[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 20.997777] random: sshd: uninitialized urandom read (32 bytes read, 33 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 24.842749] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available) [ 25.094241] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available) [ 26.136633] random: sshd: uninitialized urandom read (32 bytes read, 115 bits of entropy available) [ 44.944607] random: sshd: uninitialized urandom read (32 bytes read, 128 bits of entropy available) [ 50.466277] random: nonblocking pool is initialized Warning: Permanently added '10.128.0.13' (ECDSA) to the list of known hosts. 2018/04/24 05:59:19 parsed 1 programs 2018/04/24 05:59:19 executed programs: 0 [ 51.136691] IPVS: Creating netns size=2552 id=1 [ 51.395057] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 51.410079] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 51.491877] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 51.506139] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 51.588205] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 51.603173] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 51.620077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 51.636616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.385637] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 52.426923] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/04/24 05:59:24 executed programs: 94 [ 56.512643] ------------[ cut here ]------------ [ 56.517444] kernel BUG at net/ipv4/tcp_output.c:2591! [ 56.522626] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 56.528431] Dumping ftrace buffer: [ 56.531940] (ftrace buffer empty) [ 56.535623] Modules linked in: [ 56.538907] CPU: 0 PID: 4554 Comm: syz-executor0 Not tainted 4.4.128-gbd23e3a #19 [ 56.546497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.555824] task: ffff8800b4313000 task.stack: ffff8800ac720000 [ 56.561849] RIP: 0010:[] [] __tcp_retransmit_skb+0x17e5/0x1860 [ 56.571126] RSP: 0000:ffff8801db207b60 EFLAGS: 00010206 [ 56.576553] RAX: ffff8800b4313000 RBX: ffff8800b43f5428 RCX: ffff8800acc91744 [ 56.583794] RDX: 0000000000000100 RSI: ffffffff83289aa5 RDI: ffff8800b43f542c [ 56.591042] RBP: ffff8801db207c08 R08: 0000000da7486e93 R09: 0000000000000006 [ 56.598283] R10: ffffed0043fffa01 R11: 0000000000000001 R12: 000000004a399f41 [ 56.605525] R13: 0000000049f9a981 R14: ffff8800b43f5400 R15: ffff8800acc91500 [ 56.612768] FS: 0000000000000000(0000) GS:ffff8801db200000(0063) knlGS:000000000934e900 [ 56.620966] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 56.626820] CR2: 0000000020000000 CR3: 00000000b37d8000 CR4: 0000000000160670 [ 56.634065] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 56.641307] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 56.648652] Stack: [ 56.650772] 0000000da7486e93 ffffffffffffffff 0000000da775b076 ffff8800acc91500 [ 56.658747] 0000000000000004 0000000049faa958 dffffc0000000000 ffff8800acc91744 [ 56.666723] ffff8801db207bc8 ffffffff833a7e1e ffff8800acc91500 ffffffff833a7a00 [ 56.674703] Call Trace: [ 56.677255] [ 56.679294] [] ? bictcp_state+0x41e/0x4f0 [ 56.685357] [] ? bictcp_acked+0x880/0x880 [ 56.691125] [] ? tcp_enter_loss+0xbbe/0x10b0 [ 56.697164] [] tcp_retransmit_skb+0x23/0x2c0 [ 56.703201] [] tcp_retransmit_timer+0x7bd/0x1ed0 [ 56.709578] [] ? tcp_write_timer+0x20/0xd0 [ 56.715436] [] tcp_write_timer_handler+0x1f1/0x6f0 [ 56.721985] [] tcp_write_timer+0xba/0xd0 [ 56.727670] [] call_timer_fn+0x18c/0x870 [ 56.733351] [] ? call_timer_fn+0xda/0x870 [ 56.739126] [] ? tcp_write_timer_handler+0x6f0/0x6f0 [ 56.745874] [] ? process_timeout+0x20/0x20 [ 56.751734] [] ? mark_held_locks+0xc7/0x130 [ 56.757688] [] ? _raw_spin_unlock_irq+0x27/0x50 [ 56.763982] [] ? trace_hardirqs_on_caller+0x266/0x590 [ 56.770803] [] run_timer_softirq+0x642/0xb90 [ 56.776833] [] ? tcp_write_timer_handler+0x6f0/0x6f0 [ 56.783557] [] ? call_timer_fn+0x870/0x870 [ 56.789414] [] __do_softirq+0x22c/0xa1a [ 56.795020] [] irq_exit+0x10d/0x140 [ 56.800279] [] smp_apic_timer_interrupt+0x81/0xa0 [ 56.806744] [] apic_timer_interrupt+0xa0/0xb0 [ 56.812856] [ 56.814892] [] ? memset_erms+0x9/0x10 [ 56.820603] [] ? kasan_unpoison_shadow+0x35/0x50 [ 56.826984] [] kasan_alloc_pages+0x38/0x40 [ 56.832851] [] get_page_from_freelist+0x95b/0x1a60 [ 56.839402] [] __alloc_pages_nodemask+0x2ce/0x1660 [ 56.845955] [] ? __alloc_pages_direct_compact+0x240/0x240 [ 56.853114] [] ? __lock_is_held+0xa2/0xf0 [ 56.858890] [] ? __khugepaged_enter+0xa9/0x290 [ 56.865098] [] ? _raw_spin_unlock+0x2c/0x50 [ 56.871039] [] do_huge_pmd_anonymous_page+0x1b4/0x9d0 [ 56.877849] [] handle_mm_fault+0x27b2/0x2ff0 [ 56.883880] [] ? __might_fault+0x92/0x1d0 [ 56.889649] [] ? vm_insert_mixed+0x140/0x140 [ 56.895679] [] ? vmacache_find+0x57/0x290 [ 56.901447] [] ? vmacache_update+0xfe/0x130 [ 56.907390] [] __do_page_fault+0x360/0xa10 [ 56.913245] [] do_page_fault+0x27/0x30 [ 56.918775] [] page_fault+0x28/0x30 [ 56.924022] Code: f4 26 fe e9 aa ed ff ff e8 09 f4 26 fe e9 4f f5 ff ff e8 ff f3 26 fe e9 6b f5 ff ff e8 15 f4 26 fe e9 d3 ef ff ff e8 1b 77 0c fe <0f> 0b 4c 89 f7 e8 01 f4 26 fe e9 d9 ec ff ff e8 77 f4 26 fe e9 [ 56.950730] RIP [] __tcp_retransmit_skb+0x17e5/0x1860 [ 56.957668] RSP [ 56.961307] ---[ end trace 8c5b47ced55a2d08 ]--- [ 56.966142] Kernel panic - not syncing: Fatal exception in interrupt [ 56.973086] Dumping ftrace buffer: [ 56.976601] (ftrace buffer empty) [ 56.980283] Kernel Offset: disabled [ 56.983881] Rebooting in 86400 seconds..