====================================== | [ 43.302079] #PF: supervisor read access in kernel mode | [ 43.302198] #PF: error_code(0x0000) - not-present page | [ 43.302254] PGD 6ad7067 P4D 6ad7067 PUD 663d067 PMD 0 | [ 43.302299] Oops: Oops: 0000 [#1] SMP NOPTI [ 43.302399] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 43.302443] RIP: 0010:page_pool_put_unrefed_netmem (net/core/page_pool.c:465 net/core/page_pool.c:808 net/core/page_pool.c:866) [ 43.302503] Code: 1e fa 0f 1f 44 00 00 41 55 41 89 cd 41 54 49 89 f4 55 48 89 fd 53 89 d3 84 c9 74 5d 41 f6 c4 01 0f 84 92 00 00 00 48 8b 45 10 80 cc 02 00 00 20 0f 84 a0 00 00 00 45 84 ed 75 14 4d 85 e4 0f All code ======== 0: 1e (bad) 1: fa cli 2: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 7: 41 55 push %r13 9: 41 89 cd mov %ecx,%r13d c: 41 54 push %r12 e: 49 89 f4 mov %rsi,%r12 11: 55 push %rbp 12: 48 89 fd mov %rdi,%rbp 15: 53 push %rbx 16: 89 d3 mov %edx,%ebx 18: 84 c9 test %cl,%cl 1a: 74 5d je 0x79 1c: 41 f6 c4 01 test $0x1,%r12b 20: 0f 84 92 00 00 00 je 0xb8 26: 48 8b 45 10 mov 0x10(%rbp),%rax 2a:* f6 80 cc 02 00 00 20 testb $0x20,0x2cc(%rax) <-- trapping instruction 31: 0f 84 a0 00 00 00 je 0xd7 37: 45 84 ed test %r13b,%r13b 3a: 75 14 jne 0x50 3c: 4d 85 e4 test %r12,%r12 3f: 0f .byte 0xf Code starting with the faulting instruction =========================================== 0: f6 80 cc 02 00 00 20 testb $0x20,0x2cc(%rax) 7: 0f 84 a0 00 00 00 je 0xad d: 45 84 ed test %r13b,%r13b 10: 75 14 jne 0x26 12: 4d 85 e4 test %r12,%r12 15: 0f .byte 0xf [ 43.302634] RSP: 0018:ffffa8a641417bf8 EFLAGS: 00010246 [ 43.302677] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: 0000000000000000 [ 43.302730] RDX: 00000000ffffffff RSI: ffffd7f400152a40 RDI: ffff996e01c90000 [ 43.302789] RBP: ffff996e01c90000 R08: ffffa8a641417bb0 R09: ffff996e055cc200 [ 43.302844] R10: 0000000000000000 R11: 00007ffdd2fd7410 R12: ffffd7f400152a40 [ 43.302903] R13: 0000000000000000 R14: ffff996e055cc200 R15: 000000000000fe04 [ 43.302958] FS: 00007f1092205300(0000) GS:ffff996eaad32000(0000) knlGS:0000000000000000 [ 43.303017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.303068] CR2: 00000000000002cc CR3: 0000000003a3a005 CR4: 0000000000772ef0 [ 43.303123] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 43.303180] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 43.303234] PKRU: 55555554 [ 43.303251] Call Trace: [ 43.303271] [ 43.303295] ? __die (arch/x86/kernel/dumpstack.c:416 arch/x86/kernel/dumpstack.c:429) [ 43.303332] ? page_fault_oops (arch/x86/mm/fault.c:714) [ 43.303365] ? rep_movs_alternative (arch/x86/lib/copy_user_64.S:74) [ 43.303406] ? exc_page_fault (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538) [ 43.303440] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) [ 43.303473] ? page_pool_put_unrefed_netmem (net/core/page_pool.c:465 net/core/page_pool.c:808 net/core/page_pool.c:866) [ 43.303513] napi_pp_put_page (net/core/skbuff.c:998) [ 43.303546] skb_release_data (./include/linux/skbuff_ref.h:40 ./include/linux/skbuff_ref.h:56 net/core/skbuff.c:1079) [ 43.303578] consume_skb (net/core/skbuff.c:1165 net/core/skbuff.c:1396 net/core/skbuff.c:1390) [ 43.303611] raw_recvmsg (net/ipv4/raw.c:787) [ 43.303644] inet_recvmsg (net/ipv4/af_inet.c:883 (discriminator 5)) [ 43.303677] ____sys_recvmsg (net/socket.c:1017 net/socket.c:1039 net/socket.c:2786) [ 43.303711] ? __import_iovec (lib/iov_iter.c:1444 lib/iov_iter.c:1459) [ 43.303750] ? import_iovec (lib/iov_iter.c:1526) [ 43.303782] ? copy_msghdr_from_user (net/socket.c:2506) [ 43.303823] ___sys_recvmsg (net/socket.c:2829) [ 43.303856] ? hrtimer_start_range_ns (kernel/time/hrtimer.c:1279 kernel/time/hrtimer.c:1333) [ 43.303898] ? do_setitimer (kernel/time/itimer.c:269) [ 43.303932] __sys_recvmsg (net/socket.c:2861) [ 43.303965] do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) [ 43.303997] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) [ 43.304038] RIP: 0033:0x7f10924db83d [ 43.304072] Code: eb b7 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 41 54 48 83 ec 10 64 8b 04 25 18 00 00 00 85 c0 75 22 b8 2f 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5b 4c 63 e0 48 83 c4 10 4c 89 e0 41 5c c3 66 All code ======== 0: eb b7 jmp 0xffffffffffffffb9 2: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1) 9: 00 00 00 c: 90 nop d: f3 0f 1e fa endbr64 11: 41 54 push %r12 13: 48 83 ec 10 sub $0x10,%rsp 17: 64 8b 04 25 18 00 00 mov %fs:0x18,%eax 1e: 00 1f: 85 c0 test %eax,%eax 21: 75 22 jne 0x45 23: b8 2f 00 00 00 mov $0x2f,%eax 28: 0f 05 syscall 2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction 30: 77 5b ja 0x8d 32: 4c 63 e0 movslq %eax,%r12 35: 48 83 c4 10 add $0x10,%rsp 39: 4c 89 e0 mov %r12,%rax 3c: 41 5c pop %r12 3e: c3 ret 3f: 66 data16 Code starting with the faulting instruction =========================================== 0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax 6: 77 5b ja 0x63 8: 4c 63 e0 movslq %eax,%r12 b: 48 83 c4 10 add $0x10,%rsp f: 4c 89 e0 mov %r12,%rax 12: 41 5c pop %r12 14: c3 ret 15: 66 data16 [ 43.304203] RSP: 002b:00007ffdd2fd7330 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 43.304262] RAX: ffffffffffffffda RBX: 000000000000fde8 RCX: 00007f10924db83d [ 43.304325] RDX: 0000000000000000 RSI: 00007ffdd2fd73a0 RDI: 0000000000000003 [ 43.304377] RBP: 00007ffdd2fd84b0 R08: 00000000004185e0 R09: 0000000000000010 [ 43.304430] R10: 00007f109239c1d8 R11: 0000000000000246 R12: 000000000000fe04 Finger prints: page_pool_put_unrefed_netmem:napi_pp_put_page:skb_release_data:consume_skb:raw_recvmsg