====================================== | [ 109.875633][ T1836] page dumped because: VM_BUG_ON_PAGE(({ __kcsan_disable_current(); ; __auto_type __v = (page->page_type); ; __kcsan_enable_current(); __v; }) != (~0U)) | [ 109.876029][ T1836] ------------[ cut here ]------------ | [ 109.876195][ T1836] kernel BUG at ./include/linux/page-flags.h:1062! | [ 109.876385][ T1836] Oops: invalid opcode: 0000 [#1] SMP KASAN [ 109.876686][ T1836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 109.876912][ T1836] RIP: 0010:page_pool_set_pp_info (./include/linux/page-flags.h:1062 (discriminator 9) net/core/page_pool.c:716 (discriminator 9)) [ 109.877041][ T1836] Code: 80 3c 11 00 0f 84 12 ff ff ff 89 04 24 e8 12 de a0 fe 8b 04 24 e9 02 ff ff ff 48 c7 c6 60 98 ad 9c 48 89 df e8 6b d0 89 fe 90 <0f> 0b e8 f3 dc a0 fe e9 58 ff ff ff e8 29 dd a0 fe e9 a9 fe ff ff All code ======== 0: 80 3c 11 00 cmpb $0x0,(%rcx,%rdx,1) 4: 0f 84 12 ff ff ff je 0xffffffffffffff1c a: 89 04 24 mov %eax,(%rsp) d: e8 12 de a0 fe call 0xfffffffffea0de24 12: 8b 04 24 mov (%rsp),%eax 15: e9 02 ff ff ff jmp 0xffffffffffffff1c 1a: 48 c7 c6 60 98 ad 9c mov $0xffffffff9cad9860,%rsi 21: 48 89 df mov %rbx,%rdi 24: e8 6b d0 89 fe call 0xfffffffffe89d094 29: 90 nop 2a:* 0f 0b ud2 <-- trapping instruction 2c: e8 f3 dc a0 fe call 0xfffffffffea0dd24 31: e9 58 ff ff ff jmp 0xffffffffffffff8e 36: e8 29 dd a0 fe call 0xfffffffffea0dd64 3b: e9 a9 fe ff ff jmp 0xfffffffffffffee9 Code starting with the faulting instruction =========================================== 0: 0f 0b ud2 2: e8 f3 dc a0 fe call 0xfffffffffea0dcfa 7: e9 58 ff ff ff jmp 0xffffffffffffff64 c: e8 29 dd a0 fe call 0xfffffffffea0dd3a 11: e9 a9 fe ff ff jmp 0xfffffffffffffebf [ 109.877377][ T1836] RSP: 0018:ffa00000050df8a0 EFLAGS: 00010282 [ 109.877504][ T1836] RAX: 0000000000000096 RBX: ff11000018dfffc0 RCX: 0000000000000000 [ 109.877647][ T1836] RDX: 0000000000000096 RSI: 1ffffffff4057b44 RDI: fff3fc0000a1beff [ 109.877789][ T1836] RBP: ff1100000d1ca000 R08: ffffffff99dbf47a R09: 1ffffffff3afea44 [ 109.877932][ T1836] R10: 0000000000000003 R11: fffffbfff3afea45 R12: ff11000018dfffc1 [ 109.878080][ T1836] R13: 0000000000000000 R14: ff11000018dfffc0 R15: 0000000000000000 [ 109.878226][ T1836] FS: 00007fe08921db80(0000) GS:ff110000cd2c6000(0000) knlGS:0000000000000000 [ 109.878394][ T1836] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.878514][ T1836] CR2: 00007fe08941b5e0 CR3: 00000000086df002 CR4: 0000000000771ef0 [ 109.878661][ T1836] PKRU: 55555554 [ 109.878735][ T1836] Call Trace: [ 109.878849][ T1836] [ 109.878941][ T1836] net_mp_niov_set_page_pool (net/core/page_pool.c:1360) [ 109.879037][ T1836] io_pp_zc_alloc_netmems (io_uring/zcrx.c:1089 io_uring/zcrx.c:1110) [ 109.879133][ T1836] fbnic_fill_bdq (./include/net/page_pool/helpers.h:160 drivers/net/ethernet/meta/fbnic/fbnic_txrx.c:906) [ 109.879228][ T1836] __fbnic_nv_restart (drivers/net/ethernet/meta/fbnic/fbnic_txrx.c:2470 drivers/net/ethernet/meta/fbnic/fbnic_txrx.c:2874) [ 109.879323][ T1836] fbnic_queue_start (drivers/net/ethernet/meta/fbnic/fbnic_txrx.c:2903) [ 109.879416][ T1836] netdev_rx_queue_reconfig (net/core/netdev_rx_queue.c:137) [ 109.879513][ T1836] __netif_mp_open_rxq (net/core/netdev_rx_queue.c:234) [ 109.879609][ T1836] ? netdev_rx_queue_restart (net/core/netdev_rx_queue.c:184) [ 109.879743][ T1836] io_register_zcrx (io_uring/zcrx.c:818 io_uring/zcrx.c:903) [ 109.879839][ T1836] ? io_zcrx_get_region (io_uring/zcrx.c:675 (discriminator 1)) [ 109.879977][ T1836] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3)) [ 109.880075][ T1836] ? __do_sys_io_uring_register (io_uring/register.c:1028) [ 109.880197][ T1836] __io_uring_register (io_uring/register.c:931) [ 109.880290][ T1836] ? io_register_resize_rings (./arch/x86/include/asm/atomic.h:28) [ 109.880410][ T1836] ? __fget_files (./include/linux/rcupdate.h:871 fs/file.c:1101) [ 109.880508][ T1836] ? __do_sys_io_uring_register (io_uring/register.c:1028) [ 109.880668][ T1836] __do_sys_io_uring_register (io_uring/register.c:1029) [ 109.880762][ T1836] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3)) [ 109.880859][ T1836] do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) [ 109.880959][ T1836] ? trace_hardirqs_off (kernel/trace/trace_preemptirq.c:104 (discriminator 1)) [ 109.881053][ T1836] ? exc_page_fault (arch/x86/mm/fault.c:1480 (discriminator 3) arch/x86/mm/fault.c:1527 (discriminator 3)) [ 109.881147][ T1836] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:121) [ 109.881264][ T1836] RIP: 0033:0x7fe08941ced8 [ 109.881365][ T1836] Code: 00 00 f3 0f 1e fa 48 89 f2 f6 87 d0 00 00 00 01 74 20 8b bf cc 00 00 00 be 20 00 00 80 41 ba 01 00 00 00 b8 ab 01 00 00 0f 05 0f 1f 80 00 00 00 00 8b bf c4 00 00 00 be 20 00 00 00 eb de 0f All code ======== 0: 00 00 add %al,(%rax) 2: f3 0f 1e fa endbr64 6: 48 89 f2 mov %rsi,%rdx 9: f6 87 d0 00 00 00 01 testb $0x1,0xd0(%rdi) 10: 74 20 je 0x32 12: 8b bf cc 00 00 00 mov 0xcc(%rdi),%edi 18: be 20 00 00 80 mov $0x80000020,%esi 1d: 41 ba 01 00 00 00 mov $0x1,%r10d 23: b8 ab 01 00 00 mov $0x1ab,%eax 28: 0f 05 syscall 2a:* c3 ret <-- trapping instruction 2b: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 32: 8b bf c4 00 00 00 mov 0xc4(%rdi),%edi 38: be 20 00 00 00 mov $0x20,%esi 3d: eb de jmp 0x1d 3f: 0f .byte 0xf Code starting with the faulting instruction =========================================== 0: c3 ret 1: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 8: 8b bf c4 00 00 00 mov 0xc4(%rdi),%edi e: be 20 00 00 00 mov $0x20,%esi 13: eb de jmp 0xfffffffffffffff3 15: 0f .byte 0xf [ 109.881740][ T1836] RSP: 002b:00007ffc9da22f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 109.881886][ T1836] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe08941ced8 [ 109.882068][ T1836] RDX: 00007ffc9da22f90 RSI: 0000000000000020 RDI: 0000000000000004 [ 109.882208][ T1836] RBP: 00007ffc9da230a0 R08: 0000000000000000 R09: 0000000000000000 [ 109.882353][ T1836] R10: 0000000000000001 R11: 0000000000000246 R12: 00007ffc9da23368 Finger prints: page_pool_set_pp_info:net_mp_niov_set_page_pool:io_pp_zc_alloc_netmems:fbnic_fill_bdq:__fbnic_nv_restart