./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1324064792

<...>
Warning: Permanently added '10.128.1.165' (ED25519) to the list of known hosts.
execve("./syz-executor1324064792", ["./syz-executor1324064792"], 0x7ffdc9ac1ef0 /* 10 vars */) = 0
brk(NULL)                               = 0x555587ad2000
brk(0x555587ad2d00)                     = 0x555587ad2d00
arch_prctl(ARCH_SET_FS, 0x555587ad2380) = 0
set_tid_address(0x555587ad2650)         = 5093
set_robust_list(0x555587ad2660, 24)     = 0
rseq(0x555587ad2ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1324064792", 4096) = 28
getrandom("\xa2\x30\x2a\x54\x05\xc0\x5a\xd5", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555587ad2d00
brk(0x555587af3d00)                     = 0x555587af3d00
brk(0x555587af4000)                     = 0x555587af4000
mprotect(0x7f420c43a000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587ad2650) = 5094
./strace-static-x86_64: Process 5094 attached
[pid  5094] set_robust_list(0x555587ad2660, 24) = 0
[pid  5094] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5094] setsid()                    = 1
[pid  5094] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5094] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5094] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5094] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5094] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5094] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5094] unshare(CLONE_NEWNS)        = 0
[pid  5094] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5094] unshare(CLONE_NEWIPC)       = 0
[pid  5094] unshare(CLONE_NEWCGROUP)    = 0
[pid  5094] unshare(CLONE_NEWUTS)       = 0
[pid  5094] unshare(CLONE_SYSVSEM)      = 0
[pid  5094] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "16777216", 8)     = 8
[pid  5094] close(3)                    = 0
[pid  5094] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "536870912", 9)    = 9
[pid  5094] close(3)                    = 0
[pid  5094] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "1024", 4)         = 4
[pid  5094] close(3)                    = 0
[pid  5094] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "8192", 4)         = 4
[pid  5094] close(3)                    = 0
[pid  5094] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "1024", 4)         = 4
[pid  5094] close(3)                    = 0
[pid  5094] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "1024", 4)         = 4
[pid  5094] close(3)                    = 0
[pid  5094] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5094] close(3)                    = 0
[pid  5094] getpid()                    = 1
[pid  5094] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5094] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5094] unshare(CLONE_NEWNET)       = 0
[pid  5094] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "0 65535", 7)      = 7
[pid  5094] close(3)                    = 0
[pid  5094] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK) = 3
[pid  5094] dup2(3, 200)                = 200
[pid  5094] close(3)                    = 0
[pid  5094] ioctl(200, TUNSETIFF, 0x7ffff9a73040) = 0
[pid  5094] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "0", 1)            = 1
[pid  5094] close(3)                    = 0
[pid  5094] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid  5094] write(3, "0", 1)            = 1
[pid  5094] close(3)                    = 0
[pid  5094] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid  5094] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5094] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5094] close(4)                    = 0
[pid  5094] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5094] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5094] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5094] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5094] close(4)                    = 0
[pid  5094] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5094] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5094] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5094] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5094] close(4)                    = 0
[pid  5094] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 48
[pid  5094] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5094] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5094] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5094] close(4)                    = 0
[pid  5094] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 60
[pid  5094] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5094] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5094] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5094] close(4)                    = 0
[pid  5094] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
[pid  5094] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5094] close(3)                    = 0
[pid  5094] mkdir("/dev/binderfs", 0777) = 0
[pid  5094] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5094] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5097 attached
, child_tidptr=0x555587ad2650) = 2
[pid  5097] set_robust_list(0x555587ad2660, 24) = 0
[pid  5097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5097] setpgid(0, 0)               = 0
[pid  5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5097] write(3, "1000", 4)         = 4
[pid  5097] close(3)                    = 0
[pid  5097] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  5097] read(200, 0x7ffff9a72bd0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5097] socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 3
[pid  5097] close(3)                    = 0
[pid  5097] socket(AF_INET6, SOCK_STREAM, IPPROTO_MPTCP) = 3
[pid  5097] bind(3, {sa_family=AF_INET6, sin6_port=htons(20002), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "fe80::aa", &sin6_addr), sin6_scope_id=if_nametoindex("wpan0")}, 28) = 0
[pid  5097] listen(3, 4)                = 0
[pid  5097] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid  5097] write(4, "7", 1)            = 1
[   75.901129][ T5097] FAULT_INJECTION: forcing a failure.
[   75.901129][ T5097] name failslab, interval 1, probability 0, space 0, times 1
[   75.913953][ T5097] CPU: 0 PID: 5097 Comm: syz-executor132 Not tainted 6.9.0-rc6-syzkaller-01478-gcdc74c9d06e7 #0
[   75.924375][ T5097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   75.934461][ T5097] Call Trace:
[   75.937770][ T5097]  <TASK>
[   75.940728][ T5097]  dump_stack_lvl+0x241/0x360
[   75.945456][ T5097]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.950677][ T5097]  ? __pfx__printk+0x10/0x10
[   75.955319][ T5097]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   75.965657][ T5097]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   75.972492][ T5097]  should_fail_ex+0x3b0/0x4e0
[   75.977217][ T5097]  ? once_disable_jump+0x52/0x1a0
[   75.982271][ T5097]  should_failslab+0x9/0x20
[   75.986793][ T5097]  kmalloc_trace+0x76/0x360
[   75.991343][ T5097]  once_disable_jump+0x52/0x1a0
[   75.996209][ T5097]  inet6_ehashfn+0x55a/0x5a0
[   76.000822][ T5097]  ? __pfx_init_conntrack+0x10/0x10
[   76.006383][ T5097]  ? __pfx_inet6_ehashfn+0x10/0x10
[   76.011532][ T5097]  __inet6_lookup_established+0xc2/0xdc0
[   76.017199][ T5097]  ? __pfx_nf_conntrack_in+0x10/0x10
[   76.022510][ T5097]  ? __pfx___inet6_lookup_established+0x10/0x10
[   76.028784][ T5097]  tcp_v6_early_demux+0x3fa/0x8f0
[   76.033965][ T5097]  ip6_rcv_finish_core+0x313/0x410
[   76.039125][ T5097]  ip6_rcv_finish+0x144/0x180
[   76.043834][ T5097]  ? __pfx_ip6_rcv_finish+0x10/0x10
[   76.049049][ T5097]  NF_HOOK+0x3a4/0x450
[   76.053130][ T5097]  ? skb_orphan+0x4b/0xd0
[   76.057496][ T5097]  ? NF_HOOK+0x9a/0x450
[   76.061670][ T5097]  ? __pfx_NF_HOOK+0x10/0x10
[   76.066273][ T5097]  ? __pfx_ip6_rcv_finish+0x10/0x10
[   76.071581][ T5097]  ? __pfx_ipv6_rcv+0x10/0x10
[   76.076272][ T5097]  __netif_receive_skb+0x1ea/0x650
[   76.081500][ T5097]  ? __pfx_lock_acquire+0x10/0x10
[   76.086622][ T5097]  ? __kasan_slab_alloc+0x66/0x80
[   76.091747][ T5097]  ? __pfx___netif_receive_skb+0x10/0x10
[   76.097488][ T5097]  ? tun_get_user+0x2084/0x4560
[   76.102355][ T5097]  ? vfs_write+0xa84/0xcb0
[   76.106811][ T5097]  ? ksys_write+0x1a0/0x2c0
[   76.111360][ T5097]  ? tun_rx_batched+0x160/0x8f0
[   76.116234][ T5097]  ? read_tsc+0x9/0x20
[   76.120327][ T5097]  ? netif_receive_skb+0x131/0x890
[   76.125460][ T5097]  ? netif_receive_skb+0x131/0x890
[   76.130593][ T5097]  netif_receive_skb+0x1e8/0x890
[   76.135565][ T5097]  ? tun_rx_batched+0x160/0x8f0
[   76.140432][ T5097]  ? __pfx_netif_receive_skb+0x10/0x10
[   76.145938][ T5097]  ? tun_rx_batched+0x160/0x8f0
[   76.150809][ T5097]  tun_rx_batched+0x1b7/0x8f0
[   76.155509][ T5097]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   76.161857][ T5097]  ? __pfx_lock_acquire+0x10/0x10
[   76.166979][ T5097]  ? __pfx_tun_rx_batched+0x10/0x10
[   76.172223][ T5097]  tun_get_user+0x2f35/0x4560
[   76.176921][ T5097]  ? tun_get_user+0x2a2f/0x4560
[   76.181886][ T5097]  ? __pfx_tun_get_user+0x10/0x10
[   76.186929][ T5097]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   76.192403][ T5097]  ? tun_get+0x1e/0x2f0
[   76.196588][ T5097]  ? tun_get+0x1e/0x2f0
[   76.200771][ T5097]  ? tun_get+0x27d/0x2f0
[   76.205130][ T5097]  tun_chr_write_iter+0x113/0x1f0
[   76.210183][ T5097]  vfs_write+0xa84/0xcb0
[   76.214563][ T5097]  ? __pfx_vfs_write+0x10/0x10
[   76.219448][ T5097]  ? lockdep_hardirqs_on+0x99/0x150
[   76.224842][ T5097]  ? __fdget_pos+0x1a2/0x320
[   76.229461][ T5097]  ksys_write+0x1a0/0x2c0
[   76.233815][ T5097]  ? __pfx_ksys_write+0x10/0x10
[   76.238685][ T5097]  ? do_syscall_64+0x102/0x240
[   76.243474][ T5097]  do_syscall_64+0xf5/0x240
[   76.247997][ T5097]  ? clear_bhb_loop+0x35/0x90
[   76.252695][ T5097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.258600][ T5097] RIP: 0033:0x7f420c3c0c90
[   76.263028][ T5097] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d 11 e4 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[   76.282649][ T5097] RSP: 002b:00007ffff9a72fc8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[   76.291172][ T5097] RAX: ffffffffffffffda RBX: 00007ffff9a72ff0 RCX: 00007f420c3c0c90
[pid  5097] write(200, "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\xff\x00\xf5\x00\x20\x06\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x00\x00\x4e\x22\x44\x43\x42\x41\x44\x43\x42\x41\x80\xc2\x00\x00\xf7\x89\x00\x00\x1e\x0c\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00", 86) = 86
[pid  5097] close(3)                    = 0
[pid  5097] close(4)                    = 0
[pid  5097] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5097] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5097] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5097] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5097] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5097] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(15)                   = -1 EBADF (Bad file descriptor)
[   76.299155][ T5097] RDX: 0000000000000056 RSI: 0000000020000040 RDI: 00000000000000c8
[   76.307135][ T5097] RBP: 0000000000000001 R08: 0000000000000001 R09: 00007ffff9a72d67
[   76.315114][ T5097] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffff9a73010
[   76.323094][ T5097] R13: 0000000000000000 R14: 00007ffff9a73010 R15: 00007ffff9a73000
[   76.331177][ T5097]  </TASK>
[pid  5097] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5097] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5097] exit_group(0)               = ?
[pid  5097] +++ exited with 0 +++
[pid  5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
[pid  5094] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5098 attached
, child_tidptr=0x555587ad2650) = 3
[pid  5098] set_robust_list(0x555587ad2660, 24) = 0
[pid  5098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5098] setpgid(0, 0)               = 0
[pid  5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5098] write(3, "1000", 4)         = 4
[pid  5098] close(3)                    = 0
[pid  5098] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  5098] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  5098] read(200, 0x7ffff9a72bd0, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5098] socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 3
[pid  5098] close(3)                    = 0
[pid  5098] socket(AF_INET6, SOCK_STREAM, IPPROTO_MPTCP) = 3
[pid  5098] bind(3, {sa_family=AF_INET6, sin6_port=htons(20002), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "fe80::aa", &sin6_addr), sin6_scope_id=if_nametoindex("wpan0")}, 28) = 0
[pid  5098] listen(3, 4)                = 0
[pid  5098] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid  5098] write(4, "7", 1)            = 1
[   76.525412][ T5098] FAULT_INJECTION: forcing a failure.
[   76.525412][ T5098] name failslab, interval 1, probability 0, space 0, times 0
[   76.539072][ T5098] CPU: 0 PID: 5098 Comm: syz-executor132 Not tainted 6.9.0-rc6-syzkaller-01478-gcdc74c9d06e7 #0
[   76.550191][ T5098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   76.560294][ T5098] Call Trace:
[   76.563584][ T5098]  <TASK>
[   76.566530][ T5098]  dump_stack_lvl+0x241/0x360
[   76.571267][ T5098]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.576502][ T5098]  ? __pfx__printk+0x10/0x10
[   76.581216][ T5098]  should_fail_ex+0x3b0/0x4e0
[   76.585917][ T5098]  ? skb_ext_add+0x14d/0x910
[   76.590525][ T5098]  should_failslab+0x9/0x20
[   76.595044][ T5098]  kmem_cache_alloc+0x77/0x340
[   76.599851][ T5098]  skb_ext_add+0x14d/0x910
[   76.604396][ T5098]  subflow_check_req+0xbfa/0x1420
[   76.609442][ T5098]  ? __pfx_subflow_check_req+0x10/0x10
[   76.614915][ T5098]  ? ip6_dst_lookup_flow+0x13e/0x180
[   76.620220][ T5098]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[   76.625967][ T5098]  ? __pfx_inet6_csk_route_req+0x10/0x10
[   76.631613][ T5098]  ? tcp_v6_route_req+0x372/0x490
[   76.636664][ T5098]  subflow_v6_route_req+0x1dc/0x490
[   76.641880][ T5098]  tcp_conn_request+0xf07/0x32c0
[   76.646878][ T5098]  ? __pfx_tcp_conn_request+0x10/0x10
[   76.652382][ T5098]  ? subflow_v6_conn_request+0x271/0x3a0
[   76.658059][ T5098]  ? tcp_rcv_state_process+0x20a/0x4500
[   76.663658][ T5098]  tcp_rcv_state_process+0x183c/0x4500
[   76.669154][ T5098]  ? __inet6_lookup_established+0xd28/0xdc0
[   76.675171][ T5098]  ? __pfx_tcp_rcv_state_process+0x10/0x10
[   76.681190][ T5098]  ? sk_filter_trim_cap+0x1b3/0xa80
[   76.686451][ T5098]  ? sk_filter_trim_cap+0x5bf/0xa80
[   76.691767][ T5098]  ? inet6_lookup_listener+0x113/0x2d0
[   76.697335][ T5098]  tcp_v6_do_rcv+0x8b2/0x1310
[   76.702031][ T5098]  ? __asan_memcpy+0x40/0x70
[   76.706642][ T5098]  ? tcp_v6_fill_cb+0x1e2/0x470
[   76.711517][ T5098]  tcp_v6_rcv+0x22b4/0x30b0
[   76.716037][ T5098]  ? __pfx_lock_acquire+0x10/0x10
[   76.721107][ T5098]  ? __pfx_tcp_v6_rcv+0x10/0x10
[   76.726012][ T5098]  ? csum_partial+0x234/0x2c0
[   76.730728][ T5098]  ? __pfx_tcp_v6_rcv+0x10/0x10
[   76.735688][ T5098]  ? __pfx_tcp_v6_rcv+0x10/0x10
[   76.740666][ T5098]  ip6_protocol_deliver_rcu+0xc76/0x1570
[   76.746621][ T5098]  ? ip6_input_finish+0xdb/0x2d0
[   76.752053][ T5098]  ip6_input_finish+0x186/0x2d0
[   76.757220][ T5098]  ? __pfx_ip6_input_finish+0x10/0x10
[   76.762710][ T5098]  NF_HOOK+0x3a4/0x450
[   76.766812][ T5098]  ? NF_HOOK+0x9a/0x450
[   76.771085][ T5098]  ? __pfx_NF_HOOK+0x10/0x10
[   76.775692][ T5098]  ? __pfx_ip6_input_finish+0x10/0x10
[   76.781090][ T5098]  ? __pfx_ip6_rcv_finish+0x10/0x10
[   76.786307][ T5098]  NF_HOOK+0x3a4/0x450
[   76.790391][ T5098]  ? skb_orphan+0x4b/0xd0
[   76.794763][ T5098]  ? NF_HOOK+0x9a/0x450
[   76.798935][ T5098]  ? __pfx_NF_HOOK+0x10/0x10
[   76.803715][ T5098]  ? __pfx_ip6_rcv_finish+0x10/0x10
[   76.808938][ T5098]  ? __pfx_ipv6_rcv+0x10/0x10
[   76.813631][ T5098]  __netif_receive_skb+0x1ea/0x650
[   76.818770][ T5098]  ? __pfx_lock_acquire+0x10/0x10
[   76.823806][ T5098]  ? __kasan_slab_alloc+0x66/0x80
[   76.828935][ T5098]  ? __pfx___netif_receive_skb+0x10/0x10
[   76.834590][ T5098]  ? tun_get_user+0x2084/0x4560
[   76.839475][ T5098]  ? vfs_write+0xa84/0xcb0
[   76.843914][ T5098]  ? ksys_write+0x1a0/0x2c0
[   76.848569][ T5098]  ? tun_rx_batched+0x160/0x8f0
[   76.853462][ T5098]  ? read_tsc+0x9/0x20
[   76.857670][ T5098]  ? netif_receive_skb+0x131/0x890
[   76.862808][ T5098]  ? netif_receive_skb+0x131/0x890
[   76.867943][ T5098]  netif_receive_skb+0x1e8/0x890
[   76.872904][ T5098]  ? tun_rx_batched+0x160/0x8f0
[   76.877775][ T5098]  ? __pfx_netif_receive_skb+0x10/0x10
[   76.883298][ T5098]  ? tun_rx_batched+0x160/0x8f0
[   76.888171][ T5098]  tun_rx_batched+0x1b7/0x8f0
[   76.892893][ T5098]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   76.899763][ T5098]  ? __pfx_lock_acquire+0x10/0x10
[   76.904808][ T5098]  ? __pfx_tun_rx_batched+0x10/0x10
[   76.910052][ T5098]  tun_get_user+0x2f35/0x4560
[   76.914791][ T5098]  ? tun_get_user+0x2a2f/0x4560
[   76.919686][ T5098]  ? __pfx_tun_get_user+0x10/0x10
[   76.924824][ T5098]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   76.930734][ T5098]  ? tun_get+0x1e/0x2f0
[   76.935101][ T5098]  ? tun_get+0x1e/0x2f0
[   76.939292][ T5098]  ? tun_get+0x27d/0x2f0
[   76.943561][ T5098]  tun_chr_write_iter+0x113/0x1f0
[   76.948612][ T5098]  vfs_write+0xa84/0xcb0
[   76.952889][ T5098]  ? __pfx_vfs_write+0x10/0x10
[   76.957687][ T5098]  ? lockdep_hardirqs_on+0x99/0x150
[   76.962929][ T5098]  ? __fdget_pos+0x1a2/0x320
[   76.967722][ T5098]  ksys_write+0x1a0/0x2c0
[   76.972098][ T5098]  ? __pfx_ksys_write+0x10/0x10
[   76.976971][ T5098]  ? do_syscall_64+0x102/0x240
[   76.981861][ T5098]  do_syscall_64+0xf5/0x240
[   76.986402][ T5098]  ? clear_bhb_loop+0x35/0x90
[   76.991215][ T5098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.997124][ T5098] RIP: 0033:0x7f420c3c0c90
[   77.001555][ T5098] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d 11 e4 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[   77.021348][ T5098] RSP: 002b:00007ffff9a72fc8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[   77.029786][ T5098] RAX: ffffffffffffffda RBX: 00007ffff9a72ff0 RCX: 00007f420c3c0c90
[   77.037776][ T5098] RDX: 0000000000000056 RSI: 0000000020000040 RDI: 00000000000000c8
[   77.045776][ T5098] RBP: 0000000000000001 R08: 0000000000000001 R09: 00007ffff9a72d67
[   77.053874][ T5098] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000001281f
[   77.062461][ T5098] R13: 00007ffff9a72fd8 R14: 00007ffff9a73010 R15: 00007ffff9a73000
[   77.070471][ T5098]  </TASK>
[   77.073640][ T5098] general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI
[   77.085738][ T5098] KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]
[   77.094168][ T5098] CPU: 0 PID: 5098 Comm: syz-executor132 Not tainted 6.9.0-rc6-syzkaller-01478-gcdc74c9d06e7 #0
[   77.104587][ T5098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   77.114831][ T5098] RIP: 0010:subflow_v6_route_req+0x2c7/0x490
[   77.120821][ T5098] Code: 8d 7b 07 48 89 f8 48 c1 e8 03 42 0f b6 04 20 84 c0 0f 85 c0 01 00 00 0f b6 43 07 48 8d 1c c3 48 83 c3 18 48 89 d8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 84 01 00 00 0f b6 5b 01 83 e3 0f 48 89
[   77.140441][ T5098] RSP: 0018:ffffc9000362eb68 EFLAGS: 00010206
[   77.146516][ T5098] RAX: 0000000000000003 RBX: 0000000000000018 RCX: ffff888022039e00
[   77.154494][ T5098] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   77.162475][ T5098] RBP: ffff88807d961140 R08: ffffffff8b6cb76b R09: 1ffff1100fb2c230
[   77.170457][ T5098] R10: dffffc0000000000 R11: ffffed100fb2c231 R12: dffffc0000000000
[   77.178434][ T5098] R13: ffff888022bfe273 R14: ffff88802cf9cc80 R15: ffff88802ad5a700
[   77.186417][ T5098] FS:  0000555587ad2380(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[   77.195355][ T5098] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   77.201943][ T5098] CR2: 00007f420c3f9720 CR3: 0000000022bfc000 CR4: 00000000003506f0
[   77.209947][ T5098] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   77.217952][ T5098] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   77.225956][ T5098] Call Trace:
[   77.229254][ T5098]  <TASK>
[   77.232197][ T5098]  ? __die_body+0x88/0xe0
[   77.236542][ T5098]  ? die_addr+0x108/0x140
[   77.240880][ T5098]  ? exc_general_protection+0x3dd/0x5d0
[   77.246453][ T5098]  ? asm_exc_general_protection+0x26/0x30
[   77.252218][ T5098]  ? subflow_v6_route_req+0x24b/0x490
[   77.257616][ T5098]  ? subflow_v6_route_req+0x2c7/0x490
[   77.263002][ T5098]  ? subflow_v6_route_req+0x255/0x490
[   77.268404][ T5098]  tcp_conn_request+0xf07/0x32c0
[   77.273369][ T5098]  ? __pfx_tcp_conn_request+0x10/0x10
[   77.278806][ T5098]  ? subflow_v6_conn_request+0x271/0x3a0
[   77.284450][ T5098]  ? tcp_rcv_state_process+0x20a/0x4500
[   77.290034][ T5098]  tcp_rcv_state_process+0x183c/0x4500
[   77.295505][ T5098]  ? __inet6_lookup_established+0xd28/0xdc0
[   77.301420][ T5098]  ? __pfx_tcp_rcv_state_process+0x10/0x10
[   77.307234][ T5098]  ? sk_filter_trim_cap+0x1b3/0xa80
[   77.312462][ T5098]  ? sk_filter_trim_cap+0x5bf/0xa80
[   77.317673][ T5098]  ? inet6_lookup_listener+0x113/0x2d0
[   77.323146][ T5098]  tcp_v6_do_rcv+0x8b2/0x1310
[   77.327837][ T5098]  ? __asan_memcpy+0x40/0x70
[   77.332458][ T5098]  ? tcp_v6_fill_cb+0x1e2/0x470
[   77.337330][ T5098]  tcp_v6_rcv+0x22b4/0x30b0
[   77.341844][ T5098]  ? __pfx_lock_acquire+0x10/0x10
[   77.346917][ T5098]  ? __pfx_tcp_v6_rcv+0x10/0x10
[   77.351781][ T5098]  ? csum_partial+0x234/0x2c0
[   77.356469][ T5098]  ? __pfx_tcp_v6_rcv+0x10/0x10
[   77.361330][ T5098]  ? __pfx_tcp_v6_rcv+0x10/0x10
[   77.366193][ T5098]  ip6_protocol_deliver_rcu+0xc76/0x1570
[   77.371855][ T5098]  ? ip6_input_finish+0xdb/0x2d0
[   77.376813][ T5098]  ip6_input_finish+0x186/0x2d0
[   77.381678][ T5098]  ? __pfx_ip6_input_finish+0x10/0x10
[   77.387059][ T5098]  NF_HOOK+0x3a4/0x450
[   77.391140][ T5098]  ? NF_HOOK+0x9a/0x450
[   77.395311][ T5098]  ? __pfx_NF_HOOK+0x10/0x10
[   77.399911][ T5098]  ? __pfx_ip6_input_finish+0x10/0x10
[   77.405299][ T5098]  ? __pfx_ip6_rcv_finish+0x10/0x10
[   77.410556][ T5098]  NF_HOOK+0x3a4/0x450
[   77.414638][ T5098]  ? skb_orphan+0x4b/0xd0
[   77.418983][ T5098]  ? NF_HOOK+0x9a/0x450
[   77.423146][ T5098]  ? __pfx_NF_HOOK+0x10/0x10
[   77.427762][ T5098]  ? __pfx_ip6_rcv_finish+0x10/0x10
[   77.432973][ T5098]  ? __pfx_ipv6_rcv+0x10/0x10
[   77.437660][ T5098]  __netif_receive_skb+0x1ea/0x650
[   77.442793][ T5098]  ? __pfx_lock_acquire+0x10/0x10
[   77.447831][ T5098]  ? __kasan_slab_alloc+0x66/0x80
[   77.452864][ T5098]  ? __pfx___netif_receive_skb+0x10/0x10
[   77.458512][ T5098]  ? tun_get_user+0x2084/0x4560
[   77.463378][ T5098]  ? vfs_write+0xa84/0xcb0
[   77.467810][ T5098]  ? ksys_write+0x1a0/0x2c0
[   77.472432][ T5098]  ? tun_rx_batched+0x160/0x8f0
[   77.477310][ T5098]  ? read_tsc+0x9/0x20
[   77.481400][ T5098]  ? netif_receive_skb+0x131/0x890
[   77.486548][ T5098]  ? netif_receive_skb+0x131/0x890
[   77.491692][ T5098]  netif_receive_skb+0x1e8/0x890
[   77.496658][ T5098]  ? tun_rx_batched+0x160/0x8f0
[   77.501548][ T5098]  ? __pfx_netif_receive_skb+0x10/0x10
[   77.507029][ T5098]  ? tun_rx_batched+0x160/0x8f0
[   77.511893][ T5098]  tun_rx_batched+0x1b7/0x8f0
[   77.516585][ T5098]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   77.522945][ T5098]  ? __pfx_lock_acquire+0x10/0x10
[   77.527978][ T5098]  ? __pfx_tun_rx_batched+0x10/0x10
[   77.533534][ T5098]  tun_get_user+0x2f35/0x4560
[   77.538230][ T5098]  ? tun_get_user+0x2a2f/0x4560
[   77.543099][ T5098]  ? __pfx_tun_get_user+0x10/0x10
[   77.548163][ T5098]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   77.553632][ T5098]  ? tun_get+0x1e/0x2f0
[   77.557813][ T5098]  ? tun_get+0x1e/0x2f0
[   77.561983][ T5098]  ? tun_get+0x27d/0x2f0
[   77.566242][ T5098]  tun_chr_write_iter+0x113/0x1f0
[   77.571283][ T5098]  vfs_write+0xa84/0xcb0
[   77.575549][ T5098]  ? __pfx_vfs_write+0x10/0x10
[   77.580338][ T5098]  ? lockdep_hardirqs_on+0x99/0x150
[   77.585552][ T5098]  ? __fdget_pos+0x1a2/0x320
[   77.590160][ T5098]  ksys_write+0x1a0/0x2c0
[   77.594515][ T5098]  ? __pfx_ksys_write+0x10/0x10
[   77.599388][ T5098]  ? do_syscall_64+0x102/0x240
[   77.604171][ T5098]  do_syscall_64+0xf5/0x240
[   77.608719][ T5098]  ? clear_bhb_loop+0x35/0x90
[   77.613409][ T5098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.619312][ T5098] RIP: 0033:0x7f420c3c0c90
[   77.623736][ T5098] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d 11 e4 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[   77.643358][ T5098] RSP: 002b:00007ffff9a72fc8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[   77.651780][ T5098] RAX: ffffffffffffffda RBX: 00007ffff9a72ff0 RCX: 00007f420c3c0c90
[   77.659767][ T5098] RDX: 0000000000000056 RSI: 0000000020000040 RDI: 00000000000000c8
[   77.667749][ T5098] RBP: 0000000000000001 R08: 0000000000000001 R09: 00007ffff9a72d67
[   77.675734][ T5098] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000001281f
[   77.683710][ T5098] R13: 00007ffff9a72fd8 R14: 00007ffff9a73010 R15: 00007ffff9a73000
[   77.691694][ T5098]  </TASK>
[   77.694718][ T5098] Modules linked in:
[   77.698691][ T5098] ---[ end trace 0000000000000000 ]---
[   77.704201][ T5098] RIP: 0010:subflow_v6_route_req+0x2c7/0x490
[   77.710246][ T5098] Code: 8d 7b 07 48 89 f8 48 c1 e8 03 42 0f b6 04 20 84 c0 0f 85 c0 01 00 00 0f b6 43 07 48 8d 1c c3 48 83 c3 18 48 89 d8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 84 01 00 00 0f b6 5b 01 83 e3 0f 48 89
[   77.739129][ T5098] RSP: 0018:ffffc9000362eb68 EFLAGS: 00010206
[   77.747105][ T5098] RAX: 0000000000000003 RBX: 0000000000000018 RCX: ffff888022039e00
[   77.757847][ T5098] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   77.769960][ T5098] RBP: ffff88807d961140 R08: ffffffff8b6cb76b R09: 1ffff1100fb2c230
[   77.779192][ T5098] R10: dffffc0000000000 R11: ffffed100fb2c231 R12: dffffc0000000000
[   77.787266][ T5098] R13: ffff888022bfe273 R14: ffff88802cf9cc80 R15: ffff88802ad5a700
[   77.795942][ T5098] FS:  0000555587ad2380(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[   77.804930][ T5098] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   77.811567][ T5098] CR2: 00007f420c3f9720 CR3: 0000000022bfc000 CR4: 00000000003506f0
[   77.819553][ T5098] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   77.827590][ T5098] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   77.835613][ T5098] Kernel panic - not syncing: Fatal exception in interrupt
[   77.842910][ T5098] Kernel Offset: disabled
[   77.847235][ T5098] Rebooting in 86400 seconds..