BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:417/tfrc_rx_hist_sample_rtt()
CPU: 0 UID: 0 PID: 10798 Comm: syz-executor Not tainted 6.12.0-rc2-syzkaller-00501-gd677aebd663d #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120
tfrc_rx_hist_sample_rtt+0x397/0x4b0 net/dccp/ccids/lib/packet_history.c:414
ccid3_hc_rx_packet_recv+0x69d/0xe60 net/dccp/ccids/ccid3.c:760
ccid_hc_rx_packet_recv net/dccp/ccid.h:182 [inline]
dccp_deliver_input_to_ccids net/dccp/input.c:176 [inline]
dccp_rcv_established+0x1bb/0x320 net/dccp/input.c:374
dccp_v4_do_rcv+0xff/0x1f0 net/dccp/ipv4.c:680
sk_backlog_rcv include/net/sock.h:1121 [inline]
__sk_receive_skb+0x82b/0x8b0 net/core/sock.c:568
ip_protocol_deliver_rcu+0x2e9/0x440 net/ipv4/ip_input.c:205
ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233
NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314
NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314
__netif_receive_skb_one_core net/core/dev.c:5668 [inline]
__netif_receive_skb+0x2bf/0x650 net/core/dev.c:5781
process_backlog+0x662/0x15b0 net/core/dev.c:6113
__napi_poll+0xcb/0x490 net/core/dev.c:6777
napi_poll net/core/dev.c:6846 [inline]
net_rx_action+0x89b/0x1240 net/core/dev.c:6968
handle_softirqs+0x2c5/0x980 kernel/softirq.c:554
__do_softirq kernel/softirq.c:588 [inline]
invoke_softirq kernel/softirq.c:428 [inline]
__irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637
irq_exit_rcu+0x9/0x30 kernel/softirq.c:649
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1037 [inline]
sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1037
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:memset_orig+0x72/0xb0 arch/x86/lib/memset_64.S:89
Code: 47 28 48 89 47 30 48 89 47 38 48 8d 7f 40 75 d8 0f 1f 84 00 00 00 00 00 89 d1 83 e1 38 74 14 c1 e9 03 66 0f 1f 44 00 00 ff c9 <48> 89 07 48 8d 7f 08 75 f5 83 e2 07 74 0a ff ca 88 07 48 8d 7f 01
RSP: 0018:ffffc90003c564e8 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffffc90003c565f8 RCX: 0000000000000000
RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc90003c56618
RBP: dffffc0000000000 R08: ffffc90003c5661f R09: 0000000000000000
R10: ffffc90003c56610 R11: fffff5200078acc4 R12: ffffc90003c58000
R13: ffffc90003c565c0 R14: ffffffff823c346d R15: ffffc90003c56610
unwind_next_frame+0xcfb/0x22d0 arch/x86/kernel/unwind_orc.c:592
arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:47 [inline]
kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
poison_kmalloc_redzone mm/kasan/common.c:377 [inline]
__kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394
kasan_kmalloc include/linux/kasan.h:257 [inline]
__do_kmalloc_node mm/slub.c:4264 [inline]
__kmalloc_node_track_caller_noprof+0x225/0x440 mm/slub.c:4283
kstrdup+0x3a/0x80 mm/util.c:64
__kernfs_new_node+0x9d/0x870 fs/kernfs/dir.c:620
kernfs_new_node+0x137/0x240 fs/kernfs/dir.c:700
kernfs_create_dir_ns+0x43/0x120 fs/kernfs/dir.c:1061
sysfs_create_dir_ns+0x189/0x3a0 fs/sysfs/dir.c:59
create_dir lib/kobject.c:73 [inline]
kobject_add_internal+0x435/0x8d0 lib/kobject.c:240
kobject_add_varg lib/kobject.c:374 [inline]
kobject_init_and_add+0x124/0x190 lib/kobject.c:457
netdev_queue_add_kobject net/core/net-sysfs.c:1789 [inline]
netdev_queue_update_kobjects+0x1f5/0x550 net/core/net-sysfs.c:1841
register_queue_kobjects net/core/net-sysfs.c:1903 [inline]
netdev_register_kobject+0x265/0x310 net/core/net-sysfs.c:2143
register_netdevice+0x12c5/0x1b00 net/core/dev.c:10493
veth_newlink+0x853/0xcd0 drivers/net/veth.c:1861
rtnl_newlink_create net/core/rtnetlink.c:3613 [inline]
__rtnl_newlink net/core/rtnetlink.c:3833 [inline]
rtnl_newlink+0x1591/0x20a0 net/core/rtnetlink.c:3846
rtnetlink_rcv_msg+0x73f/0xcf0 net/core/rtnetlink.c:6749
netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357
netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901
sock_sendmsg_nosec net/socket.c:729 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:744
__sys_sendto+0x39b/0x4f0 net/socket.c:2214
__do_sys_sendto net/socket.c:2226 [inline]
__se_sys_sendto net/socket.c:2222 [inline]
__x64_sys_sendto+0xde/0x100 net/socket.c:2222
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f783bd7fe8c
Code: 2a 5a 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5a 02 00 48 8b
RSP: 002b:00007ffd45fe51c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f783ca64620 RCX: 00007f783bd7fe8c
RDX: 000000000000006c RSI: 00007f783ca64670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffd45fe5214 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f783ca64670 R15: 0000000000000000
----------------
Code disassembly (best guess):
0: 47 28 48 89 rex.RXB sub %r9b,-0x77(%r8)
4: 47 30 48 89 rex.RXB xor %r9b,-0x77(%r8)
8: 47 38 48 8d rex.RXB cmp %r9b,-0x73(%r8)
c: 7f 40 jg 0x4e
e: 75 d8 jne 0xffffffe8
10: 0f 1f 84 00 00 00 00 nopl 0x0(%rax,%rax,1)
17: 00
18: 89 d1 mov %edx,%ecx
1a: 83 e1 38 and $0x38,%ecx
1d: 74 14 je 0x33
1f: c1 e9 03 shr $0x3,%ecx
22: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
28: ff c9 dec %ecx
* 2a: 48 89 07 mov %rax,(%rdi) <-- trapping instruction
2d: 48 8d 7f 08 lea 0x8(%rdi),%rdi
31: 75 f5 jne 0x28
33: 83 e2 07 and $0x7,%edx
36: 74 0a je 0x42
38: ff ca dec %edx
3a: 88 07 mov %al,(%rdi)
3c: 48 8d 7f 01 lea 0x1(%rdi),%rdi