BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:417/tfrc_rx_hist_sample_rtt()
CPU: 1 PID: 10726 Comm: syz-executor.3 Not tainted 6.1.83-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
tfrc_rx_hist_sample_rtt+0x38f/0x4a0 net/dccp/ccids/lib/packet_history.c:414
ccid3_hc_rx_packet_recv+0x6aa/0xf40 net/dccp/ccids/ccid3.c:760
ccid_hc_rx_packet_recv net/dccp/ccid.h:182 [inline]
dccp_deliver_input_to_ccids net/dccp/input.c:176 [inline]
dccp_rcv_established+0x1b3/0x310 net/dccp/input.c:374
dccp_v4_do_rcv+0xfb/0x1e0 net/dccp/ipv4.c:674
sk_backlog_rcv include/net/sock.h:1117 [inline]
__sk_receive_skb+0x41a/0x9d0 net/core/sock.c:568
ip_protocol_deliver_rcu+0x381/0x740 net/ipv4/ip_input.c:205
ip_local_deliver_finish+0x2b4/0x4f0 net/ipv4/ip_input.c:233
NF_HOOK+0x39d/0x450 include/linux/netfilter.h:302
NF_HOOK+0x39d/0x450 include/linux/netfilter.h:302
__netif_receive_skb_one_core net/core/dev.c:5528 [inline]
__netif_receive_skb+0x1c6/0x530 net/core/dev.c:5642
process_backlog+0x381/0x760 net/core/dev.c:5970
__napi_poll+0xc7/0x470 net/core/dev.c:6537
napi_poll net/core/dev.c:6604 [inline]
net_rx_action+0x70f/0xeb0 net/core/dev.c:6718
__do_softirq+0x2e9/0xa4c kernel/softirq.c:571
invoke_softirq kernel/softirq.c:445 [inline]
__irq_exit_rcu+0x155/0x240 kernel/softirq.c:650
irq_exit_rcu+0x5/0x20 kernel/softirq.c:662
sysvec_apic_timer_interrupt+0x91/0xb0 arch/x86/kernel/apic/apic.c:1106
asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:653
RIP: 0010:debug_lockdep_rcu_enabled+0x9/0x30 kernel/rcu/update.c:280
Code: c7 e0 ec eb 8a 48 c7 c6 00 11 ec 8a e8 90 8e c8 f6 0f 0b eb d0 cc cc cc cc cc cc cc cc cc cc cc cc 31 c0 83 3d 67 78 e9 03 00 <74> 1d 83 3d f2 ab e9 03 00 74 14 65 48 8b 0d 84 81 78 75 31 c0 83
RSP: 0000:ffffc90006fdfc78 EFLAGS: 00000202
RAX: 0000000000000000 RBX: ffffffffffffffff RCX: 1ffff92000dfbf10
RDX: dffffc0000000000 RSI: ffffffff8aebffc0 RDI: ffffffff8b3d2b40
RBP: ffffc90006fdfe10 R08: dffffc0000000000 R09: fffffbfff2092e45
R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000dfbfac
R13: ffffc90006fdfd78 R14: dffffc0000000000 R15: 00007f15a860b000
rcu_read_lock include/linux/rcupdate.h:792 [inline]
mt_find+0x2c4/0xc60 lib/maple_tree.c:6532
find_vma+0x136/0x1b0 mm/mmap.c:1887
lock_mm_and_find_vma+0x71/0x2e0 mm/memory.c:5369
do_user_addr_fault arch/x86/mm/fault.c:1343 [inline]
handle_page_fault arch/x86/mm/fault.c:1462 [inline]
exc_page_fault+0x169/0x660 arch/x86/mm/fault.c:1518
asm_exc_page_fault+0x22/0x30 arch/x86/include/asm/idtentry.h:570
RIP: 0033:0x7f15b1e29793
Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
RSP: 002b:00007f15b2c94530 EFLAGS: 00010202
RAX: 000000000000c000 RBX: 00007f15b2c945d0 RCX: 00007f15a85ff000
RDX: 00007f15b2c94770 RSI: 0000000000000000 RDI: 00007f15b2c94670
RBP: 00000000000000a0 R08: 0000000000000005 R09: 0000000000000010
R10: 0000000000000012 R11: 00007f15b2c945d0 R12: 0000000000000001
R13: 00007f15b1eecde0 R14: 0000000000000001 R15: 00007f15b2c94670
----------------
Code disassembly (best guess), 1 bytes skipped:
0: e0 ec loopne 0xffffffee
2: eb 8a jmp 0xffffff8e
4: 48 c7 c6 00 11 ec 8a mov $0xffffffff8aec1100,%rsi
b: e8 90 8e c8 f6 call 0xf6c88ea0
10: 0f 0b ud2
12: eb d0 jmp 0xffffffe4
14: cc int3
15: cc int3
16: cc int3
17: cc int3
18: cc int3
19: cc int3
1a: cc int3
1b: cc int3
1c: cc int3
1d: cc int3
1e: cc int3
1f: cc int3
20: 31 c0 xor %eax,%eax
22: 83 3d 67 78 e9 03 00 cmpl $0x0,0x3e97867(%rip) # 0x3e97890
* 29: 74 1d je 0x48 <-- trapping instruction
2b: 83 3d f2 ab e9 03 00 cmpl $0x0,0x3e9abf2(%rip) # 0x3e9ac24
32: 74 14 je 0x48
34: 65 48 8b 0d 84 81 78 mov %gs:0x75788184(%rip),%rcx # 0x757881c0
3b: 75
3c: 31 c0 xor %eax,%eax
3e: 83 .byte 0x83