====================================== | [ 740.269235][ T3336] netconsole: netconsole: remote ethernet address 00:00:00:00:00:00 | [ 740.433173][ T3336] netconsole: network logging started | [ 741.473167][ C4] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN | [ 741.473683][ C4] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] [ 741.474389][ C4] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 741.474853][ C4] RIP: 0010:psp_reply_set_decrypted (./include/net/psp/functions.h:132 net/psp/psp_sock.c:287) [ 741.475149][ C4] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 2c 03 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 5d 18 48 8d 7b 12 48 89 fa 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 f3 02 00 00 All code ======== 0: 48 89 fa mov %rdi,%rdx 3: 48 c1 ea 03 shr $0x3,%rdx 7: 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1) b: 0f 85 2c 03 00 00 jne 0x33d 11: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 18: fc ff df 1b: 48 8b 5d 18 mov 0x18(%rbp),%rbx 1f: 48 8d 7b 12 lea 0x12(%rbx),%rdi 23: 48 89 fa mov %rdi,%rdx 26: 48 c1 ea 03 shr $0x3,%rdx 2a:* 0f b6 04 02 movzbl (%rdx,%rax,1),%eax <-- trapping instruction 2e: 48 89 fa mov %rdi,%rdx 31: 83 e2 07 and $0x7,%edx 34: 38 d0 cmp %dl,%al 36: 7f 08 jg 0x40 38: 84 c0 test %al,%al 3a: 0f 85 f3 02 00 00 jne 0x333 Code starting with the faulting instruction =========================================== 0: 0f b6 04 02 movzbl (%rdx,%rax,1),%eax 4: 48 89 fa mov %rdi,%rdx 7: 83 e2 07 and $0x7,%edx a: 38 d0 cmp %dl,%al c: 7f 08 jg 0x16 e: 84 c0 test %al,%al 10: 0f 85 f3 02 00 00 jne 0x309 [ 741.475853][ C4] RSP: 0018:ffffc900002f0320 EFLAGS: 00010202 [ 741.476143][ C4] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 741.476476][ C4] RDX: 0000000000000002 RSI: ffffffffb8858860 RDI: 0000000000000012 [ 741.476804][ C4] RBP: ffff88802d21fcc0 R08: 0000000000000000 R09: 0000000000000001 [ 741.477137][ C4] R10: 0000000000002000 R11: ffffffffb976ff00 R12: ffff888021456240 [ 741.477468][ C4] R13: ffff888021456252 R14: ffff88802d21fcc0 R15: ffff88802cd459ac [ 741.477796][ C4] FS: 0000000000000000(0000) GS:ffff8880b2560000(0000) knlGS:0000000000000000 [ 741.478169][ C4] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 741.478457][ C4] CR2: 00007ff5070a9000 CR3: 000000001df33003 CR4: 0000000000772ef0 [ 741.478799][ C4] PKRU: 55555554 [ 741.478989][ C4] Call Trace: [ 741.479178][ C4] [ 741.479324][ C4] tcp_v6_send_response.constprop.0 (net/ipv6/tcp_ipv6.c:979) [ 741.479611][ C4] ? __xfrm_policy_check2.constprop.0 (net/ipv4/ip_input.c:390) [ 741.479893][ C4] ? __lock_acquire (kernel/locking/lockdep.c:5237) [ 741.480131][ C4] ? sk_filter_trim_cap (./include/linux/rcupdate.h:341 ./include/linux/rcupdate.h:871 net/core/filter.c:175) [ 741.480366][ C4] ? __lock_release (kernel/locking/lockdep.c:5536) [ 741.480598][ C4] tcp_v6_send_reset (net/ipv6/tcp_ipv6.c:1140 (discriminator 1)) [ 741.480831][ C4] tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1683) [ 741.481055][ C4] ? __xfrm_policy_check2.constprop.0 (./include/net/net_namespace.h:409 ./include/linux/netdevice.h:2722 ./include/net/xfrm.h:1273) [ 741.481338][ C4] tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1912) [ 741.481574][ C4] ? tcp_v6_err (net/ipv6/tcp_ipv6.c:1755) [ 741.481802][ C4] ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:440) [ 741.482036][ C4] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:751) [ 741.482283][ C4] ip6_input (./include/linux/rcupdate.h:869 net/ipv6/ip6_input.c:503) [ 741.482471][ C4] ip6_sublist_rcv_finish (net/ipv6/ip6_input.c:86) [ 741.482703][ C4] ip6_list_rcv_finish.constprop.0 (net/ipv6/ip6_input.c:109) [ 741.482980][ C4] ? ip6_rcv_finish_core.constprop.0 (net/ipv6/ip6_input.c:109) [ 741.483256][ C4] ipv6_list_rcv (net/ipv6/ip6_input.c:327) [ 741.483491][ C4] ? default_idle (./arch/x86/include/asm/paravirt.h:107 arch/x86/kernel/process.c:757) [ 741.483724][ C4] ? default_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:123) [ 741.483957][ C4] ? ipv6_rcv (net/ipv6/ip6_input.c:327) [ 741.484144][ C4] ? start_secondary (arch/x86/kernel/smpboot.c:203 arch/x86/kernel/smpboot.c:283) [ 741.484385][ C4] __netif_receive_skb_list_core (net/core/dev.c:6132) [ 741.484662][ C4] ? __lock_acquire (kernel/locking/lockdep.c:5237) [ 741.484895][ C4] ? __netif_receive_skb_core.constprop.0 (net/core/dev.c:6132) [ 741.485173][ C4] ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870) [ 741.485407][ C4] ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5831) [ 741.485635][ C4] ? netif_receive_skb_list_internal (./include/linux/rcupdate.h:331 ./include/linux/rcupdate.h:841 net/core/dev.c:6297) [ 741.485908][ C4] netif_receive_skb_list_internal (net/core/dev.c:6223 net/core/dev.c:6312) [ 741.486183][ C4] ? page_pool_put_unrefed_netmem (net/core/page_pool.c:837 net/core/page_pool.c:901) [ 741.486465][ C4] ? process_backlog (net/core/dev.c:6284) [ 741.486697][ C4] ? fbnic_fill_bdq (./arch/x86/include/asm/atomic64_64.h:20 ./include/linux/atomic/atomic-arch-fallback.h:2629 ./include/linux/atomic/atomic-long.h:79 ./include/linux/atomic/atomic-instrumented.h:3224 ./include/net/page_pool/helpers.h:239 drivers/net/ethernet/meta/fbnic/fbnic_txrx.c:735 drivers/net/ethernet/meta/fbnic/fbnic_txrx.c:913) [ 741.486930][ C4] ? __gro_flush (./arch/x86/include/asm/bitops.h:94 ./include/asm-generic/bitops/instrumented-non-atomic.h:45 net/core/gro.c:304 net/core/gro.c:320) [ 741.487171][ C4] napi_complete_done (./include/linux/list.h:37 ./include/net/gro.h:525 ./include/net/gro.h:520 ./include/net/gro.h:532 net/core/dev.c:6681) [ 741.487403][ C4] ? netif_receive_skb_list (net/core/dev.c:6650) [ 741.487636][ C4] fbnic_poll (drivers/net/ethernet/meta/fbnic/fbnic_txrx.c:1385) [ 741.487824][ C4] __napi_poll.constprop.0 (net/core/dev.c:7595) [ 741.488090][ C4] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:751) [ 741.488330][ C4] net_rx_action (net/core/dev.c:7657 net/core/dev.c:7784) [ 741.488564][ C4] ? __napi_poll.constprop.0 (net/core/dev.c:7746) [ 741.488790][ C4] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:751) [ 741.489015][ C4] ? trace_rcu_watching (./include/trace/events/rcu.h:480 (discriminator 21)) [ 741.489245][ C4] ? asm_common_interrupt (./arch/x86/include/asm/idtentry.h:693) [ 741.489474][ C4] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472) [ 741.489709][ C4] ? trace_irq_enable.constprop.0 (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 ./include/linux/cpumask.h:646 ./include/linux/cpumask.h:1205 ./include/trace/events/preemptirq.h:40) [ 741.489984][ C4] handle_softirqs (kernel/softirq.c:580) [ 741.490218][ C4] irq_exit_rcu (kernel/softirq.c:614 kernel/softirq.c:453 kernel/softirq.c:680 kernel/softirq.c:696) [ 741.490452][ C4] common_interrupt (arch/x86/kernel/irq.c:318 (discriminator 14)) [ 741.490684][ C4] [ 741.490836][ C4] [ 741.490977][ C4] asm_common_interrupt (./arch/x86/include/asm/idtentry.h:693) [ 741.491200][ C4] RIP: 0010:pv_native_safe_halt (arch/x86/kernel/paravirt.c:82) [ 741.491439][ C4] Code: 48 8b 3d c4 fc 53 02 e8 1f 00 00 00 48 2b 05 38 c6 8f 00 c3 0f 1f 80 00 00 00 00 f3 0f 1e fa eb 07 0f 00 2d 03 f2 10 00 fb f4 66 0f 1f 00 41 54 55 53 48 89 fb 48 83 ec 10 8b 17 83 e2 fe 41 All code ======== 0: 48 8b 3d c4 fc 53 02 mov 0x253fcc4(%rip),%rdi # 0x253fccb 7: e8 1f 00 00 00 call 0x2b c: 48 2b 05 38 c6 8f 00 sub 0x8fc638(%rip),%rax # 0x8fc64b 13: c3 ret 14: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 1b: f3 0f 1e fa endbr64 1f: eb 07 jmp 0x28 21: 0f 00 2d 03 f2 10 00 verw 0x10f203(%rip) # 0x10f22b 28: fb sti 29: f4 hlt 2a:* c3 ret <-- trapping instruction 2b: 66 0f 1f 00 nopw (%rax) 2f: 41 54 push %r12 31: 55 push %rbp 32: 53 push %rbx 33: 48 89 fb mov %rdi,%rbx 36: 48 83 ec 10 sub $0x10,%rsp 3a: 8b 17 mov (%rdi),%edx 3c: 83 e2 fe and $0xfffffffe,%edx 3f: 41 rex.B Code starting with the faulting instruction =========================================== 0: c3 ret 1: 66 0f 1f 00 nopw (%rax) 5: 41 54 push %r12 7: 55 push %rbp 8: 53 push %rbx 9: 48 89 fb mov %rdi,%rbx c: 48 83 ec 10 sub $0x10,%rsp 10: 8b 17 mov (%rdi),%edx 12: 83 e2 fe and $0xfffffffe,%edx 15: 41 rex.B [ 741.492126][ C4] RSP: 0018:ffffc9000016fde8 EFLAGS: 00000206 [ 741.492404][ C4] RAX: 0000000000d6fc4b RBX: 1ffff9200002dfc1 RCX: ffffffffb8585015 [ 741.492729][ C4] RDX: 0000000000000000 RSI: ffffffffb8e3204d RDI: ffffffffb88588e0 [ 741.493049][ C4] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100da06252 [ 741.493376][ C4] R10: ffff88806d031293 R11: ffff88806d036958 R12: 0000000000000000 [ 741.493696][ C4] R13: ffff888001c08040 R14: dffffc0000000000 R15: 0000000000000000 [ 741.494019][ C4] ? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:146) [ 741.494293][ C4] default_idle (./arch/x86/include/asm/paravirt.h:107 arch/x86/kernel/process.c:757) [ 741.494481][ C4] default_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:123) [ 741.494709][ C4] cpuidle_idle_call (kernel/sched/idle.c:191) [ 741.494943][ C4] ? arch_cpu_idle_exit+0x40/0x40 [ 741.495173][ C4] ? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:60) [ 741.495408][ C4] do_idle (kernel/sched/idle.c:330) [ 741.495594][ C4] cpu_startup_entry (kernel/sched/idle.c:427 (discriminator 1)) [ 741.495823][ C4] start_secondary (arch/x86/kernel/smpboot.c:203 arch/x86/kernel/smpboot.c:283) [ 741.496052][ C4] ? set_cpu_sibling_map (arch/x86/kernel/smpboot.c:233) Finger prints: psp_reply_set_decrypted:tcp_v6_send_reset:tcp_v6_do_rcv:tcp_v6_rcv:ip6_protocol_deliver_rcu