BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:417/tfrc_rx_hist_sample_rtt()
CPU: 0 PID: 407 Comm: syz-executor.1 Not tainted 6.8.0-syzkaller-05204-g237bb5f7f7f5 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106
 tfrc_rx_hist_sample_rtt+0x397/0x4b0 net/dccp/ccids/lib/packet_history.c:414
 ccid3_hc_rx_packet_recv+0x69d/0xe60 net/dccp/ccids/ccid3.c:760
 ccid_hc_rx_packet_recv net/dccp/ccid.h:182 [inline]
 dccp_deliver_input_to_ccids net/dccp/input.c:176 [inline]
 dccp_rcv_established+0x1bb/0x320 net/dccp/input.c:374
 dccp_v4_do_rcv+0xff/0x1f0 net/dccp/ipv4.c:675
 sk_backlog_rcv include/net/sock.h:1106 [inline]
 __sk_receive_skb+0x823/0x8a0 net/core/sock.c:569
 ip_protocol_deliver_rcu+0x2e0/0x430 net/ipv4/ip_input.c:205
 ip_local_deliver_finish+0x33f/0x5f0 net/ipv4/ip_input.c:233
 NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314
 NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314
 __netif_receive_skb_one_core net/core/dev.c:5538 [inline]
 __netif_receive_skb+0x2bf/0x6a0 net/core/dev.c:5652
 process_backlog+0x39d/0x7a0 net/core/dev.c:5981
 __napi_poll+0xcb/0x490 net/core/dev.c:6632
 napi_poll net/core/dev.c:6701 [inline]
 net_rx_action+0x7bb/0x1090 net/core/dev.c:6813
 __do_softirq+0x2bc/0x943 kernel/softirq.c:554
 invoke_softirq kernel/softirq.c:428 [inline]
 __irq_exit_rcu+0xf2/0x1c0 kernel/softirq.c:633
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:645
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire+0x10a/0x530 kernel/locking/lockdep.c:5727
Code: c6 09 00 84 c0 0f 84 c2 02 00 00 48 c7 c0 9c e1 86 8f 48 c1 e8 03 42 0f b6 04 28 84 c0 0f 85 ea 02 00 00 83 3d 32 47 15 0e 00 <0f> 84 42 01 00 00 65 8b 05 49 f0 90 7e 85 c0 0f 85 8f 01 00 00 65
RSP: 0018:ffffc9000bc3f460 EFLAGS: 00000202
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81719a34
RDX: 0000000000000000 RSI: ffffffff8bfec640 RDI: ffffffff8bfec600
RBP: ffffc9000bc3f5b0 R08: ffffffff8f86ae6f R09: 1ffffffff1f0d5cd
R10: dffffc0000000000 R11: fffffbfff1f0d5ce R12: 1ffff92001787e94
R13: dffffc0000000000 R14: 0000000000000000 R15: dffffc0000000000
 rcu_lock_acquire include/linux/rcupdate.h:298 [inline]
 rcu_read_lock include/linux/rcupdate.h:750 [inline]
 page_ext_get+0x3d/0x2a0 mm/page_ext.c:508
 page_table_check_clear+0x59/0x730 mm/page_table_check.c:72
 zap_pte_range mm/memory.c:1452 [inline]
 zap_pmd_range mm/memory.c:1597 [inline]
 zap_pud_range mm/memory.c:1626 [inline]
 zap_p4d_range mm/memory.c:1647 [inline]
 unmap_page_range+0x1f7a/0x3610 mm/memory.c:1668
 unmap_vmas+0x3cc/0x5f0 mm/memory.c:1758
 exit_mmap+0x2c6/0xd40 mm/mmap.c:3287
 __mmput+0x115/0x3c0 kernel/fork.c:1345
 exit_mm+0x220/0x310 kernel/exit.c:569
 do_exit+0x99e/0x27e0 kernel/exit.c:865
 do_group_exit+0x207/0x2c0 kernel/exit.c:1027
 __do_sys_exit_group kernel/exit.c:1038 [inline]
 __se_sys_exit_group kernel/exit.c:1036 [inline]
 __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1036
 do_syscall_64+0xfb/0x240
 entry_SYSCALL_64_after_hwframe+0x6d/0x75
RIP: 0033:0x7f7aa967dda9
Code: Unable to access opcode bytes at 0x7f7aa967dd7f.
RSP: 002b:00007ffdf2ba6c08 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f7aa967dda9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000001 R08: 0000000000001164 R09: 0000000000000000
R10: 0000001b2d820000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
 </TASK>
----------------
Code disassembly (best guess), 1 bytes skipped:
   0:	09 00                	or     %eax,(%rax)
   2:	84 c0                	test   %al,%al
   4:	0f 84 c2 02 00 00    	je     0x2cc
   a:	48 c7 c0 9c e1 86 8f 	mov    $0xffffffff8f86e19c,%rax
  11:	48 c1 e8 03          	shr    $0x3,%rax
  15:	42 0f b6 04 28       	movzbl (%rax,%r13,1),%eax
  1a:	84 c0                	test   %al,%al
  1c:	0f 85 ea 02 00 00    	jne    0x30c
  22:	83 3d 32 47 15 0e 00 	cmpl   $0x0,0xe154732(%rip)        # 0xe15475b
* 29:	0f 84 42 01 00 00    	je     0x171 <-- trapping instruction
  2f:	65 8b 05 49 f0 90 7e 	mov    %gs:0x7e90f049(%rip),%eax        # 0x7e90f07f
  36:	85 c0                	test   %eax,%eax
  38:	0f 85 8f 01 00 00    	jne    0x1cd
  3e:	65                   	gs