======================================
| [   10.921569][  T248] virtio_net virtio2 enp0s1: renamed from eth0
| [   11.116414][  T248] virtio_net virtio3 enp0s2: renamed from eth1
| [   11.424197][    C0] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN
| [   11.424454][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   11.424784][    C0] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   11.424913][    C0] RIP: 0010:page_pool_alloc_frag_netmem (net/core/page_pool.c:1057)
[   11.425054][    C0] Code: b8 00 00 00 00 00 fc ff df 41 57 41 89 c8 41 56 41 55 41 89 d5 48 89 fa 41 54 48 c1 ea 03 49 89 f4 55 53 48 89 fb 48 83 ec 30 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 32 05 00 00 8b 0b 83 f9 3f 0f
All code
========
   0:	b8 00 00 00 00       	mov    $0x0,%eax
   5:	00 fc                	add    %bh,%ah
   7:	ff                   	lcall  (bad)
   8:	df 41 57             	filds  0x57(%rcx)
   b:	41 89 c8             	mov    %ecx,%r8d
   e:	41 56                	push   %r14
  10:	41 55                	push   %r13
  12:	41 89 d5             	mov    %edx,%r13d
  15:	48 89 fa             	mov    %rdi,%rdx
  18:	41 54                	push   %r12
  1a:	48 c1 ea 03          	shr    $0x3,%rdx
  1e:	49 89 f4             	mov    %rsi,%r12
  21:	55                   	push   %rbp
  22:	53                   	push   %rbx
  23:	48 89 fb             	mov    %rdi,%rbx
  26:	48 83 ec 30          	sub    $0x30,%rsp
  2a:*	0f b6 04 02          	movzbl (%rdx,%rax,1),%eax		<-- trapping instruction
  2e:	84 c0                	test   %al,%al
  30:	74 08                	je     0x3a
  32:	3c 03                	cmp    $0x3,%al
  34:	0f 8e 32 05 00 00    	jle    0x56c
  3a:	8b 0b                	mov    (%rbx),%ecx
  3c:	83 f9 3f             	cmp    $0x3f,%ecx
  3f:	0f                   	.byte 0xf

Code starting with the faulting instruction
===========================================
   0:	0f b6 04 02          	movzbl (%rdx,%rax,1),%eax
   4:	84 c0                	test   %al,%al
   6:	74 08                	je     0x10
   8:	3c 03                	cmp    $0x3,%al
   a:	0f 8e 32 05 00 00    	jle    0x542
  10:	8b 0b                	mov    (%rbx),%ecx
  12:	83 f9 3f             	cmp    $0x3f,%ecx
  15:	0f                   	.byte 0xf
[   11.425413][    C0] RSP: 0018:ffa0000000007a00 EFLAGS: 00010286
[   11.425544][    C0] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000820
[   11.425697][    C0] RDX: 0000000000000000 RSI: ffa0000000007ac0 RDI: 0000000000000000
[   11.425846][    C0] RBP: 1ff4000000000f54 R08: 0000000000000820 R09: fff3fc0000000f8f
[   11.426000][    C0] R10: fff3fc0000000f90 R11: 0000000000000001 R12: ffa0000000007ac0
[   11.426156][    C0] R13: 0000000000000600 R14: ff11000008719d00 R15: ff1100000926de00
[   11.426308][    C0] FS:  00007f4db5334400(0000) GS:ff110000786fe000(0000) knlGS:0000000000000000
[   11.426487][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   11.426617][    C0] CR2: 00000000004e5e60 CR3: 000000000b9da001 CR4: 0000000000771ef0
[   11.426768][    C0] PKRU: 55555554
[   11.426846][    C0] Call Trace:
[   11.426927][    C0]  <IRQ>
[   11.426981][    C0]  ? alloc_chain_hlocks (kernel/locking/lockdep.c:3548)
[   11.427085][    C0]  ? buf_to_xdp.isra.0 (drivers/net/virtio_net.c:599)
[   11.427190][    C0]  page_pool_alloc_frag (./include/net/netmem.h:191 (discriminator 2) net/core/page_pool.c:1101 (discriminator 2))
[   11.427289][    C0]  add_recvbuf_mergeable (drivers/net/virtio_net.c:2733 (discriminator 1))
[   11.427392][    C0]  ? page_to_skb (drivers/net/virtio_net.c:2715)
[   11.427497][    C0]  ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870)
[   11.427597][    C0]  ? find_held_lock (kernel/locking/lockdep.c:5350 (discriminator 1))
[   11.427696][    C0]  try_fill_recv (drivers/net/virtio_net.c:2792)
[   11.427794][    C0]  virtnet_poll (drivers/net/virtio_net.c:2953 (discriminator 1) drivers/net/virtio_net.c:3038 (discriminator 1))
[   11.427901][    C0]  ? receive_buf (drivers/net/virtio_net.c:3027)
[   11.428005][    C0]  ? virtnet_xdp_handler (drivers/net/virtio_net.c:3242)
[   11.428109][    C0]  ? do_raw_spin_unlock (./arch/x86/include/asm/atomic.h:23 ./include/linux/atomic/atomic-arch-fallback.h:457 ./include/linux/atomic/atomic-instrumented.h:33 ./include/asm-generic/qspinlock.h:57 kernel/locking/spinlock_debug.c:101 kernel/locking/spinlock_debug.c:141)
[   11.428208][    C0]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1))
[   11.428310][    C0]  __napi_poll.constprop.0 (net/core/dev.c:7681)
[   11.428415][    C0]  net_rx_action (net/core/dev.c:7743 net/core/dev.c:7895)
[   11.428517][    C0]  ? run_backlog_napi (net/core/dev.c:7857)
[   11.428617][    C0]  ? sched_balance_domains (kernel/sched/fair.c:12343 (discriminator 1))
[   11.428721][    C0]  ? lockdep_hardirqs_on_prepare.part.0 (kernel/locking/lockdep.c:470 (discriminator 6) kernel/locking/lockdep.c:4411 (discriminator 6))
[   11.428844][    C0]  ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4473)
[   11.428949][    C0]  ? sched_balance_update_blocked_averages (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:109 ./arch/x86/include/asm/irqflags.h:151 kernel/sched/sched.h:1608 kernel/sched/sched.h:1915 kernel/sched/fair.c:9968)
[   11.429073][    C0]  ? mark_held_locks (kernel/locking/lockdep.c:4325 (discriminator 1))
[   11.429172][    C0]  handle_softirqs (./arch/x86/include/asm/jump_label.h:37 ./include/trace/events/irq.h:142 kernel/softirq.c:623)
[   11.429271][    C0]  ? _local_bh_enable (kernel/softirq.c:580)
[   11.429371][    C0]  ? __flush_smp_call_function_queue (kernel/smp.c:137 kernel/smp.c:593)
[   11.429497][    C0]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1))
[   11.429597][    C0]  do_softirq (kernel/softirq.c:523 (discriminator 25) kernel/softirq.c:510 (discriminator 25))
[   11.429673][    C0]  </IRQ>
[   11.429723][    C0]  <TASK>
[   11.429774][    C0]  __local_bh_enable_ip (kernel/softirq.c:450)
[   11.429876][    C0]  virtnet_napi_enable (drivers/net/virtio_net.c:2843)
[   11.429975][    C0]  virtnet_open (drivers/net/virtio_net.c:3094 drivers/net/virtio_net.c:3216)
[   11.430076][    C0]  __dev_open (net/core/dev.c:1697)
[   11.430152][    C0]  ? dev_set_rx_mode (net/core/dev.c:1661)
[   11.430254][    C0]  ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536)
[   11.430353][    C0]  ? mark_held_locks (kernel/locking/lockdep.c:4325 (discriminator 1))
[   11.430452][    C0]  __dev_change_flags (net/core/dev.c:9748)
[   11.430551][    C0]  ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536)
[   11.430650][    C0]  ? netif_set_allmulti (net/core/dev.c:9712)
[   11.430750][    C0]  ? is_bpf_text_address (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) kernel/bpf/core.c:746 (discriminator 1))
[   11.430851][    C0]  netif_change_flags (net/core/dev.c:9812)
[   11.430954][    C0]  ? unwind_get_return_address (arch/x86/kernel/unwind_orc.c:385 (discriminator 1))
[   11.431054][    C0]  do_setlink.isra.0 (net/core/rtnetlink.c:3158 (discriminator 1))
[   11.431156][    C0]  ? rtnl_newlink_create (net/core/rtnetlink.c:3036)
[   11.431254][    C0]  ? rcu_lockdep_current_cpu_online (kernel/rcu/tree.c:4028 (discriminator 2) kernel/rcu/tree.c:4020 (discriminator 2))
[   11.431382][    C0]  ? rcu_read_lock_any_held (kernel/rcu/update.c:386 (discriminator 1) kernel/rcu/update.c:380 (discriminator 1))
[   11.431483][    C0]  ? validate_chain (kernel/locking/lockdep.c:3801 (discriminator 4) kernel/locking/lockdep.c:3821 (discriminator 4) kernel/locking/lockdep.c:3876 (discriminator 4))
[   11.431582][    C0]  ? rcu_read_lock_any_held (./include/linux/lockdep.h:249 kernel/rcu/update.c:388 kernel/rcu/update.c:380)
[   11.431680][    C0]  ? stack_depot_save_flags (lib/stackdepot.c:601 (discriminator 4) lib/stackdepot.c:668 (discriminator 4))
[   11.431780][    C0]  ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1))
[   11.431883][    C0]  ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870)
[   11.431981][    C0]  ? rtnl_newlink (net/core/rtnetlink.c:343 (discriminator 1) net/core/rtnetlink.c:4071 (discriminator 1))
[   11.432079][    C0]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1))
[   11.432182][    C0]  ? perf_trace_sched_switch (kernel/sched/core.c:8784)
[   11.432283][    C0]  ? rtnl_newlink (net/core/rtnetlink.c:343 (discriminator 1) net/core/rtnetlink.c:4071 (discriminator 1))
[   11.432380][    C0]  ? lock_acquire (./include/trace/events/lock.h:24 (discriminator 33) kernel/locking/lockdep.c:5831 (discriminator 33))
[   11.432481][    C0]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1))
[   11.432580][    C0]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1))
[   11.432680][    C0]  ? trace_contention_end (./include/trace/events/lock.h:122 (discriminator 33))
[   11.432777][    C0]  ? __mutex_lock (kernel/locking/mutex.c:624 (discriminator 3) kernel/locking/mutex.c:776 (discriminator 3))
[   11.432880][    C0]  ? rtnl_newlink (net/core/rtnetlink.c:343 (discriminator 1) net/core/rtnetlink.c:4071 (discriminator 1))
[   11.432978][    C0]  ? ww_mutex_lock (kernel/locking/mutex.c:775)
[   11.433084][    C0]  ? __rtnl_newlink (net/core/rtnetlink.c:3922)
[   11.433189][    C0]  rtnl_newlink (net/core/rtnetlink.c:351 (discriminator 1) net/core/rtnetlink.c:4073 (discriminator 1))
[   11.433293][    C0]  ? rtnl_setlink (net/core/rtnetlink.c:3963)
[   11.433392][    C0]  ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1))
[   11.433493][    C0]  ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870)
[   11.433592][    C0]  ? find_held_lock (kernel/locking/lockdep.c:5350 (discriminator 1))
[   11.433691][    C0]  ? rtnl_setlink (net/core/rtnetlink.c:3963)
[   11.433789][    C0]  ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536)
[   11.433895][    C0]  ? rtnl_setlink (net/core/rtnetlink.c:3963)
[   11.433993][    C0]  rtnetlink_rcv_msg (net/core/rtnetlink.c:6958)
[   11.434093][    C0]  ? rcu_read_lock_any_held (kernel/rcu/update.c:386 (discriminator 1) kernel/rcu/update.c:380 (discriminator 1))
[   11.434196][    C0]  ? rtnl_fdb_dump (net/core/rtnetlink.c:6861)
[   11.434294][    C0]  ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1))
[   11.434392][    C0]  ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870)
[   11.434489][    C0]  ? find_held_lock (kernel/locking/lockdep.c:5350 (discriminator 1))
[   11.434591][    C0]  netlink_rcv_skb (net/netlink/af_netlink.c:2550)
[   11.434690][    C0]  ? rtnl_fdb_dump (net/core/rtnetlink.c:6861)
[   11.434789][    C0]  ? netlink_ack (net/netlink/af_netlink.c:2527)
[   11.434892][    C0]  ? netlink_deliver_tap (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) ./include/net/netns/generic.h:48 (discriminator 1) net/netlink/af_netlink.c:333 (discriminator 1))
[   11.434989][    C0]  ? netlink_deliver_tap (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) net/netlink/af_netlink.c:340 (discriminator 1))
[   11.435087][    C0]  netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)
[   11.435186][    C0]  ? netlink_attachskb (net/netlink/af_netlink.c:1329)
[   11.435284][    C0]  ? __alloc_skb (./include/linux/bottom_half.h:20 (discriminator 1) net/core/skbuff.c:695 (discriminator 1))
[   11.435382][    C0]  ? napi_skb_cache_get (net/core/skbuff.c:674)
[   11.435480][    C0]  ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870)
[   11.435578][    C0]  ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1))
[   11.435676][    C0]  netlink_sendmsg (net/netlink/af_netlink.c:1894)
[   11.435782][    C0]  ? netlink_unicast (net/netlink/af_netlink.c:1813)
[   11.435890][    C0]  ____sys_sendmsg (net/socket.c:727 (discriminator 4) net/socket.c:742 (discriminator 4) net/socket.c:2592 (discriminator 4))
[   11.435991][    C0]  ? copy_msghdr_from_user (net/socket.c:2532)
[   11.436095][    C0]  ? get_timestamp.constprop.0 (net/socket.c:2538)
[   11.436223][    C0]  ? move_addr_to_kernel (net/socket.c:2518)
[   11.436324][    C0]  ? stack_depot_save_flags (lib/stackdepot.c:601 (discriminator 4) lib/stackdepot.c:668 (discriminator 4))
[   11.436425][    C0]  ? rcu_read_lock_any_held (kernel/rcu/update.c:386 (discriminator 1) kernel/rcu/update.c:380 (discriminator 1))
[   11.436524][    C0]  ___sys_sendmsg (net/socket.c:2648)
[   11.436621][    C0]  ? __call_rcu_common.constprop.0 (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:109 ./arch/x86/include/asm/irqflags.h:127 kernel/rcu/tree.c:3121)
[   11.436745][    C0]  ? copy_msghdr_from_user (net/socket.c:2635)
[   11.436848][    C0]  __sys_sendmsg (net/socket.c:2678 (discriminator 1))
[   11.436951][    C0]  ? __sys_sendmsg_sock (net/socket.c:2663)
[   11.437052][    C0]  ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4473)
[   11.437151][    C0]  ? __call_rcu_common.constprop.0 (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:109 ./arch/x86/include/asm/irqflags.h:151 kernel/rcu/tree.c:3144)
[   11.437274][    C0]  ? do_raw_spin_unlock (./arch/x86/include/asm/atomic.h:23 ./include/linux/atomic/atomic-arch-fallback.h:457 ./include/linux/atomic/atomic-instrumented.h:33 ./include/asm-generic/qspinlock.h:57 kernel/locking/spinlock_debug.c:101 kernel/locking/spinlock_debug.c:141)
[   11.437371][    C0]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1))
[   11.437470][    C0]  do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))
[   11.437571][    C0]  entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)
[   11.437696][    C0] RIP: 0033:0x7f4db548ec5e
[   11.437801][    C0] Code: 4d 89 d8 e8 34 bd 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 <c9> c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa
All code
========
   0:	4d 89 d8             	mov    %r11,%r8
   3:	e8 34 bd 00 00       	call   0xbd3c
   8:	4c 8b 5d f8          	mov    -0x8(%rbp),%r11
   c:	41 8b 93 08 03 00 00 	mov    0x308(%r11),%edx
  13:	59                   	pop    %rcx
  14:	5e                   	pop    %rsi
  15:	48 83 f8 fc          	cmp    $0xfffffffffffffffc,%rax
  19:	74 11                	je     0x2c
  1b:	c9                   	leave
  1c:	c3                   	ret
  1d:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
  24:	48 8b 45 10          	mov    0x10(%rbp),%rax
  28:	0f 05                	syscall
  2a:*	c9                   	leave		<-- trapping instruction
  2b:	c3                   	ret
  2c:	83 e2 39             	and    $0x39,%edx
  2f:	83 fa 08             	cmp    $0x8,%edx
  32:	75 e7                	jne    0x1b
  34:	e8 13 ff ff ff       	call   0xffffffffffffff4c
  39:	0f 1f 00             	nopl   (%rax)
  3c:	f3 0f 1e fa          	endbr64

Code starting with the faulting instruction
===========================================
   0:	c9                   	leave
   1:	c3                   	ret
   2:	83 e2 39             	and    $0x39,%edx
   5:	83 fa 08             	cmp    $0x8,%edx
   8:	75 e7                	jne    0xfffffffffffffff1
   a:	e8 13 ff ff ff       	call   0xffffffffffffff22
   f:	0f 1f 00             	nopl   (%rax)
  12:	f3 0f 1e fa          	endbr64
[   11.438154][    C0] RSP: 002b:00007ffd29e04360 EFLAGS: 00000202 ORIG_RAX: 000000000000002e
[   11.438305][    C0] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f4db548ec5e
[   11.438454][    C0] RDX: 0000000000000000 RSI: 00007ffd29e04420 RDI: 0000000000000005
[   11.438604][    C0] RBP: 00007ffd29e04370 R08: 0000000000000000 R09: 0000000000000000
[   11.438758][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffd29e04ae0


Finger prints:
page_pool_alloc_frag_netmem:page_pool_alloc_frag:add_recvbuf_mergeable:try_fill_recv:virtnet_poll