[  409.131958][   T49] bridge_slave_1: left allmulticast mode
[  409.137631][   T49] bridge_slave_1: left promiscuous mode
[  409.143445][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.150875][   T49] bridge_slave_0: left allmulticast mode
[  409.156821][   T49] bridge_slave_0: left promiscuous mode
[  409.162750][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.354406][   T49] hsr_slave_0: left promiscuous mode
[  409.360536][   T49] hsr_slave_1: left promiscuous mode
[  409.366493][   T49] veth1_macvtap: left promiscuous mode
[  409.372002][   T49] veth0_macvtap: left promiscuous mode
[  409.377504][   T49] veth1_vlan: left promiscuous mode
[  409.383308][   T49] veth0_vlan: left promiscuous mode
[  409.405130][   T49] team0 (unregistering): Port device team_slave_1 removed
[  409.417333][   T49] team0 (unregistering): Port device team_slave_0 removed
Warning: Permanently added '10.128.1.120' (ED25519) to the list of known hosts.
[  412.945518][T13949] FAULT_INJECTION: forcing a failure.
[  412.945518][T13949] name failslab, interval 1, probability 0, space 0, times 0
[  412.958616][T13949] CPU: 0 PID: 13949 Comm: syz-executor154 Not tainted 6.9.0-rc5-syzkaller #0
[  412.968584][T13949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[  412.978649][T13949] Call Trace:
[  412.982047][T13949]  <TASK>
[  412.984965][T13949]  dump_stack_lvl+0x10e/0x1b0
[  412.989921][T13949]  ? skb_ext_add+0x91/0x270
[  412.994691][T13949]  should_fail_ex+0x13b/0x140
[  412.999539][T13949]  should_failslab+0x9/0x20
[  413.004203][T13949]  kmem_cache_alloc+0x64/0x350
[  413.009225][T13949]  skb_ext_add+0x91/0x270
[  413.013617][T13949]  ? xfrm_lookup_with_ifid+0x9d7/0x1070
[  413.019284][T13949]  ? mptcp_token_get_sock+0x29/0x2b0
[  413.024613][T13949]  subflow_check_req+0x545/0x790
[  413.029572][T13949]  ? inet6_csk_route_req+0xf2/0x1d0
[  413.034796][T13949]  ? inet6_csk_route_req+0x199/0x1d0
[  413.040158][T13949]  subflow_v6_route_req+0xb5/0x200
[  413.045348][T13949]  tcp_conn_request+0x52d/0xf90
[  413.050249][T13949]  ? ip6_pol_route+0x596/0xa10
[  413.055066][T13949]  ? tcp_rcv_state_process+0xdd/0x1590
[  413.060662][T13949]  tcp_rcv_state_process+0x11f/0x1590
[  413.066116][T13949]  ? sk_filter_trim_cap+0xc7/0x350
[  413.071304][T13949]  ? sk_filter_trim_cap+0x25d/0x350
[  413.076486][T13949]  ? tcp_inbound_hash+0x152/0x710
[  413.081549][T13949]  tcp_v6_do_rcv+0x4d6/0x860
[  413.086125][T13949]  ? tcp_v6_rcv+0x10d0/0x15c0
[  413.090887][T13949]  tcp_v6_rcv+0x10de/0x15c0
[  413.095562][T13949]  ? raw6_local_deliver+0x6e/0x570
[  413.100947][T13949]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  413.105793][T13949]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  413.110631][T13949]  ip6_protocol_deliver_rcu+0x3ea/0x850
[  413.116174][T13949]  ? ip6_input_finish+0x56/0xc0
[  413.121097][T13949]  ? ip6_input_finish+0x56/0xc0
[  413.125932][T13949]  ip6_input_finish+0x85/0xc0
[  413.130597][T13949]  ip6_input+0x45/0x140
[  413.135015][T13949]  ? rcu_read_lock_held+0xa/0x40
[  413.139973][T13949]  ipv6_rcv+0x60/0x160
[  413.144022][T13949]  ? __skb_flow_dissect+0xd7/0x3520
[  413.149339][T13949]  ? __pfx_ipv6_rcv+0x10/0x10
[  413.154008][T13949]  __netif_receive_skb+0x84/0x210
[  413.159180][T13949]  ? netif_receive_skb+0x87/0x380
[  413.164247][T13949]  netif_receive_skb+0xb9/0x380
[  413.169191][T13949]  ? tun_rx_batched+0xe1/0x2a0
[  413.174068][T13949]  tun_rx_batched+0x102/0x2a0
[  413.178948][T13949]  ? tun_get_user+0x1442/0x1bf0
[  413.183874][T13949]  tun_get_user+0x15f5/0x1bf0
[  413.188547][T13949]  ? tun_get_user+0x3f5/0x1bf0
[  413.193294][T13949]  ? tun_get+0x1c/0x100
[  413.197572][T13949]  tun_chr_write_iter+0xa4/0x120
[  413.202749][T13949]  vfs_write+0x652/0x7b0
[  413.207001][T13949]  ksys_write+0xc6/0x180
[  413.211533][T13949]  do_syscall_64+0x8f/0x1a0
[  413.216051][T13949]  ? clear_bhb_loop+0x35/0x90
[  413.220870][T13949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.226775][T13949] RIP: 0033:0x7f580c005c90
[  413.231258][T13949] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d 11 e4 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[  413.250886][T13949] RSP: 002b:00007fff859909c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  413.259282][T13949] RAX: ffffffffffffffda RBX: 00007fff859909f0 RCX: 00007f580c005c90
[  413.267258][T13949] RDX: 0000000000000056 RSI: 0000000020000040 RDI: 00000000000000c8
[  413.275217][T13949] RBP: 0000000000000001 R08: 0000000000000001 R09: 00007fff85990767
[  413.283167][T13949] R10: 0000000000000000 R11: 0000000000000202 R12: 00007fff85990a10
[  413.291204][T13949] R13: 0000000000000000 R14: 00007fff85990a10 R15: 00007fff85990a00
[  413.299160][T13949]  </TASK>
[  413.302216][T13949] BUG: kernel NULL pointer dereference, address: 0000000000000019
[  413.310454][T13949] #PF: supervisor read access in kernel mode
[  413.316427][T13949] #PF: error_code(0x0000) - not-present page
[  413.322384][T13949] PGD 80000001159b0067 P4D 80000001159b0067 PUD 1156f9067 PMD 0 
[  413.330103][T13949] Oops: 0000 [#1] PREEMPT SMP PTI
[  413.335282][T13949] CPU: 0 PID: 13949 Comm: syz-executor154 Not tainted 6.9.0-rc5-syzkaller #0
[  413.344371][T13949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[  413.354841][T13949] RIP: 0010:subflow_v6_route_req+0x137/0x200
[  413.361269][T13949] Code: 00 00 e8 bc 55 fd fc e9 d2 00 00 00 e8 b2 55 fd fc e9 c6 00 00 00 e8 a8 55 fd fc 49 8b 86 e8 00 00 00 0f b6 48 07 48 8d 04 c8 <0f> b6 58 19 83 e3 0f 48 89 df 48 c7 c6 90 e2 df 85 e8 03 5b fd fc
[  413.381053][T13949] RSP: 0018:ffffc9000258b780 EFLAGS: 00010246
[  413.387106][T13949] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88817b843700
[  413.395095][T13949] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  413.403061][T13949] RBP: ffff888114c2c200 R08: ffffffff843ea1b7 R09: 0000000000000000
[  413.411194][T13949] R10: 5b5d303631393932 R11: ffffffff82a5f6d0 R12: 00000000ffffffff
[  413.419179][T13949] R13: ffff888113d5b100 R14: ffff888113d5b100 R15: ffff88817b8172c0
[  413.427222][T13949] FS:  000055555d155380(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[  413.436318][T13949] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  413.442986][T13949] CR2: 0000000000000019 CR3: 0000000113ca2000 CR4: 00000000003506f0
[  413.451025][T13949] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  413.459015][T13949] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  413.466986][T13949] Call Trace:
[  413.470256][T13949]  <TASK>
[  413.473176][T13949]  ? __die_body+0x88/0xe0
[  413.477513][T13949]  ? page_fault_oops+0x560/0x630
[  413.482437][T13949]  ? mptcp_token_get_sock+0x29/0x2b0
[  413.487708][T13949]  ? exc_page_fault+0x5af/0x770
[  413.492693][T13949]  ? asm_exc_page_fault+0x26/0x30
[  413.497783][T13949]  ? __pfx_write_msg+0x10/0x10
[  413.502599][T13949]  ? subflow_v6_route_req+0xf7/0x200
[  413.508004][T13949]  ? subflow_v6_route_req+0x137/0x200
[  413.513357][T13949]  tcp_conn_request+0x52d/0xf90
[  413.518183][T13949]  ? ip6_pol_route+0x596/0xa10
[  413.522957][T13949]  ? tcp_rcv_state_process+0xdd/0x1590
[  413.528399][T13949]  tcp_rcv_state_process+0x11f/0x1590
[  413.533758][T13949]  ? sk_filter_trim_cap+0xc7/0x350
[  413.538860][T13949]  ? sk_filter_trim_cap+0x25d/0x350
[  413.544047][T13949]  ? tcp_inbound_hash+0x152/0x710
[  413.549070][T13949]  tcp_v6_do_rcv+0x4d6/0x860
[  413.553645][T13949]  ? tcp_v6_rcv+0x10d0/0x15c0
[  413.558321][T13949]  tcp_v6_rcv+0x10de/0x15c0
[  413.562806][T13949]  ? raw6_local_deliver+0x6e/0x570
[  413.567891][T13949]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  413.572717][T13949]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  413.577548][T13949]  ip6_protocol_deliver_rcu+0x3ea/0x850
[  413.583071][T13949]  ? ip6_input_finish+0x56/0xc0
[  413.587996][T13949]  ? ip6_input_finish+0x56/0xc0
[  413.592853][T13949]  ip6_input_finish+0x85/0xc0
[  413.597863][T13949]  ip6_input+0x45/0x140
[  413.602101][T13949]  ? rcu_read_lock_held+0xa/0x40
[  413.607147][T13949]  ipv6_rcv+0x60/0x160
[  413.611204][T13949]  ? __skb_flow_dissect+0xd7/0x3520
[  413.616486][T13949]  ? __pfx_ipv6_rcv+0x10/0x10
[  413.621147][T13949]  __netif_receive_skb+0x84/0x210
[  413.626334][T13949]  ? netif_receive_skb+0x87/0x380
[  413.631562][T13949]  netif_receive_skb+0xb9/0x380
[  413.636662][T13949]  ? tun_rx_batched+0xe1/0x2a0
[  413.641745][T13949]  tun_rx_batched+0x102/0x2a0
[  413.646484][T13949]  ? tun_get_user+0x1442/0x1bf0
[  413.651836][T13949]  tun_get_user+0x15f5/0x1bf0
[  413.656945][T13949]  ? tun_get_user+0x3f5/0x1bf0
[  413.661886][T13949]  ? tun_get+0x1c/0x100
[  413.666118][T13949]  tun_chr_write_iter+0xa4/0x120
[  413.671060][T13949]  vfs_write+0x652/0x7b0
[  413.675379][T13949]  ksys_write+0xc6/0x180
[  413.679642][T13949]  do_syscall_64+0x8f/0x1a0
[  413.684227][T13949]  ? clear_bhb_loop+0x35/0x90
[  413.689020][T13949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.695078][T13949] RIP: 0033:0x7f580c005c90
[  413.699512][T13949] Code: 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 80 3d 11 e4 07 00 00 74 17 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 48 83 ec 28 48 89
[  413.719118][T13949] RSP: 002b:00007fff859909c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  413.727522][T13949] RAX: ffffffffffffffda RBX: 00007fff859909f0 RCX: 00007f580c005c90
[  413.735490][T13949] RDX: 0000000000000056 RSI: 0000000020000040 RDI: 00000000000000c8
[  413.743454][T13949] RBP: 0000000000000001 R08: 0000000000000001 R09: 00007fff85990767
[  413.752282][T13949] R10: 0000000000000000 R11: 0000000000000202 R12: 00007fff85990a10
[  413.760265][T13949] R13: 0000000000000000 R14: 00007fff85990a10 R15: 00007fff85990a00
[  413.768322][T13949]  </TASK>
[  413.771413][T13949] Modules linked in:
[  413.775369][T13949] CR2: 0000000000000019
[  413.779506][T13949] ---[ end trace 0000000000000000 ]---
[  413.785658][T13949] RIP: 0010:subflow_v6_route_req+0x137/0x200
[  413.791745][T13949] Code: 00 00 e8 bc 55 fd fc e9 d2 00 00 00 e8 b2 55 fd fc e9 c6 00 00 00 e8 a8 55 fd fc 49 8b 86 e8 00 00 00 0f b6 48 07 48 8d 04 c8 <0f> b6 58 19 83 e3 0f 48 89 df 48 c7 c6 90 e2 df 85 e8 03 5b fd fc
[  413.812159][T13949] RSP: 0018:ffffc9000258b780 EFLAGS: 00010246
[  413.818576][T13949] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88817b843700
[  413.826812][T13949] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  413.835207][T13949] RBP: ffff888114c2c200 R08: ffffffff843ea1b7 R09: 0000000000000000
[  413.843520][T13949] R10: 5b5d303631393932 R11: ffffffff82a5f6d0 R12: 00000000ffffffff
[  413.851827][T13949] R13: ffff888113d5b100 R14: ffff888113d5b100 R15: ffff88817b8172c0
[  413.860132][T13949] FS:  000055555d155380(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[  413.869240][T13949] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  413.875894][T13949] CR2: 0000000000000019 CR3: 0000000113ca2000 CR4: 00000000003506f0
[  413.883936][T13949] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  413.892670][T13949] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  413.900839][T13949] Kernel panic - not syncing: Fatal exception in interrupt
[  413.908618][T13949] Kernel Offset: disabled
[  413.913225][T13949] Rebooting in 86400 seconds..