------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at net/mptcp/subflow.c:1520 subflow_data_ready+0x4b8/0x7e0
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:subflow_data_ready+0x4b8/0x7e0
Code: 0f 0b 90 90 e9 bc fc ff ff e8 84 b2 60 f6 48 89 df 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d e9 6e 0e 00 00 e8 69 b2 60 f6 90 <0f> 0b 90 e9 e5 fd ff ff 90 0f 0b 90 43 0f b6 04 2f 84 c0 0f 85 a1
RSP: 0018:ffffc90000007160 EFLAGS: 00010246
RAX: ffffffff8b5efb27 RBX: ffff88801af6a700 RCX: ffffffff8de95100
RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: ffff88802f5e3937 R09: 1ffff11005ebc726
R10: dffffc0000000000 R11: ffffed1005ebc727 R12: 0000000000000000
R13: dffffc0000000000 R14: ffff88802f5e3000 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8880b863d000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000000df36000 CR4: 00000000000006f0
Call Trace:
 <IRQ>
 tcp_data_queue+0x54b/0x6450
 tcp_rcv_state_process+0x2396/0x43b0
 tcp_v4_do_rcv+0x3f2/0xce0
 tcp_v4_rcv+0x252a/0x2dc0
 ip_protocol_deliver_rcu+0x221/0x440
 ip_local_deliver_finish+0x3bb/0x6f0
 NF_HOOK+0x30c/0x3a0
 NF_HOOK+0x30c/0x3a0
 __netif_receive_skb+0x143/0x380
 process_backlog+0x60e/0x14f0
 __napi_poll+0xc7/0x360
 net_rx_action+0x707/0xe30
 handle_softirqs+0x286/0x870
 __irq_exit_rcu+0xca/0x1f0
 irq_exit_rcu+0x9/0x30
 sysvec_apic_timer_interrupt+0xa6/0xc0
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:pv_native_safe_halt+0x13/0x20
Code: 53 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d b3 49 15 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffffff8de07d80 EFLAGS: 00000282
RAX: 28ca8ffd35d97b00 RBX: ffffffff819683f8 RCX: 28ca8ffd35d97b00
RDX: 0000000000000001 RSI: ffffffff8d9b06ab RDI: ffffffff8be33f00
RBP: ffffffff8de07eb8 R08: ffff88804b032f9b R09: 1ffff110096065f3
R10: dffffc0000000000 R11: ffffed10096065f4 R12: ffffffff8fa2ee30
R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a20
 default_idle+0x13/0x20
 default_idle_call+0x74/0xb0
 do_idle+0x1e8/0x510
 cpu_startup_entry+0x44/0x60
 rest_init+0x2de/0x300
 start_kernel+0x3a9/0x410
 x86_64_start_reservations+0x24/0x30
 x86_64_start_kernel+0x143/0x1c0
 common_startup_64+0x13e/0x147
 </TASK>
