BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:414/tfrc_rx_hist_sample_rtt() CPU: 3 PID: 0 Comm: swapper/3 Not tainted 6.8.0-rc1-syzkaller-00037-g443b349019f2 #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x125/0x1b0 lib/dump_stack.c:106 tfrc_rx_hist_sample_rtt+0x3dd/0x4a0 net/dccp/ccids/lib/packet_history.c:414 ccid3_hc_rx_packet_recv+0x443/0xf50 net/dccp/ccids/ccid3.c:760 ccid_hc_rx_packet_recv net/dccp/ccid.h:182 [inline] dccp_deliver_input_to_ccids+0xe3/0x260 net/dccp/input.c:176 dccp_rcv_established net/dccp/input.c:374 [inline] dccp_rcv_established+0x106/0x160 net/dccp/input.c:364 dccp_v4_do_rcv+0x169/0x1b0 net/dccp/ipv4.c:675 sk_backlog_rcv include/net/sock.h:1092 [inline] __sk_receive_skb+0x2af/0x840 net/core/sock.c:567 dccp_v4_rcv+0x1281/0x1980 net/dccp/ipv4.c:898 ip_protocol_deliver_rcu+0x9f/0x480 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x2e4/0x510 net/ipv4/ip_input.c:233 NF_HOOK include/linux/netfilter.h:314 [inline] NF_HOOK include/linux/netfilter.h:308 [inline] ip_local_deliver+0x18e/0x1f0 net/ipv4/ip_input.c:254 dst_input include/net/dst.h:461 [inline] ip_rcv_finish+0x1b8/0x2e0 net/ipv4/ip_input.c:449 NF_HOOK include/linux/netfilter.h:314 [inline] NF_HOOK include/linux/netfilter.h:308 [inline] ip_rcv+0xaf/0xd0 net/ipv4/ip_input.c:569 __netif_receive_skb_one_core+0x115/0x180 net/core/dev.c:5534 __netif_receive_skb+0x1f/0x1b0 net/core/dev.c:5648 process_backlog+0x101/0x6b0 net/core/dev.c:5976 __napi_poll.constprop.0+0xb4/0x540 net/core/dev.c:6576 napi_poll net/core/dev.c:6645 [inline] net_rx_action+0x956/0xe90 net/core/dev.c:6778 __do_softirq+0x21a/0x8de kernel/softirq.c:553 invoke_softirq kernel/softirq.c:427 [inline] __irq_exit_rcu kernel/softirq.c:632 [inline] irq_exit_rcu+0xb7/0x120 kernel/softirq.c:644 sysvec_apic_timer_interrupt+0x95/0xb0 arch/x86/kernel/apic/apic.c:1076 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:649 RIP: 0010:native_irq_disable arch/x86/include/asm/irqflags.h:37 [inline] RIP: 0010:arch_local_irq_disable arch/x86/include/asm/irqflags.h:72 [inline] RIP: 0010:default_idle+0xf/0x20 arch/x86/kernel/process.c:743 Code: 89 07 49 c7 c0 08 00 00 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 76 ff ff ff cc cc cc cc f3 0f 1e fa 66 90 0f 00 2d 53 83 38 00 fb f4 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 f3 0f 1e fa 65 RSP: 0018:ffffc90000477e08 EFLAGS: 00000242 RAX: 000000000032830d RBX: 0000000000000003 RCX: ffffffff8a8e11d7 RDX: 0000000000000000 RSI: ffffffff8accae80 RDI: ffffffff8b2fd380 RBP: ffffed10027fb900 R08: 0000000000000001 R09: ffffed1005926ded R10: ffff88802c936f6b R11: 0000000000000000 R12: 0000000000000003 R13: ffff888013fdc800 R14: ffffffff8f3aeb10 R15: 0000000000000000 default_idle_call+0x69/0xa0 kernel/sched/idle.c:97 cpuidle_idle_call kernel/sched/idle.c:170 [inline] do_idle+0x332/0x400 kernel/sched/idle.c:312 cpu_startup_entry+0x50/0x60 kernel/sched/idle.c:410 start_secondary+0x20e/0x2a0 arch/x86/kernel/smpboot.c:336 secondary_startup_64_no_verify+0x170/0x17b dccp_check_seqno: Step 6 failed for RESET packet, (LSWL(72539945405774) <= P.seqno(0) <= S.SWH(72539945405848)) and (P.ackno exists or LAWL(67649379567836) <= P.ackno(67649379567840) <= S.AWH(67649379567843), sending SYNC... ---------------- Code disassembly (best guess): 0: 89 07 mov %eax,(%rdi) 2: 49 c7 c0 08 00 00 00 mov $0x8,%r8 9: 4d 29 c8 sub %r9,%r8 c: 4c 01 c7 add %r8,%rdi f: 4c 29 c2 sub %r8,%rdx 12: e9 76 ff ff ff jmp 0xffffff8d 17: cc int3 18: cc int3 19: cc int3 1a: cc int3 1b: f3 0f 1e fa endbr64 1f: 66 90 xchg %ax,%ax 21: 0f 00 2d 53 83 38 00 verw 0x388353(%rip) # 0x38837b 28: fb sti 29: f4 hlt * 2a: fa cli <-- trapping instruction 2b: c3 ret 2c: 66 66 2e 0f 1f 84 00 data16 cs nopw 0x0(%rax,%rax,1) 33: 00 00 00 00 37: 0f 1f 40 00 nopl 0x0(%rax) 3b: f3 0f 1e fa endbr64 3f: 65 gs