lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <c389e47f-8f82-fd62-8c1d-d9481d2f71ff@I-love.SAKURA.ne.jp>
Date:   Sat, 9 Apr 2022 17:19:30 +0900
From:   Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
To:     bpf@...r.kernel.org
Cc:     syzbot <syzbot+694120e1002c117747ed@...kaller.appspotmail.com>,
        andrii@...nel.org, andriin@...com, ast@...nel.org,
        daniel@...earbox.net, davem@...emloft.net, dsahern@...nel.org,
        edumazet@...gle.com, john.fastabend@...il.com, kafai@...com,
        kpsingh@...nel.org, kuba@...nel.org, kuznet@....inr.ac.ru,
        netdev@...r.kernel.org, songliubraving@...com,
        syzkaller-bugs@...glegroups.com, tpa@...hospital.com, yhs@...com,
        yoshfuji@...ux-ipv6.org
Subject: Re: [syzbot] KASAN: use-after-free Read in tcp_retransmit_timer (5)

Hello, bpf developers.

syzbot is reporting use-after-free increment at __NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPTIMEOUTS).

------------------------------------------------------------
[  702.730585][    C1] ==================================================================
[  702.743543][    C1] BUG: KASAN: use-after-free in tcp_retransmit_timer+0x6c0/0x1ba0
[  702.754301][    C1] Read of size 8 at addr ffff88801eed82b8 by task swapper/1/0
[  702.765301][    C1] 
[  702.768527][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.17.0 #710
[  702.778323][    C1] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[  702.790444][    C1] Call Trace:
[  702.794903][    C1]  <IRQ>
[  702.798753][    C1]  dump_stack_lvl+0xcd/0x134
[  702.804962][    C1]  print_address_description.constprop.0.cold+0x93/0x35d
[  702.809861][    C1]  ? tcp_retransmit_timer+0x6c0/0x1ba0
[  702.813344][    C1]  ? tcp_retransmit_timer+0x6c0/0x1ba0
[  702.817099][    C1]  kasan_report.cold+0x83/0xdf
[  702.820010][    C1]  ? tcp_retransmit_timer+0x6c0/0x1ba0
[  702.823666][    C1]  tcp_retransmit_timer+0x6c0/0x1ba0
[  702.827159][    C1]  ? tcp_mstamp_refresh+0xf/0x60
[  702.830448][    C1]  ? tcp_delack_timer+0x290/0x290
[  702.833410][    C1]  ? mark_held_locks+0x65/0x90
[  702.836790][    C1]  ? ktime_get+0x365/0x420
[  702.839893][    C1]  ? lockdep_hardirqs_on+0x79/0x100
[  702.843144][    C1]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[  702.846621][    C1]  ? ktime_get+0x2e6/0x420
[  702.849334][    C1]  tcp_write_timer_handler+0x32f/0x5f0
[  702.852597][    C1]  tcp_write_timer+0x86/0x250
[  702.855736][    C1]  ? tcp_write_timer_handler+0x5f0/0x5f0
[  702.859211][    C1]  call_timer_fn+0x15d/0x5f0
[  702.862327][    C1]  ? enqueue_timer+0x3b0/0x3b0
[  702.865295][    C1]  ? lock_downgrade+0x3b0/0x3b0
[  702.868462][    C1]  ? mark_held_locks+0x24/0x90
[  702.871511][    C1]  ? tcp_write_timer_handler+0x5f0/0x5f0
[  702.875369][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[  702.878610][    C1]  ? tcp_write_timer_handler+0x5f0/0x5f0
[  702.882085][    C1]  ? tcp_write_timer_handler+0x5f0/0x5f0
[  702.885866][    C1]  run_timer_softirq+0xbdb/0xee0
[  702.889127][    C1]  ? call_timer_fn+0x5f0/0x5f0
[  702.892021][    C1]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  702.895881][    C1]  ? rcu_read_lock_bh_held+0xb0/0xb0
[  702.899151][    C1]  __do_softirq+0x117/0x692
[  702.901960][    C1]  irq_exit_rcu+0xdb/0x110
[  702.904885][    C1]  sysvec_apic_timer_interrupt+0x93/0xc0
[  702.908837][    C1]  </IRQ>
[  702.910666][    C1]  <TASK>
[  702.965995][    C1]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[  703.023333][    C1] RIP: 0010:default_idle+0xb/0x10
[  703.076496][    C1] Code: 04 25 28 00 00 00 75 0f 48 83 c4 60 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 f3 08 fe ff cc cc cc eb 07 0f 00 2d a7 45 50 00 fb f4 <c3> 0f 1f 40 00 41 54 be 08 00 00 00 53 65 48 8b 1c 25 00 70 02 00
[  703.208123][    C1] RSP: 0018:ffffc90000757de0 EFLAGS: 00000202
[  703.276495][    C1] RAX: 000000000008c3e3 RBX: 0000000000000001 RCX: ffffffff86145f10
[  703.344388][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  703.411773][    C1] RBP: 0000000000000001 R08: 0000000000000001 R09: ffffed102338758b
[  703.477687][    C1] R10: ffff888119c3ac53 R11: ffffed102338758a R12: 0000000000000001
[  703.537679][    C1] R13: ffffffff8a539e50 R14: 0000000000000000 R15: ffff8881003e0000
[  703.603213][    C1]  ? rcu_eqs_enter.constprop.0+0xb0/0x100
[  703.667293][    C1]  default_idle_call+0xb1/0x330
[  703.728393][    C1]  do_idle+0x37f/0x430
[  703.789414][    C1]  ? mark_held_locks+0x24/0x90
[  703.852441][    C1]  ? arch_cpu_idle_exit+0x30/0x30
[  703.915057][    C1]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[  703.971934][    C1]  ? lockdep_hardirqs_on+0x79/0x100
[  704.033376][    C1]  ? preempt_count_sub+0xf/0xb0
[  704.095999][    C1]  cpu_startup_entry+0x14/0x20
[  704.153464][    C1]  start_secondary+0x1b7/0x220
[  704.216128][    C1]  ? set_cpu_sibling_map+0x1010/0x1010
[  704.292706][    C1]  secondary_startup_64_no_verify+0xc3/0xcb
[  704.357456][    C1]  </TASK>
[  704.420920][    C1] 
[  704.483318][    C1] Allocated by task 4577:
[  704.546652][    C1]  kasan_save_stack+0x1e/0x40
[  704.610435][    C1]  __kasan_slab_alloc+0x90/0xc0
[  704.671983][    C1]  kmem_cache_alloc+0x1d7/0x760
[  704.734249][    C1]  copy_net_ns+0xaf/0x4a0
[  704.795405][    C1]  create_new_namespaces.isra.0+0x254/0x660
[  704.858394][    C1]  unshare_nsproxy_namespaces+0xb2/0x160
[  704.920500][    C1]  ksys_unshare+0x372/0x780
[  704.983267][    C1]  __x64_sys_unshare+0x1b/0x20
[  705.046194][    C1]  do_syscall_64+0x35/0xb0
[  705.107899][    C1]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  705.169680][    C1] 
[  705.231276][    C1] Freed by task 8:
[  705.294349][    C1]  kasan_save_stack+0x1e/0x40
[  705.359217][    C1]  kasan_set_track+0x21/0x30
[  705.422445][    C1]  kasan_set_free_info+0x20/0x30
[  705.481590][    C1]  __kasan_slab_free+0x11a/0x160
[  705.544098][    C1]  kmem_cache_free+0xe6/0x6a0
[  705.605324][    C1]  net_free+0x89/0xb0
[  705.666356][    C1]  cleanup_net+0x64a/0x730
[  705.728952][    C1]  process_one_work+0x65c/0xda0
[  705.792462][    C1]  worker_thread+0x7f/0x760
[  705.858871][    C1]  kthread+0x1c6/0x210
[  705.920770][    C1]  ret_from_fork+0x1f/0x30
[  705.978623][    C1] 
[  706.038487][    C1] The buggy address belongs to the object at ffff88801eed8000
[  706.038487][    C1]  which belongs to the cache net_namespace of size 6528
[  706.161551][    C1] The buggy address is located 696 bytes inside of
[  706.161551][    C1]  6528-byte region [ffff88801eed8000, ffff88801eed9980)
[  706.272381][    C1] The buggy address belongs to the page:
[  706.334149][    C1] page:ffffea00007bb600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eed8
[  706.400096][    C1] head:ffffea00007bb600 order:3 compound_mapcount:0 compound_pincount:0
[  706.460895][    C1] memcg:ffff88801921b441
[  706.519144][    C1] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  706.585321][    C1] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888100024500
[  706.652434][    C1] raw: 0000000000000000 0000000080040004 00000001ffffffff ffff88801921b441
[  706.717358][    C1] page dumped because: kasan: bad access detected
[  706.783699][    C1] page_owner tracks the page as allocated
[  706.844889][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4577, ts 538093730950, free_ts 446175252650
[  706.984997][    C1]  prep_new_page+0x134/0x170
[  707.056009][    C1]  get_page_from_freelist+0x16c7/0x2510
[  707.130614][    C1]  __alloc_pages+0x29a/0x580
[  707.204976][    C1]  alloc_pages+0xda/0x1a0
[  707.278364][    C1]  new_slab+0x29e/0x3a0
[  707.350591][    C1]  ___slab_alloc+0xb66/0xf60
[  707.416827][    C1]  __slab_alloc.isra.0+0x4d/0xa0
[  707.487734][    C1]  kmem_cache_alloc+0x635/0x760
[  707.560973][    C1]  copy_net_ns+0xaf/0x4a0
[  707.631583][    C1]  create_new_namespaces.isra.0+0x254/0x660
[  707.704556][    C1]  unshare_nsproxy_namespaces+0xb2/0x160
[  707.778185][    C1]  ksys_unshare+0x372/0x780
[  707.853990][    C1]  __x64_sys_unshare+0x1b/0x20
[  707.927571][    C1]  do_syscall_64+0x35/0xb0
[  707.999337][    C1]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  708.073634][    C1] page last free stack trace:
[  708.145935][    C1]  free_pcp_prepare+0x325/0x650
[  708.219254][    C1]  free_unref_page+0x19/0x360
[  708.290288][    C1]  __unfreeze_partials+0x320/0x340
[  708.359731][    C1]  qlist_free_all+0x6d/0x160
[  708.431552][    C1]  kasan_quarantine_reduce+0x13d/0x180
[  708.505070][    C1]  __kasan_slab_alloc+0xa2/0xc0
[  708.577128][    C1]  kmem_cache_alloc+0x1d7/0x760
[  708.649556][    C1]  vm_area_alloc+0x1c/0xa0
[  708.725996][    C1]  mmap_region+0x64f/0xc40
[  708.786537][    C1]  do_mmap+0x66b/0xa40
[  708.861188][    C1]  vm_mmap_pgoff+0x1aa/0x270
[  708.921977][    C1]  ksys_mmap_pgoff+0x357/0x410
[  708.998067][    C1]  do_syscall_64+0x35/0xb0
[  709.072158][    C1]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  709.142294][    C1] 
[  709.210670][    C1] Memory state around the buggy address:
[  709.286139][    C1]  ffff88801eed8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.363031][    C1]  ffff88801eed8200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.429425][    C1] >ffff88801eed8280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.496217][    C1]                                         ^
[  709.560374][    C1]  ffff88801eed8300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.634175][    C1]  ffff88801eed8380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.701217][    C1] ==================================================================
[  709.767019][    C1] Disabling lock debugging due to kernel taint
[  709.831133][    C1] Kernel panic - not syncing: panic_on_warn set ...
[  709.890180][    C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G    B             5.17.0 #710
[  709.958293][    C1] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[  710.031328][    C1] Call Trace:
[  710.096636][    C1]  <IRQ>
[  710.165649][    C1]  dump_stack_lvl+0xcd/0x134
[  710.232724][    C1]  panic+0x263/0x5fa
[  710.300396][    C1]  ? __warn_printk+0xf3/0xf3
[  710.362683][    C1]  ? tcp_retransmit_timer+0x6c0/0x1ba0
[  710.425386][    C1]  ? preempt_count_sub+0xf/0xb0
[  710.487806][    C1]  ? tcp_retransmit_timer+0x6c0/0x1ba0
[  710.550567][    C1]  ? tcp_retransmit_timer+0x6c0/0x1ba0
[  710.612008][    C1]  end_report.cold+0x63/0x6f
[  710.671465][    C1]  kasan_report.cold+0x71/0xdf
[  710.731242][    C1]  ? tcp_retransmit_timer+0x6c0/0x1ba0
[  710.792468][    C1]  tcp_retransmit_timer+0x6c0/0x1ba0
[  710.850296][    C1]  ? tcp_mstamp_refresh+0xf/0x60
[  710.911655][    C1]  ? tcp_delack_timer+0x290/0x290
[  710.972588][    C1]  ? mark_held_locks+0x65/0x90
[  711.033775][    C1]  ? ktime_get+0x365/0x420
[  711.091494][    C1]  ? lockdep_hardirqs_on+0x79/0x100
[  711.153223][    C1]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[  711.210432][    C1]  ? ktime_get+0x2e6/0x420
[  711.269857][    C1]  tcp_write_timer_handler+0x32f/0x5f0
[  711.331006][    C1]  tcp_write_timer+0x86/0x250
[  711.391916][    C1]  ? tcp_write_timer_handler+0x5f0/0x5f0
[  711.452155][    C1]  call_timer_fn+0x15d/0x5f0
[  711.517305][    C1]  ? enqueue_timer+0x3b0/0x3b0
[  711.580906][    C1]  ? lock_downgrade+0x3b0/0x3b0
[  711.642255][    C1]  ? mark_held_locks+0x24/0x90
[  711.703500][    C1]  ? tcp_write_timer_handler+0x5f0/0x5f0
[  711.766484][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[  711.828625][    C1]  ? tcp_write_timer_handler+0x5f0/0x5f0
[  711.889862][    C1]  ? tcp_write_timer_handler+0x5f0/0x5f0
[  711.952756][    C1]  run_timer_softirq+0xbdb/0xee0
[  712.014027][    C1]  ? call_timer_fn+0x5f0/0x5f0
[  712.063350][    C1]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  712.125673][    C1]  ? rcu_read_lock_bh_held+0xb0/0xb0
[  712.183626][    C1]  __do_softirq+0x117/0x692
[  712.245067][    C1]  irq_exit_rcu+0xdb/0x110
[  712.294611][    C1]  sysvec_apic_timer_interrupt+0x93/0xc0
[  712.363854][    C1]  </IRQ>
[  712.426802][    C1]  <TASK>
[  712.482854][    C1]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[  712.542428][    C1] RIP: 0010:default_idle+0xb/0x10
[  712.577029][    C1] Code: 04 25 28 00 00 00 75 0f 48 83 c4 60 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 f3 08 fe ff cc cc cc eb 07 0f 00 2d a7 45 50 00 fb f4 <c3> 0f 1f 40 00 41 54 be 08 00 00 00 53 65 48 8b 1c 25 00 70 02 00
[  712.703886][    C1] RSP: 0018:ffffc90000757de0 EFLAGS: 00000202
[  712.763854][    C1] RAX: 000000000008c3e3 RBX: 0000000000000001 RCX: ffffffff86145f10
[  712.829677][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  712.893652][    C1] RBP: 0000000000000001 R08: 0000000000000001 R09: ffffed102338758b
[  712.956344][    C1] R10: ffff888119c3ac53 R11: ffffed102338758a R12: 0000000000000001
[  713.020195][    C1] R13: ffffffff8a539e50 R14: 0000000000000000 R15: ffff8881003e0000
[  713.083426][    C1]  ? rcu_eqs_enter.constprop.0+0xb0/0x100
[  713.144632][    C1]  default_idle_call+0xb1/0x330
[  713.207385][    C1]  do_idle+0x37f/0x430
[  713.269538][    C1]  ? mark_held_locks+0x24/0x90
[  713.332700][    C1]  ? arch_cpu_idle_exit+0x30/0x30
[  713.396223][    C1]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[  713.460909][    C1]  ? lockdep_hardirqs_on+0x79/0x100
[  713.527012][    C1]  ? preempt_count_sub+0xf/0xb0
[  713.594736][    C1]  cpu_startup_entry+0x14/0x20
[  713.662751][    C1]  start_secondary+0x1b7/0x220
[  713.718784][    C1]  ? set_cpu_sibling_map+0x1010/0x1010
[  713.785338][    C1]  secondary_startup_64_no_verify+0xc3/0xcb
[  713.851417][    C1]  </TASK>
[  713.916633][    C1] Kernel Offset: disabled
[  713.981646][    C1] Rebooting in 10 seconds..
------------------------------------------------------------

I managed to convert https://syzkaller.appspot.com/text?tag=ReproC&x=14fcccedb00000
into a single threaded simple reproducer shown below.

------------------------------------------------------------
// https://syzkaller.appspot.com/bug?id=8f0e04b2beffcd42f044d46879cc224f6eb71a99
// autogenerated by syzkaller (https://github.com/google/syzkaller)

#define _GNU_SOURCE

#include <arpa/inet.h>
#include <endian.h>
#include <errno.h>
#include <fcntl.h>
#include <net/if.h>
#include <pthread.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>
#include <linux/bpf.h>
#include <linux/if_ether.h>
#include <linux/netlink.h>
#include <linux/rtnetlink.h>

#ifndef MSG_PROBE
#define MSG_PROBE 0x10
#endif

struct nlmsg {
	char* pos;
	int nesting;
	struct nlattr* nested[8];
	char buf[4096];
};

static void netlink_init(struct nlmsg* nlmsg, int typ, int flags,
                         const void* data, int size)
{
	memset(nlmsg, 0, sizeof(*nlmsg));
	struct nlmsghdr* hdr = (struct nlmsghdr*)nlmsg->buf;
	hdr->nlmsg_type = typ;
	hdr->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | flags;
	memcpy(hdr + 1, data, size);
	nlmsg->pos = (char*)(hdr + 1) + NLMSG_ALIGN(size);
}

static void netlink_attr(struct nlmsg* nlmsg, int typ, const void* data,
                         int size)
{
	struct nlattr* attr = (struct nlattr*)nlmsg->pos;
	attr->nla_len = sizeof(*attr) + size;
	attr->nla_type = typ;
	if (size > 0)
		memcpy(attr + 1, data, size);
	nlmsg->pos += NLMSG_ALIGN(attr->nla_len);
}

static int netlink_send_ext(struct nlmsg* nlmsg, int sock, uint16_t reply_type,
                            int* reply_len, bool dofail)
{
	if (nlmsg->pos > nlmsg->buf + sizeof(nlmsg->buf) || nlmsg->nesting)
		exit(1);
	struct nlmsghdr* hdr = (struct nlmsghdr*)nlmsg->buf;
	hdr->nlmsg_len = nlmsg->pos - nlmsg->buf;
	struct sockaddr_nl addr;
	memset(&addr, 0, sizeof(addr));
	addr.nl_family = AF_NETLINK;
	ssize_t n = sendto(sock, nlmsg->buf, hdr->nlmsg_len, 0,
			   (struct sockaddr*)&addr, sizeof(addr));
	if (n != (ssize_t)hdr->nlmsg_len) {
		if (dofail)
			exit(1);
		return -1;
	}
	n = recv(sock, nlmsg->buf, sizeof(nlmsg->buf), 0);
	if (reply_len)
		*reply_len = 0;
	if (n < 0) {
		if (dofail)
			exit(1);
		return -1;
	}
	if (n < (ssize_t)sizeof(struct nlmsghdr)) {
		errno = EINVAL;
		if (dofail)
			exit(1);
		return -1;
	}
	if (hdr->nlmsg_type == NLMSG_DONE)
		return 0;
	if (reply_len && hdr->nlmsg_type == reply_type) {
		*reply_len = n;
		return 0;
	}
	if (n < (ssize_t)(sizeof(struct nlmsghdr) + sizeof(struct nlmsgerr))) {
		errno = EINVAL;
		if (dofail)
			exit(1);
		return -1;
	}
	if (hdr->nlmsg_type != NLMSG_ERROR) {
		errno = EINVAL;
		if (dofail)
			exit(1);
		return -1;
	}
	errno = -((struct nlmsgerr*)(hdr + 1))->error;
	return -errno;
}

static int netlink_send(struct nlmsg* nlmsg, int sock)
{
	return netlink_send_ext(nlmsg, sock, 0, NULL, true);
}

static void netlink_device_change(int sock, const char* name, const void* mac, int macsize)
{
	struct nlmsg nlmsg;
	struct ifinfomsg hdr;
	memset(&hdr, 0, sizeof(hdr));
	hdr.ifi_flags = hdr.ifi_change = IFF_UP;
	hdr.ifi_index = if_nametoindex(name);
	netlink_init(&nlmsg, RTM_NEWLINK, 0, &hdr, sizeof(hdr));
	netlink_attr(&nlmsg, IFLA_ADDRESS, mac, macsize);
	netlink_send(&nlmsg, sock);
}

static void netlink_add_addr(int sock, const char* dev, const void* addr, int addrsize)
{
	struct nlmsg nlmsg;
	struct ifaddrmsg hdr;
	memset(&hdr, 0, sizeof(hdr));
	hdr.ifa_family = addrsize == 4 ? AF_INET : AF_INET6;
	hdr.ifa_prefixlen = addrsize == 4 ? 24 : 120;
	hdr.ifa_scope = RT_SCOPE_UNIVERSE;
	hdr.ifa_index = if_nametoindex(dev);
	netlink_init(&nlmsg, RTM_NEWADDR, NLM_F_CREATE | NLM_F_REPLACE, &hdr,
		     sizeof(hdr));
	netlink_attr(&nlmsg, IFA_LOCAL, addr, addrsize);
	netlink_attr(&nlmsg, IFA_ADDRESS, addr, addrsize);
	netlink_send(&nlmsg, sock);
}

static void netlink_add_addr4(int sock, const char* dev, const char* addr)
{
	struct in_addr in_addr;
	inet_pton(AF_INET, addr, &in_addr);
	netlink_add_addr(sock, dev, &in_addr, sizeof(in_addr));
}

static void netlink_add_addr6(int sock, const char* dev, const char* addr)
{
	struct in6_addr in6_addr;
	inet_pton(AF_INET6, addr, &in6_addr);
	netlink_add_addr(sock, dev, &in6_addr, sizeof(in6_addr));
}

static void initialize_netdevices(void)
{
	int fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
	uint64_t macaddr = 0x00aaaaaaaaaa;
	if (fd == EOF)
		exit(1);
	netlink_add_addr4(fd, "lo", "172.20.20.10");
	netlink_add_addr6(fd, "lo", "fe80::0a");
	netlink_device_change(fd, "lo", &macaddr, ETH_ALEN);
	close(fd);
}

#ifndef __NR_bpf
#define __NR_bpf 321
#endif

static const char program[2053] =
	"\xbf\x16\x00\x00\x00\x00\x00\x00\xb7\x07\x00\x00\x01\x00\xf0\xff\x50\x70"
	"\x00\x00\x00\x00\x00\x00\x30\x00\x00\x00\x00\x00\xc0\x00\x95\x00\x00\x00"
	"\x00\x00\x00\x00\x2b\xa7\x28\x04\x15\x98\xd6\xfb\xd3\x0c\xb5\x99\xe8\x3d"
	"\x24\xbd\x81\x37\xa3\xaa\x81\xe0\xed\x13\x9a\x85\xd3\x6b\xb3\x01\x9c\x13"
	"\xbd\x23\x21\xaf\x3c\xf1\xa5\x4f\x26\xfb\xbf\x22\x0b\x71\xd0\xe6\xad\xfe"
	"\xfc\xf1\xd8\xf7\xfa\xf7\x5e\x0f\x22\x6b\xd9\x17\x48\x79\x60\x71\x71\x42"
	"\xfa\x9e\xa4\x31\x81\x23\x75\x1c\x0a\x0e\x16\x8c\x18\x86\xd0\xd4\xd3\x53"
	"\x79\xbd\x22\x3e\xc8\x39\xbc\x16\xee\x98\x8e\x6e\x0d\xc8\xce\xdf\x3c\xeb"
	"\x9f\xbf\xbf\x9b\x0a\x4d\xef\x23\xd4\x30\xf6\x09\x6b\x32\xa8\x34\x38\x81"
	"\x07\x20\xa1\x59\xcd\xa9\x03\x63\xdb\x3d\x22\x1e\x15\x2d\xdc\xa6\x40\x57"
	"\xff\x3c\x47\x44\xae\xac\xcd\x36\x41\x11\x0b\xec\x4e\x90\x27\xa0\xc8\x05"
	"\x5b\xbf\xc3\xa9\x6d\x2e\x89\x10\xc2\xc3\x9e\x4b\xab\xe8\x02\xf5\xab\x3e"
	"\x89\xcf\x6c\x66\x2e\xd4\x04\x8d\x3b\x3e\x22\x27\x8d\x00\x03\x1e\x53\x88"
	"\xee\x5c\x6e\xce\x1c\xcb\x0c\xd2\xb6\xd3\xcf\xfd\x96\x9d\x18\xce\x74\x00"
	"\x68\x72\x5c\x37\x07\x4e\x46\x8e\xe2\x07\xd2\xf7\x39\x02\xea\xcf\xcf\x49"
	"\x82\x27\x75\x98\x5b\xf3\x1b\x71\x5f\x58\x88\xb2\xfd\x00\x00\x00\x00\x00"
	"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x6d\x60\xdb\xe7\x1c\xce\xee\x10\x00"
	"\x00\xdd\xff\xff\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff"
	"\x00\x00\xb2\x7c\xf3\xd1\x84\x8a\x54\xd7\x13\x2b\xe1\xff\xb0\xad\xf9\xde"
	"\xab\x33\x23\xaa\x9f\xdf\xb5\x2f\xaf\x9c\xb0\x9c\x3b\xfd\x09\x00\x00\x00"
	"\xb9\x1a\xb2\x19\xef\xde\xbb\x7b\x3d\xe8\xf6\x75\x81\xcf\x79\x6a\xad\x42"
	"\x23\xb9\xff\x7f\xfc\xad\x3f\x6c\x96\x2b\x9f\x03\x00\x00\x00\x00\x00\x00"
	"\x00\x1c\xf4\x1a\xb1\x1f\x12\xfb\x1e\x0a\x49\x40\x34\x00\x7d\xe7\xc6\x59"
	"\x2d\xf1\xa6\xc6\x4d\x8f\x20\xa6\x77\x45\x40\x9e\x01\x1f\x12\x64\xd4\x3f"
	"\x15\x3b\x3d\x34\x89\x9f\x40\x15\x9e\x80\x0e\xa2\x47\x4b\x54\x05\x00\xa3"
	"\x0b\x23\xbc\xee\x46\x76\x2c\x20\x93\xbc\xc9\xea\xe5\xee\x3e\x98\x00\x26"
	"\xc9\x6f\x80\xee\x1a\x74\xe0\x4b\xde\x74\x07\x50\xfa\x4d\x9a\xaa\x70\x59"
	"\x89\xb8\xe6\x73\xe3\x29\x6e\x52\xd3\x37\xc5\x6a\xbf\x11\x28\x74\xec\x51"
	"\xd6\xfe\x04\x8b\xa6\x86\x6a\xde\xba\xb5\x31\x68\x77\x0a\x71\xad\x90\x1a"
	"\xce\x38\x3e\x41\xd2\x77\xb1\x03\x92\x3a\x9d\x97\x1f\x7a\x25\x91\xdb\xe4"
	"\xa9\x12\xff\xaf\x6f\x65\x8f\x3f\x9c\xd1\x62\x86\x74\x4f\x83\xa8\x3f\x13"
	"\x8f\x8f\x92\xef\xd9\x22\x39\xea\xfc\xe5\xc1\xb3\xf9\x7a\x29\x7c\x9e\x49"
	"\xa0\xc3\x30\x0e\xf7\xb7\xfb\x5f\x09\xe0\xc8\xa8\x68\xa3\x53\x40\x9e\x34"
	"\xd3\xe8\x22\x79\x63\x75\x99\xf3\x5a\xd3\xf7\xff\xff\xff\x3c\xac\x39\x4c"
	"\x7b\xbd\xcd\x0e\x0e\xb5\x21\x89\x2c\x0f\x32\x01\x5b\xf4\xf2\x26\xa4\xe7"
	"\x0f\x03\xcc\x41\x46\xa7\x7a\xf0\x2c\x1d\x4c\xef\xd4\xa2\xb9\x4c\x0a\xed"
	"\x84\x77\xdf\xa8\xce\xef\xb4\x67\xf0\x5c\x69\x77\xc7\x8c\xdb\xf3\x77\x04"
	"\xec\x73\x75\x55\x39\x2a\x0b\x06\x4b\xda\xba\x71\xf8\x97\x14\x49\x10\xfe"
	"\x05\x00\x38\xec\x9e\x47\xde\x89\x29\x8b\x7b\xf4\xd7\x69\xcc\xc1\x8e\xed"
	"\xe0\x06\x8c\xa1\x45\x78\x70\xeb\x30\xd2\x11\xe2\x3c\xcc\x8e\x06\xdd\xde"
	"\xb6\x17\x99\x25\x7a\xb5\x5f\xf4\x13\xc8\x6b\xa9\xaf\xfb\x12\xec\x75\x7c"
	"\x72\x34\xc2\x70\x24\x6c\x87\x8d\x01\x16\x0e\x6c\x07\xbf\x6c\xf8\x80\x9c"
	"\x3a\x0d\x06\x23\x57\xba\x25\x15\x56\x72\x30\xad\x1e\x1f\x49\x33\x54\x5f"
	"\xc3\xc7\x41\x37\x36\x11\x66\x3f\x6b\x63\xb1\xdd\x04\x4d\xd0\xa2\x76\x8e"
	"\x82\x59\x72\xea\x3b\x77\x64\x14\x67\xc8\x9f\xa0\xf8\x2e\x84\x40\x10\x50"
	"\x51\xe5\x51\x0a\x33\xdc\xda\x5e\x4e\x20\x2b\xd6\x22\x54\x9c\x4c\xff\x3f"
	"\x5e\x50\x1d\x3a\x5d\xd7\x14\x3f\xbf\x22\x1f\xff\x16\x1c\x12\xca\x38\x95"
	"\xa3\x00\x00\x00\x00\x00\x00\x0f\xff\x75\x06\x7d\x2a\x21\x4f\x8c\x9d\x9b"
	"\x2e\xcf\x63\x01\x6c\x5f\xd9\xc2\x6a\x54\xd4\x3f\xa0\x50\xb8\x8d\x1d\x43"
	"\xa8\x64\x5b\xd9\x76\x9b\x7e\x07\x86\x9b\xba\x71\x31\x42\x1c\x0f\x39\x11"
	"\x3b\xe7\x66\x4e\x08\xbd\xd7\x11\x5c\x61\xaf\xcb\x71\x8c\xf3\xc4\x68\x0b"
	"\x2f\x6c\x7a\x84\x00\xe3\x78\xa9\xb1\x5b\xc2\x0f\x49\xe2\x98\x72\x73\x40"
	"\xe8\x7c\xde\xfb\x40\xe5\x6e\x9c\xfa\xd9\x73\x34\x7d\x0d\xe7\xba\x47\x54"
	"\xff\x23\x1a\x1b\x93\x3d\x8f\x93\x1b\x8c\x55\x2b\x2c\x7c\x50\x3f\x3d\x0e"
	"\x7a\xb0\xe9\x58\xad\xb8\x62\x82\x2e\x40\x00\x99\x95\xae\x16\x6d\xeb\x98"
	"\x56\x29\x1a\x43\xa6\xf7\xeb\x2e\x32\xce\xfb\xf4\x63\x78\x9e\xaf\x79\xb8"
	"\xd4\xc2\xbf\x0f\x7a\x2c\xb0\x32\xda\xd1\x30\x07\xb8\x2e\x60\xdb\xe9\x86"
	"\x4a\x11\x7d\x27\x32\x68\x50\xa7\xc3\xb5\x70\x86\x3f\x53\x2c\x21\x8b\x10"
	"\xaf\x13\xd7\xbe\x94\x98\x70\x05\x08\x8a\x83\x88\x0c\xca\xb9\xc9\x92\x0c"
	"\x2d\x2a\xf8\xc5\xe1\x3d\x52\xc8\x3a\xc3\xfa\x7c\x3a\xe6\xc0\x83\x84\x86"
	"\x5b\x66\xd2\xb4\xdc\xb5\xdd\x9c\xba\x16\xb6\x20\x40\xbf\x87\x02\xae\x12"
	"\xc7\x7e\x6e\x34\x99\x1a\xf6\x03\xe3\x85\x6a\x34\x6c\xf7\xf9\xfe\xeb\x70"
	"\x88\xae\xda\x89\x0c\xf8\xa4\xa6\xf3\x1b\xa6\xd9\xb8\xcb\x09\x8f\x93\x5b"
	"\xdc\xbb\x29\xfd\x0f\x1a\x34\x2c\x01\x00\x00\x00\x00\x00\x00\x00\x48\xa9"
	"\xde\xa0\x00\x00\x3a\x85\x67\xa7\x59\x2b\x33\x40\x6f\x1f\x71\xc7\x39\xb5"
	"\x5d\xb9\x1d\x23\x09\xdc\x7a\xe4\x01\x00\x5f\x52\x05\x3a\x39\xe7\x30\x7c"
	"\x09\xff\x3a\xc3\xe8\x20\xb0\x1c\x57\xdd\x74\xd4\xaa\xfc\x4c\x38\x3a\x17"
	"\xbc\x1d\xe5\x34\x7b\xb7\x1c\xa1\x6d\xcb\xbb\xaa\x29\x35\xf6\x02\x32\x59"
	"\x84\x38\x6b\x21\xb9\x64\x92\xae\x66\x20\x82\xb5\x6c\xf6\x66\xe6\x3a\x75"
	"\x7c\x0e\xf3\xea\x7a\xf6\x88\x15\x13\xbe\x94\xb3\x66\xe1\x5f\xfc\xa8\xec"
	"\x45\x3b\x3a\x2a\x67\xbe\xdc\xa1\xc7\x66\x95\x22\xe8\xdf\xf8\xbc\x57\x0a"
	"\x93\xfb\xdb\x68\x8c\x3a\xef\xd4\x75\x01\x27\x7a\x6e\xa6\xb1\x11\x63\x39"
	"\x2a\x19\xd8\x79\x95\xb5\x1c\x96\xfe\xbd\x5f\x24\xa3\x49\x98\xd2\x01\x0f"
	"\xd5\xfa\xcf\x68\xc4\xf8\x4e\x2f\x66\xe2\x7c\x81\xa1\x49\xd7\xb3\x31\x98"
	"\x3d\x3b\x74\x44\x49\x53\xfc\x12\x16\xdf\xec\x10\xb7\x24\xbe\x37\x33\xc2"
	"\x6f\x12\x53\x83\x76\xe1\x77\xff\xef\x6f\xd2\x60\x3b\xfa\xb9\x68\x31\x95"
	"\x7a\x08\xe4\x91\x9a\x46\x3d\x53\x32\xa2\x54\x60\x32\xa3\xc0\x6b\x94\xf1"
	"\x68\xe8\xfc\x4b\xda\x0c\x29\x47\x23\xfe\x30\x6f\x26\xc4\x77\xaf\x4b\x92"
	"\x66\x44\x67\x29\x85\xfa\xb7\xcc\x67\xbc\x5b\x5f\x5d\x38\xcd\xd8\xdf\x95"
	"\x14\x7e\xbe\x1c\xd8\x8b\x0a\x2f\xbb\xde\x99\x51\xbe\x42\x82\x7d\xfd\xdf"
	"\xef\xb2\x38\xfa\xc2\x30\x3c\xc8\x98\x2f\x1e\x55\xb0\x05\xaf\xcf\xea\x5e"
	"\xb0\x37\x24\x8f\xef\xad\x6b\xb0\x2c\x16\x2c\xe9\x2a\xb1\x27\x13\x52\x2b"
	"\x97\x50\x6c\x26\x77\x44\xc8\xec\x3d\x2e\x80\xcf\x32\x05\xd3\x66\x99\xfd"
	"\x38\x1b\xc8\x12\x31\xfb\x5e\x12\xe4\x5f\x30\x59\xf3\x61\xd0\x8d\x6a\x6d"
	"\x01\xdd\x79\xca\x9b\xfb\x4e\x06\x25\x94\x27\xb0\x29\x44\x7a\x3e\xd7\x0a"
	"\x2b\x70\xbe\x52\x1e\xa2\x7d\xc8\xcf\x3c\x9b\xdf\x83\xb9\x34\x05\xdb\x07"
	"\xe8\x2e\x2d\xdf\x4c\x4d\x26\xf1\xcd\xd8\xc3\xc9\x73\x6c\xf5\xe5\x08\x6d"
	"\xe3\xb4\x84\xf8\x67\x3e\x0e\x97\xdd\x7e\x8a\x87\x21\x48\x61\x3c\x3a\xea"
	"\xf2\xd6\x7f\x43\x75\xba\x5c\x7f\x1b\x00\x33\xf8\xdf\xe0\x1d\x9c\xb2\xa7"
	"\x08\x01\xf7\x63\x52\x4e\x1d\x79\xd8\x12\xce\xd7\x82\x64\x6b\x5f\x79\xc8"
	"\xfc\x08\xbb\x5c\x11\x02\x01\x08\xd7\x02\xed\xd2\xea\x9c\x96\xcf\xcb\x90"
	"\x66\x66\x86\x27\x82\x0d\x2d\x48\xaa\x5f\xc0\xa7\xbf\x1b\x51\xaf\xd8\x53"
	"\x50\xad\x00\xb7\x8c\x59\x8f\xa8\x70\x1b\x40\x08\x84\xde\x79\x0b\x54\xe5"
	"\xab\x2e\x8f\xf0\xc7\xae\x23\xe0\xb6\xee\xac\x95\xc4\xc2\xee\xf2\xe5\xeb"
	"\x1d\x01\x9d\x52\x09\x9f\xbd\x40\x4e\x8e\xce\x97\x0f\x67\x73\x6b\xa7\xe9"
	"\x60\xbd\x8b\x1e\x41\x05\xce\x7e\x31\xf7\xc9\xc3\xe3\xfa\x61\xaa\xb9\x67"
	"\x56\x5e\x04\x00\x00\x00\x00\x00\x00\x00\xa8\xcf\xda\x89\x0a\x98\xb9\x00"
	"\x87\xe9\x1d\x70\x3e\x98\x53\x5b\x10\x7b\x8f\x46\x53\xbe\x4c\x46\xa3\xa1"
	"\xad\xb0\x7d\x22\x69\x52\xb8\x57\x3b\x41\x70\x18\x31\x6f\xa9\x00\x00\x00"
	"\x00\x00\x00\x00\x00\x41\x22\xc8\x63\x70\x9b\x08\xd4\x63\x9a\x2c\xa4\x6a"
	"\xc9\x0a\xc4\x29\x13\xee\x9b\xca\xa8\x75\xfc\x70\x0b\xa3\x67\xca\x31\x82"
	"\x10\x59\x60\xbe\xf3\x37\x8a\x98\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
	"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
	"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x25\x03\x18\xa4\x4a\xae\xbd\xe8\x49"
	"\x58\x0d\x86\xd1\xaf\xb0\x2a\x49\x6c\x35\xca\x95\x0d\x60\xa3\xd9\x7f\x23"
	"\xac\x37\xf8\x80\xdd\xc3\xb1\x7b\x12\x09\xb0\x03\xc3\x33\x4b\x1c\xc0\xdb"
	"\x48\x3e\x24\x43\x69\x5f\xc9\x5e\xbb\x83\x20\xc9\xad\xee\x62\x94\x51\x4c"
	"\x2c\xa4\x2a\x10\x48\x28\x6d\x70\xd6\x29\x8c\xe1\x4d\x03\x1d\x04\x7b\x08"
	"\x0a\x76\x8b\x9d\xc3\x0e\x64\x40\xa1\x03\x0a\xcf\x39\x13\xa5\x78\x65\xa2"
	"\x77\xce\x60\xe4\x2c\xe3\xb6\xb4\x3b\x4e\x18\xd5\xb5\x3f\xa1\x9f\x94\x69"
	"\x01\x59\x04\xc7\xbb\xde\xf5\xd8\x90\x1f\xff\x46\x14\x77\xe0\x06\xa7\xaa"
	"\x3f\x5e\xb4\x80\x09\x82\xcb\x62\x93\x5c\x26\x49\x00\xd9\xb2\xeb\xf2\x7c"
	"\xd9\x99\x3f\xce\x0b\x10\x71\xd0\x51\x69\xf3\x38\x60\x91\xcf\xc4\x7d\xe1"
	"\x09\xf9\x73\x47\x43\x4b\x79\x06\x40\x76\xe2\xb6\xea\x28\xd6\x9e\xbb\x75"
	"\x0d";

static const char license[4] = "GPL";

static void execute_one(void)
{
	const union bpf_attr attr = {
		.prog_type = BPF_PROG_TYPE_SOCKET_FILTER,
		.insn_cnt = 5,
		.insns = (unsigned long long) program,
		.license = (unsigned long long) license,
	};
	struct sockaddr_in addr = {
		.sin_family = AF_INET,
		.sin_port = htons(0x4001),
		.sin_addr.s_addr = inet_addr("172.20.20.180")
	};
	const struct msghdr msg = {
		.msg_name = &addr,
		.msg_namelen = sizeof(addr),
	};
	const int bpf_fd = syscall(__NR_bpf, BPF_PROG_LOAD, &attr, 72);
	const int sock_fd = socket(PF_INET, SOCK_STREAM, 0);
	alarm(3);
	while (1) {
		sendmsg(sock_fd, &msg, MSG_OOB | MSG_PROBE | MSG_CONFIRM | MSG_FASTOPEN);
		setsockopt(sock_fd, SOL_SOCKET, SO_ATTACH_BPF, &bpf_fd, sizeof(bpf_fd));
	}
}

int main(int argc, char *argv[])
{
	if (unshare(CLONE_NEWNET))
		return 1;
	initialize_netdevices();
	execute_one();
	return 0;
}
------------------------------------------------------------

I don't know what this bpf program is doing, but I suspect that this bpf
program somehow involves PF_INET6 socket without taking a reference to
the net namespace which this bpf program runs.

Below is debug printk() patch for 5.17 which I used for tracing.

------------------------------------------------------------
diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
index 5b61c462e534..a2fd96da8e21 100644
--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h
@@ -178,6 +178,7 @@ struct net {
 #if IS_ENABLED(CONFIG_SMC)
 	struct netns_smc	smc;
 #endif
+	struct list_head struct_net_users;
 } __randomize_layout;
 
 #include <linux/seq_file_net.h>
@@ -243,41 +244,16 @@ void ipx_unregister_sysctl(void);
 void __put_net(struct net *net);
 
 /* Try using get_net_track() instead */
-static inline struct net *get_net(struct net *net)
-{
-	refcount_inc(&net->ns.count);
-	return net;
-}
+extern struct net *get_net(struct net *net);
 
-static inline struct net *maybe_get_net(struct net *net)
-{
-	/* Used when we know struct net exists but we
-	 * aren't guaranteed a previous reference count
-	 * exists.  If the reference count is zero this
-	 * function fails and returns NULL.
-	 */
-	if (!refcount_inc_not_zero(&net->ns.count))
-		net = NULL;
-	return net;
-}
+extern struct net *maybe_get_net(struct net *net);
 
 /* Try using put_net_track() instead */
-static inline void put_net(struct net *net)
-{
-	if (refcount_dec_and_test(&net->ns.count))
-		__put_net(net);
-}
+extern void put_net(struct net *net);
 
-static inline
-int net_eq(const struct net *net1, const struct net *net2)
-{
-	return net1 == net2;
-}
+extern int net_eq(const struct net *net1, const struct net *net2);
 
-static inline int check_net(const struct net *net)
-{
-	return refcount_read(&net->ns.count) != 0;
-}
+extern int check_net(const struct net *net);
 
 void net_drop_ns(void *);
 
diff --git a/include/net/request_sock.h b/include/net/request_sock.h
index 29e41ff3ec93..df89ff3dfa41 100644
--- a/include/net/request_sock.h
+++ b/include/net/request_sock.h
@@ -118,7 +118,7 @@ static inline void __reqsk_free(struct request_sock *req)
 	if (req->rsk_listener)
 		sock_put(req->rsk_listener);
 	kfree(req->saved_syn);
-	kmem_cache_free(req->rsk_ops->slab, req);
+	//kmem_cache_free(req->rsk_ops->slab, req);
 }
 
 static inline void reqsk_free(struct request_sock *req)
diff --git a/include/net/sock.h b/include/net/sock.h
index 50aecd28b355..d2f386f9aa73 100644
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -540,6 +540,7 @@ struct sock {
 #endif
 	struct rcu_head		sk_rcu;
 	netns_tracker		ns_tracker;
+	struct list_head	struct_net_user;
 };
 
 enum sk_pacing {
@@ -2704,17 +2705,10 @@ static inline void sk_eat_skb(struct sock *sk, struct sk_buff *skb)
 	__kfree_skb(skb);
 }
 
-static inline
-struct net *sock_net(const struct sock *sk)
-{
-	return read_pnet(&sk->sk_net);
-}
-
-static inline
-void sock_net_set(struct sock *sk, struct net *net)
-{
-	write_pnet(&sk->sk_net, net);
-}
+extern struct net *sock_net(const struct sock *sk);
+extern void sock_net_set(struct sock *sk, struct net *net);
+extern void sock_net_start_tracking(struct sock *sk, struct net *net);
+extern void sock_net_end_tracking(struct sock *sk);
 
 static inline bool
 skb_sk_is_prefetched(struct sk_buff *skb)
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
index a5b5bb99c644..cf4e8b224654 100644
--- a/net/core/net_namespace.c
+++ b/net/core/net_namespace.c
@@ -26,6 +26,8 @@
 #include <net/net_namespace.h>
 #include <net/netns/generic.h>
 
+DEFINE_SPINLOCK(net_users_lock);
+
 /*
  *	Our network namespace constructor/destructor lists
  */
@@ -50,6 +52,7 @@ struct net init_net = {
 #ifdef CONFIG_KEYS
 	.key_domain	= &init_net_key_domain,
 #endif
+	.struct_net_users = LIST_HEAD_INIT(init_net.struct_net_users),
 };
 EXPORT_SYMBOL(init_net);
 
@@ -406,6 +409,7 @@ static struct net *net_alloc(void)
 	net = kmem_cache_zalloc(net_cachep, GFP_KERNEL);
 	if (!net)
 		goto out_free;
+	INIT_LIST_HEAD(&net->struct_net_users);
 
 #ifdef CONFIG_KEYS
 	net->key_domain = kzalloc(sizeof(struct key_tag), GFP_KERNEL);
@@ -432,7 +436,7 @@ static void net_free(struct net *net)
 {
 	if (refcount_dec_and_test(&net->passive)) {
 		kfree(rcu_access_pointer(net->gen));
-		kmem_cache_free(net_cachep, net);
+		//kmem_cache_free(net_cachep, net);
 	}
 }
 
@@ -637,8 +641,46 @@ EXPORT_SYMBOL(net_ns_barrier);
 
 static DECLARE_WORK(net_cleanup_work, cleanup_net);
 
+struct to_be_destroyed_net {
+	struct list_head list;
+	struct net *net;
+};
+
+static LIST_HEAD(to_be_destroyed_net_list);
+static DEFINE_SPINLOCK(to_be_destroyed_net_list_lock);
+
+bool is_to_be_destroyed_net(struct net *net)
+{
+	unsigned long flags;
+	struct to_be_destroyed_net *entry;
+	bool found = false;
+
+	spin_lock_irqsave(&to_be_destroyed_net_list_lock, flags);
+	list_for_each_entry(entry, &to_be_destroyed_net_list, list) {
+		if (entry->net == net) {
+			found = true;
+			break;
+		}
+	}
+	spin_unlock_irqrestore(&to_be_destroyed_net_list_lock, flags);
+	return found;
+}
+EXPORT_SYMBOL(is_to_be_destroyed_net);
+
 void __put_net(struct net *net)
 {
+	struct to_be_destroyed_net *entry = kzalloc(sizeof(*entry), GFP_ATOMIC | __GFP_NOWARN);
+	unsigned long flags;
+
+	if (entry) {
+		entry->net = net;
+		spin_lock_irqsave(&to_be_destroyed_net_list_lock, flags);
+		list_add_tail(&entry->list, &to_be_destroyed_net_list);
+		spin_unlock_irqrestore(&to_be_destroyed_net_list_lock, flags);
+	}
+	pr_info("Releasing net=%px net->ns.count=%d in_use=%d\n",
+		net, refcount_read(&net->ns.count), sock_inuse_get(net));
+	dump_stack();
 	ref_tracker_dir_exit(&net->refcnt_tracker);
 	/* Cleanup the network namespace in process context */
 	if (llist_add(&net->cleanup_list, &cleanup_list))
@@ -1382,4 +1424,113 @@ const struct proc_ns_operations netns_operations = {
 	.install	= netns_install,
 	.owner		= netns_owner,
 };
+
+struct net *get_net(struct net *net)
+{
+	refcount_inc(&net->ns.count);
+	if (net != &init_net) {
+		pr_info("net=%px count=%d\n", net, refcount_read(&net->ns.count));
+		dump_stack();
+	}
+	return net;
+}
+EXPORT_SYMBOL(get_net);
+
+struct net *maybe_get_net(struct net *net)
+{
+	/* Used when we know struct net exists but we
+	 * aren't guaranteed a previous reference count
+	 * exists.  If the reference count is zero this
+	 * function fails and returns NULL.
+	 */
+	if (!refcount_inc_not_zero(&net->ns.count))
+		net = NULL;
+	else if (net != &init_net) {
+		pr_info("net=%px count=%d\n", net, refcount_read(&net->ns.count));
+		dump_stack();
+	}
+	return net;
+}
+EXPORT_SYMBOL(maybe_get_net);
+
+void put_net(struct net *net)
+{
+	if (net != &init_net) {
+		pr_info("net=%px count=%d\n", net, refcount_read(&net->ns.count));
+		dump_stack();
+	}
+	if (refcount_dec_and_test(&net->ns.count))
+		__put_net(net);
+}
+EXPORT_SYMBOL(put_net);
+
+int net_eq(const struct net *net1, const struct net *net2)
+{
+	return net1 == net2;
+}
+EXPORT_SYMBOL(net_eq);
+
+int check_net(const struct net *net)
+{
+	return refcount_read(&net->ns.count) != 0;
+}
+EXPORT_SYMBOL(check_net);
+
+void sock_net_start_tracking(struct sock *sk, struct net *net)
+{
+	unsigned long flags;
+
+	if (net == &init_net)
+		return;
+	spin_lock_irqsave(&net_users_lock, flags);
+	list_add_tail(&sk->struct_net_user, &net->struct_net_users);
+	spin_unlock_irqrestore(&net_users_lock, flags);
+}
+
+void sock_net_end_tracking(struct sock *sk)
+{
+	unsigned long flags;
+
+	spin_lock_irqsave(&net_users_lock, flags);
+	list_del(&sk->struct_net_user);
+	spin_unlock_irqrestore(&net_users_lock, flags);
+}
+
+struct net *sock_net(const struct sock *sk)
+{
+	struct net *net = read_pnet(&sk->sk_net);
+	unsigned long flags;
+	bool found = false;
+	struct sock *s;
+
+	if (net == &init_net)
+		return net;
+	spin_lock_irqsave(&net_users_lock, flags);
+	BUG_ON(!net->struct_net_users.next);
+	BUG_ON(!net->struct_net_users.prev);
+	list_for_each_entry(s, &net->struct_net_users, struct_net_user) {
+		BUG_ON(!s->struct_net_user.next);
+		BUG_ON(!s->struct_net_user.prev);
+		if (s == sk) {
+			found = true;
+			break;
+		}
+	}
+	spin_unlock_irqrestore(&net_users_lock, flags);
+	if (!found) {
+		pr_info("sock=%px is accessing untracked net=%px\n", sk, net);
+		pr_info("sk->sk_family=%d sk->sk_prot_creator->name=%s sk->sk_state=%d sk->sk_flags=0x%lx net->ns.count=%d\n",
+			sk->sk_family, sk->sk_prot_creator->name, sk->sk_state, sk->sk_flags, refcount_read(&net->ns.count));
+		dump_stack();
+	}
+	return net;
+}
+EXPORT_SYMBOL(sock_net);
+
+void sock_net_set(struct sock *sk, struct net *net)
+{
+	write_pnet(&sk->sk_net, net);
+}
+EXPORT_SYMBOL(sock_net_set);
+
 #endif
diff --git a/net/core/sock.c b/net/core/sock.c
index 6eb174805bf0..3c303117e3bb 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -1904,6 +1904,7 @@ static void sock_copy(struct sock *nsk, const struct sock *osk)
 	nsk->sk_security = sptr;
 	security_sk_clone(osk, nsk);
 #endif
+	sock_net_start_tracking(nsk, read_pnet(&nsk->sk_net));
 }
 
 static struct sock *sk_prot_alloc(struct proto *prot, gfp_t priority,
@@ -1953,10 +1954,12 @@ static void sk_prot_free(struct proto *prot, struct sock *sk)
 	cgroup_sk_free(&sk->sk_cgrp_data);
 	mem_cgroup_sk_free(sk);
 	security_sk_free(sk);
+	/*
 	if (slab != NULL)
 		kmem_cache_free(slab, sk);
 	else
 		kfree(sk);
+	*/
 	module_put(owner);
 }
 
@@ -1989,6 +1992,7 @@ struct sock *sk_alloc(struct net *net, int family, gfp_t priority,
 			sock_inuse_add(net, 1);
 		}
 
+		sock_net_start_tracking(sk, net);
 		sock_net_set(sk, net);
 		refcount_set(&sk->sk_wmem_alloc, 1);
 
diff --git a/net/ipv4/tcp_timer.c b/net/ipv4/tcp_timer.c
index 20cf4a98c69d..412bee1dc9cb 100644
--- a/net/ipv4/tcp_timer.c
+++ b/net/ipv4/tcp_timer.c
@@ -433,6 +433,7 @@ static void tcp_fastopen_synack_timer(struct sock *sk, struct request_sock *req)
 			  TCP_TIMEOUT_INIT << req->num_timeout, TCP_RTO_MAX);
 }
 
+extern bool is_to_be_destroyed_net(struct net *net);
 
 /**
  *  tcp_retransmit_timer() - The TCP retransmit timeout handler
@@ -453,6 +454,13 @@ void tcp_retransmit_timer(struct sock *sk)
 	struct request_sock *req;
 	struct sk_buff *skb;
 
+	if (is_to_be_destroyed_net(net)) {
+		pr_info("BUG: Trying to access destroyed net=%px sk=%px\n", net, sk);
+		pr_info("sk->sk_family=%d sk->sk_prot_creator->name=%s sk->sk_state=%d sk->sk_flags=0x%lx net->ns.count=%d\n",
+			sk->sk_family, sk->sk_prot_creator->name, sk->sk_state, sk->sk_flags, refcount_read(&net->ns.count));
+		WARN_ON(1);
+	}
+
 	req = rcu_dereference_protected(tp->fastopen_rsk,
 					lockdep_sock_is_held(sk));
 	if (req) {
@@ -636,6 +644,7 @@ static void tcp_write_timer(struct timer_list *t)
 	struct inet_connection_sock *icsk =
 			from_timer(icsk, t, icsk_retransmit_timer);
 	struct sock *sk = &icsk->icsk_inet.sk;
+	struct net *net = sock_net(sk);
 
 	bh_lock_sock(sk);
 	if (!sock_owned_by_user(sk)) {
@@ -647,6 +656,11 @@ static void tcp_write_timer(struct timer_list *t)
 	}
 	bh_unlock_sock(sk);
 	sock_put(sk);
+	if (is_to_be_destroyed_net(net)) {
+		pr_info("INFO: About to destroy net=%px sk=%px\n", net, sk);
+		pr_info("sk->sk_family=%d sk->sk_prot_creator->name=%s sk->sk_state=%d sk->sk_flags=0x%lx net->ns.count=%d\n",
+			sk->sk_family, sk->sk_prot_creator->name, sk->sk_state, sk->sk_flags, refcount_read(&net->ns.count));
+	}
 }
 
 void tcp_syn_ack_timeout(const struct request_sock *req)
------------------------------------------------------------

And below is console output with this printk() patch.

------------------------------------------------------------
[   83.642910][ T2875] net_namespace: net=ffff888036278000 count=2
[   83.645415][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   83.648311][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   83.651893][ T2875] Call Trace:
[   83.653239][ T2875]  <TASK>
[   83.654540][ T2875]  dump_stack_lvl+0xcd/0x134
[   83.656428][ T2875]  get_net.cold+0x21/0x26
[   83.658194][ T2875]  sk_alloc+0x1ca/0x8a0
[   83.659979][ T2875]  __netlink_create+0x44/0x160
[   83.662246][ T2875]  netlink_create+0x210/0x310
[   83.664146][ T2875]  ? do_set_master+0x100/0x100
[   83.666538][ T2875]  __sock_create+0x20e/0x4f0
[   83.668648][ T2875]  __sys_socket+0x6f/0x140
[   83.670597][ T2875]  __x64_sys_socket+0x1a/0x20
[   83.672385][ T2875]  do_syscall_64+0x35/0xb0
[   83.674069][ T2875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   83.676201][ T2875] RIP: 0033:0x7fbbed5067db
[   83.677873][ T2875] Code: 73 01 c3 48 8b 0d b5 b6 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 85 b6 0c 00 f7 d8 64 89 01 48
[   83.685279][ T2875] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[   83.688515][ T2875] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbbed5067db
[   83.691782][ T2875] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010
[   83.694835][ T2875] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007fbbed617d50
[   83.697960][ T2875] R10: 0000000000000000 R11: 0000000000000246 R12: 000055a16962f410
[   83.701245][ T2875] R13: 00007ffd7a1e7810 R14: 0000000000000000 R15: 0000000000000000
[   83.704951][ T2875]  </TASK>
[   83.708603][ T2875] net_namespace: net=ffff888036278000 count=3
[   83.712187][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   83.715235][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   83.718777][ T2875] Call Trace:
[   83.720083][ T2875]  <TASK>
[   83.721401][ T2875]  dump_stack_lvl+0xcd/0x134
[   83.723313][ T2875]  get_net.cold+0x21/0x26
[   83.725388][ T2875]  get_proc_task_net+0x99/0x1c0
[   83.727321][ T2875]  proc_tgid_net_lookup+0x21/0x60
[   83.729327][ T2875]  __lookup_slow+0x146/0x280
[   83.731453][ T2875]  walk_component+0x1f2/0x2a0
[   83.733426][ T2875]  path_lookupat.isra.0+0xc4/0x270
[   83.735638][ T2875]  filename_lookup+0x103/0x250
[   83.737518][ T2875]  ? unuse_pde+0x50/0x50
[   83.739230][ T2875]  ? simple_attr_release+0x20/0x20
[   83.741365][ T2875]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[   83.746650][ T2875]  user_path_at_empty+0x42/0x60
[   83.748679][ T2875]  do_faccessat+0xd5/0x490
[   83.750698][ T2875]  do_syscall_64+0x35/0xb0
[   83.752750][ T2875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   83.755147][ T2875] RIP: 0033:0x7fbbed4f416b
[   83.756987][ T2875] Code: 77 05 c3 0f 1f 40 00 48 8b 15 21 dd 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff c3 0f 1f 40 00 f3 0f 1e fa b8 15 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 f1 dc 0d 00 f7 d8
[   83.764201][ T2875] RSP: 002b:00007ffd7a1e64e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000015
[   83.767625][ T2875] RAX: ffffffffffffffda RBX: 00007fbbed5985a0 RCX: 00007fbbed4f416b
[   83.770815][ T2875] RDX: 0000000000000008 RSI: 0000000000000004 RDI: 00007ffd7a1e64f0
[   83.773982][ T2875] RBP: 000055a169630004 R08: 000000000000000d R09: 0078696e752f7465
[   83.777202][ T2875] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fbbed59867c
[   83.780346][ T2875] R13: 00007ffd7a1e64f0 R14: 00007ffd7a1e7680 R15: 0000000000000000
[   83.783686][ T2875]  </TASK>
[   83.785743][ T2875] net_namespace: net=ffff888036278000 count=3
[   83.788711][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   83.791774][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   83.795370][ T2875] Call Trace:
[   83.796779][ T2875]  <TASK>
[   83.798094][ T2875]  dump_stack_lvl+0xcd/0x134
[   83.800045][ T2875]  put_net.cold+0x1f/0x24
[   83.802444][ T2875]  proc_tgid_net_lookup+0x4b/0x60
[   83.804936][ T2875]  __lookup_slow+0x146/0x280
[   83.806890][ T2875]  walk_component+0x1f2/0x2a0
[   83.808840][ T2875]  path_lookupat.isra.0+0xc4/0x270
[   83.810945][ T2875]  filename_lookup+0x103/0x250
[   83.812928][ T2875]  ? unuse_pde+0x50/0x50
[   83.814760][ T2875]  ? simple_attr_release+0x20/0x20
[   83.817416][ T2875]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[   83.819696][ T2875]  user_path_at_empty+0x42/0x60
[   83.822173][ T2875]  do_faccessat+0xd5/0x490
[   83.823958][ T2875]  do_syscall_64+0x35/0xb0
[   83.825808][ T2875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   83.827975][ T2875] RIP: 0033:0x7fbbed4f416b
[   83.829676][ T2875] Code: 77 05 c3 0f 1f 40 00 48 8b 15 21 dd 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff c3 0f 1f 40 00 f3 0f 1e fa b8 15 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 f1 dc 0d 00 f7 d8
[   83.836926][ T2875] RSP: 002b:00007ffd7a1e64e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000015
[   83.840089][ T2875] RAX: ffffffffffffffda RBX: 00007fbbed5985a0 RCX: 00007fbbed4f416b
[   83.843171][ T2875] RDX: 0000000000000008 RSI: 0000000000000004 RDI: 00007ffd7a1e64f0
[   83.846444][ T2875] RBP: 000055a169630004 R08: 000000000000000d R09: 0078696e752f7465
[   83.849481][ T2875] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fbbed59867c
[   83.852857][ T2875] R13: 00007ffd7a1e64f0 R14: 00007ffd7a1e7680 R15: 0000000000000000
[   83.855888][ T2875]  </TASK>
[   83.857759][ T2875] net_namespace: net=ffff888036278000 count=3
[   83.860508][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   83.863611][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   83.867655][ T2875] Call Trace:
[   83.869162][ T2875]  <TASK>
[   83.870467][ T2875]  dump_stack_lvl+0xcd/0x134
[   83.872611][ T2875]  get_net.cold+0x21/0x26
[   83.874572][ T2875]  sk_alloc+0x1ca/0x8a0
[   83.876337][ T2875]  unix_create1+0x81/0x2c0
[   83.878159][ T2875]  unix_create+0x9a/0x130
[   83.880015][ T2875]  __sock_create+0x20e/0x4f0
[   83.881874][ T2875]  __sys_socket+0x6f/0x140
[   83.883730][ T2875]  __x64_sys_socket+0x1a/0x20
[   83.886127][ T2875]  do_syscall_64+0x35/0xb0
[   83.888040][ T2875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   83.890433][ T2875] RIP: 0033:0x7fbbed5067db
[   83.892409][ T2875] Code: 73 01 c3 48 8b 0d b5 b6 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 85 b6 0c 00 f7 d8 64 89 01 48
[   83.899534][ T2875] RSP: 002b:00007ffd7a1e64e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[   83.903158][ T2875] RAX: ffffffffffffffda RBX: 00007fbbed5985a0 RCX: 00007fbbed5067db
[   83.906369][ T2875] RDX: 0000000000000000 RSI: 0000000000080002 RDI: 0000000000000001
[   83.909364][ T2875] RBP: 0000000000000002 R08: 000000000000000d R09: 0078696e752f7465
[   83.912373][ T2875] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fbbed59867c
[   83.915860][ T2875] R13: 00007ffd7a1e64f0 R14: 0000000000000001 R15: 0000000000000000
[   83.919121][ T2875]  </TASK>
[   83.921478][ T2875] net_namespace: net=ffff888036278000 count=3
[   83.924516][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   83.927520][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   83.931006][ T2875] Call Trace:
[   83.932385][ T2875]  <TASK>
[   83.933651][ T2875]  dump_stack_lvl+0xcd/0x134
[   83.935827][ T2875]  put_net.cold+0x1f/0x24
[   83.937612][ T2875]  __sk_destruct+0x1f9/0x3b0
[   83.939531][ T2875]  sk_destruct+0xa6/0xc0
[   83.941428][ T2875]  __sk_free+0x5a/0x1b0
[   83.943189][ T2875]  sk_free+0x6b/0x90
[   83.944884][ T2875]  unix_release_sock+0x4d4/0x6d0
[   83.946887][ T2875]  unix_release+0x2d/0x40
[   83.948674][ T2875]  __sock_release+0x47/0xd0
[   83.950652][ T2875]  ? __sock_release+0xd0/0xd0
[   83.952626][ T2875]  sock_close+0x18/0x20
[   83.954491][ T2875]  __fput+0x117/0x450
[   83.956241][ T2875]  task_work_run+0x75/0xd0
[   83.958071][ T2875]  exit_to_user_mode_prepare+0x273/0x280
[   83.960365][ T2875]  syscall_exit_to_user_mode+0x19/0x60
[   83.962612][ T2875]  do_syscall_64+0x42/0xb0
[   83.964521][ T2875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   83.967103][ T2875] RIP: 0033:0x7fbbed4f937b
[   83.968976][ T2875] Code: c3 48 8b 15 17 8b 0d 00 f7 d8 64 89 02 b8 ff ff ff ff eb c2 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 e1 8a 0d 00 f7 d8
[   83.976315][ T2875] RSP: 002b:00007ffd7a1e6538 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[   83.979599][ T2875] RAX: 0000000000000000 RBX: 0000000000001802 RCX: 00007fbbed4f937b
[   83.982751][ T2875] RDX: 00007ffd7a1e6540 RSI: 0000000000008933 RDI: 0000000000000004
[   83.985979][ T2875] RBP: 0000000000000004 R08: 000000000000000d R09: 0078696e752f7465
[   83.989107][ T2875] R10: 0000000000000004 R11: 0000000000000246 R12: 00007ffd7a1e6540
[   83.992365][ T2875] R13: 00007ffd7a1e762c R14: 00007ffd7a1e7680 R15: 0000000000000000
[   83.995633][ T2875]  </TASK>
[   83.998686][ T2875] net_namespace: net=ffff888036278000 count=3
[   84.001243][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   84.005041][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   84.008594][ T2875] Call Trace:
[   84.010029][ T2875]  <TASK>
[   84.011797][ T2875]  dump_stack_lvl+0xcd/0x134
[   84.013820][ T2875]  get_net.cold+0x21/0x26
[   84.016049][ T2875]  sk_alloc+0x1ca/0x8a0
[   84.018006][ T2875]  unix_create1+0x81/0x2c0
[   84.019853][ T2875]  unix_create+0x9a/0x130
[   84.021779][ T2875]  __sock_create+0x20e/0x4f0
[   84.023672][ T2875]  __sys_socket+0x6f/0x140
[   84.025544][ T2875]  __x64_sys_socket+0x1a/0x20
[   84.027473][ T2875]  do_syscall_64+0x35/0xb0
[   84.029310][ T2875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   84.031710][ T2875] RIP: 0033:0x7fbbed5067db
[   84.033512][ T2875] Code: 73 01 c3 48 8b 0d b5 b6 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 85 b6 0c 00 f7 d8 64 89 01 48
[   84.041069][ T2875] RSP: 002b:00007ffd7a1e64e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[   84.044342][ T2875] RAX: ffffffffffffffda RBX: 000000000000780a RCX: 00007fbbed5067db
[   84.047336][ T2875] RDX: 0000000000000000 RSI: 0000000000080002 RDI: 0000000000000001
[   84.050451][ T2875] RBP: 000055a169630004 R08: 000000000000000d R09: 000055a16963001a
[   84.053617][ T2875] R10: 0000000000000002 R11: 0000000000000246 R12: 00007ffd7a1e6540
[   84.056885][ T2875] R13: 00007ffd7a1e7680 R14: 00007ffd7a1e7680 R15: 0000000000000000
[   84.059933][ T2875]  </TASK>
[   84.061977][ T2875] net_namespace: net=ffff888036278000 count=3
[   84.064619][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   84.067684][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   84.071207][ T2875] Call Trace:
[   84.072586][ T2875]  <TASK>
[   84.073835][ T2875]  dump_stack_lvl+0xcd/0x134
[   84.075862][ T2875]  put_net.cold+0x1f/0x24
[   84.077663][ T2875]  __sk_destruct+0x1f9/0x3b0
[   84.079540][ T2875]  sk_destruct+0xa6/0xc0
[   84.081437][ T2875]  __sk_free+0x5a/0x1b0
[   84.085862][ T2875]  sk_free+0x6b/0x90
[   84.087628][ T2875]  unix_release_sock+0x4d4/0x6d0
[   84.089575][ T2875]  unix_release+0x2d/0x40
[   84.091333][ T2875]  __sock_release+0x47/0xd0
[   84.093107][ T2875]  ? __sock_release+0xd0/0xd0
[   84.095003][ T2875]  sock_close+0x18/0x20
[   84.096801][ T2875]  __fput+0x117/0x450
[   84.098375][ T2875]  task_work_run+0x75/0xd0
[   84.100983][ T2875]  exit_to_user_mode_prepare+0x273/0x280
[   84.103425][ T2875]  syscall_exit_to_user_mode+0x19/0x60
[   84.105626][ T2875]  do_syscall_64+0x42/0xb0
[   84.107471][ T2875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   84.109773][ T2875] RIP: 0033:0x7fbbed4f937b
[   84.111613][ T2875] Code: c3 48 8b 15 17 8b 0d 00 f7 d8 64 89 02 b8 ff ff ff ff eb c2 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 e1 8a 0d 00 f7 d8
[   84.118931][ T2875] RSP: 002b:00007ffd7a1e6538 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[   84.122539][ T2875] RAX: 0000000000000000 RBX: 000000000000780a RCX: 00007fbbed4f937b
[   84.125766][ T2875] RDX: 00007ffd7a1e6540 RSI: 0000000000008933 RDI: 0000000000000004
[   84.129038][ T2875] RBP: 0000000000000004 R08: 000000000000000d R09: 000055a16963001a
[   84.132217][ T2875] R10: 0000000000000002 R11: 0000000000000246 R12: 00007ffd7a1e6540
[   84.135522][ T2875] R13: 00007ffd7a1e7680 R14: 00007ffd7a1e7680 R15: 0000000000000000
[   84.138787][ T2875]  </TASK>
[   84.141378][ T2875] net_namespace: net=ffff888036278000 count=3
[   84.143692][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   84.146720][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   84.150247][ T2875] Call Trace:
[   84.151721][ T2875]  <TASK>
[   84.153004][ T2875]  dump_stack_lvl+0xcd/0x134
[   84.154955][ T2875]  get_net.cold+0x21/0x26
[   84.156772][ T2875]  sk_alloc+0x1ca/0x8a0
[   84.158541][ T2875]  unix_create1+0x81/0x2c0
[   84.160417][ T2875]  unix_create+0x9a/0x130
[   84.162226][ T2875]  __sock_create+0x20e/0x4f0
[   84.164112][ T2875]  __sys_socket+0x6f/0x140
[   84.166350][ T2875]  __x64_sys_socket+0x1a/0x20
[   84.168367][ T2875]  do_syscall_64+0x35/0xb0
[   84.170319][ T2875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   84.172755][ T2875] RIP: 0033:0x7fbbed5067db
[   84.174630][ T2875] Code: 73 01 c3 48 8b 0d b5 b6 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 85 b6 0c 00 f7 d8 64 89 01 48
[   84.181843][ T2875] RSP: 002b:00007ffd7a1e64e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[   84.185360][ T2875] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbbed5067db
[   84.188587][ T2875] RDX: 0000000000000000 RSI: 0000000000080002 RDI: 0000000000000001
[   84.191962][ T2875] RBP: 000055a169630004 R08: 000000000000000d R09: 0000000000000000
[   84.195151][ T2875] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd7a1e6540
[   84.198247][ T2875] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[   84.201606][ T2875]  </TASK>
[   84.203465][ T2875] net_namespace: net=ffff888036278000 count=3
[   84.206040][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   84.209034][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   84.212497][ T2875] Call Trace:
[   84.213878][ T2875]  <TASK>
[   84.215443][ T2875]  dump_stack_lvl+0xcd/0x134
[   84.217370][ T2875]  put_net.cold+0x1f/0x24
[   84.219202][ T2875]  __sk_destruct+0x1f9/0x3b0
[   84.221245][ T2875]  sk_destruct+0xa6/0xc0
[   84.223004][ T2875]  __sk_free+0x5a/0x1b0
[   84.224776][ T2875]  sk_free+0x6b/0x90
[   84.226342][ T2875]  unix_release_sock+0x4d4/0x6d0
[   84.228268][ T2875]  unix_release+0x2d/0x40
[   84.230137][ T2875]  __sock_release+0x47/0xd0
[   84.231923][ T2875]  ? __sock_release+0xd0/0xd0
[   84.233765][ T2875]  sock_close+0x18/0x20
[   84.236000][ T2875]  __fput+0x117/0x450
[   84.237704][ T2875]  task_work_run+0x75/0xd0
[   84.239496][ T2875]  exit_to_user_mode_prepare+0x273/0x280
[   84.242142][ T2875]  syscall_exit_to_user_mode+0x19/0x60
[   84.244474][ T2875]  do_syscall_64+0x42/0xb0
[   84.246441][ T2875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   84.248704][ T2875] RIP: 0033:0x7fbbed4f937b
[   84.250500][ T2875] Code: c3 48 8b 15 17 8b 0d 00 f7 d8 64 89 02 b8 ff ff ff ff eb c2 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 e1 8a 0d 00 f7 d8
[   84.257987][ T2875] RSP: 002b:00007ffd7a1e6538 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[   84.261471][ T2875] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fbbed4f937b
[   84.264691][ T2875] RDX: 00007ffd7a1e6540 RSI: 0000000000008933 RDI: 0000000000000004
[   84.267780][ T2875] RBP: 0000000000000004 R08: 000000000000000d R09: 0000000000000000
[   84.271032][ T2875] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd7a1e6540
[   84.274208][ T2875] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[   84.277498][ T2875]  </TASK>
[   84.287045][ T2875] net_namespace: net=ffff888036278000 count=3
[   84.289271][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   84.292514][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   84.296133][ T2875] Call Trace:
[   84.297568][ T2875]  <TASK>
[   84.298859][ T2875]  dump_stack_lvl+0xcd/0x134
[   84.300918][ T2875]  get_net.cold+0x21/0x26
[   84.302637][ T2875]  sk_alloc+0x1ca/0x8a0
[   84.304653][ T2875]  inet_create+0x21e/0x7e0
[   84.306778][ T2875]  __sock_create+0x20e/0x4f0
[   84.308690][ T2875]  __sys_socket+0x6f/0x140
[   84.310513][ T2875]  __x64_sys_socket+0x1a/0x20
[   84.312659][ T2875]  do_syscall_64+0x35/0xb0
[   84.314573][ T2875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   84.316905][ T2875] RIP: 0033:0x7fbbed5067db
[   84.318820][ T2875] Code: 73 01 c3 48 8b 0d b5 b6 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 85 b6 0c 00 f7 d8 64 89 01 48
[   84.325864][ T2875] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[   84.329133][ T2875] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbbed5067db
[   84.332546][ T2875] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[   84.336076][ T2875] RBP: 00007ffd7a1e762c R08: 0000000000000000 R09: 0000000000000000
[   84.339372][ T2875] R10: 1999999999999999 R11: 0000000000000246 R12: 00007ffd7a1e7630
[   84.342502][ T2875] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[   84.345680][ T2875]  </TASK>
[   84.353592][    C0] net_namespace: sock=ffff88800e6a0000 is accessing untracked net=ffff888036278000
[   84.358423][    C0] net_namespace: sk->sk_family=10 sk->sk_prot_creator->name=(efault) sk->sk_state=12 sk->sk_flags=0xffff88800bbd8c40 net->ns.count=3
[   84.363617][    C0] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   84.366717][    C0] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   84.370399][    C0] Call Trace:
[   84.371855][    C0]  <IRQ>
[   84.373042][    C0]  dump_stack_lvl+0xcd/0x134
[   84.374866][    C0]  sock_net+0x118/0x160
[   84.376672][    C0]  inet_ehash_insert+0x98/0x490
[   84.378737][    C0]  inet_csk_reqsk_queue_hash_add+0x5b/0x80
[   84.381582][    C0]  tcp_conn_request+0x1082/0x14a0
[   84.383746][    C0]  ? tcp_v4_conn_request+0x6c/0x120
[   84.386019][    C0]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[   84.388249][    C0]  tcp_v4_conn_request+0x6c/0x120
[   84.390356][    C0]  tcp_v6_conn_request+0x157/0x1d0
[   84.392458][    C0]  tcp_rcv_state_process+0x443/0x1f20
[   84.394725][    C0]  ? tcp_v4_do_rcv+0x1b5/0x600
[   84.396681][    C0]  tcp_v4_do_rcv+0x1b5/0x600
[   84.398620][    C0]  tcp_v4_rcv+0x1bad/0x1de0
[   84.400791][    C0]  ip_protocol_deliver_rcu+0x52/0x630
[   84.403773][    C0]  ip_local_deliver_finish+0xb4/0x1d0
[   84.406060][    C0]  ip_local_deliver+0xa7/0x320
[   84.408075][    C0]  ? ip_protocol_deliver_rcu+0x630/0x630
[   84.410374][    C0]  ip_rcv_finish+0x108/0x170
[   84.412225][    C0]  ip_rcv+0x69/0x2f0
[   84.413859][    C0]  ? ip_rcv_finish_core.isra.0+0xbb0/0xbb0
[   84.416510][    C0]  __netif_receive_skb_one_core+0x6a/0xa0
[   84.418949][    C0]  __netif_receive_skb+0x24/0xa0
[   84.421102][    C0]  process_backlog+0x11d/0x320
[   84.422978][    C0]  __napi_poll+0x3d/0x3e0
[   84.424808][    C0]  net_rx_action+0x34e/0x480
[   84.426713][    C0]  __do_softirq+0xde/0x539
[   84.428458][    C0]  ? ip_finish_output2+0x401/0x1060
[   84.430566][    C0]  do_softirq+0xb1/0xf0
[   84.432611][    C0]  </IRQ>
[   84.433909][    C0]  <TASK>
[   84.435285][    C0]  __local_bh_enable_ip+0xbf/0xd0
[   84.437418][    C0]  ip_finish_output2+0x42f/0x1060
[   84.439382][    C0]  ? __ip_finish_output+0x471/0x840
[   84.443928][    C0]  __ip_finish_output+0x471/0x840
[   84.445988][    C0]  ? write_comp_data+0x1c/0x70
[   84.448014][    C0]  ip_finish_output+0x32/0x140
[   84.449946][    C0]  ip_output+0xb2/0x3b0
[   84.451881][    C0]  ? __ip_finish_output+0x840/0x840
[   84.453979][    C0]  ip_local_out+0x6e/0xd0
[   84.455733][    C0]  __ip_queue_xmit+0x306/0x950
[   84.457580][    C0]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[   84.459761][    C0]  ? sock_net+0x11d/0x160
[   84.461577][    C0]  __tcp_transmit_skb+0x845/0x1380
[   84.463573][    C0]  tcp_connect+0xb02/0x1c80
[   84.465713][    C0]  ? preempt_schedule_common+0x32/0x80
[   84.468040][    C0]  tcp_v4_connect+0x72c/0x820
[   84.470357][    C0]  __inet_stream_connect+0x157/0x630
[   84.473029][    C0]  ? kmem_cache_alloc_trace+0x556/0x690
[   84.475392][    C0]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[   84.477659][    C0]  tcp_sendmsg_locked+0xf16/0x1440
[   84.479765][    C0]  ? __local_bh_enable_ip+0x72/0xd0
[   84.481880][    C0]  tcp_sendmsg+0x2b/0x40
[   84.483651][    C0]  inet_sendmsg+0x45/0x70
[   84.485640][    C0]  ? inet_send_prepare+0x2e0/0x2e0
[   84.487807][    C0]  ____sys_sendmsg+0x390/0x3e0
[   84.489794][    C0]  ? debug_object_activate+0x193/0x210
[   84.491915][    C0]  ___sys_sendmsg+0x97/0xe0
[   84.493713][    C0]  ? __lock_acquire+0x3b2/0x3160
[   84.495653][    C0]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[   84.497772][    C0]  ? __fget_light+0x99/0xe0
[   84.499582][    C0]  __sys_sendmsg+0x88/0x100
[   84.501976][    C0]  do_syscall_64+0x35/0xb0
[   84.503841][    C0]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   84.506292][    C0] RIP: 0033:0x7fbbed5ec0f7
[   84.508154][    C0] Code: 64 89 02 48 c7 c0 ff ff ff ff eb bc 0f 1f 80 00 00 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[   84.515353][    C0] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.518867][    C0] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fbbed5ec0f7
[   84.522178][    C0] RDX: 0000000020000811 RSI: 00007ffd7a1e7630 RDI: 0000000000000004
[   84.525355][    C0] RBP: 00007ffd7a1e762c R08: 0000000000000000 R09: 0000000000000000
[   84.528392][    C0] R10: 1999999999999999 R11: 0000000000000246 R12: 00007ffd7a1e7630
[   84.531766][    C0] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[   84.535012][    C0]  </TASK>
[   84.554710][    C0] net_namespace: net=ffff888036278000 count=3
[   84.557308][    C0] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   84.560308][    C0] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   84.563719][    C0] Call Trace:
[   84.565561][    C0]  <IRQ>
[   84.566936][    C0]  dump_stack_lvl+0xcd/0x134
[   84.569111][    C0]  put_net.cold+0x1f/0x24
[   84.571071][    C0]  __sk_destruct+0x1f9/0x3b0
[   84.572995][    C0]  sk_destruct+0xa6/0xc0
[   84.574855][    C0]  __sk_free+0x5a/0x1b0
[   84.576633][    C0]  sk_free+0x6b/0x90
[   84.578324][    C0]  deferred_put_nlk_sk+0xb7/0x150
[   84.580383][    C0]  rcu_core+0x37d/0xa00
[   84.582144][    C0]  ? rcu_core+0x31e/0xa00
[   84.583970][    C0]  __do_softirq+0xde/0x539
[   84.586435][    C0]  ? tcp_sendmsg+0x1d/0x40
[   84.588290][    C0]  do_softirq+0xb1/0xf0
[   84.590022][    C0]  </IRQ>
[   84.591451][    C0]  <TASK>
[   84.592751][    C0]  __local_bh_enable_ip+0xbf/0xd0
[   84.594866][    C0]  tcp_sendmsg+0x1d/0x40
[   84.596737][    C0]  inet_sendmsg+0x45/0x70
[   84.598573][    C0]  ? inet_send_prepare+0x2e0/0x2e0
[   84.600679][    C0]  ____sys_sendmsg+0x390/0x3e0
[   84.602707][    C0]  ___sys_sendmsg+0x97/0xe0
[   84.604712][    C0]  ? __lock_acquire+0x3b2/0x3160
[   84.607154][    C0]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[   84.609429][    C0]  ? __fget_light+0x99/0xe0
[   84.611412][    C0]  __sys_sendmsg+0x88/0x100
[   84.613325][    C0]  do_syscall_64+0x35/0xb0
[   84.615297][    C0]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   84.617704][    C0] RIP: 0033:0x7fbbed5ec0f7
[   84.619846][    C0] Code: 64 89 02 48 c7 c0 ff ff ff ff eb bc 0f 1f 80 00 00 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[   84.627115][    C0] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.630656][    C0] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fbbed5ec0f7
[   84.633812][    C0] RDX: 0000000020000811 RSI: 00007ffd7a1e7630 RDI: 0000000000000004
[   84.638113][    C0] RBP: 00007ffd7a1e762c R08: 0000000000000004 R09: 0000000000000000
[   84.641422][    C0] R10: 00007ffd7a1e762c R11: 0000000000000246 R12: 00007ffd7a1e7630
[   84.644856][    C0] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[   84.648113][    C0]  </TASK>
[   84.745096][    C2] net_namespace: sock=ffff88800e6a0000 is accessing untracked net=ffff888036278000
[   84.749028][    C2] net_namespace: sk->sk_family=10 sk->sk_prot_creator->name=(efault) sk->sk_state=12 sk->sk_flags=0xffff88800bbd8c40 net->ns.count=2
[   84.754738][    C2] CPU: 2 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   84.757944][    C2] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   84.761531][    C2] Call Trace:
[   84.762930][    C2]  <IRQ>
[   84.764209][    C2]  dump_stack_lvl+0xcd/0x134
[   84.766204][    C2]  sock_net+0x118/0x160
[   84.768239][    C2]  __inet_lookup_established+0x127/0x360
[   84.770835][    C2]  tcp_v4_rcv+0xbae/0x1de0
[   84.772780][    C2]  ip_protocol_deliver_rcu+0x52/0x630
[   84.775163][    C2]  ip_local_deliver_finish+0xb4/0x1d0
[   84.777395][    C2]  ip_local_deliver+0xa7/0x320
[   84.779347][    C2]  ? ip_protocol_deliver_rcu+0x630/0x630
[   84.781711][    C2]  ip_rcv_finish+0x108/0x170
[   84.783656][    C2]  ip_rcv+0x69/0x2f0
[   84.785609][    C2]  ? ip_rcv_finish_core.isra.0+0xbb0/0xbb0
[   84.787945][    C2]  __netif_receive_skb_one_core+0x6a/0xa0
[   84.790338][    C2]  __netif_receive_skb+0x24/0xa0
[   84.792346][    C2]  process_backlog+0x11d/0x320
[   84.794431][    C2]  __napi_poll+0x3d/0x3e0
[   84.796592][    C2]  net_rx_action+0x34e/0x480
[   84.798469][    C2]  __do_softirq+0xde/0x539
[   84.800514][    C2]  ? sock_setsockopt+0x103/0x19f0
[   84.803153][    C2]  do_softirq+0xb1/0xf0
[   84.805116][    C2]  </IRQ>
[   84.806534][    C2]  <TASK>
[   84.807900][    C2]  __local_bh_enable_ip+0xbf/0xd0
[   84.810002][    C2]  sock_setsockopt+0x103/0x19f0
[   84.812178][    C2]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[   84.814535][    C2]  __sys_setsockopt+0x2d1/0x330
[   84.816496][    C2]  __x64_sys_setsockopt+0x22/0x30
[   84.818633][    C2]  do_syscall_64+0x35/0xb0
[   84.820620][    C2]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   84.823211][    C2] RIP: 0033:0x7fbbed50677e
[   84.825098][    C2] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 49 89 ca b8 36 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e2 b6 0c 00 f7 d8 64 89 01 48
[   84.832280][    C2] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000217 ORIG_RAX: 0000000000000036
[   84.835905][    C2] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fbbed50677e
[   84.839164][    C2] RDX: 0000000000000032 RSI: 0000000000000001 RDI: 0000000000000004
[   84.842605][    C2] RBP: 00007ffd7a1e762c R08: 0000000000000004 R09: 0000000000000000
[   84.845893][    C2] R10: 00007ffd7a1e762c R11: 0000000000000217 R12: 00007ffd7a1e7630
[   84.849091][    C2] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[   84.852527][    C2]  </TASK>
[   84.854068][    C2] net_namespace: sock=ffff88800e6a0000 is accessing untracked net=ffff888036278000
[   84.858121][    C2] net_namespace: sk->sk_family=10 sk->sk_prot_creator->name=(efault) sk->sk_state=12 sk->sk_flags=0xffff88800bbd8c40 net->ns.count=2
[   84.863384][    C2] CPU: 2 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   84.866705][    C2] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   84.870581][    C2] Call Trace:
[   84.872201][    C2]  <IRQ>
[   84.873449][    C2]  dump_stack_lvl+0xcd/0x134
[   84.875838][    C2]  sock_net+0x118/0x160
[   84.877670][    C2]  __inet_lookup_established+0x24f/0x360
[   84.880054][    C2]  tcp_v4_rcv+0xbae/0x1de0
[   84.881976][    C2]  ip_protocol_deliver_rcu+0x52/0x630
[   84.884083][    C2]  ip_local_deliver_finish+0xb4/0x1d0
[   84.886449][    C2]  ip_local_deliver+0xa7/0x320
[   84.888449][    C2]  ? ip_protocol_deliver_rcu+0x630/0x630
[   84.890881][    C2]  ip_rcv_finish+0x108/0x170
[   84.893022][    C2]  ip_rcv+0x69/0x2f0
[   84.894792][    C2]  ? ip_rcv_finish_core.isra.0+0xbb0/0xbb0
[   84.897049][    C2]  __netif_receive_skb_one_core+0x6a/0xa0
[   84.899296][    C2]  __netif_receive_skb+0x24/0xa0
[   84.901420][    C2]  process_backlog+0x11d/0x320
[   84.903470][    C2]  __napi_poll+0x3d/0x3e0
[   84.905410][    C2]  net_rx_action+0x34e/0x480
[   84.907399][    C2]  __do_softirq+0xde/0x539
[   84.909259][    C2]  ? sock_setsockopt+0x103/0x19f0
[   84.914100][    C2]  do_softirq+0xb1/0xf0
[   84.915946][    C2]  </IRQ>
[   84.917252][    C2]  <TASK>
[   84.918598][    C2]  __local_bh_enable_ip+0xbf/0xd0
[   84.920777][    C2]  sock_setsockopt+0x103/0x19f0
[   84.922691][    C2]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[   84.924959][    C2]  __sys_setsockopt+0x2d1/0x330
[   84.926866][    C2]  __x64_sys_setsockopt+0x22/0x30
[   84.928837][    C2]  do_syscall_64+0x35/0xb0
[   84.930807][    C2]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   84.933016][    C2] RIP: 0033:0x7fbbed50677e
[   84.934935][    C2] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 49 89 ca b8 36 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e2 b6 0c 00 f7 d8 64 89 01 48
[   84.942206][    C2] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000217 ORIG_RAX: 0000000000000036
[   84.945740][    C2] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fbbed50677e
[   84.948952][    C2] RDX: 0000000000000032 RSI: 0000000000000001 RDI: 0000000000000004
[   84.952352][    C2] RBP: 00007ffd7a1e762c R08: 0000000000000004 R09: 0000000000000000
[   84.955693][    C2] R10: 00007ffd7a1e762c R11: 0000000000000217 R12: 00007ffd7a1e7630
[   84.958899][    C2] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[   84.962649][    C2]  </TASK>
[   87.351519][ T2875] net_namespace: net=ffff888036278000 count=2
[   87.354530][ T2875] CPU: 1 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[   87.357551][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   87.361185][ T2875] Call Trace:
[   87.362550][ T2875]  <TASK>
[   87.363891][ T2875]  dump_stack_lvl+0xcd/0x134
[   87.365794][ T2875]  put_net.cold+0x1f/0x24
[   87.367655][ T2875]  free_nsproxy+0x1fe/0x2c0
[   87.369737][ T2875]  switch_task_namespaces+0x83/0x90
[   87.372158][ T2875]  do_exit+0x566/0x13d0
[   87.374030][ T2875]  ? find_held_lock+0x2b/0x80
[   87.376164][ T2875]  ? get_signal+0x1ef/0x16b0
[   87.378079][ T2875]  do_group_exit+0x51/0x100
[   87.379966][ T2875]  get_signal+0x257/0x16b0
[   87.382106][ T2875]  arch_do_signal_or_restart+0xeb/0x7f0
[   87.384334][ T2875]  exit_to_user_mode_prepare+0x189/0x280
[   87.386547][ T2875]  syscall_exit_to_user_mode+0x19/0x60
[   87.388895][ T2875]  do_syscall_64+0x42/0xb0
[   87.390765][ T2875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   87.393095][ T2875] RIP: 0033:0x7fbbed5ec0f7
[   87.395241][ T2875] Code: Unable to access opcode bytes at RIP 0x7fbbed5ec0cd.
[   87.398613][ T2875] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   87.402381][ T2875] RAX: ffffffffffffff96 RBX: 0000000000000004 RCX: 00007fbbed5ec0f7
[   87.405723][ T2875] RDX: 0000000020000811 RSI: 00007ffd7a1e7630 RDI: 0000000000000004
[   87.409023][ T2875] RBP: 00007ffd7a1e762c R08: 0000000000000004 R09: 0000000000000000
[   87.412238][ T2875] R10: 00007ffd7a1e762c R11: 0000000000000246 R12: 00007ffd7a1e7630
[   87.415477][ T2875] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[   87.418590][ T2875]  </TASK>
[   87.427287][ T2875] a.out (2875) used greatest stack depth: 11320 bytes left
[  234.697150][    C0] net_namespace: net=ffff888036278000 count=1
[  234.710780][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.17.0-dirty #748
[  234.720528][    C0] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[  234.727887][    C0] Call Trace:
[  234.730895][    C0]  <IRQ>
[  234.734086][    C0]  dump_stack_lvl+0xcd/0x134
[  234.738276][    C0]  put_net.cold+0x1f/0x24
[  234.742162][    C0]  __sk_destruct+0x1f9/0x3b0
[  234.746326][    C0]  sk_destruct+0xa6/0xc0
[  234.749219][    C0]  __sk_free+0x5a/0x1b0
[  234.751159][    C0]  sk_free+0x6b/0x90
[  234.753239][    C0]  tcp_write_timer+0x1ff/0x240
[  234.755181][    C0]  ? tcp_write_timer_handler+0x3f0/0x3f0
[  234.757290][    C0]  call_timer_fn+0xe3/0x4f0
[  234.759095][    C0]  ? tcp_write_timer_handler+0x3f0/0x3f0
[  234.761341][    C0]  run_timer_softirq+0x812/0xac0
[  234.763337][    C0]  __do_softirq+0xde/0x539
[  234.765104][    C0]  irq_exit_rcu+0xb6/0xf0
[  234.766789][    C0]  sysvec_apic_timer_interrupt+0x8e/0xc0
[  234.769139][    C0]  </IRQ>
[  234.770482][    C0]  <TASK>
[  234.771702][    C0]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[  234.774065][    C0] RIP: 0010:default_idle+0xb/0x10
[  234.776010][    C0] Code: 00 00 00 75 09 48 83 c4 18 5b 5d 41 5c c3 e8 5c 96 fe ff cc cc cc cc cc cc cc cc cc cc cc cc eb 07 0f 00 2d 93 09 48 00 fb f4 <c3> 0f 1f 40 00 65 48 8b 04 25 40 af 01 00 f0 80 48 02 20 48 8b 10
[  234.783374][    C0] RSP: 0018:ffffffff84203e90 EFLAGS: 00000202
[  234.785849][    C0] RAX: 000000000002246b RBX: 0000000000000000 RCX: ffffffff842622c0
[  234.789116][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  234.792254][    C0] RBP: ffffffff842622c0 R08: 0000000000000001 R09: 0000000000000001
[  234.795720][    C0] R10: 0000000000000001 R11: 0000000000080000 R12: 0000000000000000
[  234.798927][    C0] R13: ffffffff842622c0 R14: 0000000000000000 R15: 0000000000000000
[  234.802563][    C0]  default_idle_call+0x6a/0x260
[  234.804592][    C0]  do_idle+0x20c/0x260
[  234.806332][    C0]  ? trace_init_perf_perm_irq_work_exit+0xe/0xe
[  234.808693][    C0]  cpu_startup_entry+0x14/0x20
[  234.810686][    C0]  start_kernel+0x8f7/0x91e
[  234.812538][    C0]  secondary_startup_64_no_verify+0xc3/0xcb
[  234.815399][    C0]  </TASK>
[  234.816785][    C0] net_namespace: Releasing net=ffff888036278000 net->ns.count=0 in_use=0
[  234.820358][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.17.0-dirty #748
[  234.823664][    C0] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[  234.827160][    C0] Call Trace:
[  234.828540][    C0]  <IRQ>
[  234.829812][    C0]  dump_stack_lvl+0xcd/0x134
[  234.831775][    C0]  __put_net+0xc8/0x130
[  234.834723][    C0]  put_net+0x7d/0xb0
[  234.836516][    C0]  __sk_destruct+0x1f9/0x3b0
[  234.838546][    C0]  sk_destruct+0xa6/0xc0
[  234.840453][    C0]  __sk_free+0x5a/0x1b0
[  234.842217][    C0]  sk_free+0x6b/0x90
[  234.844007][    C0]  tcp_write_timer+0x1ff/0x240
[  234.845938][    C0]  ? tcp_write_timer_handler+0x3f0/0x3f0
[  234.848146][    C0]  call_timer_fn+0xe3/0x4f0
[  234.850145][    C0]  ? tcp_write_timer_handler+0x3f0/0x3f0
[  234.852503][    C0]  run_timer_softirq+0x812/0xac0
[  234.855025][    C0]  __do_softirq+0xde/0x539
[  234.856908][    C0]  irq_exit_rcu+0xb6/0xf0
[  234.858712][    C0]  sysvec_apic_timer_interrupt+0x8e/0xc0
[  234.860980][    C0]  </IRQ>
[  234.862279][    C0]  <TASK>
[  234.863598][    C0]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[  234.865966][    C0] RIP: 0010:default_idle+0xb/0x10
[  234.868109][    C0] Code: 00 00 00 75 09 48 83 c4 18 5b 5d 41 5c c3 e8 5c 96 fe ff cc cc cc cc cc cc cc cc cc cc cc cc eb 07 0f 00 2d 93 09 48 00 fb f4 <c3> 0f 1f 40 00 65 48 8b 04 25 40 af 01 00 f0 80 48 02 20 48 8b 10
[  234.875407][    C0] RSP: 0018:ffffffff84203e90 EFLAGS: 00000202
[  234.877869][    C0] RAX: 000000000002246b RBX: 0000000000000000 RCX: ffffffff842622c0
[  234.881349][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  234.885150][    C0] RBP: ffffffff842622c0 R08: 0000000000000001 R09: 0000000000000001
[  234.888442][    C0] R10: 0000000000000001 R11: 0000000000080000 R12: 0000000000000000
[  234.891831][    C0] R13: ffffffff842622c0 R14: 0000000000000000 R15: 0000000000000000
[  234.895041][    C0]  default_idle_call+0x6a/0x260
[  234.897019][    C0]  do_idle+0x20c/0x260
[  234.898782][    C0]  ? trace_init_perf_perm_irq_work_exit+0xe/0xe
[  234.901456][    C0]  cpu_startup_entry+0x14/0x20
[  234.903364][    C0]  start_kernel+0x8f7/0x91e
[  234.905180][    C0]  secondary_startup_64_no_verify+0xc3/0xcb
[  234.907426][    C0]  </TASK>
[  234.909661][    C0] INFO: About to destroy net=ffff888036278000 sk=ffff888036058b80
[  234.913082][    C0] sk->sk_family=2 sk->sk_prot_creator->name=TCP sk->sk_state=7 sk->sk_flags=0x301 net->ns.count=0
[  260.295512][    C0] BUG: Trying to access destroyed net=ffff888036278000 sk=ffff88800e2d8000
[  260.301941][    C0] sk->sk_family=10 sk->sk_prot_creator->name=TCPv6 sk->sk_state=11 sk->sk_flags=0x30b net->ns.count=0
[  260.317639][    C0] ------------[ cut here ]------------
[  260.323152][    C0] WARNING: CPU: 0 PID: 0 at net/ipv4/tcp_timer.c:461 tcp_retransmit_timer.cold+0xdf/0xe6
[  260.334901][    C0] Modules linked in:
[  260.338356][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.17.0-dirty #748
[  260.342593][    C0] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[  260.346821][    C0] RIP: 0010:tcp_retransmit_timer.cold+0xdf/0xe6
[  260.349704][    C0] Code: 10 48 c7 c7 60 9d ff 83 48 8b 85 a0 03 00 00 44 8b 8b 4c 01 00 00 4c 8b 45 60 0f b6 4d 12 48 8d 90 88 01 00 00 e8 a8 25 f2 ff <0f> 0b e9 b6 40 5f ff e8 f3 59 ee fd 41 0f b6 d5 4c 89 e6 48 c7 c7
[  260.359054][    C0] RSP: 0018:ffffc90000003d90 EFLAGS: 00010286
[  260.362281][    C0] RAX: 0000000000000063 RBX: ffff888036278000 RCX: ffffffff842622c0
[  260.365646][    C0] RDX: 0000000000000000 RSI: ffffffff842622c0 RDI: 0000000000000002
[  260.368691][    C0] RBP: ffff88800e2d8000 R08: ffffffff81170398 R09: 0000000000000000
[  260.371828][    C0] R10: 0000000000000005 R11: 0000000000080000 R12: 0000000000000001
[  260.375009][    C0] R13: ffff88800e2d8000 R14: ffff88800e2d8098 R15: ffff88800e2d8080
[  260.378533][    C0] FS:  0000000000000000(0000) GS:ffff88807dc00000(0000) knlGS:0000000000000000
[  260.382408][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  260.385155][    C0] CR2: 00007fbbed4c8dc0 CR3: 000000000d765000 CR4: 00000000000506f0
[  260.388406][    C0] Call Trace:
[  260.389929][    C0]  <IRQ>
[  260.391386][    C0]  ? lockdep_hardirqs_on+0x79/0x100
[  260.393743][    C0]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[  260.396147][    C0]  ? ktime_get+0x2d3/0x400
[  260.398064][    C0]  tcp_write_timer_handler+0x257/0x3f0
[  260.400357][    C0]  tcp_write_timer+0x19c/0x240
[  260.402389][    C0]  ? tcp_write_timer_handler+0x3f0/0x3f0
[  260.405068][    C0]  call_timer_fn+0xe3/0x4f0
[  260.407041][    C0]  ? tcp_write_timer_handler+0x3f0/0x3f0
[  260.409308][    C0]  run_timer_softirq+0x812/0xac0
[  260.411613][    C0]  __do_softirq+0xde/0x539
[  260.413646][    C0]  irq_exit_rcu+0xb6/0xf0
[  260.415607][    C0]  sysvec_apic_timer_interrupt+0x8e/0xc0
[  260.417882][    C0]  </IRQ>
[  260.419276][    C0]  <TASK>
[  260.420672][    C0]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[  260.423039][    C0] RIP: 0010:default_idle+0xb/0x10
[  260.425291][    C0] Code: 00 00 00 75 09 48 83 c4 18 5b 5d 41 5c c3 e8 5c 96 fe ff cc cc cc cc cc cc cc cc cc cc cc cc eb 07 0f 00 2d 93 09 48 00 fb f4 <c3> 0f 1f 40 00 65 48 8b 04 25 40 af 01 00 f0 80 48 02 20 48 8b 10
[  260.433105][    C0] RSP: 0018:ffffffff84203e90 EFLAGS: 00000206
[  260.435589][    C0] RAX: 0000000000024239 RBX: 0000000000000000 RCX: ffffffff842622c0
[  260.438759][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  260.441945][    C0] RBP: ffffffff842622c0 R08: 0000000000000001 R09: 0000000000000001
[  260.445777][    C0] R10: 0000000000000001 R11: 0000000000080000 R12: 0000000000000000
[  260.449093][    C0] R13: ffffffff842622c0 R14: 0000000000000000 R15: 0000000000000000
[  260.452404][    C0]  default_idle_call+0x6a/0x260
[  260.454562][    C0]  do_idle+0x20c/0x260
[  260.456353][    C0]  ? trace_init_perf_perm_irq_work_exit+0xe/0xe
[  260.458887][    C0]  cpu_startup_entry+0x14/0x20
[  260.461152][    C0]  start_kernel+0x8f7/0x91e
[  260.463226][    C0]  secondary_startup_64_no_verify+0xc3/0xcb
[  260.465718][    C0]  </TASK>
[  260.467111][    C0] Kernel panic - not syncing: panic_on_warn set ...
[  260.469664][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.17.0-dirty #748
[  260.472684][    C0] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[  260.476355][    C0] Call Trace:
[  260.477800][    C0]  <IRQ>
[  260.479141][    C0]  dump_stack_lvl+0xcd/0x134
[  260.481197][    C0]  panic+0x1d0/0x537
[  260.482913][    C0]  ? __warn.cold+0xb0/0x228
[  260.484892][    C0]  ? tcp_retransmit_timer.cold+0xdf/0xe6
[  260.487190][    C0]  __warn.cold+0xc6/0x228
[  260.488963][    C0]  ? tcp_retransmit_timer.cold+0xdf/0xe6
[  260.491241][    C0]  report_bug+0x188/0x1d0
[  260.493109][    C0]  handle_bug+0x3c/0x60
[  260.495107][    C0]  exc_invalid_op+0x14/0x70
[  260.497016][    C0]  asm_exc_invalid_op+0x12/0x20
[  260.499037][    C0] RIP: 0010:tcp_retransmit_timer.cold+0xdf/0xe6
[  260.501651][    C0] Code: 10 48 c7 c7 60 9d ff 83 48 8b 85 a0 03 00 00 44 8b 8b 4c 01 00 00 4c 8b 45 60 0f b6 4d 12 48 8d 90 88 01 00 00 e8 a8 25 f2 ff <0f> 0b e9 b6 40 5f ff e8 f3 59 ee fd 41 0f b6 d5 4c 89 e6 48 c7 c7
[  260.508760][    C0] RSP: 0018:ffffc90000003d90 EFLAGS: 00010286
[  260.511211][    C0] RAX: 0000000000000063 RBX: ffff888036278000 RCX: ffffffff842622c0
[  260.514559][    C0] RDX: 0000000000000000 RSI: ffffffff842622c0 RDI: 0000000000000002
[  260.517942][    C0] RBP: ffff88800e2d8000 R08: ffffffff81170398 R09: 0000000000000000
[  260.521127][    C0] R10: 0000000000000005 R11: 0000000000080000 R12: 0000000000000001
[  260.524366][    C0] R13: ffff88800e2d8000 R14: ffff88800e2d8098 R15: ffff88800e2d8080
[  260.528260][    C0]  ? vprintk+0x88/0x90
[  260.530145][    C0]  ? lockdep_hardirqs_on+0x79/0x100
[  260.532452][    C0]  ? __sanitizer_cov_trace_pc+0x1a/0x40
[  260.535072][    C0]  ? ktime_get+0x2d3/0x400
[  260.536958][    C0]  tcp_write_timer_handler+0x257/0x3f0
[  260.539214][    C0]  tcp_write_timer+0x19c/0x240
[  260.541237][    C0]  ? tcp_write_timer_handler+0x3f0/0x3f0
[  260.543627][    C0]  call_timer_fn+0xe3/0x4f0
[  260.545677][    C0]  ? tcp_write_timer_handler+0x3f0/0x3f0
[  260.547973][    C0]  run_timer_softirq+0x812/0xac0
[  260.550053][    C0]  __do_softirq+0xde/0x539
[  260.551937][    C0]  irq_exit_rcu+0xb6/0xf0
[  260.553767][    C0]  sysvec_apic_timer_interrupt+0x8e/0xc0
[  260.556439][    C0]  </IRQ>
[  260.557744][    C0]  <TASK>
[  260.559051][    C0]  asm_sysvec_apic_timer_interrupt+0x12/0x20
[  260.561515][    C0] RIP: 0010:default_idle+0xb/0x10
[  260.563619][    C0] Code: 00 00 00 75 09 48 83 c4 18 5b 5d 41 5c c3 e8 5c 96 fe ff cc cc cc cc cc cc cc cc cc cc cc cc eb 07 0f 00 2d 93 09 48 00 fb f4 <c3> 0f 1f 40 00 65 48 8b 04 25 40 af 01 00 f0 80 48 02 20 48 8b 10
[  260.570866][    C0] RSP: 0018:ffffffff84203e90 EFLAGS: 00000206
[  260.573255][    C0] RAX: 0000000000024239 RBX: 0000000000000000 RCX: ffffffff842622c0
[  260.577004][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  260.580254][    C0] RBP: ffffffff842622c0 R08: 0000000000000001 R09: 0000000000000001
[  260.583366][    C0] R10: 0000000000000001 R11: 0000000000080000 R12: 0000000000000000
[  260.586553][    C0] R13: ffffffff842622c0 R14: 0000000000000000 R15: 0000000000000000
[  260.589759][    C0]  default_idle_call+0x6a/0x260
[  260.591774][    C0]  do_idle+0x20c/0x260
[  260.593618][    C0]  ? trace_init_perf_perm_irq_work_exit+0xe/0xe
[  260.596736][    C0]  cpu_startup_entry+0x14/0x20
[  260.598736][    C0]  start_kernel+0x8f7/0x91e
[  260.600659][    C0]  secondary_startup_64_no_verify+0xc3/0xcb
[  260.603066][    C0]  </TASK>
[  260.605294][    C0] Kernel Offset: disabled
[  260.607310][    C0] Rebooting in 10 seconds..
------------------------------------------------------------

Would you check where this PF_INET6 socket is created at and whether
this PF_INET6 socket is taking a reference to the net namespace?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ