./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4018403830

<...>
DUID 00:04:f2:7f:36:b6:03:80:f9:c3:71:03:f9:5e:f9:cf:ad:4a
forked to background, child pid 4648
[   50.650436][ T4649] 8021q: adding VLAN 0 to HW filter on device bond0
[   50.660837][ T4649] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.185' (ECDSA) to the list of known hosts.
execve("./syz-executor4018403830", ["./syz-executor4018403830"], 0x7ffccb54eae0 /* 10 vars */) = 0
brk(NULL)                               = 0x555556276000
brk(0x555556276c40)                     = 0x555556276c40
arch_prctl(ARCH_SET_FS, 0x555556276300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor4018403830", 4096) = 28
brk(0x555556297c40)                     = 0x555556297c40
brk(0x555556298000)                     = 0x555556298000
mprotect(0x7fb78f36c000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5084 attached
, child_tidptr=0x5555562765d0) = 5084
[pid  5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5084] setpgid(0, 0)               = 0
[pid  5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5084] write(3, "1000", 4)         = 4
[pid  5084] close(3)                    = 0
[pid  5084] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid  5084] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid  5084] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid  5084] listen(3, 6)                = 0
[pid  5084] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid  5084] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid  5084] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5084] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
syzkaller login: [   76.771950][ T5084] dccp_xmit_packet: Payload too large (65475) for featneg.
[pid  5084] exit_group(0)               = ?
[pid  5084] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5085 attached
, child_tidptr=0x5555562765d0) = 5085
[pid  5085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5085] setpgid(0, 0)               = 0
[pid  5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5085] write(3, "1000", 4)         = 4
[pid  5085] close(3)                    = 0
[pid  5085] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid  5085] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid  5085] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid  5085] listen(3, 6)                = 0
[pid  5085] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid  5085] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid  5085] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   76.852200][ T5085] dccp_xmit_packet: Payload too large (65475) for featneg.
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   76.922956][ T5085] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   76.934619][ T5085] CPU: 0 PID: 5085 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   76.945060][ T5085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   76.955143][ T5085] Call Trace:
[   76.958426][ T5085]  <TASK>
[   76.961374][ T5085]  dump_stack_lvl+0xd1/0x138
[   76.966027][ T5085]  ccid3_update_send_interval.cold+0x87/0x93
[   76.972052][ T5085]  ccid3_hc_tx_packet_sent+0x132/0x160
[   76.977556][ T5085]  ? ccid3_update_send_interval+0x120/0x120
[   76.983507][ T5085]  dccp_xmit_packet+0x2f2/0x750
[   76.988387][ T5085]  dccp_write_xmit+0x171/0x1d0
[   76.993182][ T5085]  dccp_sendmsg+0xaee/0xd30
[   76.997723][ T5085]  ? dccp_done+0x100/0x100
[   77.002165][ T5085]  ? aa_af_perm+0x240/0x240
[   77.006701][ T5085]  ? __import_iovec+0x1fb/0x610
[   77.011587][ T5085]  inet_sendmsg+0x9d/0xe0
[   77.015942][ T5085]  ? inet_send_prepare+0x4e0/0x4e0
[   77.021080][ T5085]  sock_sendmsg+0xd3/0x120
[   77.025524][ T5085]  ____sys_sendmsg+0x712/0x8c0
[   77.030315][ T5085]  ? copy_msghdr_from_user+0xfc/0x150
[   77.035736][ T5085]  ? kernel_sendmsg+0x50/0x50
[   77.040454][ T5085]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   77.046479][ T5085]  ___sys_sendmsg+0x110/0x1b0
[   77.051187][ T5085]  ? do_recvmmsg+0x6e0/0x6e0
[   77.055828][ T5085]  ? lock_release+0x810/0x810
[   77.060543][ T5085]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   77.065766][ T5085]  ? do_raw_spin_lock+0x124/0x2b0
[   77.070814][ T5085]  ? rwlock_bug.part.0+0x90/0x90
[   77.075778][ T5085]  ? _raw_spin_lock_irq+0x45/0x50
[   77.080834][ T5085]  ? __fget_light+0x20a/0x270
[   77.085549][ T5085]  __sys_sendmsg+0xf7/0x1c0
[   77.090101][ T5085]  ? __sys_sendmsg_sock+0x40/0x40
[   77.095173][ T5085]  ? lock_downgrade+0x6e0/0x6e0
[   77.100080][ T5085]  ? lockdep_hardirqs_on+0x7d/0x100
[   77.105326][ T5085]  ? _raw_spin_unlock_irq+0x2e/0x50
[   77.110577][ T5085]  ? ptrace_notify+0xfe/0x140
[   77.115284][ T5085]  do_syscall_64+0x39/0xb0
[   77.119729][ T5085]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   77.125643][ T5085] RIP: 0033:0x7fb78f2feeb9
[   77.130097][ T5085] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   77.149821][ T5085] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.158268][ T5085] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fb78f2feeb9
[   77.166280][ T5085] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   77.174297][ T5085] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   77.182289][ T5085] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   77.190286][ T5085] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   77.198296][ T5085]  </TASK>
[   77.202356][ T5085] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   77.213655][ T5085] CPU: 0 PID: 5085 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   77.224116][ T5085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   77.234200][ T5085] Call Trace:
[   77.237499][ T5085]  <TASK>
[   77.240457][ T5085]  dump_stack_lvl+0xd1/0x138
[   77.245074][ T5085]  ccid3_update_send_interval.cold+0x87/0x93
[   77.251129][ T5085]  ccid3_hc_tx_packet_sent+0x132/0x160
[   77.256663][ T5085]  ? ccid3_update_send_interval+0x120/0x120
[   77.262613][ T5085]  dccp_xmit_packet+0x2f2/0x750
[   77.267496][ T5085]  dccp_write_xmit+0x171/0x1d0
[   77.272300][ T5085]  dccp_sendmsg+0xaee/0xd30
[   77.276871][ T5085]  ? dccp_done+0x100/0x100
[   77.281351][ T5085]  ? aa_af_perm+0x240/0x240
[   77.285882][ T5085]  ? __import_iovec+0x1fb/0x610
[   77.290763][ T5085]  inet_sendmsg+0x9d/0xe0
[   77.295112][ T5085]  ? inet_send_prepare+0x4e0/0x4e0
[   77.300282][ T5085]  sock_sendmsg+0xd3/0x120
[   77.304721][ T5085]  ____sys_sendmsg+0x712/0x8c0
[   77.309537][ T5085]  ? copy_msghdr_from_user+0xfc/0x150
[   77.314952][ T5085]  ? kernel_sendmsg+0x50/0x50
[   77.319663][ T5085]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   77.325695][ T5085]  ___sys_sendmsg+0x110/0x1b0
[   77.330419][ T5085]  ? do_recvmmsg+0x6e0/0x6e0
[   77.335063][ T5085]  ? lock_release+0x810/0x810
[   77.339782][ T5085]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   77.345022][ T5085]  ? do_raw_spin_lock+0x124/0x2b0
[   77.350072][ T5085]  ? rwlock_bug.part.0+0x90/0x90
[   77.355053][ T5085]  ? _raw_spin_lock_irq+0x45/0x50
[   77.360152][ T5085]  ? __fget_light+0x20a/0x270
[   77.364878][ T5085]  __sys_sendmsg+0xf7/0x1c0
[   77.369420][ T5085]  ? __sys_sendmsg_sock+0x40/0x40
[   77.374480][ T5085]  ? lock_downgrade+0x6e0/0x6e0
[   77.379390][ T5085]  ? lockdep_hardirqs_on+0x7d/0x100
[   77.384605][ T5085]  ? _raw_spin_unlock_irq+0x2e/0x50
[   77.389833][ T5085]  ? ptrace_notify+0xfe/0x140
[   77.394541][ T5085]  do_syscall_64+0x39/0xb0
[   77.398992][ T5085]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   77.404909][ T5085] RIP: 0033:0x7fb78f2feeb9
[   77.409346][ T5085] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   77.428980][ T5085] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.437412][ T5085] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb78f2feeb9
[   77.445418][ T5085] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   77.453410][ T5085] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   77.461415][ T5085] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   77.469406][ T5085] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   77.477414][ T5085]  </TASK>
[   77.481879][ T5085] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   77.493129][ T5085] CPU: 0 PID: 5085 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   77.503593][ T5085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   77.513680][ T5085] Call Trace:
[   77.516980][ T5085]  <TASK>
[   77.519953][ T5085]  dump_stack_lvl+0xd1/0x138
[   77.524606][ T5085]  ccid3_update_send_interval.cold+0x87/0x93
[   77.530632][ T5085]  ccid3_hc_tx_packet_sent+0x132/0x160
[   77.536130][ T5085]  ? ccid3_update_send_interval+0x120/0x120
[   77.542084][ T5085]  dccp_xmit_packet+0x2f2/0x750
[   77.547002][ T5085]  dccp_write_xmit+0x171/0x1d0
[   77.551813][ T5085]  dccp_sendmsg+0xaee/0xd30
[   77.556347][ T5085]  ? dccp_done+0x100/0x100
[   77.560828][ T5085]  ? aa_af_perm+0x240/0x240
[   77.565376][ T5085]  ? __import_iovec+0x1fb/0x610
[   77.570280][ T5085]  inet_sendmsg+0x9d/0xe0
[   77.574626][ T5085]  ? inet_send_prepare+0x4e0/0x4e0
[   77.579760][ T5085]  sock_sendmsg+0xd3/0x120
[   77.584226][ T5085]  ____sys_sendmsg+0x712/0x8c0
[   77.589029][ T5085]  ? copy_msghdr_from_user+0xfc/0x150
[   77.594435][ T5085]  ? kernel_sendmsg+0x50/0x50
[   77.599163][ T5085]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   77.605178][ T5085]  ___sys_sendmsg+0x110/0x1b0
[   77.609880][ T5085]  ? do_recvmmsg+0x6e0/0x6e0
[   77.614521][ T5085]  ? lock_release+0x810/0x810
[   77.619242][ T5085]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   77.624472][ T5085]  ? do_raw_spin_lock+0x124/0x2b0
[   77.629542][ T5085]  ? rwlock_bug.part.0+0x90/0x90
[   77.634541][ T5085]  ? _raw_spin_lock_irq+0x45/0x50
[   77.639595][ T5085]  ? __fget_light+0x20a/0x270
[   77.644331][ T5085]  __sys_sendmsg+0xf7/0x1c0
[   77.648899][ T5085]  ? __sys_sendmsg_sock+0x40/0x40
[   77.653962][ T5085]  ? lock_downgrade+0x6e0/0x6e0
[   77.658955][ T5085]  ? lockdep_hardirqs_on+0x7d/0x100
[   77.664212][ T5085]  ? _raw_spin_unlock_irq+0x2e/0x50
[   77.669445][ T5085]  ? ptrace_notify+0xfe/0x140
[   77.674167][ T5085]  do_syscall_64+0x39/0xb0
[   77.678616][ T5085]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   77.684537][ T5085] RIP: 0033:0x7fb78f2feeb9
[   77.688967][ T5085] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   77.708592][ T5085] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.717027][ T5085] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fb78f2feeb9
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   77.725041][ T5085] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   77.733052][ T5085] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   77.741081][ T5085] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   77.749076][ T5085] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   77.757093][ T5085]  </TASK>
[   77.765746][ T5085] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   77.777018][ T5085] CPU: 0 PID: 5085 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   77.787468][ T5085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   77.797531][ T5085] Call Trace:
[   77.800825][ T5085]  <TASK>
[   77.803764][ T5085]  dump_stack_lvl+0xd1/0x138
[   77.808398][ T5085]  ccid3_update_send_interval.cold+0x87/0x93
[   77.814423][ T5085]  ccid3_hc_tx_packet_sent+0x132/0x160
[   77.819897][ T5085]  ? ccid3_update_send_interval+0x120/0x120
[   77.825820][ T5085]  dccp_xmit_packet+0x2f2/0x750
[   77.830692][ T5085]  dccp_write_xmit+0x171/0x1d0
[   77.835478][ T5085]  dccp_sendmsg+0xaee/0xd30
[   77.840002][ T5085]  ? dccp_done+0x100/0x100
[   77.844447][ T5085]  ? aa_af_perm+0x240/0x240
[   77.848991][ T5085]  ? __import_iovec+0x1fb/0x610
[   77.853866][ T5085]  inet_sendmsg+0x9d/0xe0
[   77.858207][ T5085]  ? inet_send_prepare+0x4e0/0x4e0
[   77.863329][ T5085]  sock_sendmsg+0xd3/0x120
[   77.867774][ T5085]  ____sys_sendmsg+0x712/0x8c0
[   77.872561][ T5085]  ? copy_msghdr_from_user+0xfc/0x150
[   77.877964][ T5085]  ? kernel_sendmsg+0x50/0x50
[   77.882675][ T5085]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   77.888708][ T5085]  ___sys_sendmsg+0x110/0x1b0
[   77.893405][ T5085]  ? do_recvmmsg+0x6e0/0x6e0
[   77.898037][ T5085]  ? lock_release+0x810/0x810
[   77.902732][ T5085]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   77.907935][ T5085]  ? do_raw_spin_lock+0x124/0x2b0
[   77.912978][ T5085]  ? rwlock_bug.part.0+0x90/0x90
[   77.917918][ T5085]  ? _raw_spin_lock_irq+0x45/0x50
[   77.922961][ T5085]  ? __fget_light+0x20a/0x270
[   77.927653][ T5085]  __sys_sendmsg+0xf7/0x1c0
[   77.932170][ T5085]  ? __sys_sendmsg_sock+0x40/0x40
[   77.937223][ T5085]  ? lock_downgrade+0x6e0/0x6e0
[   77.942112][ T5085]  ? lockdep_hardirqs_on+0x7d/0x100
[   77.947321][ T5085]  ? _raw_spin_unlock_irq+0x2e/0x50
[   77.952545][ T5085]  ? ptrace_notify+0xfe/0x140
[   77.957245][ T5085]  do_syscall_64+0x39/0xb0
[   77.961714][ T5085]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   77.967623][ T5085] RIP: 0033:0x7fb78f2feeb9
[   77.972059][ T5085] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   77.991678][ T5085] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.000127][ T5085] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fb78f2feeb9
[   78.008128][ T5085] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   78.016140][ T5085] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   78.024125][ T5085] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   78.032118][ T5085] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   78.040125][ T5085]  </TASK>
[   78.049516][ T5085] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   78.060743][ T5085] CPU: 0 PID: 5085 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   78.071214][ T5085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   78.081330][ T5085] Call Trace:
[   78.084654][ T5085]  <TASK>
[   78.087607][ T5085]  dump_stack_lvl+0xd1/0x138
[   78.092225][ T5085]  ccid3_update_send_interval.cold+0x87/0x93
[   78.098244][ T5085]  ccid3_hc_tx_packet_sent+0x132/0x160
[   78.103747][ T5085]  ? ccid3_update_send_interval+0x120/0x120
[   78.109693][ T5085]  dccp_xmit_packet+0x2f2/0x750
[   78.114586][ T5085]  dccp_write_xmit+0x171/0x1d0
[   78.119384][ T5085]  dccp_sendmsg+0xaee/0xd30
[   78.123919][ T5085]  ? dccp_done+0x100/0x100
[   78.128377][ T5085]  ? aa_af_perm+0x240/0x240
[   78.132942][ T5085]  ? __import_iovec+0x1fb/0x610
[   78.137846][ T5085]  inet_sendmsg+0x9d/0xe0
[   78.142192][ T5085]  ? inet_send_prepare+0x4e0/0x4e0
[   78.147344][ T5085]  sock_sendmsg+0xd3/0x120
[   78.151817][ T5085]  ____sys_sendmsg+0x712/0x8c0
[   78.156643][ T5085]  ? copy_msghdr_from_user+0xfc/0x150
[   78.162076][ T5085]  ? kernel_sendmsg+0x50/0x50
[   78.166812][ T5085]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   78.172883][ T5085]  ___sys_sendmsg+0x110/0x1b0
[   78.177633][ T5085]  ? do_recvmmsg+0x6e0/0x6e0
[   78.182342][ T5085]  ? lock_release+0x810/0x810
[   78.187055][ T5085]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   78.192291][ T5085]  ? do_raw_spin_lock+0x124/0x2b0
[   78.197384][ T5085]  ? rwlock_bug.part.0+0x90/0x90
[   78.202342][ T5085]  ? _raw_spin_lock_irq+0x45/0x50
[   78.207414][ T5085]  ? __fget_light+0x20a/0x270
[   78.212127][ T5085]  __sys_sendmsg+0xf7/0x1c0
[   78.216697][ T5085]  ? __sys_sendmsg_sock+0x40/0x40
[   78.221758][ T5085]  ? lock_downgrade+0x6e0/0x6e0
[   78.226693][ T5085]  ? lockdep_hardirqs_on+0x7d/0x100
[   78.231922][ T5085]  ? _raw_spin_unlock_irq+0x2e/0x50
[   78.237162][ T5085]  ? ptrace_notify+0xfe/0x140
[   78.241879][ T5085]  do_syscall_64+0x39/0xb0
[   78.246326][ T5085]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   78.252240][ T5085] RIP: 0033:0x7fb78f2feeb9
[   78.256674][ T5085] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[pid  5085] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5085] exit_group(0)               = ?
[pid  5085] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5086 attached
, child_tidptr=0x5555562765d0) = 5086
[pid  5086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5086] setpgid(0, 0)               = 0
[pid  5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5086] write(3, "1000", 4)         = 4
[pid  5086] close(3)                    = 0
[pid  5086] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid  5086] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid  5086] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid  5086] listen(3, 6)                = 0
[pid  5086] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid  5086] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[   78.276324][ T5085] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.284774][ T5085] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fb78f2feeb9
[   78.292766][ T5085] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   78.300762][ T5085] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   78.308777][ T5085] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   78.316776][ T5085] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   78.324797][ T5085]  </TASK>
[pid  5086] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   78.347662][ T5086] dccp_xmit_packet: Payload too large (65475) for featneg.
[   78.398227][ T5086] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   78.409513][ T5086] CPU: 0 PID: 5086 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   78.419945][ T5086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   78.430013][ T5086] Call Trace:
[   78.433300][ T5086]  <TASK>
[   78.436244][ T5086]  dump_stack_lvl+0xd1/0x138
[   78.440864][ T5086]  ccid3_update_send_interval.cold+0x87/0x93
[   78.446882][ T5086]  ccid3_hc_tx_packet_sent+0x132/0x160
[   78.452380][ T5086]  ? ccid3_update_send_interval+0x120/0x120
[   78.458301][ T5086]  dccp_xmit_packet+0x2f2/0x750
[   78.463188][ T5086]  dccp_write_xmit+0x171/0x1d0
[   78.467998][ T5086]  dccp_sendmsg+0xaee/0xd30
[   78.472532][ T5086]  ? dccp_done+0x100/0x100
[   78.476984][ T5086]  ? aa_af_perm+0x240/0x240
[   78.481516][ T5086]  ? __import_iovec+0x1fb/0x610
[   78.486404][ T5086]  inet_sendmsg+0x9d/0xe0
[   78.490751][ T5086]  ? inet_send_prepare+0x4e0/0x4e0
[   78.495879][ T5086]  sock_sendmsg+0xd3/0x120
[   78.500317][ T5086]  ____sys_sendmsg+0x712/0x8c0
[   78.505103][ T5086]  ? copy_msghdr_from_user+0xfc/0x150
[   78.510501][ T5086]  ? kernel_sendmsg+0x50/0x50
[   78.515232][ T5086]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   78.521251][ T5086]  ___sys_sendmsg+0x110/0x1b0
[   78.526007][ T5086]  ? do_recvmmsg+0x6e0/0x6e0
[   78.530668][ T5086]  ? lock_release+0x810/0x810
[   78.535375][ T5086]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   78.540601][ T5086]  ? do_raw_spin_lock+0x124/0x2b0
[   78.545677][ T5086]  ? rwlock_bug.part.0+0x90/0x90
[   78.550643][ T5086]  ? _raw_spin_lock_irq+0x45/0x50
[   78.555718][ T5086]  ? __fget_light+0x20a/0x270
[   78.560427][ T5086]  __sys_sendmsg+0xf7/0x1c0
[   78.564957][ T5086]  ? __sys_sendmsg_sock+0x40/0x40
[   78.570018][ T5086]  ? lock_downgrade+0x6e0/0x6e0
[   78.574934][ T5086]  ? lockdep_hardirqs_on+0x7d/0x100
[   78.580168][ T5086]  ? _raw_spin_unlock_irq+0x2e/0x50
[   78.585430][ T5086]  ? ptrace_notify+0xfe/0x140
[   78.590146][ T5086]  do_syscall_64+0x39/0xb0
[   78.594590][ T5086]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   78.600526][ T5086] RIP: 0033:0x7fb78f2feeb9
[   78.604984][ T5086] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   78.624632][ T5086] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.633077][ T5086] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fb78f2feeb9
[   78.641080][ T5086] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   78.649075][ T5086] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   78.657074][ T5086] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   78.665068][ T5086] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   78.673082][ T5086]  </TASK>
[   78.681791][ T5086] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   78.693299][ T5086] CPU: 1 PID: 5086 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   78.703725][ T5086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   78.713789][ T5086] Call Trace:
[   78.717072][ T5086]  <TASK>
[   78.720013][ T5086]  dump_stack_lvl+0xd1/0x138
[   78.724623][ T5086]  ccid3_update_send_interval.cold+0x87/0x93
[   78.730631][ T5086]  ccid3_hc_tx_packet_sent+0x132/0x160
[   78.736116][ T5086]  ? ccid3_update_send_interval+0x120/0x120
[   78.742033][ T5086]  dccp_xmit_packet+0x2f2/0x750
[   78.746924][ T5086]  dccp_write_xmit+0x171/0x1d0
[   78.751705][ T5086]  dccp_sendmsg+0xaee/0xd30
[   78.756248][ T5086]  ? dccp_done+0x100/0x100
[   78.760684][ T5086]  ? aa_af_perm+0x240/0x240
[   78.765213][ T5086]  ? __import_iovec+0x1fb/0x610
[   78.770109][ T5086]  inet_sendmsg+0x9d/0xe0
[   78.774462][ T5086]  ? inet_send_prepare+0x4e0/0x4e0
[   78.779584][ T5086]  sock_sendmsg+0xd3/0x120
[   78.784019][ T5086]  ____sys_sendmsg+0x712/0x8c0
[   78.788798][ T5086]  ? copy_msghdr_from_user+0xfc/0x150
[   78.794209][ T5086]  ? kernel_sendmsg+0x50/0x50
[   78.798914][ T5086]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   78.804924][ T5086]  ___sys_sendmsg+0x110/0x1b0
[   78.809638][ T5086]  ? do_recvmmsg+0x6e0/0x6e0
[   78.814264][ T5086]  ? lock_release+0x810/0x810
[   78.819046][ T5086]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   78.824254][ T5086]  ? do_raw_spin_lock+0x124/0x2b0
[   78.829293][ T5086]  ? rwlock_bug.part.0+0x90/0x90
[   78.834258][ T5086]  ? _raw_spin_lock_irq+0x45/0x50
[   78.839306][ T5086]  ? __fget_light+0x20a/0x270
[   78.844027][ T5086]  __sys_sendmsg+0xf7/0x1c0
[   78.848545][ T5086]  ? __sys_sendmsg_sock+0x40/0x40
[   78.853584][ T5086]  ? lock_downgrade+0x6e0/0x6e0
[   78.858464][ T5086]  ? lockdep_hardirqs_on+0x7d/0x100
[   78.863668][ T5086]  ? _raw_spin_unlock_irq+0x2e/0x50
[   78.868873][ T5086]  ? ptrace_notify+0xfe/0x140
[   78.873565][ T5086]  do_syscall_64+0x39/0xb0
[   78.878001][ T5086]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   78.883910][ T5086] RIP: 0033:0x7fb78f2feeb9
[   78.888332][ T5086] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   78.907947][ T5086] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.916372][ T5086] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fb78f2feeb9
[   78.924349][ T5086] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   78.932323][ T5086] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   78.940302][ T5086] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   78.948300][ T5086] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   78.956300][ T5086]  </TASK>
[   78.962408][ T5086] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   78.973635][ T5086] CPU: 1 PID: 5086 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   78.984107][ T5086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   78.994190][ T5086] Call Trace:
[   78.997475][ T5086]  <TASK>
[   79.000420][ T5086]  dump_stack_lvl+0xd1/0x138
[   79.005039][ T5086]  ccid3_update_send_interval.cold+0x87/0x93
[   79.011066][ T5086]  ccid3_hc_tx_packet_sent+0x132/0x160
[   79.016566][ T5086]  ? ccid3_update_send_interval+0x120/0x120
[   79.022546][ T5086]  dccp_xmit_packet+0x2f2/0x750
[   79.027458][ T5086]  dccp_write_xmit+0x171/0x1d0
[   79.032246][ T5086]  dccp_sendmsg+0xaee/0xd30
[   79.036782][ T5086]  ? dccp_done+0x100/0x100
[   79.041242][ T5086]  ? aa_af_perm+0x240/0x240
[   79.045784][ T5086]  ? __import_iovec+0x1fb/0x610
[   79.050703][ T5086]  inet_sendmsg+0x9d/0xe0
[   79.055090][ T5086]  ? inet_send_prepare+0x4e0/0x4e0
[   79.060247][ T5086]  sock_sendmsg+0xd3/0x120
[   79.064691][ T5086]  ____sys_sendmsg+0x712/0x8c0
[   79.069474][ T5086]  ? copy_msghdr_from_user+0xfc/0x150
[   79.074880][ T5086]  ? kernel_sendmsg+0x50/0x50
[   79.079596][ T5086]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   79.085659][ T5086]  ___sys_sendmsg+0x110/0x1b0
[   79.090371][ T5086]  ? do_recvmmsg+0x6e0/0x6e0
[   79.095004][ T5086]  ? lock_release+0x810/0x810
[   79.099737][ T5086]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   79.104976][ T5086]  ? do_raw_spin_lock+0x124/0x2b0
[   79.110038][ T5086]  ? rwlock_bug.part.0+0x90/0x90
[   79.115028][ T5086]  ? _raw_spin_lock_irq+0x45/0x50
[   79.120086][ T5086]  ? __fget_light+0x20a/0x270
[   79.124814][ T5086]  __sys_sendmsg+0xf7/0x1c0
[   79.129362][ T5086]  ? __sys_sendmsg_sock+0x40/0x40
[   79.134458][ T5086]  ? lock_downgrade+0x6e0/0x6e0
[   79.139365][ T5086]  ? lockdep_hardirqs_on+0x7d/0x100
[   79.144601][ T5086]  ? _raw_spin_unlock_irq+0x2e/0x50
[   79.149846][ T5086]  ? ptrace_notify+0xfe/0x140
[   79.154555][ T5086]  do_syscall_64+0x39/0xb0
[   79.159040][ T5086]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   79.164986][ T5086] RIP: 0033:0x7fb78f2feeb9
[   79.169443][ T5086] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   79.189087][ T5086] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   79.197528][ T5086] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007fb78f2feeb9
[   79.205519][ T5086] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   79.213516][ T5086] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   79.221518][ T5086] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   79.229513][ T5086] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   79.237533][ T5086]  </TASK>
[   79.245088][ T5086] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   79.256770][ T5086] CPU: 0 PID: 5086 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   79.267208][ T5086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   79.277273][ T5086] Call Trace:
[   79.280560][ T5086]  <TASK>
[   79.283503][ T5086]  dump_stack_lvl+0xd1/0x138
[   79.288113][ T5086]  ccid3_update_send_interval.cold+0x87/0x93
[   79.294124][ T5086]  ccid3_hc_tx_packet_sent+0x132/0x160
[   79.299608][ T5086]  ? ccid3_update_send_interval+0x120/0x120
[   79.305527][ T5086]  dccp_xmit_packet+0x2f2/0x750
[   79.310414][ T5086]  dccp_write_xmit+0x171/0x1d0
[   79.315199][ T5086]  dccp_sendmsg+0xaee/0xd30
[   79.319744][ T5086]  ? dccp_done+0x100/0x100
[   79.324188][ T5086]  ? aa_af_perm+0x240/0x240
[   79.328713][ T5086]  ? __import_iovec+0x1fb/0x610
[   79.333592][ T5086]  inet_sendmsg+0x9d/0xe0
[   79.337937][ T5086]  ? inet_send_prepare+0x4e0/0x4e0
[   79.343060][ T5086]  sock_sendmsg+0xd3/0x120
[   79.347492][ T5086]  ____sys_sendmsg+0x712/0x8c0
[   79.352273][ T5086]  ? copy_msghdr_from_user+0xfc/0x150
[   79.357681][ T5086]  ? kernel_sendmsg+0x50/0x50
[   79.362431][ T5086]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   79.368465][ T5086]  ___sys_sendmsg+0x110/0x1b0
[   79.373195][ T5086]  ? do_recvmmsg+0x6e0/0x6e0
[   79.377834][ T5086]  ? lock_release+0x810/0x810
[   79.382573][ T5086]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   79.387806][ T5086]  ? do_raw_spin_lock+0x124/0x2b0
[   79.392863][ T5086]  ? rwlock_bug.part.0+0x90/0x90
[   79.397828][ T5086]  ? _raw_spin_lock_irq+0x45/0x50
[   79.402897][ T5086]  ? __fget_light+0x20a/0x270
[   79.407615][ T5086]  __sys_sendmsg+0xf7/0x1c0
[   79.412154][ T5086]  ? __sys_sendmsg_sock+0x40/0x40
[   79.417215][ T5086]  ? lock_downgrade+0x6e0/0x6e0
[   79.422135][ T5086]  ? lockdep_hardirqs_on+0x7d/0x100
[   79.427366][ T5086]  ? _raw_spin_unlock_irq+0x2e/0x50
[   79.432597][ T5086]  ? ptrace_notify+0xfe/0x140
[   79.437310][ T5086]  do_syscall_64+0x39/0xb0
[   79.441763][ T5086]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   79.447686][ T5086] RIP: 0033:0x7fb78f2feeb9
[   79.452135][ T5086] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   79.471776][ T5086] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.480248][ T5086] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fb78f2feeb9
[   79.488247][ T5086] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   79.496236][ T5086] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   79.504223][ T5086] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   79.512226][ T5086] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   79.520248][ T5086]  </TASK>
[   79.525747][ T5086] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   79.537006][ T5086] CPU: 1 PID: 5086 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   79.547465][ T5086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   79.557547][ T5086] Call Trace:
[   79.560845][ T5086]  <TASK>
[   79.563788][ T5086]  dump_stack_lvl+0xd1/0x138
[   79.568414][ T5086]  ccid3_update_send_interval.cold+0x87/0x93
[   79.574436][ T5086]  ccid3_hc_tx_packet_sent+0x132/0x160
[   79.579921][ T5086]  ? ccid3_update_send_interval+0x120/0x120
[   79.585847][ T5086]  dccp_xmit_packet+0x2f2/0x750
[   79.590922][ T5086]  dccp_write_xmit+0x171/0x1d0
[   79.595733][ T5086]  dccp_sendmsg+0xaee/0xd30
[   79.600315][ T5086]  ? dccp_done+0x100/0x100
[   79.604785][ T5086]  ? aa_af_perm+0x240/0x240
[   79.609345][ T5086]  ? __import_iovec+0x1fb/0x610
[   79.614237][ T5086]  inet_sendmsg+0x9d/0xe0
[   79.618590][ T5086]  ? inet_send_prepare+0x4e0/0x4e0
[   79.623754][ T5086]  sock_sendmsg+0xd3/0x120
[   79.628227][ T5086]  ____sys_sendmsg+0x712/0x8c0
[   79.633064][ T5086]  ? copy_msghdr_from_user+0xfc/0x150
[   79.638474][ T5086]  ? kernel_sendmsg+0x50/0x50
[   79.643210][ T5086]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   79.649231][ T5086]  ___sys_sendmsg+0x110/0x1b0
[   79.653944][ T5086]  ? do_recvmmsg+0x6e0/0x6e0
[   79.658584][ T5086]  ? lock_release+0x810/0x810
[   79.663305][ T5086]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   79.668540][ T5086]  ? do_raw_spin_lock+0x124/0x2b0
[   79.673591][ T5086]  ? rwlock_bug.part.0+0x90/0x90
[   79.678559][ T5086]  ? _raw_spin_lock_irq+0x45/0x50
[   79.683623][ T5086]  ? __fget_light+0x20a/0x270
[   79.688348][ T5086]  __sys_sendmsg+0xf7/0x1c0
[   79.692872][ T5086]  ? __sys_sendmsg_sock+0x40/0x40
[   79.697922][ T5086]  ? lock_downgrade+0x6e0/0x6e0
[   79.702829][ T5086]  ? lockdep_hardirqs_on+0x7d/0x100
[   79.708080][ T5086]  ? _raw_spin_unlock_irq+0x2e/0x50
[   79.713297][ T5086]  ? ptrace_notify+0xfe/0x140
[   79.717998][ T5086]  do_syscall_64+0x39/0xb0
[   79.722445][ T5086]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   79.728355][ T5086] RIP: 0033:0x7fb78f2feeb9
[   79.732783][ T5086] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   79.752407][ T5086] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.760857][ T5086] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb78f2feeb9
[   79.768857][ T5086] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   79.776858][ T5086] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   79.784860][ T5086] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   79.792863][ T5086] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   79.800865][ T5086]  </TASK>
[   79.807603][ T5086] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   79.819240][ T5086] CPU: 0 PID: 5086 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   79.829673][ T5086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   79.839733][ T5086] Call Trace:
[   79.843029][ T5086]  <TASK>
[   79.845965][ T5086]  dump_stack_lvl+0xd1/0x138
[   79.850590][ T5086]  ccid3_update_send_interval.cold+0x87/0x93
[   79.856620][ T5086]  ccid3_hc_tx_packet_sent+0x132/0x160
[   79.862101][ T5086]  ? ccid3_update_send_interval+0x120/0x120
[   79.868019][ T5086]  dccp_xmit_packet+0x2f2/0x750
[   79.872905][ T5086]  dccp_write_xmit+0x171/0x1d0
[   79.877690][ T5086]  dccp_sendmsg+0xaee/0xd30
[   79.882215][ T5086]  ? dccp_done+0x100/0x100
[   79.886646][ T5086]  ? aa_af_perm+0x240/0x240
[   79.891173][ T5086]  ? __import_iovec+0x1fb/0x610
[   79.896052][ T5086]  inet_sendmsg+0x9d/0xe0
[   79.900395][ T5086]  ? inet_send_prepare+0x4e0/0x4e0
[   79.905538][ T5086]  sock_sendmsg+0xd3/0x120
[   79.909982][ T5086]  ____sys_sendmsg+0x712/0x8c0
[   79.914776][ T5086]  ? copy_msghdr_from_user+0xfc/0x150
[   79.920200][ T5086]  ? kernel_sendmsg+0x50/0x50
[   79.924922][ T5086]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   79.930954][ T5086]  ___sys_sendmsg+0x110/0x1b0
[   79.935670][ T5086]  ? do_recvmmsg+0x6e0/0x6e0
[   79.940318][ T5086]  ? lock_release+0x810/0x810
[   79.945050][ T5086]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   79.950275][ T5086]  ? do_raw_spin_lock+0x124/0x2b0
[   79.955326][ T5086]  ? rwlock_bug.part.0+0x90/0x90
[   79.960306][ T5086]  ? _raw_spin_lock_irq+0x45/0x50
[   79.965364][ T5086]  ? __fget_light+0x20a/0x270
[   79.970087][ T5086]  __sys_sendmsg+0xf7/0x1c0
[   79.974648][ T5086]  ? __sys_sendmsg_sock+0x40/0x40
[   79.979710][ T5086]  ? lock_downgrade+0x6e0/0x6e0
[   79.984637][ T5086]  ? lockdep_hardirqs_on+0x7d/0x100
[   79.989856][ T5086]  ? _raw_spin_unlock_irq+0x2e/0x50
[   79.995336][ T5086]  ? ptrace_notify+0xfe/0x140
[   80.000038][ T5086]  do_syscall_64+0x39/0xb0
[   80.004590][ T5086]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   80.010508][ T5086] RIP: 0033:0x7fb78f2feeb9
[   80.014947][ T5086] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   80.034589][ T5086] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.043026][ T5086] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fb78f2feeb9
[   80.051020][ T5086] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   80.059056][ T5086] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   80.067071][ T5086] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   80.075065][ T5086] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   80.083071][ T5086]  </TASK>
[   80.088152][ T5086] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   80.099451][ T5086] CPU: 1 PID: 5086 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   80.109904][ T5086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   80.119972][ T5086] Call Trace:
[   80.123258][ T5086]  <TASK>
[   80.126195][ T5086]  dump_stack_lvl+0xd1/0x138
[   80.130816][ T5086]  ccid3_update_send_interval.cold+0x87/0x93
[   80.136836][ T5086]  ccid3_hc_tx_packet_sent+0x132/0x160
[   80.142326][ T5086]  ? ccid3_update_send_interval+0x120/0x120
[   80.148263][ T5086]  dccp_xmit_packet+0x2f2/0x750
[   80.153172][ T5086]  dccp_write_xmit+0x171/0x1d0
[   80.157958][ T5086]  dccp_sendmsg+0xaee/0xd30
[   80.162500][ T5086]  ? dccp_done+0x100/0x100
[   80.166943][ T5086]  ? aa_af_perm+0x240/0x240
[   80.171476][ T5086]  ? __import_iovec+0x1fb/0x610
[   80.176373][ T5086]  inet_sendmsg+0x9d/0xe0
[   80.180758][ T5086]  ? inet_send_prepare+0x4e0/0x4e0
[   80.186003][ T5086]  sock_sendmsg+0xd3/0x120
[   80.190470][ T5086]  ____sys_sendmsg+0x712/0x8c0
[   80.195258][ T5086]  ? copy_msghdr_from_user+0xfc/0x150
[   80.200666][ T5086]  ? kernel_sendmsg+0x50/0x50
[   80.205371][ T5086]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   80.211400][ T5086]  ___sys_sendmsg+0x110/0x1b0
[   80.216147][ T5086]  ? do_recvmmsg+0x6e0/0x6e0
[   80.220803][ T5086]  ? lock_release+0x810/0x810
[   80.225517][ T5086]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   80.230750][ T5086]  ? do_raw_spin_lock+0x124/0x2b0
[   80.235823][ T5086]  ? rwlock_bug.part.0+0x90/0x90
[   80.240781][ T5086]  ? _raw_spin_lock_irq+0x45/0x50
[   80.245848][ T5086]  ? __fget_light+0x20a/0x270
[   80.250593][ T5086]  __sys_sendmsg+0xf7/0x1c0
[   80.255127][ T5086]  ? __sys_sendmsg_sock+0x40/0x40
[   80.260194][ T5086]  ? lock_downgrade+0x6e0/0x6e0
[   80.265105][ T5086]  ? lockdep_hardirqs_on+0x7d/0x100
[   80.270339][ T5086]  ? _raw_spin_unlock_irq+0x2e/0x50
[   80.275595][ T5086]  ? ptrace_notify+0xfe/0x140
[   80.280326][ T5086]  do_syscall_64+0x39/0xb0
[   80.284771][ T5086]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   80.290686][ T5086] RIP: 0033:0x7fb78f2feeb9
[   80.295132][ T5086] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   80.314762][ T5086] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.323206][ T5086] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fb78f2feeb9
[   80.331210][ T5086] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   80.339220][ T5086] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   80.347218][ T5086] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   80.355221][ T5086] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   80.363236][ T5086]  </TASK>
[   80.367097][ T5086] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   80.378811][ T5086] CPU: 0 PID: 5086 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   80.389307][ T5086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   80.399394][ T5086] Call Trace:
[   80.402693][ T5086]  <TASK>
[   80.405644][ T5086]  dump_stack_lvl+0xd1/0x138
[   80.410280][ T5086]  ccid3_update_send_interval.cold+0x87/0x93
[   80.416311][ T5086]  ccid3_hc_tx_packet_sent+0x132/0x160
[   80.421813][ T5086]  ? ccid3_update_send_interval+0x120/0x120
[   80.427750][ T5086]  dccp_xmit_packet+0x2f2/0x750
[   80.432642][ T5086]  dccp_write_xmit+0x171/0x1d0
[   80.437447][ T5086]  dccp_sendmsg+0xaee/0xd30
[   80.441995][ T5086]  ? dccp_done+0x100/0x100
[   80.446447][ T5086]  ? aa_af_perm+0x240/0x240
[   80.450990][ T5086]  ? __import_iovec+0x1fb/0x610
[   80.455887][ T5086]  inet_sendmsg+0x9d/0xe0
[   80.460251][ T5086]  ? inet_send_prepare+0x4e0/0x4e0
[   80.465393][ T5086]  sock_sendmsg+0xd3/0x120
[   80.469845][ T5086]  ____sys_sendmsg+0x712/0x8c0
[   80.474643][ T5086]  ? copy_msghdr_from_user+0xfc/0x150
[   80.480061][ T5086]  ? kernel_sendmsg+0x50/0x50
[   80.484796][ T5086]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   80.490839][ T5086]  ___sys_sendmsg+0x110/0x1b0
[   80.495603][ T5086]  ? do_recvmmsg+0x6e0/0x6e0
[   80.500251][ T5086]  ? lock_release+0x810/0x810
[   80.504982][ T5086]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   80.510217][ T5086]  ? do_raw_spin_lock+0x124/0x2b0
[   80.515269][ T5086]  ? rwlock_bug.part.0+0x90/0x90
[   80.520233][ T5086]  ? _raw_spin_lock_irq+0x45/0x50
[   80.525296][ T5086]  ? __fget_light+0x20a/0x270
[   80.530011][ T5086]  __sys_sendmsg+0xf7/0x1c0
[   80.534570][ T5086]  ? __sys_sendmsg_sock+0x40/0x40
[   80.539636][ T5086]  ? lock_downgrade+0x6e0/0x6e0
[   80.544546][ T5086]  ? lockdep_hardirqs_on+0x7d/0x100
[   80.549774][ T5086]  ? _raw_spin_unlock_irq+0x2e/0x50
[   80.555002][ T5086]  ? ptrace_notify+0xfe/0x140
[   80.559800][ T5086]  do_syscall_64+0x39/0xb0
[   80.564255][ T5086]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   80.570271][ T5086] RIP: 0033:0x7fb78f2feeb9
[   80.574721][ T5086] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   80.594529][ T5086] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.602969][ T5086] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fb78f2feeb9
[pid  5086] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5086] exit_group(0)               = ?
[pid  5086] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5086, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555562765d0) = 5087
./strace-static-x86_64: Process 5087 attached
[pid  5087] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5087] setpgid(0, 0)               = 0
[pid  5087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5087] write(3, "1000", 4)         = 4
[pid  5087] close(3)                    = 0
[pid  5087] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid  5087] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid  5087] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid  5087] listen(3, 6)                = 0
[pid  5087] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid  5087] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[   80.610957][ T5086] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   80.618946][ T5086] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   80.626930][ T5086] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   80.634932][ T5086] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   80.642952][ T5086]  </TASK>
[pid  5087] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   80.665574][ T5087] dccp_xmit_packet: Payload too large (65475) for featneg.
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   80.733627][ T5087] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   80.745136][ T5087] CPU: 0 PID: 5087 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   80.755571][ T5087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   80.765643][ T5087] Call Trace:
[   80.768958][ T5087]  <TASK>
[   80.771901][ T5087]  dump_stack_lvl+0xd1/0x138
[   80.776536][ T5087]  ccid3_update_send_interval.cold+0x87/0x93
[   80.782595][ T5087]  ccid3_hc_tx_packet_sent+0x132/0x160
[   80.788104][ T5087]  ? ccid3_update_send_interval+0x120/0x120
[   80.794023][ T5087]  dccp_xmit_packet+0x2f2/0x750
[   80.799012][ T5087]  dccp_write_xmit+0x171/0x1d0
[   80.803800][ T5087]  dccp_sendmsg+0xaee/0xd30
[   80.808329][ T5087]  ? dccp_done+0x100/0x100
[   80.812762][ T5087]  ? aa_af_perm+0x240/0x240
[   80.817287][ T5087]  ? __import_iovec+0x1fb/0x610
[   80.822174][ T5087]  inet_sendmsg+0x9d/0xe0
[   80.826549][ T5087]  ? inet_send_prepare+0x4e0/0x4e0
[   80.831696][ T5087]  sock_sendmsg+0xd3/0x120
[   80.836129][ T5087]  ____sys_sendmsg+0x712/0x8c0
[   80.840924][ T5087]  ? copy_msghdr_from_user+0xfc/0x150
[   80.846348][ T5087]  ? kernel_sendmsg+0x50/0x50
[   80.851074][ T5087]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   80.857134][ T5087]  ___sys_sendmsg+0x110/0x1b0
[   80.861859][ T5087]  ? do_recvmmsg+0x6e0/0x6e0
[   80.866503][ T5087]  ? lock_release+0x810/0x810
[   80.871222][ T5087]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   80.876441][ T5087]  ? do_raw_spin_lock+0x124/0x2b0
[   80.881494][ T5087]  ? rwlock_bug.part.0+0x90/0x90
[   80.886473][ T5087]  ? _raw_spin_lock_irq+0x45/0x50
[   80.891536][ T5087]  ? __fget_light+0x20a/0x270
[   80.896238][ T5087]  __sys_sendmsg+0xf7/0x1c0
[   80.900800][ T5087]  ? __sys_sendmsg_sock+0x40/0x40
[   80.905876][ T5087]  ? lock_downgrade+0x6e0/0x6e0
[   80.910773][ T5087]  ? lockdep_hardirqs_on+0x7d/0x100
[   80.915993][ T5087]  ? _raw_spin_unlock_irq+0x2e/0x50
[   80.921215][ T5087]  ? ptrace_notify+0xfe/0x140
[   80.925940][ T5087]  do_syscall_64+0x39/0xb0
[   80.930425][ T5087]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   80.936377][ T5087] RIP: 0033:0x7fb78f2feeb9
[   80.940813][ T5087] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   80.960461][ T5087] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.968892][ T5087] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fb78f2feeb9
[   80.976886][ T5087] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   80.984897][ T5087] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   80.992908][ T5087] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   81.000913][ T5087] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   81.008917][ T5087]  </TASK>
[   81.018196][ T5087] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   81.029443][ T5087] CPU: 0 PID: 5087 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   81.039887][ T5087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   81.049957][ T5087] Call Trace:
[   81.053257][ T5087]  <TASK>
[   81.056229][ T5087]  dump_stack_lvl+0xd1/0x138
[   81.060889][ T5087]  ccid3_update_send_interval.cold+0x87/0x93
[   81.067040][ T5087]  ccid3_hc_tx_packet_sent+0x132/0x160
[   81.072553][ T5087]  ? ccid3_update_send_interval+0x120/0x120
[   81.078615][ T5087]  dccp_xmit_packet+0x2f2/0x750
[   81.083518][ T5087]  dccp_write_xmit+0x171/0x1d0
[   81.088312][ T5087]  dccp_sendmsg+0xaee/0xd30
[   81.092844][ T5087]  ? dccp_done+0x100/0x100
[   81.097306][ T5087]  ? aa_af_perm+0x240/0x240
[   81.101842][ T5087]  ? __import_iovec+0x1fb/0x610
[   81.106739][ T5087]  inet_sendmsg+0x9d/0xe0
[   81.111116][ T5087]  ? inet_send_prepare+0x4e0/0x4e0
[   81.116271][ T5087]  sock_sendmsg+0xd3/0x120
[   81.120711][ T5087]  ____sys_sendmsg+0x712/0x8c0
[   81.125497][ T5087]  ? copy_msghdr_from_user+0xfc/0x150
[   81.130935][ T5087]  ? kernel_sendmsg+0x50/0x50
[   81.135660][ T5087]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   81.141683][ T5087]  ___sys_sendmsg+0x110/0x1b0
[   81.146423][ T5087]  ? do_recvmmsg+0x6e0/0x6e0
[   81.151100][ T5087]  ? lock_release+0x810/0x810
[   81.155825][ T5087]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   81.161048][ T5087]  ? do_raw_spin_lock+0x124/0x2b0
[   81.166114][ T5087]  ? rwlock_bug.part.0+0x90/0x90
[   81.171068][ T5087]  ? _raw_spin_lock_irq+0x45/0x50
[   81.176133][ T5087]  ? __fget_light+0x20a/0x270
[   81.180863][ T5087]  __sys_sendmsg+0xf7/0x1c0
[   81.185405][ T5087]  ? __sys_sendmsg_sock+0x40/0x40
[   81.190497][ T5087]  ? lock_downgrade+0x6e0/0x6e0
[   81.195433][ T5087]  ? lockdep_hardirqs_on+0x7d/0x100
[   81.200688][ T5087]  ? _raw_spin_unlock_irq+0x2e/0x50
[   81.205920][ T5087]  ? ptrace_notify+0xfe/0x140
[   81.210660][ T5087]  do_syscall_64+0x39/0xb0
[   81.215151][ T5087]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   81.221107][ T5087] RIP: 0033:0x7fb78f2feeb9
[   81.225572][ T5087] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   81.245224][ T5087] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.253670][ T5087] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fb78f2feeb9
[   81.261677][ T5087] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   81.269664][ T5087] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   81.277662][ T5087] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   81.285661][ T5087] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   81.293857][ T5087]  </TASK>
[   81.301070][ T5087] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   81.312313][ T5087] CPU: 0 PID: 5087 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   81.322781][ T5087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   81.332887][ T5087] Call Trace:
[   81.336210][ T5087]  <TASK>
[   81.339157][ T5087]  dump_stack_lvl+0xd1/0x138
[   81.343795][ T5087]  ccid3_update_send_interval.cold+0x87/0x93
[   81.349808][ T5087]  ccid3_hc_tx_packet_sent+0x132/0x160
[   81.355288][ T5087]  ? ccid3_update_send_interval+0x120/0x120
[   81.361212][ T5087]  dccp_xmit_packet+0x2f2/0x750
[   81.366088][ T5087]  dccp_write_xmit+0x171/0x1d0
[   81.370891][ T5087]  dccp_sendmsg+0xaee/0xd30
[   81.375470][ T5087]  ? dccp_done+0x100/0x100
[   81.379936][ T5087]  ? aa_af_perm+0x240/0x240
[   81.384474][ T5087]  ? __import_iovec+0x1fb/0x610
[   81.389369][ T5087]  inet_sendmsg+0x9d/0xe0
[   81.393727][ T5087]  ? inet_send_prepare+0x4e0/0x4e0
[   81.398878][ T5087]  sock_sendmsg+0xd3/0x120
[   81.403356][ T5087]  ____sys_sendmsg+0x712/0x8c0
[   81.408178][ T5087]  ? copy_msghdr_from_user+0xfc/0x150
[   81.413583][ T5087]  ? kernel_sendmsg+0x50/0x50
[   81.418344][ T5087]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   81.424409][ T5087]  ___sys_sendmsg+0x110/0x1b0
[   81.429124][ T5087]  ? do_recvmmsg+0x6e0/0x6e0
[   81.433747][ T5087]  ? lock_release+0x810/0x810
[   81.438462][ T5087]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   81.443695][ T5087]  ? do_raw_spin_lock+0x124/0x2b0
[   81.448746][ T5087]  ? rwlock_bug.part.0+0x90/0x90
[   81.453736][ T5087]  ? _raw_spin_lock_irq+0x45/0x50
[   81.458793][ T5087]  ? __fget_light+0x20a/0x270
[   81.463549][ T5087]  __sys_sendmsg+0xf7/0x1c0
[   81.468095][ T5087]  ? __sys_sendmsg_sock+0x40/0x40
[   81.473155][ T5087]  ? lock_downgrade+0x6e0/0x6e0
[   81.478071][ T5087]  ? lockdep_hardirqs_on+0x7d/0x100
[   81.483326][ T5087]  ? _raw_spin_unlock_irq+0x2e/0x50
[   81.488543][ T5087]  ? ptrace_notify+0xfe/0x140
[   81.493237][ T5087]  do_syscall_64+0x39/0xb0
[   81.497672][ T5087]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   81.503602][ T5087] RIP: 0033:0x7fb78f2feeb9
[   81.508029][ T5087] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   81.527662][ T5087] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid  5087] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5087] exit_group(0)               = ?
[pid  5087] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5087, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555562765d0) = 5088
./strace-static-x86_64: Process 5088 attached
[pid  5088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5088] setpgid(0, 0)               = 0
[pid  5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5088] write(3, "1000", 4)         = 4
[pid  5088] close(3)                    = 0
[pid  5088] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid  5088] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid  5088] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid  5088] listen(3, 6)                = 0
[pid  5088] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid  5088] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[   81.536111][ T5087] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fb78f2feeb9
[   81.544113][ T5087] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   81.552102][ T5087] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   81.560162][ T5087] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   81.568150][ T5087] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   81.576152][ T5087]  </TASK>
[pid  5088] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   81.597008][ T5088] dccp_xmit_packet: Payload too large (65475) for featneg.
[   81.642771][ T5088] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   81.654138][ T5088] CPU: 0 PID: 5088 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   81.664598][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   81.674681][ T5088] Call Trace:
[   81.677977][ T5088]  <TASK>
[   81.680943][ T5088]  dump_stack_lvl+0xd1/0x138
[   81.685600][ T5088]  ccid3_update_send_interval.cold+0x87/0x93
[   81.691645][ T5088]  ccid3_hc_tx_packet_sent+0x132/0x160
[   81.697138][ T5088]  ? ccid3_update_send_interval+0x120/0x120
[   81.703061][ T5088]  dccp_xmit_packet+0x2f2/0x750
[   81.707939][ T5088]  dccp_write_xmit+0x171/0x1d0
[   81.712762][ T5088]  dccp_sendmsg+0xaee/0xd30
[   81.717295][ T5088]  ? dccp_done+0x100/0x100
[   81.721736][ T5088]  ? aa_af_perm+0x240/0x240
[   81.726281][ T5088]  ? __import_iovec+0x1fb/0x610
[   81.731167][ T5088]  inet_sendmsg+0x9d/0xe0
[   81.735527][ T5088]  ? inet_send_prepare+0x4e0/0x4e0
[   81.740672][ T5088]  sock_sendmsg+0xd3/0x120
[   81.745122][ T5088]  ____sys_sendmsg+0x712/0x8c0
[   81.749907][ T5088]  ? copy_msghdr_from_user+0xfc/0x150
[   81.755306][ T5088]  ? kernel_sendmsg+0x50/0x50
[   81.760016][ T5088]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   81.766071][ T5088]  ___sys_sendmsg+0x110/0x1b0
[   81.770783][ T5088]  ? do_recvmmsg+0x6e0/0x6e0
[   81.775435][ T5088]  ? lock_release+0x810/0x810
[   81.780175][ T5088]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   81.785416][ T5088]  ? do_raw_spin_lock+0x124/0x2b0
[   81.790470][ T5088]  ? rwlock_bug.part.0+0x90/0x90
[   81.795433][ T5088]  ? _raw_spin_lock_irq+0x45/0x50
[   81.800495][ T5088]  ? __fget_light+0x20a/0x270
[   81.805209][ T5088]  __sys_sendmsg+0xf7/0x1c0
[   81.809744][ T5088]  ? __sys_sendmsg_sock+0x40/0x40
[   81.814798][ T5088]  ? lock_downgrade+0x6e0/0x6e0
[   81.819694][ T5088]  ? lockdep_hardirqs_on+0x7d/0x100
[   81.824917][ T5088]  ? _raw_spin_unlock_irq+0x2e/0x50
[   81.830162][ T5088]  ? ptrace_notify+0xfe/0x140
[   81.834869][ T5088]  do_syscall_64+0x39/0xb0
[   81.839323][ T5088]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   81.845238][ T5088] RIP: 0033:0x7fb78f2feeb9
[   81.849672][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   81.869300][ T5088] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.877733][ T5088] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007fb78f2feeb9
[   81.885739][ T5088] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   81.893724][ T5088] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   81.901713][ T5088] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   81.909705][ T5088] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   81.917709][ T5088]  </TASK>
[   81.926537][ T5088] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   81.937816][ T5088] CPU: 0 PID: 5088 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   81.948293][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   81.958379][ T5088] Call Trace:
[   81.961667][ T5088]  <TASK>
[   81.964607][ T5088]  dump_stack_lvl+0xd1/0x138
[   81.969219][ T5088]  ccid3_update_send_interval.cold+0x87/0x93
[   81.975238][ T5088]  ccid3_hc_tx_packet_sent+0x132/0x160
[   81.980743][ T5088]  ? ccid3_update_send_interval+0x120/0x120
[   81.986666][ T5088]  dccp_xmit_packet+0x2f2/0x750
[   81.991555][ T5088]  dccp_write_xmit+0x171/0x1d0
[   81.996377][ T5088]  dccp_sendmsg+0xaee/0xd30
[   82.000915][ T5088]  ? dccp_done+0x100/0x100
[   82.005354][ T5088]  ? aa_af_perm+0x240/0x240
[   82.009882][ T5088]  ? __import_iovec+0x1fb/0x610
[   82.014787][ T5088]  inet_sendmsg+0x9d/0xe0
[   82.019178][ T5088]  ? inet_send_prepare+0x4e0/0x4e0
[   82.024312][ T5088]  sock_sendmsg+0xd3/0x120
[   82.028753][ T5088]  ____sys_sendmsg+0x712/0x8c0
[   82.033545][ T5088]  ? copy_msghdr_from_user+0xfc/0x150
[   82.038956][ T5088]  ? kernel_sendmsg+0x50/0x50
[   82.043688][ T5088]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   82.049736][ T5088]  ___sys_sendmsg+0x110/0x1b0
[   82.054453][ T5088]  ? do_recvmmsg+0x6e0/0x6e0
[   82.059093][ T5088]  ? lock_release+0x810/0x810
[   82.063812][ T5088]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   82.069036][ T5088]  ? do_raw_spin_lock+0x124/0x2b0
[   82.074082][ T5088]  ? rwlock_bug.part.0+0x90/0x90
[   82.079036][ T5088]  ? _raw_spin_lock_irq+0x45/0x50
[   82.084102][ T5088]  ? __fget_light+0x20a/0x270
[   82.088812][ T5088]  __sys_sendmsg+0xf7/0x1c0
[   82.093346][ T5088]  ? __sys_sendmsg_sock+0x40/0x40
[   82.098411][ T5088]  ? lock_downgrade+0x6e0/0x6e0
[   82.103310][ T5088]  ? lockdep_hardirqs_on+0x7d/0x100
[   82.108529][ T5088]  ? _raw_spin_unlock_irq+0x2e/0x50
[   82.113768][ T5088]  ? ptrace_notify+0xfe/0x140
[   82.118472][ T5088]  do_syscall_64+0x39/0xb0
[   82.123011][ T5088]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   82.128930][ T5088] RIP: 0033:0x7fb78f2feeb9
[   82.133368][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   82.152992][ T5088] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.161433][ T5088] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fb78f2feeb9
[   82.169430][ T5088] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   82.177419][ T5088] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   82.185413][ T5088] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   82.193403][ T5088] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   82.201415][ T5088]  </TASK>
[   82.209979][ T5088] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   82.221299][ T5088] CPU: 0 PID: 5088 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   82.231780][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   82.241862][ T5088] Call Trace:
[   82.245150][ T5088]  <TASK>
[   82.248093][ T5088]  dump_stack_lvl+0xd1/0x138
[   82.252741][ T5088]  ccid3_update_send_interval.cold+0x87/0x93
[   82.258757][ T5088]  ccid3_hc_tx_packet_sent+0x132/0x160
[   82.264249][ T5088]  ? ccid3_update_send_interval+0x120/0x120
[   82.270176][ T5088]  dccp_xmit_packet+0x2f2/0x750
[   82.275076][ T5088]  dccp_write_xmit+0x171/0x1d0
[   82.279890][ T5088]  dccp_sendmsg+0xaee/0xd30
[   82.284430][ T5088]  ? dccp_done+0x100/0x100
[   82.288876][ T5088]  ? aa_af_perm+0x240/0x240
[   82.293412][ T5088]  ? __import_iovec+0x1fb/0x610
[   82.298296][ T5088]  inet_sendmsg+0x9d/0xe0
[   82.302645][ T5088]  ? inet_send_prepare+0x4e0/0x4e0
[   82.307788][ T5088]  sock_sendmsg+0xd3/0x120
[   82.312262][ T5088]  ____sys_sendmsg+0x712/0x8c0
[   82.317062][ T5088]  ? copy_msghdr_from_user+0xfc/0x150
[   82.322472][ T5088]  ? kernel_sendmsg+0x50/0x50
[   82.327204][ T5088]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   82.333234][ T5088]  ___sys_sendmsg+0x110/0x1b0
[   82.337968][ T5088]  ? do_recvmmsg+0x6e0/0x6e0
[   82.342617][ T5088]  ? lock_release+0x810/0x810
[   82.347355][ T5088]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   82.352619][ T5088]  ? do_raw_spin_lock+0x124/0x2b0
[   82.357691][ T5088]  ? rwlock_bug.part.0+0x90/0x90
[   82.362662][ T5088]  ? _raw_spin_lock_irq+0x45/0x50
[   82.367728][ T5088]  ? __fget_light+0x20a/0x270
[   82.372444][ T5088]  __sys_sendmsg+0xf7/0x1c0
[   82.376990][ T5088]  ? __sys_sendmsg_sock+0x40/0x40
[   82.382054][ T5088]  ? lock_downgrade+0x6e0/0x6e0
[   82.386967][ T5088]  ? lockdep_hardirqs_on+0x7d/0x100
[   82.392196][ T5088]  ? _raw_spin_unlock_irq+0x2e/0x50
[   82.397425][ T5088]  ? ptrace_notify+0xfe/0x140
[   82.402134][ T5088]  do_syscall_64+0x39/0xb0
[   82.406607][ T5088]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   82.412529][ T5088] RIP: 0033:0x7fb78f2feeb9
[   82.416969][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   82.436603][ T5088] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   82.445043][ T5088] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fb78f2feeb9
[   82.453033][ T5088] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   82.461028][ T5088] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   82.469033][ T5088] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   82.477033][ T5088] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   82.485067][ T5088]  </TASK>
[   82.493290][ T5088] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   82.504486][ T5088] CPU: 0 PID: 5088 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   82.514917][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   82.525011][ T5088] Call Trace:
[   82.528311][ T5088]  <TASK>
[   82.531255][ T5088]  dump_stack_lvl+0xd1/0x138
[   82.535888][ T5088]  ccid3_update_send_interval.cold+0x87/0x93
[   82.541909][ T5088]  ccid3_hc_tx_packet_sent+0x132/0x160
[   82.547410][ T5088]  ? ccid3_update_send_interval+0x120/0x120
[   82.553334][ T5088]  dccp_xmit_packet+0x2f2/0x750
[   82.558216][ T5088]  dccp_write_xmit+0x171/0x1d0
[   82.563045][ T5088]  dccp_sendmsg+0xaee/0xd30
[   82.567605][ T5088]  ? dccp_done+0x100/0x100
[   82.572040][ T5088]  ? aa_af_perm+0x240/0x240
[   82.576577][ T5088]  ? __import_iovec+0x1fb/0x610
[   82.581459][ T5088]  inet_sendmsg+0x9d/0xe0
[   82.585808][ T5088]  ? inet_send_prepare+0x4e0/0x4e0
[   82.590960][ T5088]  sock_sendmsg+0xd3/0x120
[   82.595422][ T5088]  ____sys_sendmsg+0x712/0x8c0
[   82.600222][ T5088]  ? copy_msghdr_from_user+0xfc/0x150
[   82.605659][ T5088]  ? kernel_sendmsg+0x50/0x50
[   82.610378][ T5088]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   82.616411][ T5088]  ___sys_sendmsg+0x110/0x1b0
[   82.621127][ T5088]  ? do_recvmmsg+0x6e0/0x6e0
[   82.625770][ T5088]  ? lock_release+0x810/0x810
[   82.630489][ T5088]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   82.635716][ T5088]  ? do_raw_spin_lock+0x124/0x2b0
[   82.640779][ T5088]  ? rwlock_bug.part.0+0x90/0x90
[   82.645738][ T5088]  ? _raw_spin_lock_irq+0x45/0x50
[   82.650814][ T5088]  ? __fget_light+0x20a/0x270
[   82.655528][ T5088]  __sys_sendmsg+0xf7/0x1c0
[   82.660068][ T5088]  ? __sys_sendmsg_sock+0x40/0x40
[   82.665147][ T5088]  ? lock_downgrade+0x6e0/0x6e0
[   82.670172][ T5088]  ? lockdep_hardirqs_on+0x7d/0x100
[   82.675434][ T5088]  ? _raw_spin_unlock_irq+0x2e/0x50
[   82.680664][ T5088]  ? ptrace_notify+0xfe/0x140
[   82.685391][ T5088]  do_syscall_64+0x39/0xb0
[   82.689844][ T5088]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   82.695765][ T5088] RIP: 0033:0x7fb78f2feeb9
[   82.700207][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   82.719840][ T5088] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.728275][ T5088] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007fb78f2feeb9
[   82.736265][ T5088] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   82.744253][ T5088] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   82.752239][ T5088] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   82.760228][ T5088] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   82.768241][ T5088]  </TASK>
[   82.777183][ T5088] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   82.788557][ T5088] CPU: 0 PID: 5088 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   82.798987][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   82.809073][ T5088] Call Trace:
[   82.812363][ T5088]  <TASK>
[   82.815317][ T5088]  dump_stack_lvl+0xd1/0x138
[   82.819955][ T5088]  ccid3_update_send_interval.cold+0x87/0x93
[   82.826017][ T5088]  ccid3_hc_tx_packet_sent+0x132/0x160
[   82.831529][ T5088]  ? ccid3_update_send_interval+0x120/0x120
[   82.837481][ T5088]  dccp_xmit_packet+0x2f2/0x750
[   82.842385][ T5088]  dccp_write_xmit+0x171/0x1d0
[   82.847176][ T5088]  dccp_sendmsg+0xaee/0xd30
[   82.851713][ T5088]  ? dccp_done+0x100/0x100
[   82.856152][ T5088]  ? aa_af_perm+0x240/0x240
[   82.860709][ T5088]  ? __import_iovec+0x1fb/0x610
[   82.865679][ T5088]  inet_sendmsg+0x9d/0xe0
[   82.870082][ T5088]  ? inet_send_prepare+0x4e0/0x4e0
[   82.875238][ T5088]  sock_sendmsg+0xd3/0x120
[   82.880119][ T5088]  ____sys_sendmsg+0x712/0x8c0
[   82.884943][ T5088]  ? copy_msghdr_from_user+0xfc/0x150
[   82.890357][ T5088]  ? kernel_sendmsg+0x50/0x50
[   82.895094][ T5088]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   82.901124][ T5088]  ___sys_sendmsg+0x110/0x1b0
[   82.905837][ T5088]  ? do_recvmmsg+0x6e0/0x6e0
[   82.910477][ T5088]  ? lock_release+0x810/0x810
[   82.915195][ T5088]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   82.920425][ T5088]  ? do_raw_spin_lock+0x124/0x2b0
[   82.925478][ T5088]  ? rwlock_bug.part.0+0x90/0x90
[   82.930444][ T5088]  ? _raw_spin_lock_irq+0x45/0x50
[   82.935510][ T5088]  ? __fget_light+0x20a/0x270
[   82.940225][ T5088]  __sys_sendmsg+0xf7/0x1c0
[   82.944765][ T5088]  ? __sys_sendmsg_sock+0x40/0x40
[   82.949821][ T5088]  ? lock_downgrade+0x6e0/0x6e0
[   82.954723][ T5088]  ? lockdep_hardirqs_on+0x7d/0x100
[   82.959946][ T5088]  ? _raw_spin_unlock_irq+0x2e/0x50
[   82.965169][ T5088]  ? ptrace_notify+0xfe/0x140
[   82.969884][ T5088]  do_syscall_64+0x39/0xb0
[   82.974345][ T5088]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   82.980265][ T5088] RIP: 0033:0x7fb78f2feeb9
[   82.984700][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   83.004329][ T5088] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   83.012767][ T5088] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fb78f2feeb9
[   83.020759][ T5088] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   83.028762][ T5088] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   83.036757][ T5088] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   83.044755][ T5088] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   83.052764][ T5088]  </TASK>
[   83.058325][ T5088] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   83.069711][ T5088] CPU: 0 PID: 5088 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   83.080165][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   83.090245][ T5088] Call Trace:
[   83.093555][ T5088]  <TASK>
[   83.096499][ T5088]  dump_stack_lvl+0xd1/0x138
[   83.101118][ T5088]  ccid3_update_send_interval.cold+0x87/0x93
[   83.107150][ T5088]  ccid3_hc_tx_packet_sent+0x132/0x160
[   83.112646][ T5088]  ? ccid3_update_send_interval+0x120/0x120
[   83.118664][ T5088]  dccp_xmit_packet+0x2f2/0x750
[   83.123551][ T5088]  dccp_write_xmit+0x171/0x1d0
[   83.128372][ T5088]  dccp_sendmsg+0xaee/0xd30
[   83.132948][ T5088]  ? dccp_done+0x100/0x100
[   83.137431][ T5088]  ? aa_af_perm+0x240/0x240
[   83.142005][ T5088]  ? __import_iovec+0x1fb/0x610
[   83.146900][ T5088]  inet_sendmsg+0x9d/0xe0
[   83.151253][ T5088]  ? inet_send_prepare+0x4e0/0x4e0
[   83.156398][ T5088]  sock_sendmsg+0xd3/0x120
[   83.160878][ T5088]  ____sys_sendmsg+0x712/0x8c0
[   83.165699][ T5088]  ? copy_msghdr_from_user+0xfc/0x150
[   83.171108][ T5088]  ? kernel_sendmsg+0x50/0x50
[   83.175859][ T5088]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   83.181924][ T5088]  ___sys_sendmsg+0x110/0x1b0
[   83.186644][ T5088]  ? do_recvmmsg+0x6e0/0x6e0
[   83.191290][ T5088]  ? lock_release+0x810/0x810
[   83.196025][ T5088]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   83.201255][ T5088]  ? do_raw_spin_lock+0x124/0x2b0
[   83.206318][ T5088]  ? rwlock_bug.part.0+0x90/0x90
[   83.211310][ T5088]  ? _raw_spin_lock_irq+0x45/0x50
[   83.216371][ T5088]  ? __fget_light+0x20a/0x270
[   83.221088][ T5088]  __sys_sendmsg+0xf7/0x1c0
[   83.225658][ T5088]  ? __sys_sendmsg_sock+0x40/0x40
[   83.230723][ T5088]  ? lock_downgrade+0x6e0/0x6e0
[   83.235630][ T5088]  ? lockdep_hardirqs_on+0x7d/0x100
[   83.240855][ T5088]  ? _raw_spin_unlock_irq+0x2e/0x50
[   83.246097][ T5088]  ? ptrace_notify+0xfe/0x140
[   83.250806][ T5088]  do_syscall_64+0x39/0xb0
[   83.255258][ T5088]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   83.261204][ T5088] RIP: 0033:0x7fb78f2feeb9
[   83.265642][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   83.285273][ T5088] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   83.293712][ T5088] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb78f2feeb9
[   83.301710][ T5088] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   83.309698][ T5088] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   83.317692][ T5088] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   83.325685][ T5088] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   83.333693][ T5088]  </TASK>
[   83.338424][ T5088] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   83.349833][ T5088] CPU: 0 PID: 5088 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   83.360296][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   83.370371][ T5088] Call Trace:
[   83.373663][ T5088]  <TASK>
[   83.376604][ T5088]  dump_stack_lvl+0xd1/0x138
[   83.381255][ T5088]  ccid3_update_send_interval.cold+0x87/0x93
[   83.387274][ T5088]  ccid3_hc_tx_packet_sent+0x132/0x160
[   83.392801][ T5088]  ? ccid3_update_send_interval+0x120/0x120
[   83.398759][ T5088]  dccp_xmit_packet+0x2f2/0x750
[   83.403637][ T5088]  dccp_write_xmit+0x171/0x1d0
[   83.408444][ T5088]  dccp_sendmsg+0xaee/0xd30
[   83.413020][ T5088]  ? dccp_done+0x100/0x100
[   83.417493][ T5088]  ? aa_af_perm+0x240/0x240
[   83.422051][ T5088]  ? __import_iovec+0x1fb/0x610
[   83.426933][ T5088]  inet_sendmsg+0x9d/0xe0
[   83.431319][ T5088]  ? inet_send_prepare+0x4e0/0x4e0
[   83.436492][ T5088]  sock_sendmsg+0xd3/0x120
[   83.440963][ T5088]  ____sys_sendmsg+0x712/0x8c0
[   83.445792][ T5088]  ? copy_msghdr_from_user+0xfc/0x150
[   83.451204][ T5088]  ? kernel_sendmsg+0x50/0x50
[   83.455949][ T5088]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   83.461978][ T5088]  ___sys_sendmsg+0x110/0x1b0
[   83.466697][ T5088]  ? do_recvmmsg+0x6e0/0x6e0
[   83.471350][ T5088]  ? lock_release+0x810/0x810
[   83.476193][ T5088]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   83.481419][ T5088]  ? do_raw_spin_lock+0x124/0x2b0
[   83.486471][ T5088]  ? rwlock_bug.part.0+0x90/0x90
[   83.491431][ T5088]  ? _raw_spin_lock_irq+0x45/0x50
[   83.496578][ T5088]  ? __fget_light+0x20a/0x270
[   83.501313][ T5088]  __sys_sendmsg+0xf7/0x1c0
[   83.505854][ T5088]  ? __sys_sendmsg_sock+0x40/0x40
[   83.510920][ T5088]  ? lock_downgrade+0x6e0/0x6e0
[   83.515829][ T5088]  ? lockdep_hardirqs_on+0x7d/0x100
[   83.521070][ T5088]  ? _raw_spin_unlock_irq+0x2e/0x50
[   83.526306][ T5088]  ? ptrace_notify+0xfe/0x140
[   83.531012][ T5088]  do_syscall_64+0x39/0xb0
[   83.535470][ T5088]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   83.541389][ T5088] RIP: 0033:0x7fb78f2feeb9
[   83.545843][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   83.565477][ T5088] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   83.573915][ T5088] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fb78f2feeb9
[   83.581923][ T5088] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   83.589913][ T5088] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   83.597908][ T5088] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   83.605914][ T5088] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   83.613938][ T5088]  </TASK>
[   83.619452][ T5088] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   83.630773][ T5088] CPU: 0 PID: 5088 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   83.641238][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   83.651355][ T5088] Call Trace:
[   83.654673][ T5088]  <TASK>
[   83.657617][ T5088]  dump_stack_lvl+0xd1/0x138
[   83.662234][ T5088]  ccid3_update_send_interval.cold+0x87/0x93
[   83.668256][ T5088]  ccid3_hc_tx_packet_sent+0x132/0x160
[   83.673748][ T5088]  ? ccid3_update_send_interval+0x120/0x120
[   83.679669][ T5088]  dccp_xmit_packet+0x2f2/0x750
[   83.684537][ T5088]  dccp_write_xmit+0x171/0x1d0
[   83.689330][ T5088]  dccp_sendmsg+0xaee/0xd30
[   83.693903][ T5088]  ? dccp_done+0x100/0x100
[   83.698381][ T5088]  ? aa_af_perm+0x240/0x240
[   83.702955][ T5088]  ? __import_iovec+0x1fb/0x610
[   83.707879][ T5088]  inet_sendmsg+0x9d/0xe0
[   83.712226][ T5088]  ? inet_send_prepare+0x4e0/0x4e0
[   83.717368][ T5088]  sock_sendmsg+0xd3/0x120
[   83.721843][ T5088]  ____sys_sendmsg+0x712/0x8c0
[   83.726686][ T5088]  ? copy_msghdr_from_user+0xfc/0x150
[   83.732098][ T5088]  ? kernel_sendmsg+0x50/0x50
[   83.736849][ T5088]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   83.742909][ T5088]  ___sys_sendmsg+0x110/0x1b0
[   83.747614][ T5088]  ? do_recvmmsg+0x6e0/0x6e0
[   83.752245][ T5088]  ? lock_release+0x810/0x810
[   83.756952][ T5088]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   83.762171][ T5088]  ? do_raw_spin_lock+0x124/0x2b0
[   83.767213][ T5088]  ? rwlock_bug.part.0+0x90/0x90
[   83.772171][ T5088]  ? _raw_spin_lock_irq+0x45/0x50
[   83.777222][ T5088]  ? __fget_light+0x20a/0x270
[   83.781928][ T5088]  __sys_sendmsg+0xf7/0x1c0
[   83.786469][ T5088]  ? __sys_sendmsg_sock+0x40/0x40
[   83.791546][ T5088]  ? lock_downgrade+0x6e0/0x6e0
[   83.796438][ T5088]  ? lockdep_hardirqs_on+0x7d/0x100
[   83.801653][ T5088]  ? _raw_spin_unlock_irq+0x2e/0x50
[   83.806880][ T5088]  ? ptrace_notify+0xfe/0x140
[   83.811596][ T5088]  do_syscall_64+0x39/0xb0
[   83.816084][ T5088]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   83.822031][ T5088] RIP: 0033:0x7fb78f2feeb9
[   83.826516][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   83.846158][ T5088] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   83.854606][ T5088] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fb78f2feeb9
[   83.862594][ T5088] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   83.870601][ T5088] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   83.878604][ T5088] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   83.886603][ T5088] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   83.894624][ T5088]  </TASK>
[   83.902277][ T5088] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   83.913516][ T5088] CPU: 0 PID: 5088 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   83.923938][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   83.933995][ T5088] Call Trace:
[   83.937280][ T5088]  <TASK>
[   83.940225][ T5088]  dump_stack_lvl+0xd1/0x138
[   83.944866][ T5088]  ccid3_update_send_interval.cold+0x87/0x93
[   83.950919][ T5088]  ccid3_hc_tx_packet_sent+0x132/0x160
[   83.956436][ T5088]  ? ccid3_update_send_interval+0x120/0x120
[   83.962395][ T5088]  dccp_xmit_packet+0x2f2/0x750
[   83.967293][ T5088]  dccp_write_xmit+0x171/0x1d0
[   83.972082][ T5088]  dccp_sendmsg+0xaee/0xd30
[   83.976629][ T5088]  ? dccp_done+0x100/0x100
[   83.981090][ T5088]  ? aa_af_perm+0x240/0x240
[   83.985623][ T5088]  ? __import_iovec+0x1fb/0x610
[   83.990523][ T5088]  inet_sendmsg+0x9d/0xe0
[   83.994910][ T5088]  ? inet_send_prepare+0x4e0/0x4e0
[   84.000064][ T5088]  sock_sendmsg+0xd3/0x120
[   84.004525][ T5088]  ____sys_sendmsg+0x712/0x8c0
[   84.009322][ T5088]  ? copy_msghdr_from_user+0xfc/0x150
[   84.014752][ T5088]  ? kernel_sendmsg+0x50/0x50
[   84.019467][ T5088]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   84.025493][ T5088]  ___sys_sendmsg+0x110/0x1b0
[   84.030232][ T5088]  ? do_recvmmsg+0x6e0/0x6e0
[   84.034881][ T5088]  ? lock_release+0x810/0x810
[   84.039599][ T5088]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   84.044848][ T5088]  ? do_raw_spin_lock+0x124/0x2b0
[   84.049916][ T5088]  ? rwlock_bug.part.0+0x90/0x90
[   84.054869][ T5088]  ? _raw_spin_lock_irq+0x45/0x50
[   84.059927][ T5088]  ? __fget_light+0x20a/0x270
[   84.064630][ T5088]  __sys_sendmsg+0xf7/0x1c0
[   84.069158][ T5088]  ? __sys_sendmsg_sock+0x40/0x40
[   84.074229][ T5088]  ? lock_downgrade+0x6e0/0x6e0
[   84.079172][ T5088]  ? lockdep_hardirqs_on+0x7d/0x100
[   84.084408][ T5088]  ? _raw_spin_unlock_irq+0x2e/0x50
[   84.089642][ T5088]  ? ptrace_notify+0xfe/0x140
[   84.094340][ T5088]  do_syscall_64+0x39/0xb0
[   84.098787][ T5088]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   84.104696][ T5088] RIP: 0033:0x7fb78f2feeb9
[   84.109122][ T5088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   84.128770][ T5088] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.137226][ T5088] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fb78f2feeb9
[   84.145237][ T5088] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid  5088] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5088] exit_group(0)               = ?
[pid  5088] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555562765d0) = 5089
./strace-static-x86_64: Process 5089 attached
[pid  5089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5089] setpgid(0, 0)               = 0
[pid  5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5089] write(3, "1000", 4)         = 4
[pid  5089] close(3)                    = 0
[pid  5089] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid  5089] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid  5089] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid  5089] listen(3, 6)                = 0
[pid  5089] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid  5089] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[   84.153223][ T5088] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   84.161222][ T5088] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   84.169252][ T5088] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   84.177267][ T5088]  </TASK>
[pid  5089] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   84.217105][ T5089] dccp_xmit_packet: Payload too large (65475) for featneg.
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   84.267053][ T5089] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   84.278375][ T5089] CPU: 0 PID: 5089 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   84.288815][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   84.298902][ T5089] Call Trace:
[   84.302210][ T5089]  <TASK>
[   84.305170][ T5089]  dump_stack_lvl+0xd1/0x138
[   84.309788][ T5089]  ccid3_update_send_interval.cold+0x87/0x93
[   84.315809][ T5089]  ccid3_hc_tx_packet_sent+0x132/0x160
[   84.321305][ T5089]  ? ccid3_update_send_interval+0x120/0x120
[   84.327234][ T5089]  dccp_xmit_packet+0x2f2/0x750
[   84.332105][ T5089]  dccp_write_xmit+0x171/0x1d0
[   84.336924][ T5089]  dccp_sendmsg+0xaee/0xd30
[   84.341502][ T5089]  ? dccp_done+0x100/0x100
[   84.345976][ T5089]  ? aa_af_perm+0x240/0x240
[   84.350514][ T5089]  ? __import_iovec+0x1fb/0x610
[   84.355401][ T5089]  inet_sendmsg+0x9d/0xe0
[   84.359762][ T5089]  ? inet_send_prepare+0x4e0/0x4e0
[   84.364903][ T5089]  sock_sendmsg+0xd3/0x120
[   84.369372][ T5089]  ____sys_sendmsg+0x712/0x8c0
[   84.374178][ T5089]  ? copy_msghdr_from_user+0xfc/0x150
[   84.379590][ T5089]  ? kernel_sendmsg+0x50/0x50
[   84.384328][ T5089]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   84.390370][ T5089]  ___sys_sendmsg+0x110/0x1b0
[   84.395075][ T5089]  ? do_recvmmsg+0x6e0/0x6e0
[   84.399723][ T5089]  ? lock_release+0x810/0x810
[   84.404444][ T5089]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   84.409699][ T5089]  ? do_raw_spin_lock+0x124/0x2b0
[   84.414756][ T5089]  ? rwlock_bug.part.0+0x90/0x90
[   84.419725][ T5089]  ? _raw_spin_lock_irq+0x45/0x50
[   84.424793][ T5089]  ? __fget_light+0x20a/0x270
[   84.429519][ T5089]  __sys_sendmsg+0xf7/0x1c0
[   84.434049][ T5089]  ? __sys_sendmsg_sock+0x40/0x40
[   84.439096][ T5089]  ? lock_downgrade+0x6e0/0x6e0
[   84.444089][ T5089]  ? lockdep_hardirqs_on+0x7d/0x100
[   84.449318][ T5089]  ? _raw_spin_unlock_irq+0x2e/0x50
[   84.454570][ T5089]  ? ptrace_notify+0xfe/0x140
[   84.459271][ T5089]  do_syscall_64+0x39/0xb0
[   84.463740][ T5089]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   84.469655][ T5089] RIP: 0033:0x7fb78f2feeb9
[   84.474082][ T5089] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   84.493716][ T5089] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.502171][ T5089] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007fb78f2feeb9
[   84.510172][ T5089] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   84.518169][ T5089] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   84.526181][ T5089] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   84.534174][ T5089] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   84.542190][ T5089]  </TASK>
[   84.551272][ T5089] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   84.562775][ T5089] CPU: 1 PID: 5089 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   84.573206][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   84.583287][ T5089] Call Trace:
[   84.586576][ T5089]  <TASK>
[   84.589517][ T5089]  dump_stack_lvl+0xd1/0x138
[   84.594145][ T5089]  ccid3_update_send_interval.cold+0x87/0x93
[   84.600173][ T5089]  ccid3_hc_tx_packet_sent+0x132/0x160
[   84.605669][ T5089]  ? ccid3_update_send_interval+0x120/0x120
[   84.611600][ T5089]  dccp_xmit_packet+0x2f2/0x750
[   84.616471][ T5089]  dccp_write_xmit+0x171/0x1d0
[   84.621283][ T5089]  dccp_sendmsg+0xaee/0xd30
[   84.625809][ T5089]  ? dccp_done+0x100/0x100
[   84.630262][ T5089]  ? aa_af_perm+0x240/0x240
[   84.634803][ T5089]  ? __import_iovec+0x1fb/0x610
[   84.639682][ T5089]  inet_sendmsg+0x9d/0xe0
[   84.644031][ T5089]  ? inet_send_prepare+0x4e0/0x4e0
[   84.649161][ T5089]  sock_sendmsg+0xd3/0x120
[   84.653599][ T5089]  ____sys_sendmsg+0x712/0x8c0
[   84.658384][ T5089]  ? copy_msghdr_from_user+0xfc/0x150
[   84.663789][ T5089]  ? kernel_sendmsg+0x50/0x50
[   84.668510][ T5089]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   84.674538][ T5089]  ___sys_sendmsg+0x110/0x1b0
[   84.679250][ T5089]  ? do_recvmmsg+0x6e0/0x6e0
[   84.683919][ T5089]  ? lock_release+0x810/0x810
[   84.688636][ T5089]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   84.693862][ T5089]  ? do_raw_spin_lock+0x124/0x2b0
[   84.698911][ T5089]  ? rwlock_bug.part.0+0x90/0x90
[   84.703886][ T5089]  ? _raw_spin_lock_irq+0x45/0x50
[   84.708944][ T5089]  ? __fget_light+0x20a/0x270
[   84.713652][ T5089]  __sys_sendmsg+0xf7/0x1c0
[   84.718180][ T5089]  ? __sys_sendmsg_sock+0x40/0x40
[   84.723236][ T5089]  ? lock_downgrade+0x6e0/0x6e0
[   84.728142][ T5089]  ? lockdep_hardirqs_on+0x7d/0x100
[   84.733368][ T5089]  ? _raw_spin_unlock_irq+0x2e/0x50
[   84.738594][ T5089]  ? ptrace_notify+0xfe/0x140
[   84.743322][ T5089]  do_syscall_64+0x39/0xb0
[   84.747774][ T5089]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   84.753696][ T5089] RIP: 0033:0x7fb78f2feeb9
[   84.758131][ T5089] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   84.777784][ T5089] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.786226][ T5089] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fb78f2feeb9
[   84.794230][ T5089] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   84.802221][ T5089] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   84.810213][ T5089] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   84.818206][ T5089] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   84.826222][ T5089]  </TASK>
[   84.832919][ T5089] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   84.844213][ T5089] CPU: 0 PID: 5089 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   84.854660][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   84.864731][ T5089] Call Trace:
[   84.868036][ T5089]  <TASK>
[   84.871009][ T5089]  dump_stack_lvl+0xd1/0x138
[   84.875671][ T5089]  ccid3_update_send_interval.cold+0x87/0x93
[   84.881716][ T5089]  ccid3_hc_tx_packet_sent+0x132/0x160
[   84.887212][ T5089]  ? ccid3_update_send_interval+0x120/0x120
[   84.893163][ T5089]  dccp_xmit_packet+0x2f2/0x750
[   84.898051][ T5089]  dccp_write_xmit+0x171/0x1d0
[   84.902844][ T5089]  dccp_sendmsg+0xaee/0xd30
[   84.907402][ T5089]  ? dccp_done+0x100/0x100
[   84.911881][ T5089]  ? aa_af_perm+0x240/0x240
[   84.916442][ T5089]  ? __import_iovec+0x1fb/0x610
[   84.921690][ T5089]  inet_sendmsg+0x9d/0xe0
[   84.926039][ T5089]  ? inet_send_prepare+0x4e0/0x4e0
[   84.931196][ T5089]  sock_sendmsg+0xd3/0x120
[   84.935663][ T5089]  ____sys_sendmsg+0x712/0x8c0
[   84.940456][ T5089]  ? copy_msghdr_from_user+0xfc/0x150
[   84.945866][ T5089]  ? kernel_sendmsg+0x50/0x50
[   84.950590][ T5089]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   84.956612][ T5089]  ___sys_sendmsg+0x110/0x1b0
[   84.961366][ T5089]  ? do_recvmmsg+0x6e0/0x6e0
[   84.966011][ T5089]  ? lock_release+0x810/0x810
[   84.970753][ T5089]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   84.975999][ T5089]  ? do_raw_spin_lock+0x124/0x2b0
[   84.981059][ T5089]  ? rwlock_bug.part.0+0x90/0x90
[   84.986046][ T5089]  ? _raw_spin_lock_irq+0x45/0x50
[   84.991118][ T5089]  ? __fget_light+0x20a/0x270
[   84.995863][ T5089]  __sys_sendmsg+0xf7/0x1c0
[   85.000426][ T5089]  ? __sys_sendmsg_sock+0x40/0x40
[   85.005481][ T5089]  ? lock_downgrade+0x6e0/0x6e0
[   85.010393][ T5089]  ? lockdep_hardirqs_on+0x7d/0x100
[   85.015634][ T5089]  ? _raw_spin_unlock_irq+0x2e/0x50
[   85.020864][ T5089]  ? ptrace_notify+0xfe/0x140
[   85.025590][ T5089]  do_syscall_64+0x39/0xb0
[   85.030039][ T5089]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   85.035959][ T5089] RIP: 0033:0x7fb78f2feeb9
[   85.040390][ T5089] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   85.060014][ T5089] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   85.068448][ T5089] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fb78f2feeb9
[   85.076443][ T5089] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   85.084441][ T5089] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   85.092434][ T5089] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   85.100429][ T5089] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   85.108451][ T5089]  </TASK>
[   85.115204][ T5089] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   85.126740][ T5089] CPU: 0 PID: 5089 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   85.137166][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   85.147222][ T5089] Call Trace:
[   85.150507][ T5089]  <TASK>
[   85.153444][ T5089]  dump_stack_lvl+0xd1/0x138
[   85.158058][ T5089]  ccid3_update_send_interval.cold+0x87/0x93
[   85.164066][ T5089]  ccid3_hc_tx_packet_sent+0x132/0x160
[   85.169546][ T5089]  ? ccid3_update_send_interval+0x120/0x120
[   85.175468][ T5089]  dccp_xmit_packet+0x2f2/0x750
[   85.180346][ T5089]  dccp_write_xmit+0x171/0x1d0
[   85.185130][ T5089]  dccp_sendmsg+0xaee/0xd30
[   85.189653][ T5089]  ? dccp_done+0x100/0x100
[   85.194085][ T5089]  ? aa_af_perm+0x240/0x240
[   85.198612][ T5089]  ? __import_iovec+0x1fb/0x610
[   85.203480][ T5089]  inet_sendmsg+0x9d/0xe0
[   85.207815][ T5089]  ? inet_send_prepare+0x4e0/0x4e0
[   85.212936][ T5089]  sock_sendmsg+0xd3/0x120
[   85.217378][ T5089]  ____sys_sendmsg+0x712/0x8c0
[   85.222150][ T5089]  ? copy_msghdr_from_user+0xfc/0x150
[   85.227537][ T5089]  ? kernel_sendmsg+0x50/0x50
[   85.232230][ T5089]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   85.238237][ T5089]  ___sys_sendmsg+0x110/0x1b0
[   85.242936][ T5089]  ? do_recvmmsg+0x6e0/0x6e0
[   85.247556][ T5089]  ? lock_release+0x810/0x810
[   85.252258][ T5089]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   85.257484][ T5089]  ? do_raw_spin_lock+0x124/0x2b0
[   85.262514][ T5089]  ? rwlock_bug.part.0+0x90/0x90
[   85.267453][ T5089]  ? _raw_spin_lock_irq+0x45/0x50
[   85.272489][ T5089]  ? __fget_light+0x20a/0x270
[   85.277182][ T5089]  __sys_sendmsg+0xf7/0x1c0
[   85.281702][ T5089]  ? __sys_sendmsg_sock+0x40/0x40
[   85.286744][ T5089]  ? lock_downgrade+0x6e0/0x6e0
[   85.291628][ T5089]  ? lockdep_hardirqs_on+0x7d/0x100
[   85.296831][ T5089]  ? _raw_spin_unlock_irq+0x2e/0x50
[   85.302039][ T5089]  ? ptrace_notify+0xfe/0x140
[   85.306725][ T5089]  do_syscall_64+0x39/0xb0
[   85.311180][ T5089]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   85.317087][ T5089] RIP: 0033:0x7fb78f2feeb9
[   85.321508][ T5089] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   85.341128][ T5089] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   85.349555][ T5089] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007fb78f2feeb9
[   85.357533][ T5089] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   85.365512][ T5089] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   85.373491][ T5089] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   85.381467][ T5089] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   85.389458][ T5089]  </TASK>
[   85.396263][ T5089] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   85.407487][ T5089] CPU: 1 PID: 5089 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   85.417941][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   85.428030][ T5089] Call Trace:
[   85.431335][ T5089]  <TASK>
[   85.434275][ T5089]  dump_stack_lvl+0xd1/0x138
[   85.438893][ T5089]  ccid3_update_send_interval.cold+0x87/0x93
[   85.444911][ T5089]  ccid3_hc_tx_packet_sent+0x132/0x160
[   85.450397][ T5089]  ? ccid3_update_send_interval+0x120/0x120
[   85.456345][ T5089]  dccp_xmit_packet+0x2f2/0x750
[   85.461250][ T5089]  dccp_write_xmit+0x171/0x1d0
[   85.466072][ T5089]  dccp_sendmsg+0xaee/0xd30
[   85.470602][ T5089]  ? dccp_done+0x100/0x100
[   85.475053][ T5089]  ? aa_af_perm+0x240/0x240
[   85.479615][ T5089]  ? __import_iovec+0x1fb/0x610
[   85.484505][ T5089]  inet_sendmsg+0x9d/0xe0
[   85.488879][ T5089]  ? inet_send_prepare+0x4e0/0x4e0
[   85.494025][ T5089]  sock_sendmsg+0xd3/0x120
[   85.498463][ T5089]  ____sys_sendmsg+0x712/0x8c0
[   85.503255][ T5089]  ? copy_msghdr_from_user+0xfc/0x150
[   85.508674][ T5089]  ? kernel_sendmsg+0x50/0x50
[   85.513401][ T5089]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   85.519433][ T5089]  ___sys_sendmsg+0x110/0x1b0
[   85.524145][ T5089]  ? do_recvmmsg+0x6e0/0x6e0
[   85.528783][ T5089]  ? lock_release+0x810/0x810
[   85.533508][ T5089]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   85.538839][ T5089]  ? do_raw_spin_lock+0x124/0x2b0
[   85.543893][ T5089]  ? rwlock_bug.part.0+0x90/0x90
[   85.548856][ T5089]  ? _raw_spin_lock_irq+0x45/0x50
[   85.553924][ T5089]  ? __fget_light+0x20a/0x270
[   85.558671][ T5089]  __sys_sendmsg+0xf7/0x1c0
[   85.563237][ T5089]  ? __sys_sendmsg_sock+0x40/0x40
[   85.568306][ T5089]  ? lock_downgrade+0x6e0/0x6e0
[   85.573211][ T5089]  ? lockdep_hardirqs_on+0x7d/0x100
[   85.578463][ T5089]  ? _raw_spin_unlock_irq+0x2e/0x50
[   85.583700][ T5089]  ? ptrace_notify+0xfe/0x140
[   85.588503][ T5089]  do_syscall_64+0x39/0xb0
[   85.592958][ T5089]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   85.598902][ T5089] RIP: 0033:0x7fb78f2feeb9
[   85.603345][ T5089] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   85.622981][ T5089] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   85.631420][ T5089] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fb78f2feeb9
[   85.639416][ T5089] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   85.647411][ T5089] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   85.655447][ T5089] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   85.663459][ T5089] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   85.671508][ T5089]  </TASK>
[   85.677099][ T5089] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   85.688314][ T5089] CPU: 1 PID: 5089 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   85.698743][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   85.708897][ T5089] Call Trace:
[   85.712187][ T5089]  <TASK>
[   85.715143][ T5089]  dump_stack_lvl+0xd1/0x138
[   85.719763][ T5089]  ccid3_update_send_interval.cold+0x87/0x93
[   85.725782][ T5089]  ccid3_hc_tx_packet_sent+0x132/0x160
[   85.731282][ T5089]  ? ccid3_update_send_interval+0x120/0x120
[   85.737208][ T5089]  dccp_xmit_packet+0x2f2/0x750
[   85.742105][ T5089]  dccp_write_xmit+0x171/0x1d0
[   85.746920][ T5089]  dccp_sendmsg+0xaee/0xd30
[   85.751504][ T5089]  ? dccp_done+0x100/0x100
[   85.755996][ T5089]  ? aa_af_perm+0x240/0x240
[   85.760578][ T5089]  ? __import_iovec+0x1fb/0x610
[   85.765494][ T5089]  inet_sendmsg+0x9d/0xe0
[   85.769865][ T5089]  ? inet_send_prepare+0x4e0/0x4e0
[   85.775004][ T5089]  sock_sendmsg+0xd3/0x120
[   85.779458][ T5089]  ____sys_sendmsg+0x712/0x8c0
[   85.784268][ T5089]  ? copy_msghdr_from_user+0xfc/0x150
[   85.789681][ T5089]  ? kernel_sendmsg+0x50/0x50
[   85.794406][ T5089]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   85.800516][ T5089]  ___sys_sendmsg+0x110/0x1b0
[   85.805224][ T5089]  ? do_recvmmsg+0x6e0/0x6e0
[   85.809884][ T5089]  ? lock_release+0x810/0x810
[   85.814624][ T5089]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   85.819849][ T5089]  ? do_raw_spin_lock+0x124/0x2b0
[   85.824901][ T5089]  ? rwlock_bug.part.0+0x90/0x90
[   85.829968][ T5089]  ? _raw_spin_lock_irq+0x45/0x50
[   85.835036][ T5089]  ? __fget_light+0x20a/0x270
[   85.839772][ T5089]  __sys_sendmsg+0xf7/0x1c0
[   85.844305][ T5089]  ? __sys_sendmsg_sock+0x40/0x40
[   85.849370][ T5089]  ? lock_downgrade+0x6e0/0x6e0
[   85.854308][ T5089]  ? lockdep_hardirqs_on+0x7d/0x100
[   85.859527][ T5089]  ? _raw_spin_unlock_irq+0x2e/0x50
[   85.864747][ T5089]  ? ptrace_notify+0xfe/0x140
[   85.869447][ T5089]  do_syscall_64+0x39/0xb0
[   85.873891][ T5089]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   85.879797][ T5089] RIP: 0033:0x7fb78f2feeb9
[   85.884223][ T5089] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   85.903855][ T5089] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   85.912307][ T5089] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb78f2feeb9
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   85.920309][ T5089] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   85.928305][ T5089] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   85.936308][ T5089] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   85.944310][ T5089] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   85.952332][ T5089]  </TASK>
[   85.957603][ T5089] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   85.968904][ T5089] CPU: 1 PID: 5089 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   85.979362][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   85.989447][ T5089] Call Trace:
[   85.992730][ T5089]  <TASK>
[   85.995671][ T5089]  dump_stack_lvl+0xd1/0x138
[   86.000326][ T5089]  ccid3_update_send_interval.cold+0x87/0x93
[   86.006375][ T5089]  ccid3_hc_tx_packet_sent+0x132/0x160
[   86.011889][ T5089]  ? ccid3_update_send_interval+0x120/0x120
[   86.017849][ T5089]  dccp_xmit_packet+0x2f2/0x750
[   86.022761][ T5089]  dccp_write_xmit+0x171/0x1d0
[   86.027563][ T5089]  dccp_sendmsg+0xaee/0xd30
[   86.032099][ T5089]  ? dccp_done+0x100/0x100
[   86.036535][ T5089]  ? aa_af_perm+0x240/0x240
[   86.041088][ T5089]  ? __import_iovec+0x1fb/0x610
[   86.045990][ T5089]  inet_sendmsg+0x9d/0xe0
[   86.050375][ T5089]  ? inet_send_prepare+0x4e0/0x4e0
[   86.055536][ T5089]  sock_sendmsg+0xd3/0x120
[   86.059985][ T5089]  ____sys_sendmsg+0x712/0x8c0
[   86.064774][ T5089]  ? copy_msghdr_from_user+0xfc/0x150
[   86.070178][ T5089]  ? kernel_sendmsg+0x50/0x50
[   86.074890][ T5089]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   86.080913][ T5089]  ___sys_sendmsg+0x110/0x1b0
[   86.085627][ T5089]  ? do_recvmmsg+0x6e0/0x6e0
[   86.090286][ T5089]  ? lock_release+0x810/0x810
[   86.095039][ T5089]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   86.100298][ T5089]  ? do_raw_spin_lock+0x124/0x2b0
[   86.105357][ T5089]  ? rwlock_bug.part.0+0x90/0x90
[   86.110338][ T5089]  ? _raw_spin_lock_irq+0x45/0x50
[   86.115406][ T5089]  ? __fget_light+0x20a/0x270
[   86.120175][ T5089]  __sys_sendmsg+0xf7/0x1c0
[   86.124756][ T5089]  ? __sys_sendmsg_sock+0x40/0x40
[   86.129802][ T5089]  ? lock_downgrade+0x6e0/0x6e0
[   86.134712][ T5089]  ? lockdep_hardirqs_on+0x7d/0x100
[   86.139950][ T5089]  ? _raw_spin_unlock_irq+0x2e/0x50
[   86.145169][ T5089]  ? ptrace_notify+0xfe/0x140
[   86.149869][ T5089]  do_syscall_64+0x39/0xb0
[   86.154315][ T5089]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   86.160224][ T5089] RIP: 0033:0x7fb78f2feeb9
[   86.164657][ T5089] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   86.184311][ T5089] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.192744][ T5089] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fb78f2feeb9
[   86.200748][ T5089] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   86.208774][ T5089] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   86.216760][ T5089] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   86.224745][ T5089] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   86.232750][ T5089]  </TASK>
[   86.239975][ T5089] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   86.251159][ T5089] CPU: 1 PID: 5089 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   86.261587][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   86.271653][ T5089] Call Trace:
[   86.274940][ T5089]  <TASK>
[   86.277886][ T5089]  dump_stack_lvl+0xd1/0x138
[   86.282537][ T5089]  ccid3_update_send_interval.cold+0x87/0x93
[   86.288599][ T5089]  ccid3_hc_tx_packet_sent+0x132/0x160
[   86.294134][ T5089]  ? ccid3_update_send_interval+0x120/0x120
[   86.300061][ T5089]  dccp_xmit_packet+0x2f2/0x750
[   86.304961][ T5089]  dccp_write_xmit+0x171/0x1d0
[   86.309777][ T5089]  dccp_sendmsg+0xaee/0xd30
[   86.314501][ T5089]  ? dccp_done+0x100/0x100
[   86.318939][ T5089]  ? aa_af_perm+0x240/0x240
[   86.323646][ T5089]  ? __import_iovec+0x1fb/0x610
[   86.328539][ T5089]  inet_sendmsg+0x9d/0xe0
[   86.332913][ T5089]  ? inet_send_prepare+0x4e0/0x4e0
[   86.338055][ T5089]  sock_sendmsg+0xd3/0x120
[   86.342497][ T5089]  ____sys_sendmsg+0x712/0x8c0
[   86.347293][ T5089]  ? copy_msghdr_from_user+0xfc/0x150
[   86.352716][ T5089]  ? kernel_sendmsg+0x50/0x50
[   86.357455][ T5089]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   86.363522][ T5089]  ___sys_sendmsg+0x110/0x1b0
[   86.368267][ T5089]  ? do_recvmmsg+0x6e0/0x6e0
[   86.372917][ T5089]  ? lock_release+0x810/0x810
[   86.377640][ T5089]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   86.382869][ T5089]  ? do_raw_spin_lock+0x124/0x2b0
[   86.387924][ T5089]  ? rwlock_bug.part.0+0x90/0x90
[   86.392898][ T5089]  ? _raw_spin_lock_irq+0x45/0x50
[   86.397969][ T5089]  ? __fget_light+0x20a/0x270
[   86.402675][ T5089]  __sys_sendmsg+0xf7/0x1c0
[   86.407226][ T5089]  ? __sys_sendmsg_sock+0x40/0x40
[   86.412282][ T5089]  ? lock_downgrade+0x6e0/0x6e0
[   86.417188][ T5089]  ? lockdep_hardirqs_on+0x7d/0x100
[   86.422426][ T5089]  ? _raw_spin_unlock_irq+0x2e/0x50
[   86.427670][ T5089]  ? ptrace_notify+0xfe/0x140
[   86.432373][ T5089]  do_syscall_64+0x39/0xb0
[   86.436825][ T5089]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   86.442741][ T5089] RIP: 0033:0x7fb78f2feeb9
[   86.447175][ T5089] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   86.466809][ T5089] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.475256][ T5089] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fb78f2feeb9
[   86.483254][ T5089] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[   86.491259][ T5089] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   86.499272][ T5089] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   86.507280][ T5089] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   86.515359][ T5089]  </TASK>
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   86.519466][ T5089] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   86.531207][ T5089] CPU: 0 PID: 5089 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   86.541667][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   86.551740][ T5089] Call Trace:
[   86.555035][ T5089]  <TASK>
[   86.557993][ T5089]  dump_stack_lvl+0xd1/0x138
[   86.562615][ T5089]  ccid3_update_send_interval.cold+0x87/0x93
[   86.568635][ T5089]  ccid3_hc_tx_packet_sent+0x132/0x160
[   86.574146][ T5089]  ? ccid3_update_send_interval+0x120/0x120
[   86.580081][ T5089]  dccp_xmit_packet+0x2f2/0x750
[   86.584990][ T5089]  dccp_write_xmit+0x171/0x1d0
[   86.589815][ T5089]  dccp_sendmsg+0xaee/0xd30
[   86.594357][ T5089]  ? dccp_done+0x100/0x100
[   86.598799][ T5089]  ? aa_af_perm+0x240/0x240
[   86.603446][ T5089]  ? __import_iovec+0x1fb/0x610
[   86.608343][ T5089]  inet_sendmsg+0x9d/0xe0
[   86.612700][ T5089]  ? inet_send_prepare+0x4e0/0x4e0
[   86.617849][ T5089]  sock_sendmsg+0xd3/0x120
[   86.622298][ T5089]  ____sys_sendmsg+0x712/0x8c0
[   86.627098][ T5089]  ? copy_msghdr_from_user+0xfc/0x150
[   86.632513][ T5089]  ? kernel_sendmsg+0x50/0x50
[   86.637249][ T5089]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   86.643301][ T5089]  ___sys_sendmsg+0x110/0x1b0
[   86.648018][ T5089]  ? do_recvmmsg+0x6e0/0x6e0
[   86.652656][ T5089]  ? lock_release+0x810/0x810
[   86.657374][ T5089]  ? ptrace_stop.part.0+0x4a3/0x8e0
[   86.662596][ T5089]  ? do_raw_spin_lock+0x124/0x2b0
[   86.667662][ T5089]  ? rwlock_bug.part.0+0x90/0x90
[   86.672618][ T5089]  ? _raw_spin_lock_irq+0x45/0x50
[   86.677674][ T5089]  ? __fget_light+0x20a/0x270
[   86.682389][ T5089]  __sys_sendmsg+0xf7/0x1c0
[   86.686930][ T5089]  ? __sys_sendmsg_sock+0x40/0x40
[   86.691993][ T5089]  ? lock_downgrade+0x6e0/0x6e0
[   86.696897][ T5089]  ? lockdep_hardirqs_on+0x7d/0x100
[   86.702125][ T5089]  ? _raw_spin_unlock_irq+0x2e/0x50
[   86.707351][ T5089]  ? ptrace_notify+0xfe/0x140
[   86.712055][ T5089]  do_syscall_64+0x39/0xb0
[   86.716508][ T5089]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   86.722430][ T5089] RIP: 0033:0x7fb78f2feeb9
[   86.726864][ T5089] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   86.746511][ T5089] RSP: 002b:00007fff3e6e1ca8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.754968][ T5089] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fb78f2feeb9
[   86.762996][ T5089] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid  5089] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5089] exit_group(0)               = ?
[pid  5089] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5089, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555562765d0) = 5090
./strace-static-x86_64: Process 5090 attached
[pid  5090] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5090] setpgid(0, 0)               = 0
[pid  5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5090] write(3, "1000", 4)         = 4
[pid  5090] close(3)                    = 0
[pid  5090] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid  5090] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid  5090] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid  5090] listen(3, 6)                = 0
[pid  5090] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[   86.770987][ T5089] RBP: 0000000000000000 R08: 00007fff3e6e1e48 R09: 00007fff3e6e1e48
[   86.778998][ T5089] R10: 00007fff3e6e1e48 R11: 0000000000000246 R12: 00007fff3e6e1cbc
[   86.786994][ T5089] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[   86.795009][ T5089]  </TASK>
[pid  5090] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid  5090] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid  5090] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[   86.825815][ T5090] dccp_xmit_packet: Payload too large (65475) for featneg.
[   86.883718][ T5090] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[   86.895159][ T5090] CPU: 0 PID: 5090 Comm: syz-executor401 Not tainted 6.2.0-rc8-syzkaller-00202-gec35307e18ba #0
[   86.905617][ T5090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[   86.915701][ T5090] Call Trace:
[   86.919009][ T5090]  <TASK>
[   86.921981][ T5090]  dump_stack_lvl+0xd1/0x138
[   86.926648][ T5090]  ccid3_update_send_interval.cold+0x87/0x93