./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2456160430
<...>
Warning: Permanently added '10.128.0.148' (ECDSA) to the list of known hosts.
execve("./syz-executor2456160430", ["./syz-executor2456160430"], 0x7ffffbd2d1b0 /* 10 vars */) = 0
brk(NULL) = 0x55555579c000
brk(0x55555579cc40) = 0x55555579cc40
arch_prctl(ARCH_SET_FS, 0x55555579c300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor2456160430", 4096) = 28
brk(0x5555557bdc40) = 0x5555557bdc40
brk(0x5555557be000) = 0x5555557be000
mprotect(0x7fc35e399000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555579c5d0) = 5001
./strace-static-x86_64: Process 5001 attached
[pid 5001] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5001] setpgid(0, 0) = 0
[pid 5001] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5001] write(3, "1000", 4) = 4
[pid 5001] close(3) = 0
[pid 5001] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid 5001] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 5001] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid 5001] listen(3, 6) = 0
[pid 5001] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid 5001] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid 5001] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5001] exit_group(0) = ?
[pid 5001] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5001, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555579c5d0) = 5002
./strace-static-x86_64: Process 5002 attached
[ 59.203054][ T5001] dccp_xmit_packet: Payload too large (65475) for featneg.
[pid 5002] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5002] setpgid(0, 0) = 0
[pid 5002] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5002] write(3, "1000", 4) = 4
[pid 5002] close(3) = 0
[pid 5002] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid 5002] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 5002] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid 5002] listen(3, 6) = 0
[pid 5002] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid 5002] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid 5002] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 59.271781][ T5002] dccp_xmit_packet: Payload too large (65475) for featneg.
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 59.355660][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 59.367302][ T5002] CPU: 0 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 59.377235][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 59.387293][ T5002] Call Trace:
[ 59.390574][ T5002]
[ 59.393504][ T5002] dump_stack_lvl+0x136/0x150
[ 59.398220][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 59.403955][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 59.409425][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 59.415331][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 59.420193][ T5002] dccp_write_xmit+0x171/0x1d0
[ 59.424970][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 59.429483][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 59.433992][ T5002] ? aa_af_perm+0x240/0x240
[ 59.438510][ T5002] ? import_ubuf+0x1fd/0x270
[ 59.443113][ T5002] inet_sendmsg+0x9d/0xe0
[ 59.447453][ T5002] ? inet_send_prepare+0x530/0x530
[ 59.452579][ T5002] sock_sendmsg+0xde/0x190
[ 59.457026][ T5002] ____sys_sendmsg+0x71c/0x900
[ 59.461807][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 59.467182][ T5002] ? kernel_sendmsg+0x50/0x50
[ 59.471879][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 59.477879][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 59.482697][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 59.487302][ T5002] ? lock_sync+0x190/0x190
[ 59.491732][ T5002] ? rcu_is_watching+0x12/0xb0
[ 59.496504][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 59.501545][ T5002] ? spin_bug+0x1c0/0x1c0
[ 59.505890][ T5002] ? lock_acquire+0x32/0xc0
[ 59.510407][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 59.515654][ T5002] ? __fget_light+0x20a/0x270
[ 59.520343][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 59.524850][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 59.529878][ T5002] ? lock_downgrade+0x690/0x690
[ 59.534754][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 59.539966][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 59.545175][ T5002] ? ptrace_notify+0xfe/0x140
[ 59.549881][ T5002] do_syscall_64+0x39/0xb0
[ 59.554343][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 59.560265][ T5002] RIP: 0033:0x7fc35e32beb9
[ 59.564696][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 59.584312][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 59.592732][ T5002] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00007fc35e32beb9
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 59.600706][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 59.608717][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 59.616695][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 59.624666][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 59.632654][ T5002]
[ 59.639175][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 59.650490][ T5002] CPU: 0 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 59.660388][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 59.670447][ T5002] Call Trace:
[ 59.673717][ T5002]
[ 59.676651][ T5002] dump_stack_lvl+0x136/0x150
[ 59.681365][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 59.687090][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 59.692555][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 59.698469][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 59.703340][ T5002] dccp_write_xmit+0x171/0x1d0
[ 59.708126][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 59.712654][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 59.717180][ T5002] ? aa_af_perm+0x240/0x240
[ 59.721690][ T5002] ? import_ubuf+0x1fd/0x270
[ 59.726279][ T5002] inet_sendmsg+0x9d/0xe0
[ 59.730644][ T5002] ? inet_send_prepare+0x530/0x530
[ 59.735785][ T5002] sock_sendmsg+0xde/0x190
[ 59.740347][ T5002] ____sys_sendmsg+0x71c/0x900
[ 59.745131][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 59.750506][ T5002] ? kernel_sendmsg+0x50/0x50
[ 59.755205][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 59.761218][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 59.765899][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 59.770514][ T5002] ? lock_sync+0x190/0x190
[ 59.774942][ T5002] ? rcu_is_watching+0x12/0xb0
[ 59.779706][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 59.784755][ T5002] ? spin_bug+0x1c0/0x1c0
[ 59.789085][ T5002] ? lock_acquire+0x32/0xc0
[ 59.793594][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 59.798805][ T5002] ? __fget_light+0x20a/0x270
[ 59.803500][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 59.808013][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 59.813042][ T5002] ? lock_downgrade+0x690/0x690
[ 59.817904][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 59.823114][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 59.828406][ T5002] ? ptrace_notify+0xfe/0x140
[ 59.833097][ T5002] do_syscall_64+0x39/0xb0
[ 59.837537][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 59.843466][ T5002] RIP: 0033:0x7fc35e32beb9
[ 59.847875][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 59.867488][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 59.875904][ T5002] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00007fc35e32beb9
[ 59.883964][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 59.891946][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 59.899934][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 59.907934][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 59.915933][ T5002]
[ 59.922729][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 59.933894][ T5002] CPU: 0 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 59.943790][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 59.954027][ T5002] Call Trace:
[ 59.957307][ T5002]
[ 59.960248][ T5002] dump_stack_lvl+0x136/0x150
[ 59.964927][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 59.970650][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 59.976105][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 59.981998][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 59.986851][ T5002] dccp_write_xmit+0x171/0x1d0
[ 59.991610][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 59.996107][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 60.000610][ T5002] ? aa_af_perm+0x240/0x240
[ 60.005116][ T5002] ? import_ubuf+0x1fd/0x270
[ 60.009791][ T5002] inet_sendmsg+0x9d/0xe0
[ 60.014119][ T5002] ? inet_send_prepare+0x530/0x530
[ 60.019229][ T5002] sock_sendmsg+0xde/0x190
[ 60.023644][ T5002] ____sys_sendmsg+0x71c/0x900
[ 60.028405][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 60.033771][ T5002] ? kernel_sendmsg+0x50/0x50
[ 60.038447][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 60.044602][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 60.049273][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 60.053874][ T5002] ? lock_sync+0x190/0x190
[ 60.058317][ T5002] ? rcu_is_watching+0x12/0xb0
[ 60.063077][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 60.068104][ T5002] ? spin_bug+0x1c0/0x1c0
[ 60.072520][ T5002] ? lock_acquire+0x32/0xc0
[ 60.077062][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 60.082274][ T5002] ? __fget_light+0x20a/0x270
[ 60.087052][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 60.091568][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 60.096607][ T5002] ? lock_downgrade+0x690/0x690
[ 60.101473][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 60.106768][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 60.112037][ T5002] ? ptrace_notify+0xfe/0x140
[ 60.116822][ T5002] do_syscall_64+0x39/0xb0
[ 60.121261][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.127189][ T5002] RIP: 0033:0x7fc35e32beb9
[ 60.131607][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 60.151738][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 60.160146][ T5002] RAX: ffffffffffffffda RBX: 000000000000000e RCX: 00007fc35e32beb9
[ 60.168112][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 60.176089][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 60.184083][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 60.192082][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 60.200074][ T5002]
[ 60.206939][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 60.218302][ T5002] CPU: 0 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 60.228200][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 60.238281][ T5002] Call Trace:
[ 60.241574][ T5002]
[ 60.244514][ T5002] dump_stack_lvl+0x136/0x150
[ 60.249401][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 60.255133][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 60.260599][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 60.266496][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 60.271360][ T5002] dccp_write_xmit+0x171/0x1d0
[ 60.276144][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 60.280647][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 60.285158][ T5002] ? aa_af_perm+0x240/0x240
[ 60.289699][ T5002] ? import_ubuf+0x1fd/0x270
[ 60.294288][ T5002] inet_sendmsg+0x9d/0xe0
[ 60.298625][ T5002] ? inet_send_prepare+0x530/0x530
[ 60.303735][ T5002] sock_sendmsg+0xde/0x190
[ 60.308169][ T5002] ____sys_sendmsg+0x71c/0x900
[ 60.312955][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 60.318330][ T5002] ? kernel_sendmsg+0x50/0x50
[ 60.323064][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 60.329052][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 60.333744][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 60.338340][ T5002] ? lock_sync+0x190/0x190
[ 60.342761][ T5002] ? rcu_is_watching+0x12/0xb0
[ 60.347525][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 60.352564][ T5002] ? spin_bug+0x1c0/0x1c0
[ 60.356923][ T5002] ? lock_acquire+0x32/0xc0
[ 60.361425][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 60.366627][ T5002] ? __fget_light+0x20a/0x270
[ 60.371306][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 60.375806][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 60.380827][ T5002] ? lock_downgrade+0x690/0x690
[ 60.385698][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 60.390920][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 60.396120][ T5002] ? ptrace_notify+0xfe/0x140
[ 60.400817][ T5002] do_syscall_64+0x39/0xb0
[ 60.405267][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.411162][ T5002] RIP: 0033:0x7fc35e32beb9
[ 60.415571][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 60.435186][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 60.443718][ T5002] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007fc35e32beb9
[ 60.451709][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 60.459709][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 60.467681][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 60.475652][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 60.483639][ T5002]
[ 60.490489][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 60.501714][ T5002] CPU: 0 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 60.511619][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 60.521669][ T5002] Call Trace:
[ 60.525038][ T5002]
[ 60.527983][ T5002] dump_stack_lvl+0x136/0x150
[ 60.532694][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 60.538426][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 60.543884][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 60.549800][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 60.554959][ T5002] dccp_write_xmit+0x171/0x1d0
[ 60.559720][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 60.564229][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 60.568734][ T5002] ? aa_af_perm+0x240/0x240
[ 60.573272][ T5002] ? import_ubuf+0x1fd/0x270
[ 60.577870][ T5002] inet_sendmsg+0x9d/0xe0
[ 60.582207][ T5002] ? inet_send_prepare+0x530/0x530
[ 60.587324][ T5002] sock_sendmsg+0xde/0x190
[ 60.591755][ T5002] ____sys_sendmsg+0x71c/0x900
[ 60.596623][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 60.602031][ T5002] ? kernel_sendmsg+0x50/0x50
[ 60.606738][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 60.612730][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 60.617403][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 60.622001][ T5002] ? lock_sync+0x190/0x190
[ 60.626418][ T5002] ? rcu_is_watching+0x12/0xb0
[ 60.631204][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 60.636247][ T5002] ? spin_bug+0x1c0/0x1c0
[ 60.640588][ T5002] ? lock_acquire+0x32/0xc0
[ 60.645088][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 60.650287][ T5002] ? __fget_light+0x20a/0x270
[ 60.654992][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 60.659502][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 60.664528][ T5002] ? lock_downgrade+0x690/0x690
[ 60.669407][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 60.674600][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 60.679809][ T5002] ? ptrace_notify+0xfe/0x140
[ 60.684500][ T5002] do_syscall_64+0x39/0xb0
[ 60.688917][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.694900][ T5002] RIP: 0033:0x7fc35e32beb9
[ 60.699305][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 60.719006][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 60.727440][ T5002] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007fc35e32beb9
[ 60.735416][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 60.743403][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 60.751369][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 60.759333][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 60.767330][ T5002]
[ 60.774179][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 60.785456][ T5002] CPU: 0 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 60.795465][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 60.805537][ T5002] Call Trace:
[ 60.808836][ T5002]
[ 60.811754][ T5002] dump_stack_lvl+0x136/0x150
[ 60.816452][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 60.822195][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 60.827701][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 60.833606][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 60.838500][ T5002] dccp_write_xmit+0x171/0x1d0
[ 60.843257][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 60.847781][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 60.852272][ T5002] ? aa_af_perm+0x240/0x240
[ 60.856770][ T5002] ? import_ubuf+0x1fd/0x270
[ 60.861354][ T5002] inet_sendmsg+0x9d/0xe0
[ 60.865777][ T5002] ? inet_send_prepare+0x530/0x530
[ 60.870900][ T5002] sock_sendmsg+0xde/0x190
[ 60.875321][ T5002] ____sys_sendmsg+0x71c/0x900
[ 60.880089][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 60.885461][ T5002] ? kernel_sendmsg+0x50/0x50
[ 60.890144][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 60.896119][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 60.900803][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 60.905396][ T5002] ? lock_sync+0x190/0x190
[ 60.909808][ T5002] ? rcu_is_watching+0x12/0xb0
[ 60.914575][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 60.919596][ T5002] ? spin_bug+0x1c0/0x1c0
[ 60.923921][ T5002] ? lock_acquire+0x32/0xc0
[ 60.928415][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 60.933606][ T5002] ? __fget_light+0x20a/0x270
[ 60.938272][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 60.942763][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 60.947772][ T5002] ? lock_downgrade+0x690/0x690
[ 60.952632][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 60.957832][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 60.963024][ T5002] ? ptrace_notify+0xfe/0x140
[ 60.968043][ T5002] do_syscall_64+0x39/0xb0
[ 60.972465][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.978360][ T5002] RIP: 0033:0x7fc35e32beb9
[ 60.982765][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 61.002363][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 61.010767][ T5002] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007fc35e32beb9
[ 61.018724][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 61.026682][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 61.034789][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 61.042760][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 61.050740][ T5002]
[ 61.056864][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 61.068239][ T5002] CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 61.078249][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 61.088421][ T5002] Call Trace:
[ 61.091699][ T5002]
[ 61.094631][ T5002] dump_stack_lvl+0x136/0x150
[ 61.099322][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 61.105065][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 61.110558][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 61.116485][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 61.121341][ T5002] dccp_write_xmit+0x171/0x1d0
[ 61.126117][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 61.130645][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 61.135149][ T5002] ? aa_af_perm+0x240/0x240
[ 61.139665][ T5002] ? import_ubuf+0x1fd/0x270
[ 61.144280][ T5002] inet_sendmsg+0x9d/0xe0
[ 61.148610][ T5002] ? inet_send_prepare+0x530/0x530
[ 61.153720][ T5002] sock_sendmsg+0xde/0x190
[ 61.158145][ T5002] ____sys_sendmsg+0x71c/0x900
[ 61.162941][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 61.168338][ T5002] ? kernel_sendmsg+0x50/0x50
[ 61.173136][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 61.179125][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 61.183804][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 61.188397][ T5002] ? lock_sync+0x190/0x190
[ 61.192824][ T5002] ? rcu_is_watching+0x12/0xb0
[ 61.197603][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 61.202640][ T5002] ? spin_bug+0x1c0/0x1c0
[ 61.206981][ T5002] ? lock_acquire+0x32/0xc0
[ 61.211484][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 61.216686][ T5002] ? __fget_light+0x20a/0x270
[ 61.221373][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 61.225895][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 61.230912][ T5002] ? lock_downgrade+0x690/0x690
[ 61.235794][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 61.240990][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 61.246196][ T5002] ? ptrace_notify+0xfe/0x140
[ 61.250885][ T5002] do_syscall_64+0x39/0xb0
[ 61.255306][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 61.261212][ T5002] RIP: 0033:0x7fc35e32beb9
[ 61.265636][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 61.285246][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 61.293662][ T5002] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007fc35e32beb9
[ 61.301653][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 61.309626][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 61.317685][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 61.325661][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 61.333643][ T5002]
[ 61.340113][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 61.351286][ T5002] CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 61.361184][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 61.371252][ T5002] Call Trace:
[ 61.374527][ T5002]
[ 61.377483][ T5002] dump_stack_lvl+0x136/0x150
[ 61.382195][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 61.387917][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 61.393382][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 61.399282][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 61.404134][ T5002] dccp_write_xmit+0x171/0x1d0
[ 61.408902][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 61.413424][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 61.417922][ T5002] ? aa_af_perm+0x240/0x240
[ 61.422428][ T5002] ? import_ubuf+0x1fd/0x270
[ 61.427102][ T5002] inet_sendmsg+0x9d/0xe0
[ 61.431432][ T5002] ? inet_send_prepare+0x530/0x530
[ 61.436543][ T5002] sock_sendmsg+0xde/0x190
[ 61.440960][ T5002] ____sys_sendmsg+0x71c/0x900
[ 61.445731][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 61.451130][ T5002] ? kernel_sendmsg+0x50/0x50
[ 61.455836][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 61.461816][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 61.466488][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 61.471078][ T5002] ? lock_sync+0x190/0x190
[ 61.475495][ T5002] ? rcu_is_watching+0x12/0xb0
[ 61.480253][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 61.485288][ T5002] ? spin_bug+0x1c0/0x1c0
[ 61.489642][ T5002] ? lock_acquire+0x32/0xc0
[ 61.494147][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 61.499346][ T5002] ? __fget_light+0x20a/0x270
[ 61.504022][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 61.508532][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 61.513550][ T5002] ? lock_downgrade+0x690/0x690
[ 61.518410][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 61.523604][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 61.528812][ T5002] ? ptrace_notify+0xfe/0x140
[ 61.533515][ T5002] do_syscall_64+0x39/0xb0
[ 61.537942][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 61.543843][ T5002] RIP: 0033:0x7fc35e32beb9
[ 61.548271][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 61.567879][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 61.576297][ T5002] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007fc35e32beb9
[ 61.584282][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 61.592253][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 61.600226][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 61.608216][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 61.616236][ T5002]
[ 61.622878][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 61.634079][ T5002] CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 61.643965][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 61.654017][ T5002] Call Trace:
[ 61.657289][ T5002]
[ 61.660216][ T5002] dump_stack_lvl+0x136/0x150
[ 61.664924][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 61.670658][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 61.676149][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 61.682056][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 61.686920][ T5002] dccp_write_xmit+0x171/0x1d0
[ 61.691705][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 61.696208][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 61.700718][ T5002] ? aa_af_perm+0x240/0x240
[ 61.705229][ T5002] ? import_ubuf+0x1fd/0x270
[ 61.709922][ T5002] inet_sendmsg+0x9d/0xe0
[ 61.714286][ T5002] ? inet_send_prepare+0x530/0x530
[ 61.719404][ T5002] sock_sendmsg+0xde/0x190
[ 61.723843][ T5002] ____sys_sendmsg+0x71c/0x900
[ 61.728634][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 61.734001][ T5002] ? kernel_sendmsg+0x50/0x50
[ 61.738704][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 61.744714][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 61.749388][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 61.753987][ T5002] ? lock_sync+0x190/0x190
[ 61.758404][ T5002] ? rcu_is_watching+0x12/0xb0
[ 61.763174][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 61.768242][ T5002] ? spin_bug+0x1c0/0x1c0
[ 61.772582][ T5002] ? lock_acquire+0x32/0xc0
[ 61.777113][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 61.782327][ T5002] ? __fget_light+0x20a/0x270
[ 61.787024][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 61.791521][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 61.796539][ T5002] ? lock_downgrade+0x690/0x690
[ 61.801459][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 61.806701][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 61.811909][ T5002] ? ptrace_notify+0xfe/0x140
[ 61.816610][ T5002] do_syscall_64+0x39/0xb0
[ 61.821065][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 61.826971][ T5002] RIP: 0033:0x7fc35e32beb9
[ 61.831382][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 61.851197][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 61.859618][ T5002] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fc35e32beb9
[ 61.867611][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 61.875603][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 61.883571][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 61.891536][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 61.899518][ T5002]
[ 61.905660][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 61.916860][ T5002] CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 61.926774][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 61.937011][ T5002] Call Trace:
[ 61.940300][ T5002]
[ 61.943233][ T5002] dump_stack_lvl+0x136/0x150
[ 61.947928][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 61.953675][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 61.959130][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 61.965034][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 61.969901][ T5002] dccp_write_xmit+0x171/0x1d0
[ 61.974667][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 61.979180][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 61.983699][ T5002] ? aa_af_perm+0x240/0x240
[ 61.988207][ T5002] ? import_ubuf+0x1fd/0x270
[ 61.992824][ T5002] inet_sendmsg+0x9d/0xe0
[ 61.997177][ T5002] ? inet_send_prepare+0x530/0x530
[ 62.002298][ T5002] sock_sendmsg+0xde/0x190
[ 62.006745][ T5002] ____sys_sendmsg+0x71c/0x900
[ 62.011508][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 62.016879][ T5002] ? kernel_sendmsg+0x50/0x50
[ 62.021576][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 62.027567][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 62.032252][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 62.036864][ T5002] ? lock_sync+0x190/0x190
[ 62.041280][ T5002] ? rcu_is_watching+0x12/0xb0
[ 62.046050][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 62.051104][ T5002] ? spin_bug+0x1c0/0x1c0
[ 62.055445][ T5002] ? lock_acquire+0x32/0xc0
[ 62.059970][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 62.065193][ T5002] ? __fget_light+0x20a/0x270
[ 62.069887][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 62.074386][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 62.079412][ T5002] ? lock_downgrade+0x690/0x690
[ 62.084283][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 62.089495][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 62.094716][ T5002] ? ptrace_notify+0xfe/0x140
[ 62.099394][ T5002] do_syscall_64+0x39/0xb0
[ 62.103934][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 62.109858][ T5002] RIP: 0033:0x7fc35e32beb9
[ 62.114275][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 62.133902][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 62.142406][ T5002] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fc35e32beb9
[ 62.150378][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 62.158343][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 62.166319][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 62.174296][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 62.182311][ T5002]
[ 62.188253][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 62.199416][ T5002] CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 62.209312][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 62.219376][ T5002] Call Trace:
[ 62.222658][ T5002]
[ 62.225607][ T5002] dump_stack_lvl+0x136/0x150
[ 62.230325][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 62.236048][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 62.241509][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 62.247413][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 62.252286][ T5002] dccp_write_xmit+0x171/0x1d0
[ 62.257077][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 62.261594][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 62.266094][ T5002] ? aa_af_perm+0x240/0x240
[ 62.270636][ T5002] ? import_ubuf+0x1fd/0x270
[ 62.275245][ T5002] inet_sendmsg+0x9d/0xe0
[ 62.279573][ T5002] ? inet_send_prepare+0x530/0x530
[ 62.284681][ T5002] sock_sendmsg+0xde/0x190
[ 62.289110][ T5002] ____sys_sendmsg+0x71c/0x900
[ 62.293893][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 62.299260][ T5002] ? kernel_sendmsg+0x50/0x50
[ 62.303953][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 62.310050][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 62.314732][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 62.319337][ T5002] ? lock_sync+0x190/0x190
[ 62.323750][ T5002] ? rcu_is_watching+0x12/0xb0
[ 62.328521][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 62.333579][ T5002] ? spin_bug+0x1c0/0x1c0
[ 62.337923][ T5002] ? lock_acquire+0x32/0xc0
[ 62.342446][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 62.347642][ T5002] ? __fget_light+0x20a/0x270
[ 62.352331][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 62.356837][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 62.361874][ T5002] ? lock_downgrade+0x690/0x690
[ 62.366737][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 62.371951][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 62.377179][ T5002] ? ptrace_notify+0xfe/0x140
[ 62.381863][ T5002] do_syscall_64+0x39/0xb0
[ 62.386284][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 62.392186][ T5002] RIP: 0033:0x7fc35e32beb9
[ 62.396615][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 62.416241][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 62.424650][ T5002] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007fc35e32beb9
[ 62.432623][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 62.441384][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 62.449370][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 62.457341][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 62.465318][ T5002]
[ 62.470467][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 62.481678][ T5002] CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 62.491584][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 62.501651][ T5002] Call Trace:
[ 62.504936][ T5002]
[ 62.507864][ T5002] dump_stack_lvl+0x136/0x150
[ 62.512559][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 62.518321][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 62.523805][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 62.529705][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 62.534567][ T5002] dccp_write_xmit+0x171/0x1d0
[ 62.539358][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 62.543873][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 62.548388][ T5002] ? aa_af_perm+0x240/0x240
[ 62.552894][ T5002] ? import_ubuf+0x1fd/0x270
[ 62.557486][ T5002] inet_sendmsg+0x9d/0xe0
[ 62.561844][ T5002] ? inet_send_prepare+0x530/0x530
[ 62.566988][ T5002] sock_sendmsg+0xde/0x190
[ 62.571428][ T5002] ____sys_sendmsg+0x71c/0x900
[ 62.576221][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 62.581592][ T5002] ? kernel_sendmsg+0x50/0x50
[ 62.586280][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 62.592270][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 62.596963][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 62.601581][ T5002] ? lock_sync+0x190/0x190
[ 62.606009][ T5002] ? rcu_is_watching+0x12/0xb0
[ 62.610767][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 62.615808][ T5002] ? spin_bug+0x1c0/0x1c0
[ 62.620136][ T5002] ? lock_acquire+0x32/0xc0
[ 62.624649][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 62.629884][ T5002] ? __fget_light+0x20a/0x270
[ 62.634589][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 62.639192][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 62.644208][ T5002] ? lock_downgrade+0x690/0x690
[ 62.649079][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 62.654316][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 62.659539][ T5002] ? ptrace_notify+0xfe/0x140
[ 62.664219][ T5002] do_syscall_64+0x39/0xb0
[ 62.668638][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 62.674531][ T5002] RIP: 0033:0x7fc35e32beb9
[ 62.678950][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 62.698581][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 62.707002][ T5002] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fc35e32beb9
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 62.714971][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 62.722939][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 62.730906][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 62.738884][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 62.746899][ T5002]
[ 62.751168][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 62.762358][ T5002] CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 62.772257][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 62.782365][ T5002] Call Trace:
[ 62.785642][ T5002]
[ 62.788566][ T5002] dump_stack_lvl+0x136/0x150
[ 62.793264][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 62.798985][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 62.804526][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 62.810433][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 62.815316][ T5002] dccp_write_xmit+0x171/0x1d0
[ 62.820088][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 62.824600][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 62.829105][ T5002] ? aa_af_perm+0x240/0x240
[ 62.833612][ T5002] ? import_ubuf+0x1fd/0x270
[ 62.838222][ T5002] inet_sendmsg+0x9d/0xe0
[ 62.842573][ T5002] ? inet_send_prepare+0x530/0x530
[ 62.847704][ T5002] sock_sendmsg+0xde/0x190
[ 62.852134][ T5002] ____sys_sendmsg+0x71c/0x900
[ 62.856905][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 62.862292][ T5002] ? kernel_sendmsg+0x50/0x50
[ 62.866977][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 62.872966][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 62.877655][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 62.882248][ T5002] ? lock_sync+0x190/0x190
[ 62.886756][ T5002] ? rcu_is_watching+0x12/0xb0
[ 62.891516][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 62.896556][ T5002] ? spin_bug+0x1c0/0x1c0
[ 62.900918][ T5002] ? lock_acquire+0x32/0xc0
[ 62.905431][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 62.910665][ T5002] ? __fget_light+0x20a/0x270
[ 62.915367][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 62.919880][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 62.924911][ T5002] ? lock_downgrade+0x690/0x690
[ 62.929768][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 62.935050][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 62.940255][ T5002] ? ptrace_notify+0xfe/0x140
[ 62.944946][ T5002] do_syscall_64+0x39/0xb0
[ 62.949361][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 62.955267][ T5002] RIP: 0033:0x7fc35e32beb9
[ 62.959690][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 62.979307][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 62.987729][ T5002] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fc35e32beb9
[ 62.995722][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 63.003685][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 63.011654][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 63.019625][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 63.027614][ T5002]
[ 63.033620][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 63.044997][ T5002] CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 63.054909][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 63.064957][ T5002] Call Trace:
[ 63.068241][ T5002]
[ 63.071177][ T5002] dump_stack_lvl+0x136/0x150
[ 63.075861][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 63.081615][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 63.087619][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 63.093514][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 63.098375][ T5002] dccp_write_xmit+0x171/0x1d0
[ 63.103139][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 63.107653][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 63.112172][ T5002] ? aa_af_perm+0x240/0x240
[ 63.116680][ T5002] ? import_ubuf+0x1fd/0x270
[ 63.121288][ T5002] inet_sendmsg+0x9d/0xe0
[ 63.125646][ T5002] ? inet_send_prepare+0x530/0x530
[ 63.130788][ T5002] sock_sendmsg+0xde/0x190
[ 63.135322][ T5002] ____sys_sendmsg+0x71c/0x900
[ 63.140088][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 63.145474][ T5002] ? kernel_sendmsg+0x50/0x50
[ 63.150177][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 63.156162][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 63.160937][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 63.165547][ T5002] ? lock_sync+0x190/0x190
[ 63.170059][ T5002] ? rcu_is_watching+0x12/0xb0
[ 63.174828][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 63.179871][ T5002] ? spin_bug+0x1c0/0x1c0
[ 63.184228][ T5002] ? lock_acquire+0x32/0xc0
[ 63.188729][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 63.193929][ T5002] ? __fget_light+0x20a/0x270
[ 63.198616][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 63.203129][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 63.208176][ T5002] ? lock_downgrade+0x690/0x690
[ 63.213054][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 63.218267][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 63.223501][ T5002] ? ptrace_notify+0xfe/0x140
[ 63.228213][ T5002] do_syscall_64+0x39/0xb0
[ 63.232646][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 63.238552][ T5002] RIP: 0033:0x7fc35e32beb9
[ 63.242995][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 63.262605][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 63.271016][ T5002] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fc35e32beb9
[ 63.278987][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 63.286953][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 63.294921][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 63.302889][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 63.310889][ T5002]
[ 63.314904][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 63.326078][ T5002] CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 63.335986][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 63.346055][ T5002] Call Trace:
[ 63.349352][ T5002]
[ 63.352285][ T5002] dump_stack_lvl+0x136/0x150
[ 63.356976][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 63.362702][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 63.368178][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 63.374103][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 63.378995][ T5002] dccp_write_xmit+0x171/0x1d0
[ 63.383780][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 63.388290][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 63.392893][ T5002] ? aa_af_perm+0x240/0x240
[ 63.397398][ T5002] ? import_ubuf+0x1fd/0x270
[ 63.402004][ T5002] inet_sendmsg+0x9d/0xe0
[ 63.406369][ T5002] ? inet_send_prepare+0x530/0x530
[ 63.411489][ T5002] sock_sendmsg+0xde/0x190
[ 63.415944][ T5002] ____sys_sendmsg+0x71c/0x900
[ 63.420726][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 63.426095][ T5002] ? kernel_sendmsg+0x50/0x50
[ 63.430794][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 63.436805][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 63.441490][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 63.446374][ T5002] ? lock_sync+0x190/0x190
[ 63.451679][ T5002] ? rcu_is_watching+0x12/0xb0
[ 63.456454][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 63.461522][ T5002] ? spin_bug+0x1c0/0x1c0
[ 63.465958][ T5002] ? lock_acquire+0x32/0xc0
[ 63.470507][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 63.475749][ T5002] ? __fget_light+0x20a/0x270
[ 63.480439][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 63.484962][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 63.490162][ T5002] ? lock_downgrade+0x690/0x690
[ 63.495026][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 63.500228][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 63.505430][ T5002] ? ptrace_notify+0xfe/0x140
[ 63.510116][ T5002] do_syscall_64+0x39/0xb0
[ 63.514539][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 63.520463][ T5002] RIP: 0033:0x7fc35e32beb9
[ 63.524891][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 63.544505][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 63.552922][ T5002] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc35e32beb9
[ 63.560899][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 63.568894][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 63.576909][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 63.584983][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 63.592969][ T5002]
[ 63.597206][ T5002] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 63.608378][ T5002] CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 63.618278][ T5002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 63.628337][ T5002] Call Trace:
[ 63.631623][ T5002]
[ 63.634572][ T5002] dump_stack_lvl+0x136/0x150
[ 63.639301][ T5002] ccid3_update_send_interval+0x187/0x1c0
[ 63.645032][ T5002] ccid3_hc_tx_packet_sent+0x132/0x190
[ 63.650512][ T5002] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 63.656417][ T5002] dccp_xmit_packet+0x2f2/0x760
[ 63.661272][ T5002] dccp_write_xmit+0x171/0x1d0
[ 63.666044][ T5002] dccp_sendmsg+0xa3b/0xbf0
[ 63.670560][ T5002] ? dccp_ioctl+0x1f0/0x1f0
[ 63.675094][ T5002] ? aa_af_perm+0x240/0x240
[ 63.680046][ T5002] ? import_ubuf+0x1fd/0x270
[ 63.684658][ T5002] inet_sendmsg+0x9d/0xe0
[ 63.689001][ T5002] ? inet_send_prepare+0x530/0x530
[ 63.694133][ T5002] sock_sendmsg+0xde/0x190
[ 63.698558][ T5002] ____sys_sendmsg+0x71c/0x900
[ 63.703349][ T5002] ? copy_msghdr_from_user+0xfc/0x150
[ 63.708909][ T5002] ? kernel_sendmsg+0x50/0x50
[ 63.714126][ T5002] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 63.720124][ T5002] ___sys_sendmsg+0x110/0x1b0
[ 63.724833][ T5002] ? do_recvmmsg+0x6f0/0x6f0
[ 63.729429][ T5002] ? lock_sync+0x190/0x190
[ 63.733859][ T5002] ? rcu_is_watching+0x12/0xb0
[ 63.738640][ T5002] ? do_raw_spin_lock+0x124/0x2b0
[ 63.743676][ T5002] ? spin_bug+0x1c0/0x1c0
[ 63.748012][ T5002] ? lock_acquire+0x32/0xc0
[ 63.752514][ T5002] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 63.757713][ T5002] ? __fget_light+0x20a/0x270
[ 63.762392][ T5002] __sys_sendmsg+0xf7/0x1c0
[ 63.767342][ T5002] ? __sys_sendmsg_sock+0x40/0x40
[ 63.772373][ T5002] ? lock_downgrade+0x690/0x690
[ 63.777243][ T5002] ? lockdep_hardirqs_on+0x7d/0x100
[ 63.782437][ T5002] ? _raw_spin_unlock_irq+0x2e/0x50
[ 63.787635][ T5002] ? ptrace_notify+0xfe/0x140
[ 63.792318][ T5002] do_syscall_64+0x39/0xb0
[ 63.796748][ T5002] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 63.802758][ T5002] RIP: 0033:0x7fc35e32beb9
[ 63.807168][ T5002] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 63.826788][ T5002] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 63.835246][ T5002] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fc35e32beb9
[ 63.843243][ T5002] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 63.851218][ T5002] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 63.859197][ T5002] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 63.867254][ T5002] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[pid 5002] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5002] exit_group(0) = ?
[pid 5002] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5002, si_uid=0, si_status=0, si_utime=0, si_stime=35 /* 0.35 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555579c5d0) = 5003
./strace-static-x86_64: Process 5003 attached
[pid 5003] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5003] setpgid(0, 0) = 0
[pid 5003] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5003] write(3, "1000", 4) = 4
[pid 5003] close(3) = 0
[pid 5003] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid 5003] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 5003] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid 5003] listen(3, 6) = 0
[pid 5003] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid 5003] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid 5003] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 63.875325][ T5002]
[ 63.896461][ T5003] dccp_xmit_packet: Payload too large (65475) for featneg.
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 63.974601][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 63.985806][ T5003] CPU: 1 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 63.995708][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 64.005776][ T5003] Call Trace:
[ 64.009053][ T5003]
[ 64.011986][ T5003] dump_stack_lvl+0x136/0x150
[ 64.016699][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 64.022455][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 64.027913][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 64.033819][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 64.038703][ T5003] dccp_write_xmit+0x171/0x1d0
[ 64.043491][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 64.048021][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 64.052534][ T5003] ? aa_af_perm+0x240/0x240
[ 64.057053][ T5003] ? import_ubuf+0x1fd/0x270
[ 64.061673][ T5003] inet_sendmsg+0x9d/0xe0
[ 64.066031][ T5003] ? inet_send_prepare+0x530/0x530
[ 64.071157][ T5003] sock_sendmsg+0xde/0x190
[ 64.075689][ T5003] ____sys_sendmsg+0x71c/0x900
[ 64.080453][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 64.085836][ T5003] ? kernel_sendmsg+0x50/0x50
[ 64.090519][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 64.096593][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 64.101292][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 64.105882][ T5003] ? lock_sync+0x190/0x190
[ 64.110300][ T5003] ? rcu_is_watching+0x12/0xb0
[ 64.115061][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 64.120104][ T5003] ? spin_bug+0x1c0/0x1c0
[ 64.124460][ T5003] ? lock_acquire+0x32/0xc0
[ 64.128960][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 64.134155][ T5003] ? __fget_light+0x20a/0x270
[ 64.138831][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 64.143359][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 64.148399][ T5003] ? lock_downgrade+0x690/0x690
[ 64.153258][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 64.158469][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 64.163706][ T5003] ? ptrace_notify+0xfe/0x140
[ 64.168406][ T5003] do_syscall_64+0x39/0xb0
[ 64.172828][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 64.178745][ T5003] RIP: 0033:0x7fc35e32beb9
[ 64.183275][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 64.202898][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 64.211315][ T5003] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007fc35e32beb9
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 64.219316][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 64.227293][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 64.235260][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 64.243756][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 64.251764][ T5003]
[ 64.257480][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 64.268873][ T5003] CPU: 0 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 64.278762][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 64.288807][ T5003] Call Trace:
[ 64.292082][ T5003]
[ 64.294999][ T5003] dump_stack_lvl+0x136/0x150
[ 64.299685][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 64.305406][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 64.310862][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 64.316753][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 64.321602][ T5003] dccp_write_xmit+0x171/0x1d0
[ 64.326479][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 64.330978][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 64.335473][ T5003] ? aa_af_perm+0x240/0x240
[ 64.339975][ T5003] ? import_ubuf+0x1fd/0x270
[ 64.344558][ T5003] inet_sendmsg+0x9d/0xe0
[ 64.348884][ T5003] ? inet_send_prepare+0x530/0x530
[ 64.353990][ T5003] sock_sendmsg+0xde/0x190
[ 64.358403][ T5003] ____sys_sendmsg+0x71c/0x900
[ 64.363165][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 64.368523][ T5003] ? kernel_sendmsg+0x50/0x50
[ 64.373197][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 64.379196][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 64.383880][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 64.388485][ T5003] ? lock_sync+0x190/0x190
[ 64.392917][ T5003] ? rcu_is_watching+0x12/0xb0
[ 64.397687][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 64.402814][ T5003] ? spin_bug+0x1c0/0x1c0
[ 64.407161][ T5003] ? lock_acquire+0x32/0xc0
[ 64.411678][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 64.416890][ T5003] ? __fget_light+0x20a/0x270
[ 64.421582][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 64.426089][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 64.431122][ T5003] ? lock_downgrade+0x690/0x690
[ 64.435996][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 64.441238][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 64.446451][ T5003] ? ptrace_notify+0xfe/0x140
[ 64.451146][ T5003] do_syscall_64+0x39/0xb0
[ 64.455580][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 64.461490][ T5003] RIP: 0033:0x7fc35e32beb9
[ 64.465908][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 64.485610][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 64.494029][ T5003] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007fc35e32beb9
[ 64.502003][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 64.509984][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 64.517978][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 64.525956][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 64.533951][ T5003]
[ 64.539418][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 64.550783][ T5003] CPU: 1 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 64.560717][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 64.570784][ T5003] Call Trace:
[ 64.574058][ T5003]
[ 64.576985][ T5003] dump_stack_lvl+0x136/0x150
[ 64.581687][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 64.587437][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 64.592911][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 64.598832][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 64.603684][ T5003] dccp_write_xmit+0x171/0x1d0
[ 64.608455][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 64.612978][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 64.617481][ T5003] ? aa_af_perm+0x240/0x240
[ 64.622003][ T5003] ? import_ubuf+0x1fd/0x270
[ 64.626611][ T5003] inet_sendmsg+0x9d/0xe0
[ 64.630942][ T5003] ? inet_send_prepare+0x530/0x530
[ 64.636060][ T5003] sock_sendmsg+0xde/0x190
[ 64.640478][ T5003] ____sys_sendmsg+0x71c/0x900
[ 64.645254][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 64.650645][ T5003] ? kernel_sendmsg+0x50/0x50
[ 64.655353][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 64.661354][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 64.666048][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 64.670653][ T5003] ? lock_sync+0x190/0x190
[ 64.675092][ T5003] ? rcu_is_watching+0x12/0xb0
[ 64.679878][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 64.684925][ T5003] ? spin_bug+0x1c0/0x1c0
[ 64.689289][ T5003] ? lock_acquire+0x32/0xc0
[ 64.693796][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 64.698998][ T5003] ? __fget_light+0x20a/0x270
[ 64.703677][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 64.708185][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 64.713222][ T5003] ? lock_downgrade+0x690/0x690
[ 64.718079][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 64.723282][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 64.728495][ T5003] ? ptrace_notify+0xfe/0x140
[ 64.733208][ T5003] do_syscall_64+0x39/0xb0
[ 64.737640][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 64.743546][ T5003] RIP: 0033:0x7fc35e32beb9
[ 64.747970][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 64.767598][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 64.776016][ T5003] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007fc35e32beb9
[ 64.783987][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 64.791957][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 64.799929][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 64.807907][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 64.815917][ T5003]
[ 64.821416][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 64.832900][ T5003] CPU: 0 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 64.842790][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 64.852833][ T5003] Call Trace:
[ 64.856107][ T5003]
[ 64.859029][ T5003] dump_stack_lvl+0x136/0x150
[ 64.863743][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 64.869471][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 64.874927][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 64.880901][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 64.885750][ T5003] dccp_write_xmit+0x171/0x1d0
[ 64.890511][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 64.895015][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 64.899512][ T5003] ? aa_af_perm+0x240/0x240
[ 64.904019][ T5003] ? import_ubuf+0x1fd/0x270
[ 64.908606][ T5003] inet_sendmsg+0x9d/0xe0
[ 64.912936][ T5003] ? inet_send_prepare+0x530/0x530
[ 64.918044][ T5003] sock_sendmsg+0xde/0x190
[ 64.922458][ T5003] ____sys_sendmsg+0x71c/0x900
[ 64.927218][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 64.932580][ T5003] ? kernel_sendmsg+0x50/0x50
[ 64.937256][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 64.943235][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 64.947905][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 64.952517][ T5003] ? lock_sync+0x190/0x190
[ 64.956935][ T5003] ? rcu_is_watching+0x12/0xb0
[ 64.961690][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 64.966712][ T5003] ? spin_bug+0x1c0/0x1c0
[ 64.971038][ T5003] ? lock_acquire+0x32/0xc0
[ 64.975549][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 64.980742][ T5003] ? __fget_light+0x20a/0x270
[ 64.985414][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 64.989912][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 64.994925][ T5003] ? lock_downgrade+0x690/0x690
[ 64.999777][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 65.004969][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 65.010187][ T5003] ? ptrace_notify+0xfe/0x140
[ 65.014865][ T5003] do_syscall_64+0x39/0xb0
[ 65.019279][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 65.025169][ T5003] RIP: 0033:0x7fc35e32beb9
[ 65.029581][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 65.049193][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 65.057622][ T5003] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007fc35e32beb9
[ 65.065590][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 65.073552][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 65.081549][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 65.089537][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 65.097519][ T5003]
[ 65.103473][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 65.114952][ T5003] CPU: 0 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 65.124836][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 65.134881][ T5003] Call Trace:
[ 65.138154][ T5003]
[ 65.141085][ T5003] dump_stack_lvl+0x136/0x150
[ 65.145766][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 65.151482][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 65.156937][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 65.162829][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 65.167673][ T5003] dccp_write_xmit+0x171/0x1d0
[ 65.172444][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 65.176951][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 65.181446][ T5003] ? aa_af_perm+0x240/0x240
[ 65.185946][ T5003] ? import_ubuf+0x1fd/0x270
[ 65.190535][ T5003] inet_sendmsg+0x9d/0xe0
[ 65.194861][ T5003] ? inet_send_prepare+0x530/0x530
[ 65.199968][ T5003] sock_sendmsg+0xde/0x190
[ 65.204381][ T5003] ____sys_sendmsg+0x71c/0x900
[ 65.209140][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 65.214513][ T5003] ? kernel_sendmsg+0x50/0x50
[ 65.219196][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 65.225177][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 65.229844][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 65.234430][ T5003] ? lock_sync+0x190/0x190
[ 65.238848][ T5003] ? rcu_is_watching+0x12/0xb0
[ 65.243603][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 65.248633][ T5003] ? spin_bug+0x1c0/0x1c0
[ 65.252979][ T5003] ? lock_acquire+0x32/0xc0
[ 65.257481][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 65.262681][ T5003] ? __fget_light+0x20a/0x270
[ 65.267405][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 65.271910][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 65.276930][ T5003] ? lock_downgrade+0x690/0x690
[ 65.281784][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 65.286974][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 65.292167][ T5003] ? ptrace_notify+0xfe/0x140
[ 65.296843][ T5003] do_syscall_64+0x39/0xb0
[ 65.301258][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 65.307146][ T5003] RIP: 0033:0x7fc35e32beb9
[ 65.311550][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 65.331150][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 65.339566][ T5003] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007fc35e32beb9
[ 65.347544][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 65.355524][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 65.363499][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 65.371476][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 65.379462][ T5003]
[ 65.385151][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 65.396596][ T5003] CPU: 0 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 65.406480][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 65.416696][ T5003] Call Trace:
[ 65.419964][ T5003]
[ 65.422885][ T5003] dump_stack_lvl+0x136/0x150
[ 65.427599][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 65.433319][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 65.438770][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 65.444655][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 65.449497][ T5003] dccp_write_xmit+0x171/0x1d0
[ 65.454250][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 65.458751][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 65.463243][ T5003] ? aa_af_perm+0x240/0x240
[ 65.467745][ T5003] ? import_ubuf+0x1fd/0x270
[ 65.472331][ T5003] inet_sendmsg+0x9d/0xe0
[ 65.476656][ T5003] ? inet_send_prepare+0x530/0x530
[ 65.481761][ T5003] sock_sendmsg+0xde/0x190
[ 65.486171][ T5003] ____sys_sendmsg+0x71c/0x900
[ 65.490930][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 65.496293][ T5003] ? kernel_sendmsg+0x50/0x50
[ 65.500983][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 65.506987][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 65.511694][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 65.516312][ T5003] ? lock_sync+0x190/0x190
[ 65.520751][ T5003] ? rcu_is_watching+0x12/0xb0
[ 65.525527][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 65.530569][ T5003] ? spin_bug+0x1c0/0x1c0
[ 65.534915][ T5003] ? lock_acquire+0x32/0xc0
[ 65.539432][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 65.544645][ T5003] ? __fget_light+0x20a/0x270
[ 65.549336][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 65.553843][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 65.558873][ T5003] ? lock_downgrade+0x690/0x690
[ 65.563746][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 65.568983][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 65.574230][ T5003] ? ptrace_notify+0xfe/0x140
[ 65.578932][ T5003] do_syscall_64+0x39/0xb0
[ 65.583390][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 65.589318][ T5003] RIP: 0033:0x7fc35e32beb9
[ 65.593746][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 65.613360][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 65.621868][ T5003] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fc35e32beb9
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 65.629844][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 65.637846][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 65.645824][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 65.653800][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 65.661788][ T5003]
[ 65.667432][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 65.678760][ T5003] CPU: 1 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 65.688688][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 65.698776][ T5003] Call Trace:
[ 65.702083][ T5003]
[ 65.705025][ T5003] dump_stack_lvl+0x136/0x150
[ 65.709725][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 65.715489][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 65.720974][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 65.726880][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 65.731752][ T5003] dccp_write_xmit+0x171/0x1d0
[ 65.736529][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 65.741073][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 65.745580][ T5003] ? aa_af_perm+0x240/0x240
[ 65.750087][ T5003] ? import_ubuf+0x1fd/0x270
[ 65.754676][ T5003] inet_sendmsg+0x9d/0xe0
[ 65.759022][ T5003] ? inet_send_prepare+0x530/0x530
[ 65.764149][ T5003] sock_sendmsg+0xde/0x190
[ 65.768608][ T5003] ____sys_sendmsg+0x71c/0x900
[ 65.773401][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 65.778768][ T5003] ? kernel_sendmsg+0x50/0x50
[ 65.783469][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 65.789485][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 65.794176][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 65.798789][ T5003] ? lock_sync+0x190/0x190
[ 65.803211][ T5003] ? rcu_is_watching+0x12/0xb0
[ 65.807988][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 65.813044][ T5003] ? spin_bug+0x1c0/0x1c0
[ 65.817379][ T5003] ? lock_acquire+0x32/0xc0
[ 65.821946][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 65.827178][ T5003] ? __fget_light+0x20a/0x270
[ 65.831882][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 65.836383][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 65.841404][ T5003] ? lock_downgrade+0x690/0x690
[ 65.846271][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 65.851485][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 65.856691][ T5003] ? ptrace_notify+0xfe/0x140
[ 65.861374][ T5003] do_syscall_64+0x39/0xb0
[ 65.865812][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 65.871739][ T5003] RIP: 0033:0x7fc35e32beb9
[ 65.876201][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 65.896156][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 65.904572][ T5003] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fc35e32beb9
[ 65.912548][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 65.920518][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 65.928492][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 65.936483][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 65.944498][ T5003]
[ 65.949698][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 65.960956][ T5003] CPU: 0 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 65.970868][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 65.980919][ T5003] Call Trace:
[ 65.984205][ T5003]
[ 65.987174][ T5003] dump_stack_lvl+0x136/0x150
[ 65.991867][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 65.997867][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 66.003367][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 66.009293][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 66.014164][ T5003] dccp_write_xmit+0x171/0x1d0
[ 66.018953][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 66.023463][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 66.027973][ T5003] ? aa_af_perm+0x240/0x240
[ 66.032505][ T5003] ? import_ubuf+0x1fd/0x270
[ 66.037281][ T5003] inet_sendmsg+0x9d/0xe0
[ 66.041656][ T5003] ? inet_send_prepare+0x530/0x530
[ 66.046799][ T5003] sock_sendmsg+0xde/0x190
[ 66.051247][ T5003] ____sys_sendmsg+0x71c/0x900
[ 66.056021][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 66.061388][ T5003] ? kernel_sendmsg+0x50/0x50
[ 66.066160][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 66.072151][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 66.076842][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 66.081457][ T5003] ? lock_sync+0x190/0x190
[ 66.085884][ T5003] ? rcu_is_watching+0x12/0xb0
[ 66.090662][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 66.095696][ T5003] ? spin_bug+0x1c0/0x1c0
[ 66.100035][ T5003] ? lock_acquire+0x32/0xc0
[ 66.104563][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 66.109776][ T5003] ? __fget_light+0x20a/0x270
[ 66.114455][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 66.118961][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 66.123999][ T5003] ? lock_downgrade+0x690/0x690
[ 66.128855][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 66.134064][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 66.139295][ T5003] ? ptrace_notify+0xfe/0x140
[ 66.143988][ T5003] do_syscall_64+0x39/0xb0
[ 66.148429][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 66.154342][ T5003] RIP: 0033:0x7fc35e32beb9
[ 66.158815][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 66.178442][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 66.186883][ T5003] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007fc35e32beb9
[ 66.194865][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 66.202849][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 66.211512][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 66.219493][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 66.227492][ T5003]
[ 66.232559][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 66.243747][ T5003] CPU: 0 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 66.253650][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 66.263704][ T5003] Call Trace:
[ 66.266986][ T5003]
[ 66.269934][ T5003] dump_stack_lvl+0x136/0x150
[ 66.274619][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 66.280340][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 66.285792][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 66.291683][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 66.296559][ T5003] dccp_write_xmit+0x171/0x1d0
[ 66.301349][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 66.305854][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 66.310352][ T5003] ? aa_af_perm+0x240/0x240
[ 66.314869][ T5003] ? import_ubuf+0x1fd/0x270
[ 66.319559][ T5003] inet_sendmsg+0x9d/0xe0
[ 66.323886][ T5003] ? inet_send_prepare+0x530/0x530
[ 66.328993][ T5003] sock_sendmsg+0xde/0x190
[ 66.333419][ T5003] ____sys_sendmsg+0x71c/0x900
[ 66.338192][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 66.343587][ T5003] ? kernel_sendmsg+0x50/0x50
[ 66.348286][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 66.354291][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 66.358993][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 66.363598][ T5003] ? lock_sync+0x190/0x190
[ 66.368036][ T5003] ? rcu_is_watching+0x12/0xb0
[ 66.372792][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 66.377905][ T5003] ? spin_bug+0x1c0/0x1c0
[ 66.382239][ T5003] ? lock_acquire+0x32/0xc0
[ 66.386747][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 66.391976][ T5003] ? __fget_light+0x20a/0x270
[ 66.396647][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 66.401540][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 66.406564][ T5003] ? lock_downgrade+0x690/0x690
[ 66.411434][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 66.418574][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 66.423950][ T5003] ? ptrace_notify+0xfe/0x140
[ 66.428627][ T5003] do_syscall_64+0x39/0xb0
[ 66.433044][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 66.438942][ T5003] RIP: 0033:0x7fc35e32beb9
[ 66.443347][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 66.462954][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 66.471372][ T5003] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fc35e32beb9
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 66.479354][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 66.487318][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 66.495283][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 66.503249][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 66.511229][ T5003]
[ 66.517735][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 66.529126][ T5003] CPU: 0 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 66.539122][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 66.549178][ T5003] Call Trace:
[ 66.552464][ T5003]
[ 66.555394][ T5003] dump_stack_lvl+0x136/0x150
[ 66.560080][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 66.565826][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 66.571315][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 66.577232][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 66.582093][ T5003] dccp_write_xmit+0x171/0x1d0
[ 66.586960][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 66.591476][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 66.595996][ T5003] ? aa_af_perm+0x240/0x240
[ 66.600529][ T5003] ? import_ubuf+0x1fd/0x270
[ 66.605118][ T5003] inet_sendmsg+0x9d/0xe0
[ 66.609457][ T5003] ? inet_send_prepare+0x530/0x530
[ 66.614589][ T5003] sock_sendmsg+0xde/0x190
[ 66.619037][ T5003] ____sys_sendmsg+0x71c/0x900
[ 66.623808][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 66.629173][ T5003] ? kernel_sendmsg+0x50/0x50
[ 66.633867][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 66.639859][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 66.644820][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 66.649439][ T5003] ? lock_sync+0x190/0x190
[ 66.654044][ T5003] ? rcu_is_watching+0x12/0xb0
[ 66.658816][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 66.663850][ T5003] ? spin_bug+0x1c0/0x1c0
[ 66.668228][ T5003] ? lock_acquire+0x32/0xc0
[ 66.672854][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 66.678071][ T5003] ? __fget_light+0x20a/0x270
[ 66.682981][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 66.687494][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 66.692540][ T5003] ? lock_downgrade+0x690/0x690
[ 66.697402][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 66.702603][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 66.707812][ T5003] ? ptrace_notify+0xfe/0x140
[ 66.712528][ T5003] do_syscall_64+0x39/0xb0
[ 66.716961][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 66.722883][ T5003] RIP: 0033:0x7fc35e32beb9
[ 66.727308][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 66.746944][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 66.755363][ T5003] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fc35e32beb9
[ 66.763332][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 66.771299][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 66.779276][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 66.787256][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 66.795282][ T5003]
[ 66.801834][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 66.813056][ T5003] CPU: 0 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 66.822973][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 66.833028][ T5003] Call Trace:
[ 66.836309][ T5003]
[ 66.839248][ T5003] dump_stack_lvl+0x136/0x150
[ 66.843934][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 66.849658][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 66.855116][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 66.861014][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 66.865863][ T5003] dccp_write_xmit+0x171/0x1d0
[ 66.870623][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 66.875125][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 66.879623][ T5003] ? aa_af_perm+0x240/0x240
[ 66.884126][ T5003] ? import_ubuf+0x1fd/0x270
[ 66.888712][ T5003] inet_sendmsg+0x9d/0xe0
[ 66.893052][ T5003] ? inet_send_prepare+0x530/0x530
[ 66.898173][ T5003] sock_sendmsg+0xde/0x190
[ 66.902601][ T5003] ____sys_sendmsg+0x71c/0x900
[ 66.907364][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 66.912735][ T5003] ? kernel_sendmsg+0x50/0x50
[ 66.917420][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 66.923418][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 66.928110][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 66.932721][ T5003] ? lock_sync+0x190/0x190
[ 66.937174][ T5003] ? rcu_is_watching+0x12/0xb0
[ 66.941952][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 66.946987][ T5003] ? spin_bug+0x1c0/0x1c0
[ 66.951360][ T5003] ? lock_acquire+0x32/0xc0
[ 66.955876][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 66.961103][ T5003] ? __fget_light+0x20a/0x270
[ 66.965779][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 66.970281][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 66.975304][ T5003] ? lock_downgrade+0x690/0x690
[ 66.980162][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 66.985359][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 66.990558][ T5003] ? ptrace_notify+0xfe/0x140
[ 66.995590][ T5003] do_syscall_64+0x39/0xb0
[ 67.000013][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 67.005908][ T5003] RIP: 0033:0x7fc35e32beb9
[ 67.010327][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 67.029955][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 67.038366][ T5003] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fc35e32beb9
[ 67.046332][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 67.054300][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 67.062271][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 67.070252][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 67.078267][ T5003]
[ 67.084601][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 67.095958][ T5003] CPU: 0 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 67.105879][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 67.115927][ T5003] Call Trace:
[ 67.119214][ T5003]
[ 67.122134][ T5003] dump_stack_lvl+0x136/0x150
[ 67.126823][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 67.132543][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 67.137992][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 67.143878][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 67.148723][ T5003] dccp_write_xmit+0x171/0x1d0
[ 67.153494][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 67.157997][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 67.162487][ T5003] ? aa_af_perm+0x240/0x240
[ 67.166983][ T5003] ? import_ubuf+0x1fd/0x270
[ 67.171571][ T5003] inet_sendmsg+0x9d/0xe0
[ 67.176062][ T5003] ? inet_send_prepare+0x530/0x530
[ 67.181202][ T5003] sock_sendmsg+0xde/0x190
[ 67.185613][ T5003] ____sys_sendmsg+0x71c/0x900
[ 67.190371][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 67.195733][ T5003] ? kernel_sendmsg+0x50/0x50
[ 67.200411][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 67.206563][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 67.211415][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 67.215997][ T5003] ? lock_sync+0x190/0x190
[ 67.220419][ T5003] ? rcu_is_watching+0x12/0xb0
[ 67.225197][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 67.230224][ T5003] ? spin_bug+0x1c0/0x1c0
[ 67.234567][ T5003] ? lock_acquire+0x32/0xc0
[ 67.239093][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 67.244302][ T5003] ? __fget_light+0x20a/0x270
[ 67.249269][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 67.253769][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 67.258789][ T5003] ? lock_downgrade+0x690/0x690
[ 67.263648][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 67.268842][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 67.274129][ T5003] ? ptrace_notify+0xfe/0x140
[ 67.278809][ T5003] do_syscall_64+0x39/0xb0
[ 67.283239][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 67.289182][ T5003] RIP: 0033:0x7fc35e32beb9
[ 67.293602][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 67.313212][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 67.321641][ T5003] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc35e32beb9
[ 67.329627][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 67.337592][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 67.345581][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 67.353820][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 67.361803][ T5003]
[ 67.366708][ T5003] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 67.377979][ T5003] CPU: 0 PID: 5003 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 67.387892][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 67.397969][ T5003] Call Trace:
[ 67.401261][ T5003]
[ 67.404184][ T5003] dump_stack_lvl+0x136/0x150
[ 67.408876][ T5003] ccid3_update_send_interval+0x187/0x1c0
[ 67.414632][ T5003] ccid3_hc_tx_packet_sent+0x132/0x190
[ 67.420126][ T5003] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 67.426040][ T5003] dccp_xmit_packet+0x2f2/0x760
[ 67.430892][ T5003] dccp_write_xmit+0x171/0x1d0
[ 67.435668][ T5003] dccp_sendmsg+0xa3b/0xbf0
[ 67.440191][ T5003] ? dccp_ioctl+0x1f0/0x1f0
[ 67.444689][ T5003] ? aa_af_perm+0x240/0x240
[ 67.449200][ T5003] ? import_ubuf+0x1fd/0x270
[ 67.453967][ T5003] inet_sendmsg+0x9d/0xe0
[ 67.458301][ T5003] ? inet_send_prepare+0x530/0x530
[ 67.463422][ T5003] sock_sendmsg+0xde/0x190
[ 67.467880][ T5003] ____sys_sendmsg+0x71c/0x900
[ 67.472657][ T5003] ? copy_msghdr_from_user+0xfc/0x150
[ 67.478023][ T5003] ? kernel_sendmsg+0x50/0x50
[ 67.482751][ T5003] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 67.488749][ T5003] ___sys_sendmsg+0x110/0x1b0
[ 67.493430][ T5003] ? do_recvmmsg+0x6f0/0x6f0
[ 67.498040][ T5003] ? lock_sync+0x190/0x190
[ 67.502489][ T5003] ? rcu_is_watching+0x12/0xb0
[ 67.507249][ T5003] ? do_raw_spin_lock+0x124/0x2b0
[ 67.512276][ T5003] ? spin_bug+0x1c0/0x1c0
[ 67.516603][ T5003] ? lock_acquire+0x32/0xc0
[ 67.521105][ T5003] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 67.526330][ T5003] ? __fget_light+0x20a/0x270
[ 67.531022][ T5003] __sys_sendmsg+0xf7/0x1c0
[ 67.535541][ T5003] ? __sys_sendmsg_sock+0x40/0x40
[ 67.540567][ T5003] ? lock_downgrade+0x690/0x690
[ 67.545452][ T5003] ? lockdep_hardirqs_on+0x7d/0x100
[ 67.550687][ T5003] ? _raw_spin_unlock_irq+0x2e/0x50
[ 67.555905][ T5003] ? ptrace_notify+0xfe/0x140
[ 67.560594][ T5003] do_syscall_64+0x39/0xb0
[ 67.565022][ T5003] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 67.570943][ T5003] RIP: 0033:0x7fc35e32beb9
[ 67.575373][ T5003] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 67.595248][ T5003] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 67.603658][ T5003] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fc35e32beb9
[ 67.611626][ T5003] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 67.619590][ T5003] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 67.627563][ T5003] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[pid 5003] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5003] exit_group(0) = ?
[pid 5003] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5003, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555579c5d0) = 5004
./strace-static-x86_64: Process 5004 attached
[pid 5004] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5004] setpgid(0, 0) = 0
[pid 5004] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5004] write(3, "1000", 4) = 4
[pid 5004] close(3) = 0
[pid 5004] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid 5004] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 5004] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid 5004] listen(3, 6) = 0
[pid 5004] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid 5004] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid 5004] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 67.635556][ T5003] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 67.643549][ T5003]
[ 67.665573][ T5004] dccp_xmit_packet: Payload too large (65475) for featneg.
[ 67.721382][ T5004] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 67.732810][ T5004] CPU: 0 PID: 5004 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 67.742711][ T5004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 67.752769][ T5004] Call Trace:
[ 67.756052][ T5004]
[ 67.759004][ T5004] dump_stack_lvl+0x136/0x150
[ 67.763690][ T5004] ccid3_update_send_interval+0x187/0x1c0
[ 67.769411][ T5004] ccid3_hc_tx_packet_sent+0x132/0x190
[ 67.774881][ T5004] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 67.780777][ T5004] dccp_xmit_packet+0x2f2/0x760
[ 67.785638][ T5004] dccp_write_xmit+0x171/0x1d0
[ 67.790412][ T5004] dccp_sendmsg+0xa3b/0xbf0
[ 67.794933][ T5004] ? dccp_ioctl+0x1f0/0x1f0
[ 67.799444][ T5004] ? aa_af_perm+0x240/0x240
[ 67.803967][ T5004] ? import_ubuf+0x1fd/0x270
[ 67.808584][ T5004] inet_sendmsg+0x9d/0xe0
[ 67.812942][ T5004] ? inet_send_prepare+0x530/0x530
[ 67.818084][ T5004] sock_sendmsg+0xde/0x190
[ 67.822535][ T5004] ____sys_sendmsg+0x71c/0x900
[ 67.827321][ T5004] ? copy_msghdr_from_user+0xfc/0x150
[ 67.832698][ T5004] ? kernel_sendmsg+0x50/0x50
[ 67.837399][ T5004] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 67.843400][ T5004] ___sys_sendmsg+0x110/0x1b0
[ 67.848088][ T5004] ? do_recvmmsg+0x6f0/0x6f0
[ 67.852695][ T5004] ? lock_sync+0x190/0x190
[ 67.857126][ T5004] ? rcu_is_watching+0x12/0xb0
[ 67.861898][ T5004] ? do_raw_spin_lock+0x124/0x2b0
[ 67.866943][ T5004] ? spin_bug+0x1c0/0x1c0
[ 67.871289][ T5004] ? lock_acquire+0x32/0xc0
[ 67.875840][ T5004] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 67.881055][ T5004] ? __fget_light+0x20a/0x270
[ 67.885750][ T5004] __sys_sendmsg+0xf7/0x1c0
[ 67.890263][ T5004] ? __sys_sendmsg_sock+0x40/0x40
[ 67.895293][ T5004] ? lock_downgrade+0x690/0x690
[ 67.900166][ T5004] ? lockdep_hardirqs_on+0x7d/0x100
[ 67.905373][ T5004] ? _raw_spin_unlock_irq+0x2e/0x50
[ 67.910585][ T5004] ? ptrace_notify+0xfe/0x140
[ 67.915287][ T5004] do_syscall_64+0x39/0xb0
[ 67.919724][ T5004] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 67.925637][ T5004] RIP: 0033:0x7fc35e32beb9
[ 67.930075][ T5004] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 67.949701][ T5004] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 67.958124][ T5004] RAX: ffffffffffffffda RBX: 000000000000000e RCX: 00007fc35e32beb9
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 67.966100][ T5004] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 67.974074][ T5004] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 67.982049][ T5004] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 67.990023][ T5004] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 67.998014][ T5004]
[ 68.004951][ T5004] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 68.016389][ T5004] CPU: 0 PID: 5004 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 68.026275][ T5004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 68.036327][ T5004] Call Trace:
[ 68.039596][ T5004]
[ 68.042527][ T5004] dump_stack_lvl+0x136/0x150
[ 68.047213][ T5004] ccid3_update_send_interval+0x187/0x1c0
[ 68.052928][ T5004] ccid3_hc_tx_packet_sent+0x132/0x190
[ 68.058380][ T5004] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 68.064266][ T5004] dccp_xmit_packet+0x2f2/0x760
[ 68.069110][ T5004] dccp_write_xmit+0x171/0x1d0
[ 68.073869][ T5004] dccp_sendmsg+0xa3b/0xbf0
[ 68.078367][ T5004] ? dccp_ioctl+0x1f0/0x1f0
[ 68.082860][ T5004] ? aa_af_perm+0x240/0x240
[ 68.087357][ T5004] ? import_ubuf+0x1fd/0x270
[ 68.091938][ T5004] inet_sendmsg+0x9d/0xe0
[ 68.096262][ T5004] ? inet_send_prepare+0x530/0x530
[ 68.101365][ T5004] sock_sendmsg+0xde/0x190
[ 68.105778][ T5004] ____sys_sendmsg+0x71c/0x900
[ 68.110535][ T5004] ? copy_msghdr_from_user+0xfc/0x150
[ 68.115903][ T5004] ? kernel_sendmsg+0x50/0x50
[ 68.120579][ T5004] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 68.126560][ T5004] ___sys_sendmsg+0x110/0x1b0
[ 68.131224][ T5004] ? do_recvmmsg+0x6f0/0x6f0
[ 68.135812][ T5004] ? lock_sync+0x190/0x190
[ 68.140222][ T5004] ? rcu_is_watching+0x12/0xb0
[ 68.144974][ T5004] ? do_raw_spin_lock+0x124/0x2b0
[ 68.149996][ T5004] ? spin_bug+0x1c0/0x1c0
[ 68.154319][ T5004] ? lock_acquire+0x32/0xc0
[ 68.158821][ T5004] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 68.164019][ T5004] ? __fget_light+0x20a/0x270
[ 68.168691][ T5004] __sys_sendmsg+0xf7/0x1c0
[ 68.173186][ T5004] ? __sys_sendmsg_sock+0x40/0x40
[ 68.178207][ T5004] ? lock_downgrade+0x690/0x690
[ 68.183059][ T5004] ? lockdep_hardirqs_on+0x7d/0x100
[ 68.188250][ T5004] ? _raw_spin_unlock_irq+0x2e/0x50
[ 68.193444][ T5004] ? ptrace_notify+0xfe/0x140
[ 68.198117][ T5004] do_syscall_64+0x39/0xb0
[ 68.202897][ T5004] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 68.208864][ T5004] RIP: 0033:0x7fc35e32beb9
[ 68.213305][ T5004] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 68.232920][ T5004] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 68.241324][ T5004] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007fc35e32beb9
[ 68.249286][ T5004] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 68.257248][ T5004] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 68.265212][ T5004] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 68.273172][ T5004] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 68.281148][ T5004]
[ 68.287273][ T5004] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 68.298700][ T5004] CPU: 0 PID: 5004 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 68.308593][ T5004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 68.318641][ T5004] Call Trace:
[ 68.321912][ T5004]
[ 68.324836][ T5004] dump_stack_lvl+0x136/0x150
[ 68.329525][ T5004] ccid3_update_send_interval+0x187/0x1c0
[ 68.335247][ T5004] ccid3_hc_tx_packet_sent+0x132/0x190
[ 68.340705][ T5004] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 68.346613][ T5004] dccp_xmit_packet+0x2f2/0x760
[ 68.351486][ T5004] dccp_write_xmit+0x171/0x1d0
[ 68.356251][ T5004] dccp_sendmsg+0xa3b/0xbf0
[ 68.360769][ T5004] ? dccp_ioctl+0x1f0/0x1f0
[ 68.365276][ T5004] ? aa_af_perm+0x240/0x240
[ 68.369782][ T5004] ? import_ubuf+0x1fd/0x270
[ 68.374375][ T5004] inet_sendmsg+0x9d/0xe0
[ 68.378709][ T5004] ? inet_send_prepare+0x530/0x530
[ 68.383830][ T5004] sock_sendmsg+0xde/0x190
[ 68.388270][ T5004] ____sys_sendmsg+0x71c/0x900
[ 68.393038][ T5004] ? copy_msghdr_from_user+0xfc/0x150
[ 68.398416][ T5004] ? kernel_sendmsg+0x50/0x50
[ 68.403193][ T5004] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 68.409189][ T5004] ___sys_sendmsg+0x110/0x1b0
[ 68.413875][ T5004] ? do_recvmmsg+0x6f0/0x6f0
[ 68.418480][ T5004] ? lock_sync+0x190/0x190
[ 68.422915][ T5004] ? rcu_is_watching+0x12/0xb0
[ 68.427692][ T5004] ? do_raw_spin_lock+0x124/0x2b0
[ 68.432741][ T5004] ? spin_bug+0x1c0/0x1c0
[ 68.437086][ T5004] ? lock_acquire+0x32/0xc0
[ 68.441603][ T5004] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 68.446849][ T5004] ? __fget_light+0x20a/0x270
[ 68.451543][ T5004] __sys_sendmsg+0xf7/0x1c0
[ 68.456054][ T5004] ? __sys_sendmsg_sock+0x40/0x40
[ 68.461430][ T5004] ? lock_downgrade+0x690/0x690
[ 68.466305][ T5004] ? lockdep_hardirqs_on+0x7d/0x100
[ 68.471515][ T5004] ? _raw_spin_unlock_irq+0x2e/0x50
[ 68.476726][ T5004] ? ptrace_notify+0xfe/0x140
[ 68.481421][ T5004] do_syscall_64+0x39/0xb0
[ 68.485854][ T5004] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 68.491763][ T5004] RIP: 0033:0x7fc35e32beb9
[ 68.496187][ T5004] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 68.515803][ T5004] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 68.524225][ T5004] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007fc35e32beb9
[ 68.532196][ T5004] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 68.540171][ T5004] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 68.548144][ T5004] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 68.556122][ T5004] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 68.564109][ T5004]
[ 68.570281][ T5004] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 68.581701][ T5004] CPU: 0 PID: 5004 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 68.591602][ T5004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 68.602019][ T5004] Call Trace:
[ 68.605307][ T5004]
[ 68.608232][ T5004] dump_stack_lvl+0x136/0x150
[ 68.612930][ T5004] ccid3_update_send_interval+0x187/0x1c0
[ 68.618672][ T5004] ccid3_hc_tx_packet_sent+0x132/0x190
[ 68.624139][ T5004] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 68.630034][ T5004] dccp_xmit_packet+0x2f2/0x760
[ 68.634888][ T5004] dccp_write_xmit+0x171/0x1d0
[ 68.640961][ T5004] dccp_sendmsg+0xa3b/0xbf0
[ 68.645476][ T5004] ? dccp_ioctl+0x1f0/0x1f0
[ 68.649980][ T5004] ? aa_af_perm+0x240/0x240
[ 68.654502][ T5004] ? import_ubuf+0x1fd/0x270
[ 68.659095][ T5004] inet_sendmsg+0x9d/0xe0
[ 68.663432][ T5004] ? inet_send_prepare+0x530/0x530
[ 68.668544][ T5004] sock_sendmsg+0xde/0x190
[ 68.672965][ T5004] ____sys_sendmsg+0x71c/0x900
[ 68.677736][ T5004] ? copy_msghdr_from_user+0xfc/0x150
[ 68.683115][ T5004] ? kernel_sendmsg+0x50/0x50
[ 68.687805][ T5004] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 68.693807][ T5004] ___sys_sendmsg+0x110/0x1b0
[ 68.698507][ T5004] ? do_recvmmsg+0x6f0/0x6f0
[ 68.703107][ T5004] ? lock_sync+0x190/0x190
[ 68.707565][ T5004] ? rcu_is_watching+0x12/0xb0
[ 68.712358][ T5004] ? do_raw_spin_lock+0x124/0x2b0
[ 68.717404][ T5004] ? spin_bug+0x1c0/0x1c0
[ 68.721778][ T5004] ? lock_acquire+0x32/0xc0
[ 68.726314][ T5004] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 68.731546][ T5004] ? __fget_light+0x20a/0x270
[ 68.736251][ T5004] __sys_sendmsg+0xf7/0x1c0
[ 68.740756][ T5004] ? __sys_sendmsg_sock+0x40/0x40
[ 68.745823][ T5004] ? lock_downgrade+0x690/0x690
[ 68.750685][ T5004] ? lockdep_hardirqs_on+0x7d/0x100
[ 68.755885][ T5004] ? _raw_spin_unlock_irq+0x2e/0x50
[ 68.761089][ T5004] ? ptrace_notify+0xfe/0x140
[ 68.765780][ T5004] do_syscall_64+0x39/0xb0
[ 68.770212][ T5004] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 68.776132][ T5004] RIP: 0033:0x7fc35e32beb9
[ 68.780564][ T5004] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 68.800258][ T5004] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 68.808679][ T5004] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007fc35e32beb9
[ 68.816672][ T5004] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 68.824656][ T5004] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 68.832624][ T5004] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[ 68.840594][ T5004] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 68.848572][ T5004]
[ 68.855360][ T5004] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 68.866576][ T5004] CPU: 0 PID: 5004 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 68.876495][ T5004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 68.886563][ T5004] Call Trace:
[ 68.889845][ T5004]
[ 68.893225][ T5004] dump_stack_lvl+0x136/0x150
[ 68.897911][ T5004] ccid3_update_send_interval+0x187/0x1c0
[ 68.903656][ T5004] ccid3_hc_tx_packet_sent+0x132/0x190
[ 68.909148][ T5004] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 68.915059][ T5004] dccp_xmit_packet+0x2f2/0x760
[ 68.919934][ T5004] dccp_write_xmit+0x171/0x1d0
[ 68.924734][ T5004] dccp_sendmsg+0xa3b/0xbf0
[ 68.929252][ T5004] ? dccp_ioctl+0x1f0/0x1f0
[ 68.933763][ T5004] ? aa_af_perm+0x240/0x240
[ 68.938295][ T5004] ? import_ubuf+0x1fd/0x270
[ 68.942893][ T5004] inet_sendmsg+0x9d/0xe0
[ 68.947234][ T5004] ? inet_send_prepare+0x530/0x530
[ 68.952371][ T5004] sock_sendmsg+0xde/0x190
[ 68.956802][ T5004] ____sys_sendmsg+0x71c/0x900
[ 68.961598][ T5004] ? copy_msghdr_from_user+0xfc/0x150
[ 68.967004][ T5004] ? kernel_sendmsg+0x50/0x50
[ 68.971723][ T5004] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 68.977720][ T5004] ___sys_sendmsg+0x110/0x1b0
[ 68.982430][ T5004] ? do_recvmmsg+0x6f0/0x6f0
[ 68.987061][ T5004] ? lock_sync+0x190/0x190
[ 68.991488][ T5004] ? rcu_is_watching+0x12/0xb0
[ 68.996317][ T5004] ? do_raw_spin_lock+0x124/0x2b0
[ 69.001376][ T5004] ? spin_bug+0x1c0/0x1c0
[ 69.005723][ T5004] ? lock_acquire+0x32/0xc0
[ 69.010247][ T5004] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 69.015448][ T5004] ? __fget_light+0x20a/0x270
[ 69.020226][ T5004] __sys_sendmsg+0xf7/0x1c0
[ 69.024739][ T5004] ? __sys_sendmsg_sock+0x40/0x40
[ 69.029777][ T5004] ? lock_downgrade+0x690/0x690
[ 69.034641][ T5004] ? lockdep_hardirqs_on+0x7d/0x100
[ 69.039853][ T5004] ? _raw_spin_unlock_irq+0x2e/0x50
[ 69.045066][ T5004] ? ptrace_notify+0xfe/0x140
[ 69.049772][ T5004] do_syscall_64+0x39/0xb0
[ 69.054200][ T5004] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 69.060119][ T5004] RIP: 0033:0x7fc35e32beb9
[ 69.064547][ T5004] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 69.084153][ T5004] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 69.092924][ T5004] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007fc35e32beb9
[ 69.100912][ T5004] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 69.108881][ T5004] RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
[ 69.116853][ T5004] R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
[pid 5004] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 69.124824][ T5004] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 69.132804][ T5004]
[ 69.139162][ T5004] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 69.150605][ T5004] CPU: 0 PID: 5004 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
[ 69.160521][ T5004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 69.170582][ T5004] Call Trace:
[ 69.173871][ T5004]
[ 69.176821][ T5004] dump_stack_lvl+0x136/0x150
[ 69.181511][ T5004] ccid3_update_send_interval+0x187/0x1c0
[ 69.187245][ T5004] ccid3_hc_tx_packet_sent+0x132/0x190
[ 69.192715][ T5004] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 69.198625][ T5004] dccp_xmit_packet+0x2f2/0x760
[ 69.203507][ T5004] dccp_write_xmit+0x171/0x1d0
[ 69.208282][ T5004] dccp_sendmsg+0xa3b/0xbf0
[ 69.212806][ T5004] ? dccp_ioctl+0x1f0/0x1f0
[ 69.217311][ T5004] ? aa_af_perm+0x240/0x240
[ 69.221830][ T5004] ? import_ubuf+0x1fd/0x270
[ 69.226449][ T5004] inet_sendmsg+0x9d/0xe0
[ 69.230781][ T5004] ? inet_send_prepare+0x530/0x530
[ 69.235901][ T5004] sock_sendmsg+0xde/0x190
[ 69.240343][ T5004] ____sys_sendmsg+0x71c/0x900
[ 69.245121][ T5004] ? copy_msghdr_from_user+0xfc/0x150
[ 69.250530][ T5004] ? kernel_sendmsg+0x50/0x50
[ 69.255253][ T5004] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 69.261248][ T5004] ___sys_sendmsg+0x110/0x1b0
[ 69.265954][ T5004] ? do_recvmmsg+0x6f0/0x6f0
[ 69.270586][ T5004] ? lock_sync+0x190/0x190
[ 69.275015][ T5004] ? rcu_is_watching+0x12/0xb0
[ 69.280475][ T5004] ? do_raw_spin_lock+0x124/0x2b0
[ 69.285682][ T5004] ? spin_bug+0x1c0/0x1c0
[ 69.290029][ T5004] ? lock_acquire+0x32/0xc0
[ 69.294556][ T5004] ? ptrace_stop.part.0+0x4e3/0x8e0
[ 69.299788][ T5004] ? __fget_light+0x20a/0x270
[ 69.304497][ T5004] __sys_sendmsg+0xf7/0x1c0
[ 69.309090][ T5004] ? __sys_sendmsg_sock+0x40/0x40
[ 69.314109][ T5004] ? lock_downgrade+0x690/0x690
[ 69.318989][ T5004] ? lockdep_hardirqs_on+0x7d/0x100
[ 69.324220][ T5004] ? _raw_spin_unlock_irq+0x2e/0x50
[ 69.329470][ T5004] ? ptrace_notify+0xfe/0x140
[ 69.334333][ T5004] do_syscall_64+0x39/0xb0
[ 69.338850][ T5004] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 69.344761][ T5004] RIP: 0033:0x7fc35e32beb9
[ 69.349192][ T5004] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 69.368885][ T5004] RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e