[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 22.685922] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 27.710116] random: sshd: uninitialized urandom read (32 bytes read) [ 28.082819] random: sshd: uninitialized urandom read (32 bytes read) [ 28.613072] random: sshd: uninitialized urandom read (32 bytes read) [ 31.942390] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.23' (ECDSA) to the list of known hosts. [ 37.674097] random: sshd: uninitialized urandom read (32 bytes read) [ 37.776106] IPVS: ftp: loaded support on port[0] = 21 [ 37.914952] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.921418] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.929449] device bridge_slave_0 entered promiscuous mode [ 37.947202] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.953610] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.960968] device bridge_slave_1 entered promiscuous mode [ 37.977119] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 37.994076] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 38.038827] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 38.057899] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 38.125840] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 38.133157] team0: Port device team_slave_0 added [ 38.149159] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 38.156461] team0: Port device team_slave_1 added [ 38.171835] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 38.190619] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 38.209766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 38.228116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 38.360323] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.366814] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.373770] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.380148] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 38.836323] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 38.842465] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.874766] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 38.894129] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 38.941702] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 38.948010] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 38.955815] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 38.999026] 8021q: adding VLAN 0 to HW filter on device team0 executing program [ 39.281247] BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:425/tfrc_rx_hist_sample_rtt() [ 39.294710] CPU: 1 PID: 4911 Comm: syz-executor773 Not tainted 4.19.0-rc1-next-20180831+ #53 [ 39.303287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.312643] Call Trace: [ 39.315210] [ 39.317351] dump_stack+0x1c9/0x2b4 [ 39.320967] ? dump_stack_print_info.cold.2+0x52/0x52 [ 39.326159] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 39.331708] ? tfrc_rx_handle_loss+0x67c/0x1eb0 [ 39.336375] ? rcu_is_watching+0x8c/0x150 [ 39.340529] tfrc_rx_hist_sample_rtt.cold.3+0x54/0x5c [ 39.345717] ccid3_hc_rx_packet_recv+0x5c4/0xeb0 [ 39.350463] ? dccp_parse_options+0x493/0x11f0 [ 39.355039] ? ccid3_hc_tx_send_packet+0x880/0x880 [ 39.359960] dccp_deliver_input_to_ccids+0xf0/0x280 [ 39.364985] dccp_rcv_established+0x87/0xb0 [ 39.369308] dccp_v4_do_rcv+0x153/0x180 [ 39.373298] __sk_receive_skb+0x3e5/0xec0 [ 39.377450] ? sk_free+0x50/0x50 [ 39.380831] ? inet_lhash2_lookup+0x6e0/0x6e0 [ 39.385324] ? reqsk_fastopen_remove+0x680/0x680 [ 39.390072] ? lock_downgrade+0x8f0/0x8f0 [ 39.394236] ? dccp_invalid_packet+0x64/0x890 [ 39.398730] dccp_v4_rcv+0x10f9/0x1f58 [ 39.402629] ? dccp_v4_err+0x1860/0x1860 [ 39.406681] ? __lock_is_held+0xb5/0x140 [ 39.410735] ip_local_deliver_finish+0x2eb/0xda0 [ 39.415481] ? ip_sublist_rcv_finish+0x3e0/0x3e0 [ 39.420228] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 39.425244] ? nf_hook_slow+0x11e/0x1c0 [ 39.429228] ip_local_deliver+0x1e9/0x750 [ 39.433372] ? ip_call_ra_chain+0x730/0x730 [ 39.437686] ? ip_sublist_rcv_finish+0x3e0/0x3e0 [ 39.442441] ? kasan_check_read+0x11/0x20 [ 39.446577] ? rcu_is_watching+0x8c/0x150 [ 39.450713] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 39.455374] ip_rcv_finish+0x1f9/0x300 [ 39.459254] ip_rcv+0xed/0x610 [ 39.462448] ? ip_local_deliver+0x750/0x750 [ 39.466759] ? ip_rcv_finish_core.isra.16+0x1f10/0x1f10 [ 39.472113] ? lock_acquire+0x1e4/0x4f0 [ 39.476087] __netif_receive_skb_one_core+0x14d/0x200 [ 39.481292] ? __netif_receive_skb_core+0x39f0/0x39f0 [ 39.486478] ? net_rx_action+0x799/0x1900 [ 39.490616] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 39.495292] __netif_receive_skb+0x2c/0x1e0 [ 39.499606] process_backlog+0x219/0x760 [ 39.503658] net_rx_action+0x799/0x1900 [ 39.507625] ? napi_complete_done+0x6d0/0x6d0 [ 39.512107] ? update_blocked_averages+0x1011/0x1d10 [ 39.517194] ? rcu_is_watching+0x8c/0x150 [ 39.521337] ? find_held_lock+0x36/0x1c0 [ 39.525390] ? lock_downgrade+0x8f0/0x8f0 [ 39.529530] ? kasan_check_read+0x11/0x20 [ 39.533667] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 39.538329] ? rebalance_domains+0x379/0xd90 [ 39.542739] ? load_balance+0x3640/0x3640 [ 39.546875] ? print_usage_bug+0xc0/0xc0 [ 39.550937] ? irq_exit+0x1d6/0x210 [ 39.554550] ? trace_hardirqs_on+0x2c0/0x2c0 [ 39.558974] ? __local_bh_enable+0xef/0x130 [ 39.563294] ? __do_softirq+0x74d/0xa74 [ 39.567262] ? graph_lock+0x170/0x170 [ 39.571065] ? mark_held_locks+0xc9/0x160 [ 39.575201] ? scheduler_ipi+0x1a8/0xa50 [ 39.579254] ? __do_softirq+0x278/0xa74 [ 39.583235] ? __lock_is_held+0xb5/0x140 [ 39.587309] __do_softirq+0x2eb/0xa74 [ 39.591109] ? __irqentry_text_end+0x1f9f00/0x1f9f00 [ 39.596202] ? smp_reschedule_interrupt+0xfd/0x5e0 [ 39.601116] ? smp_thermal_interrupt+0x710/0x710 [ 39.605864] ? ret_from_intr+0xb/0x1e [ 39.609660] ? trace_hardirqs_off_caller+0xbb/0x2b0 [ 39.614664] ? trace_hardirqs_off+0xb8/0x2b0 [ 39.619069] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 39.623906] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 39.628915] ? task_prio+0x50/0x50 [ 39.632447] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 39.637294] do_softirq_own_stack+0x2a/0x40 [ 39.641603] [ 39.643829] do_softirq.part.18+0x157/0x1a0 [ 39.648139] ? ip_finish_output2+0xa87/0x1860 [ 39.652621] __local_bh_enable_ip+0x1ee/0x230 [ 39.657113] ip_finish_output2+0xaba/0x1860 [ 39.661435] ? ip_copy_metadata+0xe20/0xe20 [ 39.665753] ? graph_lock+0x170/0x170 [ 39.669546] ? nf_ct_deliver_cached_events+0x293/0x7e0 [ 39.674812] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 39.680337] ? ipv4_mtu+0x37d/0x590 [ 39.683955] ? __lock_is_held+0xb5/0x140 [ 39.688010] ip_finish_output+0x841/0xfa0 [ 39.692144] ? ip_finish_output+0x841/0xfa0 [ 39.696458] ? ip_fragment.constprop.49+0x240/0x240 [ 39.701467] ? kasan_check_read+0x11/0x20 [ 39.705618] ? rcu_is_watching+0x8c/0x150 [ 39.709757] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 39.714424] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 39.719438] ? nf_hook_slow+0x11e/0x1c0 [ 39.723410] ip_output+0x223/0x880 [ 39.726946] ? __ip_local_out+0x5e3/0xb50 [ 39.731088] ? ip_mc_output+0x15d0/0x15d0 [ 39.735225] ? ip_fragment.constprop.49+0x240/0x240 [ 39.740234] ? __lock_is_held+0xb5/0x140 [ 39.744307] ip_local_out+0xc5/0x1b0 [ 39.748015] __ip_queue_xmit+0x9b6/0x1f20 [ 39.752158] ? ip_build_and_send_pkt+0xc80/0xc80 [ 39.756916] ? __skb_checksum+0x8f0/0x8f0 [ 39.761053] ? skb_send_sock+0x50/0x50 [ 39.764929] ? reqsk_fastopen_remove+0x680/0x680 [ 39.769676] ? dccp_insert_option_padding+0xbc/0xe0 [ 39.774688] ip_queue_xmit+0x56/0x70 [ 39.778393] dccp_transmit_skb+0x999/0x12e0 [ 39.782726] dccp_xmit_packet+0x25e/0x7d0 [ 39.786875] ? kasan_check_write+0x14/0x20 [ 39.791106] ? do_raw_spin_lock+0xc1/0x200 [ 39.795332] ? dccp_send_sync+0x270/0x270 [ 39.799472] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 39.804478] ? ccid3_hc_tx_send_packet+0x35a/0x880 [ 39.809433] dccp_write_xmit+0x190/0x1f0 [ 39.813499] dccp_sendmsg+0xd32/0xf90 [ 39.817340] ? dccp_getsockopt+0xf0/0xf0 [ 39.821396] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 39.826322] ? aa_sk_perm+0x20c/0x8a0 [ 39.830110] ? import_iovec+0x269/0x470 [ 39.834072] ? aa_af_perm+0x5a0/0x5a0 [ 39.837901] inet_sendmsg+0x1a1/0x690 [ 39.841701] ? ipip_gro_receive+0x100/0x100 [ 39.846039] ? apparmor_socket_sendmsg+0x29/0x30 [ 39.850785] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 39.856320] ? security_socket_sendmsg+0x94/0xc0 [ 39.861069] ? ipip_gro_receive+0x100/0x100 [ 39.865386] sock_sendmsg+0xd5/0x120 [ 39.869098] ___sys_sendmsg+0x7fd/0x930 [ 39.873063] ? copy_msghdr_from_user+0x580/0x580 [ 39.877814] ? _raw_spin_unlock_bh+0x30/0x40 [ 39.882236] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 39.887336] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 39.891915] ? __fget_light+0x2f7/0x440 [ 39.895887] ? fget_raw+0x20/0x20 [ 39.899333] ? release_sock+0x1ec/0x2c0 [ 39.903302] ? kasan_check_write+0x14/0x20 [ 39.907542] ? __release_sock+0x3a0/0x3a0 [ 39.911678] ? __local_bh_enable_ip+0x161/0x230 [ 39.916343] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 39.921867] ? sockfd_lookup_light+0xc5/0x160 [ 39.926374] __sys_sendmsg+0x11d/0x290 [ 39.930278] ? __ia32_sys_shutdown+0x80/0x80 [ 39.934686] ? __x64_sys_futex+0x47f/0x6a0 [ 39.938913] ? do_syscall_64+0x9a/0x820 [ 39.942874] ? do_syscall_64+0x9a/0x820 [ 39.946848] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 39.951940] ? trace_hardirqs_off+0xb8/0x2b0 [ 39.956336] __x64_sys_sendmsg+0x78/0xb0 [ 39.960389] do_syscall_64+0x1b9/0x820 [ 39.964289] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 39.969664] ? syscall_return_slowpath+0x5e0/0x5e0 [ 39.974582] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 39.979591] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 39.984595] ? recalc_sigpending_tsk+0x180/0x180 [ 39.989341] ? kasan_check_write+0x14/0x20 [ 39.993583] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 39.998424] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.003599] RIP: 0033:0x446e29 [ 40.006781] Code: e8 cc b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 40.025681] RSP: 002b:00007fd6ccea6da8 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 40.033416] RAX: ffffffffffffffda RBX: 00000000006dcc58 RCX: 0000000000446e29 [ 40.040697] RDX: 0000000000000800 RSI: 00000000200004c0 RDI: 0000000000000005 [ 40.047960] RBP: 00000000006dcc50 R08: 0000000000000000 R09: 0000000000000000 [ 40.055221] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dcc5c [ 40.063014] R13: 00000000004af520 R14: 0000000020000780 R15: 0000000000000001 [