======================================
| [  557.232648][ T9374] eth1: renamed from tmp
| [  566.515216][ T9509] eth1: renamed from tmp
| [  571.791964][ T9557] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000021: 0000 [#1] SMP KASAN
| [  571.792248][ T9557] KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f]
[  571.792575][ T9557] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[  571.792701][ T9557] RIP: 0010:ip6_rt_pcpu_alloc (./include/net/net_namespace.h:414 (discriminator 10) ./include/linux/netdevice.h:2738 (discriminator 10) net/ipv6/route.c:1418 (discriminator 10))
[  571.792809][ T9557] Code: fe ff 0f b7 ed 49 89 c7 e8 1e a7 3e 00 49 8d 87 08 01 00 00 48 89 c2 48 89 44 24 08 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 de 03 00 00 49 8b 87 08 01 00 00 89 e9 ba ff ff
All code
========
   0:	fe                   	(bad)
   1:	ff 0f                	decl   (%rdi)
   3:	b7 ed                	mov    $0xed,%bh
   5:	49 89 c7             	mov    %rax,%r15
   8:	e8 1e a7 3e 00       	call   0x3ea72b
   d:	49 8d 87 08 01 00 00 	lea    0x108(%r15),%rax
  14:	48 89 c2             	mov    %rax,%rdx
  17:	48 89 44 24 08       	mov    %rax,0x8(%rsp)
  1c:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  23:	fc ff df 
  26:	48 c1 ea 03          	shr    $0x3,%rdx
  2a:*	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)		<-- trapping instruction
  2e:	0f 85 de 03 00 00    	jne    0x412
  34:	49 8b 87 08 01 00 00 	mov    0x108(%r15),%rax
  3b:	89 e9                	mov    %ebp,%ecx
  3d:	ba                   	.byte 0xba
  3e:	ff                   	(bad)
  3f:	ff                   	.byte 0xff

Code starting with the faulting instruction
===========================================
   0:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   4:	0f 85 de 03 00 00    	jne    0x3e8
   a:	49 8b 87 08 01 00 00 	mov    0x108(%r15),%rax
  11:	89 e9                	mov    %ebp,%ecx
  13:	ba                   	.byte 0xba
  14:	ff                   	(bad)
  15:	ff                   	.byte 0xff
[  571.793162][ T9557] RSP: 0018:ffa000000a1668c8 EFLAGS: 00010216
[  571.793287][ T9557] RAX: dffffc0000000000 RBX: ff1100000505ca2c RCX: 0000000000000000
[  571.793440][ T9557] RDX: 0000000000000021 RSI: dffffc0000000000 RDI: 1fe2200000a7e835
[  571.793589][ T9557] RBP: 0000000000000008 R08: ff11000014ad0bd0 R09: ff11000014ad0bd0
[  571.793742][ T9557] R10: 0000000000000002 R11: 0000000000000001 R12: ff1100000505ca00
[  571.793889][ T9557] R13: 1ff400000142cd1b R14: ffa000000a1669e8 R15: 0000000000000000
[  571.794040][ T9557] FS:  00007f33a24e9740(0000) GS:ff110000b670b000(0000) knlGS:0000000000000000
[  571.794219][ T9557] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  571.794344][ T9557] CR2: 00007f1bf66eb730 CR3: 000000000ce14004 CR4: 0000000000771ef0
[  571.794491][ T9557] PKRU: 55555554
[  571.794564][ T9557] Call Trace:
[  571.794637][ T9557]  <TASK>
[  571.794689][ T9557]  ? trace_fib6_table_lookup (./include/trace/events/fib6.h:13 (discriminator 33))
[  571.794791][ T9557]  ? ip6_rt_cache_alloc.isra.0 (net/ipv6/route.c:1407)
[  571.794914][ T9557]  ? __rt6_find_exception_rcu.constprop.0 (net/ipv6/route.c:1601 (discriminator 2))
[  571.795034][ T9557]  ip6_pol_route (net/ipv6/route.c:1467 net/ipv6/route.c:2305)
[  571.795140][ T9557]  ? ip6_pol_route_lookup (net/ipv6/route.c:2254)
[  571.795241][ T9557]  ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536)
[  571.795348][ T9557]  ? ip6_pol_route_input (net/ipv6/route.c:2650)
[  571.795446][ T9557]  __fib6_rule_action (net/ipv6/fib6_rules.c:239)
[  571.795546][ T9557]  fib_rules_lookup (net/core/fib_rules.c:339)
[  571.795645][ T9557]  ? fib_nl_dumprule (net/core/fib_rules.c:315)
[  571.795742][ T9557]  ? l3mdev_update_flow (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) net/l3mdev/l3mdev.c:301 (discriminator 1))
[  571.795842][ T9557]  ? ip6_pol_route_input (net/ipv6/route.c:2650)
[  571.795941][ T9557]  fib6_rule_lookup (net/ipv6/fib6_rules.c:115)
[  571.796039][ T9557]  ? fib6_lookup (net/ipv6/fib6_rules.c:99)
[  571.796141][ T9557]  ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1))
[  571.796236][ T9557]  ? ip6_pol_route_input (net/ipv6/route.c:2650)
[  571.796341][ T9557]  ? lockdep_hardirqs_on_prepare.part.0 (kernel/locking/lockdep.c:470 (discriminator 6) kernel/locking/lockdep.c:4411 (discriminator 6))
[  571.796465][ T9557]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1))
[  571.796563][ T9557]  ? _raw_spin_unlock_irqrestore (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:109 ./arch/x86/include/asm/irqflags.h:151 ./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194)
[  571.796686][ T9557]  ? ip6_route_output_flags (./include/linux/rcupdate.h:331 (discriminator 1) ./include/linux/rcupdate.h:867 (discriminator 1) net/ipv6/route.c:2695 (discriminator 1))
[  571.796781][ T9557]  ? lock_acquire (./include/trace/events/lock.h:24 (discriminator 33) kernel/locking/lockdep.c:5831 (discriminator 33))
[  571.796882][ T9557]  ip6_route_output_flags (net/ipv6/route.c:2684 net/ipv6/route.c:2696)
[  571.796978][ T9557]  ip6_dst_lookup_tail.constprop.0 (net/ipv6/ip6_output.c:1169 (discriminator 1))
[  571.797103][ T9557]  ? tcp_wfree (net/ipv4/tcp_output.c:1394)
[  571.797201][ T9557]  ip6_dst_lookup_flow (net/ipv6/ip6_output.c:1273)
[  571.797300][ T9557]  ? ip6_dst_lookup_tail.constprop.0 (net/ipv6/ip6_output.c:1268)
[  571.797429][ T9557]  ? __asan_memset (mm/kasan/shadow.c:84 (discriminator 2))
[  571.797528][ T9557]  ? update_sg_lb_stats.isra.0 (kernel/sched/fair.c:10436 (discriminator 2))
[  571.797647][ T9557]  vrf_process_v6_outbound (drivers/net/vrf.c:437 (discriminator 2))
[  571.797743][ T9557]  ? vrf_ip6_local_out (drivers/net/vrf.c:413)
[  571.797842][ T9557]  ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1))
[  571.797940][ T9557]  vrf_xmit (drivers/net/vrf.c:556 drivers/net/vrf.c:568)
[  571.798011][ T9557]  dev_hard_start_xmit (./include/linux/netdevice.h:5272 ./include/linux/netdevice.h:5281 net/core/dev.c:3853 net/core/dev.c:3869)
[  571.798115][ T9557]  __dev_queue_xmit (net/core/dev.h:381 net/core/dev.c:4818)
[  571.798212][ T9557]  ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1))
[  571.798306][ T9557]  ? netdev_core_pick_tx (net/core/dev.c:4725)
[  571.798408][ T9557]  ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870)
[  571.798506][ T9557]  ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536)
[  571.798601][ T9557]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1))
[  571.798700][ T9557]  ? mark_held_locks (kernel/locking/lockdep.c:4325 (discriminator 1))
[  571.798795][ T9557]  ? __asan_memcpy (mm/kasan/shadow.c:105 (discriminator 3))
[  571.798891][ T9557]  ? neigh_hh_output (./include/net/neighbour.h:521)
[  571.798988][ T9557]  ip6_finish_output2 (./include/net/neighbour.h:554 net/ipv6/ip6_output.c:136)
[  571.799091][ T9557]  ? ip6_xmit (net/ipv6/ip6_output.c:61)
[  571.799191][ T9557]  ? find_held_lock (kernel/locking/lockdep.c:5350 (discriminator 1))
[  571.799287][ T9557]  ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536)
[  571.799388][ T9557]  ? ip6_mtu (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) ./include/net/ip6_route.h:343 (discriminator 1) net/ipv6/route.c:3266 (discriminator 1))
[  571.799461][ T9557]  ip6_finish_output (net/ipv6/ip6_output.c:209 net/ipv6/ip6_output.c:220)
[  571.799558][ T9557]  ip6_output (./include/linux/netfilter.h:307 net/ipv6/ip6_output.c:247)
[  571.799634][ T9557]  ? ip6_finish_output (net/ipv6/ip6_output.c:228)
[  571.799729][ T9557]  ? find_held_lock (kernel/locking/lockdep.c:5350 (discriminator 1))
[  571.799824][ T9557]  ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536)
[  571.799919][ T9557]  ? ip6_mtu (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) ./include/net/ip6_route.h:343 (discriminator 1) net/ipv6/route.c:3266 (discriminator 1))
[  571.799993][ T9557]  ip6_xmit (./include/net/dst.h:464 (discriminator 4) ./include/linux/netfilter.h:318 (discriminator 4) ./include/linux/netfilter.h:312 (discriminator 4) net/ipv6/ip6_output.c:371 (discriminator 4))
[  571.800069][ T9557]  ? ip6_dst_lookup (net/ipv6/ip6_output.c:271)
[  571.800171][ T9557]  ? ip6_create_rt_rcu (net/ipv6/route.c:2786)
[  571.800270][ T9557]  ? __print_lock_name (kernel/locking/lockdep.c:718)
[  571.800370][ T9557]  ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1))
[  571.800466][ T9557]  ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870)
[  571.800563][ T9557]  ? inet6_csk_xmit (./include/linux/rcupdate.h:331 (discriminator 1) ./include/linux/rcupdate.h:867 (discriminator 1) net/ipv6/inet6_connection_sock.c:114 (discriminator 1))
[  571.800667][ T9557]  ? find_held_lock (kernel/locking/lockdep.c:5350 (discriminator 1))
[  571.800764][ T9557]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1))
[  571.800858][ T9557]  ? inet6_csk_xmit (./include/linux/rcupdate.h:331 (discriminator 1) ./include/linux/rcupdate.h:867 (discriminator 1) net/ipv6/inet6_connection_sock.c:114 (discriminator 1))
[  571.800955][ T9557]  inet6_csk_xmit (net/ipv6/inet6_connection_sock.c:120 (discriminator 16))
[  571.801051][ T9557]  ? inet6_csk_route_socket (net/ipv6/inet6_connection_sock.c:100)
[  571.801152][ T9557]  ? __asan_memcpy (mm/kasan/shadow.c:105 (discriminator 3))
[  571.801249][ T9557]  __tcp_transmit_skb (net/ipv4/tcp_output.c:1631)
[  571.801356][ T9557]  ? __tcp_select_window (net/ipv4/tcp_output.c:1452)
[  571.801455][ T9557]  ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870)
[  571.801552][ T9557]  tcp_write_xmit (net/ipv4/tcp_output.c:3002 (discriminator 2))
[  571.801648][ T9557]  ? __alloc_skb (./arch/x86/include/asm/atomic.h:28 ./include/linux/atomic/atomic-arch-fallback.h:503 ./include/linux/atomic/atomic-instrumented.h:68 ./include/linux/refcount.h:134 net/core/skbuff.c:714)
[  571.801746][ T9557]  ? tcp_retrans_try_collapse (net/ipv4/tcp_output.c:2906)
[  571.801869][ T9557]  ? skb_do_copy_data_nocache (./include/linux/ucopysize.h:57 (discriminator 1) ./include/linux/uio.h:255 (discriminator 1) ./include/linux/uio.h:263 (discriminator 1) ./include/net/sock.h:2289 (discriminator 1))
[  571.801965][ T9557]  ? trace_tcp_sendmsg_locked (./include/net/sock.h:2282)
[  571.802068][ T9557]  __tcp_push_pending_frames (net/ipv4/tcp_output.c:3185 (discriminator 2))
[  571.802176][ T9557]  tcp_sendmsg_locked (net/ipv4/tcp.c:1375)
[  571.802279][ T9557]  ? tcp_sendmsg_fastopen (net/ipv4/tcp.c:1078)
[  571.802381][ T9557]  ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870)
[  571.802476][ T9557]  ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 (discriminator 5) ./include/linux/atomic/atomic-arch-fallback.h:2170 (discriminator 5) ./include/linux/atomic/atomic-instrumented.h:1302 (discriminator 5) ./include/asm-generic/qspinlock.h:111 (discriminator 5) kernel/locking/spinlock_debug.c:116 (discriminator 5))
[  571.802573][ T9557]  ? find_held_lock (kernel/locking/lockdep.c:5350 (discriminator 1))
[  571.802670][ T9557]  ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536)
[  571.802789][ T9557]  ? mark_held_locks (kernel/locking/lockdep.c:4325 (discriminator 1))
[  571.802901][ T9557]  tcp_sendmsg (net/ipv4/tcp.c:1413)
[  571.802974][ T9557]  sock_write_iter (net/socket.c:721 (discriminator 1) net/socket.c:733 (discriminator 1) net/socket.c:1186 (discriminator 1))
[  571.803093][ T9557]  ? kernel_sock_ip_overhead (net/socket.c:1167)
[  571.803189][ T9557]  ? sock_write_iter (net/socket.c:1145)
[  571.803287][ T9557]  ? ns_to_timespec64 (kernel/time/time.c:905)
[  571.803405][ T9557]  ? ktime_get_ts64 (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:109 ./arch/x86/include/asm/irqflags.h:151 ./include/linux/seqlock.h:74 kernel/time/timekeeping.c:965)
[  571.803504][ T9557]  ? kernel_sock_ip_overhead (net/socket.c:1167)
[  571.803616][ T9557]  new_sync_write (fs/read_write.c:594 (discriminator 1))
[  571.803711][ T9557]  ? new_sync_read (fs/read_write.c:492 (discriminator 1))
[  571.803807][ T9557]  ? poll_select_finish (fs/select.c:343 (discriminator 1))
[  571.803904][ T9557]  ? new_sync_read (fs/read_write.c:584)
[  571.804009][ T9557]  ? generic_atomic_write_valid (fs/read_write.c:482)
[  571.804144][ T9557]  ? do_pselect.constprop.0 (fs/select.c:760 (discriminator 1))
[  571.804243][ T9557]  vfs_write (fs/read_write.c:686)
[  571.804315][ T9557]  ? vfs_read (fs/read_write.c:572)
[  571.804407][ T9557]  ksys_write (fs/read_write.c:739)
[  571.804481][ T9557]  ? __ia32_sys_read (fs/read_write.c:728)
[  571.804577][ T9557]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1))
[  571.804675][ T9557]  do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))
[  571.804773][ T9557]  entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)
[  571.804896][ T9557] RIP: 0033:0x7f33a255ac5e
[  571.805002][ T9557] Code: 4d 89 d8 e8 14 bd 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 <c9> c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa
All code
========
   0:	4d 89 d8             	mov    %r11,%r8
   3:	e8 14 bd 00 00       	call   0xbd1c
   8:	4c 8b 5d f8          	mov    -0x8(%rbp),%r11
   c:	41 8b 93 08 03 00 00 	mov    0x308(%r11),%edx
  13:	59                   	pop    %rcx
  14:	5e                   	pop    %rsi
  15:	48 83 f8 fc          	cmp    $0xfffffffffffffffc,%rax
  19:	74 11                	je     0x2c
  1b:	c9                   	leave
  1c:	c3                   	ret
  1d:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
  24:	48 8b 45 10          	mov    0x10(%rbp),%rax
  28:	0f 05                	syscall
  2a:*	c9                   	leave		<-- trapping instruction
  2b:	c3                   	ret
  2c:	83 e2 39             	and    $0x39,%edx
  2f:	83 fa 08             	cmp    $0x8,%edx
  32:	75 e7                	jne    0x1b
  34:	e8 13 ff ff ff       	call   0xffffffffffffff4c
  39:	0f 1f 00             	nopl   (%rax)
  3c:	f3 0f 1e fa          	endbr64

Code starting with the faulting instruction
===========================================
   0:	c9                   	leave
   1:	c3                   	ret
   2:	83 e2 39             	and    $0x39,%edx
   5:	83 fa 08             	cmp    $0x8,%edx
   8:	75 e7                	jne    0xfffffffffffffff1
   a:	e8 13 ff ff ff       	call   0xffffffffffffff22
   f:	0f 1f 00             	nopl   (%rax)
  12:	f3 0f 1e fa          	endbr64
[  571.805437][ T9557] RSP: 002b:00007fff715adac0 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  571.805585][ T9557] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f33a255ac5e
[  571.805730][ T9557] RDX: 000000000000000c RSI: 0000000000406612 RDI: 0000000000000005
[  571.805928][ T9557] RBP: 00007fff715adad0 R08: 0000000000000000 R09: 0000000000000000
[  571.806097][ T9557] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000020


Finger prints:
ip6_rt_pcpu_alloc:ip6_pol_route:__fib6_rule_action:fib_rules_lookup:fib6_rule_lookup