====================================== | fbnic-err: bad TWQ descriptor ordering, previous: 0 current 0 | fbnic-err: bad TWQ descriptor ordering, previous: 0 current 0 | [ 342.964652][ C5] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN | [ 342.965107][ C5] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] [ 342.965709][ C5] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 342.966108][ C5] RIP: 0010:psp_reply_set_decrypted (./include/net/psp/functions.h:132 net/psp/psp_sock.c:287) [ 342.966345][ C5] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 2c 03 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 5d 18 48 8d 7b 12 48 89 fa 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 f3 02 00 00 All code ======== 0: 48 89 fa mov %rdi,%rdx 3: 48 c1 ea 03 shr $0x3,%rdx 7: 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1) b: 0f 85 2c 03 00 00 jne 0x33d 11: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 18: fc ff df 1b: 48 8b 5d 18 mov 0x18(%rbp),%rbx 1f: 48 8d 7b 12 lea 0x12(%rbx),%rdi 23: 48 89 fa mov %rdi,%rdx 26: 48 c1 ea 03 shr $0x3,%rdx 2a:* 0f b6 04 02 movzbl (%rdx,%rax,1),%eax <-- trapping instruction 2e: 48 89 fa mov %rdi,%rdx 31: 83 e2 07 and $0x7,%edx 34: 38 d0 cmp %dl,%al 36: 7f 08 jg 0x40 38: 84 c0 test %al,%al 3a: 0f 85 f3 02 00 00 jne 0x333 Code starting with the faulting instruction =========================================== 0: 0f b6 04 02 movzbl (%rdx,%rax,1),%eax 4: 48 89 fa mov %rdi,%rdx 7: 83 e2 07 and $0x7,%edx a: 38 d0 cmp %dl,%al c: 7f 08 jg 0x16 e: 84 c0 test %al,%al 10: 0f 85 f3 02 00 00 jne 0x309 [ 342.966995][ C5] RSP: 0018:ffffc9000031f170 EFLAGS: 00010202 [ 342.967225][ C5] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 342.967489][ C5] RDX: 0000000000000002 RSI: ffffffff9ee58860 RDI: 0000000000000012 [ 342.967766][ C5] RBP: ffff88801b1a7cc0 R08: 0000000000000000 R09: 0000000000000001 [ 342.968046][ C5] R10: 0000000000002000 R11: ffffffff9fd6ff00 R12: ffff88801b12d440 [ 342.968313][ C5] R13: ffff88801b12d452 R14: ffff88801b1a7cc0 R15: ffff888019874bac [ 342.968568][ C5] FS: 0000000000000000(0000) GS:ffff8880cbfe1000(0000) knlGS:0000000000000000 [ 342.968890][ C5] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 342.969120][ C5] CR2: 00007f161f5ab000 CR3: 0000000010733002 CR4: 0000000000772ef0 [ 342.969385][ C5] PKRU: 55555554 [ 342.969517][ C5] Call Trace: [ 342.969650][ C5] [ 342.969740][ C5] tcp_v6_send_response.constprop.0 (net/ipv6/tcp_ipv6.c:979) [ 342.969963][ C5] ? __xfrm_policy_check2.constprop.0 (net/ipv4/ip_input.c:390) [ 342.970187][ C5] ? __lock_acquire (kernel/locking/lockdep.c:5237) [ 342.970365][ C5] ? sk_filter_trim_cap (./include/linux/rcupdate.h:341 ./include/linux/rcupdate.h:871 net/core/filter.c:175) [ 342.970538][ C5] ? __lock_release (kernel/locking/lockdep.c:5536) [ 342.970723][ C5] tcp_v6_send_reset (net/ipv6/tcp_ipv6.c:1140 (discriminator 1)) [ 342.970900][ C5] tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1683) [ 342.971082][ C5] ? __xfrm_policy_check2.constprop.0 (./include/net/net_namespace.h:409 ./include/linux/netdevice.h:2722 ./include/net/xfrm.h:1273) [ 342.971312][ C5] tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1912) [ 342.971494][ C5] ? tcp_v6_err (net/ipv6/tcp_ipv6.c:1755) [ 342.971679][ C5] ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:440) [ 342.971871][ C5] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:751) [ 342.972047][ C5] ip6_input (./include/linux/rcupdate.h:869 net/ipv6/ip6_input.c:503) [ 342.972184][ C5] ip6_sublist_rcv_finish (net/ipv6/ip6_input.c:86) [ 342.972359][ C5] ip6_list_rcv_finish.constprop.0 (net/ipv6/ip6_input.c:109) [ 342.972572][ C5] ? ip6_rcv_finish_core.constprop.0 (net/ipv6/ip6_input.c:109) [ 342.972800][ C5] ipv6_list_rcv (net/ipv6/ip6_input.c:327) [ 342.972984][ C5] ? __kasan_mempool_poison_object (mm/kasan/common.c:534) [ 342.973201][ C5] ? napi_skb_cache_put (net/core/skbuff.c:1422) [ 342.973373][ C5] ? ipv6_rcv (net/ipv6/ip6_input.c:327) [ 342.973504][ C5] ? __napi_poll.constprop.0 (net/core/dev.c:7595) [ 342.973678][ C5] ? run_ksoftirqd (kernel/softirq.c:436 kernel/softirq.c:969 kernel/softirq.c:960) [ 342.973854][ C5] ? smpboot_thread_fn (kernel/smpboot.c:160 (discriminator 3)) [ 342.974037][ C5] ? kthread (kernel/kthread.c:463) [ 342.974168][ C5] ? ret_from_fork (arch/x86/kernel/process.c:154) [ 342.974353][ C5] ? ret_from_fork_asm (arch/x86/entry/entry_64.S:258) [ 342.974528][ C5] __netif_receive_skb_list_core (net/core/dev.c:6132) [ 342.974742][ C5] ? __lock_acquire (kernel/locking/lockdep.c:5237) [ 342.974929][ C5] ? __netif_receive_skb_core.constprop.0 (net/core/dev.c:6132) [ 342.975151][ C5] ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870) [ 342.975332][ C5] ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5831) [ 342.975516][ C5] ? netif_receive_skb_list_internal (./include/linux/rcupdate.h:331 ./include/linux/rcupdate.h:841 net/core/dev.c:6297) [ 342.975731][ C5] netif_receive_skb_list_internal (net/core/dev.c:6223 net/core/dev.c:6312) [ 342.975946][ C5] ? __lock_release (kernel/locking/lockdep.c:5536) [ 342.976131][ C5] ? process_backlog (net/core/dev.c:6284) [ 342.976301][ C5] ? gro_complete.constprop.0 (./include/linux/rcupdate.h:341 ./include/linux/rcupdate.h:871 net/core/gro.c:278) [ 342.976473][ C5] ? gro_complete.constprop.0 (net/core/gro.c:280) [ 342.976648][ C5] ? __gro_flush (./arch/x86/include/asm/bitops.h:94 ./include/asm-generic/bitops/instrumented-non-atomic.h:45 net/core/gro.c:304 net/core/gro.c:320) [ 342.976823][ C5] napi_complete_done (./include/linux/list.h:37 ./include/net/gro.h:525 ./include/net/gro.h:520 ./include/net/gro.h:532 net/core/dev.c:6681) [ 342.976996][ C5] ? netif_receive_skb_list (net/core/dev.c:6650) [ 342.977167][ C5] ? napi_complete_done (net/core/dev.c:6705 (discriminator 3)) [ 342.977349][ C5] fbnic_poll (drivers/net/ethernet/meta/fbnic/fbnic_txrx.c:1385) [ 342.977493][ C5] __napi_poll.constprop.0 (net/core/dev.c:7595) [ 342.977668][ C5] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:751) [ 342.977845][ C5] net_rx_action (net/core/dev.c:7657 net/core/dev.c:7784) [ 342.978031][ C5] ? finish_task_switch.isra.0 (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:119 kernel/sched/sched.h:1531 kernel/sched/core.c:5105 kernel/sched/core.c:5223) [ 342.978279][ C5] ? __napi_poll.constprop.0 (net/core/dev.c:7746) [ 342.978452][ C5] ? trace_sched_exit_tp (./include/trace/events/sched.h:886 (discriminator 21)) [ 342.978638][ C5] ? __schedule (kernel/sched/core.c:6817) [ 342.978815][ C5] ? io_schedule_timeout (kernel/sched/core.c:6817) [ 342.978989][ C5] handle_softirqs (kernel/softirq.c:580) [ 342.979172][ C5] ? run_ktimerd (kernel/softirq.c:961) [ 342.979345][ C5] run_ksoftirqd (kernel/softirq.c:436 kernel/softirq.c:969 kernel/softirq.c:960) [ 342.979518][ C5] smpboot_thread_fn (kernel/smpboot.c:160 (discriminator 3)) [ 342.979689][ C5] ? sort_range (kernel/smpboot.c:103) [ 342.979820][ C5] kthread (kernel/kthread.c:463) [ 342.979951][ C5] ? kthread_is_per_cpu (kernel/kthread.c:412) [ 342.980123][ C5] ? ret_from_fork (arch/x86/kernel/process.c:147) [ 342.980307][ C5] ? __lock_release (kernel/locking/lockdep.c:5536) [ 342.980478][ C5] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:751) [ 342.980648][ C5] ? kthread_is_per_cpu (kernel/kthread.c:412) [ 342.980824][ C5] ret_from_fork (arch/x86/kernel/process.c:154) [ 342.981003][ C5] ? kthread_is_per_cpu (kernel/kthread.c:412) Finger prints: psp_reply_set_decrypted:tcp_v6_send_reset:tcp_v6_do_rcv:tcp_v6_rcv:ip6_protocol_deliver_rcu