./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2831930976
<...>
DUID 00:04:ae:1e:d5:49:b7:3c:3f:84:b3:e9:d7:e4:a5:00:02:90
forked to background, child pid 4650
[ 32.531488][ T4651] 8021q: adding VLAN 0 to HW filter on device bond0
[ 32.540917][ T4651] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.1.186' (ECDSA) to the list of known hosts.
execve("./syz-executor2831930976", ["./syz-executor2831930976"], 0x7fffd0ff1e90 /* 10 vars */) = 0
brk(NULL) = 0x5555571f1000
brk(0x5555571f1c40) = 0x5555571f1c40
arch_prctl(ARCH_SET_FS, 0x5555571f1300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor2831930976", 4096) = 28
brk(0x555557212c40) = 0x555557212c40
brk(0x555557213000) = 0x555557213000
mprotect(0x7f19f6508000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5072 attached
, child_tidptr=0x5555571f15d0) = 5072
[pid 5072] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5072] setpgid(0, 0) = 0
[pid 5072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5072] write(3, "1000", 4) = 4
[pid 5072] close(3) = 0
[pid 5072] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid 5072] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 5072] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid 5072] listen(3, 6) = 0
[pid 5072] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid 5072] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid 5072] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5072] exit_group(0) = ?
[pid 5072] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5072, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555571f15d0) = 5073
./strace-static-x86_64: Process 5073 attached
[pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5073] setpgid(0, 0) = 0
[pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5073] write(3, "1000", 4) = 4
[pid 5073] close(3) = 0
syzkaller login: [ 52.568590][ T5072] dccp_xmit_packet: Payload too large (65475) for featneg.
[pid 5073] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid 5073] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 5073] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid 5073] listen(3, 6) = 0
[pid 5073] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid 5073] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid 5073] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 52.635815][ T5073] dccp_xmit_packet: Payload too large (65475) for featneg.
[ 52.690861][ T5073] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 52.702316][ T5073] CPU: 0 PID: 5073 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 52.712759][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 52.722809][ T5073] Call Trace:
[ 52.726096][ T5073]
[ 52.729046][ T5073] dump_stack_lvl+0xd1/0x138
[ 52.733672][ T5073] ccid3_update_send_interval.cold+0x87/0x93
[ 52.739672][ T5073] ccid3_hc_tx_packet_sent+0x132/0x160
[ 52.745236][ T5073] ? ccid3_update_send_interval+0x120/0x120
[ 52.751167][ T5073] dccp_xmit_packet+0x2f2/0x750
[ 52.756032][ T5073] dccp_write_xmit+0x171/0x1d0
[ 52.760897][ T5073] dccp_sendmsg+0xaee/0xd30
[ 52.765444][ T5073] ? dccp_done+0x100/0x100
[ 52.769897][ T5073] ? aa_af_perm+0x240/0x240
[ 52.774419][ T5073] ? __import_iovec+0x1fb/0x610
[ 52.779272][ T5073] inet_sendmsg+0x9d/0xe0
[ 52.783614][ T5073] ? inet_send_prepare+0x4e0/0x4e0
[ 52.788745][ T5073] sock_sendmsg+0xd3/0x120
[ 52.793162][ T5073] ____sys_sendmsg+0x712/0x8c0
[ 52.797922][ T5073] ? copy_msghdr_from_user+0xfc/0x150
[ 52.803307][ T5073] ? kernel_sendmsg+0x50/0x50
[ 52.807993][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 52.813981][ T5073] ___sys_sendmsg+0x110/0x1b0
[ 52.818666][ T5073] ? do_recvmmsg+0x6e0/0x6e0
[ 52.823261][ T5073] ? lock_release+0x810/0x810
[ 52.827962][ T5073] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 52.833176][ T5073] ? do_raw_spin_lock+0x124/0x2b0
[ 52.838201][ T5073] ? rwlock_bug.part.0+0x90/0x90
[ 52.843135][ T5073] ? _raw_spin_lock_irq+0x45/0x50
[ 52.848161][ T5073] ? __fget_light+0x20a/0x270
[ 52.852849][ T5073] __sys_sendmsg+0xf7/0x1c0
[ 52.857365][ T5073] ? __sys_sendmsg_sock+0x40/0x40
[ 52.862407][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 52.867283][ T5073] ? lockdep_hardirqs_on+0x7d/0x100
[ 52.872497][ T5073] ? _raw_spin_unlock_irq+0x2e/0x50
[ 52.877694][ T5073] ? ptrace_notify+0xfe/0x140
[ 52.882384][ T5073] do_syscall_64+0x39/0xb0
[ 52.886845][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 52.892750][ T5073] RIP: 0033:0x7f19f649aeb9
[ 52.897179][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 52.916798][ T5073] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 52.925217][ T5073] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f19f649aeb9
[ 52.933204][ T5073] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 52.941270][ T5073] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 52.949255][ T5073] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 52.957248][ T5073] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 52.965241][ T5073]
[ 52.972228][ T5073] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 52.983696][ T5073] CPU: 1 PID: 5073 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 52.994113][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 53.004163][ T5073] Call Trace:
[ 53.007435][ T5073]
[ 53.010360][ T5073] dump_stack_lvl+0xd1/0x138
[ 53.014955][ T5073] ccid3_update_send_interval.cold+0x87/0x93
[ 53.020934][ T5073] ccid3_hc_tx_packet_sent+0x132/0x160
[ 53.026390][ T5073] ? ccid3_update_send_interval+0x120/0x120
[ 53.032279][ T5073] dccp_xmit_packet+0x2f2/0x750
[ 53.037125][ T5073] dccp_write_xmit+0x171/0x1d0
[ 53.041885][ T5073] dccp_sendmsg+0xaee/0xd30
[ 53.046391][ T5073] ? dccp_done+0x100/0x100
[ 53.050813][ T5073] ? aa_af_perm+0x240/0x240
[ 53.055314][ T5073] ? __import_iovec+0x1fb/0x610
[ 53.060162][ T5073] inet_sendmsg+0x9d/0xe0
[ 53.064481][ T5073] ? inet_send_prepare+0x4e0/0x4e0
[ 53.069582][ T5073] sock_sendmsg+0xd3/0x120
[ 53.074016][ T5073] ____sys_sendmsg+0x712/0x8c0
[ 53.078812][ T5073] ? copy_msghdr_from_user+0xfc/0x150
[ 53.084204][ T5073] ? kernel_sendmsg+0x50/0x50
[ 53.088905][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 53.094914][ T5073] ___sys_sendmsg+0x110/0x1b0
[ 53.099609][ T5073] ? do_recvmmsg+0x6e0/0x6e0
[ 53.104225][ T5073] ? lock_release+0x810/0x810
[ 53.108925][ T5073] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 53.114138][ T5073] ? do_raw_spin_lock+0x124/0x2b0
[ 53.119167][ T5073] ? rwlock_bug.part.0+0x90/0x90
[ 53.124111][ T5073] ? _raw_spin_lock_irq+0x45/0x50
[ 53.129147][ T5073] ? __fget_light+0x20a/0x270
[ 53.133836][ T5073] __sys_sendmsg+0xf7/0x1c0
[ 53.138354][ T5073] ? __sys_sendmsg_sock+0x40/0x40
[ 53.143399][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 53.148277][ T5073] ? lockdep_hardirqs_on+0x7d/0x100
[ 53.153569][ T5073] ? _raw_spin_unlock_irq+0x2e/0x50
[ 53.158771][ T5073] ? ptrace_notify+0xfe/0x140
[ 53.163458][ T5073] do_syscall_64+0x39/0xb0
[ 53.167885][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 53.173786][ T5073] RIP: 0033:0x7f19f649aeb9
[ 53.178204][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 53.197814][ T5073] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 53.206234][ T5073] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007f19f649aeb9
[ 53.214208][ T5073] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 53.222180][ T5073] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 53.230154][ T5073] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 53.238133][ T5073] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 53.246124][ T5073]
[ 53.251495][ T5073] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 53.262970][ T5073] CPU: 0 PID: 5073 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 53.273378][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 53.283425][ T5073] Call Trace:
[ 53.286700][ T5073]
[ 53.289621][ T5073] dump_stack_lvl+0xd1/0x138
[ 53.294210][ T5073] ccid3_update_send_interval.cold+0x87/0x93
[ 53.300190][ T5073] ccid3_hc_tx_packet_sent+0x132/0x160
[ 53.305643][ T5073] ? ccid3_update_send_interval+0x120/0x120
[ 53.311534][ T5073] dccp_xmit_packet+0x2f2/0x750
[ 53.316381][ T5073] dccp_write_xmit+0x171/0x1d0
[ 53.321138][ T5073] dccp_sendmsg+0xaee/0xd30
[ 53.325638][ T5073] ? dccp_done+0x100/0x100
[ 53.330045][ T5073] ? aa_af_perm+0x240/0x240
[ 53.334544][ T5073] ? __import_iovec+0x1fb/0x610
[ 53.339393][ T5073] inet_sendmsg+0x9d/0xe0
[ 53.343717][ T5073] ? inet_send_prepare+0x4e0/0x4e0
[ 53.348819][ T5073] sock_sendmsg+0xd3/0x120
[ 53.353229][ T5073] ____sys_sendmsg+0x712/0x8c0
[ 53.357985][ T5073] ? copy_msghdr_from_user+0xfc/0x150
[ 53.363353][ T5073] ? kernel_sendmsg+0x50/0x50
[ 53.368041][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 53.374041][ T5073] ___sys_sendmsg+0x110/0x1b0
[ 53.378736][ T5073] ? do_recvmmsg+0x6e0/0x6e0
[ 53.383348][ T5073] ? lock_release+0x810/0x810
[ 53.388031][ T5073] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 53.393231][ T5073] ? do_raw_spin_lock+0x124/0x2b0
[ 53.398257][ T5073] ? rwlock_bug.part.0+0x90/0x90
[ 53.403186][ T5073] ? _raw_spin_lock_irq+0x45/0x50
[ 53.408208][ T5073] ? __fget_light+0x20a/0x270
[ 53.412881][ T5073] __sys_sendmsg+0xf7/0x1c0
[ 53.417381][ T5073] ? __sys_sendmsg_sock+0x40/0x40
[ 53.422398][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 53.427252][ T5073] ? lockdep_hardirqs_on+0x7d/0x100
[ 53.432440][ T5073] ? _raw_spin_unlock_irq+0x2e/0x50
[ 53.437632][ T5073] ? ptrace_notify+0xfe/0x140
[ 53.442305][ T5073] do_syscall_64+0x39/0xb0
[ 53.446737][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 53.452633][ T5073] RIP: 0033:0x7f19f649aeb9
[ 53.457044][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 53.476646][ T5073] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 53.485052][ T5073] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f19f649aeb9
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 53.493014][ T5073] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 53.500984][ T5073] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 53.508950][ T5073] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 53.516909][ T5073] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 53.524886][ T5073]
[ 53.530635][ T5073] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 53.542118][ T5073] CPU: 0 PID: 5073 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 53.552525][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 53.562569][ T5073] Call Trace:
[ 53.565839][ T5073]
[ 53.568763][ T5073] dump_stack_lvl+0xd1/0x138
[ 53.573354][ T5073] ccid3_update_send_interval.cold+0x87/0x93
[ 53.579333][ T5073] ccid3_hc_tx_packet_sent+0x132/0x160
[ 53.584788][ T5073] ? ccid3_update_send_interval+0x120/0x120
[ 53.590693][ T5073] dccp_xmit_packet+0x2f2/0x750
[ 53.595545][ T5073] dccp_write_xmit+0x171/0x1d0
[ 53.600304][ T5073] dccp_sendmsg+0xaee/0xd30
[ 53.604808][ T5073] ? dccp_done+0x100/0x100
[ 53.609217][ T5073] ? aa_af_perm+0x240/0x240
[ 53.613718][ T5073] ? __import_iovec+0x1fb/0x610
[ 53.618566][ T5073] inet_sendmsg+0x9d/0xe0
[ 53.622887][ T5073] ? inet_send_prepare+0x4e0/0x4e0
[ 53.627991][ T5073] sock_sendmsg+0xd3/0x120
[ 53.632399][ T5073] ____sys_sendmsg+0x712/0x8c0
[ 53.637161][ T5073] ? copy_msghdr_from_user+0xfc/0x150
[ 53.642525][ T5073] ? kernel_sendmsg+0x50/0x50
[ 53.647201][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 53.653190][ T5073] ___sys_sendmsg+0x110/0x1b0
[ 53.657862][ T5073] ? do_recvmmsg+0x6e0/0x6e0
[ 53.662455][ T5073] ? lock_release+0x810/0x810
[ 53.667129][ T5073] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 53.672321][ T5073] ? do_raw_spin_lock+0x124/0x2b0
[ 53.677353][ T5073] ? rwlock_bug.part.0+0x90/0x90
[ 53.682281][ T5073] ? _raw_spin_lock_irq+0x45/0x50
[ 53.687304][ T5073] ? __fget_light+0x20a/0x270
[ 53.691984][ T5073] __sys_sendmsg+0xf7/0x1c0
[ 53.696482][ T5073] ? __sys_sendmsg_sock+0x40/0x40
[ 53.701499][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 53.706352][ T5073] ? lockdep_hardirqs_on+0x7d/0x100
[ 53.711544][ T5073] ? _raw_spin_unlock_irq+0x2e/0x50
[ 53.716733][ T5073] ? ptrace_notify+0xfe/0x140
[ 53.721432][ T5073] do_syscall_64+0x39/0xb0
[ 53.725847][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 53.731732][ T5073] RIP: 0033:0x7f19f649aeb9
[ 53.736140][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 53.755754][ T5073] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 53.764157][ T5073] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f19f649aeb9
[ 53.772121][ T5073] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 53.780080][ T5073] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 53.788045][ T5073] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 53.796007][ T5073] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 53.803995][ T5073]
[ 53.809771][ T5073] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 53.820985][ T5073] CPU: 0 PID: 5073 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 53.831424][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 53.841495][ T5073] Call Trace:
[ 53.844774][ T5073]
[ 53.847700][ T5073] dump_stack_lvl+0xd1/0x138
[ 53.852294][ T5073] ccid3_update_send_interval.cold+0x87/0x93
[ 53.858304][ T5073] ccid3_hc_tx_packet_sent+0x132/0x160
[ 53.863795][ T5073] ? ccid3_update_send_interval+0x120/0x120
[ 53.869695][ T5073] dccp_xmit_packet+0x2f2/0x750
[ 53.874564][ T5073] dccp_write_xmit+0x171/0x1d0
[ 53.879340][ T5073] dccp_sendmsg+0xaee/0xd30
[ 53.883847][ T5073] ? dccp_done+0x100/0x100
[ 53.888275][ T5073] ? aa_af_perm+0x240/0x240
[ 53.892804][ T5073] ? __import_iovec+0x1fb/0x610
[ 53.897659][ T5073] inet_sendmsg+0x9d/0xe0
[ 53.902591][ T5073] ? inet_send_prepare+0x4e0/0x4e0
[ 53.907709][ T5073] sock_sendmsg+0xd3/0x120
[ 53.912145][ T5073] ____sys_sendmsg+0x712/0x8c0
[ 53.916905][ T5073] ? copy_msghdr_from_user+0xfc/0x150
[ 53.922278][ T5073] ? kernel_sendmsg+0x50/0x50
[ 53.926969][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 53.932976][ T5073] ___sys_sendmsg+0x110/0x1b0
[ 53.937666][ T5073] ? do_recvmmsg+0x6e0/0x6e0
[ 53.942282][ T5073] ? lock_release+0x810/0x810
[ 53.946974][ T5073] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 53.952182][ T5073] ? do_raw_spin_lock+0x124/0x2b0
[ 53.957214][ T5073] ? rwlock_bug.part.0+0x90/0x90
[ 53.962156][ T5073] ? _raw_spin_lock_irq+0x45/0x50
[ 53.967215][ T5073] ? __fget_light+0x20a/0x270
[ 53.971910][ T5073] __sys_sendmsg+0xf7/0x1c0
[ 53.976423][ T5073] ? __sys_sendmsg_sock+0x40/0x40
[ 53.981457][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 53.986333][ T5073] ? lockdep_hardirqs_on+0x7d/0x100
[ 53.991537][ T5073] ? _raw_spin_unlock_irq+0x2e/0x50
[ 53.996743][ T5073] ? ptrace_notify+0xfe/0x140
[ 54.001429][ T5073] do_syscall_64+0x39/0xb0
[ 54.005856][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 54.011758][ T5073] RIP: 0033:0x7f19f649aeb9
[ 54.016179][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 54.035803][ T5073] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 54.044228][ T5073] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007f19f649aeb9
[ 54.052208][ T5073] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 54.060184][ T5073] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 54.068158][ T5073] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 54.076132][ T5073] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 54.084127][ T5073]
[ 54.088925][ T5073] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 54.100236][ T5073] CPU: 0 PID: 5073 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 54.110665][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 54.120714][ T5073] Call Trace:
[ 54.124002][ T5073]
[ 54.126950][ T5073] dump_stack_lvl+0xd1/0x138
[ 54.131567][ T5073] ccid3_update_send_interval.cold+0x87/0x93
[ 54.137553][ T5073] ccid3_hc_tx_packet_sent+0x132/0x160
[ 54.143010][ T5073] ? ccid3_update_send_interval+0x120/0x120
[ 54.148902][ T5073] dccp_xmit_packet+0x2f2/0x750
[ 54.153752][ T5073] dccp_write_xmit+0x171/0x1d0
[ 54.158531][ T5073] dccp_sendmsg+0xaee/0xd30
[ 54.163066][ T5073] ? dccp_done+0x100/0x100
[ 54.167478][ T5073] ? aa_af_perm+0x240/0x240
[ 54.171978][ T5073] ? __import_iovec+0x1fb/0x610
[ 54.176857][ T5073] inet_sendmsg+0x9d/0xe0
[ 54.181206][ T5073] ? inet_send_prepare+0x4e0/0x4e0
[ 54.186325][ T5073] sock_sendmsg+0xd3/0x120
[ 54.190758][ T5073] ____sys_sendmsg+0x712/0x8c0
[ 54.195521][ T5073] ? copy_msghdr_from_user+0xfc/0x150
[ 54.200915][ T5073] ? kernel_sendmsg+0x50/0x50
[ 54.205614][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 54.211621][ T5073] ___sys_sendmsg+0x110/0x1b0
[ 54.216323][ T5073] ? do_recvmmsg+0x6e0/0x6e0
[ 54.220937][ T5073] ? lock_release+0x810/0x810
[ 54.225727][ T5073] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 54.230936][ T5073] ? do_raw_spin_lock+0x124/0x2b0
[ 54.235979][ T5073] ? rwlock_bug.part.0+0x90/0x90
[ 54.240923][ T5073] ? _raw_spin_lock_irq+0x45/0x50
[ 54.245961][ T5073] ? __fget_light+0x20a/0x270
[ 54.250652][ T5073] __sys_sendmsg+0xf7/0x1c0
[ 54.255166][ T5073] ? __sys_sendmsg_sock+0x40/0x40
[ 54.260201][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 54.265095][ T5073] ? lockdep_hardirqs_on+0x7d/0x100
[ 54.270298][ T5073] ? _raw_spin_unlock_irq+0x2e/0x50
[ 54.275504][ T5073] ? ptrace_notify+0xfe/0x140
[ 54.280194][ T5073] do_syscall_64+0x39/0xb0
[ 54.284624][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 54.290523][ T5073] RIP: 0033:0x7f19f649aeb9
[ 54.294969][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 54.314581][ T5073] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 54.323001][ T5073] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f19f649aeb9
[ 54.330984][ T5073] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 54.338956][ T5073] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 54.346929][ T5073] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 54.354923][ T5073] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 54.362914][ T5073]
[ 54.370670][ T5073] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 54.382205][ T5073] CPU: 0 PID: 5073 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 54.392647][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 54.402715][ T5073] Call Trace:
[ 54.405998][ T5073]
[ 54.408926][ T5073] dump_stack_lvl+0xd1/0x138
[ 54.413522][ T5073] ccid3_update_send_interval.cold+0x87/0x93
[ 54.419505][ T5073] ccid3_hc_tx_packet_sent+0x132/0x160
[ 54.424958][ T5073] ? ccid3_update_send_interval+0x120/0x120
[ 54.430847][ T5073] dccp_xmit_packet+0x2f2/0x750
[ 54.435696][ T5073] dccp_write_xmit+0x171/0x1d0
[ 54.440474][ T5073] dccp_sendmsg+0xaee/0xd30
[ 54.444973][ T5073] ? dccp_done+0x100/0x100
[ 54.449385][ T5073] ? aa_af_perm+0x240/0x240
[ 54.453886][ T5073] ? __import_iovec+0x1fb/0x610
[ 54.458752][ T5073] inet_sendmsg+0x9d/0xe0
[ 54.463075][ T5073] ? inet_send_prepare+0x4e0/0x4e0
[ 54.468181][ T5073] sock_sendmsg+0xd3/0x120
[ 54.472595][ T5073] ____sys_sendmsg+0x712/0x8c0
[ 54.477351][ T5073] ? copy_msghdr_from_user+0xfc/0x150
[ 54.482719][ T5073] ? kernel_sendmsg+0x50/0x50
[ 54.487408][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 54.493411][ T5073] ___sys_sendmsg+0x110/0x1b0
[ 54.498123][ T5073] ? do_recvmmsg+0x6e0/0x6e0
[ 54.502757][ T5073] ? lock_release+0x810/0x810
[ 54.507456][ T5073] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 54.512670][ T5073] ? do_raw_spin_lock+0x124/0x2b0
[ 54.517715][ T5073] ? rwlock_bug.part.0+0x90/0x90
[ 54.522668][ T5073] ? _raw_spin_lock_irq+0x45/0x50
[ 54.527709][ T5073] ? __fget_light+0x20a/0x270
[ 54.532398][ T5073] __sys_sendmsg+0xf7/0x1c0
[ 54.536916][ T5073] ? __sys_sendmsg_sock+0x40/0x40
[ 54.541950][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 54.546828][ T5073] ? lockdep_hardirqs_on+0x7d/0x100
[ 54.552033][ T5073] ? _raw_spin_unlock_irq+0x2e/0x50
[ 54.557235][ T5073] ? ptrace_notify+0xfe/0x140
[ 54.561923][ T5073] do_syscall_64+0x39/0xb0
[ 54.566349][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 54.572248][ T5073] RIP: 0033:0x7f19f649aeb9
[ 54.576693][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 54.596306][ T5073] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 54.604728][ T5073] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f19f649aeb9
[ 54.612703][ T5073] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 54.620675][ T5073] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 54.628647][ T5073] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 54.636621][ T5073] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 54.644623][ T5073]
[ 54.650617][ T5073] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 54.661949][ T5073] CPU: 0 PID: 5073 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 54.672549][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 54.682599][ T5073] Call Trace:
[ 54.686220][ T5073]
[ 54.689148][ T5073] dump_stack_lvl+0xd1/0x138
[ 54.693751][ T5073] ccid3_update_send_interval.cold+0x87/0x93
[ 54.699787][ T5073] ccid3_hc_tx_packet_sent+0x132/0x160
[ 54.705265][ T5073] ? ccid3_update_send_interval+0x120/0x120
[ 54.711221][ T5073] dccp_xmit_packet+0x2f2/0x750
[ 54.716089][ T5073] dccp_write_xmit+0x171/0x1d0
[ 54.720864][ T5073] dccp_sendmsg+0xaee/0xd30
[ 54.725380][ T5073] ? dccp_done+0x100/0x100
[ 54.729900][ T5073] ? aa_af_perm+0x240/0x240
[ 54.734398][ T5073] ? __import_iovec+0x1fb/0x610
[ 54.739257][ T5073] inet_sendmsg+0x9d/0xe0
[ 54.743604][ T5073] ? inet_send_prepare+0x4e0/0x4e0
[ 54.748703][ T5073] sock_sendmsg+0xd3/0x120
[ 54.753126][ T5073] ____sys_sendmsg+0x712/0x8c0
[ 54.757924][ T5073] ? copy_msghdr_from_user+0xfc/0x150
[ 54.763300][ T5073] ? kernel_sendmsg+0x50/0x50
[ 54.767979][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 54.773978][ T5073] ___sys_sendmsg+0x110/0x1b0
[ 54.778676][ T5073] ? do_recvmmsg+0x6e0/0x6e0
[ 54.783283][ T5073] ? lock_release+0x810/0x810
[ 54.787978][ T5073] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 54.793188][ T5073] ? do_raw_spin_lock+0x124/0x2b0
[ 54.798204][ T5073] ? rwlock_bug.part.0+0x90/0x90
[ 54.803144][ T5073] ? _raw_spin_lock_irq+0x45/0x50
[ 54.808209][ T5073] ? __fget_light+0x20a/0x270
[ 54.812896][ T5073] __sys_sendmsg+0xf7/0x1c0
[ 54.817418][ T5073] ? __sys_sendmsg_sock+0x40/0x40
[ 54.822490][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 54.827367][ T5073] ? lockdep_hardirqs_on+0x7d/0x100
[ 54.832567][ T5073] ? _raw_spin_unlock_irq+0x2e/0x50
[ 54.837765][ T5073] ? ptrace_notify+0xfe/0x140
[ 54.842452][ T5073] do_syscall_64+0x39/0xb0
[ 54.846866][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 54.852750][ T5073] RIP: 0033:0x7f19f649aeb9
[ 54.857155][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 54.876766][ T5073] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 54.885211][ T5073] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f19f649aeb9
[ 54.893191][ T5073] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 54.901162][ T5073] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 54.909139][ T5073] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 54.917115][ T5073] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 54.925194][ T5073]
[ 54.930387][ T5073] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 54.941562][ T5073] CPU: 0 PID: 5073 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 54.951970][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 54.962032][ T5073] Call Trace:
[ 54.965322][ T5073]
[ 54.968247][ T5073] dump_stack_lvl+0xd1/0x138
[ 54.972844][ T5073] ccid3_update_send_interval.cold+0x87/0x93
[ 54.978954][ T5073] ccid3_hc_tx_packet_sent+0x132/0x160
[ 54.984421][ T5073] ? ccid3_update_send_interval+0x120/0x120
[ 54.990316][ T5073] dccp_xmit_packet+0x2f2/0x750
[ 54.995180][ T5073] dccp_write_xmit+0x171/0x1d0
[ 55.000054][ T5073] dccp_sendmsg+0xaee/0xd30
[ 55.004555][ T5073] ? dccp_done+0x100/0x100
[ 55.009005][ T5073] ? aa_af_perm+0x240/0x240
[ 55.013532][ T5073] ? __import_iovec+0x1fb/0x610
[ 55.018382][ T5073] inet_sendmsg+0x9d/0xe0
[ 55.022704][ T5073] ? inet_send_prepare+0x4e0/0x4e0
[ 55.027805][ T5073] sock_sendmsg+0xd3/0x120
[ 55.032219][ T5073] ____sys_sendmsg+0x712/0x8c0
[ 55.037007][ T5073] ? copy_msghdr_from_user+0xfc/0x150
[ 55.042409][ T5073] ? kernel_sendmsg+0x50/0x50
[ 55.047122][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 55.053107][ T5073] ___sys_sendmsg+0x110/0x1b0
[ 55.057801][ T5073] ? do_recvmmsg+0x6e0/0x6e0
[ 55.062417][ T5073] ? lock_release+0x810/0x810
[ 55.067091][ T5073] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 55.072282][ T5073] ? do_raw_spin_lock+0x124/0x2b0
[ 55.077321][ T5073] ? rwlock_bug.part.0+0x90/0x90
[ 55.082272][ T5073] ? _raw_spin_lock_irq+0x45/0x50
[ 55.087309][ T5073] ? __fget_light+0x20a/0x270
[ 55.091996][ T5073] __sys_sendmsg+0xf7/0x1c0
[ 55.096506][ T5073] ? __sys_sendmsg_sock+0x40/0x40
[ 55.101528][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 55.106388][ T5073] ? lockdep_hardirqs_on+0x7d/0x100
[ 55.111599][ T5073] ? _raw_spin_unlock_irq+0x2e/0x50
[ 55.116801][ T5073] ? ptrace_notify+0xfe/0x140
[ 55.121472][ T5073] do_syscall_64+0x39/0xb0
[ 55.125895][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 55.131865][ T5073] RIP: 0033:0x7f19f649aeb9
[ 55.136272][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 55.155875][ T5073] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 55.164282][ T5073] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f19f649aeb9
[ 55.172257][ T5073] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 55.180238][ T5073] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 55.188244][ T5073] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 55.196229][ T5073] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 55.204207][ T5073]
[ 55.211019][ T5073] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 55.222235][ T5073] CPU: 0 PID: 5073 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 55.232656][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 55.242723][ T5073] Call Trace:
[ 55.246013][ T5073]
[ 55.249049][ T5073] dump_stack_lvl+0xd1/0x138
[ 55.253667][ T5073] ccid3_update_send_interval.cold+0x87/0x93
[ 55.259651][ T5073] ccid3_hc_tx_packet_sent+0x132/0x160
[ 55.265104][ T5073] ? ccid3_update_send_interval+0x120/0x120
[ 55.271011][ T5073] dccp_xmit_packet+0x2f2/0x750
[ 55.275883][ T5073] dccp_write_xmit+0x171/0x1d0
[ 55.280655][ T5073] dccp_sendmsg+0xaee/0xd30
[ 55.285173][ T5073] ? dccp_done+0x100/0x100
[ 55.289603][ T5073] ? aa_af_perm+0x240/0x240
[ 55.294104][ T5073] ? __import_iovec+0x1fb/0x610
[ 55.298969][ T5073] inet_sendmsg+0x9d/0xe0
[ 55.303311][ T5073] ? inet_send_prepare+0x4e0/0x4e0
[ 55.308417][ T5073] sock_sendmsg+0xd3/0x120
[ 55.312845][ T5073] ____sys_sendmsg+0x712/0x8c0
[ 55.317639][ T5073] ? copy_msghdr_from_user+0xfc/0x150
[ 55.323008][ T5073] ? kernel_sendmsg+0x50/0x50
[ 55.327681][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 55.333670][ T5073] ___sys_sendmsg+0x110/0x1b0
[ 55.338367][ T5073] ? do_recvmmsg+0x6e0/0x6e0
[ 55.342963][ T5073] ? lock_release+0x810/0x810
[ 55.347665][ T5073] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 55.352881][ T5073] ? do_raw_spin_lock+0x124/0x2b0
[ 55.357916][ T5073] ? rwlock_bug.part.0+0x90/0x90
[ 55.362871][ T5073] ? _raw_spin_lock_irq+0x45/0x50
[ 55.367927][ T5073] ? __fget_light+0x20a/0x270
[ 55.372635][ T5073] __sys_sendmsg+0xf7/0x1c0
[ 55.377143][ T5073] ? __sys_sendmsg_sock+0x40/0x40
[ 55.382259][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 55.387656][ T5073] ? lockdep_hardirqs_on+0x7d/0x100
[ 55.392873][ T5073] ? _raw_spin_unlock_irq+0x2e/0x50
[ 55.398069][ T5073] ? ptrace_notify+0xfe/0x140
[ 55.402836][ T5073] do_syscall_64+0x39/0xb0
[ 55.407268][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 55.413268][ T5073] RIP: 0033:0x7f19f649aeb9
[ 55.417678][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 55.437387][ T5073] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 55.445886][ T5073] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f19f649aeb9
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 55.453867][ T5073] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 55.461858][ T5073] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 55.469838][ T5073] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 55.477807][ T5073] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 55.485784][ T5073]
[ 55.493327][ T5073] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 55.504525][ T5073] CPU: 0 PID: 5073 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 55.514958][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 55.525010][ T5073] Call Trace:
[ 55.528291][ T5073]
[ 55.531216][ T5073] dump_stack_lvl+0xd1/0x138
[ 55.535819][ T5073] ccid3_update_send_interval.cold+0x87/0x93
[ 55.541902][ T5073] ccid3_hc_tx_packet_sent+0x132/0x160
[ 55.547364][ T5073] ? ccid3_update_send_interval+0x120/0x120
[ 55.553522][ T5073] dccp_xmit_packet+0x2f2/0x750
[ 55.558386][ T5073] dccp_write_xmit+0x171/0x1d0
[ 55.563150][ T5073] dccp_sendmsg+0xaee/0xd30
[ 55.567653][ T5073] ? dccp_done+0x100/0x100
[ 55.572071][ T5073] ? aa_af_perm+0x240/0x240
[ 55.576595][ T5073] ? __import_iovec+0x1fb/0x610
[ 55.581443][ T5073] inet_sendmsg+0x9d/0xe0
[ 55.585764][ T5073] ? inet_send_prepare+0x4e0/0x4e0
[ 55.590869][ T5073] sock_sendmsg+0xd3/0x120
[ 55.595284][ T5073] ____sys_sendmsg+0x712/0x8c0
[ 55.600057][ T5073] ? copy_msghdr_from_user+0xfc/0x150
[ 55.605457][ T5073] ? kernel_sendmsg+0x50/0x50
[ 55.610152][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 55.616153][ T5073] ___sys_sendmsg+0x110/0x1b0
[ 55.620839][ T5073] ? do_recvmmsg+0x6e0/0x6e0
[ 55.625456][ T5073] ? lock_release+0x810/0x810
[ 55.630131][ T5073] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 55.635324][ T5073] ? do_raw_spin_lock+0x124/0x2b0
[ 55.640352][ T5073] ? rwlock_bug.part.0+0x90/0x90
[ 55.645298][ T5073] ? _raw_spin_lock_irq+0x45/0x50
[ 55.650322][ T5073] ? __fget_light+0x20a/0x270
[ 55.654997][ T5073] __sys_sendmsg+0xf7/0x1c0
[ 55.659497][ T5073] ? __sys_sendmsg_sock+0x40/0x40
[ 55.664525][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 55.669406][ T5073] ? lockdep_hardirqs_on+0x7d/0x100
[ 55.674601][ T5073] ? _raw_spin_unlock_irq+0x2e/0x50
[ 55.679795][ T5073] ? ptrace_notify+0xfe/0x140
[ 55.684469][ T5073] do_syscall_64+0x39/0xb0
[ 55.688885][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 55.694777][ T5073] RIP: 0033:0x7f19f649aeb9
[ 55.699213][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 55.718833][ T5073] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 55.727238][ T5073] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f19f649aeb9
[ 55.735212][ T5073] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 55.743191][ T5073] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[pid 5073] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5073] exit_group(0) = ?
[pid 5073] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5073, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555571f15d0) = 5074
./strace-static-x86_64: Process 5074 attached
[pid 5074] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5074] setpgid(0, 0) = 0
[pid 5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5074] write(3, "1000", 4) = 4
[pid 5074] close(3) = 0
[pid 5074] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid 5074] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 5074] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid 5074] listen(3, 6) = 0
[pid 5074] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid 5074] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid 5074] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 55.751155][ T5073] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 55.759114][ T5073] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 55.767109][ T5073]
[ 55.790687][ T5074] dccp_xmit_packet: Payload too large (65475) for featneg.
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 55.835159][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 55.846777][ T5074] CPU: 0 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 55.857214][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 55.867277][ T5074] Call Trace:
[ 55.870562][ T5074]
[ 55.873485][ T5074] dump_stack_lvl+0xd1/0x138
[ 55.878077][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 55.884074][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 55.889563][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 55.895476][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 55.900337][ T5074] dccp_write_xmit+0x171/0x1d0
[ 55.905120][ T5074] dccp_sendmsg+0xaee/0xd30
[ 55.909673][ T5074] ? dccp_done+0x100/0x100
[ 55.914092][ T5074] ? aa_af_perm+0x240/0x240
[ 55.918605][ T5074] ? __import_iovec+0x1fb/0x610
[ 55.923457][ T5074] inet_sendmsg+0x9d/0xe0
[ 55.927780][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 55.932908][ T5074] sock_sendmsg+0xd3/0x120
[ 55.937339][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 55.942096][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 55.947476][ T5074] ? kernel_sendmsg+0x50/0x50
[ 55.952169][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 55.958196][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 55.962883][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 55.967502][ T5074] ? lock_release+0x810/0x810
[ 55.972218][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 55.977420][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 55.982468][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 55.987396][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 55.992418][ T5074] ? __fget_light+0x20a/0x270
[ 55.997108][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 56.001609][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 56.006640][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 56.011521][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 56.016712][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 56.021917][ T5074] ? ptrace_notify+0xfe/0x140
[ 56.026607][ T5074] do_syscall_64+0x39/0xb0
[ 56.031020][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 56.036911][ T5074] RIP: 0033:0x7f19f649aeb9
[ 56.041327][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 56.060957][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 56.069396][ T5074] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007f19f649aeb9
[ 56.077373][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 56.085352][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 56.093316][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 56.101375][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 56.109461][ T5074]
[ 56.114608][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 56.126284][ T5074] CPU: 1 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 56.136828][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 56.146886][ T5074] Call Trace:
[ 56.150165][ T5074]
[ 56.153281][ T5074] dump_stack_lvl+0xd1/0x138
[ 56.157887][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 56.163893][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 56.169365][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 56.175287][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 56.180178][ T5074] dccp_write_xmit+0x171/0x1d0
[ 56.184957][ T5074] dccp_sendmsg+0xaee/0xd30
[ 56.189489][ T5074] ? dccp_done+0x100/0x100
[ 56.193912][ T5074] ? aa_af_perm+0x240/0x240
[ 56.198427][ T5074] ? __import_iovec+0x1fb/0x610
[ 56.203377][ T5074] inet_sendmsg+0x9d/0xe0
[ 56.207709][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 56.212823][ T5074] sock_sendmsg+0xd3/0x120
[ 56.217247][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 56.222017][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 56.227397][ T5074] ? kernel_sendmsg+0x50/0x50
[ 56.232090][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 56.238088][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 56.242777][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 56.247408][ T5074] ? lock_release+0x810/0x810
[ 56.252116][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 56.257319][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 56.262346][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 56.267285][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 56.272336][ T5074] ? __fget_light+0x20a/0x270
[ 56.277028][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 56.281542][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 56.286585][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 56.291459][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 56.296663][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 56.301866][ T5074] ? ptrace_notify+0xfe/0x140
[ 56.306551][ T5074] do_syscall_64+0x39/0xb0
[ 56.311162][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 56.317058][ T5074] RIP: 0033:0x7f19f649aeb9
[ 56.321498][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 56.341107][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 56.349712][ T5074] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f19f649aeb9
[ 56.357683][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 56.365657][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 56.373650][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 56.381639][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 56.389813][ T5074]
[ 56.395246][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 56.406747][ T5074] CPU: 1 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 56.417153][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 56.427209][ T5074] Call Trace:
[ 56.430484][ T5074]
[ 56.433411][ T5074] dump_stack_lvl+0xd1/0x138
[ 56.438009][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 56.444008][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 56.449562][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 56.455515][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 56.460446][ T5074] dccp_write_xmit+0x171/0x1d0
[ 56.465201][ T5074] dccp_sendmsg+0xaee/0xd30
[ 56.469697][ T5074] ? dccp_done+0x100/0x100
[ 56.474111][ T5074] ? aa_af_perm+0x240/0x240
[ 56.478610][ T5074] ? __import_iovec+0x1fb/0x610
[ 56.483545][ T5074] inet_sendmsg+0x9d/0xe0
[ 56.487863][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 56.492963][ T5074] sock_sendmsg+0xd3/0x120
[ 56.497474][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 56.502229][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 56.507686][ T5074] ? kernel_sendmsg+0x50/0x50
[ 56.512369][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 56.518359][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 56.523054][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 56.527687][ T5074] ? lock_release+0x810/0x810
[ 56.532377][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 56.537580][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 56.542610][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 56.547551][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 56.552588][ T5074] ? __fget_light+0x20a/0x270
[ 56.557299][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 56.561815][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 56.566861][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 56.571750][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 56.576982][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 56.582209][ T5074] ? ptrace_notify+0xfe/0x140
[ 56.586903][ T5074] do_syscall_64+0x39/0xb0
[ 56.591337][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 56.597237][ T5074] RIP: 0033:0x7f19f649aeb9
[ 56.601657][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 56.621270][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 56.629688][ T5074] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f19f649aeb9
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 56.637660][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 56.645633][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 56.653603][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 56.661578][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 56.669568][ T5074]
[ 56.675832][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 56.687166][ T5074] CPU: 0 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 56.697622][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 56.707707][ T5074] Call Trace:
[ 56.710998][ T5074]
[ 56.713935][ T5074] dump_stack_lvl+0xd1/0x138
[ 56.718527][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 56.724517][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 56.729980][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 56.735873][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 56.740729][ T5074] dccp_write_xmit+0x171/0x1d0
[ 56.745504][ T5074] dccp_sendmsg+0xaee/0xd30
[ 56.750015][ T5074] ? dccp_done+0x100/0x100
[ 56.754430][ T5074] ? aa_af_perm+0x240/0x240
[ 56.758948][ T5074] ? __import_iovec+0x1fb/0x610
[ 56.763827][ T5074] inet_sendmsg+0x9d/0xe0
[ 56.768153][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 56.773262][ T5074] sock_sendmsg+0xd3/0x120
[ 56.777676][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 56.782448][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 56.787843][ T5074] ? kernel_sendmsg+0x50/0x50
[ 56.792522][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 56.798507][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 56.803185][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 56.807795][ T5074] ? lock_release+0x810/0x810
[ 56.812475][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 56.817666][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 56.822718][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 56.827669][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 56.832707][ T5074] ? __fget_light+0x20a/0x270
[ 56.837407][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 56.841911][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 56.846933][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 56.851791][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 56.856983][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 56.862177][ T5074] ? ptrace_notify+0xfe/0x140
[ 56.866874][ T5074] do_syscall_64+0x39/0xb0
[ 56.871292][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 56.877188][ T5074] RIP: 0033:0x7f19f649aeb9
[ 56.881615][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 56.901523][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 56.909939][ T5074] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007f19f649aeb9
[ 56.917916][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 56.925921][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 56.933895][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 56.941875][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 56.949874][ T5074]
[ 56.957161][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 56.968392][ T5074] CPU: 0 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 56.978800][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 56.988854][ T5074] Call Trace:
[ 56.992127][ T5074]
[ 56.995055][ T5074] dump_stack_lvl+0xd1/0x138
[ 56.999647][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 57.005642][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 57.011124][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 57.017037][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 57.021915][ T5074] dccp_write_xmit+0x171/0x1d0
[ 57.026690][ T5074] dccp_sendmsg+0xaee/0xd30
[ 57.031215][ T5074] ? dccp_done+0x100/0x100
[ 57.035628][ T5074] ? aa_af_perm+0x240/0x240
[ 57.040130][ T5074] ? __import_iovec+0x1fb/0x610
[ 57.044981][ T5074] inet_sendmsg+0x9d/0xe0
[ 57.049307][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 57.054427][ T5074] sock_sendmsg+0xd3/0x120
[ 57.058882][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 57.063673][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 57.069050][ T5074] ? kernel_sendmsg+0x50/0x50
[ 57.073803][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 57.079808][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 57.084501][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 57.089118][ T5074] ? lock_release+0x810/0x810
[ 57.093810][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 57.099020][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 57.104052][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 57.109000][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 57.114039][ T5074] ? __fget_light+0x20a/0x270
[ 57.118748][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 57.123277][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 57.128324][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 57.133215][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 57.138423][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 57.143633][ T5074] ? ptrace_notify+0xfe/0x140
[ 57.148322][ T5074] do_syscall_64+0x39/0xb0
[ 57.152751][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 57.158651][ T5074] RIP: 0033:0x7f19f649aeb9
[ 57.163073][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 57.182689][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 57.191111][ T5074] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f19f649aeb9
[ 57.199085][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 57.207076][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 57.215057][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 57.223031][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 57.231023][ T5074]
[ 57.237762][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 57.249193][ T5074] CPU: 1 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 57.259635][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 57.269687][ T5074] Call Trace:
[ 57.272973][ T5074]
[ 57.275931][ T5074] dump_stack_lvl+0xd1/0x138
[ 57.280564][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 57.286579][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 57.292052][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 57.297961][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 57.302819][ T5074] dccp_write_xmit+0x171/0x1d0
[ 57.307591][ T5074] dccp_sendmsg+0xaee/0xd30
[ 57.312106][ T5074] ? dccp_done+0x100/0x100
[ 57.316530][ T5074] ? aa_af_perm+0x240/0x240
[ 57.321055][ T5074] ? __import_iovec+0x1fb/0x610
[ 57.325909][ T5074] inet_sendmsg+0x9d/0xe0
[ 57.330242][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 57.335349][ T5074] sock_sendmsg+0xd3/0x120
[ 57.339763][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 57.344537][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 57.349956][ T5074] ? kernel_sendmsg+0x50/0x50
[ 57.354658][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 57.360644][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 57.365331][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 57.369949][ T5074] ? lock_release+0x810/0x810
[ 57.374629][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 57.379823][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 57.384854][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 57.389810][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 57.394848][ T5074] ? __fget_light+0x20a/0x270
[ 57.399541][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 57.404046][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 57.409069][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 57.413962][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 57.419163][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 57.424358][ T5074] ? ptrace_notify+0xfe/0x140
[ 57.429031][ T5074] do_syscall_64+0x39/0xb0
[ 57.433449][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 57.439350][ T5074] RIP: 0033:0x7f19f649aeb9
[ 57.443778][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 57.463385][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 57.471797][ T5074] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f19f649aeb9
[ 57.479776][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 57.487764][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 57.495733][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 57.503735][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 57.511738][ T5074]
[ 57.517885][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 57.529696][ T5074] CPU: 0 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 57.540114][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 57.550165][ T5074] Call Trace:
[ 57.553435][ T5074]
[ 57.556357][ T5074] dump_stack_lvl+0xd1/0x138
[ 57.560967][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 57.566949][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 57.572408][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 57.578297][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 57.583144][ T5074] dccp_write_xmit+0x171/0x1d0
[ 57.587900][ T5074] dccp_sendmsg+0xaee/0xd30
[ 57.592407][ T5074] ? dccp_done+0x100/0x100
[ 57.596842][ T5074] ? aa_af_perm+0x240/0x240
[ 57.601344][ T5074] ? __import_iovec+0x1fb/0x610
[ 57.606192][ T5074] inet_sendmsg+0x9d/0xe0
[ 57.610514][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 57.615622][ T5074] sock_sendmsg+0xd3/0x120
[ 57.620057][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 57.624823][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 57.630218][ T5074] ? kernel_sendmsg+0x50/0x50
[ 57.634913][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 57.640915][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 57.645606][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 57.650224][ T5074] ? lock_release+0x810/0x810
[ 57.654929][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 57.660173][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 57.665213][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 57.670162][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 57.675205][ T5074] ? __fget_light+0x20a/0x270
[ 57.679901][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 57.684421][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 57.689460][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 57.694340][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 57.699548][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 57.704753][ T5074] ? ptrace_notify+0xfe/0x140
[ 57.709440][ T5074] do_syscall_64+0x39/0xb0
[ 57.713867][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 57.719774][ T5074] RIP: 0033:0x7f19f649aeb9
[ 57.724194][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 57.743806][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 57.752224][ T5074] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007f19f649aeb9
[ 57.760201][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 57.768195][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 57.776186][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 57.784177][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 57.792193][ T5074]
[ 57.798332][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 57.809837][ T5074] CPU: 0 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 57.820286][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 57.830338][ T5074] Call Trace:
[ 57.833635][ T5074]
[ 57.836570][ T5074] dump_stack_lvl+0xd1/0x138
[ 57.841172][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 57.847169][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 57.852637][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 57.858534][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 57.863401][ T5074] dccp_write_xmit+0x171/0x1d0
[ 57.868210][ T5074] dccp_sendmsg+0xaee/0xd30
[ 57.872724][ T5074] ? dccp_done+0x100/0x100
[ 57.877143][ T5074] ? aa_af_perm+0x240/0x240
[ 57.881698][ T5074] ? __import_iovec+0x1fb/0x610
[ 57.886598][ T5074] inet_sendmsg+0x9d/0xe0
[ 57.890936][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 57.896057][ T5074] sock_sendmsg+0xd3/0x120
[ 57.900489][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 57.905252][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 57.910630][ T5074] ? kernel_sendmsg+0x50/0x50
[ 57.915320][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 57.921324][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 57.926021][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 57.930645][ T5074] ? lock_release+0x810/0x810
[ 57.935338][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 57.940547][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 57.945580][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 57.950520][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 57.955561][ T5074] ? __fget_light+0x20a/0x270
[ 57.960250][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 57.964765][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 57.969801][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 57.974677][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 57.979883][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 57.985089][ T5074] ? ptrace_notify+0xfe/0x140
[ 57.989776][ T5074] do_syscall_64+0x39/0xb0
[ 57.994207][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 58.000105][ T5074] RIP: 0033:0x7f19f649aeb9
[ 58.004524][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 58.024136][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 58.032558][ T5074] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f19f649aeb9
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 58.040534][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 58.048511][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 58.056486][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 58.064460][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 58.072452][ T5074]
[ 58.078688][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 58.090121][ T5074] CPU: 1 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 58.100561][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 58.110623][ T5074] Call Trace:
[ 58.113906][ T5074]
[ 58.116842][ T5074] dump_stack_lvl+0xd1/0x138
[ 58.121430][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 58.127440][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 58.132988][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 58.138882][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 58.143731][ T5074] dccp_write_xmit+0x171/0x1d0
[ 58.148494][ T5074] dccp_sendmsg+0xaee/0xd30
[ 58.153015][ T5074] ? dccp_done+0x100/0x100
[ 58.157424][ T5074] ? aa_af_perm+0x240/0x240
[ 58.161926][ T5074] ? __import_iovec+0x1fb/0x610
[ 58.166797][ T5074] inet_sendmsg+0x9d/0xe0
[ 58.171123][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 58.176241][ T5074] sock_sendmsg+0xd3/0x120
[ 58.180660][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 58.185440][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 58.190845][ T5074] ? kernel_sendmsg+0x50/0x50
[ 58.195547][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 58.201564][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 58.206266][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 58.210883][ T5074] ? lock_release+0x810/0x810
[ 58.215578][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 58.220784][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 58.225822][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 58.230769][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 58.235809][ T5074] ? __fget_light+0x20a/0x270
[ 58.240504][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 58.245021][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 58.250056][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 58.254932][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 58.260136][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 58.265347][ T5074] ? ptrace_notify+0xfe/0x140
[ 58.270038][ T5074] do_syscall_64+0x39/0xb0
[ 58.274474][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 58.280375][ T5074] RIP: 0033:0x7f19f649aeb9
[ 58.284853][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 58.304484][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 58.312902][ T5074] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f19f649aeb9
[ 58.320874][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 58.328858][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 58.336828][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 58.344888][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 58.352877][ T5074]
[ 58.359055][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 58.370422][ T5074] CPU: 1 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 58.381032][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 58.391086][ T5074] Call Trace:
[ 58.394562][ T5074]
[ 58.397505][ T5074] dump_stack_lvl+0xd1/0x138
[ 58.402195][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 58.408195][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 58.413676][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 58.419682][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 58.424549][ T5074] dccp_write_xmit+0x171/0x1d0
[ 58.429317][ T5074] dccp_sendmsg+0xaee/0xd30
[ 58.433850][ T5074] ? dccp_done+0x100/0x100
[ 58.438286][ T5074] ? aa_af_perm+0x240/0x240
[ 58.442786][ T5074] ? __import_iovec+0x1fb/0x610
[ 58.447633][ T5074] inet_sendmsg+0x9d/0xe0
[ 58.451960][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 58.457155][ T5074] sock_sendmsg+0xd3/0x120
[ 58.461564][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 58.466329][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 58.471712][ T5074] ? kernel_sendmsg+0x50/0x50
[ 58.476424][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 58.482425][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 58.487113][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 58.491724][ T5074] ? lock_release+0x810/0x810
[ 58.496418][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 58.501643][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 58.506683][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 58.511641][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 58.516692][ T5074] ? __fget_light+0x20a/0x270
[ 58.521390][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 58.525917][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 58.530974][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 58.535874][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 58.541089][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 58.546308][ T5074] ? ptrace_notify+0xfe/0x140
[ 58.551007][ T5074] do_syscall_64+0x39/0xb0
[ 58.555444][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 58.561350][ T5074] RIP: 0033:0x7f19f649aeb9
[ 58.565785][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 58.585420][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 58.593843][ T5074] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f19f649aeb9
[ 58.601819][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 58.609810][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 58.617793][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 58.625776][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 58.633772][ T5074]
[ 58.638279][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 58.649539][ T5074] CPU: 1 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 58.659953][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 58.670008][ T5074] Call Trace:
[ 58.673298][ T5074]
[ 58.676262][ T5074] dump_stack_lvl+0xd1/0x138
[ 58.680887][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 58.686922][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 58.692399][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 58.698328][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 58.703183][ T5074] dccp_write_xmit+0x171/0x1d0
[ 58.707951][ T5074] dccp_sendmsg+0xaee/0xd30
[ 58.712460][ T5074] ? dccp_done+0x100/0x100
[ 58.716876][ T5074] ? aa_af_perm+0x240/0x240
[ 58.721396][ T5074] ? __import_iovec+0x1fb/0x610
[ 58.726281][ T5074] inet_sendmsg+0x9d/0xe0
[ 58.730607][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 58.735719][ T5074] sock_sendmsg+0xd3/0x120
[ 58.740136][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 58.744898][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 58.750268][ T5074] ? kernel_sendmsg+0x50/0x50
[ 58.754964][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 58.760975][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 58.765660][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 58.770280][ T5074] ? lock_release+0x810/0x810
[ 58.775014][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 58.780230][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 58.785262][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 58.790194][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 58.795234][ T5074] ? __fget_light+0x20a/0x270
[ 58.799965][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 58.804500][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 58.809526][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 58.814389][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 58.819596][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 58.824817][ T5074] ? ptrace_notify+0xfe/0x140
[ 58.829509][ T5074] do_syscall_64+0x39/0xb0
[ 58.833962][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 58.839860][ T5074] RIP: 0033:0x7f19f649aeb9
[ 58.844267][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 58.863874][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 58.872315][ T5074] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f19f649aeb9
[ 58.880305][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 58.888297][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 58.896283][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 58.904271][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 58.912248][ T5074]
[ 58.918999][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 58.932247][ T5074] CPU: 1 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 58.943248][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 58.953315][ T5074] Call Trace:
[ 58.956593][ T5074]
[ 58.959519][ T5074] dump_stack_lvl+0xd1/0x138
[ 58.964125][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 58.970134][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 58.975590][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 58.981484][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 58.986348][ T5074] dccp_write_xmit+0x171/0x1d0
[ 58.991136][ T5074] dccp_sendmsg+0xaee/0xd30
[ 58.995646][ T5074] ? dccp_done+0x100/0x100
[ 59.000072][ T5074] ? aa_af_perm+0x240/0x240
[ 59.004598][ T5074] ? __import_iovec+0x1fb/0x610
[ 59.009451][ T5074] inet_sendmsg+0x9d/0xe0
[ 59.013775][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 59.018880][ T5074] sock_sendmsg+0xd3/0x120
[ 59.023295][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 59.028067][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 59.033471][ T5074] ? kernel_sendmsg+0x50/0x50
[ 59.038168][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 59.044154][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 59.048843][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 59.053460][ T5074] ? lock_release+0x810/0x810
[ 59.058139][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 59.063360][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 59.068392][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 59.073344][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 59.078376][ T5074] ? __fget_light+0x20a/0x270
[ 59.083052][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 59.087555][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 59.092576][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 59.097439][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 59.102651][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 59.107843][ T5074] ? ptrace_notify+0xfe/0x140
[ 59.112517][ T5074] do_syscall_64+0x39/0xb0
[ 59.116951][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 59.122858][ T5074] RIP: 0033:0x7f19f649aeb9
[ 59.127267][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 59.146871][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 59.155287][ T5074] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f19f649aeb9
[ 59.163262][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 59.171241][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 59.179230][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 59.187194][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 59.195193][ T5074]
[ 59.201938][ T5074] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 59.213370][ T5074] CPU: 0 PID: 5074 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 59.223817][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 59.233868][ T5074] Call Trace:
[ 59.237155][ T5074]
[ 59.240083][ T5074] dump_stack_lvl+0xd1/0x138
[ 59.244679][ T5074] ccid3_update_send_interval.cold+0x87/0x93
[ 59.250681][ T5074] ccid3_hc_tx_packet_sent+0x132/0x160
[ 59.256160][ T5074] ? ccid3_update_send_interval+0x120/0x120
[ 59.262068][ T5074] dccp_xmit_packet+0x2f2/0x750
[ 59.266943][ T5074] dccp_write_xmit+0x171/0x1d0
[ 59.271708][ T5074] dccp_sendmsg+0xaee/0xd30
[ 59.276230][ T5074] ? dccp_done+0x100/0x100
[ 59.280662][ T5074] ? aa_af_perm+0x240/0x240
[ 59.285166][ T5074] ? __import_iovec+0x1fb/0x610
[ 59.290031][ T5074] inet_sendmsg+0x9d/0xe0
[ 59.294386][ T5074] ? inet_send_prepare+0x4e0/0x4e0
[ 59.299517][ T5074] sock_sendmsg+0xd3/0x120
[ 59.304281][ T5074] ____sys_sendmsg+0x712/0x8c0
[ 59.309045][ T5074] ? copy_msghdr_from_user+0xfc/0x150
[ 59.314427][ T5074] ? kernel_sendmsg+0x50/0x50
[ 59.319125][ T5074] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 59.325130][ T5074] ___sys_sendmsg+0x110/0x1b0
[ 59.329822][ T5074] ? do_recvmmsg+0x6e0/0x6e0
[ 59.334441][ T5074] ? lock_release+0x810/0x810
[ 59.339132][ T5074] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 59.344340][ T5074] ? do_raw_spin_lock+0x124/0x2b0
[ 59.349370][ T5074] ? rwlock_bug.part.0+0x90/0x90
[ 59.354314][ T5074] ? _raw_spin_lock_irq+0x45/0x50
[ 59.359361][ T5074] ? __fget_light+0x20a/0x270
[ 59.364053][ T5074] __sys_sendmsg+0xf7/0x1c0
[ 59.368568][ T5074] ? __sys_sendmsg_sock+0x40/0x40
[ 59.373604][ T5074] ? lock_downgrade+0x6e0/0x6e0
[ 59.378480][ T5074] ? lockdep_hardirqs_on+0x7d/0x100
[ 59.383700][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50
[ 59.388923][ T5074] ? ptrace_notify+0xfe/0x140
[ 59.393630][ T5074] do_syscall_64+0x39/0xb0
[ 59.398081][ T5074] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 59.403983][ T5074] RIP: 0033:0x7f19f649aeb9
[ 59.408403][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 59.428015][ T5074] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 59.436433][ T5074] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f19f649aeb9
[ 59.444407][ T5074] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5074] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5074] exit_group(0) = ?
[pid 5074] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5074, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5075 attached
, child_tidptr=0x5555571f15d0) = 5075
[pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5075] setpgid(0, 0) = 0
[pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5075] write(3, "1000", 4) = 4
[pid 5075] close(3) = 0
[pid 5075] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid 5075] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 5075] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid 5075] listen(3, 6) = 0
[pid 5075] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid 5075] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[ 59.452379][ T5074] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 59.460353][ T5074] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 59.468324][ T5074] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 59.476327][ T5074]
[pid 5075] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 59.496862][ T5075] dccp_xmit_packet: Payload too large (65475) for featneg.
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 59.550562][ T5075] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 59.561766][ T5075] CPU: 1 PID: 5075 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 59.572178][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 59.582246][ T5075] Call Trace:
[ 59.585535][ T5075]
[ 59.588462][ T5075] dump_stack_lvl+0xd1/0x138
[ 59.593053][ T5075] ccid3_update_send_interval.cold+0x87/0x93
[ 59.599047][ T5075] ccid3_hc_tx_packet_sent+0x132/0x160
[ 59.604521][ T5075] ? ccid3_update_send_interval+0x120/0x120
[ 59.610453][ T5075] dccp_xmit_packet+0x2f2/0x750
[ 59.615314][ T5075] dccp_write_xmit+0x171/0x1d0
[ 59.620091][ T5075] dccp_sendmsg+0xaee/0xd30
[ 59.624629][ T5075] ? dccp_done+0x100/0x100
[ 59.629056][ T5075] ? aa_af_perm+0x240/0x240
[ 59.633595][ T5075] ? __import_iovec+0x1fb/0x610
[ 59.638459][ T5075] inet_sendmsg+0x9d/0xe0
[ 59.642794][ T5075] ? inet_send_prepare+0x4e0/0x4e0
[ 59.647912][ T5075] sock_sendmsg+0xd3/0x120
[ 59.652341][ T5075] ____sys_sendmsg+0x712/0x8c0
[ 59.657112][ T5075] ? copy_msghdr_from_user+0xfc/0x150
[ 59.662493][ T5075] ? kernel_sendmsg+0x50/0x50
[ 59.667186][ T5075] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 59.673187][ T5075] ___sys_sendmsg+0x110/0x1b0
[ 59.677876][ T5075] ? do_recvmmsg+0x6e0/0x6e0
[ 59.682493][ T5075] ? lock_release+0x810/0x810
[ 59.687184][ T5075] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 59.692390][ T5075] ? do_raw_spin_lock+0x124/0x2b0
[ 59.697424][ T5075] ? rwlock_bug.part.0+0x90/0x90
[ 59.702383][ T5075] ? _raw_spin_lock_irq+0x45/0x50
[ 59.707436][ T5075] ? __fget_light+0x20a/0x270
[ 59.712137][ T5075] __sys_sendmsg+0xf7/0x1c0
[ 59.716664][ T5075] ? __sys_sendmsg_sock+0x40/0x40
[ 59.721708][ T5075] ? lock_downgrade+0x6e0/0x6e0
[ 59.726592][ T5075] ? lockdep_hardirqs_on+0x7d/0x100
[ 59.731800][ T5075] ? _raw_spin_unlock_irq+0x2e/0x50
[ 59.737006][ T5075] ? ptrace_notify+0xfe/0x140
[ 59.741708][ T5075] do_syscall_64+0x39/0xb0
[ 59.746150][ T5075] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 59.752065][ T5075] RIP: 0033:0x7f19f649aeb9
[ 59.756495][ T5075] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 59.776112][ T5075] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 59.784532][ T5075] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007f19f649aeb9
[ 59.792505][ T5075] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 59.800482][ T5075] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 59.808464][ T5075] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 59.816440][ T5075] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 59.824431][ T5075]
[ 59.829949][ T5075] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 59.841191][ T5075] CPU: 0 PID: 5075 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 59.851628][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 59.861701][ T5075] Call Trace:
[ 59.864976][ T5075]
[ 59.867900][ T5075] dump_stack_lvl+0xd1/0x138
[ 59.872492][ T5075] ccid3_update_send_interval.cold+0x87/0x93
[ 59.878489][ T5075] ccid3_hc_tx_packet_sent+0x132/0x160
[ 59.883968][ T5075] ? ccid3_update_send_interval+0x120/0x120
[ 59.889861][ T5075] dccp_xmit_packet+0x2f2/0x750
[ 59.894721][ T5075] dccp_write_xmit+0x171/0x1d0
[ 59.899486][ T5075] dccp_sendmsg+0xaee/0xd30
[ 59.903989][ T5075] ? dccp_done+0x100/0x100
[ 59.908415][ T5075] ? aa_af_perm+0x240/0x240
[ 59.912941][ T5075] ? __import_iovec+0x1fb/0x610
[ 59.917792][ T5075] inet_sendmsg+0x9d/0xe0
[ 59.922123][ T5075] ? inet_send_prepare+0x4e0/0x4e0
[ 59.927270][ T5075] sock_sendmsg+0xd3/0x120
[ 59.931687][ T5075] ____sys_sendmsg+0x712/0x8c0
[ 59.936457][ T5075] ? copy_msghdr_from_user+0xfc/0x150
[ 59.941837][ T5075] ? kernel_sendmsg+0x50/0x50
[ 59.946534][ T5075] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 59.952519][ T5075] ___sys_sendmsg+0x110/0x1b0
[ 59.957207][ T5075] ? do_recvmmsg+0x6e0/0x6e0
[ 59.961817][ T5075] ? lock_release+0x810/0x810
[ 59.966494][ T5075] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 59.971692][ T5075] ? do_raw_spin_lock+0x124/0x2b0
[ 59.976723][ T5075] ? rwlock_bug.part.0+0x90/0x90
[ 59.981658][ T5075] ? _raw_spin_lock_irq+0x45/0x50
[ 59.986689][ T5075] ? __fget_light+0x20a/0x270
[ 59.991369][ T5075] __sys_sendmsg+0xf7/0x1c0
[ 59.995882][ T5075] ? __sys_sendmsg_sock+0x40/0x40
[ 60.000926][ T5075] ? lock_downgrade+0x6e0/0x6e0
[ 60.005800][ T5075] ? lockdep_hardirqs_on+0x7d/0x100
[ 60.011009][ T5075] ? _raw_spin_unlock_irq+0x2e/0x50
[ 60.016204][ T5075] ? ptrace_notify+0xfe/0x140
[ 60.020892][ T5075] do_syscall_64+0x39/0xb0
[ 60.025340][ T5075] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.031243][ T5075] RIP: 0033:0x7f19f649aeb9
[ 60.035652][ T5075] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 60.055260][ T5075] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 60.063673][ T5075] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f19f649aeb9
[ 60.071642][ T5075] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 60.079625][ T5075] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 60.087620][ T5075] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 60.095611][ T5075] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 60.103588][ T5075]
[ 60.110608][ T5075] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 60.121812][ T5075] CPU: 0 PID: 5075 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 60.132227][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 60.142275][ T5075] Call Trace:
[ 60.145546][ T5075]
[ 60.148488][ T5075] dump_stack_lvl+0xd1/0x138
[ 60.153101][ T5075] ccid3_update_send_interval.cold+0x87/0x93
[ 60.159127][ T5075] ccid3_hc_tx_packet_sent+0x132/0x160
[ 60.164589][ T5075] ? ccid3_update_send_interval+0x120/0x120
[ 60.170488][ T5075] dccp_xmit_packet+0x2f2/0x750
[ 60.175339][ T5075] dccp_write_xmit+0x171/0x1d0
[ 60.180122][ T5075] dccp_sendmsg+0xaee/0xd30
[ 60.184643][ T5075] ? dccp_done+0x100/0x100
[ 60.189080][ T5075] ? aa_af_perm+0x240/0x240
[ 60.193582][ T5075] ? __import_iovec+0x1fb/0x610
[ 60.198451][ T5075] inet_sendmsg+0x9d/0xe0
[ 60.202812][ T5075] ? inet_send_prepare+0x4e0/0x4e0
[ 60.207956][ T5075] sock_sendmsg+0xd3/0x120
[ 60.212382][ T5075] ____sys_sendmsg+0x712/0x8c0
[ 60.217163][ T5075] ? copy_msghdr_from_user+0xfc/0x150
[ 60.222530][ T5075] ? kernel_sendmsg+0x50/0x50
[ 60.227211][ T5075] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 60.233211][ T5075] ___sys_sendmsg+0x110/0x1b0
[ 60.237915][ T5075] ? do_recvmmsg+0x6e0/0x6e0
[ 60.242507][ T5075] ? lock_release+0x810/0x810
[ 60.247196][ T5075] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 60.252406][ T5075] ? do_raw_spin_lock+0x124/0x2b0
[ 60.257425][ T5075] ? rwlock_bug.part.0+0x90/0x90
[ 60.262364][ T5075] ? _raw_spin_lock_irq+0x45/0x50
[ 60.267407][ T5075] ? __fget_light+0x20a/0x270
[ 60.272098][ T5075] __sys_sendmsg+0xf7/0x1c0
[ 60.276629][ T5075] ? __sys_sendmsg_sock+0x40/0x40
[ 60.281657][ T5075] ? lock_downgrade+0x6e0/0x6e0
[ 60.286517][ T5075] ? lockdep_hardirqs_on+0x7d/0x100
[ 60.291719][ T5075] ? _raw_spin_unlock_irq+0x2e/0x50
[ 60.296931][ T5075] ? ptrace_notify+0xfe/0x140
[ 60.301615][ T5075] do_syscall_64+0x39/0xb0
[ 60.306035][ T5075] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.311923][ T5075] RIP: 0033:0x7f19f649aeb9
[ 60.316332][ T5075] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 60.335938][ T5075] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 60.344356][ T5075] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f19f649aeb9
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 60.352330][ T5075] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 60.360310][ T5075] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 60.368295][ T5075] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 60.376265][ T5075] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 60.384266][ T5075]
[ 60.391408][ T5075] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 60.402663][ T5075] CPU: 0 PID: 5075 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 60.413093][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 60.423157][ T5075] Call Trace:
[ 60.426445][ T5075]
[ 60.429369][ T5075] dump_stack_lvl+0xd1/0x138
[ 60.433966][ T5075] ccid3_update_send_interval.cold+0x87/0x93
[ 60.439962][ T5075] ccid3_hc_tx_packet_sent+0x132/0x160
[ 60.445454][ T5075] ? ccid3_update_send_interval+0x120/0x120
[ 60.451369][ T5075] dccp_xmit_packet+0x2f2/0x750
[ 60.456222][ T5075] dccp_write_xmit+0x171/0x1d0
[ 60.460997][ T5075] dccp_sendmsg+0xaee/0xd30
[ 60.465521][ T5075] ? dccp_done+0x100/0x100
[ 60.469936][ T5075] ? aa_af_perm+0x240/0x240
[ 60.474440][ T5075] ? __import_iovec+0x1fb/0x610
[ 60.479290][ T5075] inet_sendmsg+0x9d/0xe0
[ 60.483615][ T5075] ? inet_send_prepare+0x4e0/0x4e0
[ 60.488731][ T5075] sock_sendmsg+0xd3/0x120
[ 60.493171][ T5075] ____sys_sendmsg+0x712/0x8c0
[ 60.497932][ T5075] ? copy_msghdr_from_user+0xfc/0x150
[ 60.503302][ T5075] ? kernel_sendmsg+0x50/0x50
[ 60.507981][ T5075] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 60.513978][ T5075] ___sys_sendmsg+0x110/0x1b0
[ 60.518676][ T5075] ? do_recvmmsg+0x6e0/0x6e0
[ 60.523272][ T5075] ? lock_release+0x810/0x810
[ 60.527972][ T5075] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 60.533179][ T5075] ? do_raw_spin_lock+0x124/0x2b0
[ 60.538204][ T5075] ? rwlock_bug.part.0+0x90/0x90
[ 60.543142][ T5075] ? _raw_spin_lock_irq+0x45/0x50
[ 60.548176][ T5075] ? __fget_light+0x20a/0x270
[ 60.552859][ T5075] __sys_sendmsg+0xf7/0x1c0
[ 60.557377][ T5075] ? __sys_sendmsg_sock+0x40/0x40
[ 60.562424][ T5075] ? lock_downgrade+0x6e0/0x6e0
[ 60.567303][ T5075] ? lockdep_hardirqs_on+0x7d/0x100
[ 60.572516][ T5075] ? _raw_spin_unlock_irq+0x2e/0x50
[ 60.577747][ T5075] ? ptrace_notify+0xfe/0x140
[ 60.582439][ T5075] do_syscall_64+0x39/0xb0
[ 60.586880][ T5075] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.592770][ T5075] RIP: 0033:0x7f19f649aeb9
[ 60.597180][ T5075] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 60.616786][ T5075] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 60.625199][ T5075] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007f19f649aeb9
[ 60.633165][ T5075] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 60.641130][ T5075] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 60.649111][ T5075] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 60.657096][ T5075] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 60.665083][ T5075]
[ 60.672095][ T5075] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 60.683310][ T5075] CPU: 0 PID: 5075 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 60.693748][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 60.703808][ T5075] Call Trace:
[ 60.707135][ T5075]
[ 60.710080][ T5075] dump_stack_lvl+0xd1/0x138
[ 60.714674][ T5075] ccid3_update_send_interval.cold+0x87/0x93
[ 60.720663][ T5075] ccid3_hc_tx_packet_sent+0x132/0x160
[ 60.726125][ T5075] ? ccid3_update_send_interval+0x120/0x120
[ 60.732029][ T5075] dccp_xmit_packet+0x2f2/0x750
[ 60.736898][ T5075] dccp_write_xmit+0x171/0x1d0
[ 60.741665][ T5075] dccp_sendmsg+0xaee/0xd30
[ 60.746175][ T5075] ? dccp_done+0x100/0x100
[ 60.750601][ T5075] ? aa_af_perm+0x240/0x240
[ 60.755150][ T5075] ? __import_iovec+0x1fb/0x610
[ 60.760005][ T5075] inet_sendmsg+0x9d/0xe0
[ 60.764332][ T5075] ? inet_send_prepare+0x4e0/0x4e0
[ 60.769450][ T5075] sock_sendmsg+0xd3/0x120
[ 60.773865][ T5075] ____sys_sendmsg+0x712/0x8c0
[ 60.778642][ T5075] ? copy_msghdr_from_user+0xfc/0x150
[ 60.784025][ T5075] ? kernel_sendmsg+0x50/0x50
[ 60.788721][ T5075] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 60.794743][ T5075] ___sys_sendmsg+0x110/0x1b0
[ 60.799432][ T5075] ? do_recvmmsg+0x6e0/0x6e0
[ 60.804049][ T5075] ? lock_release+0x810/0x810
[ 60.808732][ T5075] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 60.813939][ T5075] ? do_raw_spin_lock+0x124/0x2b0
[ 60.818975][ T5075] ? rwlock_bug.part.0+0x90/0x90
[ 60.823934][ T5075] ? _raw_spin_lock_irq+0x45/0x50
[ 60.828964][ T5075] ? __fget_light+0x20a/0x270
[ 60.833641][ T5075] __sys_sendmsg+0xf7/0x1c0
[ 60.838153][ T5075] ? __sys_sendmsg_sock+0x40/0x40
[ 60.843197][ T5075] ? lock_downgrade+0x6e0/0x6e0
[ 60.848077][ T5075] ? lockdep_hardirqs_on+0x7d/0x100
[ 60.853287][ T5075] ? _raw_spin_unlock_irq+0x2e/0x50
[ 60.858479][ T5075] ? ptrace_notify+0xfe/0x140
[ 60.863165][ T5075] do_syscall_64+0x39/0xb0
[ 60.867618][ T5075] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.873526][ T5075] RIP: 0033:0x7f19f649aeb9
[ 60.877931][ T5075] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 60.897531][ T5075] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 60.905941][ T5075] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f19f649aeb9
[ 60.913919][ T5075] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 60.921895][ T5075] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 60.929874][ T5075] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 60.937860][ T5075] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 60.945837][ T5075]
[ 60.952591][ T5075] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 60.963791][ T5075] CPU: 0 PID: 5075 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 60.974218][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 60.984789][ T5075] Call Trace:
[ 60.988063][ T5075]
[ 60.990995][ T5075] dump_stack_lvl+0xd1/0x138
[ 60.995600][ T5075] ccid3_update_send_interval.cold+0x87/0x93
[ 61.001606][ T5075] ccid3_hc_tx_packet_sent+0x132/0x160
[ 61.007062][ T5075] ? ccid3_update_send_interval+0x120/0x120
[ 61.012960][ T5075] dccp_xmit_packet+0x2f2/0x750
[ 61.017824][ T5075] dccp_write_xmit+0x171/0x1d0
[ 61.022607][ T5075] dccp_sendmsg+0xaee/0xd30
[ 61.027108][ T5075] ? dccp_done+0x100/0x100
[ 61.031545][ T5075] ? aa_af_perm+0x240/0x240
[ 61.036080][ T5075] ? __import_iovec+0x1fb/0x610
[ 61.040937][ T5075] inet_sendmsg+0x9d/0xe0
[ 61.045265][ T5075] ? inet_send_prepare+0x4e0/0x4e0
[ 61.050375][ T5075] sock_sendmsg+0xd3/0x120
[ 61.054811][ T5075] ____sys_sendmsg+0x712/0x8c0
[ 61.059582][ T5075] ? copy_msghdr_from_user+0xfc/0x150
[ 61.064976][ T5075] ? kernel_sendmsg+0x50/0x50
[ 61.069672][ T5075] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 61.075659][ T5075] ___sys_sendmsg+0x110/0x1b0
[ 61.080353][ T5075] ? do_recvmmsg+0x6e0/0x6e0
[ 61.084970][ T5075] ? lock_release+0x810/0x810
[ 61.089646][ T5075] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 61.094841][ T5075] ? do_raw_spin_lock+0x124/0x2b0
[ 61.099874][ T5075] ? rwlock_bug.part.0+0x90/0x90
[ 61.104823][ T5075] ? _raw_spin_lock_irq+0x45/0x50
[ 61.109857][ T5075] ? __fget_light+0x20a/0x270
[ 61.114535][ T5075] __sys_sendmsg+0xf7/0x1c0
[ 61.119037][ T5075] ? __sys_sendmsg_sock+0x40/0x40
[ 61.124063][ T5075] ? lock_downgrade+0x6e0/0x6e0
[ 61.128923][ T5075] ? lockdep_hardirqs_on+0x7d/0x100
[ 61.134118][ T5075] ? _raw_spin_unlock_irq+0x2e/0x50
[ 61.139364][ T5075] ? ptrace_notify+0xfe/0x140
[ 61.144042][ T5075] do_syscall_64+0x39/0xb0
[ 61.148466][ T5075] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 61.154388][ T5075] RIP: 0033:0x7f19f649aeb9
[ 61.158808][ T5075] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 61.178414][ T5075] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 61.186822][ T5075] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f19f649aeb9
[ 61.194790][ T5075] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 61.202769][ T5075] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 61.210755][ T5075] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 61.218720][ T5075] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 61.226744][ T5075]
[ 61.233823][ T5075] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 61.245103][ T5075] CPU: 0 PID: 5075 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 61.255535][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 61.265602][ T5075] Call Trace:
[ 61.268887][ T5075]
[ 61.271810][ T5075] dump_stack_lvl+0xd1/0x138
[ 61.276402][ T5075] ccid3_update_send_interval.cold+0x87/0x93
[ 61.282392][ T5075] ccid3_hc_tx_packet_sent+0x132/0x160
[ 61.287869][ T5075] ? ccid3_update_send_interval+0x120/0x120
[ 61.293776][ T5075] dccp_xmit_packet+0x2f2/0x750
[ 61.298649][ T5075] dccp_write_xmit+0x171/0x1d0
[ 61.303431][ T5075] dccp_sendmsg+0xaee/0xd30
[ 61.307964][ T5075] ? dccp_done+0x100/0x100
[ 61.312384][ T5075] ? aa_af_perm+0x240/0x240
[ 61.316886][ T5075] ? __import_iovec+0x1fb/0x610
[ 61.321756][ T5075] inet_sendmsg+0x9d/0xe0
[ 61.326100][ T5075] ? inet_send_prepare+0x4e0/0x4e0
[ 61.331214][ T5075] sock_sendmsg+0xd3/0x120
[ 61.335663][ T5075] ____sys_sendmsg+0x712/0x8c0
[ 61.340447][ T5075] ? copy_msghdr_from_user+0xfc/0x150
[ 61.345817][ T5075] ? kernel_sendmsg+0x50/0x50
[ 61.350499][ T5075] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 61.356496][ T5075] ___sys_sendmsg+0x110/0x1b0
[ 61.361199][ T5075] ? do_recvmmsg+0x6e0/0x6e0
[ 61.365794][ T5075] ? lock_release+0x810/0x810
[ 61.370480][ T5075] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 61.375695][ T5075] ? do_raw_spin_lock+0x124/0x2b0
[ 61.380714][ T5075] ? rwlock_bug.part.0+0x90/0x90
[ 61.385656][ T5075] ? _raw_spin_lock_irq+0x45/0x50
[ 61.390708][ T5075] ? __fget_light+0x20a/0x270
[ 61.395403][ T5075] __sys_sendmsg+0xf7/0x1c0
[ 61.399929][ T5075] ? __sys_sendmsg_sock+0x40/0x40
[ 61.404954][ T5075] ? lock_downgrade+0x6e0/0x6e0
[ 61.409811][ T5075] ? lockdep_hardirqs_on+0x7d/0x100
[ 61.415014][ T5075] ? _raw_spin_unlock_irq+0x2e/0x50
[ 61.420234][ T5075] ? ptrace_notify+0xfe/0x140
[ 61.424910][ T5075] do_syscall_64+0x39/0xb0
[ 61.429327][ T5075] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 61.435241][ T5075] RIP: 0033:0x7f19f649aeb9
[ 61.439652][ T5075] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 61.459264][ T5075] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 61.467709][ T5075] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007f19f649aeb9
[ 61.475696][ T5075] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 61.483665][ T5075] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 61.491641][ T5075] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 61.499620][ T5075] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 61.507619][ T5075]
[ 61.514325][ T5075] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 61.525592][ T5075] CPU: 1 PID: 5075 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 61.536002][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 61.546065][ T5075] Call Trace:
[ 61.549356][ T5075]
[ 61.552291][ T5075] dump_stack_lvl+0xd1/0x138
[ 61.556885][ T5075] ccid3_update_send_interval.cold+0x87/0x93
[ 61.562884][ T5075] ccid3_hc_tx_packet_sent+0x132/0x160
[ 61.568379][ T5075] ? ccid3_update_send_interval+0x120/0x120
[ 61.574300][ T5075] dccp_xmit_packet+0x2f2/0x750
[ 61.579185][ T5075] dccp_write_xmit+0x171/0x1d0
[ 61.583968][ T5075] dccp_sendmsg+0xaee/0xd30
[ 61.588485][ T5075] ? dccp_done+0x100/0x100
[ 61.592898][ T5075] ? aa_af_perm+0x240/0x240
[ 61.597403][ T5075] ? __import_iovec+0x1fb/0x610
[ 61.602263][ T5075] inet_sendmsg+0x9d/0xe0
[ 61.606589][ T5075] ? inet_send_prepare+0x4e0/0x4e0
[ 61.611703][ T5075] sock_sendmsg+0xd3/0x120
[ 61.616123][ T5075] ____sys_sendmsg+0x712/0x8c0
[ 61.620889][ T5075] ? copy_msghdr_from_user+0xfc/0x150
[ 61.626260][ T5075] ? kernel_sendmsg+0x50/0x50
[ 61.630955][ T5075] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 61.636978][ T5075] ___sys_sendmsg+0x110/0x1b0
[ 61.641671][ T5075] ? do_recvmmsg+0x6e0/0x6e0
[ 61.646288][ T5075] ? lock_release+0x810/0x810
[ 61.650983][ T5075] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 61.656188][ T5075] ? do_raw_spin_lock+0x124/0x2b0
[ 61.661255][ T5075] ? rwlock_bug.part.0+0x90/0x90
[ 61.666216][ T5075] ? _raw_spin_lock_irq+0x45/0x50
[ 61.671253][ T5075] ? __fget_light+0x20a/0x270
[ 61.675943][ T5075] __sys_sendmsg+0xf7/0x1c0
[ 61.680460][ T5075] ? __sys_sendmsg_sock+0x40/0x40
[ 61.685520][ T5075] ? lock_downgrade+0x6e0/0x6e0
[ 61.690405][ T5075] ? lockdep_hardirqs_on+0x7d/0x100
[ 61.695611][ T5075] ? _raw_spin_unlock_irq+0x2e/0x50
[ 61.700825][ T5075] ? ptrace_notify+0xfe/0x140
[ 61.705598][ T5075] do_syscall_64+0x39/0xb0
[ 61.710033][ T5075] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 61.715931][ T5075] RIP: 0033:0x7f19f649aeb9
[ 61.720350][ T5075] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 61.739962][ T5075] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 61.748381][ T5075] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f19f649aeb9
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 61.756358][ T5075] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 61.764329][ T5075] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 61.772309][ T5075] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 61.780282][ T5075] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 61.788282][ T5075]
[ 61.792208][ T5075] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 61.803535][ T5075] CPU: 1 PID: 5075 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 61.813973][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 61.824025][ T5075] Call Trace:
[ 61.827297][ T5075]
[ 61.830232][ T5075] dump_stack_lvl+0xd1/0x138
[ 61.834846][ T5075] ccid3_update_send_interval.cold+0x87/0x93
[ 61.840843][ T5075] ccid3_hc_tx_packet_sent+0x132/0x160
[ 61.846325][ T5075] ? ccid3_update_send_interval+0x120/0x120
[ 61.852224][ T5075] dccp_xmit_packet+0x2f2/0x750
[ 61.857101][ T5075] dccp_write_xmit+0x171/0x1d0
[ 61.861864][ T5075] dccp_sendmsg+0xaee/0xd30
[ 61.866369][ T5075] ? dccp_done+0x100/0x100
[ 61.870805][ T5075] ? aa_af_perm+0x240/0x240
[ 61.875327][ T5075] ? __import_iovec+0x1fb/0x610
[ 61.880182][ T5075] inet_sendmsg+0x9d/0xe0
[ 61.884521][ T5075] ? inet_send_prepare+0x4e0/0x4e0
[ 61.889649][ T5075] sock_sendmsg+0xd3/0x120
[ 61.894062][ T5075] ____sys_sendmsg+0x712/0x8c0
[ 61.898823][ T5075] ? copy_msghdr_from_user+0xfc/0x150
[ 61.904199][ T5075] ? kernel_sendmsg+0x50/0x50
[ 61.908894][ T5075] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 61.914896][ T5075] ___sys_sendmsg+0x110/0x1b0
[ 61.919587][ T5075] ? do_recvmmsg+0x6e0/0x6e0
[ 61.924201][ T5075] ? lock_release+0x810/0x810
[ 61.928892][ T5075] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 61.934097][ T5075] ? do_raw_spin_lock+0x124/0x2b0
[ 61.939131][ T5075] ? rwlock_bug.part.0+0x90/0x90
[ 61.944073][ T5075] ? _raw_spin_lock_irq+0x45/0x50
[ 61.949112][ T5075] ? __fget_light+0x20a/0x270
[ 61.953805][ T5075] __sys_sendmsg+0xf7/0x1c0
[ 61.958320][ T5075] ? __sys_sendmsg_sock+0x40/0x40
[ 61.963356][ T5075] ? lock_downgrade+0x6e0/0x6e0
[ 61.968235][ T5075] ? lockdep_hardirqs_on+0x7d/0x100
[ 61.973441][ T5075] ? _raw_spin_unlock_irq+0x2e/0x50
[ 61.978646][ T5075] ? ptrace_notify+0xfe/0x140
[ 61.983335][ T5075] do_syscall_64+0x39/0xb0
[ 61.987761][ T5075] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 61.993663][ T5075] RIP: 0033:0x7f19f649aeb9
[ 61.998088][ T5075] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 62.017702][ T5075] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 62.026125][ T5075] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f19f649aeb9
[ 62.034100][ T5075] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 62.042074][ T5075] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 62.050049][ T5075] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 62.058031][ T5075] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 62.066025][ T5075]
[ 62.069801][ T5075] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 62.081109][ T5075] CPU: 1 PID: 5075 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 62.091538][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 62.101587][ T5075] Call Trace:
[ 62.104864][ T5075]
[ 62.107790][ T5075] dump_stack_lvl+0xd1/0x138
[ 62.112379][ T5075] ccid3_update_send_interval.cold+0x87/0x93
[ 62.118380][ T5075] ccid3_hc_tx_packet_sent+0x132/0x160
[ 62.123883][ T5075] ? ccid3_update_send_interval+0x120/0x120
[ 62.129817][ T5075] dccp_xmit_packet+0x2f2/0x750
[ 62.134688][ T5075] dccp_write_xmit+0x171/0x1d0
[ 62.139451][ T5075] dccp_sendmsg+0xaee/0xd30
[ 62.143972][ T5075] ? dccp_done+0x100/0x100
[ 62.148402][ T5075] ? aa_af_perm+0x240/0x240
[ 62.152906][ T5075] ? __import_iovec+0x1fb/0x610
[ 62.157771][ T5075] inet_sendmsg+0x9d/0xe0
[ 62.162132][ T5075] ? inet_send_prepare+0x4e0/0x4e0
[ 62.167258][ T5075] sock_sendmsg+0xd3/0x120
[ 62.171683][ T5075] ____sys_sendmsg+0x712/0x8c0
[ 62.176466][ T5075] ? copy_msghdr_from_user+0xfc/0x150
[ 62.181837][ T5075] ? kernel_sendmsg+0x50/0x50
[ 62.186525][ T5075] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 62.192530][ T5075] ___sys_sendmsg+0x110/0x1b0
[ 62.197224][ T5075] ? do_recvmmsg+0x6e0/0x6e0
[ 62.201836][ T5075] ? lock_release+0x810/0x810
[ 62.206526][ T5075] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 62.211731][ T5075] ? do_raw_spin_lock+0x124/0x2b0
[ 62.216759][ T5075] ? rwlock_bug.part.0+0x90/0x90
[ 62.221699][ T5075] ? _raw_spin_lock_irq+0x45/0x50
[ 62.226734][ T5075] ? __fget_light+0x20a/0x270
[ 62.231424][ T5075] __sys_sendmsg+0xf7/0x1c0
[ 62.235939][ T5075] ? __sys_sendmsg_sock+0x40/0x40
[ 62.240972][ T5075] ? lock_downgrade+0x6e0/0x6e0
[ 62.245845][ T5075] ? lockdep_hardirqs_on+0x7d/0x100
[ 62.251054][ T5075] ? _raw_spin_unlock_irq+0x2e/0x50
[ 62.256265][ T5075] ? ptrace_notify+0xfe/0x140
[ 62.260952][ T5075] do_syscall_64+0x39/0xb0
[ 62.265379][ T5075] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 62.271298][ T5075] RIP: 0033:0x7f19f649aeb9
[ 62.275735][ T5075] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 62.295350][ T5075] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 62.303771][ T5075] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f19f649aeb9
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 62.311746][ T5075] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 62.319738][ T5075] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[ 62.327720][ T5075] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 62.335711][ T5075] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 62.343708][ T5075]
[ 62.348859][ T5075] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 62.360324][ T5075] CPU: 0 PID: 5075 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 62.370734][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 62.380780][ T5075] Call Trace:
[ 62.384054][ T5075]
[ 62.386982][ T5075] dump_stack_lvl+0xd1/0x138
[ 62.391591][ T5075] ccid3_update_send_interval.cold+0x87/0x93
[ 62.397594][ T5075] ccid3_hc_tx_packet_sent+0x132/0x160
[ 62.403062][ T5075] ? ccid3_update_send_interval+0x120/0x120
[ 62.408971][ T5075] dccp_xmit_packet+0x2f2/0x750
[ 62.413838][ T5075] dccp_write_xmit+0x171/0x1d0
[ 62.418625][ T5075] dccp_sendmsg+0xaee/0xd30
[ 62.423150][ T5075] ? dccp_done+0x100/0x100
[ 62.427580][ T5075] ? aa_af_perm+0x240/0x240
[ 62.432087][ T5075] ? __import_iovec+0x1fb/0x610
[ 62.436942][ T5075] inet_sendmsg+0x9d/0xe0
[ 62.441270][ T5075] ? inet_send_prepare+0x4e0/0x4e0
[ 62.446388][ T5075] sock_sendmsg+0xd3/0x120
[ 62.450821][ T5075] ____sys_sendmsg+0x712/0x8c0
[ 62.455591][ T5075] ? copy_msghdr_from_user+0xfc/0x150
[ 62.460966][ T5075] ? kernel_sendmsg+0x50/0x50
[ 62.465654][ T5075] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 62.471662][ T5075] ___sys_sendmsg+0x110/0x1b0
[ 62.476355][ T5075] ? do_recvmmsg+0x6e0/0x6e0
[ 62.480968][ T5075] ? lock_release+0x810/0x810
[ 62.485663][ T5075] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 62.490869][ T5075] ? do_raw_spin_lock+0x124/0x2b0
[ 62.495898][ T5075] ? rwlock_bug.part.0+0x90/0x90
[ 62.500840][ T5075] ? _raw_spin_lock_irq+0x45/0x50
[ 62.505877][ T5075] ? __fget_light+0x20a/0x270
[ 62.510573][ T5075] __sys_sendmsg+0xf7/0x1c0
[ 62.515088][ T5075] ? __sys_sendmsg_sock+0x40/0x40
[ 62.520124][ T5075] ? lock_downgrade+0x6e0/0x6e0
[ 62.524999][ T5075] ? lockdep_hardirqs_on+0x7d/0x100
[ 62.530214][ T5075] ? _raw_spin_unlock_irq+0x2e/0x50
[ 62.535422][ T5075] ? ptrace_notify+0xfe/0x140
[ 62.540110][ T5075] do_syscall_64+0x39/0xb0
[ 62.544539][ T5075] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 62.550440][ T5075] RIP: 0033:0x7f19f649aeb9
[ 62.554864][ T5075] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 62.574474][ T5075] RSP: 002b:00007ffd97f52a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 62.582899][ T5075] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f19f649aeb9
[ 62.590873][ T5075] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 62.598872][ T5075] RBP: 0000000000000000 R08: 00007ffd97f52bc8 R09: 00007ffd97f52bc8
[pid 5075] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 62.606850][ T5075] R10: 00007ffd97f52bc8 R11: 0000000000000246 R12: 00007ffd97f52a3c
[ 62.614822][ T5075] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 62.622811][ T5075]
[ 62.628370][ T5075] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 62.639717][ T5075] CPU: 1 PID: 5075 Comm: syz-executor283 Not tainted 6.2.0-rc8-syzkaller-00151-g925cf0457d7e #0
[ 62.650185][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023
[ 62.660267][ T5075] Call Trace:
[ 62.663563][ T5075]
[ 62.666491][ T5075] dump_stack_lvl+0xd1/0x138
[ 62.671084][ T5075] ccid3_update_send_interval.cold+0x87/0x93
[ 62.677077][ T5075] ccid3_hc_tx_packet_sent+0x132/0x160
[ 62.682541][ T5075] ? ccid3_update_send_interval+0x120/0x120
[ 62.688445][ T5075] dccp_xmit_packet+0x2f2/0x750
[ 62.693320][ T5075] dccp_write_xmit+0x171/0x1d0
[ 62.698108][ T5075] dccp_sendmsg+0xaee/0xd30
[ 62.702614][ T5075] ? dccp_done+0x100/0x100
[ 62.707025][ T5075] ? aa_af_perm+0x240/0x240