Unable to handle kernel paging request at virtual address ffff800039a08125
Mem abort info:
  Exception class = DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
Data abort info:
  ISV = 0, ISS = 0x00000033
  CM = 0, WnR = 0
swapper pgtable: 4k pages, 48-bit VAs, pgd = ffff20000eeb2000
[ffff800039a08125] *pgd=000000007eff7003, *pud=000000007eff6003, *pmd=00f8000079a00711
Internal error: Oops: 96000021 [#1] PREEMPT SMP
Modules linked in:
CPU: 3 PID: 19296 Comm: syz-executor0 Not tainted 4.14.0-rc2-00001-gd7ad33d #115
Hardware name: linux,dummy-virt (DT)
task: ffff8000142ccf80 task.stack: ffff800019080000
PC is at __ll_sc_atomic_add+0x4/0x18 arch/arm64/include/asm/atomic_ll_sc.h:113
LR is at atomic_add arch/arm64/include/asm/atomic_lse.h:45 [inline]
LR is at __skb_clone+0x4a8/0x6c0 net/core/skbuff.c:873
pc : [<ffff20000a30ce44>] lr : [<ffff200009dffb58>] pstate: 10000145
sp : ffff80003efd86e0
x29: ffff80003efd86e0 x28: 000060003418b000 
x27: ffff20000ae55360 x26: ffff800019130348 
x25: ffff800039a08001 x24: ffff800019130350 
x23: ffff20000ae60000 x22: ffff8000120ae71c 
x21: 1ffff00007dfb0e8 x20: ffff800019130280 
x19: ffff8000120ae640 x18: ffff20000da58140 
x17: 0000000000000001 x16: 0000000000000000 
x15: ffff20000e1485a0 x14: 1ffff00002859b25 
x13: 1ffff00002859b26 x12: ffffffffffffffff 
x11: 1ffff00002415cdf x10: ffff100002415cdf 
x9 : dfff200000000000 x8 : 0082009000a40008 
x7 : 0000000000000000 x6 : ffff8000120ae700 
x5 : ffff100002415ce0 x4 : 0000000000000000 
x3 : 1ffff00002415ce3 x2 : ffff800039a08101 
x1 : ffff800039a08125 x0 : 0000000000000001 
Process syz-executor0 (pid: 19296, stack limit = 0xffff800019080000)
Call trace:
Exception stack(0xffff80003efd85a0 to 0xffff80003efd86e0)
85a0: 0000000000000001 ffff800039a08125 ffff800039a08101 1ffff00002415ce3
85c0: 0000000000000000 ffff100002415ce0 ffff8000120ae700 0000000000000000
85e0: 0082009000a40008 dfff200000000000 ffff100002415cdf 1ffff00002415cdf
8600: ffffffffffffffff 1ffff00002859b26 1ffff00002859b25 ffff20000e1485a0
8620: 0000000000000000 0000000000000001 ffff20000da58140 ffff8000120ae640
8640: ffff800019130280 1ffff00007dfb0e8 ffff8000120ae71c ffff20000ae60000
8660: ffff800019130350 ffff800039a08001 ffff800019130348 ffff20000ae55360
8680: 000060003418b000 ffff80003efd86e0 ffff200009dffb58 ffff80003efd86e0
86a0: ffff20000a30ce44 0000000010000145 ffff8000120ae640 ffff800019130280
86c0: 0001000000000000 ffff80001913030e ffff80003efd86e0 ffff20000a30ce44
[<ffff20000a30ce44>] __ll_sc_atomic_add+0x4/0x18 arch/arm64/include/asm/atomic_ll_sc.h:113
[<ffff200009e1009c>] skb_clone+0x1c4/0x3b0 net/core/skbuff.c:1286
[<ffff200009f2ff80>] ip_expire+0x4e8/0x7c0 net/ipv4/ip_fragment.c:239
[<ffff2000082f8980>] call_timer_fn+0x1b8/0x430 kernel/time/timer.c:1281
[<ffff2000082f8dcc>] expire_timers+0x1d4/0x320 kernel/time/timer.c:1320
[<ffff2000082f912c>] __run_timers kernel/time/timer.c:1620 [inline]
[<ffff2000082f912c>] run_timer_softirq+0x214/0x5f0 kernel/time/timer.c:1646
[<ffff2000080826c0>] __do_softirq+0x350/0xc0c kernel/softirq.c:284
[<ffff200008170af4>] do_softirq_own_stack include/linux/interrupt.h:498 [inline]
[<ffff200008170af4>] invoke_softirq kernel/softirq.c:371 [inline]
[<ffff200008170af4>] irq_exit+0x1dc/0x2f8 kernel/softirq.c:405
[<ffff2000082a95bc>] __handle_domain_irq+0xdc/0x230 kernel/irq/irqdesc.c:647
[<ffff2000080820ac>] handle_domain_irq include/linux/irqdesc.h:175 [inline]
[<ffff2000080820ac>] gic_handle_irq+0x6c/0xe0 drivers/irqchip/irq-gic.c:367
Exception stack(0xffff800019083780 to 0xffff8000190838c0)
3780: ffff800019083a30 01f6cee936b5bc00 0000000000000000 0000000000000000
37a0: 00000000ffffffff ffff20000ae60b88 00000000f4f40000 00000000f4f4f400
37c0: 1ffff00003210732 7f7f7f7f7f7f7f7f fefefefefefeff22 7f7f7f7f7f7f7f7f
37e0: 0101010101010101 0000000000000008 000000000000003e 0000000000000001
3800: ffff20000833c758 0000000000826000 0000000000000000 ffff20000ae60000
3820: 00000000ffffffff 0000000000000000 0000000000000000 0000000000000001
3840: 0000000000000001 0000000000000000 00000000004c00d0 0000000000000000
3860: 1ffff00003210782 ffff8000190838c0 ffff200008336cf8 ffff8000190838c0
3880: ffff2000083d3b80 0000000080000145 1ffff0000271f459 dfff200000000000
38a0: 0001000000000000 ffff20000b044600 ffff8000190838c0 ffff2000083d3b80
[<ffff200008084034>] el1_irq+0xb4/0x12c arch/arm64/kernel/entry.S:569
[<ffff2000083d3b80>] __sanitizer_cov_trace_pc+0x10/0x138 kernel/kcov.c:55
[<ffff200008336cf8>] futex_wait+0xf8/0x540 kernel/futex.c:2551
[<ffff20000833b75c>] do_futex+0x744/0x1740 kernel/futex.c:3455
[<ffff20000833c874>] SYSC_futex kernel/futex.c:3515 [inline]
[<ffff20000833c874>] SyS_futex+0x11c/0x2a8 kernel/futex.c:3483
Exception stack(0xffff800019083ec0 to 0xffff800019084000)
3ec0: 00000000004c00d0 0000000000000000 0000000000000000 0000000000000000
3ee0: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
3f00: 0000000000000062 7f7f7f7f7f7f7f7f fefefefefefeff22 7f7f7f7f7f7f7f7f
3f20: 0101010101010101 0000000000000008 000000000000003e 0000000000000001
3f40: 0000000000000000 0000000000826000 0000000000000000 00000000004c00d0
3f60: 00000000004c00b0 0000000000000062 0000ffffeb98b3ef 0000000000820000
3f80: 000000000040233c 0000000000000001 0000ffffeb98b5f0 0000000000000000
3fa0: 0000ffff87c96f60 0000ffff87c96720 0000000000402388 0000ffff87c96720
3fc0: 000000000042d034 0000000000000000 00000000004c00d0 0000000000000062
3fe0: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
[<ffff2000080846f0>] el0_svc_naked+0x24/0x28
Code: 978b7cfd 17ffff91 00000000 f9800031 (885f7c31) 
---[ end trace a2e395731df8558f ]---