./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4243342042
<...>
DUID 00:04:a1:af:59:a1:d1:b4:3c:07:ca:f1:84:99:36:26:44:c7
forked to background, child pid 4665
[ 21.150741][ T4666] 8021q: adding VLAN 0 to HW filter on device bond0
[ 21.164056][ T4666] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.170' (ECDSA) to the list of known hosts.
execve("./syz-executor4243342042", ["./syz-executor4243342042"], 0x7fffe765a3f0 /* 10 vars */) = 0
brk(NULL) = 0x555557083000
brk(0x555557083c40) = 0x555557083c40
arch_prctl(ARCH_SET_FS, 0x555557083300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor4243342042", 4096) = 28
brk(0x5555570a4c40) = 0x5555570a4c40
brk(0x5555570a5000) = 0x5555570a5000
mprotect(0x7f18e5b93000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4997 attached
, child_tidptr=0x5555570835d0) = 4997
[pid 4997] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 4997] setpgid(0, 0) = 0
[pid 4997] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 4997] write(3, "1000", 4) = 4
[pid 4997] close(3) = 0
[pid 4997] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid 4997] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 4997] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid 4997] listen(3, 6) = 0
[pid 4997] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid 4997] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid 4997] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
syzkaller login: [ 41.104720][ T4997] dccp_xmit_packet: Payload too large (65475) for featneg.
[ 41.145573][ T4997] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 41.157011][ T4997] CPU: 1 PID: 4997 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 41.167418][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 41.177479][ T4997] Call Trace:
[ 41.180777][ T4997]
[ 41.183707][ T4997] dump_stack_lvl+0x136/0x150
[ 41.188411][ T4997] ccid3_update_send_interval+0x187/0x1c0
[ 41.194155][ T4997] ccid3_hc_tx_packet_sent+0x132/0x190
[ 41.199653][ T4997] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 41.205562][ T4997] dccp_xmit_packet+0x2f2/0x760
[ 41.210432][ T4997] dccp_write_xmit+0x171/0x1d0
[ 41.215213][ T4997] dccp_sendmsg+0xa3b/0xbf0
[ 41.219728][ T4997] ? dccp_done+0x100/0x100
[ 41.224156][ T4997] ? aa_af_perm+0x240/0x240
[ 41.228699][ T4997] ? import_ubuf+0x1fd/0x270
[ 41.233326][ T4997] inet_sendmsg+0x9d/0xe0
[ 41.237670][ T4997] ? inet_send_prepare+0x530/0x530
[ 41.242861][ T4997] sock_sendmsg+0xde/0x190
[ 41.247327][ T4997] ____sys_sendmsg+0x71c/0x900
[ 41.252098][ T4997] ? copy_msghdr_from_user+0xfc/0x150
[ 41.257475][ T4997] ? kernel_sendmsg+0x50/0x50
[ 41.262177][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 41.268196][ T4997] ___sys_sendmsg+0x110/0x1b0
[ 41.272885][ T4997] ? do_recvmmsg+0x6f0/0x6f0
[ 41.277506][ T4997] ? lock_sync+0x190/0x190
[ 41.281956][ T4997] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 41.287169][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 41.292203][ T4997] ? spin_bug+0x1c0/0x1c0
[ 41.296539][ T4997] ? _raw_spin_lock_irq+0x45/0x50
[ 41.301577][ T4997] ? __fget_light+0x20a/0x270
[ 41.306340][ T4997] __sys_sendmsg+0xf7/0x1c0
[ 41.310864][ T4997] ? __sys_sendmsg_sock+0x40/0x40
[ 41.315908][ T4997] ? lock_downgrade+0x690/0x690
[ 41.320795][ T4997] ? lockdep_hardirqs_on+0x7d/0x100
[ 41.326028][ T4997] ? _raw_spin_unlock_irq+0x2e/0x50
[ 41.331275][ T4997] ? ptrace_notify+0xfe/0x140
[ 41.336000][ T4997] do_syscall_64+0x39/0xb0
[ 41.340457][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 41.346357][ T4997] RIP: 0033:0x7f18e5b25eb9
[ 41.350788][ T4997] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 41.370396][ T4997] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 41.378811][ T4997] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f18e5b25eb9
[ 41.386782][ T4997] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 41.394755][ T4997] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 41.402748][ T4997] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007f18e5ae9740
[ 41.410742][ T4997] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 41.418810][ T4997]
[ 41.425112][ T4997] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 41.436415][ T4997] CPU: 0 PID: 4997 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 41.446851][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 41.456922][ T4997] Call Trace:
[ 41.460208][ T4997]
[ 41.463139][ T4997] dump_stack_lvl+0x136/0x150
[ 41.467850][ T4997] ccid3_update_send_interval+0x187/0x1c0
[ 41.473622][ T4997] ccid3_hc_tx_packet_sent+0x132/0x190
[ 41.479090][ T4997] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 41.484992][ T4997] dccp_xmit_packet+0x2f2/0x760
[ 41.489867][ T4997] dccp_write_xmit+0x171/0x1d0
[ 41.494667][ T4997] dccp_sendmsg+0xa3b/0xbf0
[ 41.499191][ T4997] ? dccp_done+0x100/0x100
[ 41.503616][ T4997] ? aa_af_perm+0x240/0x240
[ 41.508135][ T4997] ? import_ubuf+0x1fd/0x270
[ 41.512755][ T4997] inet_sendmsg+0x9d/0xe0
[ 41.517089][ T4997] ? inet_send_prepare+0x530/0x530
[ 41.522232][ T4997] sock_sendmsg+0xde/0x190
[ 41.526679][ T4997] ____sys_sendmsg+0x71c/0x900
[ 41.531447][ T4997] ? copy_msghdr_from_user+0xfc/0x150
[ 41.536825][ T4997] ? kernel_sendmsg+0x50/0x50
[ 41.541519][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 41.547516][ T4997] ___sys_sendmsg+0x110/0x1b0
[ 41.552198][ T4997] ? do_recvmmsg+0x6f0/0x6f0
[ 41.556817][ T4997] ? lock_sync+0x190/0x190
[ 41.561249][ T4997] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 41.566452][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 41.571506][ T4997] ? spin_bug+0x1c0/0x1c0
[ 41.575842][ T4997] ? _raw_spin_lock_irq+0x45/0x50
[ 41.580886][ T4997] ? __fget_light+0x20a/0x270
[ 41.585574][ T4997] __sys_sendmsg+0xf7/0x1c0
[ 41.590087][ T4997] ? __sys_sendmsg_sock+0x40/0x40
[ 41.595131][ T4997] ? lock_downgrade+0x690/0x690
[ 41.599996][ T4997] ? lockdep_hardirqs_on+0x7d/0x100
[ 41.605192][ T4997] ? _raw_spin_unlock_irq+0x2e/0x50
[ 41.610389][ T4997] ? ptrace_notify+0xfe/0x140
[ 41.615093][ T4997] do_syscall_64+0x39/0xb0
[ 41.619524][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 41.625418][ T4997] RIP: 0033:0x7f18e5b25eb9
[ 41.629820][ T4997] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 41.649418][ T4997] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 41.657821][ T4997] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f18e5b25eb9
[ 41.665780][ T4997] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 41.673738][ T4997] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 41.681695][ T4997] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007f18e5ae9740
[ 41.689656][ T4997] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 41.697633][ T4997]
[ 41.705505][ T4997] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 41.716861][ T4997] CPU: 0 PID: 4997 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 41.727366][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 41.737420][ T4997] Call Trace:
[ 41.740688][ T4997]
[ 41.743614][ T4997] dump_stack_lvl+0x136/0x150
[ 41.748313][ T4997] ccid3_update_send_interval+0x187/0x1c0
[ 41.754037][ T4997] ccid3_hc_tx_packet_sent+0x132/0x190
[ 41.759491][ T4997] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 41.765380][ T4997] dccp_xmit_packet+0x2f2/0x760
[ 41.770240][ T4997] dccp_write_xmit+0x171/0x1d0
[ 41.775029][ T4997] dccp_sendmsg+0xa3b/0xbf0
[ 41.779520][ T4997] ? dccp_done+0x100/0x100
[ 41.783920][ T4997] ? aa_af_perm+0x240/0x240
[ 41.788408][ T4997] ? import_ubuf+0x1fd/0x270
[ 41.792994][ T4997] inet_sendmsg+0x9d/0xe0
[ 41.797309][ T4997] ? inet_send_prepare+0x530/0x530
[ 41.802406][ T4997] sock_sendmsg+0xde/0x190
[ 41.806808][ T4997] ____sys_sendmsg+0x71c/0x900
[ 41.811558][ T4997] ? copy_msghdr_from_user+0xfc/0x150
[ 41.816915][ T4997] ? kernel_sendmsg+0x50/0x50
[ 41.821593][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 41.827592][ T4997] ___sys_sendmsg+0x110/0x1b0
[ 41.832260][ T4997] ? do_recvmmsg+0x6f0/0x6f0
[ 41.836850][ T4997] ? lock_sync+0x190/0x190
[ 41.841257][ T4997] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 41.846444][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 41.851459][ T4997] ? spin_bug+0x1c0/0x1c0
[ 41.855782][ T4997] ? _raw_spin_lock_irq+0x45/0x50
[ 41.861329][ T4997] ? __fget_light+0x20a/0x270
[ 41.866011][ T4997] __sys_sendmsg+0xf7/0x1c0
[ 41.870503][ T4997] ? __sys_sendmsg_sock+0x40/0x40
[ 41.875518][ T4997] ? lock_downgrade+0x690/0x690
[ 41.880370][ T4997] ? lockdep_hardirqs_on+0x7d/0x100
[ 41.885558][ T4997] ? _raw_spin_unlock_irq+0x2e/0x50
[ 41.890837][ T4997] ? ptrace_notify+0xfe/0x140
[ 41.895507][ T4997] do_syscall_64+0x39/0xb0
[ 41.899928][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 41.905818][ T4997] RIP: 0033:0x7f18e5b25eb9
[ 41.910224][ T4997] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 41.929825][ T4997] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 41.938234][ T4997] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007f18e5b25eb9
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 41.946222][ T4997] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 41.954201][ T4997] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 41.962179][ T4997] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007f18e5ae9740
[ 41.970151][ T4997] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 41.978138][ T4997]
[ 41.982159][ T4997] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 41.993403][ T4997] CPU: 1 PID: 4997 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 42.003840][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 42.013901][ T4997] Call Trace:
[ 42.017178][ T4997]
[ 42.020125][ T4997] dump_stack_lvl+0x136/0x150
[ 42.024840][ T4997] ccid3_update_send_interval+0x187/0x1c0
[ 42.030591][ T4997] ccid3_hc_tx_packet_sent+0x132/0x190
[ 42.036070][ T4997] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 42.041978][ T4997] dccp_xmit_packet+0x2f2/0x760
[ 42.046853][ T4997] dccp_write_xmit+0x171/0x1d0
[ 42.051624][ T4997] dccp_sendmsg+0xa3b/0xbf0
[ 42.056138][ T4997] ? dccp_done+0x100/0x100
[ 42.060562][ T4997] ? aa_af_perm+0x240/0x240
[ 42.065066][ T4997] ? import_ubuf+0x1fd/0x270
[ 42.069675][ T4997] inet_sendmsg+0x9d/0xe0
[ 42.074012][ T4997] ? inet_send_prepare+0x530/0x530
[ 42.079127][ T4997] sock_sendmsg+0xde/0x190
[ 42.083551][ T4997] ____sys_sendmsg+0x71c/0x900
[ 42.088326][ T4997] ? copy_msghdr_from_user+0xfc/0x150
[ 42.093705][ T4997] ? kernel_sendmsg+0x50/0x50
[ 42.098390][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 42.104381][ T4997] ___sys_sendmsg+0x110/0x1b0
[ 42.109081][ T4997] ? do_recvmmsg+0x6f0/0x6f0
[ 42.113686][ T4997] ? lock_sync+0x190/0x190
[ 42.118113][ T4997] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 42.123322][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 42.128353][ T4997] ? spin_bug+0x1c0/0x1c0
[ 42.132704][ T4997] ? _raw_spin_lock_irq+0x45/0x50
[ 42.137756][ T4997] ? __fget_light+0x20a/0x270
[ 42.142472][ T4997] __sys_sendmsg+0xf7/0x1c0
[ 42.146984][ T4997] ? __sys_sendmsg_sock+0x40/0x40
[ 42.152016][ T4997] ? lock_downgrade+0x690/0x690
[ 42.156908][ T4997] ? lockdep_hardirqs_on+0x7d/0x100
[ 42.162165][ T4997] ? _raw_spin_unlock_irq+0x2e/0x50
[ 42.167381][ T4997] ? ptrace_notify+0xfe/0x140
[ 42.172072][ T4997] do_syscall_64+0x39/0xb0
[ 42.176503][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 42.182415][ T4997] RIP: 0033:0x7f18e5b25eb9
[ 42.186840][ T4997] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 42.206442][ T4997] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 42.214857][ T4997] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f18e5b25eb9
[ 42.222866][ T4997] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 42.230843][ T4997] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 42.238851][ T4997] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007f18e5ae9740
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 42.246843][ T4997] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 42.254907][ T4997]
[ 42.259155][ T4997] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 42.270327][ T4997] CPU: 1 PID: 4997 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 42.280737][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 42.290794][ T4997] Call Trace:
[ 42.294079][ T4997]
[ 42.297017][ T4997] dump_stack_lvl+0x136/0x150
[ 42.301708][ T4997] ccid3_update_send_interval+0x187/0x1c0
[ 42.307440][ T4997] ccid3_hc_tx_packet_sent+0x132/0x190
[ 42.312922][ T4997] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 42.318851][ T4997] dccp_xmit_packet+0x2f2/0x760
[ 42.323715][ T4997] dccp_write_xmit+0x171/0x1d0
[ 42.328506][ T4997] dccp_sendmsg+0xa3b/0xbf0
[ 42.333035][ T4997] ? dccp_done+0x100/0x100
[ 42.337478][ T4997] ? aa_af_perm+0x240/0x240
[ 42.342004][ T4997] ? import_ubuf+0x1fd/0x270
[ 42.346605][ T4997] inet_sendmsg+0x9d/0xe0
[ 42.350942][ T4997] ? inet_send_prepare+0x530/0x530
[ 42.356061][ T4997] sock_sendmsg+0xde/0x190
[ 42.360496][ T4997] ____sys_sendmsg+0x71c/0x900
[ 42.365283][ T4997] ? copy_msghdr_from_user+0xfc/0x150
[ 42.370683][ T4997] ? kernel_sendmsg+0x50/0x50
[ 42.375391][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 42.381381][ T4997] ___sys_sendmsg+0x110/0x1b0
[ 42.386074][ T4997] ? do_recvmmsg+0x6f0/0x6f0
[ 42.390787][ T4997] ? lock_sync+0x190/0x190
[ 42.395209][ T4997] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 42.400414][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 42.405433][ T4997] ? spin_bug+0x1c0/0x1c0
[ 42.409752][ T4997] ? _raw_spin_lock_irq+0x45/0x50
[ 42.414764][ T4997] ? __fget_light+0x20a/0x270
[ 42.419433][ T4997] __sys_sendmsg+0xf7/0x1c0
[ 42.423925][ T4997] ? __sys_sendmsg_sock+0x40/0x40
[ 42.428953][ T4997] ? lock_downgrade+0x690/0x690
[ 42.433797][ T4997] ? lockdep_hardirqs_on+0x7d/0x100
[ 42.438981][ T4997] ? _raw_spin_unlock_irq+0x2e/0x50
[ 42.444165][ T4997] ? ptrace_notify+0xfe/0x140
[ 42.448828][ T4997] do_syscall_64+0x39/0xb0
[ 42.453231][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 42.459112][ T4997] RIP: 0033:0x7f18e5b25eb9
[ 42.463513][ T4997] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 42.483110][ T4997] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 42.491505][ T4997] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f18e5b25eb9
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 42.499474][ T4997] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 42.507446][ T4997] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 42.515396][ T4997] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007f18e5ae9740
[ 42.523360][ T4997] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 42.531336][ T4997]
[ 42.536208][ T4997] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 42.547573][ T4997] CPU: 0 PID: 4997 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 42.557996][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 42.568047][ T4997] Call Trace:
[ 42.571315][ T4997]
[ 42.574230][ T4997] dump_stack_lvl+0x136/0x150
[ 42.578897][ T4997] ccid3_update_send_interval+0x187/0x1c0
[ 42.584608][ T4997] ccid3_hc_tx_packet_sent+0x132/0x190
[ 42.590054][ T4997] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 42.595935][ T4997] dccp_xmit_packet+0x2f2/0x760
[ 42.601122][ T4997] dccp_write_xmit+0x171/0x1d0
[ 42.605881][ T4997] dccp_sendmsg+0xa3b/0xbf0
[ 42.610396][ T4997] ? dccp_done+0x100/0x100
[ 42.614811][ T4997] ? aa_af_perm+0x240/0x240
[ 42.619315][ T4997] ? import_ubuf+0x1fd/0x270
[ 42.623903][ T4997] inet_sendmsg+0x9d/0xe0
[ 42.628235][ T4997] ? inet_send_prepare+0x530/0x530
[ 42.633325][ T4997] sock_sendmsg+0xde/0x190
[ 42.637725][ T4997] ____sys_sendmsg+0x71c/0x900
[ 42.642473][ T4997] ? copy_msghdr_from_user+0xfc/0x150
[ 42.647834][ T4997] ? kernel_sendmsg+0x50/0x50
[ 42.652498][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 42.658473][ T4997] ___sys_sendmsg+0x110/0x1b0
[ 42.663150][ T4997] ? do_recvmmsg+0x6f0/0x6f0
[ 42.667737][ T4997] ? lock_sync+0x190/0x190
[ 42.672150][ T4997] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 42.677340][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 42.682397][ T4997] ? spin_bug+0x1c0/0x1c0
[ 42.686739][ T4997] ? _raw_spin_lock_irq+0x45/0x50
[ 42.691759][ T4997] ? __fget_light+0x20a/0x270
[ 42.696441][ T4997] __sys_sendmsg+0xf7/0x1c0
[ 42.701282][ T4997] ? __sys_sendmsg_sock+0x40/0x40
[ 42.706298][ T4997] ? lock_downgrade+0x690/0x690
[ 42.711241][ T4997] ? lockdep_hardirqs_on+0x7d/0x100
[ 42.716434][ T4997] ? _raw_spin_unlock_irq+0x2e/0x50
[ 42.721632][ T4997] ? ptrace_notify+0xfe/0x140
[ 42.726311][ T4997] do_syscall_64+0x39/0xb0
[ 42.730737][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 42.736629][ T4997] RIP: 0033:0x7f18e5b25eb9
[ 42.741039][ T4997] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 42.760776][ T4997] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 42.769304][ T4997] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007f18e5b25eb9
[ 42.777279][ T4997] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 42.785248][ T4997] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 42.793226][ T4997] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007f18e5ae9740
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 42.801207][ T4997] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 42.809194][ T4997]
[ 42.813662][ T4997] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 42.825054][ T4997] CPU: 1 PID: 4997 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 42.835536][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 42.845630][ T4997] Call Trace:
[ 42.848959][ T4997]
[ 42.851889][ T4997] dump_stack_lvl+0x136/0x150
[ 42.856606][ T4997] ccid3_update_send_interval+0x187/0x1c0
[ 42.862354][ T4997] ccid3_hc_tx_packet_sent+0x132/0x190
[ 42.867857][ T4997] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 42.873766][ T4997] dccp_xmit_packet+0x2f2/0x760
[ 42.878631][ T4997] dccp_write_xmit+0x171/0x1d0
[ 42.885422][ T4997] dccp_sendmsg+0xa3b/0xbf0
[ 42.890752][ T4997] ? dccp_done+0x100/0x100
[ 42.895181][ T4997] ? aa_af_perm+0x240/0x240
[ 42.899692][ T4997] ? import_ubuf+0x1fd/0x270
[ 42.904291][ T4997] inet_sendmsg+0x9d/0xe0
[ 42.908639][ T4997] ? inet_send_prepare+0x530/0x530
[ 42.913777][ T4997] sock_sendmsg+0xde/0x190
[ 42.918222][ T4997] ____sys_sendmsg+0x71c/0x900
[ 42.922999][ T4997] ? copy_msghdr_from_user+0xfc/0x150
[ 42.928379][ T4997] ? kernel_sendmsg+0x50/0x50
[ 42.933066][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 42.939044][ T4997] ___sys_sendmsg+0x110/0x1b0
[ 42.943710][ T4997] ? do_recvmmsg+0x6f0/0x6f0
[ 42.948311][ T4997] ? lock_sync+0x190/0x190
[ 42.952745][ T4997] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 42.957935][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 42.962971][ T4997] ? spin_bug+0x1c0/0x1c0
[ 42.967410][ T4997] ? _raw_spin_lock_irq+0x45/0x50
[ 42.972433][ T4997] ? __fget_light+0x20a/0x270
[ 42.977110][ T4997] __sys_sendmsg+0xf7/0x1c0
[ 42.981613][ T4997] ? __sys_sendmsg_sock+0x40/0x40
[ 42.986636][ T4997] ? lock_downgrade+0x690/0x690
[ 42.991484][ T4997] ? lockdep_hardirqs_on+0x7d/0x100
[ 42.997541][ T4997] ? _raw_spin_unlock_irq+0x2e/0x50
[ 43.002745][ T4997] ? ptrace_notify+0xfe/0x140
[ 43.007450][ T4997] do_syscall_64+0x39/0xb0
[ 43.011889][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 43.017785][ T4997] RIP: 0033:0x7f18e5b25eb9
[ 43.022187][ T4997] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 43.041786][ T4997] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 43.050210][ T4997] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f18e5b25eb9
[ 43.058168][ T4997] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 43.066124][ T4997] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 43.074080][ T4997] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007f18e5ae9740
[ 43.082038][ T4997] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 43.090039][ T4997]
[ 43.095030][ T4997] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 43.106149][ T4997] CPU: 1 PID: 4997 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 43.116541][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 43.126576][ T4997] Call Trace:
[ 43.129838][ T4997]
[ 43.132788][ T4997] dump_stack_lvl+0x136/0x150
[ 43.137469][ T4997] ccid3_update_send_interval+0x187/0x1c0
[ 43.143180][ T4997] ccid3_hc_tx_packet_sent+0x132/0x190
[ 43.148630][ T4997] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 43.154531][ T4997] dccp_xmit_packet+0x2f2/0x760
[ 43.159397][ T4997] dccp_write_xmit+0x171/0x1d0
[ 43.164152][ T4997] dccp_sendmsg+0xa3b/0xbf0
[ 43.168672][ T4997] ? dccp_done+0x100/0x100
[ 43.173104][ T4997] ? aa_af_perm+0x240/0x240
[ 43.177590][ T4997] ? import_ubuf+0x1fd/0x270
[ 43.182173][ T4997] inet_sendmsg+0x9d/0xe0
[ 43.186489][ T4997] ? inet_send_prepare+0x530/0x530
[ 43.191583][ T4997] sock_sendmsg+0xde/0x190
[ 43.196002][ T4997] ____sys_sendmsg+0x71c/0x900
[ 43.200780][ T4997] ? copy_msghdr_from_user+0xfc/0x150
[ 43.206267][ T4997] ? kernel_sendmsg+0x50/0x50
[ 43.210934][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 43.216904][ T4997] ___sys_sendmsg+0x110/0x1b0
[ 43.221587][ T4997] ? do_recvmmsg+0x6f0/0x6f0
[ 43.226375][ T4997] ? lock_sync+0x190/0x190
[ 43.230786][ T4997] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 43.235989][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 43.241050][ T4997] ? spin_bug+0x1c0/0x1c0
[ 43.245403][ T4997] ? _raw_spin_lock_irq+0x45/0x50
[ 43.250415][ T4997] ? __fget_light+0x20a/0x270
[ 43.255097][ T4997] __sys_sendmsg+0xf7/0x1c0
[ 43.259607][ T4997] ? __sys_sendmsg_sock+0x40/0x40
[ 43.264619][ T4997] ? lock_downgrade+0x690/0x690
[ 43.269480][ T4997] ? lockdep_hardirqs_on+0x7d/0x100
[ 43.274668][ T4997] ? _raw_spin_unlock_irq+0x2e/0x50
[ 43.279850][ T4997] ? ptrace_notify+0xfe/0x140
[ 43.284527][ T4997] do_syscall_64+0x39/0xb0
[ 43.288934][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 43.294835][ T4997] RIP: 0033:0x7f18e5b25eb9
[ 43.299231][ T4997] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 43.318821][ T4997] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 43.327220][ T4997] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f18e5b25eb9
[ 43.335202][ T4997] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 43.343174][ T4997] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 43.351130][ T4997] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007f18e5ae9740
[ 43.359082][ T4997] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 43.367043][ T4997]
[ 43.372498][ T4997] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 43.383622][ T4997] CPU: 1 PID: 4997 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 43.394009][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 43.404045][ T4997] Call Trace:
[ 43.407306][ T4997]
[ 43.410232][ T4997] dump_stack_lvl+0x136/0x150
[ 43.414923][ T4997] ccid3_update_send_interval+0x187/0x1c0
[ 43.420634][ T4997] ccid3_hc_tx_packet_sent+0x132/0x190
[ 43.426078][ T4997] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 43.431969][ T4997] dccp_xmit_packet+0x2f2/0x760
[ 43.436832][ T4997] dccp_write_xmit+0x171/0x1d0
[ 43.441581][ T4997] dccp_sendmsg+0xa3b/0xbf0
[ 43.446081][ T4997] ? dccp_done+0x100/0x100
[ 43.450498][ T4997] ? aa_af_perm+0x240/0x240
[ 43.454997][ T4997] ? import_ubuf+0x1fd/0x270
[ 43.459595][ T4997] inet_sendmsg+0x9d/0xe0
[ 43.463921][ T4997] ? inet_send_prepare+0x530/0x530
[ 43.469050][ T4997] sock_sendmsg+0xde/0x190
[ 43.473472][ T4997] ____sys_sendmsg+0x71c/0x900
[ 43.478220][ T4997] ? copy_msghdr_from_user+0xfc/0x150
[ 43.483576][ T4997] ? kernel_sendmsg+0x50/0x50
[ 43.488258][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 43.494257][ T4997] ___sys_sendmsg+0x110/0x1b0
[ 43.498922][ T4997] ? do_recvmmsg+0x6f0/0x6f0
[ 43.503504][ T4997] ? lock_sync+0x190/0x190
[ 43.507906][ T4997] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 43.513105][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 43.518116][ T4997] ? spin_bug+0x1c0/0x1c0
[ 43.522431][ T4997] ? _raw_spin_lock_irq+0x45/0x50
[ 43.527452][ T4997] ? __fget_light+0x20a/0x270
[ 43.532122][ T4997] __sys_sendmsg+0xf7/0x1c0
[ 43.536611][ T4997] ? __sys_sendmsg_sock+0x40/0x40
[ 43.541620][ T4997] ? lock_downgrade+0x690/0x690
[ 43.546463][ T4997] ? lockdep_hardirqs_on+0x7d/0x100
[ 43.551652][ T4997] ? _raw_spin_unlock_irq+0x2e/0x50
[ 43.556832][ T4997] ? ptrace_notify+0xfe/0x140
[ 43.561495][ T4997] do_syscall_64+0x39/0xb0
[ 43.565899][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 43.571778][ T4997] RIP: 0033:0x7f18e5b25eb9
[ 43.576173][ T4997] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 43.595768][ T4997] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 43.604275][ T4997] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f18e5b25eb9
[ 43.612323][ T4997] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 43.620625][ T4997] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 43.628592][ T4997] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007f18e5ae9740
[ 43.636568][ T4997] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 43.644526][ T4997]
[ 43.649880][ T4997] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 43.661035][ T4997] CPU: 1 PID: 4997 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 43.671428][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 43.681462][ T4997] Call Trace:
[ 43.684722][ T4997]
[ 43.687636][ T4997] dump_stack_lvl+0x136/0x150
[ 43.692307][ T4997] ccid3_update_send_interval+0x187/0x1c0
[ 43.698014][ T4997] ccid3_hc_tx_packet_sent+0x132/0x190
[ 43.703462][ T4997] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 43.709345][ T4997] dccp_xmit_packet+0x2f2/0x760
[ 43.714191][ T4997] dccp_write_xmit+0x171/0x1d0
[ 43.718963][ T4997] dccp_sendmsg+0xa3b/0xbf0
[ 43.723452][ T4997] ? dccp_done+0x100/0x100
[ 43.727856][ T4997] ? aa_af_perm+0x240/0x240
[ 43.732340][ T4997] ? import_ubuf+0x1fd/0x270
[ 43.736917][ T4997] inet_sendmsg+0x9d/0xe0
[ 43.741231][ T4997] ? inet_send_prepare+0x530/0x530
[ 43.746321][ T4997] sock_sendmsg+0xde/0x190
[ 43.750721][ T4997] ____sys_sendmsg+0x71c/0x900
[ 43.755469][ T4997] ? copy_msghdr_from_user+0xfc/0x150
[ 43.760830][ T4997] ? kernel_sendmsg+0x50/0x50
[ 43.765512][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 43.771512][ T4997] ___sys_sendmsg+0x110/0x1b0
[ 43.776175][ T4997] ? do_recvmmsg+0x6f0/0x6f0
[ 43.780759][ T4997] ? lock_sync+0x190/0x190
[ 43.785163][ T4997] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 43.790348][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 43.795357][ T4997] ? spin_bug+0x1c0/0x1c0
[ 43.799670][ T4997] ? _raw_spin_lock_irq+0x45/0x50
[ 43.804684][ T4997] ? __fget_light+0x20a/0x270
[ 43.809371][ T4997] __sys_sendmsg+0xf7/0x1c0
[ 43.813884][ T4997] ? __sys_sendmsg_sock+0x40/0x40
[ 43.818893][ T4997] ? lock_downgrade+0x690/0x690
[ 43.823732][ T4997] ? lockdep_hardirqs_on+0x7d/0x100
[ 43.828915][ T4997] ? _raw_spin_unlock_irq+0x2e/0x50
[ 43.834198][ T4997] ? ptrace_notify+0xfe/0x140
[ 43.838881][ T4997] do_syscall_64+0x39/0xb0
[ 43.843319][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 43.849212][ T4997] RIP: 0033:0x7f18e5b25eb9
[ 43.853664][ T4997] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 43.873253][ T4997] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 43.881661][ T4997] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f18e5b25eb9
[ 43.889636][ T4997] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 43.897590][ T4997] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 43.905544][ T4997] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007f18e5ae9740
[ 43.913497][ T4997] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 43.921481][ T4997]
[ 43.927117][ T4997] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 43.938246][ T4997] CPU: 1 PID: 4997 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 43.948634][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 43.958670][ T4997] Call Trace:
[ 43.961949][ T4997]
[ 43.964882][ T4997] dump_stack_lvl+0x136/0x150
[ 43.969567][ T4997] ccid3_update_send_interval+0x187/0x1c0
[ 43.975312][ T4997] ccid3_hc_tx_packet_sent+0x132/0x190
[ 43.980759][ T4997] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 43.986646][ T4997] dccp_xmit_packet+0x2f2/0x760
[ 43.991524][ T4997] dccp_write_xmit+0x171/0x1d0
[ 43.996326][ T4997] dccp_sendmsg+0xa3b/0xbf0
[ 44.000856][ T4997] ? dccp_done+0x100/0x100
[ 44.005291][ T4997] ? aa_af_perm+0x240/0x240
[ 44.009812][ T4997] ? import_ubuf+0x1fd/0x270
[ 44.014406][ T4997] inet_sendmsg+0x9d/0xe0
[ 44.018778][ T4997] ? inet_send_prepare+0x530/0x530
[ 44.023921][ T4997] sock_sendmsg+0xde/0x190
[ 44.028368][ T4997] ____sys_sendmsg+0x71c/0x900
[ 44.033142][ T4997] ? copy_msghdr_from_user+0xfc/0x150
[ 44.038515][ T4997] ? kernel_sendmsg+0x50/0x50
[ 44.043199][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 44.049218][ T4997] ___sys_sendmsg+0x110/0x1b0
[ 44.053901][ T4997] ? do_recvmmsg+0x6f0/0x6f0
[ 44.058527][ T4997] ? lock_sync+0x190/0x190
[ 44.062982][ T4997] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 44.068192][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 44.073250][ T4997] ? spin_bug+0x1c0/0x1c0
[ 44.077585][ T4997] ? _raw_spin_lock_irq+0x45/0x50
[ 44.082620][ T4997] ? __fget_light+0x20a/0x270
[ 44.087307][ T4997] __sys_sendmsg+0xf7/0x1c0
[ 44.091835][ T4997] ? __sys_sendmsg_sock+0x40/0x40
[ 44.096902][ T4997] ? lock_downgrade+0x690/0x690
[ 44.101783][ T4997] ? lockdep_hardirqs_on+0x7d/0x100
[ 44.106991][ T4997] ? _raw_spin_unlock_irq+0x2e/0x50
[ 44.112200][ T4997] ? ptrace_notify+0xfe/0x140
[ 44.116909][ T4997] do_syscall_64+0x39/0xb0
[ 44.121351][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 44.127275][ T4997] RIP: 0033:0x7f18e5b25eb9
[ 44.131686][ T4997] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 44.151291][ T4997] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 44.159700][ T4997] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f18e5b25eb9
[ 44.167667][ T4997] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 44.175632][ T4997] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 44.183615][ T4997] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007f18e5ae9740
[ 44.191592][ T4997] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 44.199586][ T4997]
[ 44.205138][ T4997] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 44.216360][ T4997] CPU: 1 PID: 4997 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 44.226798][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 44.236875][ T4997] Call Trace:
[ 44.240159][ T4997]
[ 44.243088][ T4997] dump_stack_lvl+0x136/0x150
[ 44.247775][ T4997] ccid3_update_send_interval+0x187/0x1c0
[ 44.253509][ T4997] ccid3_hc_tx_packet_sent+0x132/0x190
[ 44.258987][ T4997] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 44.264922][ T4997] dccp_xmit_packet+0x2f2/0x760
[ 44.269791][ T4997] dccp_write_xmit+0x171/0x1d0
[ 44.274576][ T4997] dccp_sendmsg+0xa3b/0xbf0
[ 44.279085][ T4997] ? dccp_done+0x100/0x100
[ 44.283507][ T4997] ? aa_af_perm+0x240/0x240
[ 44.288011][ T4997] ? import_ubuf+0x1fd/0x270
[ 44.292611][ T4997] inet_sendmsg+0x9d/0xe0
[ 44.296969][ T4997] ? inet_send_prepare+0x530/0x530
[ 44.302089][ T4997] sock_sendmsg+0xde/0x190
[ 44.306514][ T4997] ____sys_sendmsg+0x71c/0x900
[ 44.311297][ T4997] ? copy_msghdr_from_user+0xfc/0x150
[ 44.316700][ T4997] ? kernel_sendmsg+0x50/0x50
[ 44.321377][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 44.327359][ T4997] ___sys_sendmsg+0x110/0x1b0
[ 44.332042][ T4997] ? do_recvmmsg+0x6f0/0x6f0
[ 44.336645][ T4997] ? lock_sync+0x190/0x190
[ 44.341064][ T4997] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 44.346288][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 44.351320][ T4997] ? spin_bug+0x1c0/0x1c0
[ 44.355659][ T4997] ? _raw_spin_lock_irq+0x45/0x50
[ 44.360692][ T4997] ? __fget_light+0x20a/0x270
[ 44.365387][ T4997] __sys_sendmsg+0xf7/0x1c0
[ 44.369989][ T4997] ? __sys_sendmsg_sock+0x40/0x40
[ 44.375056][ T4997] ? lock_downgrade+0x690/0x690
[ 44.379972][ T4997] ? lockdep_hardirqs_on+0x7d/0x100
[ 44.385175][ T4997] ? _raw_spin_unlock_irq+0x2e/0x50
[ 44.390387][ T4997] ? ptrace_notify+0xfe/0x140
[ 44.395092][ T4997] do_syscall_64+0x39/0xb0
[ 44.399527][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 44.405455][ T4997] RIP: 0033:0x7f18e5b25eb9
[ 44.409867][ T4997] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 44.429500][ T4997] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 44.437909][ T4997] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f18e5b25eb9
[ 44.446000][ T4997] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 4997] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4997] exit_group(0) = ?
[pid 4997] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4997, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570835d0) = 4998
./strace-static-x86_64: Process 4998 attached
[pid 4998] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 4998] setpgid(0, 0) = 0
[pid 4998] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 4998] write(3, "1000", 4) = 4
[pid 4998] close(3) = 0
[pid 4998] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid 4998] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 4998] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid 4998] listen(3, 6) = 0
[pid 4998] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid 4998] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid 4998] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 44.453982][ T4997] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 44.461954][ T4997] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007f18e5ae9740
[ 44.469940][ T4997] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 44.477919][ T4997]
[ 44.493784][ T4998] dccp_xmit_packet: Payload too large (65475) for featneg.
[ 44.536170][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 44.547666][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 44.558129][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 44.568267][ T4998] Call Trace:
[ 44.571549][ T4998]
[ 44.574501][ T4998] dump_stack_lvl+0x136/0x150
[ 44.579216][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 44.584951][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 44.590438][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 44.596335][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 44.601192][ T4998] dccp_write_xmit+0x171/0x1d0
[ 44.605958][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 44.610472][ T4998] ? dccp_done+0x100/0x100
[ 44.614894][ T4998] ? aa_af_perm+0x240/0x240
[ 44.619402][ T4998] ? import_ubuf+0x1fd/0x270
[ 44.623998][ T4998] inet_sendmsg+0x9d/0xe0
[ 44.628331][ T4998] ? inet_send_prepare+0x530/0x530
[ 44.633450][ T4998] sock_sendmsg+0xde/0x190
[ 44.637869][ T4998] ____sys_sendmsg+0x71c/0x900
[ 44.642645][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 44.648025][ T4998] ? kernel_sendmsg+0x50/0x50
[ 44.652704][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 44.658695][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 44.663400][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 44.668001][ T4998] ? lock_sync+0x190/0x190
[ 44.672432][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 44.677676][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 44.682754][ T4998] ? spin_bug+0x1c0/0x1c0
[ 44.687127][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 44.692154][ T4998] ? __fget_light+0x20a/0x270
[ 44.696860][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 44.701393][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 44.706424][ T4998] ? lock_downgrade+0x690/0x690
[ 44.711286][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 44.716492][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 44.721697][ T4998] ? ptrace_notify+0xfe/0x140
[ 44.726379][ T4998] do_syscall_64+0x39/0xb0
[ 44.730815][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 44.736736][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 44.741150][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 44.760762][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 44.769179][ T4998] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 00007f18e5b25eb9
[ 44.777168][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 44.785170][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 44.793142][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 44.801109][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 44.809102][ T4998]
[ 44.814525][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 44.825774][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 44.836215][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 44.846284][ T4998] Call Trace:
[ 44.849566][ T4998]
[ 44.852500][ T4998] dump_stack_lvl+0x136/0x150
[ 44.857196][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 44.862930][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 44.868412][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 44.874345][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 44.879211][ T4998] dccp_write_xmit+0x171/0x1d0
[ 44.883988][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 44.888507][ T4998] ? dccp_done+0x100/0x100
[ 44.892946][ T4998] ? aa_af_perm+0x240/0x240
[ 44.897478][ T4998] ? import_ubuf+0x1fd/0x270
[ 44.902084][ T4998] inet_sendmsg+0x9d/0xe0
[ 44.906426][ T4998] ? inet_send_prepare+0x530/0x530
[ 44.911538][ T4998] sock_sendmsg+0xde/0x190
[ 44.915973][ T4998] ____sys_sendmsg+0x71c/0x900
[ 44.920773][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 44.926178][ T4998] ? kernel_sendmsg+0x50/0x50
[ 44.930909][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 44.936921][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 44.941623][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 44.946265][ T4998] ? lock_sync+0x190/0x190
[ 44.950706][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 44.955965][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 44.961053][ T4998] ? spin_bug+0x1c0/0x1c0
[ 44.965427][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 44.970465][ T4998] ? __fget_light+0x20a/0x270
[ 44.975179][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 44.979735][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 44.984775][ T4998] ? lock_downgrade+0x690/0x690
[ 44.989666][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 44.994916][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 45.000157][ T4998] ? ptrace_notify+0xfe/0x140
[ 45.004852][ T4998] do_syscall_64+0x39/0xb0
[ 45.009390][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 45.015428][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 45.019853][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 45.039467][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 45.047892][ T4998] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 00007f18e5b25eb9
[ 45.055866][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 45.063870][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 45.071843][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 45.079834][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 45.087849][ T4998]
[ 45.093461][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 45.104686][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 45.115121][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 45.125214][ T4998] Call Trace:
[ 45.128495][ T4998]
[ 45.131439][ T4998] dump_stack_lvl+0x136/0x150
[ 45.136146][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 45.141900][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 45.147368][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 45.153272][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 45.158146][ T4998] dccp_write_xmit+0x171/0x1d0
[ 45.162954][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 45.167499][ T4998] ? dccp_done+0x100/0x100
[ 45.171925][ T4998] ? aa_af_perm+0x240/0x240
[ 45.176431][ T4998] ? import_ubuf+0x1fd/0x270
[ 45.181047][ T4998] inet_sendmsg+0x9d/0xe0
[ 45.185390][ T4998] ? inet_send_prepare+0x530/0x530
[ 45.190514][ T4998] sock_sendmsg+0xde/0x190
[ 45.194947][ T4998] ____sys_sendmsg+0x71c/0x900
[ 45.199723][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 45.205117][ T4998] ? kernel_sendmsg+0x50/0x50
[ 45.209848][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 45.215876][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 45.220570][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 45.225159][ T4998] ? lock_sync+0x190/0x190
[ 45.229580][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 45.234815][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 45.239861][ T4998] ? spin_bug+0x1c0/0x1c0
[ 45.244203][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 45.249585][ T4998] ? __fget_light+0x20a/0x270
[ 45.254295][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 45.258833][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 45.263869][ T4998] ? lock_downgrade+0x690/0x690
[ 45.268738][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 45.273959][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 45.279162][ T4998] ? ptrace_notify+0xfe/0x140
[ 45.283857][ T4998] do_syscall_64+0x39/0xb0
[ 45.288300][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 45.294198][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 45.298615][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 45.318297][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 45.326712][ T4998] RAX: ffffffffffffffda RBX: 0000000000000012 RCX: 00007f18e5b25eb9
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 45.334665][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 45.342627][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 45.350597][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 45.358564][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 45.366524][ T4998]
[ 45.370348][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 45.381501][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 45.391912][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 45.401967][ T4998] Call Trace:
[ 45.405228][ T4998]
[ 45.408143][ T4998] dump_stack_lvl+0x136/0x150
[ 45.412814][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 45.418523][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 45.423981][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 45.429907][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 45.434744][ T4998] dccp_write_xmit+0x171/0x1d0
[ 45.439498][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 45.443992][ T4998] ? dccp_done+0x100/0x100
[ 45.448394][ T4998] ? aa_af_perm+0x240/0x240
[ 45.452878][ T4998] ? import_ubuf+0x1fd/0x270
[ 45.457455][ T4998] inet_sendmsg+0x9d/0xe0
[ 45.461767][ T4998] ? inet_send_prepare+0x530/0x530
[ 45.466867][ T4998] sock_sendmsg+0xde/0x190
[ 45.471275][ T4998] ____sys_sendmsg+0x71c/0x900
[ 45.476038][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 45.481403][ T4998] ? kernel_sendmsg+0x50/0x50
[ 45.486088][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 45.492055][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 45.496733][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 45.501340][ T4998] ? lock_sync+0x190/0x190
[ 45.505752][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 45.510945][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 45.515968][ T4998] ? spin_bug+0x1c0/0x1c0
[ 45.520319][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 45.525334][ T4998] ? __fget_light+0x20a/0x270
[ 45.530017][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 45.534526][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 45.539549][ T4998] ? lock_downgrade+0x690/0x690
[ 45.544392][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 45.549575][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 45.554779][ T4998] ? ptrace_notify+0xfe/0x140
[ 45.559443][ T4998] do_syscall_64+0x39/0xb0
[ 45.563850][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 45.569730][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 45.574127][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 45.593725][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 45.602147][ T4998] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 00007f18e5b25eb9
[ 45.610104][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 45.618075][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 45.626032][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 45.633985][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 45.641950][ T4998]
[ 45.646015][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 45.657224][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 45.667630][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 45.677777][ T4998] Call Trace:
[ 45.681051][ T4998]
[ 45.683976][ T4998] dump_stack_lvl+0x136/0x150
[ 45.688678][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 45.694406][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 45.699881][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 45.705781][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 45.710677][ T4998] dccp_write_xmit+0x171/0x1d0
[ 45.715431][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 45.719943][ T4998] ? dccp_done+0x100/0x100
[ 45.724368][ T4998] ? aa_af_perm+0x240/0x240
[ 45.728870][ T4998] ? import_ubuf+0x1fd/0x270
[ 45.733490][ T4998] inet_sendmsg+0x9d/0xe0
[ 45.737814][ T4998] ? inet_send_prepare+0x530/0x530
[ 45.742941][ T4998] sock_sendmsg+0xde/0x190
[ 45.747365][ T4998] ____sys_sendmsg+0x71c/0x900
[ 45.752111][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 45.757468][ T4998] ? kernel_sendmsg+0x50/0x50
[ 45.762146][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 45.768123][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 45.772789][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 45.777389][ T4998] ? lock_sync+0x190/0x190
[ 45.781827][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 45.787014][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 45.792026][ T4998] ? spin_bug+0x1c0/0x1c0
[ 45.796358][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 45.801377][ T4998] ? __fget_light+0x20a/0x270
[ 45.806050][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 45.810549][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 45.815594][ T4998] ? lock_downgrade+0x690/0x690
[ 45.820465][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 45.825663][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 45.830852][ T4998] ? ptrace_notify+0xfe/0x140
[ 45.835524][ T4998] do_syscall_64+0x39/0xb0
[ 45.839941][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 45.845849][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 45.850256][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 45.869865][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 45.878269][ T4998] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00007f18e5b25eb9
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 45.886239][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 45.894192][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 45.902146][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 45.910123][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 45.918122][ T4998]
[ 45.923321][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 45.934461][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 45.944886][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 45.954925][ T4998] Call Trace:
[ 45.958193][ T4998]
[ 45.961111][ T4998] dump_stack_lvl+0x136/0x150
[ 45.965797][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 45.971509][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 45.976968][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 45.982876][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 45.987712][ T4998] dccp_write_xmit+0x171/0x1d0
[ 45.992474][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 45.996989][ T4998] ? dccp_done+0x100/0x100
[ 46.001401][ T4998] ? aa_af_perm+0x240/0x240
[ 46.005912][ T4998] ? import_ubuf+0x1fd/0x270
[ 46.010489][ T4998] inet_sendmsg+0x9d/0xe0
[ 46.014806][ T4998] ? inet_send_prepare+0x530/0x530
[ 46.019901][ T4998] sock_sendmsg+0xde/0x190
[ 46.024316][ T4998] ____sys_sendmsg+0x71c/0x900
[ 46.029085][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 46.034464][ T4998] ? kernel_sendmsg+0x50/0x50
[ 46.039149][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 46.045123][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 46.049806][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 46.054415][ T4998] ? lock_sync+0x190/0x190
[ 46.058832][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 46.064043][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 46.069074][ T4998] ? spin_bug+0x1c0/0x1c0
[ 46.073406][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 46.078424][ T4998] ? __fget_light+0x20a/0x270
[ 46.083096][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 46.087595][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 46.092608][ T4998] ? lock_downgrade+0x690/0x690
[ 46.097454][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 46.102642][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 46.107831][ T4998] ? ptrace_notify+0xfe/0x140
[ 46.112495][ T4998] do_syscall_64+0x39/0xb0
[ 46.116907][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 46.122790][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 46.127193][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 46.146877][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 46.155271][ T4998] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00007f18e5b25eb9
[ 46.163232][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 46.171195][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 46.179160][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 46.187125][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 46.195114][ T4998]
[ 46.200114][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 46.211353][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 46.221796][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 46.231866][ T4998] Call Trace:
[ 46.235136][ T4998]
[ 46.238053][ T4998] dump_stack_lvl+0x136/0x150
[ 46.242732][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 46.248449][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 46.253902][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 46.259791][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 46.264650][ T4998] dccp_write_xmit+0x171/0x1d0
[ 46.269429][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 46.273931][ T4998] ? dccp_done+0x100/0x100
[ 46.278339][ T4998] ? aa_af_perm+0x240/0x240
[ 46.282841][ T4998] ? import_ubuf+0x1fd/0x270
[ 46.287444][ T4998] inet_sendmsg+0x9d/0xe0
[ 46.291766][ T4998] ? inet_send_prepare+0x530/0x530
[ 46.296868][ T4998] sock_sendmsg+0xde/0x190
[ 46.301360][ T4998] ____sys_sendmsg+0x71c/0x900
[ 46.306124][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 46.311505][ T4998] ? kernel_sendmsg+0x50/0x50
[ 46.316189][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 46.322188][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 46.326852][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 46.331447][ T4998] ? lock_sync+0x190/0x190
[ 46.335878][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 46.341064][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 46.346087][ T4998] ? spin_bug+0x1c0/0x1c0
[ 46.350405][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 46.355418][ T4998] ? __fget_light+0x20a/0x270
[ 46.360089][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 46.364589][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 46.369625][ T4998] ? lock_downgrade+0x690/0x690
[ 46.374479][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 46.379669][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 46.384856][ T4998] ? ptrace_notify+0xfe/0x140
[ 46.389525][ T4998] do_syscall_64+0x39/0xb0
[ 46.393946][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 46.399862][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 46.404261][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 46.423867][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 46.432269][ T4998] RAX: ffffffffffffffda RBX: 000000000000000e RCX: 00007f18e5b25eb9
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 46.440225][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 46.448181][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 46.456146][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 46.464120][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 46.472090][ T4998]
[ 46.477360][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 46.488512][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 46.498910][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 46.508948][ T4998] Call Trace:
[ 46.512210][ T4998]
[ 46.515149][ T4998] dump_stack_lvl+0x136/0x150
[ 46.519822][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 46.525529][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 46.530982][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 46.536881][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 46.541713][ T4998] dccp_write_xmit+0x171/0x1d0
[ 46.546468][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 46.550957][ T4998] ? dccp_done+0x100/0x100
[ 46.555371][ T4998] ? aa_af_perm+0x240/0x240
[ 46.559889][ T4998] ? import_ubuf+0x1fd/0x270
[ 46.564493][ T4998] inet_sendmsg+0x9d/0xe0
[ 46.568833][ T4998] ? inet_send_prepare+0x530/0x530
[ 46.573947][ T4998] sock_sendmsg+0xde/0x190
[ 46.578383][ T4998] ____sys_sendmsg+0x71c/0x900
[ 46.583167][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 46.588575][ T4998] ? kernel_sendmsg+0x50/0x50
[ 46.593261][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 46.599249][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 46.603934][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 46.608552][ T4998] ? lock_sync+0x190/0x190
[ 46.612975][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 46.618175][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 46.623192][ T4998] ? spin_bug+0x1c0/0x1c0
[ 46.627506][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 46.632520][ T4998] ? __fget_light+0x20a/0x270
[ 46.637189][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 46.641682][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 46.646689][ T4998] ? lock_downgrade+0x690/0x690
[ 46.651528][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 46.656708][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 46.661892][ T4998] ? ptrace_notify+0xfe/0x140
[ 46.666554][ T4998] do_syscall_64+0x39/0xb0
[ 46.670958][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 46.677551][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 46.681968][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 46.701574][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 46.709989][ T4998] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007f18e5b25eb9
[ 46.717968][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 46.725953][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 46.733948][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 46.741918][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 46.749892][ T4998]
[ 46.754049][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 46.765228][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 46.775637][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 46.785690][ T4998] Call Trace:
[ 46.788970][ T4998]
[ 46.791899][ T4998] dump_stack_lvl+0x136/0x150
[ 46.796594][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 46.802331][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 46.807923][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 46.813865][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 46.818728][ T4998] dccp_write_xmit+0x171/0x1d0
[ 46.823523][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 46.828035][ T4998] ? dccp_done+0x100/0x100
[ 46.832459][ T4998] ? aa_af_perm+0x240/0x240
[ 46.836964][ T4998] ? import_ubuf+0x1fd/0x270
[ 46.841584][ T4998] inet_sendmsg+0x9d/0xe0
[ 46.845931][ T4998] ? inet_send_prepare+0x530/0x530
[ 46.851056][ T4998] sock_sendmsg+0xde/0x190
[ 46.855490][ T4998] ____sys_sendmsg+0x71c/0x900
[ 46.860285][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 46.865689][ T4998] ? kernel_sendmsg+0x50/0x50
[ 46.870375][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 46.876366][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 46.881051][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 46.885657][ T4998] ? lock_sync+0x190/0x190
[ 46.890084][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 46.895298][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 46.900334][ T4998] ? spin_bug+0x1c0/0x1c0
[ 46.904672][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 46.909698][ T4998] ? __fget_light+0x20a/0x270
[ 46.914374][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 46.918971][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 46.924007][ T4998] ? lock_downgrade+0x690/0x690
[ 46.928876][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 46.934085][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 46.939295][ T4998] ? ptrace_notify+0xfe/0x140
[ 46.943984][ T4998] do_syscall_64+0x39/0xb0
[ 46.948417][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 46.954326][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 46.958766][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 46.978385][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 46.986796][ T4998] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f18e5b25eb9
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 46.994779][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 47.002786][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 47.010760][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 47.018751][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 47.026754][ T4998]
[ 47.030688][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 47.041904][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 47.052317][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 47.062374][ T4998] Call Trace:
[ 47.065672][ T4998]
[ 47.068619][ T4998] dump_stack_lvl+0x136/0x150
[ 47.073305][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 47.079561][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 47.085012][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 47.090896][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 47.095734][ T4998] dccp_write_xmit+0x171/0x1d0
[ 47.100495][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 47.105012][ T4998] ? dccp_done+0x100/0x100
[ 47.109421][ T4998] ? aa_af_perm+0x240/0x240
[ 47.113928][ T4998] ? import_ubuf+0x1fd/0x270
[ 47.118506][ T4998] inet_sendmsg+0x9d/0xe0
[ 47.122820][ T4998] ? inet_send_prepare+0x530/0x530
[ 47.127941][ T4998] sock_sendmsg+0xde/0x190
[ 47.132351][ T4998] ____sys_sendmsg+0x71c/0x900
[ 47.137121][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 47.142480][ T4998] ? kernel_sendmsg+0x50/0x50
[ 47.147170][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 47.153141][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 47.157856][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 47.162473][ T4998] ? lock_sync+0x190/0x190
[ 47.166888][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 47.172116][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 47.177216][ T4998] ? spin_bug+0x1c0/0x1c0
[ 47.181563][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 47.186575][ T4998] ? __fget_light+0x20a/0x270
[ 47.191263][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 47.195779][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 47.200789][ T4998] ? lock_downgrade+0x690/0x690
[ 47.205643][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 47.210850][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 47.216246][ T4998] ? ptrace_notify+0xfe/0x140
[ 47.220965][ T4998] do_syscall_64+0x39/0xb0
[ 47.225423][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 47.231354][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 47.235791][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 47.255405][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 47.263814][ T4998] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f18e5b25eb9
[ 47.271784][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 47.279757][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 47.287744][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 47.295806][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 47.303972][ T4998]
[ 47.308059][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 47.319229][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 47.329642][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 47.339780][ T4998] Call Trace:
[ 47.343059][ T4998]
[ 47.345995][ T4998] dump_stack_lvl+0x136/0x150
[ 47.350711][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 47.356467][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 47.361942][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 47.367870][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 47.372732][ T4998] dccp_write_xmit+0x171/0x1d0
[ 47.377525][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 47.382066][ T4998] ? dccp_done+0x100/0x100
[ 47.386500][ T4998] ? aa_af_perm+0x240/0x240
[ 47.391027][ T4998] ? import_ubuf+0x1fd/0x270
[ 47.395622][ T4998] inet_sendmsg+0x9d/0xe0
[ 47.399960][ T4998] ? inet_send_prepare+0x530/0x530
[ 47.405080][ T4998] sock_sendmsg+0xde/0x190
[ 47.409510][ T4998] ____sys_sendmsg+0x71c/0x900
[ 47.414287][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 47.419675][ T4998] ? kernel_sendmsg+0x50/0x50
[ 47.424364][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 47.430361][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 47.435052][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 47.439653][ T4998] ? lock_sync+0x190/0x190
[ 47.444076][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 47.449281][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 47.454312][ T4998] ? spin_bug+0x1c0/0x1c0
[ 47.458652][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 47.463696][ T4998] ? __fget_light+0x20a/0x270
[ 47.468383][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 47.472890][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 47.478095][ T4998] ? lock_downgrade+0x690/0x690
[ 47.482948][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 47.488153][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 47.493366][ T4998] ? ptrace_notify+0xfe/0x140
[ 47.498058][ T4998] do_syscall_64+0x39/0xb0
[ 47.502503][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 47.508532][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 47.512951][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 47.532559][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 47.540969][ T4998] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007f18e5b25eb9
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 47.548938][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 47.556907][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 47.564877][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 47.572852][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 47.580815][ T4998]
[ 47.585490][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 47.596821][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 47.607249][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 47.617282][ T4998] Call Trace:
[ 47.620544][ T4998]
[ 47.623459][ T4998] dump_stack_lvl+0x136/0x150
[ 47.628136][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 47.633846][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 47.639296][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 47.645190][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 47.650033][ T4998] dccp_write_xmit+0x171/0x1d0
[ 47.654797][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 47.659377][ T4998] ? dccp_done+0x100/0x100
[ 47.663778][ T4998] ? aa_af_perm+0x240/0x240
[ 47.668262][ T4998] ? import_ubuf+0x1fd/0x270
[ 47.672866][ T4998] inet_sendmsg+0x9d/0xe0
[ 47.677182][ T4998] ? inet_send_prepare+0x530/0x530
[ 47.682275][ T4998] sock_sendmsg+0xde/0x190
[ 47.686686][ T4998] ____sys_sendmsg+0x71c/0x900
[ 47.691462][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 47.696836][ T4998] ? kernel_sendmsg+0x50/0x50
[ 47.701528][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 47.707500][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 47.712173][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 47.716778][ T4998] ? lock_sync+0x190/0x190
[ 47.721191][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 47.726411][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 47.731473][ T4998] ? spin_bug+0x1c0/0x1c0
[ 47.735834][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 47.740868][ T4998] ? __fget_light+0x20a/0x270
[ 47.745558][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 47.750096][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 47.755107][ T4998] ? lock_downgrade+0x690/0x690
[ 47.759966][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 47.765192][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 47.770384][ T4998] ? ptrace_notify+0xfe/0x140
[ 47.775064][ T4998] do_syscall_64+0x39/0xb0
[ 47.779498][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 47.785402][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 47.789801][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 47.809412][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 47.817854][ T4998] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f18e5b25eb9
[ 47.825823][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 47.833795][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 47.841751][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 47.849726][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 47.857733][ T4998]
[ 47.861660][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 47.872941][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 47.883391][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 47.893462][ T4998] Call Trace:
[ 47.896745][ T4998]
[ 47.899672][ T4998] dump_stack_lvl+0x136/0x150
[ 47.904362][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 47.910092][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 47.915556][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 47.921447][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 47.926303][ T4998] dccp_write_xmit+0x171/0x1d0
[ 47.931087][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 47.935625][ T4998] ? dccp_done+0x100/0x100
[ 47.940079][ T4998] ? aa_af_perm+0x240/0x240
[ 47.944605][ T4998] ? import_ubuf+0x1fd/0x270
[ 47.949205][ T4998] inet_sendmsg+0x9d/0xe0
[ 47.953542][ T4998] ? inet_send_prepare+0x530/0x530
[ 47.958759][ T4998] sock_sendmsg+0xde/0x190
[ 47.963189][ T4998] ____sys_sendmsg+0x71c/0x900
[ 47.967983][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 47.973374][ T4998] ? kernel_sendmsg+0x50/0x50
[ 47.978113][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 47.984128][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 47.988830][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 47.993459][ T4998] ? lock_sync+0x190/0x190
[ 47.997902][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 48.003136][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 48.008189][ T4998] ? spin_bug+0x1c0/0x1c0
[ 48.012562][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 48.017601][ T4998] ? __fget_light+0x20a/0x270
[ 48.022304][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 48.026847][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 48.031884][ T4998] ? lock_downgrade+0x690/0x690
[ 48.036757][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 48.041970][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 48.047178][ T4998] ? ptrace_notify+0xfe/0x140
[ 48.051880][ T4998] do_syscall_64+0x39/0xb0
[ 48.056324][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 48.062224][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 48.066629][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 48.086248][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 48.094677][ T4998] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f18e5b25eb9
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 48.102657][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 48.110643][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 48.118633][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 48.126606][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 48.134590][ T4998]
[ 48.138568][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 48.149755][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 48.160170][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 48.170233][ T4998] Call Trace:
[ 48.173523][ T4998]
[ 48.176467][ T4998] dump_stack_lvl+0x136/0x150
[ 48.181159][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 48.186889][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 48.192360][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 48.198266][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 48.203147][ T4998] dccp_write_xmit+0x171/0x1d0
[ 48.207964][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 48.212470][ T4998] ? dccp_done+0x100/0x100
[ 48.216886][ T4998] ? aa_af_perm+0x240/0x240
[ 48.221388][ T4998] ? import_ubuf+0x1fd/0x270
[ 48.225998][ T4998] inet_sendmsg+0x9d/0xe0
[ 48.230356][ T4998] ? inet_send_prepare+0x530/0x530
[ 48.235475][ T4998] sock_sendmsg+0xde/0x190
[ 48.239899][ T4998] ____sys_sendmsg+0x71c/0x900
[ 48.244677][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 48.250060][ T4998] ? kernel_sendmsg+0x50/0x50
[ 48.254760][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 48.260773][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 48.266183][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 48.270796][ T4998] ? lock_sync+0x190/0x190
[ 48.275222][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 48.280430][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 48.285469][ T4998] ? spin_bug+0x1c0/0x1c0
[ 48.289816][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 48.294851][ T4998] ? __fget_light+0x20a/0x270
[ 48.299543][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 48.304053][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 48.309082][ T4998] ? lock_downgrade+0x690/0x690
[ 48.313943][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 48.319255][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 48.324459][ T4998] ? ptrace_notify+0xfe/0x140
[ 48.329144][ T4998] do_syscall_64+0x39/0xb0
[ 48.333586][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 48.339512][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 48.343940][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 48.363567][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 48.372012][ T4998] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007f18e5b25eb9
[ 48.380267][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 48.388235][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 48.396206][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 48.404196][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 48.412180][ T4998]
[ 48.416687][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 48.427890][ T4998] CPU: 1 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 48.438337][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 48.448408][ T4998] Call Trace:
[ 48.451703][ T4998]
[ 48.454675][ T4998] dump_stack_lvl+0x136/0x150
[ 48.459408][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 48.465154][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 48.470647][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 48.476565][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 48.481453][ T4998] dccp_write_xmit+0x171/0x1d0
[ 48.486235][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 48.490781][ T4998] ? dccp_done+0x100/0x100
[ 48.495241][ T4998] ? aa_af_perm+0x240/0x240
[ 48.499772][ T4998] ? import_ubuf+0x1fd/0x270
[ 48.504369][ T4998] inet_sendmsg+0x9d/0xe0
[ 48.508700][ T4998] ? inet_send_prepare+0x530/0x530
[ 48.513844][ T4998] sock_sendmsg+0xde/0x190
[ 48.518267][ T4998] ____sys_sendmsg+0x71c/0x900
[ 48.523057][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 48.528439][ T4998] ? kernel_sendmsg+0x50/0x50
[ 48.533132][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 48.539144][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 48.543857][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 48.548458][ T4998] ? lock_sync+0x190/0x190
[ 48.552878][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 48.558091][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 48.563219][ T4998] ? spin_bug+0x1c0/0x1c0
[ 48.567584][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 48.572621][ T4998] ? __fget_light+0x20a/0x270
[ 48.577312][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 48.581846][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 48.586885][ T4998] ? lock_downgrade+0x690/0x690
[ 48.591752][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 48.596961][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 48.602522][ T4998] ? ptrace_notify+0xfe/0x140
[ 48.607214][ T4998] do_syscall_64+0x39/0xb0
[ 48.611660][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 48.617576][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 48.621989][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 48.641596][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 48.650008][ T4998] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f18e5b25eb9
[ 48.657993][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 48.665993][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 48.673987][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 48.681959][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 48.689941][ T4998]
[ 48.694979][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 48.706283][ T4998] CPU: 0 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 48.716724][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 48.726779][ T4998] Call Trace:
[ 48.730068][ T4998]
[ 48.733034][ T4998] dump_stack_lvl+0x136/0x150
[ 48.737742][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 48.743537][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 48.749031][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 48.754944][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 48.759809][ T4998] dccp_write_xmit+0x171/0x1d0
[ 48.764591][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 48.769135][ T4998] ? dccp_done+0x100/0x100
[ 48.773589][ T4998] ? aa_af_perm+0x240/0x240
[ 48.778097][ T4998] ? import_ubuf+0x1fd/0x270
[ 48.782702][ T4998] inet_sendmsg+0x9d/0xe0
[ 48.787043][ T4998] ? inet_send_prepare+0x530/0x530
[ 48.792161][ T4998] sock_sendmsg+0xde/0x190
[ 48.796585][ T4998] ____sys_sendmsg+0x71c/0x900
[ 48.801375][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 48.806785][ T4998] ? kernel_sendmsg+0x50/0x50
[ 48.811507][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 48.817505][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 48.822188][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 48.826786][ T4998] ? lock_sync+0x190/0x190
[ 48.831208][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 48.836403][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 48.841431][ T4998] ? spin_bug+0x1c0/0x1c0
[ 48.845756][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 48.850788][ T4998] ? __fget_light+0x20a/0x270
[ 48.855472][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 48.859984][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 48.865011][ T4998] ? lock_downgrade+0x690/0x690
[ 48.869881][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 48.875076][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 48.880273][ T4998] ? ptrace_notify+0xfe/0x140
[ 48.884952][ T4998] do_syscall_64+0x39/0xb0
[ 48.889378][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 48.895309][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 48.899741][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 48.919358][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 48.927772][ T4998] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f18e5b25eb9
[ 48.935735][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 48.943703][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 48.951677][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 48.959661][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 48.967649][ T4998]
[ 48.972415][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 48.983626][ T4998] CPU: 0 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 48.994040][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 49.004103][ T4998] Call Trace:
[ 49.007391][ T4998]
[ 49.010339][ T4998] dump_stack_lvl+0x136/0x150
[ 49.015044][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 49.020803][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 49.026312][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 49.032219][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 49.037097][ T4998] dccp_write_xmit+0x171/0x1d0
[ 49.041915][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 49.046444][ T4998] ? dccp_done+0x100/0x100
[ 49.050876][ T4998] ? aa_af_perm+0x240/0x240
[ 49.055386][ T4998] ? import_ubuf+0x1fd/0x270
[ 49.059995][ T4998] inet_sendmsg+0x9d/0xe0
[ 49.064331][ T4998] ? inet_send_prepare+0x530/0x530
[ 49.069447][ T4998] sock_sendmsg+0xde/0x190
[ 49.073872][ T4998] ____sys_sendmsg+0x71c/0x900
[ 49.078642][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 49.084032][ T4998] ? kernel_sendmsg+0x50/0x50
[ 49.088731][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 49.094819][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 49.099523][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 49.104126][ T4998] ? lock_sync+0x190/0x190
[ 49.108550][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 49.113781][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 49.118858][ T4998] ? spin_bug+0x1c0/0x1c0
[ 49.123238][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 49.128273][ T4998] ? __fget_light+0x20a/0x270
[ 49.132976][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 49.137511][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 49.142539][ T4998] ? lock_downgrade+0x690/0x690
[ 49.147399][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 49.152601][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 49.157817][ T4998] ? ptrace_notify+0xfe/0x140
[ 49.162558][ T4998] do_syscall_64+0x39/0xb0
[ 49.166985][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 49.172890][ T4998] RIP: 0033:0x7f18e5b25eb9
[ 49.177308][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 49.196959][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 49.205371][ T4998] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f18e5b25eb9
[ 49.213350][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 49.221337][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 49.229302][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 49.237263][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 49.245252][ T4998]
[ 49.249834][ T4998] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 49.260973][ T4998] CPU: 0 PID: 4998 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 49.271450][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 49.281489][ T4998] Call Trace:
[ 49.284763][ T4998]
[ 49.287693][ T4998] dump_stack_lvl+0x136/0x150
[ 49.292374][ T4998] ccid3_update_send_interval+0x187/0x1c0
[ 49.298106][ T4998] ccid3_hc_tx_packet_sent+0x132/0x190
[ 49.303553][ T4998] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 49.309435][ T4998] dccp_xmit_packet+0x2f2/0x760
[ 49.314274][ T4998] dccp_write_xmit+0x171/0x1d0
[ 49.319032][ T4998] dccp_sendmsg+0xa3b/0xbf0
[ 49.323556][ T4998] ? dccp_done+0x100/0x100
[ 49.327959][ T4998] ? aa_af_perm+0x240/0x240
[ 49.332447][ T4998] ? import_ubuf+0x1fd/0x270
[ 49.337025][ T4998] inet_sendmsg+0x9d/0xe0
[ 49.341346][ T4998] ? inet_send_prepare+0x530/0x530
[ 49.346443][ T4998] sock_sendmsg+0xde/0x190
[ 49.350853][ T4998] ____sys_sendmsg+0x71c/0x900
[ 49.355602][ T4998] ? copy_msghdr_from_user+0xfc/0x150
[ 49.360959][ T4998] ? kernel_sendmsg+0x50/0x50
[ 49.365641][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 49.371637][ T4998] ___sys_sendmsg+0x110/0x1b0
[ 49.376303][ T4998] ? do_recvmmsg+0x6f0/0x6f0
[ 49.380907][ T4998] ? lock_sync+0x190/0x190
[ 49.385342][ T4998] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 49.390531][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 49.395545][ T4998] ? spin_bug+0x1c0/0x1c0
[ 49.399861][ T4998] ? _raw_spin_lock_irq+0x45/0x50
[ 49.404880][ T4998] ? __fget_light+0x20a/0x270
[ 49.409550][ T4998] __sys_sendmsg+0xf7/0x1c0
[ 49.414039][ T4998] ? __sys_sendmsg_sock+0x40/0x40
[ 49.419049][ T4998] ? lock_downgrade+0x690/0x690
[ 49.423891][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 49.429075][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 49.434261][ T4998] ? ptrace_notify+0xfe/0x140
[ 49.438945][ T4998] do_syscall_64+0x39/0xb0
[ 49.443358][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 49.449237][ T4998] RIP: 0033:0x7f18e5b25eb9
[pid 4998] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0
[pid 4996] kill(-4998, SIGKILL) = 0
[pid 4996] kill(4998, SIGKILL) = 0
[ 49.453633][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 49.473235][ T4998] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 49.481742][ T4998] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f18e5b25eb9
[ 49.489698][ T4998] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 49.497651][ T4998] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[pid 4998] <... sendmsg resumed>) = ?
[pid 4998] +++ killed by SIGKILL +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=4998, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=38 /* 0.38 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4999 attached
, child_tidptr=0x5555570835d0) = 4999
[pid 4999] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 4999] setpgid(0, 0) = 0
[pid 4999] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 4999] write(3, "1000", 4) = 4
[pid 4999] close(3) = 0
[pid 4999] socket(AF_INET6, SOCK_DCCP, IPPROTO_IP) = 3
[pid 4999] bind(3, {sa_family=AF_INET6, sin6_port=htons(20000), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 4999] socket(AF_INET, SOCK_DCCP, IPPROTO_IP) = 4
[pid 4999] listen(3, 6) = 0
[pid 4999] setsockopt(4, SOL_DCCP, DCCP_SOCKOPT_CCID, "\x03", 1) = 0
[pid 4999] connect(4, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
[pid 4999] sendto(4, "\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65475, 0, NULL, 0) = 65475
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 49.505614][ T4998] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 49.513587][ T4998] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 49.521548][ T4998]
[ 49.536078][ T4999] dccp_xmit_packet: Payload too large (65475) for featneg.
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 49.576719][ T4999] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 49.587924][ T4999] CPU: 1 PID: 4999 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 49.598322][ T4999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 49.608360][ T4999] Call Trace:
[ 49.611620][ T4999]
[ 49.614534][ T4999] dump_stack_lvl+0x136/0x150
[ 49.619209][ T4999] ccid3_update_send_interval+0x187/0x1c0
[ 49.624919][ T4999] ccid3_hc_tx_packet_sent+0x132/0x190
[ 49.630368][ T4999] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 49.636330][ T4999] dccp_xmit_packet+0x2f2/0x760
[ 49.641176][ T4999] dccp_write_xmit+0x171/0x1d0
[ 49.645930][ T4999] dccp_sendmsg+0xa3b/0xbf0
[ 49.650430][ T4999] ? dccp_done+0x100/0x100
[ 49.654839][ T4999] ? aa_af_perm+0x240/0x240
[ 49.659329][ T4999] ? import_ubuf+0x1fd/0x270
[ 49.663910][ T4999] inet_sendmsg+0x9d/0xe0
[ 49.668225][ T4999] ? inet_send_prepare+0x530/0x530
[ 49.673331][ T4999] sock_sendmsg+0xde/0x190
[ 49.677737][ T4999] ____sys_sendmsg+0x71c/0x900
[ 49.682493][ T4999] ? copy_msghdr_from_user+0xfc/0x150
[ 49.687858][ T4999] ? kernel_sendmsg+0x50/0x50
[ 49.692524][ T4999] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 49.698530][ T4999] ___sys_sendmsg+0x110/0x1b0
[ 49.703199][ T4999] ? do_recvmmsg+0x6f0/0x6f0
[ 49.707789][ T4999] ? lock_sync+0x190/0x190
[ 49.712194][ T4999] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 49.717382][ T4999] ? do_raw_spin_lock+0x124/0x2b0
[ 49.722400][ T4999] ? spin_bug+0x1c0/0x1c0
[ 49.726811][ T4999] ? _raw_spin_lock_irq+0x45/0x50
[ 49.731831][ T4999] ? __fget_light+0x20a/0x270
[ 49.736510][ T4999] __sys_sendmsg+0xf7/0x1c0
[ 49.741009][ T4999] ? __sys_sendmsg_sock+0x40/0x40
[ 49.746024][ T4999] ? lock_downgrade+0x690/0x690
[ 49.750871][ T4999] ? lockdep_hardirqs_on+0x7d/0x100
[ 49.756062][ T4999] ? _raw_spin_unlock_irq+0x2e/0x50
[ 49.761251][ T4999] ? ptrace_notify+0xfe/0x140
[ 49.765919][ T4999] do_syscall_64+0x39/0xb0
[ 49.770337][ T4999] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 49.776228][ T4999] RIP: 0033:0x7f18e5b25eb9
[ 49.780633][ T4999] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 49.800233][ T4999] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 49.808653][ T4999] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00007f18e5b25eb9
[ 49.816614][ T4999] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 49.824572][ T4999] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 49.832528][ T4999] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 49.840488][ T4999] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 49.848458][ T4999]
[ 49.853047][ T4999] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 49.864394][ T4999] CPU: 0 PID: 4999 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 49.874829][ T4999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 49.884901][ T4999] Call Trace:
[ 49.888186][ T4999]
[ 49.891116][ T4999] dump_stack_lvl+0x136/0x150
[ 49.895828][ T4999] ccid3_update_send_interval+0x187/0x1c0
[ 49.901590][ T4999] ccid3_hc_tx_packet_sent+0x132/0x190
[ 49.907065][ T4999] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 49.912981][ T4999] dccp_xmit_packet+0x2f2/0x760
[ 49.917849][ T4999] dccp_write_xmit+0x171/0x1d0
[ 49.922629][ T4999] dccp_sendmsg+0xa3b/0xbf0
[ 49.927151][ T4999] ? dccp_done+0x100/0x100
[ 49.931594][ T4999] ? aa_af_perm+0x240/0x240
[ 49.936115][ T4999] ? import_ubuf+0x1fd/0x270
[ 49.940722][ T4999] inet_sendmsg+0x9d/0xe0
[ 49.945056][ T4999] ? inet_send_prepare+0x530/0x530
[ 49.950168][ T4999] sock_sendmsg+0xde/0x190
[ 49.954610][ T4999] ____sys_sendmsg+0x71c/0x900
[ 49.959407][ T4999] ? copy_msghdr_from_user+0xfc/0x150
[ 49.964888][ T4999] ? kernel_sendmsg+0x50/0x50
[ 49.969625][ T4999] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 49.975624][ T4999] ___sys_sendmsg+0x110/0x1b0
[ 49.980310][ T4999] ? do_recvmmsg+0x6f0/0x6f0
[ 49.984907][ T4999] ? lock_sync+0x190/0x190
[ 49.989328][ T4999] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 49.994526][ T4999] ? do_raw_spin_lock+0x124/0x2b0
[ 49.999548][ T4999] ? spin_bug+0x1c0/0x1c0
[ 50.003873][ T4999] ? _raw_spin_lock_irq+0x45/0x50
[ 50.008900][ T4999] ? __fget_light+0x20a/0x270
[ 50.013582][ T4999] __sys_sendmsg+0xf7/0x1c0
[ 50.018091][ T4999] ? __sys_sendmsg_sock+0x40/0x40
[ 50.023110][ T4999] ? lock_downgrade+0x690/0x690
[ 50.027966][ T4999] ? lockdep_hardirqs_on+0x7d/0x100
[ 50.033158][ T4999] ? _raw_spin_unlock_irq+0x2e/0x50
[ 50.038358][ T4999] ? ptrace_notify+0xfe/0x140
[ 50.043037][ T4999] do_syscall_64+0x39/0xb0
[ 50.047465][ T4999] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.053368][ T4999] RIP: 0033:0x7f18e5b25eb9
[ 50.057777][ T4999] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 50.077550][ T4999] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 50.085962][ T4999] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00007f18e5b25eb9
[ 50.093927][ T4999] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 50.101895][ T4999] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 50.109857][ T4999] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 50.117832][ T4999] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 50.125831][ T4999]
[ 50.130444][ T4999] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 50.141641][ T4999] CPU: 1 PID: 4999 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 50.152161][ T4999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 50.162213][ T4999] Call Trace:
[ 50.165500][ T4999]
[ 50.168445][ T4999] dump_stack_lvl+0x136/0x150
[ 50.173141][ T4999] ccid3_update_send_interval+0x187/0x1c0
[ 50.178904][ T4999] ccid3_hc_tx_packet_sent+0x132/0x190
[ 50.184366][ T4999] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 50.190265][ T4999] dccp_xmit_packet+0x2f2/0x760
[ 50.195132][ T4999] dccp_write_xmit+0x171/0x1d0
[ 50.199937][ T4999] dccp_sendmsg+0xa3b/0xbf0
[ 50.204477][ T4999] ? dccp_done+0x100/0x100
[ 50.208908][ T4999] ? aa_af_perm+0x240/0x240
[ 50.213438][ T4999] ? import_ubuf+0x1fd/0x270
[ 50.218050][ T4999] inet_sendmsg+0x9d/0xe0
[ 50.222386][ T4999] ? inet_send_prepare+0x530/0x530
[ 50.227499][ T4999] sock_sendmsg+0xde/0x190
[ 50.231934][ T4999] ____sys_sendmsg+0x71c/0x900
[ 50.236727][ T4999] ? copy_msghdr_from_user+0xfc/0x150
[ 50.242123][ T4999] ? kernel_sendmsg+0x50/0x50
[ 50.246831][ T4999] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 50.252821][ T4999] ___sys_sendmsg+0x110/0x1b0
[ 50.257507][ T4999] ? do_recvmmsg+0x6f0/0x6f0
[ 50.262105][ T4999] ? lock_sync+0x190/0x190
[ 50.266529][ T4999] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 50.271767][ T4999] ? do_raw_spin_lock+0x124/0x2b0
[ 50.276825][ T4999] ? spin_bug+0x1c0/0x1c0
[ 50.281173][ T4999] ? _raw_spin_lock_irq+0x45/0x50
[ 50.286186][ T4999] ? __fget_light+0x20a/0x270
[ 50.290869][ T4999] __sys_sendmsg+0xf7/0x1c0
[ 50.295381][ T4999] ? __sys_sendmsg_sock+0x40/0x40
[ 50.300389][ T4999] ? lock_downgrade+0x690/0x690
[ 50.305229][ T4999] ? lockdep_hardirqs_on+0x7d/0x100
[ 50.310410][ T4999] ? _raw_spin_unlock_irq+0x2e/0x50
[ 50.315593][ T4999] ? ptrace_notify+0xfe/0x140
[ 50.320269][ T4999] do_syscall_64+0x39/0xb0
[ 50.324707][ T4999] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.330599][ T4999] RIP: 0033:0x7f18e5b25eb9
[ 50.335007][ T4999] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 50.354612][ T4999] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 50.363023][ T4999] RAX: ffffffffffffffda RBX: 000000000000000e RCX: 00007f18e5b25eb9
[ 50.370981][ T4999] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 50.378938][ T4999] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 50.386906][ T4999] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 50.394883][ T4999] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 50.403018][ T4999]
[ 50.406846][ T4999] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 50.418000][ T4999] CPU: 1 PID: 4999 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 50.428418][ T4999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 50.438475][ T4999] Call Trace:
[ 50.441737][ T4999]
[ 50.444648][ T4999] dump_stack_lvl+0x136/0x150
[ 50.449321][ T4999] ccid3_update_send_interval+0x187/0x1c0
[ 50.455030][ T4999] ccid3_hc_tx_packet_sent+0x132/0x190
[ 50.460473][ T4999] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 50.466353][ T4999] dccp_xmit_packet+0x2f2/0x760
[ 50.471188][ T4999] dccp_write_xmit+0x171/0x1d0
[ 50.475936][ T4999] dccp_sendmsg+0xa3b/0xbf0
[ 50.480431][ T4999] ? dccp_done+0x100/0x100
[ 50.484833][ T4999] ? aa_af_perm+0x240/0x240
[ 50.489320][ T4999] ? import_ubuf+0x1fd/0x270
[ 50.493898][ T4999] inet_sendmsg+0x9d/0xe0
[ 50.498209][ T4999] ? inet_send_prepare+0x530/0x530
[ 50.503298][ T4999] sock_sendmsg+0xde/0x190
[ 50.507702][ T4999] ____sys_sendmsg+0x71c/0x900
[ 50.512455][ T4999] ? copy_msghdr_from_user+0xfc/0x150
[ 50.517840][ T4999] ? kernel_sendmsg+0x50/0x50
[ 50.522506][ T4999] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 50.528475][ T4999] ___sys_sendmsg+0x110/0x1b0
[ 50.533149][ T4999] ? do_recvmmsg+0x6f0/0x6f0
[ 50.537754][ T4999] ? lock_sync+0x190/0x190
[ 50.542168][ T4999] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 50.547355][ T4999] ? do_raw_spin_lock+0x124/0x2b0
[ 50.552374][ T4999] ? spin_bug+0x1c0/0x1c0
[ 50.556718][ T4999] ? _raw_spin_lock_irq+0x45/0x50
[ 50.561731][ T4999] ? __fget_light+0x20a/0x270
[ 50.566411][ T4999] __sys_sendmsg+0xf7/0x1c0
[ 50.570923][ T4999] ? __sys_sendmsg_sock+0x40/0x40
[ 50.575931][ T4999] ? lock_downgrade+0x690/0x690
[ 50.580779][ T4999] ? lockdep_hardirqs_on+0x7d/0x100
[ 50.585970][ T4999] ? _raw_spin_unlock_irq+0x2e/0x50
[ 50.591179][ T4999] ? ptrace_notify+0xfe/0x140
[ 50.595857][ T4999] do_syscall_64+0x39/0xb0
[ 50.600292][ T4999] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.606187][ T4999] RIP: 0033:0x7f18e5b25eb9
[ 50.610606][ T4999] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 50.630194][ T4999] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 50.638587][ T4999] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007f18e5b25eb9
[ 50.646542][ T4999] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[ 50.654499][ T4999] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 50.662457][ T4999] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 50.670471][ T4999] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 50.678465][ T4999]
[ 50.683241][ T4999] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 50.694458][ T4999] CPU: 1 PID: 4999 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 50.704887][ T4999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 50.714938][ T4999] Call Trace:
[ 50.718207][ T4999]
[ 50.721139][ T4999] dump_stack_lvl+0x136/0x150
[ 50.725871][ T4999] ccid3_update_send_interval+0x187/0x1c0
[ 50.731598][ T4999] ccid3_hc_tx_packet_sent+0x132/0x190
[ 50.737064][ T4999] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 50.742967][ T4999] dccp_xmit_packet+0x2f2/0x760
[ 50.747841][ T4999] dccp_write_xmit+0x171/0x1d0
[ 50.752636][ T4999] dccp_sendmsg+0xa3b/0xbf0
[ 50.757155][ T4999] ? dccp_done+0x100/0x100
[ 50.761582][ T4999] ? aa_af_perm+0x240/0x240
[ 50.766093][ T4999] ? import_ubuf+0x1fd/0x270
[ 50.770691][ T4999] inet_sendmsg+0x9d/0xe0
[ 50.775040][ T4999] ? inet_send_prepare+0x530/0x530
[ 50.780149][ T4999] sock_sendmsg+0xde/0x190
[ 50.784574][ T4999] ____sys_sendmsg+0x71c/0x900
[ 50.789345][ T4999] ? copy_msghdr_from_user+0xfc/0x150
[ 50.794718][ T4999] ? kernel_sendmsg+0x50/0x50
[ 50.799400][ T4999] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 50.805403][ T4999] ___sys_sendmsg+0x110/0x1b0
[ 50.810119][ T4999] ? do_recvmmsg+0x6f0/0x6f0
[ 50.814722][ T4999] ? lock_sync+0x190/0x190
[ 50.819145][ T4999] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 50.824346][ T4999] ? do_raw_spin_lock+0x124/0x2b0
[ 50.829399][ T4999] ? spin_bug+0x1c0/0x1c0
[ 50.833736][ T4999] ? _raw_spin_lock_irq+0x45/0x50
[ 50.838783][ T4999] ? __fget_light+0x20a/0x270
[ 50.843473][ T4999] __sys_sendmsg+0xf7/0x1c0
[ 50.848013][ T4999] ? __sys_sendmsg_sock+0x40/0x40
[ 50.853041][ T4999] ? lock_downgrade+0x690/0x690
[ 50.857933][ T4999] ? lockdep_hardirqs_on+0x7d/0x100
[ 50.863138][ T4999] ? _raw_spin_unlock_irq+0x2e/0x50
[ 50.868341][ T4999] ? ptrace_notify+0xfe/0x140
[ 50.873033][ T4999] do_syscall_64+0x39/0xb0
[ 50.877486][ T4999] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 50.883403][ T4999] RIP: 0033:0x7f18e5b25eb9
[ 50.887821][ T4999] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 50.907511][ T4999] RSP: 002b:00007fff5367e4b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 50.915925][ T4999] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f18e5b25eb9
[ 50.923924][ T4999] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
[pid 4999] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="s", iov_len=1}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 1
[ 50.931909][ T4999] RBP: 0000000000000000 R08: 00007fff5367e658 R09: 00007fff5367e658
[ 50.939896][ T4999] R10: 00007fff5367e658 R11: 0000000000000246 R12: 00007fff5367e4cc
[ 50.947891][ T4999] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 50.955892][ T4999]
[ 50.960533][ T4999] BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
[ 50.971820][ T4999] CPU: 1 PID: 4999 Comm: syz-executor424 Not tainted 6.4.0-rc2-syzkaller-00018-g4d6d4c7f541d #0
[ 50.982266][ T4999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[ 50.992344][ T4999] Call Trace:
[ 50.995624][ T4999]
[ 50.998558][ T4999] dump_stack_lvl+0x136/0x150
[ 51.003274][ T4999] ccid3_update_send_interval+0x187/0x1c0
[ 51.009026][ T4999] ccid3_hc_tx_packet_sent+0x132/0x190
[ 51.014527][ T4999] ? ccid3_update_send_interval+0x1c0/0x1c0
[ 51.020446][ T4999] dccp_xmit_packet+0x2f2/0x760
[ 51.025298][ T4999] dccp_write_xmit+0x171/0x1d0
[ 51.030061][ T4999] dccp_sendmsg+0xa3b/0xbf0
[ 51.034603][ T4999] ? dccp_done+0x100/0x100
[ 51.039055][ T4999] ? aa_af_perm+0x240/0x240
[ 51.043567][ T4999] ? import_ubuf+0x1fd/0x270
[ 51.048168][ T4999] inet_sendmsg+0x9d/0xe0
[ 51.052499][ T4999] ? inet_send_prepare+0x530/0x530
[ 51.057608][ T4999] sock_sendmsg+0xde/0x190
[ 51.062030][ T4999] ____sys_sendmsg+0x71c/0x900
[ 51.066816][ T4999] ? copy_msghdr_from_user+0xfc/0x150
[ 51.072213][ T4999] ? kernel_sendmsg+0x50/0x50
[ 51.076913][ T4999] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 51.082927][ T4999] ___sys_sendmsg+0x110/0x1b0
[ 51.087607][ T4999] ? do_recvmmsg+0x6f0/0x6f0
[ 51.092207][ T4999] ? lock_sync+0x190/0x190
[ 51.096652][ T4999] ? ptrace_stop.part.0+0x4a3/0x8e0
[ 51.101895][ T4999] ? do_raw_spin_lock+0x124/0x2b0
[ 51.106935][ T4999] ? spin_bug+0x1c0/0x1c0
[ 51.111297][ T4999] ? _raw_spin_lock_irq+0x45/0x50
[ 51.116326][ T4999] ? __fget_light+0x20a/0x270
[ 51.121017][ T4999] __sys_sendmsg+0xf7/0x1c0
[ 51.125537][ T4999] ? __sys_sendmsg_sock+0x40/0x40
[ 51.130603][ T4999] ? lock_downgrade+0x690/0x690
[ 51.135498][ T4999] ? lockdep_hardirqs_on+0x7d/0x100
[ 51.140705][ T4999] ? _raw_spin_unlock_irq+0x2e/0x50
[ 51.145951][ T4999] ? ptrace_notify+0xfe/0x140
[ 51.150676][ T4999] do_syscall_64+0x39/0xb0
[ 51.155121][ T4999] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 51.161062][ T4999] RIP: 0033:0x7f18e5b25eb9
[ 51.165472][ T4999] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48