1b9/0x820
[   37.788129]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   37.793493]  ? syscall_return_slowpath+0x5e0/0x5e0
[   37.798408]  ? trace_hardirqs_on_caller+0x2b0/0x2b0
[   37.803427]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   37.808446]  ? recalc_sigpending_tsk+0x180/0x180
[   37.813191]  ? kasan_check_write+0x14/0x20
[   37.817415]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   37.822262]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   37.827438] RIP: 0033:0x446e29
[   37.830616] Code: e8 cc b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   37.849498] RSP: 002b:00007f85f9688da8 EFLAGS: 00000293 ORIG_RAX: 000000000000002e
[   37.857189] RAX: ffffffffffffffda RBX: 00000000006dcc68 RCX: 0000000000446e29
[   37.864441] RDX: 0000000000000800 RSI: 00000000200004c0 RDI: 0000000000000005
[   37.871704] RBP: 00000000006dcc60 R08: 0000000000000000 R09: 0000000000000000
[   37.878971] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dcc6c
[   37.886223] R13: 00000000004af520 R14: 0000000020000780 R15: 0000000000000005
[