syzbot

 sign-in | mailing list | source | docs
🐞 Open [1592]
Subsystems
🐞 Fixed [6233]
🐞 Invalid [15779]
Missing Backports [183]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()

Status: upstream: reported C repro on 2022/01/10 16:16
Subsystems: dccp
[Documentation on labels]
Reported-by: syzbot+94641ba6c1d768b1e35e@syzkaller.appspotmail.com
First crash: 1224d, last: 32d
Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval() (log)
Repro: C syz .config
  
Fix bisection: failed (error log)
  
Discussions (15)
Title Replies (including bot) Last reply
[syzbot] Monthly dccp report (Jan 2025) 0 (1) 2025/01/16 10:11
[syzbot] Monthly dccp report (Sep 2024) 0 (1) 2024/09/15 14:39
[syzbot] Monthly dccp report (Aug 2024) 0 (1) 2024/08/15 10:40
[syzbot] Monthly dccp report (Jul 2024) 0 (1) 2024/07/15 11:52
[syzbot] Monthly dccp report (May 2024) 0 (1) 2024/05/14 20:49
[syzbot] Monthly dccp report (Mar 2024) 0 (1) 2024/03/06 09:53
[syzbot] Monthly dccp report (Jan 2024) 0 (1) 2024/01/16 07:56
[syzbot] Monthly dccp report (Dec 2023) 0 (1) 2023/12/08 13:16
[syzbot] Monthly dccp report (Nov 2023) 0 (1) 2023/11/07 04:52
[syzbot] Monthly dccp report (Sep 2023) 0 (1) 2023/09/29 09:08
[syzbot] Monthly dccp report (Aug 2023) 0 (1) 2023/08/29 07:13
[syzbot] Monthly dccp report (Jul 2023) 0 (1) 2023/07/22 14:10
[syzbot] Monthly dccp report (May 2023) 0 (1) 2023/05/13 09:53
[syzbot] Monthly dccp report 0 (1) 2023/04/12 08:35
[syzbot] BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval() 1 (2) 2022/06/07 01:35
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval() origin:upstream C error 1 73d 87d 0/3 upstream: reported C repro on 2025/02/18 06:45
linux-4.14 BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval() C 3 816d 1191d 0/1 upstream: reported C repro on 2022/02/11 04:42
linux-4.19 BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval() C error 14 817d 1210d 0/1 upstream: reported C repro on 2022/01/22 17:14
Last patch testing requests (10)
Created Duration User Patch Repo Result
2025/05/11 17:17 1h51m retest repro upstream OK log
2025/05/11 17:17 24m retest repro upstream OK log
2025/05/11 17:17 32m retest repro upstream OK log
2025/05/11 17:17 37m retest repro upstream OK log
2025/05/11 14:34 18m retest repro upstream OK log
2025/05/11 14:34 18m retest repro upstream OK log
2025/05/11 13:51 17m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci error
2025/05/11 13:43 18m retest repro upstream OK log
2025/05/01 04:41 23m retest repro linux-next error
2025/04/30 14:50 40m retest repro upstream OK log
Fix bisection attempts (7)
Created Duration User Patch Repo Result
2025/05/16 13:50 0m bisect fix net-old error
2023/05/06 16:29 25m bisect fix net-old OK (0) job log log
2023/03/21 14:46 25m bisect fix upstream OK (0) job log log
2023/01/25 17:13 22m bisect fix upstream OK (0) job log log
2022/06/27 22:39 20m bisect fix upstream OK (0) job log log
2022/05/14 14:49 19m bisect fix upstream OK (0) job log log
2022/03/24 10:28 21m bisect fix upstream OK (0) job log log

Sample crash report:
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 0 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 0 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 0 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000000000e RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 0 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 0 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 0 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>
BUG: "hc->tx_t_ipi == 0" holds (exception!) at net/dccp/ccids/ccid3.c:90/ccid3_update_send_interval()
CPU: 1 PID: 5002 Comm: syz-executor245 Not tainted 6.4.0-rc2-next-20230515-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x136/0x150 lib/dump_stack.c:106
 ccid3_update_send_interval net/dccp/ccids/ccid3.c:90 [inline]
 ccid3_update_send_interval+0x187/0x1c0 net/dccp/ccids/ccid3.c:86
 ccid3_hc_tx_update_s net/dccp/ccids/ccid3.c:169 [inline]
 ccid3_hc_tx_packet_sent+0x132/0x190 net/dccp/ccids/ccid3.c:353
 ccid_hc_tx_packet_sent net/dccp/ccid.h:175 [inline]
 dccp_xmit_packet+0x2f2/0x760 net/dccp/output.c:289
 dccp_write_xmit+0x171/0x1d0 net/dccp/output.c:366
 dccp_sendmsg+0xa3b/0xbf0 net/dccp/proto.c:788
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg+0xde/0x190 net/socket.c:747
 ____sys_sendmsg+0x71c/0x900 net/socket.c:2503
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2557
 __sys_sendmsg+0xf7/0x1c0 net/socket.c:2586
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fc35e32beb9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe667c55b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fc35e32beb9
RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004
RBP: 0000000000000000 R08: 00007ffe667c5758 R09: 00007ffe667c5758
R10: 00007ffe667c5758 R11: 0000000000000246 R12: 00007ffe667c55cc
R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
 </TASK>

Crashes (64):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/06/05 18:47 linux-next 715abedee4cd a4ae4f42 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2024/04/01 08:08 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 707081b61156 6baf5069 .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/02/19 07:55 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 bcdf85f8 .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/10/10 02:52 upstream a6afa4199d3d aea5da89 .config strace log report syz C [disk image] [vmlinux] ci-upstream-kasan-gce-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/07/20 09:59 upstream ca85855bdcae 775344bc .config console log report syz C ci-upstream-kasan-gce-selinux-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/10/03 05:43 upstream a962b54e162c feb56351 .config console log report syz C [disk image] [vmlinux] ci-upstream-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/10/03 05:54 net-old ae3ed15da588 feb56351 .config console log report syz C [disk image] [vmlinux] ci-upstream-net-this-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/05/15 08:29 net-next-old d9713088158b 744a39e2 .config console log report syz C ci-upstream-net-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/01/09 11:15 net-next-old 82192cb497f9 2ca0d385 .config console log report syz C ci-upstream-net-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/11/06 04:29 linux-next 0cdb3579f1ee 6d752409 .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/09/18 09:41 upstream a335366bad13 dd9a85ff .config console log report syz ci-upstream-kasan-gce-selinux-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/10/03 05:41 net-next-old bc37b24ee05e feb56351 .config console log report syz [disk image] [vmlinux] ci-upstream-net-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2024/04/01 08:46 upstream 480e035fc4c7 6baf5069 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/09/04 16:34 upstream 708283abf896 8bc9053e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/08/10 18:52 upstream 374a7f47bf40 4df3089c .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/05/19 00:02 upstream 4d6d4c7f541d 3bb7af1d .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/02/19 14:45 upstream 925cf0457d7e bcdf85f8 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/08/22 11:28 upstream e3f259d33c0e 26a13b38 .config strace log report syz C ci-upstream-kasan-gce-smack-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/08/20 20:15 upstream 50cd95ac4654 26a13b38 .config console log report syz C ci-upstream-kasan-gce-smack-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/07/05 13:05 upstream c1084b6c5620 bff65f44 .config strace log report syz C ci-upstream-kasan-gce-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/07/04 10:40 upstream 88084a3df167 1434eec0 .config console log report syz C ci-upstream-kasan-gce-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/05/18 09:44 upstream 210e04ff7681 744a39e2 .config strace log report syz C ci-upstream-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/05/15 07:17 upstream 2fe1020d73ca 744a39e2 .config console log report syz C ci-upstream-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/05/15 06:40 upstream 2fe1020d73ca 744a39e2 .config console log report syz C ci-upstream-kasan-gce-smack-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/01/24 07:32 upstream dd81e1c7d5fb 214351e1 .config console log report syz C ci-upstream-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2025/04/14 09:54 upstream 8ffd015db85f 0bd6db41 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2025/03/11 11:14 upstream 4d872d51bc9d 16256247 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2025/03/11 09:17 upstream 4d872d51bc9d 16256247 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2024/12/07 22:27 upstream 7503345ac5f5 9ac0fdc6 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2024/11/18 07:39 upstream f66d6acccbc0 cfe3a04a .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2024/11/18 07:11 upstream f66d6acccbc0 cfe3a04a .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2024/04/21 00:49 upstream 977b1ef51866 af24b050 .config console log report syz C [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/12/05 12:40 upstream bee0e7762ad2 f819d6f7 .config console log report syz C [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2025/04/01 05:35 upstream 609706855d90 36d76a97 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/01/31 17:27 upstream 22b8077d0fce 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/11/03 18:42 upstream b229b6ca5abb 7a2ebf95 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/09/04 03:41 upstream 42cf58c272ee 28811d0a .config console log report info [disk image] [vmlinux] ci-upstream-kasan-gce-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/05/28 22:39 upstream 9d004b2f4fea a46af346 .config console log report info ci-upstream-kasan-gce-selinux-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/05/15 06:11 upstream 2fe1020d73ca 744a39e2 .config console log report info ci-upstream-kasan-gce-smack-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/04/09 23:26 upstream f1b45d8ccb98 e22c3da3 .config console log report info ci-upstream-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/02/20 03:21 upstream 4f12b742eb2b 3cd800e4 .config console log report info ci-upstream-kasan-gce-smack-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/02/09 03:14 upstream e6251ab4551f 0b33604d .config console log report info ci-upstream-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/01/17 09:41 upstream 79e06c4c4950 723cfaf0 .config console log report info ci-upstream-kasan-gce-selinux-root BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/10/02 16:44 upstream b357fd1c2afc feb56351 .config console log report info ci-upstream-kasan-gce-386 BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/01/15 09:17 upstream 112450df61b7 723cfaf0 .config console log report info ci-upstream-kasan-gce-386 BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2024/04/01 11:04 net f99c5f563c17 6baf5069 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/02/19 08:52 net-old ec35307e18ba bcdf85f8 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/05/18 09:45 net-old 23dd4581350d 744a39e2 .config strace log report syz C ci-upstream-net-this-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/05/15 07:02 net-old 9500acc631db 744a39e2 .config console log report syz ci-upstream-net-this-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/07/21 18:11 net 57f1f9dd3abe 28847498 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/06/23 17:08 net 6f68fc395f49 09ffe269 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/04/06 16:28 net 24e3fce00c0b 08707520 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/10/27 12:09 net-old c5f0a1728874 86777b7f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/08/12 08:32 net-old 7ebfc85e2cd7 402cd70d .config console log report info ci-upstream-net-this-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/04/14 14:47 net-old 00fa91bc9cc2 b17b2923 .config console log report info ci-upstream-net-this-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/01/12 08:05 net-old 29b3881b7977 44d1319a .config console log report info ci-upstream-net-this-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2024/05/04 01:59 net-next 5829614a7b3b 610f2a54 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/02/19 08:53 net-next-old 675f176b4dcc bcdf85f8 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/05/18 10:35 net-next-old 6e144b47f560 744a39e2 .config strace log report syz C ci-upstream-net-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/02/22 09:03 net-next-old 7b779cc8846a 6e821dbf .config console log report info ci-upstream-net-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2022/01/09 05:57 net-next-old 82192cb497f9 2ca0d385 .config console log report info ci-upstream-net-kasan-gce BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2024/04/01 07:37 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 707081b61156 6baf5069 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/09/08 07:50 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci fe4469582053 72324844 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
2023/02/19 07:35 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: "hc->tx_t_ipi == NUM" holds (exception!) at net/dccp/ccids/ccid3.c:LINE/ccid3_update_send_interval()
* Struck through repros no longer work on HEAD.