======================================
| [  542.488536][ T5346] netem: version 1.3
| [  546.703241][    C0] ------------[ cut here ]------------
| [  546.704061][    C0] WARNING: CPU: 0 PID: 0 at ./include/net/sch_generic.h:843 netem_dequeue (./include/net/sch_generic.h:843 ./include/net/sch_generic.h:889 ./include/net/sch_generic.h:901 net/sched/sch_netem.c:712) sch_netem
| [  546.704800][    C0] Modules linked in: sch_netem ipt_REJECT nf_reject_ipv4 nft_compat nf_tables
[  546.706201][    C0] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[  546.706671][    C0] RIP: 0010:netem_dequeue (./include/net/sch_generic.h:843 ./include/net/sch_generic.h:889 ./include/net/sch_generic.h:901 net/sched/sch_netem.c:712) sch_netem
[  546.707185][    C0] Code: 7d 06 48 89 fa 48 c1 ea 03 0f b6 14 02 48 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 89 09 00 00 66 83 7d 06 00 74 04 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 4c 89 d2 48 c1 ea 03 0f b6
All code
========
   0:	7d 06                	jge    0x8
   2:	48 89 fa             	mov    %rdi,%rdx
   5:	48 c1 ea 03          	shr    $0x3,%rdx
   9:	0f b6 14 02          	movzbl (%rdx,%rax,1),%edx
   d:	48 89 f8             	mov    %rdi,%rax
  10:	83 e0 07             	and    $0x7,%eax
  13:	83 c0 01             	add    $0x1,%eax
  16:	38 d0                	cmp    %dl,%al
  18:	7c 08                	jl     0x22
  1a:	84 d2                	test   %dl,%dl
  1c:	0f 85 89 09 00 00    	jne    0x9ab
  22:	66 83 7d 06 00       	cmpw   $0x0,0x6(%rbp)
  27:	74 04                	je     0x2d
  29:	90                   	nop
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	90                   	nop
  2d:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  34:	fc ff df 
  37:	4c 89 d2             	mov    %r10,%rdx
  3a:	48 c1 ea 03          	shr    $0x3,%rdx
  3e:	0f                   	.byte 0xf
  3f:	b6                   	.byte 0xb6

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	90                   	nop
   3:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
   a:	fc ff df 
   d:	4c 89 d2             	mov    %r10,%rdx
  10:	48 c1 ea 03          	shr    $0x3,%rdx
  14:	0f                   	.byte 0xf
  15:	b6                   	.byte 0xb6
[  546.708532][    C0] RSP: 0018:ffffc90000007d10 EFLAGS: 00010202
[  546.709039][    C0] RAX: 0000000000000007 RBX: ffff888011884000 RCX: 0000000000000017
[  546.709603][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff888014120c06
[  546.710136][    C0] RBP: ffff888014120c00 R08: 0000007f716e8e37 R09: 0000000000000001
[  546.710656][    C0] R10: ffff8880109d3588 R11: ffffffffa19a2008 R12: 0000000000000001
[  546.711183][    C0] R13: dffffc0000000000 R14: ffff8880109d3560 R15: ffff8880109d3560
[  546.711702][    C0] FS:  0000000000000000(0000) GS:ffff888095383000(0000) knlGS:0000000000000000
[  546.712664][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  546.713108][    C0] CR2: 0000000014d19008 CR3: 00000000022e8003 CR4: 0000000000772ef0
[  546.713635][    C0] PKRU: 55555554
[  546.713910][    C0] Call Trace:
[  546.714180][    C0]  <IRQ>
[  546.714364][    C0]  ? get_slot_next (net/sched/sch_netem.c:703) sch_netem
[  546.714810][    C0]  ? validate_chain (kernel/locking/lockdep.c:3801 kernel/locking/lockdep.c:3821 kernel/locking/lockdep.c:3876)
[  546.715176][    C0]  dequeue_skb (net/sched/sch_generic.c:297)
[  546.715567][    C0]  __qdisc_run (net/sched/sch_generic.c:403 net/sched/sch_generic.c:420)
[  546.715920][    C0]  ? sch_direct_xmit (net/sched/sch_generic.c:416)
[  546.716275][    C0]  ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116)
[  546.716646][    C0]  ? spin_bug (kernel/locking/spinlock_debug.c:114)
[  546.716911][    C0]  ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5831)
[  546.717260][    C0]  ? net_tx_action (./include/linux/spinlock.h:352 net/core/dev.c:5767)
[  546.717627][    C0]  net_tx_action (./include/net/sch_generic.h:223 ./include/net/pkt_sched.h:121 ./include/net/pkt_sched.h:117 net/core/dev.c:5783)
[  546.717981][    C0]  handle_softirqs (kernel/softirq.c:623)
[  546.718333][    C0]  irq_exit_rcu (kernel/softirq.c:657 kernel/softirq.c:496 kernel/softirq.c:723 kernel/softirq.c:739)
[  546.718688][    C0]  sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1052 arch/x86/kernel/apic/apic.c:1052)
[  546.719065][    C0]  </IRQ>
[  546.719252][    C0]  <TASK>
[  546.719427][    C0]  asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697)
[  546.719883][    C0] RIP: 0010:pv_native_safe_halt (arch/x86/kernel/paravirt.c:82)
[  546.720243][    C0] Code: 48 8b 3d d4 8a 26 02 e8 1f 00 00 00 48 2b 05 08 45 a0 00 c3 0f 1f 80 00 00 00 00 f3 0f 1e fa eb 07 0f 00 2d 33 bc 25 00 fb f4 <c3> 0f 1f 40 d6 41 54 55 53 48 89 fb 48 83 ec 10 8b 17 83 e2 fe 41
All code
========
   0:	48 8b 3d d4 8a 26 02 	mov    0x2268ad4(%rip),%rdi        # 0x2268adb
   7:	e8 1f 00 00 00       	call   0x2b
   c:	48 2b 05 08 45 a0 00 	sub    0xa04508(%rip),%rax        # 0xa0451b
  13:	c3                   	ret
  14:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
  1b:	f3 0f 1e fa          	endbr64
  1f:	eb 07                	jmp    0x28
  21:	0f 00 2d 33 bc 25 00 	verw   0x25bc33(%rip)        # 0x25bc5b
  28:	fb                   	sti
  29:	f4                   	hlt
  2a:*	c3                   	ret		<-- trapping instruction
  2b:	0f 1f 40 d6          	nopl   -0x2a(%rax)
  2f:	41 54                	push   %r12
  31:	55                   	push   %rbp
  32:	53                   	push   %rbx
  33:	48 89 fb             	mov    %rdi,%rbx
  36:	48 83 ec 10          	sub    $0x10,%rsp
  3a:	8b 17                	mov    (%rdi),%edx
  3c:	83 e2 fe             	and    $0xfffffffe,%edx
  3f:	41                   	rex.B

Code starting with the faulting instruction
===========================================
   0:	c3                   	ret
   1:	0f 1f 40 d6          	nopl   -0x2a(%rax)
   5:	41 54                	push   %r12
   7:	55                   	push   %rbp
   8:	53                   	push   %rbx
   9:	48 89 fb             	mov    %rdi,%rbx
   c:	48 83 ec 10          	sub    $0x10,%rsp
  10:	8b 17                	mov    (%rdi),%edx
  12:	83 e2 fe             	and    $0xfffffffe,%edx
  15:	41                   	rex.B
[  546.721527][    C0] RSP: 0018:ffffffff9f807de8 EFLAGS: 00000202
[  546.721993][    C0] RAX: 0000000000bca1ad RBX: 1ffffffff3f00fc1 RCX: ffffffff9ec39225
[  546.722538][    C0] RDX: 0000000000000000 RSI: ffffffff9f5a1299 RDI: ffffffff9f05d640
[  546.723081][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1006c46252
[  546.723610][    C0] R10: ffff888036231293 R11: ffff888036236c18 R12: 0000000000000000
[  546.724140][    C0] R13: ffffffff9f842500 R14: dffffc0000000000 R15: 0000000000014770
[  546.724680][    C0]  ? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:146)
[  546.725127][    C0]  default_idle (./arch/x86/include/asm/paravirt.h:107 arch/x86/kernel/process.c:767)
[  546.725411][    C0]  default_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:123)
[  546.725776][    C0]  cpuidle_idle_call (kernel/sched/idle.c:191)
[  546.726132][    C0]  ? arch_cpu_idle_exit+0x40/0x40
[  546.726486][    C0]  ? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:60)
[  546.726845][    C0]  do_idle (kernel/sched/idle.c:330)
[  546.727111][    C0]  cpu_startup_entry (kernel/sched/idle.c:427 (discriminator 1))
[  546.727482][    C0]  rest_init (./include/linux/rcupdate.h:868 init/main.c:728)
[  546.727741][    C0]  start_kernel (init/main.c:1063 (discriminator 1))
[  546.728094][    C0]  x86_64_start_reservations (arch/x86/kernel/head64.c:298)
[  546.728476][    C0]  x86_64_start_kernel (arch/x86/kernel/head64.c:234 (discriminator 17))
[  546.728839][    C0]  common_startup_64 (arch/x86/kernel/head_64.S:419)
| [ 2978.487108][    C0] ------------[ cut here ]------------
| [ 2978.487632][    C0] WARNING: CPU: 0 PID: 26194 at ./include/net/sch_generic.h:843 tc_run (./include/net/sch_generic.h:843 ./include/net/sch_generic.h:889 ./include/net/sch_generic.h:1366 net/core/dev.c:4370)
| [ 2978.488256][    C0] Modules linked in: act_csum act_pedit cls_fw sch_ingress xt_mark xt_statistic xt_length xt_bpf sch_netem ipt_REJECT nf_reject_ipv4 nft_compat nf_tables
| [ 2978.490554][    C0] Tainted: [W]=WARN
[ 2978.490858][    C0] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 2978.491306][    C0] RIP: 0010:tc_run (./include/net/sch_generic.h:843 ./include/net/sch_generic.h:889 ./include/net/sch_generic.h:1366 net/core/dev.c:4370)
[ 2978.491666][    C0] Code: 89 f8 49 c1 e8 03 45 0f b6 04 30 48 89 fe 83 e6 07 83 c6 01 44 38 c6 7c 09 45 84 c0 0f 85 83 02 00 00 66 83 7a 06 00 74 04 90 <0f> 0b 90 48 ba 00 00 00 00 00 fc ff df 48 8d 7b 28 48 89 fe 48 c1
All code
========
   0:	89 f8                	mov    %edi,%eax
   2:	49 c1 e8 03          	shr    $0x3,%r8
   6:	45 0f b6 04 30       	movzbl (%r8,%rsi,1),%r8d
   b:	48 89 fe             	mov    %rdi,%rsi
   e:	83 e6 07             	and    $0x7,%esi
  11:	83 c6 01             	add    $0x1,%esi
  14:	44 38 c6             	cmp    %r8b,%sil
  17:	7c 09                	jl     0x22
  19:	45 84 c0             	test   %r8b,%r8b
  1c:	0f 85 83 02 00 00    	jne    0x2a5
  22:	66 83 7a 06 00       	cmpw   $0x0,0x6(%rdx)
  27:	74 04                	je     0x2d
  29:	90                   	nop
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	90                   	nop
  2d:	48 ba 00 00 00 00 00 	movabs $0xdffffc0000000000,%rdx
  34:	fc ff df 
  37:	48 8d 7b 28          	lea    0x28(%rbx),%rdi
  3b:	48 89 fe             	mov    %rdi,%rsi
  3e:	48                   	rex.W
  3f:	c1                   	.byte 0xc1

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	90                   	nop
   3:	48 ba 00 00 00 00 00 	movabs $0xdffffc0000000000,%rdx
   a:	fc ff df 
   d:	48 8d 7b 28          	lea    0x28(%rbx),%rdi
  11:	48 89 fe             	mov    %rdi,%rsi
  14:	48                   	rex.W
  15:	c1                   	.byte 0xc1
[ 2978.492898][    C0] RSP: 0018:ffffc900000077f0 EFLAGS: 00010202
[ 2978.493352][    C0] RAX: ffffe8ffffc0bcf0 RBX: ffff888015ffc120 RCX: 0000000000000001
[ 2978.493870][    C0] RDX: ffff888015c94c00 RSI: 0000000000000007 RDI: ffff888015c94c06
[ 2978.494446][    C0] RBP: ffffc900000078a0 R08: 0000000000000000 R09: 0000000000000001
[ 2978.494977][    C0] R10: 0000000000002000 R11: ffffffff9fb98460 R12: ffffc90000007970
[ 2978.495492][    C0] R13: 1ffff92000000f02 R14: ffff888015ffc168 R15: ffff88801574b728
[ 2978.496016][    C0] FS:  00007f75d924bb80(0000) GS:ffff888095383000(0000) knlGS:0000000000000000
[ 2978.496627][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2978.497070][    C0] CR2: 000000001e862008 CR3: 0000000015ae0006 CR4: 0000000000772ef0
[ 2978.497577][    C0] PKRU: 55555554
[ 2978.497838][    C0] Call Trace:
[ 2978.498106][    C0]  <IRQ>
[ 2978.498287][    C0]  ? napi_disable (net/core/dev.c:4349)
[ 2978.498631][    C0]  ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:751)
[ 2978.498992][    C0]  ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5831)
[ 2978.499341][    C0]  ? __dev_queue_xmit (./include/linux/bottom_half.h:20 ./include/linux/rcupdate.h:918 net/core/dev.c:4745)
[ 2978.499686][    C0]  __dev_queue_xmit (net/core/dev.c:4507 net/core/dev.c:4762)
[ 2978.500046][    C0]  ? __lock_acquire (kernel/locking/lockdep.c:5237)
[ 2978.500393][    C0]  ? netdev_core_pick_tx (net/core/dev.c:4728)
[ 2978.500741][    C0]  ? eth_header (net/ethernet/eth.c:100)
[ 2978.501101][    C0]  ? neigh_resolve_output (./include/linux/netdevice.h:3422 net/core/neighbour.c:1589 net/core/neighbour.c:1574)
[ 2978.501448][    C0]  ? __neigh_update (./include/linux/rcupdate.h:331 ./include/linux/rcupdate.h:867 net/core/neighbour.c:1476)
[ 2978.501797][    C0]  __neigh_update (./include/linux/instrumented.h:96 (discriminator 2) ./include/linux/atomic/atomic-instrumented.h:400 (discriminator 2) ./include/linux/refcount.h:389 (discriminator 2) ./include/linux/refcount.h:432 (discriminator 2) ./include/linux/refcount.h:450 (discriminator 2) ./include/net/neighbour.h:458 (discriminator 2) net/core/neighbour.c:1494 (discriminator 2))
[ 2978.502165][    C0]  arp_process (./include/linux/instrumented.h:96 (discriminator 4) ./include/linux/atomic/atomic-instrumented.h:400 (discriminator 4) ./include/linux/refcount.h:389 (discriminator 4) ./include/linux/refcount.h:432 (discriminator 4) ./include/linux/refcount.h:450 (discriminator 4) ./include/net/neighbour.h:458 (discriminator 4) net/ipv4/arp.c:937 (discriminator 4))
[ 2978.502515][    C0]  ? arp_send (net/ipv4/arp.c:702)
[ 2978.502771][    C0]  ? rcu_read_lock_any_held (kernel/rcu/update.c:386 kernel/rcu/update.c:380)
[ 2978.503121][    C0]  ? validate_chain (kernel/locking/lockdep.c:3801 kernel/locking/lockdep.c:3821 kernel/locking/lockdep.c:3876)
[ 2978.503474][    C0]  ? __lock_acquire (kernel/locking/lockdep.c:5237)
[ 2978.503817][    C0]  ? arp_rcv.part.0 (net/ipv4/arp.c:968)
[ 2978.504165][    C0]  ? process_backlog (./include/linux/local_lock_internal.h:57 net/core/dev.c:6601)
[ 2978.504509][    C0]  __netif_receive_skb_one_core (net/core/dev.c:6131)
[ 2978.504957][    C0]  ? __netif_receive_skb_list_core (net/core/dev.c:6131)
[ 2978.505385][    C0]  ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:751)
[ 2978.505733][    C0]  ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5831)
[ 2978.506368][    C0]  ? process_backlog (./include/linux/local_lock_internal.h:57 net/core/dev.c:6601)
[ 2978.506712][    C0]  process_backlog (./include/linux/rcupdate.h:895 net/core/dev.c:6604)
[ 2978.507071][    C0]  __napi_poll.constprop.0 (net/core/dev.c:7668)
[ 2978.507414][    C0]  net_rx_action (net/core/dev.c:7730 net/core/dev.c:7882)
[ 2978.508043][    C0]  ? run_backlog_napi (net/core/dev.c:7844)
[ 2978.508379][    C0]  ? clockevents_program_event (kernel/time/clockevents.c:326)
[ 2978.508716][    C0]  ? lock_downgrade (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:119 ./arch/x86/include/asm/irqflags.h:159 kernel/locking/lockdep.c:5765)
[ 2978.509073][    C0]  ? kvm_clock_get_cycles (./arch/x86/include/asm/preempt.h:95 arch/x86/kernel/kvmclock.c:80 arch/x86/kernel/kvmclock.c:86)
[ 2978.509659][    C0]  ? ktime_get (kernel/time/timekeeping.c:387 (discriminator 4) kernel/time/timekeeping.c:404 (discriminator 4) kernel/time/timekeeping.c:826 (discriminator 4))
[ 2978.509916][    C0]  ? clockevents_program_event (kernel/time/clockevents.c:336 (discriminator 3))
[ 2978.510362][    C0]  handle_softirqs (kernel/softirq.c:623)
[ 2978.510715][    C0]  ? __neigh_event_send (./include/linux/bottom_half.h:33 net/core/neighbour.c:1273)
[ 2978.511075][    C0]  do_softirq (kernel/softirq.c:523 kernel/softirq.c:510)
[ 2978.511334][    C0]  </IRQ>
[ 2978.511503][    C0]  <TASK>
[ 2978.511674][    C0]  __local_bh_enable_ip (kernel/softirq.c:450)
[ 2978.512031][    C0]  __neigh_event_send (net/core/neighbour.c:1274)
[ 2978.512385][    C0]  neigh_resolve_output (net/core/neighbour.c:1578)
[ 2978.512990][    C0]  ? ___neigh_create (net/core/neighbour.c:727)
[ 2978.513349][    C0]  ip_finish_output2 (./include/net/neighbour.h:556 net/ipv4/ip_output.c:237)
[ 2978.513703][    C0]  ? ip_skb_dst_mtu (./include/linux/rcupdate.h:341 ./include/linux/rcupdate.h:897 ./include/net/ip.h:504 ./include/net/ip.h:518)
[ 2978.514305][    C0]  ? ip_append_data.part.0 (net/ipv4/ip_output.c:201)
[ 2978.514648][    C0]  ? ip_skb_dst_mtu (./include/net/ip.h:523)
[ 2978.515019][    C0]  ? __ip_finish_output (./include/linux/skbuff.h:1724 ./include/linux/skbuff.h:5149 net/ipv4/ip_output.c:309 net/ipv4/ip_output.c:297)
[ 2978.515368][    C0]  ip_output (./include/linux/netfilter.h:307 net/ipv4/ip_output.c:438)
[ 2978.515621][    C0]  ? ip_finish_output (net/ipv4/ip_output.c:429)
[ 2978.516241][    C0]  ? find_held_lock (kernel/locking/lockdep.c:5350)
[ 2978.516584][    C0]  ? ip_frag_next (./include/net/dst.h:463)
[ 2978.516926][    C0]  __ip_queue_xmit (./include/net/dst.h:464 net/ipv4/ip_output.c:131 net/ipv4/ip_output.c:534)
[ 2978.517282][    C0]  ? __skb_clone (./arch/x86/include/asm/atomic.h:53 (discriminator 4) ./include/linux/atomic/atomic-arch-fallback.h:992 (discriminator 4) ./include/linux/atomic/atomic-instrumented.h:436 (discriminator 4) net/core/skbuff.c:1585 (discriminator 4))
[ 2978.517906][    C0]  __tcp_transmit_skb (net/ipv4/tcp_output.c:1628)
[ 2978.518272][    C0]  ? __tcp_select_window (net/ipv4/tcp_output.c:1449)
[ 2978.518627][    C0]  tcp_connect (net/ipv4/tcp_output.c:1646 net/ipv4/tcp_output.c:4335)
[ 2978.518987][    C0]  tcp_v4_connect (net/ipv4/tcp_ipv4.c:347)
[ 2978.519598][    C0]  ? bpf_iter_init_tcp (net/ipv4/tcp_ipv4.c:225)
[ 2978.519935][    C0]  ? __local_bh_enable_ip (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:119 kernel/softirq.c:455)
[ 2978.520296][    C0]  mptcp_connect (net/mptcp/protocol.c:3803)
[ 2978.520638][    C0]  __inet_stream_connect (net/ipv4/af_inet.c:679)
[ 2978.521243][    C0]  ? __local_bh_enable_ip (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:119 kernel/softirq.c:455)
[ 2978.521581][    C0]  ? __inet_stream_connect (net/ipv4/af_inet.c:746)
[ 2978.521918][    C0]  inet_stream_connect (net/ipv4/af_inet.c:751)
[ 2978.522286][    C0]  __sys_connect (./include/linux/file.h:62 ./include/linux/file.h:83 net/socket.c:2111)
[ 2978.522875][    C0]  ? __sys_connect_file (net/socket.c:2109)
[ 2978.523240][    C0]  ? __sys_setsockopt (./include/linux/file.h:62 ./include/linux/file.h:83 net/socket.c:2377)
[ 2978.523581][    C0]  __x64_sys_connect (net/socket.c:2124)
[ 2978.523917][    C0]  ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472)
[ 2978.524265][    C0]  do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)
[ 2978.524601][    C0]  entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 2978.525055][    C0] RIP: 0033:0x7f75d935dd67
[ 2978.525409][    C0] Code: 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2a 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 18 89 54 24 0c 48 89 34 24 89
All code
========
   0:	64 89 01             	mov    %eax,%fs:(%rcx)
   3:	48 83 c8 ff          	or     $0xffffffffffffffff,%rax
   7:	c3                   	ret
   8:	66 2e 0f 1f 84 00 00 	cs nopw 0x0(%rax,%rax,1)
   f:	00 00 00 
  12:	90                   	nop
  13:	f3 0f 1e fa          	endbr64
  17:	64 8b 04 25 18 00 00 	mov    %fs:0x18,%eax
  1e:	00 
  1f:	85 c0                	test   %eax,%eax
  21:	75 10                	jne    0x33
  23:	b8 2a 00 00 00       	mov    $0x2a,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax		<-- trapping instruction
  30:	77 51                	ja     0x83
  32:	c3                   	ret
  33:	48 83 ec 18          	sub    $0x18,%rsp
  37:	89 54 24 0c          	mov    %edx,0xc(%rsp)
  3b:	48 89 34 24          	mov    %rsi,(%rsp)
  3f:	89                   	.byte 0x89

Code starting with the faulting instruction
===========================================
   0:	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax
   6:	77 51                	ja     0x59
   8:	c3                   	ret
   9:	48 83 ec 18          	sub    $0x18,%rsp
   d:	89 54 24 0c          	mov    %edx,0xc(%rsp)
  11:	48 89 34 24          	mov    %rsi,(%rsp)
  15:	89                   	.byte 0x89
[ 2978.526891][    C0] RSP: 002b:00007ffdc68c3238 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 2978.527683][    C0] RAX: ffffffffffffffda RBX: 000000001e8622a0 RCX: 00007f75d935dd67
[ 2978.528212][    C0] RDX: 0000000000000010 RSI: 000000001e8622d0 RDI: 0000000000000005
[ 2978.528722][    C0] RBP: 0000000000000005 R08: 0000000000000005 R09: 0000000000000001
[ 2978.529500][    C0] R10: 00007f75d9254618 R11: 0000000000000246 R12: 0000000000000000
[ 2978.530019][    C0] R13: 0000000000000106 R14: 0000000000407df0 R15: 00007f75d949d000
| [ 2978.738672][T26194] ------------[ cut here ]------------
| [ 2978.739307][T26194] WARNING: CPU: 0 PID: 26194 at ./include/net/sch_generic.h:843 tcf_pedit_act (./include/net/sch_generic.h:843 ./include/net/sch_generic.h:889 ./include/net/act_api.h:232 net/sched/act_pedit.c:409) act_pedit
| [ 2978.740055][T26194] Modules linked in: act_csum act_pedit cls_fw sch_ingress xt_mark xt_statistic xt_length xt_bpf sch_netem ipt_REJECT nf_reject_ipv4 nft_compat nf_tables
| [ 2978.741985][T26194] Tainted: [W]=WARN
[ 2978.742271][T26194] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 2978.742716][T26194] RIP: 0010:tcf_pedit_act (./include/net/sch_generic.h:843 ./include/net/sch_generic.h:889 ./include/net/act_api.h:232 net/sched/act_pedit.c:409) act_pedit
[ 2978.743180][T26194] Code: 00 0f 84 81 f8 ff ff 48 8b 3c 24 48 89 44 24 50 44 89 4c 24 48 e8 91 11 e0 dc 48 8b 44 24 50 44 8b 4c 24 48 e9 5f f8 ff ff 90 <0f> 0b 90 e9 60 f6 ff ff 8b b4 24 a8 00 00 00 b9 04 00 00 00 48 89
All code
========
   0:	00 0f                	add    %cl,(%rdi)
   2:	84 81 f8 ff ff 48    	test   %al,0x48fffff8(%rcx)
   8:	8b 3c 24             	mov    (%rsp),%edi
   b:	48 89 44 24 50       	mov    %rax,0x50(%rsp)
  10:	44 89 4c 24 48       	mov    %r9d,0x48(%rsp)
  15:	e8 91 11 e0 dc       	call   0xffffffffdce011ab
  1a:	48 8b 44 24 50       	mov    0x50(%rsp),%rax
  1f:	44 8b 4c 24 48       	mov    0x48(%rsp),%r9d
  24:	e9 5f f8 ff ff       	jmp    0xfffffffffffff888
  29:	90                   	nop
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	90                   	nop
  2d:	e9 60 f6 ff ff       	jmp    0xfffffffffffff692
  32:	8b b4 24 a8 00 00 00 	mov    0xa8(%rsp),%esi
  39:	b9 04 00 00 00       	mov    $0x4,%ecx
  3e:	48                   	rex.W
  3f:	89                   	.byte 0x89

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	90                   	nop
   3:	e9 60 f6 ff ff       	jmp    0xfffffffffffff668
   8:	8b b4 24 a8 00 00 00 	mov    0xa8(%rsp),%esi
   f:	b9 04 00 00 00       	mov    $0x4,%ecx
  14:	48                   	rex.W
  15:	89                   	.byte 0x89
[ 2978.744425][T26194] RSP: 0018:ffffc900005b6f10 EFLAGS: 00010206
[ 2978.744893][T26194] RAX: 0000000000000007 RBX: ffff888015ffc960 RCX: ffff888015ffc9d4
[ 2978.745423][T26194] RDX: 0000000000000000 RSI: ffffffff9f05d5c0 RDI: ffff888015e7aac6
[ 2978.745935][T26194] RBP: ffffe8ffffc0bc90 R08: ffff888015ffc960 R09: ffff888015ffca1c
[ 2978.746462][T26194] R10: ffff888015ffca20 R11: 0000000000000030 R12: 0000000000000005
[ 2978.747001][T26194] R13: ffff888010b1a600 R14: ffff88800f43c540 R15: ffff888015e7aac0
[ 2978.747521][T26194] FS:  00007f75d924bb80(0000) GS:ffff888095383000(0000) knlGS:0000000000000000
[ 2978.748139][T26194] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2978.748587][T26194] CR2: 00007ffdc68bd0c8 CR3: 0000000015ae0006 CR4: 0000000000772ef0
[ 2978.749143][T26194] PKRU: 55555554
[ 2978.749412][T26194] Call Trace:
[ 2978.749670][T26194]  <TASK>
[ 2978.749855][T26194]  ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:751)
[ 2978.750275][T26194]  ? pedit_l4_skb_offset.constprop.0 (net/sched/act_pedit.c:389) act_pedit
[ 2978.751328][T26194]  ? __lock_acquire (kernel/locking/lockdep.c:5237)
[ 2978.751695][T26194]  tcf_action_exec.part.0 (./include/net/tc_wrapper.h:217 net/sched/act_api.c:1150)
[ 2978.752077][T26194] fw_classify (net/sched/cls_fw.c:70) cls_fw
[ 2978.752424][T26194]  __tcf_classify.constprop.0 (net/sched/cls_api.c:1767)
[ 2978.752789][T26194]  tcf_classify (net/sched/cls_api.c:1809)
[ 2978.753065][T26194]  ? __tcf_classify.constprop.0 (net/sched/cls_api.c:1809)
[ 2978.753494][T26194]  ? tc_run (./include/net/sch_generic.h:843 ./include/net/sch_generic.h:889 ./include/net/sch_generic.h:1366 net/core/dev.c:4370)
[ 2978.753763][T26194]  tc_run (net/core/dev.c:4373)
[ 2978.754043][T26194]  ? napi_disable (net/core/dev.c:4349)
[ 2978.754386][T26194]  ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5831)
[ 2978.754724][T26194]  ? __dev_queue_xmit (./include/linux/bottom_half.h:20 ./include/linux/rcupdate.h:918 net/core/dev.c:4745)
[ 2978.755117][T26194]  __dev_queue_xmit (net/core/dev.c:4507 net/core/dev.c:4762)
[ 2978.755459][T26194]  ? __lock_acquire (kernel/locking/lockdep.c:5237)
[ 2978.755805][T26194]  ? netdev_core_pick_tx (net/core/dev.c:4728)
[ 2978.756162][T26194]  ? neigh_hh_output (./include/linux/seqlock.h:74 ./include/linux/seqlock.h:836 ./include/net/neighbour.h:510)
[ 2978.756500][T26194]  ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472)
[ 2978.756846][T26194]  ? neigh_hh_output (./include/linux/seqlock.h:74 ./include/linux/seqlock.h:836 ./include/net/neighbour.h:510)
[ 2978.757214][T26194]  ip_finish_output2 (./include/net/neighbour.h:554 net/ipv4/ip_output.c:237)
[ 2978.757556][T26194]  ? ip_skb_dst_mtu (./include/linux/rcupdate.h:341 ./include/linux/rcupdate.h:897 ./include/net/ip.h:504 ./include/net/ip.h:518)
[ 2978.757904][T26194]  ? ip_append_data.part.0 (net/ipv4/ip_output.c:201)
[ 2978.758262][T26194]  ? __ip_finish_output (net/ipv4/ip_output.c:258 net/ipv4/ip_output.c:310 net/ipv4/ip_output.c:297)
[ 2978.758603][T26194]  ip_output (./include/linux/netfilter.h:307 net/ipv4/ip_output.c:438)
[ 2978.758858][T26194]  ? ip_finish_output (net/ipv4/ip_output.c:429)
[ 2978.759216][T26194]  ? find_held_lock (kernel/locking/lockdep.c:5350)
[ 2978.759555][T26194]  ? ip_frag_next (./include/net/dst.h:463)
[ 2978.759906][T26194]  __ip_queue_xmit (./include/net/dst.h:464 net/ipv4/ip_output.c:131 net/ipv4/ip_output.c:534)
[ 2978.760270][T26194]  ? __skb_clone (./arch/x86/include/asm/atomic.h:53 (discriminator 4) ./include/linux/atomic/atomic-arch-fallback.h:992 (discriminator 4) ./include/linux/atomic/atomic-instrumented.h:436 (discriminator 4) net/core/skbuff.c:1585 (discriminator 4))
[ 2978.760618][T26194]  __tcp_transmit_skb (net/ipv4/tcp_output.c:1628)
[ 2978.760991][T26194]  ? __tcp_select_window (net/ipv4/tcp_output.c:1449)
[ 2978.761344][T26194]  ? tso_fragment (./arch/x86/include/asm/atomic.h:28 ./include/linux/atomic/atomic-arch-fallback.h:503 ./include/linux/atomic/atomic-instrumented.h:68 ./include/linux/skbuff.h:2099 net/ipv4/tcp_output.c:2355)
[ 2978.761688][T26194]  tcp_write_xmit (net/ipv4/tcp_output.c:2999)
[ 2978.762062][T26194]  ? tcp_retrans_try_collapse (net/ipv4/tcp_output.c:2903)
[ 2978.762484][T26194]  ? mptcp_subflow_set_active (net/mptcp/protocol.c:1398)
[ 2978.762838][T26194]  ? __subflow_push_pending (net/mptcp/protocol.h:415 net/mptcp/protocol.c:1543)
[ 2978.763202][T26194]  __tcp_push_pending_frames (net/ipv4/tcp_output.c:3182)
[ 2978.763543][T26194]  mptcp_push_release.isra.0 (net/mptcp/protocol.c:1497)
[ 2978.763883][T26194]  __mptcp_push_pending (./include/linux/list.h:975 ./include/linux/timer.h:147 net/mptcp/protocol.c:920 net/mptcp/protocol.c:1639)
[ 2978.764243][T26194]  ? __mptcp_wr_shutdown (net/mptcp/protocol.c:1581)
[ 2978.764578][T26194]  ? __sk_mem_raise_allocated (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-long.h:38 ./include/linux/atomic/atomic-instrumented.h:3189 ./include/net/proto_memory.h:47 ./include/net/proto_memory.h:53 net/core/sock.c:3294)
[ 2978.765063][T26194]  mptcp_sendmsg (net/mptcp/protocol.c:1943)
[ 2978.765428][T26194]  ? _raw_spin_unlock (./arch/x86/include/asm/preempt.h:104 ./include/linux/spinlock_api_smp.h:143 kernel/locking/spinlock.c:186)
[ 2978.765770][T26194]  ? mptcp_sendmsg_fastopen.constprop.0 (net/mptcp/protocol.c:1823)
[ 2978.766203][T26194]  ? ovl_sync_status (fs/overlayfs/util.c:1528)
[ 2978.766549][T26194]  ? find_held_lock (kernel/locking/lockdep.c:5350)
[ 2978.766894][T26194]  sock_write_iter (net/socket.c:727 net/socket.c:742 net/socket.c:1195)
[ 2978.767243][T26194]  ? __up_write (./arch/x86/include/asm/preempt.h:104 kernel/locking/rwsem.c:1388)
[ 2978.767583][T26194]  ? ____sys_recvmsg (net/socket.c:1176)
[ 2978.767955][T26194]  ? ksys_write (fs/read_write.c:738)
[ 2978.768307][T26194]  vfs_write (fs/read_write.c:594 fs/read_write.c:686)
[ 2978.768577][T26194]  ? ksys_write (./include/linux/file.h:62 ./include/linux/file.h:80 ./include/linux/file.h:85 fs/read_write.c:729)
[ 2978.768928][T26194]  ? __lock_release (kernel/locking/lockdep.c:5536)
[ 2978.769305][T26194]  ? kernel_write (fs/read_write.c:667)
[ 2978.769656][T26194]  ? ksys_write (./include/linux/file.h:62 ./include/linux/file.h:80 ./include/linux/file.h:85 fs/read_write.c:729)
[ 2978.770053][T26194]  ksys_write (fs/read_write.c:738)
[ 2978.770312][T26194]  ? __ia32_sys_read (fs/read_write.c:728)
[ 2978.770654][T26194]  ? do_user_addr_fault (./arch/x86/include/asm/atomic.h:93 ./include/linux/atomic/atomic-arch-fallback.h:949 ./include/linux/atomic/atomic-instrumented.h:401 ./include/linux/refcount.h:389 ./include/linux/refcount.h:432 ./include/linux/mmap_lock.h:143 ./include/linux/mmap_lock.h:182 arch/x86/mm/fault.c:1338)
[ 2978.771039][T26194]  do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)
[ 2978.771381][T26194]  entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 2978.771802][T26194] RIP: 0033:0x7f75d934c257
[ 2978.772166][T26194] Code: 0f 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74 24
All code
========
   0:	0f 00                	(bad)
   2:	f7 d8                	neg    %eax
   4:	64 89 02             	mov    %eax,%fs:(%rdx)
   7:	48 c7 c0 ff ff ff ff 	mov    $0xffffffffffffffff,%rax
   e:	eb b7                	jmp    0xffffffffffffffc7
  10:	0f 1f 00             	nopl   (%rax)
  13:	f3 0f 1e fa          	endbr64
  17:	64 8b 04 25 18 00 00 	mov    %fs:0x18,%eax
  1e:	00 
  1f:	85 c0                	test   %eax,%eax
  21:	75 10                	jne    0x33
  23:	b8 01 00 00 00       	mov    $0x1,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax		<-- trapping instruction
  30:	77 51                	ja     0x83
  32:	c3                   	ret
  33:	48 83 ec 28          	sub    $0x28,%rsp
  37:	48 89 54 24 18       	mov    %rdx,0x18(%rsp)
  3c:	48                   	rex.W
  3d:	89                   	.byte 0x89
  3e:	74 24                	je     0x64

Code starting with the faulting instruction
===========================================
   0:	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax
   6:	77 51                	ja     0x59
   8:	c3                   	ret
   9:	48 83 ec 28          	sub    $0x28,%rsp
   d:	48 89 54 24 18       	mov    %rdx,0x18(%rsp)
  12:	48                   	rex.W
  13:	89                   	.byte 0x89
  14:	74 24                	je     0x3a
[ 2978.773394][T26194] RSP: 002b:00007ffdc68c1168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2978.773908][T26194] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f75d934c257
[ 2978.774428][T26194] RDX: 0000000000001f9c RSI: 00007ffdc68c3394 RDI: 0000000000000005
[ 2978.774956][T26194] RBP: 0000000000001f9c R08: 00007f75d944721c R09: 00007f75d9447280
[ 2978.775494][T26194] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdc68c3330
[ 2978.776049][T26194] R13: 00007ffdc68c3394 R14: 0000000000000064 R15: 0000000000000064
| [ 2978.780195][T26194] ------------[ cut here ]------------
| [ 2978.780544][T26194] WARNING: CPU: 0 PID: 26194 at ./include/net/sch_generic.h:843 tcf_csum_act (./include/net/sch_generic.h:843 ./include/net/sch_generic.h:889 ./include/net/act_api.h:232 net/sched/act_csum.c:582) act_csum
| [ 2978.781250][T26194] Modules linked in: act_csum act_pedit cls_fw sch_ingress xt_mark xt_statistic xt_length xt_bpf sch_netem ipt_REJECT nf_reject_ipv4 nft_compat nf_tables
| [ 2978.783059][T26194] Tainted: [W]=WARN
[ 2978.783324][T26194] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 2978.783761][T26194] RIP: 0010:tcf_csum_act (./include/net/sch_generic.h:843 ./include/net/sch_generic.h:889 ./include/net/act_api.h:232 net/sched/act_csum.c:582) act_csum
[ 2978.784216][T26194] Code: 06 48 89 fa 48 c1 ea 03 0f b6 14 02 48 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 3b 08 00 00 66 41 83 7d 06 00 74 04 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 49 8d 7f 28 48 89 fa 48 c1
All code
========
   0:	06                   	(bad)
   1:	48 89 fa             	mov    %rdi,%rdx
   4:	48 c1 ea 03          	shr    $0x3,%rdx
   8:	0f b6 14 02          	movzbl (%rdx,%rax,1),%edx
   c:	48 89 f8             	mov    %rdi,%rax
   f:	83 e0 07             	and    $0x7,%eax
  12:	83 c0 01             	add    $0x1,%eax
  15:	38 d0                	cmp    %dl,%al
  17:	7c 08                	jl     0x21
  19:	84 d2                	test   %dl,%dl
  1b:	0f 85 3b 08 00 00    	jne    0x85c
  21:	66 41 83 7d 06 00    	cmpw   $0x0,0x6(%r13)
  27:	74 04                	je     0x2d
  29:	90                   	nop
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	90                   	nop
  2d:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  34:	fc ff df 
  37:	49 8d 7f 28          	lea    0x28(%r15),%rdi
  3b:	48 89 fa             	mov    %rdi,%rdx
  3e:	48                   	rex.W
  3f:	c1                   	.byte 0xc1

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	90                   	nop
   3:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
   a:	fc ff df 
   d:	49 8d 7f 28          	lea    0x28(%r15),%rdi
  11:	48 89 fa             	mov    %rdi,%rdx
  14:	48                   	rex.W
  15:	c1                   	.byte 0xc1
[ 2978.785524][T26194] RSP: 0018:ffffc900005b6fd0 EFLAGS: 00010206
[ 2978.785970][T26194] RAX: 0000000000000007 RBX: ffff888010b1c400 RCX: 1ffffffff8050e8b
[ 2978.786512][T26194] RDX: 0000000000000000 RSI: ffffffff9f05d5c0 RDI: ffff888015e7aac6
[ 2978.787040][T26194] RBP: ffffe8ffffc0bd20 R08: 0000000000000003 R09: 0000000000000094
[ 2978.787584][T26194] R10: 0000000000000000 R11: 0000000000000030 R12: ffff88800504dce0
[ 2978.788124][T26194] R13: ffff888015e7aac0 R14: 0000000000000005 R15: ffff888015ffc960
[ 2978.788978][T26194] FS:  00007f75d924bb80(0000) GS:ffff888095383000(0000) knlGS:0000000000000000
[ 2978.789592][T26194] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2978.790335][T26194] CR2: 00007ffdc68bd0c8 CR3: 0000000015ae0006 CR4: 0000000000772ef0
[ 2978.790859][T26194] PKRU: 55555554
[ 2978.791136][T26194] Call Trace:
[ 2978.791418][T26194]  <TASK>
[ 2978.791604][T26194]  ? __lock_acquire (kernel/locking/lockdep.c:5237)
[ 2978.792221][T26194]  tcf_action_exec.part.0 (./include/net/tc_wrapper.h:217 net/sched/act_api.c:1150)
[ 2978.792593][T26194] fw_classify (net/sched/cls_fw.c:70) cls_fw
[ 2978.792974][T26194]  __tcf_classify.constprop.0 (net/sched/cls_api.c:1767)
[ 2978.793333][T26194]  tcf_classify (net/sched/cls_api.c:1809)
[ 2978.793851][T26194]  ? __tcf_classify.constprop.0 (net/sched/cls_api.c:1809)
[ 2978.794311][T26194]  ? tc_run (./include/net/sch_generic.h:843 ./include/net/sch_generic.h:889 ./include/net/sch_generic.h:1366 net/core/dev.c:4370)
[ 2978.794586][T26194]  tc_run (net/core/dev.c:4373)
[ 2978.794863][T26194]  ? napi_disable (net/core/dev.c:4349)
[ 2978.795464][T26194]  ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5831)
[ 2978.795811][T26194]  ? __dev_queue_xmit (./include/linux/bottom_half.h:20 ./include/linux/rcupdate.h:918 net/core/dev.c:4745)
[ 2978.796183][T26194]  __dev_queue_xmit (net/core/dev.c:4507 net/core/dev.c:4762)
[ 2978.796545][T26194]  ? __lock_acquire (kernel/locking/lockdep.c:5237)
[ 2978.796897][T26194]  ? netdev_core_pick_tx (net/core/dev.c:4728)
[ 2978.797266][T26194]  ? neigh_hh_output (./include/linux/seqlock.h:74 ./include/linux/seqlock.h:836 ./include/net/neighbour.h:510)
[ 2978.797623][T26194]  ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472)
[ 2978.797993][T26194]  ? neigh_hh_output (./include/linux/seqlock.h:74 ./include/linux/seqlock.h:836 ./include/net/neighbour.h:510)
[ 2978.798385][T26194]  ip_finish_output2 (./include/net/neighbour.h:554 net/ipv4/ip_output.c:237)
[ 2978.798751][T26194]  ? ip_skb_dst_mtu (./include/linux/rcupdate.h:341 ./include/linux/rcupdate.h:897 ./include/net/ip.h:504 ./include/net/ip.h:518)
[ 2978.799120][T26194]  ? ip_append_data.part.0 (net/ipv4/ip_output.c:201)
[ 2978.799516][T26194]  ? __ip_finish_output (net/ipv4/ip_output.c:258 net/ipv4/ip_output.c:310 net/ipv4/ip_output.c:297)
[ 2978.799894][T26194]  ip_output (./include/linux/netfilter.h:307 net/ipv4/ip_output.c:438)
[ 2978.800175][T26194]  ? ip_finish_output (net/ipv4/ip_output.c:429)
[ 2978.800530][T26194]  ? find_held_lock (kernel/locking/lockdep.c:5350)
[ 2978.800891][T26194]  ? ip_frag_next (./include/net/dst.h:463)
[ 2978.801308][T26194]  __ip_queue_xmit (./include/net/dst.h:464 net/ipv4/ip_output.c:131 net/ipv4/ip_output.c:534)
[ 2978.801691][T26194]  ? __skb_clone (./arch/x86/include/asm/atomic.h:53 (discriminator 4) ./include/linux/atomic/atomic-arch-fallback.h:992 (discriminator 4) ./include/linux/atomic/atomic-instrumented.h:436 (discriminator 4) net/core/skbuff.c:1585 (discriminator 4))
[ 2978.802066][T26194]  __tcp_transmit_skb (net/ipv4/tcp_output.c:1628)
[ 2978.802439][T26194]  ? __tcp_select_window (net/ipv4/tcp_output.c:1449)
[ 2978.802812][T26194]  ? tso_fragment (./arch/x86/include/asm/atomic.h:28 ./include/linux/atomic/atomic-arch-fallback.h:503 ./include/linux/atomic/atomic-instrumented.h:68 ./include/linux/skbuff.h:2099 net/ipv4/tcp_output.c:2355)
[ 2978.803170][T26194]  tcp_write_xmit (net/ipv4/tcp_output.c:2999)
[ 2978.803557][T26194]  ? tcp_retrans_try_collapse (net/ipv4/tcp_output.c:2903)
[ 2978.804018][T26194]  ? mptcp_subflow_set_active (net/mptcp/protocol.c:1398)
[ 2978.804392][T26194]  ? __subflow_push_pending (net/mptcp/protocol.h:415 net/mptcp/protocol.c:1543)
[ 2978.805035][T26194]  __tcp_push_pending_frames (net/ipv4/tcp_output.c:3182)
[ 2978.805398][T26194]  mptcp_push_release.isra.0 (net/mptcp/protocol.c:1497)
[ 2978.805757][T26194]  __mptcp_push_pending (./include/linux/list.h:975 ./include/linux/timer.h:147 net/mptcp/protocol.c:920 net/mptcp/protocol.c:1639)
[ 2978.806357][T26194]  ? __mptcp_wr_shutdown (net/mptcp/protocol.c:1581)
[ 2978.806727][T26194]  ? __sk_mem_raise_allocated (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-long.h:38 ./include/linux/atomic/atomic-instrumented.h:3189 ./include/net/proto_memory.h:47 ./include/net/proto_memory.h:53 net/core/sock.c:3294)
[ 2978.807229][T26194]  mptcp_sendmsg (net/mptcp/protocol.c:1943)
[ 2978.807610][T26194]  ? _raw_spin_unlock (./arch/x86/include/asm/preempt.h:104 ./include/linux/spinlock_api_smp.h:143 kernel/locking/spinlock.c:186)
[ 2978.808235][T26194]  ? mptcp_sendmsg_fastopen.constprop.0 (net/mptcp/protocol.c:1823)
[ 2978.808690][T26194]  ? ovl_sync_status (fs/overlayfs/util.c:1528)
[ 2978.809068][T26194]  ? find_held_lock (kernel/locking/lockdep.c:5350)
[ 2978.809440][T26194]  sock_write_iter (net/socket.c:727 net/socket.c:742 net/socket.c:1195)
[ 2978.810068][T26194]  ? __up_write (./arch/x86/include/asm/preempt.h:104 kernel/locking/rwsem.c:1388)
[ 2978.810438][T26194]  ? ____sys_recvmsg (net/socket.c:1176)
[ 2978.810814][T26194]  ? ksys_write (fs/read_write.c:738)
[ 2978.811201][T26194]  vfs_write (fs/read_write.c:594 fs/read_write.c:686)
[ 2978.811731][T26194]  ? ksys_write (./include/linux/file.h:62 ./include/linux/file.h:80 ./include/linux/file.h:85 fs/read_write.c:729)
[ 2978.812104][T26194]  ? __lock_release (kernel/locking/lockdep.c:5536)
[ 2978.812477][T26194]  ? kernel_write (fs/read_write.c:667)
[ 2978.812836][T26194]  ? ksys_write (./include/linux/file.h:62 ./include/linux/file.h:80 ./include/linux/file.h:85 fs/read_write.c:729)
[ 2978.813472][T26194]  ksys_write (fs/read_write.c:738)
[ 2978.813770][T26194]  ? __ia32_sys_read (fs/read_write.c:728)
[ 2978.814132][T26194]  ? do_user_addr_fault (./arch/x86/include/asm/atomic.h:93 ./include/linux/atomic/atomic-arch-fallback.h:949 ./include/linux/atomic/atomic-instrumented.h:401 ./include/linux/refcount.h:389 ./include/linux/refcount.h:432 ./include/linux/mmap_lock.h:143 ./include/linux/mmap_lock.h:182 arch/x86/mm/fault.c:1338)
[ 2978.814500][T26194]  do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)
[ 2978.814861][T26194]  entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[ 2978.815560][T26194] RIP: 0033:0x7f75d934c257
[ 2978.815912][T26194] Code: 0f 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74 24
All code
========
   0:	0f 00                	(bad)
   2:	f7 d8                	neg    %eax
   4:	64 89 02             	mov    %eax,%fs:(%rdx)
   7:	48 c7 c0 ff ff ff ff 	mov    $0xffffffffffffffff,%rax
   e:	eb b7                	jmp    0xffffffffffffffc7
  10:	0f 1f 00             	nopl   (%rax)
  13:	f3 0f 1e fa          	endbr64
  17:	64 8b 04 25 18 00 00 	mov    %fs:0x18,%eax
  1e:	00 
  1f:	85 c0                	test   %eax,%eax
  21:	75 10                	jne    0x33
  23:	b8 01 00 00 00       	mov    $0x1,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax		<-- trapping instruction
  30:	77 51                	ja     0x83
  32:	c3                   	ret
  33:	48 83 ec 28          	sub    $0x28,%rsp
  37:	48 89 54 24 18       	mov    %rdx,0x18(%rsp)
  3c:	48                   	rex.W
  3d:	89                   	.byte 0x89
  3e:	74 24                	je     0x64

Code starting with the faulting instruction
===========================================
   0:	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax
   6:	77 51                	ja     0x59
   8:	c3                   	ret
   9:	48 83 ec 28          	sub    $0x28,%rsp
   d:	48 89 54 24 18       	mov    %rdx,0x18(%rsp)
  12:	48                   	rex.W
  13:	89                   	.byte 0x89
  14:	74 24                	je     0x3a
[ 2978.817460][T26194] RSP: 002b:00007ffdc68c1168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2978.818021][T26194] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f75d934c257
[ 2978.818819][T26194] RDX: 0000000000001f9c RSI: 00007ffdc68c3394 RDI: 0000000000000005
[ 2978.819358][T26194] RBP: 0000000000001f9c R08: 00007f75d944721c R09: 00007f75d9447280
[ 2978.819901][T26194] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdc68c3330


Finger prints:
netem_dequeue:dequeue_skb:__qdisc_run:net_tx_action:handle_softirqs
tcf_pedit_act:fw_classify:tcf_classify:tc_run:__dev_queue_xmit
tcf_csum_act:fw_classify:tcf_classify:tc_run:__dev_queue_xmit
tc_run:__dev_queue_xmit:__neigh_update:arp_process:__netif_receive_skb_one_core