Warning: Permanently added '10.128.1.168' (ECDSA) to the list of known hosts.
2023/01/28 17:52:43 ignoring optional flag "sandboxArg"="0"
2023/01/28 17:52:43 parsed 1 programs
2023/01/28 17:52:43 executed programs: 0
[   72.209829][   T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   72.218336][   T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   72.226655][   T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   72.234767][   T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   72.242450][   T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   72.251077][   T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   72.342629][ T5525] chnl_net:caif_netlink_parms(): no params data found
[   72.380821][ T5525] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.388004][ T5525] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.396158][ T5525] device bridge_slave_0 entered promiscuous mode
[   72.404327][ T5525] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.411457][ T5525] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.419343][ T5525] device bridge_slave_1 entered promiscuous mode
[   72.438743][ T5525] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.449444][ T5525] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.471843][ T5525] team0: Port device team_slave_0 added
[   72.479001][ T5525] team0: Port device team_slave_1 added
[   72.496552][ T5525] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.503549][ T5525] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.529799][ T5525] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.542639][ T5525] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.549741][ T5525] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.576746][ T5525] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.604315][ T5525] device hsr_slave_0 entered promiscuous mode
[   72.610931][ T5525] device hsr_slave_1 entered promiscuous mode
[   73.239632][ T5525] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   73.250443][ T5525] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   73.261021][ T5525] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   73.271034][ T5525] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   73.293998][ T5525] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.301147][ T5525] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.308544][ T5525] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.315635][ T5525] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.378302][ T5525] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.396174][ T5525] 8021q: adding VLAN 0 to HW filter on device team0
[   73.403050][ T5076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   73.413657][ T5076] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.423005][ T5076] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.432967][ T5076] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   73.453633][ T5077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   73.462610][ T5077] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   73.471460][ T5077] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.478657][ T5077] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.487749][ T5077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   73.496804][ T5077] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   73.506934][ T5077] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.514027][ T5077] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.523212][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   73.546313][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   73.555482][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   73.565028][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   73.573493][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   73.582611][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   73.593350][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   73.602166][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   73.616679][ T5525] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   73.628455][ T5525] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   73.637159][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   73.646213][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   73.655231][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   73.830049][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   73.838169][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   73.852027][ T5525] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.872765][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   73.883807][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   73.908214][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   73.917298][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   73.927394][ T5525] device veth0_vlan entered promiscuous mode
[   73.935992][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   73.944164][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   73.958200][ T5525] device veth1_vlan entered promiscuous mode
[   73.983885][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   73.993847][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   74.002387][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   74.013494][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   74.025040][ T5525] device veth0_macvtap entered promiscuous mode
[   74.034107][ T5525] device veth1_macvtap entered promiscuous mode
[   74.071831][ T5525] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.079730][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   74.090042][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   74.098526][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   74.108591][ T5065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   74.120946][ T5525] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.131272][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   74.141349][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   74.153653][ T5525] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.164712][ T5525] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.173508][ T5525] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.185107][ T5525] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.252535][ T1023] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.266596][ T1023] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.275684][   T48] Bluetooth: hci0: command 0x0409 tx timeout
[   74.300975][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   74.311647][ T1023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.321585][ T1023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.333285][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   74.383517][ T5597] netlink: 244 bytes leftover after parsing attributes in process `syz-executor.0'.
[   74.401526][ T5597] dccp_xmit_packet: Payload too large (65475) for featneg.
[   74.514140][ T5603] dccp_xmit_packet: Payload too large (65475) for featneg.
[   74.566718][ T5606] dccp_xmit_packet: Payload too large (65475) for featneg.
[   74.621008][ T5609] dccp_xmit_packet: Payload too large (65475) for featneg.
[   74.699315][ T5614] dccp_xmit_packet: Payload too large (65475) for featneg.
[   74.766609][ T5619] dccp_xmit_packet: Payload too large (65475) for featneg.
[   74.825444][ T5623] dccp_xmit_packet: Payload too large (65475) for featneg.
[   74.873708][ T5626] dccp_xmit_packet: Payload too large (65475) for featneg.
[   74.931990][ T5629] dccp_xmit_packet: Payload too large (65475) for featneg.
[   75.006882][ T5633] dccp_xmit_packet: Payload too large (65475) for featneg.
[   76.344858][   T48] Bluetooth: hci0: command 0x041b tx timeout
[   76.436248][  T901] cfg80211: failed to load regulatory.db
[   76.791771][    C1] Negotiation of local Allow Short Seqnos failed in state CHANGING at net/dccp/feat.c:1537/dccp_feat_activate_values()
[   76.930983][    C0] Negotiation of local Allow Short Seqnos failed in state CHANGING at net/dccp/feat.c:1537/dccp_feat_activate_values()
[   76.982625][    C1] Negotiation of local Allow Short Seqnos failed in state CHANGING at net/dccp/feat.c:1537/dccp_feat_activate_values()
[   77.038255][    C1] Negotiation of local Allow Short Seqnos failed in state CHANGING at net/dccp/feat.c:1537/dccp_feat_activate_values()
2023/01/28 17:52:48 executed programs: 36
[   78.424605][   T48] Bluetooth: hci0: command 0x040f tx timeout
[   79.448155][ T5923] net_ratelimit: 57 callbacks suppressed
[   79.448165][ T5923] dccp_xmit_packet: Payload too large (65475) for featneg.
[   79.517935][ T5928] dccp_xmit_packet: Payload too large (65475) for featneg.
[   79.568237][ T5931] dccp_xmit_packet: Payload too large (65475) for featneg.
[   79.676379][ T5939] dccp_xmit_packet: Payload too large (65475) for featneg.
[   79.729828][ T5943] dccp_xmit_packet: Payload too large (65475) for featneg.
[   79.777031][ T5946] dccp_xmit_packet: Payload too large (65475) for featneg.
[   79.837072][ T5949] dccp_xmit_packet: Payload too large (65475) for featneg.
[   79.898941][ T5953] dccp_xmit_packet: Payload too large (65475) for featneg.
[   79.960993][ T5958] dccp_xmit_packet: Payload too large (65475) for featneg.
[   80.009750][ T5961] dccp_xmit_packet: Payload too large (65475) for featneg.
[   80.515680][   T48] Bluetooth: hci0: command 0x0419 tx timeout
[   81.387008][    C1] Negotiation of local Allow Short Seqnos failed in state CHANGING at net/dccp/feat.c:1537/dccp_feat_activate_values()
2023/01/28 17:52:53 executed programs: 137
[   82.765027][    C0] Negotiation of local Allow Short Seqnos failed in state CHANGING at net/dccp/feat.c:1537/dccp_feat_activate_values()
[   83.029832][    C1] Negotiation of local Allow Short Seqnos failed in state CHANGING at net/dccp/feat.c:1537/dccp_feat_activate_values()
[   83.093690][    C1] BUG: stored value of X_recv is zero at net/dccp/ccids/ccid3.c:691/ccid3_first_li()
[   83.103555][    C1] CPU: 1 PID: 6174 Comm: syz-executor.0 Not tainted 6.2.0-rc5-syzkaller #0
[   83.112156][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[   83.122401][    C1] Call Trace:
[   83.125700][    C1]  <IRQ>
[   83.128558][    C1]  dump_stack_lvl+0x163/0x220
[   83.133251][    C1]  ? nf_tcp_handle_invalid+0x4e0/0x4e0
[   83.138721][    C1]  ? panic+0x540/0x540
[   83.142848][    C1]  ? ktime_get+0x11b/0x1f0
[   83.147281][    C1]  ccid3_first_li+0x27b/0x340
[   83.151976][    C1]  tfrc_lh_interval_add+0x4d3/0x6e0
[   83.157186][    C1]  ? ccid3_hc_tx_update_x+0x640/0x640
[   83.162572][    C1]  tfrc_rx_handle_loss+0x65f/0x1760
[   83.167779][    C1]  ? ccid3_hc_tx_update_x+0x640/0x640
[   83.173203][    C1]  ccid3_hc_rx_packet_recv+0x27d/0xe40
[   83.178689][    C1]  dccp_rcv_established+0x14e/0x250
[   83.183910][    C1]  dccp_v4_do_rcv+0xc0/0x190
[   83.188515][    C1]  ? ip_protocol_deliver_rcu+0x66/0xa20
[   83.194193][    C1]  __sk_receive_skb+0x370/0x880
[   83.199247][    C1]  ? ip_protocol_deliver_rcu+0x66/0xa20
[   83.204809][    C1]  ip_protocol_deliver_rcu+0x66/0xa20
[   83.210241][    C1]  ip_local_deliver_finish+0x20d/0x440
[   83.215711][    C1]  ? ip_local_deliver+0xfd/0x170
[   83.220659][    C1]  ? ip_local_deliver_finish+0x440/0x440
[   83.226300][    C1]  __netif_receive_skb+0x1b3/0x4e0
[   83.231421][    C1]  ? read_lock_is_recursive+0x10/0x10
[   83.236803][    C1]  ? __netif_receive_skb_list_core+0x830/0x830
[   83.242990][    C1]  ? lockdep_hardirqs_on_prepare+0x448/0x7b0
[   83.248984][    C1]  ? print_irqtrace_events+0x220/0x220
[   83.254477][    C1]  ? _raw_spin_lock_irq+0xdb/0x110
[   83.259594][    C1]  ? do_raw_spin_unlock+0x134/0x8a0
[   83.264804][    C1]  process_backlog+0x498/0x830
[   83.269619][    C1]  ? trigger_rx_softirq+0x50/0x50
[   83.274650][    C1]  ? lockdep_hardirqs_on_prepare+0x448/0x7b0
[   83.280643][    C1]  ? print_irqtrace_events+0x220/0x220
[   83.286156][    C1]  __napi_poll+0x93/0x390
[   83.290503][    C1]  net_rx_action+0x6a2/0xed0
[   83.295118][    C1]  ? net_tx_action+0x720/0x720
[   83.299901][    C1]  ? rcu_read_lock_sched_held+0x89/0x130
[   83.305644][    C1]  __do_softirq+0x277/0x75b
[   83.310151][    C1]  ? do_softirq+0x161/0x240
[   83.314663][    C1]  ? __lock_text_end+0xa/0xa
[   83.319302][    C1]  do_softirq+0x161/0x240
[   83.323631][    C1]  </IRQ>
[   83.326562][    C1]  <TASK>
[   83.329491][    C1]  ? __local_bh_enable_ip+0x1f0/0x1f0
[   83.334859][    C1]  ? lockdep_hardirqs_on_prepare+0x7b0/0x7b0
[   83.340850][    C1]  ? __local_bh_enable_ip+0x101/0x1f0
[   83.346226][    C1]  ? lockdep_hardirqs_off+0x71/0x100
[   83.351518][    C1]  __local_bh_enable_ip+0x1b0/0x1f0
[   83.356722][    C1]  ? rcu_lock_release+0x10/0x10
[   83.361579][    C1]  ? _local_bh_enable+0xa0/0xa0
[   83.366444][    C1]  ip_finish_output2+0x99a/0xd60
[   83.371395][    C1]  ? ip_fragment+0x1c0/0x1c0
[   83.376509][    C1]  ? skb_dst+0x36/0x70
[   83.380590][    C1]  ? ip_skb_dst_mtu+0x95/0x780
[   83.385362][    C1]  ? __ip_finish_output+0x12a/0x380
[   83.390573][    C1]  __ip_queue_xmit+0xf09/0x1b60
[   83.395446][    C1]  dccp_transmit_skb+0xc47/0x13c0
[   83.400494][    C1]  __dccp_rcv_established+0x205/0x2b0
[   83.405879][    C1]  dccp_rcv_established+0x1ef/0x250
[   83.411094][    C1]  dccp_v4_do_rcv+0xc0/0x190
[   83.415695][    C1]  __release_sock+0x194/0x420
[   83.420375][    C1]  ? dccp_write_xmit+0xeb/0x150
[   83.425243][    C1]  release_sock+0x51/0x170
[   83.429668][    C1]  dccp_sendmsg+0x421/0x730
[   83.434266][    C1]  ? dccp_getsockopt+0xa20/0xa20
[   83.439221][    C1]  ? inet_sendmsg+0x48/0x270
[   83.443832][    C1]  ? inet_send_prepare+0x200/0x200
[   83.448950][    C1]  ____sys_sendmsg+0x487/0x780
[   83.453828][    C1]  ? __might_fault+0xa2/0xf0
[   83.458429][    C1]  ? __sys_sendmsg_sock+0x10/0x10
[   83.463461][    C1]  ? rcu_read_lock_sched_held+0x89/0x130
[   83.469120][    C1]  __sys_sendmmsg+0x32d/0x650
[   83.473816][    C1]  ? __ia32_sys_sendmsg+0x80/0x80
[   83.478844][    C1]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   83.484849][    C1]  ? try_to_wake_up+0x5e9/0xac0
[   83.489730][    C1]  ? do_raw_spin_unlock+0x134/0x8a0
[   83.495025][    C1]  ? wake_up_q+0xae/0xf0
[   83.499279][    C1]  ? futex_wake+0x44b/0x4e0
[   83.503793][    C1]  ? futex_wake_mark+0x110/0x110
[   83.508734][    C1]  ? __local_bh_enable_ip+0x163/0x1f0
[   83.514201][    C1]  ? inet_stream_connect+0x7b/0x90
[   83.519323][    C1]  ? _local_bh_enable+0xa0/0xa0
[   83.524184][    C1]  ? do_raw_spin_unlock+0x134/0x8a0
[   83.529436][    C1]  ? lockdep_hardirqs_on_prepare+0x448/0x7b0
[   83.535461][    C1]  ? syscall_enter_from_user_mode+0x2e/0x1d0
[   83.541454][    C1]  __x64_sys_sendmmsg+0x97/0xb0
[   83.546328][    C1]  do_syscall_64+0x2b/0x70
[   83.550750][    C1]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   83.556650][    C1] RIP: 0033:0x7f645c88c189
[   83.561071][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   83.580681][    C1] RSP: 002b:00007f645d65f168 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   83.589110][    C1] RAX: ffffffffffffffda RBX: 00007f645c9abf80 RCX: 00007f645c88c189
[   83.597091][    C1] RDX: 000000000000ffc3 RSI: 0000000020001e80 RDI: 0000000000000006
[   83.605161][    C1] RBP: 00007f645c8e7b01 R08: 0000000000000000 R09: 0000000000000000
[   83.613190][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   83.621170][    C1] R13: 00007ffc7517b69f R14: 00007f645d65f300 R15: 0000000000022000
[   83.629169][    C1]  </TASK>
[   84.283975][    C1] Negotiation of local Allow Short Seqnos failed in state CHANGING at net/dccp/feat.c:1537/dccp_feat_activate_values()
[   84.460569][ T6253] net_ratelimit: 67 callbacks suppressed
[   84.460580][ T6253] dccp_xmit_packet: Payload too large (65475) for featneg.
[   84.519559][ T6258] dccp_xmit_packet: Payload too large (65475) for featneg.
[   84.589496][ T6262] dccp_xmit_packet: Payload too large (65475) for featneg.
[   84.635157][ T6265] dccp_xmit_packet: Payload too large (65475) for featneg.
[   84.694092][ T6268] dccp_xmit_packet: Payload too large (65475) for featneg.
[   84.756662][ T6272] dccp_xmit_packet: Payload too large (65475) for featneg.
[   84.908576][ T6282] dccp_xmit_packet: Payload too large (65475) for featneg.
[   84.963652][ T6285] dccp_xmit_packet: Payload too large (65475) for featneg.
[   85.020374][ T6290] dccp_xmit_packet: Payload too large (65475) for featneg.
[   85.079948][ T6294] dccp_xmit_packet: Payload too large (65475) for featneg.
[   85.091328][    C0] BUG: stored value of X_recv is zero at net/dccp/ccids/ccid3.c:691/ccid3_first_li()
[   85.100895][    C0] CPU: 0 PID: 6294 Comm: syz-executor.0 Not tainted 6.2.0-rc5-syzkaller #0
[   85.109483][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[   85.119551][    C0] Call Trace:
[   85.122843][    C0]  <IRQ>
[   85.125699][    C0]  dump_stack_lvl+0x163/0x220
[   85.130393][    C0]  ? nf_tcp_handle_invalid+0x4e0/0x4e0
[   85.135863][    C0]  ? panic+0x540/0x540
[   85.139952][    C0]  ? ktime_get+0x11b/0x1f0
[   85.144389][    C0]  ccid3_first_li+0x27b/0x340
[   85.149083][    C0]  tfrc_lh_interval_add+0x4d3/0x6e0
[   85.154290][    C0]  ? ccid3_hc_tx_update_x+0x640/0x640
[   85.159681][    C0]  tfrc_rx_handle_loss+0x65f/0x1760
[   85.164900][    C0]  ? ccid3_hc_tx_update_x+0x640/0x640
[   85.170295][    C0]  ccid3_hc_rx_packet_recv+0x27d/0xe40
[   85.175778][    C0]  dccp_rcv_established+0x14e/0x250
[   85.180996][    C0]  dccp_v4_do_rcv+0xc0/0x190
[   85.185598][    C0]  ? ip_protocol_deliver_rcu+0x66/0xa20
[   85.191149][    C0]  __sk_receive_skb+0x370/0x880
[   85.196005][    C0]  ? ip_protocol_deliver_rcu+0x66/0xa20
[   85.201565][    C0]  ip_protocol_deliver_rcu+0x66/0xa20
[   85.206953][    C0]  ip_local_deliver_finish+0x20d/0x440
[   85.212428][    C0]  ? ip_local_deliver+0xfd/0x170
[   85.217368][    C0]  ? ip_local_deliver_finish+0x440/0x440
[   85.223006][    C0]  __netif_receive_skb+0x1b3/0x4e0
[   85.228124][    C0]  ? read_lock_is_recursive+0x10/0x10
[   85.233501][    C0]  ? __netif_receive_skb_list_core+0x830/0x830
[   85.239660][    C0]  ? lockdep_hardirqs_on_prepare+0x448/0x7b0
[   85.246348][    C0]  ? print_irqtrace_events+0x220/0x220
[   85.251928][    C0]  ? _raw_spin_lock_irq+0xdb/0x110
[   85.257075][    C0]  ? do_raw_spin_unlock+0x134/0x8a0
[   85.262304][    C0]  process_backlog+0x498/0x830
[   85.267102][    C0]  ? trigger_rx_softirq+0x50/0x50
[   85.272156][    C0]  ? lockdep_hardirqs_on_prepare+0x448/0x7b0
[   85.278154][    C0]  ? print_irqtrace_events+0x220/0x220
[   85.283640][    C0]  __napi_poll+0x93/0x390
[   85.287993][    C0]  net_rx_action+0x6a2/0xed0
[   85.292619][    C0]  ? net_tx_action+0x720/0x720
[   85.297487][    C0]  ? rcu_read_lock_sched_held+0x89/0x130
[   85.303156][    C0]  __do_softirq+0x277/0x75b
[   85.307681][    C0]  ? __irq_exit_rcu+0xec/0x170
[   85.312462][    C0]  ? __lock_text_end+0xa/0xa
[   85.317071][    C0]  __irq_exit_rcu+0xec/0x170
[   85.321672][    C0]  ? irq_exit_rcu+0x20/0x20
[   85.326196][    C0]  irq_exit_rcu+0x5/0x20
[   85.330451][    C0]  sysvec_apic_timer_interrupt+0x91/0xb0
[   85.336104][    C0]  </IRQ>
[   85.339053][    C0]  <TASK>
[   85.342000][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[   85.347988][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd4/0x130
[   85.354499][    C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 d2 5d f5 f7 f6 44 24 21 02 75 4e 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> a7 75 84 f7 65 8b 05 28 45 32 76 85 c0 74 3f 48 c7 04 24 0e 36
[   85.374204][    C0] RSP: 0018:ffffc9000a34f740 EFLAGS: 00000206
[   85.380282][    C0] RAX: c4b7c754705c1600 RBX: 1ffff92001469eec RCX: ffffffff81626b3a
[   85.388278][    C0] RDX: dffffc0000000000 RSI: ffffffff8a0d3e00 RDI: 0000000000000001
[   85.396267][    C0] RBP: ffffc9000a34f7d0 R08: dffffc0000000000 R09: fffffbfff1ed6e48
[   85.404253][    C0] R10: fffffbfff1ed6e48 R11: 1ffffffff1ed6e47 R12: dffffc0000000000
[   85.412250][    C0] R13: 1ffff92001469ee8 R14: ffffc9000a34f760 R15: 0000000000000246
[   85.420253][    C0]  ? mark_lock+0x9a/0x350
[   85.424616][    C0]  ? _raw_spin_unlock+0x40/0x40
[   85.429491][    C0]  ? skb_queue_tail+0x2c/0x110
[   85.434275][    C0]  dccp_sendmsg+0x497/0x730
[   85.438811][    C0]  ? dccp_getsockopt+0xa20/0xa20
[   85.443771][    C0]  ? inet_sendmsg+0x48/0x270
[   85.448376][    C0]  ? inet_send_prepare+0x200/0x200
[   85.453494][    C0]  ____sys_sendmsg+0x487/0x780
[   85.458288][    C0]  ? __might_fault+0xa2/0xf0
[   85.462902][    C0]  ? __sys_sendmsg_sock+0x10/0x10
[   85.467945][    C0]  ? rcu_read_lock_sched_held+0x89/0x130
[   85.473624][    C0]  __sys_sendmmsg+0x32d/0x650
[   85.478331][    C0]  ? __ia32_sys_sendmsg+0x80/0x80
[   85.483376][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   85.489295][    C0]  ? try_to_wake_up+0x5e9/0xac0
[   85.494259][    C0]  ? do_raw_spin_unlock+0x134/0x8a0
[   85.499559][    C0]  ? wake_up_q+0xae/0xf0
[   85.504177][    C0]  ? futex_wake+0x44b/0x4e0
[   85.508712][    C0]  ? futex_wake_mark+0x110/0x110
[   85.513666][    C0]  ? __local_bh_enable_ip+0x163/0x1f0
[   85.519226][    C0]  ? inet_stream_connect+0x7b/0x90
[   85.524348][    C0]  ? _local_bh_enable+0xa0/0xa0
[   85.529212][    C0]  ? do_raw_spin_unlock+0x134/0x8a0
[   85.534461][    C0]  ? lockdep_hardirqs_on_prepare+0x448/0x7b0
[   85.540462][    C0]  ? syscall_enter_from_user_mode+0x2e/0x1d0
[   85.546453][    C0]  __x64_sys_sendmmsg+0x97/0xb0
[   85.551327][    C0]  do_syscall_64+0x2b/0x70
[   85.555753][    C0]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   85.561737][    C0] RIP: 0033:0x7f645c88c189
[   85.566204][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   85.585832][    C0] RSP: 002b:00007f645d65f168 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   85.594261][    C0] RAX: ffffffffffffffda RBX: 00007f645c9abf80 RCX: 00007f645c88c189
[   85.602243][    C0] RDX: 000000000000ffc3 RSI: 0000000020001e80 RDI: 0000000000000006
[   85.610220][    C0] RBP: 00007f645c8e7b01 R08: 0000000000000000 R09: 0000000000000000
[   85.618468][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.626449][    C0] R13: 00007ffc7517b69f R14: 00007f645d65f300 R15: 0000000000022000
[   85.634452][    C0]  </TASK>
[   86.374908][    C0] Negotiation of local Allow Short Seqnos failed in state CHANGING at net/dccp/feat.c:1537/dccp_feat_activate_values()
[   87.088659][    C1] Negotiation of local Allow Short Seqnos failed in state CHANGING at net/dccp/feat.c:1537/dccp_feat_activate_values()
2023/01/28 17:52:58 executed programs: 217
[   89.834850][ T6597] net_ratelimit: 51 callbacks suppressed
[   89.834860][ T6597] dccp_xmit_packet: Payload too large (65475) for featneg.
[   89.937916][ T6604] dccp_xmit_packet: Payload too large (65475) for featneg.
[   89.986413][ T6608] dccp_xmit_packet: Payload too large (65475) for featneg.
[   90.053058][ T6611] dccp_xmit_packet: Payload too large (65475) for featneg.
[   90.100482][ T6614] dccp_xmit_packet: Payload too large (65475) for featneg.
[   90.175293][ T6619] dccp_xmit_packet: Payload too large (65475) for featneg.
[   90.242369][ T6623] dccp_xmit_packet: Payload too large (65475) for featneg.
[   90.293601][ T6626] dccp_xmit_packet: Payload too large (65475) for featneg.
[   90.346309][ T6629] dccp_xmit_packet: Payload too large (65475) for featneg.
[   90.457508][ T6639] dccp_xmit_packet: Payload too large (65475) for featneg.
2023/01/28 17:53:03 executed programs: 301
[   93.575711][    C0] BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:417/tfrc_rx_hist_sample_rtt()
[   93.589825][    C0] CPU: 0 PID: 5525 Comm: syz-executor.0 Not tainted 6.2.0-rc5-syzkaller #0
[   93.598402][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[   93.608461][    C0] Call Trace:
[   93.611734][    C0]  <IRQ>
[   93.614563][    C0]  dump_stack_lvl+0x163/0x220
[   93.619224][    C0]  ? nf_tcp_handle_invalid+0x4e0/0x4e0
[   93.624660][    C0]  ? panic+0x540/0x540
[   93.628727][    C0]  ? ccid3_hc_tx_update_x+0x640/0x640
[   93.634164][    C0]  tfrc_rx_hist_sample_rtt+0x2ce/0x3e0
[   93.639621][    C0]  ccid3_hc_rx_packet_recv+0x556/0xe40
[   93.645084][    C0]  dccp_rcv_established+0x14e/0x250
[   93.650287][    C0]  dccp_v4_do_rcv+0xc0/0x190
[   93.654887][    C0]  ? ip_protocol_deliver_rcu+0x66/0xa20
[   93.660408][    C0]  __sk_receive_skb+0x370/0x880
[   93.665248][    C0]  ? ip_protocol_deliver_rcu+0x66/0xa20
[   93.670881][    C0]  ip_protocol_deliver_rcu+0x66/0xa20
[   93.676251][    C0]  ip_local_deliver_finish+0x20d/0x440
[   93.681704][    C0]  ? ip_local_deliver+0xfd/0x170
[   93.686623][    C0]  ? ip_local_deliver_finish+0x440/0x440
[   93.692246][    C0]  __netif_receive_skb+0x1b3/0x4e0
[   93.697338][    C0]  ? read_lock_is_recursive+0x10/0x10
[   93.702695][    C0]  ? __netif_receive_skb_list_core+0x830/0x830
[   93.708828][    C0]  ? lockdep_hardirqs_on_prepare+0x448/0x7b0
[   93.714807][    C0]  ? print_irqtrace_events+0x220/0x220
[   93.720241][    C0]  ? _raw_spin_lock_irq+0xdb/0x110
[   93.725336][    C0]  ? do_raw_spin_unlock+0x134/0x8a0
[   93.730538][    C0]  process_backlog+0x498/0x830
[   93.735299][    C0]  ? trigger_rx_softirq+0x50/0x50
[   93.740394][    C0]  ? lockdep_hardirqs_on_prepare+0x448/0x7b0
[   93.746356][    C0]  ? print_irqtrace_events+0x220/0x220
[   93.751795][    C0]  __napi_poll+0x93/0x390
[   93.756136][    C0]  net_rx_action+0x6a2/0xed0
[   93.760724][    C0]  ? net_tx_action+0x720/0x720
[   93.765478][    C0]  ? rcu_read_lock_sched_held+0x89/0x130
[   93.771190][    C0]  __do_softirq+0x277/0x75b
[   93.775680][    C0]  ? __irq_exit_rcu+0xec/0x170
[   93.780440][    C0]  ? __lock_text_end+0xa/0xa
[   93.785015][    C0]  __irq_exit_rcu+0xec/0x170
[   93.789584][    C0]  ? irq_exit_rcu+0x20/0x20
[   93.794088][    C0]  irq_exit_rcu+0x5/0x20
[   93.798608][    C0]  sysvec_apic_timer_interrupt+0x91/0xb0
[   93.804242][    C0]  </IRQ>
[   93.807159][    C0]  <TASK>
[   93.810078][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[   93.816039][    C0] RIP: 0010:finish_lock_switch+0x90/0x100
[   93.821740][    C0] Code: 45 31 c9 68 f6 13 58 81 e8 8d ec 09 00 48 83 c4 08 4c 89 ff e8 b1 b8 fe ff 66 90 4c 89 ff e8 57 3d 79 08 e8 52 44 2c 00 fb 5b <41> 5c 41 5d 41 5e 41 5f c3 44 89 f1 80 e1 07 80 c1 03 38 c1 7c 87
[   93.841506][    C0] RSP: 0018:ffffc90004997a58 EFLAGS: 00000282
[   93.847559][    C0] RAX: 2817b11229d7eb00 RBX: ffff888024811d34 RCX: ffffffff90eaf003
[   93.855683][    C0] RDX: dffffc0000000000 RSI: ffffffff8a0d3e00 RDI: ffffffff8a6a2600
[   93.863634][    C0] RBP: ffffc90004997ad0 R08: dffffc0000000000 R09: ffffed1017347429
[   93.871597][    C0] R10: ffffed1017347429 R11: 1ffff11017347428 R12: dffffc0000000000
[   93.879550][    C0] R13: 1ffff110173475d3 R14: ffff8880b9a3ae98 R15: ffff8880b9a3a140
[   93.887522][    C0]  finish_task_switch+0x140/0x5e0
[   93.892627][    C0]  ? __switch_to_asm+0x34/0x60
[   93.897393][    C0]  __schedule+0x9d9/0xe40
[   93.901715][    C0]  ? release_firmware_map_entry+0x150/0x150
[   93.907586][    C0]  ? do_raw_spin_unlock+0x134/0x8a0
[   93.913319][    C0]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[   93.919209][    C0]  ? lockdep_hardirqs_on+0x95/0x140
[   93.924496][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   93.930404][    C0]  ? _raw_spin_unlock+0x40/0x40
[   93.935250][    C0]  schedule+0xcb/0x190
[   93.939337][    C0]  do_nanosleep+0x18d/0x4c0
[   93.943826][    C0]  ? usleep_range_state+0x180/0x180
[   93.949025][    C0]  ? memset+0x1f/0x40
[   93.953001][    C0]  ? __hrtimer_init+0x36/0x220
[   93.957756][    C0]  hrtimer_nanosleep+0x1cc/0x3d0
[   93.962701][    C0]  ? nanosleep_copyout+0xc0/0xc0
[   93.967652][    C0]  ? trace_hrtimer_expire_exit+0x210/0x210
[   93.973467][    C0]  ? timespec64_add_safe+0x1c0/0x1c0
[   93.978763][    C0]  __x64_sys_clock_nanosleep+0x2cf/0x350
[   93.984386][    C0]  ? __ia32_sys_clock_getres_time32+0x1c0/0x1c0
[   93.990628][    C0]  ? syscall_enter_from_user_mode+0x2e/0x1d0
[   93.996601][    C0]  ? syscall_enter_from_user_mode+0x2e/0x1d0
[   94.002560][    C0]  do_syscall_64+0x2b/0x70
[   94.006956][    C0]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   94.012826][    C0] RIP: 0033:0x7f645c8b0eb1