======================================
| xx__-> [   19.627612][  T266] ip (266) used greatest stack depth: 24208 bytes left
| [   37.163828][  T371] ------------[ cut here ]------------
| [ 37.164276][ T371] WARNING: CPU: 1 PID: 371 at ./include/linux/skbuff.h:1164 ip_route_me_harder (./include/linux/skbuff.h:1164 ./include/linux/skbuff.h:1178 net/ipv4/netfilter.c:68) 
| [   37.165963][  T371] Modules linked in: nft_nat nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables veth
[   37.167345][  T371] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 37.167709][ T371] RIP: 0010:ip_route_me_harder (./include/linux/skbuff.h:1164 ./include/linux/skbuff.h:1178 net/ipv4/netfilter.c:68) 
[ 37.168070][ T371] Code: 31 db e9 9a f7 ff ff 80 3c 02 00 0f 85 ee 05 00 00 49 8b 46 58 48 89 c3 48 83 e3 fe a8 01 0f 85 f5 02 00 00 48 85 db 74 04 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 80 3c
All code
========
   0:	31 db                	xor    %ebx,%ebx
   2:	e9 9a f7 ff ff       	jmp    0xfffffffffffff7a1
   7:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   b:	0f 85 ee 05 00 00    	jne    0x5ff
  11:	49 8b 46 58          	mov    0x58(%r14),%rax
  15:	48 89 c3             	mov    %rax,%rbx
  18:	48 83 e3 fe          	and    $0xfffffffffffffffe,%rbx
  1c:	a8 01                	test   $0x1,%al
  1e:	0f 85 f5 02 00 00    	jne    0x319
  24:	48 85 db             	test   %rbx,%rbx
  27:	74 04                	je     0x2d
  29:	90                   	nop
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	90                   	nop
  2d:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  34:	fc ff df 
  37:	4c 89 ea             	mov    %r13,%rdx
  3a:	48 c1 ea 03          	shr    $0x3,%rdx
  3e:	80                   	.byte 0x80
  3f:	3c                   	.byte 0x3c

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	90                   	nop
   3:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
   a:	fc ff df 
   d:	4c 89 ea             	mov    %r13,%rdx
  10:	48 c1 ea 03          	shr    $0x3,%rdx
  14:	80                   	.byte 0x80
  15:	3c                   	.byte 0x3c
[   37.169082][  T371] RSP: 0018:ffffc90000637788 EFLAGS: 00010282
[   37.169449][  T371] RAX: ffff88800dcbec40 RBX: ffff88800dcbec40 RCX: 1ffff11001b97d88
[   37.169867][  T371] RDX: 1ffff110012d0643 RSI: 0000000000000000 RDI: ffff888009b940e0
[   37.170288][  T371] RBP: ffff88800b518040 R08: 1ffff920000c6f03 R09: 0000000000000000
[   37.170714][  T371] R10: ffff88800dcbef83 R11: dffffc0000000000 R12: ffff888005b95440
[   37.171175][  T371] R13: ffff888009683218 R14: ffff8880096831c0 R15: ffff888009683241
[   37.171600][  T371] FS:  00007fc33dbcf300(0000) GS:ffff88807e124000(0000) knlGS:0000000000000000
[   37.172086][  T371] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   37.172447][  T371] CR2: 00007fc33de1f8b0 CR3: 00000000098f2004 CR4: 0000000000772ef0
[   37.172871][  T371] PKRU: 55555554
[   37.173096][  T371] Call Trace:
[   37.173309][  T371]  <TASK>
[ 37.173468][ T371] ? __pfx_ip_route_me_harder (net/ipv4/netfilter.c:22) 
[ 37.173763][ T371] ? nf_nat_manip_pkt (net/netfilter/nf_nat_proto.c:388) nf_nat 
[ 37.174129][ T371] ? __pfx_nf_nat_manip_pkt (net/netfilter/nf_nat_proto.c:379) nf_nat 
[ 37.174663][ T371] nf_nat_ipv4_local_fn (net/netfilter/nf_nat_proto.c:768 net/netfilter/nf_nat_proto.c:749) nf_nat 
[ 37.175032][ T371] ? ipv4_conntrack_defrag (./arch/x86/include/asm/bitops.h:206 (discriminator 3) ./arch/x86/include/asm/bitops.h:238 (discriminator 3) ./include/asm-generic/bitops/instrumented-non-atomic.h:142 (discriminator 3) net/ipv4/netfilter/nf_defrag_ipv4.c:69 (discriminator 3)) nf_defrag_ipv4 
[ 37.175630][ T371] ? __pfx_nf_nat_ipv4_local_fn (net/netfilter/nf_nat_proto.c:751) nf_nat 
[ 37.176221][ T371] nf_hook_slow (./include/linux/netfilter.h:157 net/netfilter/core.c:623) 
[ 37.176718][ T371] __ip_local_out (./include/linux/netfilter.h:272 net/ipv4/ip_output.c:118) 
[ 37.177204][ T371] ? __pfx___ip_local_out (net/ipv4/ip_output.c:101) 
[ 37.177693][ T371] ? __ip_make_skb (net/ipv4/ip_output.c:1382 net/ipv4/ip_output.c:1492) 
[ 37.178163][ T371] ? __pfx_dst_output (./include/net/dst.h:460) 
[ 37.178633][ T371] ? __pfx_raw_getfrag (net/ipv4/raw.c:453) 
[ 37.179100][ T371] ? ip_append_data (net/ipv4/ip_output.c:1371 net/ipv4/ip_output.c:1350) 
[ 37.179608][ T371] ip_push_pending_frames (net/ipv4/ip_output.c:128 net/ipv4/ip_output.c:1501 net/ipv4/ip_output.c:1521) 
[ 37.180081][ T371] raw_sendmsg (net/ipv4/raw.c:658) 
[ 37.180552][ T371] ? __pfx_raw_sendmsg (net/ipv4/raw.c:483) 
[ 37.181012][ T371] ? rcu_read_lock_any_held (kernel/rcu/update.c:386 kernel/rcu/update.c:380) 
[ 37.181512][ T371] ? __lock_acquire (kernel/locking/lockdep.c:5240) 
[ 37.181995][ T371] ? find_held_lock (kernel/locking/lockdep.c:5353) 
[ 37.182469][ T371] ? __might_fault (mm/memory.c:6971 mm/memory.c:6965) 
[ 37.182947][ T371] ? __lock_release (kernel/locking/lockdep.c:5539) 
[ 37.183415][ T371] ? __might_fault (mm/memory.c:6971 mm/memory.c:6965) 
[ 37.183893][ T371] ? _copy_from_user (./arch/x86/include/asm/smap.h:29 ./arch/x86/include/asm/uaccess_64.h:134 ./arch/x86/include/asm/uaccess_64.h:141 ./include/linux/uaccess.h:178 lib/usercopy.c:18) 
[ 37.184399][ T371] __sys_sendto (net/socket.c:714 net/socket.c:729 net/socket.c:2228) 
[ 37.184875][ T371] ? __pfx___sys_sendto (net/socket.c:2195) 
[ 37.185390][ T371] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) 
[ 37.185868][ T371] ? rseq_update_cpu_node_id (kernel/rseq.c:189 (discriminator 10)) 
[ 37.186381][ T371] ? __rseq_handle_notify_resume (kernel/rseq.c:442) 
[ 37.186984][ T371] ? __pfx___rseq_handle_notify_resume (kernel/rseq.c:425) 
[ 37.187604][ T371] __x64_sys_sendto (net/socket.c:2231) 
[ 37.188060][ T371] ? do_syscall_64 (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:119 ./include/linux/entry-common.h:199 arch/x86/entry/syscall_64.c:90) 
[ 37.188547][ T371] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) 
[ 37.189026][ T371] do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) 
[ 37.189518][ T371] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) 
[   37.190117][  T371] RIP: 0033:0x7fc33de6628a
[ 37.190622][ T371] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 7e c3 0f 1f 44 00 00 41 54 48 83 ec 30 44 89
All code
========
   0:	d8 64 89 02          	fsubs  0x2(%rcx,%rcx,4)
   4:	48 c7 c0 ff ff ff ff 	mov    $0xffffffffffffffff,%rax
   b:	eb b8                	jmp    0xffffffffffffffc5
   d:	0f 1f 00             	nopl   (%rax)
  10:	f3 0f 1e fa          	endbr64
  14:	41 89 ca             	mov    %ecx,%r10d
  17:	64 8b 04 25 18 00 00 	mov    %fs:0x18,%eax
  1e:	00 
  1f:	85 c0                	test   %eax,%eax
  21:	75 15                	jne    0x38
  23:	b8 2c 00 00 00       	mov    $0x2c,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax		<-- trapping instruction
  30:	77 7e                	ja     0xb0
  32:	c3                   	ret
  33:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  38:	41 54                	push   %r12
  3a:	48 83 ec 30          	sub    $0x30,%rsp
  3e:	44                   	rex.R
  3f:	89                   	.byte 0x89

Code starting with the faulting instruction
===========================================
   0:	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax
   6:	77 7e                	ja     0x86
   8:	c3                   	ret
   9:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
   e:	41 54                	push   %r12
  10:	48 83 ec 30          	sub    $0x30,%rsp
  14:	44                   	rex.R
  15:	89                   	.byte 0x89
[   37.192291][  T371] RSP: 002b:00007fffe03b67a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   37.192932][  T371] RAX: ffffffffffffffda RBX: 0000000000000038 RCX: 00007fc33de6628a
[   37.193647][  T371] RDX: 0000000000000040 RSI: 0000000031f9b3f0 RDI: 0000000000000005
[   37.194266][  T371] RBP: 00007fffe03b6800 R08: 00000000004185e0 R09: 0000000000000010
[   37.195018][  T371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000054
[   37.195729][  T371] R13: 000000000040305a R14: 0000000000415dd0 R15: 00007fc33dfd1000
| [   44.177285][  T410] ------------[ cut here ]------------
| [ 44.178755][ T410] WARNING: CPU: 2 PID: 410 at ./include/linux/skbuff.h:1164 ip6_route_me_harder (./include/linux/skbuff.h:1164 ./include/linux/skbuff.h:1178 net/ipv6/netfilter.c:66) 
| [   44.179358][  T410] Modules linked in: nft_nat nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables veth
| [   44.180707][  T410] Tainted: [W]=WARN
[   44.180968][  T410] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 44.181339][ T410] RIP: 0010:ip6_route_me_harder (./include/linux/skbuff.h:1164 ./include/linux/skbuff.h:1178 net/ipv6/netfilter.c:66) 
[ 44.181741][ T410] Code: ff e8 e3 b5 04 fe e9 a3 fd ff ff 80 3c 02 00 0f 85 6d 04 00 00 49 8b 47 58 a8 01 0f 85 61 02 00 00 48 a9 fe ff ff ff 74 04 90 <0f> 0b 90 48 8b 95 88 fe ff ff 48 b8 00 00 00 00 00 fc ff df 48 c1
All code
========
   0:	ff                   	ljmp   (bad)
   1:	e8 e3 b5 04 fe       	call   0xfffffffffe04b5e9
   6:	e9 a3 fd ff ff       	jmp    0xfffffffffffffdae
   b:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   f:	0f 85 6d 04 00 00    	jne    0x482
  15:	49 8b 47 58          	mov    0x58(%r15),%rax
  19:	a8 01                	test   $0x1,%al
  1b:	0f 85 61 02 00 00    	jne    0x282
  21:	48 a9 fe ff ff ff    	test   $0xfffffffffffffffe,%rax
  27:	74 04                	je     0x2d
  29:	90                   	nop
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	90                   	nop
  2d:	48 8b 95 88 fe ff ff 	mov    -0x178(%rbp),%rdx
  34:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  3b:	fc ff df 
  3e:	48                   	rex.W
  3f:	c1                   	.byte 0xc1

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	90                   	nop
   3:	48 8b 95 88 fe ff ff 	mov    -0x178(%rbp),%rdx
   a:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  11:	fc ff df 
  14:	48                   	rex.W
  15:	c1                   	.byte 0xc1
[   44.182801][  T410] RSP: 0018:ffffc90000677640 EFLAGS: 00010286
[   44.183186][  T410] RAX: ffff88800a6fa900 RBX: 0000000000000000 RCX: 1ffff110014df520
[   44.183644][  T410] RDX: 1ffff110012d052b RSI: 0000000000000000 RDI: ffff888009b940e0
[   44.184091][  T410] RBP: ffffc900006777e8 R08: 0000000000000000 R09: ffff888009682981
[   44.184769][  T410] R10: ffff88800a5353c3 R11: dffffc0000000000 R12: ffff8880050f3e40
[   44.185225][  T410] R13: ffff88800b518040 R14: ffff88800a6fa900 R15: ffff888009682900
[   44.185680][  T410] FS:  00007f1881def300(0000) GS:ffff88807e1a4000(0000) knlGS:0000000000000000
[   44.186205][  T410] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   44.186592][  T410] CR2: 00007f188203f8b0 CR3: 0000000009a12003 CR4: 0000000000772ef0
[   44.187040][  T410] PKRU: 55555554
[   44.187274][  T410] Call Trace:
[   44.187514][  T410]  <TASK>
[ 44.187680][ T410] ? __pfx_ip6_route_me_harder (net/ipv6/netfilter.c:24) 
[ 44.188005][ T410] ? nf_conntrack_in (net/netfilter/nf_conntrack_core.c:1984 net/netfilter/nf_conntrack_core.c:2060) nf_conntrack 
[ 44.188412][ T410] nf_nat_ipv6_local_fn (net/netfilter/nf_nat_proto.c:1038 net/netfilter/nf_nat_proto.c:1009) nf_nat 
[ 44.188790][ T410] ? ipv6_defrag (net/ipv6/netfilter/nf_defrag_ipv6_hooks.c:70 net/ipv6/netfilter/nf_defrag_ipv6_hooks.c:52) nf_defrag_ipv6 
[ 44.189160][ T410] ? ipv6_defrag (net/ipv6/netfilter/nf_defrag_ipv6_hooks.c:70 net/ipv6/netfilter/nf_defrag_ipv6_hooks.c:52) nf_defrag_ipv6 
[ 44.189547][ T410] ? __pfx_nf_nat_ipv6_local_fn (net/netfilter/nf_nat_proto.c:1011) nf_nat 
[ 44.189924][ T410] nf_hook_slow (./include/linux/netfilter.h:157 net/netfilter/core.c:623) 
[ 44.190229][ T410] nf_hook.constprop.0 (./include/linux/netfilter.h:247) 
[ 44.190550][ T410] ? __pfx_nf_hook.constprop.0 (./include/linux/netfilter.h:226) 
[ 44.190854][ T410] ? __pfx_dst_output (./include/net/dst.h:460) 
[ 44.191207][ T410] ip6_local_out (net/ipv6/output_core.c:154) 
[ 44.191541][ T410] ip6_send_skb (net/ipv6/ip6_output.c:1984) 
[ 44.191856][ T410] rawv6_push_pending_frames (net/ipv6/raw.c:512) 
[ 44.192162][ T410] ? __pfx_raw6_getfrag (net/ipv6/raw.c:711) 
[ 44.192485][ T410] ? __pfx_rawv6_push_pending_frames (net/ipv6/raw.c:512) 
[ 44.192871][ T410] rawv6_sendmsg (net/ipv6/raw.c:918) 
[ 44.193178][ T410] ? __pfx_rawv6_sendmsg (net/ipv6/raw.c:741) 
[ 44.193527][ T410] ? __lock_acquire (kernel/locking/lockdep.c:5240) 
[ 44.193848][ T410] ? __might_fault (mm/memory.c:6971 mm/memory.c:6965) 
[ 44.194158][ T410] ? __sys_sendto (net/socket.c:714 net/socket.c:729 net/socket.c:2228) 
[ 44.194474][ T410] __sys_sendto (net/socket.c:714 net/socket.c:729 net/socket.c:2228) 
[ 44.194786][ T410] ? __pfx___sys_sendto (net/socket.c:2195) 
[ 44.195100][ T410] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) 
[ 44.195413][ T410] ? rseq_update_cpu_node_id (kernel/rseq.c:189 (discriminator 10)) 
[ 44.195715][ T410] ? __rseq_handle_notify_resume (kernel/rseq.c:442) 
[ 44.196090][ T410] ? __pfx___rseq_handle_notify_resume (kernel/rseq.c:425) 
[ 44.196478][ T410] __x64_sys_sendto (net/socket.c:2231) 
[ 44.196784][ T410] ? do_syscall_64 (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:119 ./include/linux/entry-common.h:199 arch/x86/entry/syscall_64.c:90) 
[ 44.197085][ T410] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) 
[ 44.197399][ T410] do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) 
[ 44.197704][ T410] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) 
[   44.198071][  T410] RIP: 0033:0x7f188208628a
[ 44.198391][ T410] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 7e c3 0f 1f 44 00 00 41 54 48 83 ec 30 44 89
All code
========
   0:	d8 64 89 02          	fsubs  0x2(%rcx,%rcx,4)
   4:	48 c7 c0 ff ff ff ff 	mov    $0xffffffffffffffff,%rax
   b:	eb b8                	jmp    0xffffffffffffffc5
   d:	0f 1f 00             	nopl   (%rax)
  10:	f3 0f 1e fa          	endbr64
  14:	41 89 ca             	mov    %ecx,%r10d
  17:	64 8b 04 25 18 00 00 	mov    %fs:0x18,%eax
  1e:	00 
  1f:	85 c0                	test   %eax,%eax
  21:	75 15                	jne    0x38
  23:	b8 2c 00 00 00       	mov    $0x2c,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax		<-- trapping instruction
  30:	77 7e                	ja     0xb0
  32:	c3                   	ret
  33:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  38:	41 54                	push   %r12
  3a:	48 83 ec 30          	sub    $0x30,%rsp
  3e:	44                   	rex.R
  3f:	89                   	.byte 0x89

Code starting with the faulting instruction
===========================================
   0:	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax
   6:	77 7e                	ja     0x86
   8:	c3                   	ret
   9:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
   e:	41 54                	push   %r12
  10:	48 83 ec 30          	sub    $0x30,%rsp
  14:	44                   	rex.R
  15:	89                   	.byte 0x89
[   44.199447][  T410] RSP: 002b:00007ffe51f169e8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   44.199891][  T410] RAX: ffffffffffffffda RBX: 0000000000000038 RCX: 00007f188208628a
[   44.200334][  T410] RDX: 0000000000000040 RSI: 0000000029a213f0 RDI: 0000000000000006
[   44.200811][  T410] RBP: 00007ffe51f16a70 R08: 0000000000418574 R09: 000000000000001c
[   44.201257][  T410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000419ac0


Finger prints:
ip6_route_me_harder:nf_nat_ipv6_local_fn:nf_hook_slow:ip6_local_out:ip6_send_skb
ip_route_me_harder:nf_nat_ipv4_local_fn:nf_hook_slow:__ip_local_out:ip_push_pending_frames