2 files changed, 111 insertions(+)
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
-index 2698999c2aed..5fef2f65f634 100644
+index fa73bbcb0c8d..4964bb2e931e 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -4209,6 +4209,15 @@
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/core/dev.c b/net/core/dev.c
-index e1ea81afe37f..6ae53bede3b2 100644
+index 555bbe774734..de2e0d0185fc 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
-@@ -10260,7 +10260,7 @@ static struct net_device *netdev_wait_allrefs_any(struct list_head *list)
+@@ -10262,7 +10262,7 @@ static struct net_device *netdev_wait_allrefs_any(struct list_head *list)
if (time_after(jiffies, warning_time +
READ_ONCE(netdev_unregister_timeout_secs) * HZ)) {
list_for_each_entry(dev, list, todo_list) {
3 files changed, 21 insertions(+)
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
-index 596061c1610e..9cbf12eca1d9 100644
+index 7ccdf991d18e..61aefeb3fdbc 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -251,6 +251,12 @@ static u64 cpuid_get_supported_xcr0(struct kvm_cpuid_entry2 *entries, int nent)
int cpuid_query_maxphyaddr(struct kvm_vcpu *vcpu);
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
-index ef53767fb7c8..7d8b14f8807e 100644
+index eb905af3ee90..16d7a881cae5 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
-@@ -5335,6 +5335,19 @@ static int kvm_vcpu_ioctl_x86_set_xsave(struct kvm_vcpu *vcpu,
+@@ -5333,6 +5333,19 @@ static int kvm_vcpu_ioctl_x86_set_xsave(struct kvm_vcpu *vcpu,
if (fpstate_is_confidential(&vcpu->arch.guest_fpu))
return 0;
+++ /dev/null
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Sean Christopherson <seanjc@google.com>
-Date: Thu, 1 Jun 2023 18:01:37 -0700
-Subject: [PATCH] KVM: x86/mmu: Grab memslot for correct address space in NX
- recovery worker
-
-commit 817fa998362d6ea9fabd5e97af8e9e2eb5f0e6f2 upstream.
-
-Factor in the address space (non-SMM vs. SMM) of the target shadow page
-when recovering potential NX huge pages, otherwise KVM will retrieve the
-wrong memslot when zapping shadow pages that were created for SMM. The
-bug most visibly manifests as a WARN on the memslot being non-NULL, but
-the worst case scenario is that KVM could unaccount the shadow page
-without ensuring KVM won't install a huge page, i.e. if the non-SMM slot
-is being dirty logged, but the SMM slot is not.
-
- ------------[ cut here ]------------
- WARNING: CPU: 1 PID: 3911 at arch/x86/kvm/mmu/mmu.c:7015
- kvm_nx_huge_page_recovery_worker+0x38c/0x3d0 [kvm]
- CPU: 1 PID: 3911 Comm: kvm-nx-lpage-re
- RIP: 0010:kvm_nx_huge_page_recovery_worker+0x38c/0x3d0 [kvm]
- RSP: 0018:ffff99b284f0be68 EFLAGS: 00010246
- RAX: 0000000000000000 RBX: ffff99b284edd000 RCX: 0000000000000000
- RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
- RBP: ffff9271397024e0 R08: 0000000000000000 R09: ffff927139702450
- R10: 0000000000000000 R11: 0000000000000001 R12: ffff99b284f0be98
- R13: 0000000000000000 R14: ffff9270991fcd80 R15: 0000000000000003
- FS: 0000000000000000(0000) GS:ffff927f9f640000(0000) knlGS:0000000000000000
- CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
- CR2: 00007f0aacad3ae0 CR3: 000000088fc2c005 CR4: 00000000003726e0
- Call Trace:
- <TASK>
-__pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [kvm]
- kvm_vm_worker_thread+0x106/0x1c0 [kvm]
- kthread+0xd9/0x100
- ret_from_fork+0x2c/0x50
- </TASK>
- ---[ end trace 0000000000000000 ]---
-
-This bug was exposed by commit edbdb43fc96b ("KVM: x86: Preserve TDP MMU
-roots until they are explicitly invalidated"), which allowed KVM to retain
-SMM TDP MMU roots effectively indefinitely. Before commit edbdb43fc96b,
-KVM would zap all SMM TDP MMU roots and thus all SMM TDP MMU shadow pages
-once all vCPUs exited SMM, which made the window where this bug (recovering
-an SMM NX huge page) could be encountered quite tiny. To hit the bug, the
-NX recovery thread would have to run while at least one vCPU was in SMM.
-Most VMs typically only use SMM during boot, and so the problematic shadow
-pages were gone by the time the NX recovery thread ran.
-
-Now that KVM preserves TDP MMU roots until they are explicitly invalidated
-(e.g. by a memslot deletion), the window to trigger the bug is effectively
-never closed because most VMMs don't delete memslots after boot (except
-for a handful of special scenarios).
-
-Fixes: eb298605705a ("KVM: x86/mmu: Do not recover dirty-tracked NX Huge Pages")
-Reported-by: Fabio Coatti <fabio.coatti@gmail.com>
-Closes: https://lore.kernel.org/all/CADpTngX9LESCdHVu_2mQkNGena_Ng2CphWNwsRGSMxzDsTjU2A@mail.gmail.com
-Cc: stable@vger.kernel.org
-Link: https://lore.kernel.org/r/20230602010137.784664-1-seanjc@google.com
-Signed-off-by: Sean Christopherson <seanjc@google.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
----
- arch/x86/kvm/mmu/mmu.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
-index dcca08a08bd0..3220c1285984 100644
---- a/arch/x86/kvm/mmu/mmu.c
-+++ b/arch/x86/kvm/mmu/mmu.c
-@@ -6945,7 +6945,10 @@ static void kvm_recover_nx_huge_pages(struct kvm *kvm)
- */
- slot = NULL;
- if (atomic_read(&kvm->nr_memslots_dirty_logging)) {
-- slot = gfn_to_memslot(kvm, sp->gfn);
-+ struct kvm_memslots *slots;
-+
-+ slots = kvm_memslots_for_spte_role(kvm, sp->role);
-+ slot = __gfn_to_memslot(slots, sp->gfn);
- WARN_ON_ONCE(!slot);
- }
-
--- /dev/null
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Christoph Hellwig <hch@lst.de>
+Date: Thu, 13 Jul 2023 15:30:42 +0200
+Subject: [PATCH] nvme: don't reject probe due to duplicate IDs for
+ single-ported PCIe devices
+
+While duplicate IDs are still very harmful, including the potential to easily
+see changing devices in /dev/disk/by-id, it turn out they are extremely
+common for cheap end user NVMe devices.
+
+Relax our check for them for so that it doesn't reject the probe on
+single-ported PCIe devices, but prints a big warning instead. In doubt
+we'd still like to see quirk entries to disable the potential for
+changing supposed stable device identifier links, but this will at least
+allow users how have two (or more) of these devices to use them without
+having to manually add a new PCI ID entry with the quirk through sysfs or
+by patching the kernel.
+
+Fixes: 2079f41ec6ff ("nvme: check that EUI/GUID/UUID are globally unique")
+Cc: stable@vger.kernel.org # 6.0+
+Co-developed-by: Sagi Grimberg <sagi@grimberg.me>
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Keith Busch <kbusch@kernel.org>
+Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+---
+ drivers/nvme/host/core.c | 36 +++++++++++++++++++++++++++++++++---
+ 1 file changed, 33 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
+index e2618d2b57bf..56d13d9e08ed 100644
+--- a/drivers/nvme/host/core.c
++++ b/drivers/nvme/host/core.c
+@@ -4165,10 +4165,40 @@ static int nvme_init_ns_head(struct nvme_ns *ns, struct nvme_ns_info *info)
+
+ ret = nvme_global_check_duplicate_ids(ctrl->subsys, &info->ids);
+ if (ret) {
+- dev_err(ctrl->device,
+- "globally duplicate IDs for nsid %d\n", info->nsid);
++ /*
++ * We've found two different namespaces on two different
++ * subsystems that report the same ID. This is pretty nasty
++ * for anything that actually requires unique device
++ * identification. In the kernel we need this for multipathing,
++ * and in user space the /dev/disk/by-id/ links rely on it.
++ *
++ * If the device also claims to be multi-path capable back off
++ * here now and refuse the probe the second device as this is a
++ * recipe for data corruption. If not this is probably a
++ * cheap consumer device if on the PCIe bus, so let the user
++ * proceed and use the shiny toy, but warn that with changing
++ * probing order (which due to our async probing could just be
++ * device taking longer to startup) the other device could show
++ * up at any time.
++ */
+ nvme_print_device_info(ctrl);
+- return ret;
++ if ((ns->ctrl->ops->flags & NVME_F_FABRICS) || /* !PCIe */
++ ((ns->ctrl->subsys->cmic & NVME_CTRL_CMIC_MULTI_CTRL) &&
++ info->is_shared)) {
++ dev_err(ctrl->device,
++ "ignoring nsid %d because of duplicate IDs\n",
++ info->nsid);
++ return ret;
++ }
++
++ dev_err(ctrl->device,
++ "clearing duplicate IDs for nsid %d\n", info->nsid);
++ dev_err(ctrl->device,
++ "use of /dev/disk/by-id/ may cause data corruption\n");
++ memset(&info->ids.nguid, 0, sizeof(info->ids.nguid));
++ memset(&info->ids.uuid, 0, sizeof(info->ids.uuid));
++ memset(&info->ids.eui64, 0, sizeof(info->ids.eui64));
++ ctrl->quirks |= NVME_QUIRK_BOGUS_NID;
+ }
+
+ mutex_lock(&ctrl->subsys->lock);
--- /dev/null
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Muhammad Husaini Zulkifli <muhammad.husaini.zulkifli@intel.com>
+Date: Mon, 24 Jul 2023 09:12:50 -0700
+Subject: [PATCH] igc: Fix Kernel Panic during ndo_tx_timeout callback
+
+The Xeon validation group has been carrying out some loaded tests
+with various HW configurations, and they have seen some transmit
+queue time out happening during the test. This will cause the
+reset adapter function to be called by igc_tx_timeout().
+Similar race conditions may arise when the interface is being brought
+down and up in igc_reinit_locked(), an interrupt being generated, and
+igc_clean_tx_irq() being called to complete the TX.
+
+When the igc_tx_timeout() function is invoked, this patch will turn
+off all TX ring HW queues during igc_down() process. TX ring HW queues
+will be activated again during the igc_configure_tx_ring() process
+when performing the igc_up() procedure later.
+
+This patch also moved existing igc_disable_tx_ring_hw() to avoid using
+forward declaration.
+
+Kernel trace:
+[ 7678.747813] ------------[ cut here ]------------
+[ 7678.757914] NETDEV WATCHDOG: enp1s0 (igc): transmit queue 2 timed out
+[ 7678.770117] WARNING: CPU: 0 PID: 13 at net/sched/sch_generic.c:525 dev_watchdog+0x1ae/0x1f0
+[ 7678.784459] Modules linked in: xt_conntrack nft_chain_nat xt_MASQUERADE xt_addrtype nft_compat
+nf_tables nfnetlink br_netfilter bridge stp llc overlay dm_mod emrcha(PO) emriio(PO) rktpm(PO)
+cegbuf_mod(PO) patch_update(PO) se(PO) sgx_tgts(PO) mktme(PO) keylocker(PO) svtdx(PO) svfs_pci_hotplug(PO)
+vtd_mod(PO) davemem(PO) svmabort(PO) svindexio(PO) usbx2(PO) ehci_sched(PO) svheartbeat(PO) ioapic(PO)
+sv8259(PO) svintr(PO) lt(PO) pcierootport(PO) enginefw_mod(PO) ata(PO) smbus(PO) spiflash_cdf(PO) arden(PO)
+dsa_iax(PO) oobmsm_punit(PO) cpm(PO) svkdb(PO) ebg_pch(PO) pch(PO) sviotargets(PO) svbdf(PO) svmem(PO)
+svbios(PO) dram(PO) svtsc(PO) targets(PO) superio(PO) svkernel(PO) cswitch(PO) mcf(PO) pentiumIII_mod(PO)
+fs_svfs(PO) mdevdefdb(PO) svfs_os_services(O) ixgbe mdio mdio_devres libphy emeraldrapids_svdefs(PO)
+regsupport(O) libnvdimm nls_cp437 snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio snd_hda_intel
+snd_intel_dspcfg snd_hda_codec snd_hwdep x86_pkg_temp_thermal snd_hda_core snd_pcm snd_timer isst_if_mbox_pci
+[ 7678.784496] input_leds isst_if_mmio sg snd isst_if_common soundcore wmi button sad9(O) drm fuse backlight
+configfs efivarfs ip_tables x_tables vmd sdhci led_class rtl8150 r8152 hid_generic pegasus mmc_block usbhid
+mmc_core hid megaraid_sas ixgb igb i2c_algo_bit ice i40e hpsa scsi_transport_sas e1000e e1000 e100 ax88179_178a
+usbnet xhci_pci sd_mod xhci_hcd t10_pi crc32c_intel crc64_rocksoft igc crc64 crc_t10dif usbcore
+crct10dif_generic ptp crct10dif_common usb_common pps_core
+[ 7679.200403] RIP: 0010:dev_watchdog+0x1ae/0x1f0
+[ 7679.210201] Code: 28 e9 53 ff ff ff 4c 89 e7 c6 05 06 42 b9 00 01 e8 17 d1 fb ff 44 89 e9 4c
+89 e6 48 c7 c7 40 ad fb 81 48 89 c2 e8 52 62 82 ff <0f> 0b e9 72 ff ff ff 65 8b 05 80 7d 7c 7e
+89 c0 48 0f a3 05 0a c1
+[ 7679.245438] RSP: 0018:ffa00000001f7d90 EFLAGS: 00010282
+[ 7679.256021] RAX: 0000000000000000 RBX: ff11000109938440 RCX: 0000000000000000
+[ 7679.268710] RDX: ff11000361e26cd8 RSI: ff11000361e1b880 RDI: ff11000361e1b880
+[ 7679.281314] RBP: ffa00000001f7da8 R08: ff1100035f8fffe8 R09: 0000000000027ffb
+[ 7679.293840] R10: 0000000000001f0a R11: ff1100035f840000 R12: ff11000109938000
+[ 7679.306276] R13: 0000000000000002 R14: dead000000000122 R15: ffa00000001f7e18
+[ 7679.318648] FS: 0000000000000000(0000) GS:ff11000361e00000(0000) knlGS:0000000000000000
+[ 7679.332064] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[ 7679.342757] CR2: 00007ffff7fca168 CR3: 000000013b08a006 CR4: 0000000000471ef8
+[ 7679.354984] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
+[ 7679.367207] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400
+[ 7679.379370] PKRU: 55555554
+[ 7679.386446] Call Trace:
+[ 7679.393152] <TASK>
+[ 7679.399363] ? __pfx_dev_watchdog+0x10/0x10
+[ 7679.407870] call_timer_fn+0x31/0x110
+[ 7679.415698] expire_timers+0xb2/0x120
+[ 7679.423403] run_timer_softirq+0x179/0x1e0
+[ 7679.431532] ? __schedule+0x2b1/0x820
+[ 7679.439078] __do_softirq+0xd1/0x295
+[ 7679.446426] ? __pfx_smpboot_thread_fn+0x10/0x10
+[ 7679.454867] run_ksoftirqd+0x22/0x30
+[ 7679.462058] smpboot_thread_fn+0xb7/0x160
+[ 7679.469670] kthread+0xcd/0xf0
+[ 7679.476097] ? __pfx_kthread+0x10/0x10
+[ 7679.483211] ret_from_fork+0x29/0x50
+[ 7679.490047] </TASK>
+[ 7679.495204] ---[ end trace 0000000000000000 ]---
+[ 7679.503179] igc 0000:01:00.0 enp1s0: Register Dump
+[ 7679.511230] igc 0000:01:00.0 enp1s0: Register Name Value
+[ 7679.519892] igc 0000:01:00.0 enp1s0: CTRL 181c0641
+[ 7679.528782] igc 0000:01:00.0 enp1s0: STATUS 40280683
+[ 7679.537551] igc 0000:01:00.0 enp1s0: CTRL_EXT 10000040
+[ 7679.546284] igc 0000:01:00.0 enp1s0: MDIC 180a3800
+[ 7679.554942] igc 0000:01:00.0 enp1s0: ICR 00000081
+[ 7679.563503] igc 0000:01:00.0 enp1s0: RCTL 04408022
+[ 7679.571963] igc 0000:01:00.0 enp1s0: RDLEN[0-3] 00001000 00001000 00001000 00001000
+[ 7679.583075] igc 0000:01:00.0 enp1s0: RDH[0-3] 00000068 000000b6 0000000f 00000031
+[ 7679.594162] igc 0000:01:00.0 enp1s0: RDT[0-3] 00000066 000000b2 0000000e 00000030
+[ 7679.605174] igc 0000:01:00.0 enp1s0: RXDCTL[0-3] 02040808 02040808 02040808 02040808
+[ 7679.616196] igc 0000:01:00.0 enp1s0: RDBAL[0-3] 1bb7c000 1bb7f000 1bb82000 0ef33000
+[ 7679.627242] igc 0000:01:00.0 enp1s0: RDBAH[0-3] 00000001 00000001 00000001 00000001
+[ 7679.638256] igc 0000:01:00.0 enp1s0: TCTL a503f0fa
+[ 7679.646607] igc 0000:01:00.0 enp1s0: TDBAL[0-3] 2ba4a000 1bb6f000 1bb74000 1bb79000
+[ 7679.657609] igc 0000:01:00.0 enp1s0: TDBAH[0-3] 00000001 00000001 00000001 00000001
+[ 7679.668551] igc 0000:01:00.0 enp1s0: TDLEN[0-3] 00001000 00001000 00001000 00001000
+[ 7679.679470] igc 0000:01:00.0 enp1s0: TDH[0-3] 000000a7 0000002d 000000bf 000000d9
+[ 7679.690406] igc 0000:01:00.0 enp1s0: TDT[0-3] 000000a7 0000002d 000000bf 000000d9
+[ 7679.701264] igc 0000:01:00.0 enp1s0: TXDCTL[0-3] 02100108 02100108 02100108 02100108
+[ 7679.712123] igc 0000:01:00.0 enp1s0: Reset adapter
+[ 7683.085967] igc 0000:01:00.0 enp1s0: NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
+[ 8086.945561] ------------[ cut here ]------------
+Entering kdb (current=0xffffffff8220b200, pid 0) on processor 0
+Oops: (null) due to oops @ 0xffffffff81573888
+RIP: 0010:dql_completed+0x148/0x160
+Code: c9 00 48 89 57 58 e9 46 ff ff ff 45 85 e4 41 0f 95 c4 41 39 db 0f 95
+c1 41 84 cc 74 05 45 85 ed 78 0a 44 89 c1 e9 27 ff ff ff <0f> 0b 01 f6 44 89
+c1 29 f1 0f 48 ca eb 8c cc cc cc cc cc cc cc cc
+RSP: 0018:ffa0000000003e00 EFLAGS: 00010287
+RAX: 000000000000006c RBX: ffa0000003eb0f78 RCX: ff11000109938000
+RDX: 0000000000000003 RSI: 0000000000000160 RDI: ff110001002e9480
+RBP: ffa0000000003ed8 R08: ff110001002e93c0 R09: ffa0000000003d28
+R10: 0000000000007cc0 R11: 0000000000007c54 R12: 00000000ffffffd9
+R13: ff1100037039cb00 R14: 00000000ffffffd9 R15: ff1100037039c048
+FS: 0000000000000000(0000) GS:ff11000361e00000(0000) knlGS:0000000000000000
+CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+CR2: 00007ffff7fca168 CR3: 000000013b08a003 CR4: 0000000000471ef8
+DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
+DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400
+PKRU: 55555554
+Call Trace:
+ <IRQ>
+ ? igc_poll+0x1a9/0x14d0 [igc]
+ __napi_poll+0x2e/0x1b0
+ net_rx_action+0x126/0x250
+ __do_softirq+0xd1/0x295
+ irq_exit_rcu+0xc5/0xf0
+ common_interrupt+0x86/0xa0
+ </IRQ>
+ <TASK>
+ asm_common_interrupt+0x27/0x40
+RIP: 0010:cpuidle_enter_state+0xd3/0x3e0
+Code: 73 f1 ff ff 49 89 c6 8b 05 e2 ca a7 00 85 c0 0f 8f b3 02 00 00 31 ff e8 1b
+de 75 ff 80 7d d7 00 0f 85 cd 01 00 00 fb 45 85 ff <0f> 88 fd 00 00 00 49 63 cf
+4c 2b 75 c8 48 8d 04 49 48 89 ca 48 8d
+RSP: 0018:ffffffff82203df0 EFLAGS: 00000202
+RAX: ff11000361e2a200 RBX: 0000000000000002 RCX: 000000000000001f
+RDX: 0000000000000000 RSI: 000000003cf3cf3d RDI: 0000000000000000
+RBP: ffffffff82203e28 R08: 0000075ae38471c8 R09: 0000000000000018
+R10: 000000000000031a R11: ffffffff8238dca0 R12: ffd1ffffff200000
+R13: ffffffff8238dca0 R14: 0000075ae38471c8 R15: 0000000000000002
+ cpuidle_enter+0x2e/0x50
+ call_cpuidle+0x23/0x40
+ do_idle+0x1be/0x220
+ cpu_startup_entry+0x20/0x30
+ rest_init+0xb5/0xc0
+ arch_call_rest_init+0xe/0x30
+ start_kernel+0x448/0x760
+ x86_64_start_kernel+0x109/0x150
+ secondary_startup_64_no_verify+0xe0/0xeb
+ </TASK>
+more>
+[0]kdb>
+
+[0]kdb>
+[0]kdb> go
+Catastrophic error detected
+kdb_continue_catastrophic=0, type go a second time if you really want to
+continue
+[0]kdb> go
+Catastrophic error detected
+kdb_continue_catastrophic=0, attempting to continue
+[ 8086.955689] refcount_t: underflow; use-after-free.
+[ 8086.955697] WARNING: CPU: 0 PID: 0 at lib/refcount.c:28 refcount_warn_saturate+0xc2/0x110
+[ 8086.955706] Modules linked in: xt_conntrack nft_chain_nat xt_MASQUERADE xt_addrtype nft_compat
+nf_tables nfnetlink br_netfilter bridge stp llc overlay dm_mod emrcha(PO) emriio(PO) rktpm(PO)
+cegbuf_mod(PO) patch_update(PO) se(PO) sgx_tgts(PO) mktme(PO) keylocker(PO) svtdx(PO)
+svfs_pci_hotplug(PO) vtd_mod(PO) davemem(PO) svmabort(PO) svindexio(PO) usbx2(PO) ehci_sched(PO)
+svheartbeat(PO) ioapic(PO) sv8259(PO) svintr(PO) lt(PO) pcierootport(PO) enginefw_mod(PO) ata(PO)
+smbus(PO) spiflash_cdf(PO) arden(PO) dsa_iax(PO) oobmsm_punit(PO) cpm(PO) svkdb(PO) ebg_pch(PO)
+pch(PO) sviotargets(PO) svbdf(PO) svmem(PO) svbios(PO) dram(PO) svtsc(PO) targets(PO) superio(PO)
+svkernel(PO) cswitch(PO) mcf(PO) pentiumIII_mod(PO) fs_svfs(PO) mdevdefdb(PO) svfs_os_services(O)
+ixgbe mdio mdio_devres libphy emeraldrapids_svdefs(PO) regsupport(O) libnvdimm nls_cp437
+snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio snd_hda_intel snd_intel_dspcfg
+snd_hda_codec snd_hwdep x86_pkg_temp_thermal snd_hda_core snd_pcm snd_timer isst_if_mbox_pci
+[ 8086.955751] input_leds isst_if_mmio sg snd isst_if_common soundcore wmi button sad9(O) drm
+fuse backlight configfs efivarfs ip_tables x_tables vmd sdhci led_class rtl8150 r8152 hid_generic
+pegasus mmc_block usbhid mmc_core hid megaraid_sas ixgb igb i2c_algo_bit ice i40e hpsa
+scsi_transport_sas e1000e e1000 e100 ax88179_178a usbnet xhci_pci sd_mod xhci_hcd t10_pi
+crc32c_intel crc64_rocksoft igc crc64 crc_t10dif usbcore crct10dif_generic ptp crct10dif_common
+usb_common pps_core
+[ 8086.955784] RIP: 0010:refcount_warn_saturate+0xc2/0x110
+[ 8086.955788] Code: 01 e8 82 e7 b4 ff 0f 0b 5d c3 cc cc cc cc 80 3d 68 c6 eb 00 00 75 81
+48 c7 c7 a0 87 f6 81 c6 05 58 c6 eb 00 01 e8 5e e7 b4 ff <0f> 0b 5d c3 cc cc cc cc 80 3d
+42 c6 eb 00 00 0f 85 59 ff ff ff 48
+[ 8086.955790] RSP: 0018:ffa0000000003da0 EFLAGS: 00010286
+[ 8086.955793] RAX: 0000000000000000 RBX: ff1100011da40ee0 RCX: ff11000361e1b888
+[ 8086.955794] RDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ff11000361e1b880
+[ 8086.955795] RBP: ffa0000000003da0 R08: 80000000ffff9f45 R09: ffa0000000003d28
+[ 8086.955796] R10: ff1100035f840000 R11: 0000000000000028 R12: ff11000319ff8000
+[ 8086.955797] R13: ff1100011bb79d60 R14: 00000000ffffffd6 R15: ff1100037039cb00
+[ 8086.955798] FS: 0000000000000000(0000) GS:ff11000361e00000(0000) knlGS:0000000000000000
+[ 8086.955800] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[ 8086.955801] CR2: 00007ffff7fca168 CR3: 000000013b08a003 CR4: 0000000000471ef8
+[ 8086.955803] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
+[ 8086.955803] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400
+[ 8086.955804] PKRU: 55555554
+[ 8086.955805] Call Trace:
+[ 8086.955806] <IRQ>
+[ 8086.955808] tcp_wfree+0x112/0x130
+[ 8086.955814] skb_release_head_state+0x24/0xa0
+[ 8086.955818] napi_consume_skb+0x9c/0x160
+[ 8086.955821] igc_poll+0x5d8/0x14d0 [igc]
+[ 8086.955835] __napi_poll+0x2e/0x1b0
+[ 8086.955839] net_rx_action+0x126/0x250
+[ 8086.955843] __do_softirq+0xd1/0x295
+[ 8086.955846] irq_exit_rcu+0xc5/0xf0
+[ 8086.955851] common_interrupt+0x86/0xa0
+[ 8086.955857] </IRQ>
+[ 8086.955857] <TASK>
+[ 8086.955858] asm_common_interrupt+0x27/0x40
+[ 8086.955862] RIP: 0010:cpuidle_enter_state+0xd3/0x3e0
+[ 8086.955866] Code: 73 f1 ff ff 49 89 c6 8b 05 e2 ca a7 00 85 c0 0f 8f b3 02 00 00 31 ff e8
+1b de 75 ff 80 7d d7 00 0f 85 cd 01 00 00 fb 45 85 ff <0f> 88 fd 00 00 00 49 63 cf 4c 2b 75
+c8 48 8d 04 49 48 89 ca 48 8d
+[ 8086.955867] RSP: 0018:ffffffff82203df0 EFLAGS: 00000202
+[ 8086.955869] RAX: ff11000361e2a200 RBX: 0000000000000002 RCX: 000000000000001f
+[ 8086.955870] RDX: 0000000000000000 RSI: 000000003cf3cf3d RDI: 0000000000000000
+[ 8086.955871] RBP: ffffffff82203e28 R08: 0000075ae38471c8 R09: 0000000000000018
+[ 8086.955872] R10: 000000000000031a R11: ffffffff8238dca0 R12: ffd1ffffff200000
+[ 8086.955873] R13: ffffffff8238dca0 R14: 0000075ae38471c8 R15: 0000000000000002
+[ 8086.955875] cpuidle_enter+0x2e/0x50
+[ 8086.955880] call_cpuidle+0x23/0x40
+[ 8086.955884] do_idle+0x1be/0x220
+[ 8086.955887] cpu_startup_entry+0x20/0x30
+[ 8086.955889] rest_init+0xb5/0xc0
+[ 8086.955892] arch_call_rest_init+0xe/0x30
+[ 8086.955895] start_kernel+0x448/0x760
+[ 8086.955898] x86_64_start_kernel+0x109/0x150
+[ 8086.955900] secondary_startup_64_no_verify+0xe0/0xeb
+[ 8086.955904] </TASK>
+[ 8086.955904] ---[ end trace 0000000000000000 ]---
+[ 8086.955912] ------------[ cut here ]------------
+[ 8086.955913] kernel BUG at lib/dynamic_queue_limits.c:27!
+[ 8086.955918] invalid opcode: 0000 [#1] SMP
+[ 8086.955922] RIP: 0010:dql_completed+0x148/0x160
+[ 8086.955925] Code: c9 00 48 89 57 58 e9 46 ff ff ff 45 85 e4 41 0f 95 c4 41 39 db
+0f 95 c1 41 84 cc 74 05 45 85 ed 78 0a 44 89 c1 e9 27 ff ff ff <0f> 0b 01 f6 44 89
+c1 29 f1 0f 48 ca eb 8c cc cc cc cc cc cc cc cc
+[ 8086.955927] RSP: 0018:ffa0000000003e00 EFLAGS: 00010287
+[ 8086.955928] RAX: 000000000000006c RBX: ffa0000003eb0f78 RCX: ff11000109938000
+[ 8086.955929] RDX: 0000000000000003 RSI: 0000000000000160 RDI: ff110001002e9480
+[ 8086.955930] RBP: ffa0000000003ed8 R08: ff110001002e93c0 R09: ffa0000000003d28
+[ 8086.955931] R10: 0000000000007cc0 R11: 0000000000007c54 R12: 00000000ffffffd9
+[ 8086.955932] R13: ff1100037039cb00 R14: 00000000ffffffd9 R15: ff1100037039c048
+[ 8086.955933] FS: 0000000000000000(0000) GS:ff11000361e00000(0000) knlGS:0000000000000000
+[ 8086.955934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[ 8086.955935] CR2: 00007ffff7fca168 CR3: 000000013b08a003 CR4: 0000000000471ef8
+[ 8086.955936] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
+[ 8086.955937] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400
+[ 8086.955938] PKRU: 55555554
+[ 8086.955939] Call Trace:
+[ 8086.955939] <IRQ>
+[ 8086.955940] ? igc_poll+0x1a9/0x14d0 [igc]
+[ 8086.955949] __napi_poll+0x2e/0x1b0
+[ 8086.955952] net_rx_action+0x126/0x250
+[ 8086.955956] __do_softirq+0xd1/0x295
+[ 8086.955958] irq_exit_rcu+0xc5/0xf0
+[ 8086.955961] common_interrupt+0x86/0xa0
+[ 8086.955964] </IRQ>
+[ 8086.955965] <TASK>
+[ 8086.955965] asm_common_interrupt+0x27/0x40
+[ 8086.955968] RIP: 0010:cpuidle_enter_state+0xd3/0x3e0
+[ 8086.955971] Code: 73 f1 ff ff 49 89 c6 8b 05 e2 ca a7 00 85 c0 0f 8f b3 02 00 00
+31 ff e8 1b de 75 ff 80 7d d7 00 0f 85 cd 01 00 00 fb 45 85 ff <0f> 88 fd 00 00 00
+49 63 cf 4c 2b 75 c8 48 8d 04 49 48 89 ca 48 8d
+[ 8086.955972] RSP: 0018:ffffffff82203df0 EFLAGS: 00000202
+[ 8086.955973] RAX: ff11000361e2a200 RBX: 0000000000000002 RCX: 000000000000001f
+[ 8086.955974] RDX: 0000000000000000 RSI: 000000003cf3cf3d RDI: 0000000000000000
+[ 8086.955974] RBP: ffffffff82203e28 R08: 0000075ae38471c8 R09: 0000000000000018
+[ 8086.955975] R10: 000000000000031a R11: ffffffff8238dca0 R12: ffd1ffffff200000
+[ 8086.955976] R13: ffffffff8238dca0 R14: 0000075ae38471c8 R15: 0000000000000002
+[ 8086.955978] cpuidle_enter+0x2e/0x50
+[ 8086.955981] call_cpuidle+0x23/0x40
+[ 8086.955984] do_idle+0x1be/0x220
+[ 8086.955985] cpu_startup_entry+0x20/0x30
+[ 8086.955987] rest_init+0xb5/0xc0
+[ 8086.955990] arch_call_rest_init+0xe/0x30
+[ 8086.955992] start_kernel+0x448/0x760
+[ 8086.955994] x86_64_start_kernel+0x109/0x150
+[ 8086.955996] secondary_startup_64_no_verify+0xe0/0xeb
+[ 8086.955998] </TASK>
+[ 8086.955999] Modules linked in: xt_conntrack nft_chain_nat xt_MASQUERADE xt_addrtype
+nft_compat nf_tables nfnetlink br_netfilter bridge stp llc overlay dm_mod emrcha(PO) emriio(PO)
+rktpm(PO) cegbuf_mod(PO) patch_update(PO) se(PO) sgx_tgts(PO) mktme(PO) keylocker(PO) svtdx(PO)
+svfs_pci_hotplug(PO) vtd_mod(PO) davemem(PO) svmabort(PO) svindexio(PO) usbx2(PO) ehci_sched(PO)
+svheartbeat(PO) ioapic(PO) sv8259(PO) svintr(PO) lt(PO) pcierootport(PO) enginefw_mod(PO) ata(PO)
+smbus(PO) spiflash_cdf(PO) arden(PO) dsa_iax(PO) oobmsm_punit(PO) cpm(PO) svkdb(PO) ebg_pch(PO)
+pch(PO) sviotargets(PO) svbdf(PO) svmem(PO) svbios(PO) dram(PO) svtsc(PO) targets(PO) superio(PO)
+svkernel(PO) cswitch(PO) mcf(PO) pentiumIII_mod(PO) fs_svfs(PO) mdevdefdb(PO) svfs_os_services(O)
+ixgbe mdio mdio_devres libphy emeraldrapids_svdefs(PO) regsupport(O) libnvdimm nls_cp437
+snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio snd_hda_intel snd_intel_dspcfg
+snd_hda_codec snd_hwdep x86_pkg_temp_thermal snd_hda_core snd_pcm snd_timer isst_if_mbox_pci
+[ 8086.956029] input_leds isst_if_mmio sg snd isst_if_common soundcore wmi button sad9(O) drm
+fuse backlight configfs efivarfs ip_tables x_tables vmd sdhci led_class rtl8150 r8152 hid_generic
+pegasus mmc_block usbhid mmc_core hid megaraid_sas ixgb igb i2c_algo_bit ice i40e hpsa
+scsi_transport_sas e1000e e1000 e100 ax88179_178a usbnet xhci_pci sd_mod xhci_hcd t10_pi
+crc32c_intel crc64_rocksoft igc crc64 crc_t10dif usbcore crct10dif_generic ptp crct10dif_common
+usb_common pps_core
+[16762.543675] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.593 msecs
+[16762.543678] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.595 msecs
+[16762.543673] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.495 msecs
+[16762.543679] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.599 msecs
+[16762.543678] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.598 msecs
+[16762.543690] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.605 msecs
+[16762.543684] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.599 msecs
+[16762.543693] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.613 msecs
+[16762.543784] ---[ end trace 0000000000000000 ]---
+[16762.849099] RIP: 0010:dql_completed+0x148/0x160
+PANIC: Fatal exception in interrupt
+
+Fixes: 9b275176270e ("igc: Add ndo_tx_timeout support")
+Tested-by: Alejandra Victoria Alcaraz <alejandra.victoria.alcaraz@intel.com>
+Signed-off-by: Muhammad Husaini Zulkifli <muhammad.husaini.zulkifli@intel.com>
+Acked-by: Sasha Neftin <sasha.neftin@intel.com>
+Tested-by: Naama Meir <naamax.meir@linux.intel.com>
+Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
+Reviewed-by: Simon Horman <simon.horman@corigine.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+(cherry-picked from commit d4a7ce642100765119a872d4aba1bf63e3a22c8a)
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+---
+ drivers/net/ethernet/intel/igc/igc_main.c | 40 ++++++++++++++++-------
+ 1 file changed, 28 insertions(+), 12 deletions(-)
+
+diff --git a/drivers/net/ethernet/intel/igc/igc_main.c b/drivers/net/ethernet/intel/igc/igc_main.c
+index 8b554311518c..a3f89e1dca72 100644
+--- a/drivers/net/ethernet/intel/igc/igc_main.c
++++ b/drivers/net/ethernet/intel/igc/igc_main.c
+@@ -310,6 +310,33 @@ static void igc_clean_all_tx_rings(struct igc_adapter *adapter)
+ igc_clean_tx_ring(adapter->tx_ring[i]);
+ }
+
++static void igc_disable_tx_ring_hw(struct igc_ring *ring)
++{
++ struct igc_hw *hw = &ring->q_vector->adapter->hw;
++ u8 idx = ring->reg_idx;
++ u32 txdctl;
++
++ txdctl = rd32(IGC_TXDCTL(idx));
++ txdctl &= ~IGC_TXDCTL_QUEUE_ENABLE;
++ txdctl |= IGC_TXDCTL_SWFLUSH;
++ wr32(IGC_TXDCTL(idx), txdctl);
++}
++
++/**
++ * igc_disable_all_tx_rings_hw - Disable all transmit queue operation
++ * @adapter: board private structure
++ */
++static void igc_disable_all_tx_rings_hw(struct igc_adapter *adapter)
++{
++ int i;
++
++ for (i = 0; i < adapter->num_tx_queues; i++) {
++ struct igc_ring *tx_ring = adapter->tx_ring[i];
++
++ igc_disable_tx_ring_hw(tx_ring);
++ }
++}
++
+ /**
+ * igc_setup_tx_resources - allocate Tx resources (Descriptors)
+ * @tx_ring: tx descriptor ring (for a specific queue) to setup
+@@ -4993,6 +5020,7 @@ void igc_down(struct igc_adapter *adapter)
+ /* clear VLAN promisc flag so VFTA will be updated if necessary */
+ adapter->flags &= ~IGC_FLAG_VLAN_PROMISC;
+
++ igc_disable_all_tx_rings_hw(adapter);
+ igc_clean_all_tx_rings(adapter);
+ igc_clean_all_rx_rings(adapter);
+ }
+@@ -7094,18 +7122,6 @@ void igc_enable_rx_ring(struct igc_ring *ring)
+ igc_alloc_rx_buffers(ring, igc_desc_unused(ring));
+ }
+
+-static void igc_disable_tx_ring_hw(struct igc_ring *ring)
+-{
+- struct igc_hw *hw = &ring->q_vector->adapter->hw;
+- u8 idx = ring->reg_idx;
+- u32 txdctl;
+-
+- txdctl = rd32(IGC_TXDCTL(idx));
+- txdctl &= ~IGC_TXDCTL_QUEUE_ENABLE;
+- txdctl |= IGC_TXDCTL_SWFLUSH;
+- wr32(IGC_TXDCTL(idx), txdctl);
+-}
+-
+ void igc_disable_tx_ring(struct igc_ring *ring)
+ {
+ igc_disable_tx_ring_hw(ring);
+++ /dev/null
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Christoph Hellwig <hch@lst.de>
-Date: Thu, 13 Jul 2023 15:30:42 +0200
-Subject: [PATCH] nvme: don't reject probe due to duplicate IDs for
- single-ported PCIe devices
-
-While duplicate IDs are still very harmful, including the potential to easily
-see changing devices in /dev/disk/by-id, it turn out they are extremely
-common for cheap end user NVMe devices.
-
-Relax our check for them for so that it doesn't reject the probe on
-single-ported PCIe devices, but prints a big warning instead. In doubt
-we'd still like to see quirk entries to disable the potential for
-changing supposed stable device identifier links, but this will at least
-allow users how have two (or more) of these devices to use them without
-having to manually add a new PCI ID entry with the quirk through sysfs or
-by patching the kernel.
-
-Fixes: 2079f41ec6ff ("nvme: check that EUI/GUID/UUID are globally unique")
-Cc: stable@vger.kernel.org # 6.0+
-Co-developed-by: Sagi Grimberg <sagi@grimberg.me>
-Signed-off-by: Christoph Hellwig <hch@lst.de>
-Signed-off-by: Keith Busch <kbusch@kernel.org>
-Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
----
- drivers/nvme/host/core.c | 36 +++++++++++++++++++++++++++++++++---
- 1 file changed, 33 insertions(+), 3 deletions(-)
-
-diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
-index d567762545b0..f350df252d27 100644
---- a/drivers/nvme/host/core.c
-+++ b/drivers/nvme/host/core.c
-@@ -4162,10 +4162,40 @@ static int nvme_init_ns_head(struct nvme_ns *ns, struct nvme_ns_info *info)
-
- ret = nvme_global_check_duplicate_ids(ctrl->subsys, &info->ids);
- if (ret) {
-- dev_err(ctrl->device,
-- "globally duplicate IDs for nsid %d\n", info->nsid);
-+ /*
-+ * We've found two different namespaces on two different
-+ * subsystems that report the same ID. This is pretty nasty
-+ * for anything that actually requires unique device
-+ * identification. In the kernel we need this for multipathing,
-+ * and in user space the /dev/disk/by-id/ links rely on it.
-+ *
-+ * If the device also claims to be multi-path capable back off
-+ * here now and refuse the probe the second device as this is a
-+ * recipe for data corruption. If not this is probably a
-+ * cheap consumer device if on the PCIe bus, so let the user
-+ * proceed and use the shiny toy, but warn that with changing
-+ * probing order (which due to our async probing could just be
-+ * device taking longer to startup) the other device could show
-+ * up at any time.
-+ */
- nvme_print_device_info(ctrl);
-- return ret;
-+ if ((ns->ctrl->ops->flags & NVME_F_FABRICS) || /* !PCIe */
-+ ((ns->ctrl->subsys->cmic & NVME_CTRL_CMIC_MULTI_CTRL) &&
-+ info->is_shared)) {
-+ dev_err(ctrl->device,
-+ "ignoring nsid %d because of duplicate IDs\n",
-+ info->nsid);
-+ return ret;
-+ }
-+
-+ dev_err(ctrl->device,
-+ "clearing duplicate IDs for nsid %d\n", info->nsid);
-+ dev_err(ctrl->device,
-+ "use of /dev/disk/by-id/ may cause data corruption\n");
-+ memset(&info->ids.nguid, 0, sizeof(info->ids.nguid));
-+ memset(&info->ids.uuid, 0, sizeof(info->ids.uuid));
-+ memset(&info->ids.eui64, 0, sizeof(info->ids.eui64));
-+ ctrl->quirks |= NVME_QUIRK_BOGUS_NID;
- }
-
- mutex_lock(&ctrl->subsys->lock);
+++ /dev/null
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Muhammad Husaini Zulkifli <muhammad.husaini.zulkifli@intel.com>
-Date: Mon, 24 Jul 2023 09:12:50 -0700
-Subject: [PATCH] igc: Fix Kernel Panic during ndo_tx_timeout callback
-
-The Xeon validation group has been carrying out some loaded tests
-with various HW configurations, and they have seen some transmit
-queue time out happening during the test. This will cause the
-reset adapter function to be called by igc_tx_timeout().
-Similar race conditions may arise when the interface is being brought
-down and up in igc_reinit_locked(), an interrupt being generated, and
-igc_clean_tx_irq() being called to complete the TX.
-
-When the igc_tx_timeout() function is invoked, this patch will turn
-off all TX ring HW queues during igc_down() process. TX ring HW queues
-will be activated again during the igc_configure_tx_ring() process
-when performing the igc_up() procedure later.
-
-This patch also moved existing igc_disable_tx_ring_hw() to avoid using
-forward declaration.
-
-Kernel trace:
-[ 7678.747813] ------------[ cut here ]------------
-[ 7678.757914] NETDEV WATCHDOG: enp1s0 (igc): transmit queue 2 timed out
-[ 7678.770117] WARNING: CPU: 0 PID: 13 at net/sched/sch_generic.c:525 dev_watchdog+0x1ae/0x1f0
-[ 7678.784459] Modules linked in: xt_conntrack nft_chain_nat xt_MASQUERADE xt_addrtype nft_compat
-nf_tables nfnetlink br_netfilter bridge stp llc overlay dm_mod emrcha(PO) emriio(PO) rktpm(PO)
-cegbuf_mod(PO) patch_update(PO) se(PO) sgx_tgts(PO) mktme(PO) keylocker(PO) svtdx(PO) svfs_pci_hotplug(PO)
-vtd_mod(PO) davemem(PO) svmabort(PO) svindexio(PO) usbx2(PO) ehci_sched(PO) svheartbeat(PO) ioapic(PO)
-sv8259(PO) svintr(PO) lt(PO) pcierootport(PO) enginefw_mod(PO) ata(PO) smbus(PO) spiflash_cdf(PO) arden(PO)
-dsa_iax(PO) oobmsm_punit(PO) cpm(PO) svkdb(PO) ebg_pch(PO) pch(PO) sviotargets(PO) svbdf(PO) svmem(PO)
-svbios(PO) dram(PO) svtsc(PO) targets(PO) superio(PO) svkernel(PO) cswitch(PO) mcf(PO) pentiumIII_mod(PO)
-fs_svfs(PO) mdevdefdb(PO) svfs_os_services(O) ixgbe mdio mdio_devres libphy emeraldrapids_svdefs(PO)
-regsupport(O) libnvdimm nls_cp437 snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio snd_hda_intel
-snd_intel_dspcfg snd_hda_codec snd_hwdep x86_pkg_temp_thermal snd_hda_core snd_pcm snd_timer isst_if_mbox_pci
-[ 7678.784496] input_leds isst_if_mmio sg snd isst_if_common soundcore wmi button sad9(O) drm fuse backlight
-configfs efivarfs ip_tables x_tables vmd sdhci led_class rtl8150 r8152 hid_generic pegasus mmc_block usbhid
-mmc_core hid megaraid_sas ixgb igb i2c_algo_bit ice i40e hpsa scsi_transport_sas e1000e e1000 e100 ax88179_178a
-usbnet xhci_pci sd_mod xhci_hcd t10_pi crc32c_intel crc64_rocksoft igc crc64 crc_t10dif usbcore
-crct10dif_generic ptp crct10dif_common usb_common pps_core
-[ 7679.200403] RIP: 0010:dev_watchdog+0x1ae/0x1f0
-[ 7679.210201] Code: 28 e9 53 ff ff ff 4c 89 e7 c6 05 06 42 b9 00 01 e8 17 d1 fb ff 44 89 e9 4c
-89 e6 48 c7 c7 40 ad fb 81 48 89 c2 e8 52 62 82 ff <0f> 0b e9 72 ff ff ff 65 8b 05 80 7d 7c 7e
-89 c0 48 0f a3 05 0a c1
-[ 7679.245438] RSP: 0018:ffa00000001f7d90 EFLAGS: 00010282
-[ 7679.256021] RAX: 0000000000000000 RBX: ff11000109938440 RCX: 0000000000000000
-[ 7679.268710] RDX: ff11000361e26cd8 RSI: ff11000361e1b880 RDI: ff11000361e1b880
-[ 7679.281314] RBP: ffa00000001f7da8 R08: ff1100035f8fffe8 R09: 0000000000027ffb
-[ 7679.293840] R10: 0000000000001f0a R11: ff1100035f840000 R12: ff11000109938000
-[ 7679.306276] R13: 0000000000000002 R14: dead000000000122 R15: ffa00000001f7e18
-[ 7679.318648] FS: 0000000000000000(0000) GS:ff11000361e00000(0000) knlGS:0000000000000000
-[ 7679.332064] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
-[ 7679.342757] CR2: 00007ffff7fca168 CR3: 000000013b08a006 CR4: 0000000000471ef8
-[ 7679.354984] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
-[ 7679.367207] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400
-[ 7679.379370] PKRU: 55555554
-[ 7679.386446] Call Trace:
-[ 7679.393152] <TASK>
-[ 7679.399363] ? __pfx_dev_watchdog+0x10/0x10
-[ 7679.407870] call_timer_fn+0x31/0x110
-[ 7679.415698] expire_timers+0xb2/0x120
-[ 7679.423403] run_timer_softirq+0x179/0x1e0
-[ 7679.431532] ? __schedule+0x2b1/0x820
-[ 7679.439078] __do_softirq+0xd1/0x295
-[ 7679.446426] ? __pfx_smpboot_thread_fn+0x10/0x10
-[ 7679.454867] run_ksoftirqd+0x22/0x30
-[ 7679.462058] smpboot_thread_fn+0xb7/0x160
-[ 7679.469670] kthread+0xcd/0xf0
-[ 7679.476097] ? __pfx_kthread+0x10/0x10
-[ 7679.483211] ret_from_fork+0x29/0x50
-[ 7679.490047] </TASK>
-[ 7679.495204] ---[ end trace 0000000000000000 ]---
-[ 7679.503179] igc 0000:01:00.0 enp1s0: Register Dump
-[ 7679.511230] igc 0000:01:00.0 enp1s0: Register Name Value
-[ 7679.519892] igc 0000:01:00.0 enp1s0: CTRL 181c0641
-[ 7679.528782] igc 0000:01:00.0 enp1s0: STATUS 40280683
-[ 7679.537551] igc 0000:01:00.0 enp1s0: CTRL_EXT 10000040
-[ 7679.546284] igc 0000:01:00.0 enp1s0: MDIC 180a3800
-[ 7679.554942] igc 0000:01:00.0 enp1s0: ICR 00000081
-[ 7679.563503] igc 0000:01:00.0 enp1s0: RCTL 04408022
-[ 7679.571963] igc 0000:01:00.0 enp1s0: RDLEN[0-3] 00001000 00001000 00001000 00001000
-[ 7679.583075] igc 0000:01:00.0 enp1s0: RDH[0-3] 00000068 000000b6 0000000f 00000031
-[ 7679.594162] igc 0000:01:00.0 enp1s0: RDT[0-3] 00000066 000000b2 0000000e 00000030
-[ 7679.605174] igc 0000:01:00.0 enp1s0: RXDCTL[0-3] 02040808 02040808 02040808 02040808
-[ 7679.616196] igc 0000:01:00.0 enp1s0: RDBAL[0-3] 1bb7c000 1bb7f000 1bb82000 0ef33000
-[ 7679.627242] igc 0000:01:00.0 enp1s0: RDBAH[0-3] 00000001 00000001 00000001 00000001
-[ 7679.638256] igc 0000:01:00.0 enp1s0: TCTL a503f0fa
-[ 7679.646607] igc 0000:01:00.0 enp1s0: TDBAL[0-3] 2ba4a000 1bb6f000 1bb74000 1bb79000
-[ 7679.657609] igc 0000:01:00.0 enp1s0: TDBAH[0-3] 00000001 00000001 00000001 00000001
-[ 7679.668551] igc 0000:01:00.0 enp1s0: TDLEN[0-3] 00001000 00001000 00001000 00001000
-[ 7679.679470] igc 0000:01:00.0 enp1s0: TDH[0-3] 000000a7 0000002d 000000bf 000000d9
-[ 7679.690406] igc 0000:01:00.0 enp1s0: TDT[0-3] 000000a7 0000002d 000000bf 000000d9
-[ 7679.701264] igc 0000:01:00.0 enp1s0: TXDCTL[0-3] 02100108 02100108 02100108 02100108
-[ 7679.712123] igc 0000:01:00.0 enp1s0: Reset adapter
-[ 7683.085967] igc 0000:01:00.0 enp1s0: NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
-[ 8086.945561] ------------[ cut here ]------------
-Entering kdb (current=0xffffffff8220b200, pid 0) on processor 0
-Oops: (null) due to oops @ 0xffffffff81573888
-RIP: 0010:dql_completed+0x148/0x160
-Code: c9 00 48 89 57 58 e9 46 ff ff ff 45 85 e4 41 0f 95 c4 41 39 db 0f 95
-c1 41 84 cc 74 05 45 85 ed 78 0a 44 89 c1 e9 27 ff ff ff <0f> 0b 01 f6 44 89
-c1 29 f1 0f 48 ca eb 8c cc cc cc cc cc cc cc cc
-RSP: 0018:ffa0000000003e00 EFLAGS: 00010287
-RAX: 000000000000006c RBX: ffa0000003eb0f78 RCX: ff11000109938000
-RDX: 0000000000000003 RSI: 0000000000000160 RDI: ff110001002e9480
-RBP: ffa0000000003ed8 R08: ff110001002e93c0 R09: ffa0000000003d28
-R10: 0000000000007cc0 R11: 0000000000007c54 R12: 00000000ffffffd9
-R13: ff1100037039cb00 R14: 00000000ffffffd9 R15: ff1100037039c048
-FS: 0000000000000000(0000) GS:ff11000361e00000(0000) knlGS:0000000000000000
-CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
-CR2: 00007ffff7fca168 CR3: 000000013b08a003 CR4: 0000000000471ef8
-DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
-DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400
-PKRU: 55555554
-Call Trace:
- <IRQ>
- ? igc_poll+0x1a9/0x14d0 [igc]
- __napi_poll+0x2e/0x1b0
- net_rx_action+0x126/0x250
- __do_softirq+0xd1/0x295
- irq_exit_rcu+0xc5/0xf0
- common_interrupt+0x86/0xa0
- </IRQ>
- <TASK>
- asm_common_interrupt+0x27/0x40
-RIP: 0010:cpuidle_enter_state+0xd3/0x3e0
-Code: 73 f1 ff ff 49 89 c6 8b 05 e2 ca a7 00 85 c0 0f 8f b3 02 00 00 31 ff e8 1b
-de 75 ff 80 7d d7 00 0f 85 cd 01 00 00 fb 45 85 ff <0f> 88 fd 00 00 00 49 63 cf
-4c 2b 75 c8 48 8d 04 49 48 89 ca 48 8d
-RSP: 0018:ffffffff82203df0 EFLAGS: 00000202
-RAX: ff11000361e2a200 RBX: 0000000000000002 RCX: 000000000000001f
-RDX: 0000000000000000 RSI: 000000003cf3cf3d RDI: 0000000000000000
-RBP: ffffffff82203e28 R08: 0000075ae38471c8 R09: 0000000000000018
-R10: 000000000000031a R11: ffffffff8238dca0 R12: ffd1ffffff200000
-R13: ffffffff8238dca0 R14: 0000075ae38471c8 R15: 0000000000000002
- cpuidle_enter+0x2e/0x50
- call_cpuidle+0x23/0x40
- do_idle+0x1be/0x220
- cpu_startup_entry+0x20/0x30
- rest_init+0xb5/0xc0
- arch_call_rest_init+0xe/0x30
- start_kernel+0x448/0x760
- x86_64_start_kernel+0x109/0x150
- secondary_startup_64_no_verify+0xe0/0xeb
- </TASK>
-more>
-[0]kdb>
-
-[0]kdb>
-[0]kdb> go
-Catastrophic error detected
-kdb_continue_catastrophic=0, type go a second time if you really want to
-continue
-[0]kdb> go
-Catastrophic error detected
-kdb_continue_catastrophic=0, attempting to continue
-[ 8086.955689] refcount_t: underflow; use-after-free.
-[ 8086.955697] WARNING: CPU: 0 PID: 0 at lib/refcount.c:28 refcount_warn_saturate+0xc2/0x110
-[ 8086.955706] Modules linked in: xt_conntrack nft_chain_nat xt_MASQUERADE xt_addrtype nft_compat
-nf_tables nfnetlink br_netfilter bridge stp llc overlay dm_mod emrcha(PO) emriio(PO) rktpm(PO)
-cegbuf_mod(PO) patch_update(PO) se(PO) sgx_tgts(PO) mktme(PO) keylocker(PO) svtdx(PO)
-svfs_pci_hotplug(PO) vtd_mod(PO) davemem(PO) svmabort(PO) svindexio(PO) usbx2(PO) ehci_sched(PO)
-svheartbeat(PO) ioapic(PO) sv8259(PO) svintr(PO) lt(PO) pcierootport(PO) enginefw_mod(PO) ata(PO)
-smbus(PO) spiflash_cdf(PO) arden(PO) dsa_iax(PO) oobmsm_punit(PO) cpm(PO) svkdb(PO) ebg_pch(PO)
-pch(PO) sviotargets(PO) svbdf(PO) svmem(PO) svbios(PO) dram(PO) svtsc(PO) targets(PO) superio(PO)
-svkernel(PO) cswitch(PO) mcf(PO) pentiumIII_mod(PO) fs_svfs(PO) mdevdefdb(PO) svfs_os_services(O)
-ixgbe mdio mdio_devres libphy emeraldrapids_svdefs(PO) regsupport(O) libnvdimm nls_cp437
-snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio snd_hda_intel snd_intel_dspcfg
-snd_hda_codec snd_hwdep x86_pkg_temp_thermal snd_hda_core snd_pcm snd_timer isst_if_mbox_pci
-[ 8086.955751] input_leds isst_if_mmio sg snd isst_if_common soundcore wmi button sad9(O) drm
-fuse backlight configfs efivarfs ip_tables x_tables vmd sdhci led_class rtl8150 r8152 hid_generic
-pegasus mmc_block usbhid mmc_core hid megaraid_sas ixgb igb i2c_algo_bit ice i40e hpsa
-scsi_transport_sas e1000e e1000 e100 ax88179_178a usbnet xhci_pci sd_mod xhci_hcd t10_pi
-crc32c_intel crc64_rocksoft igc crc64 crc_t10dif usbcore crct10dif_generic ptp crct10dif_common
-usb_common pps_core
-[ 8086.955784] RIP: 0010:refcount_warn_saturate+0xc2/0x110
-[ 8086.955788] Code: 01 e8 82 e7 b4 ff 0f 0b 5d c3 cc cc cc cc 80 3d 68 c6 eb 00 00 75 81
-48 c7 c7 a0 87 f6 81 c6 05 58 c6 eb 00 01 e8 5e e7 b4 ff <0f> 0b 5d c3 cc cc cc cc 80 3d
-42 c6 eb 00 00 0f 85 59 ff ff ff 48
-[ 8086.955790] RSP: 0018:ffa0000000003da0 EFLAGS: 00010286
-[ 8086.955793] RAX: 0000000000000000 RBX: ff1100011da40ee0 RCX: ff11000361e1b888
-[ 8086.955794] RDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ff11000361e1b880
-[ 8086.955795] RBP: ffa0000000003da0 R08: 80000000ffff9f45 R09: ffa0000000003d28
-[ 8086.955796] R10: ff1100035f840000 R11: 0000000000000028 R12: ff11000319ff8000
-[ 8086.955797] R13: ff1100011bb79d60 R14: 00000000ffffffd6 R15: ff1100037039cb00
-[ 8086.955798] FS: 0000000000000000(0000) GS:ff11000361e00000(0000) knlGS:0000000000000000
-[ 8086.955800] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
-[ 8086.955801] CR2: 00007ffff7fca168 CR3: 000000013b08a003 CR4: 0000000000471ef8
-[ 8086.955803] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
-[ 8086.955803] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400
-[ 8086.955804] PKRU: 55555554
-[ 8086.955805] Call Trace:
-[ 8086.955806] <IRQ>
-[ 8086.955808] tcp_wfree+0x112/0x130
-[ 8086.955814] skb_release_head_state+0x24/0xa0
-[ 8086.955818] napi_consume_skb+0x9c/0x160
-[ 8086.955821] igc_poll+0x5d8/0x14d0 [igc]
-[ 8086.955835] __napi_poll+0x2e/0x1b0
-[ 8086.955839] net_rx_action+0x126/0x250
-[ 8086.955843] __do_softirq+0xd1/0x295
-[ 8086.955846] irq_exit_rcu+0xc5/0xf0
-[ 8086.955851] common_interrupt+0x86/0xa0
-[ 8086.955857] </IRQ>
-[ 8086.955857] <TASK>
-[ 8086.955858] asm_common_interrupt+0x27/0x40
-[ 8086.955862] RIP: 0010:cpuidle_enter_state+0xd3/0x3e0
-[ 8086.955866] Code: 73 f1 ff ff 49 89 c6 8b 05 e2 ca a7 00 85 c0 0f 8f b3 02 00 00 31 ff e8
-1b de 75 ff 80 7d d7 00 0f 85 cd 01 00 00 fb 45 85 ff <0f> 88 fd 00 00 00 49 63 cf 4c 2b 75
-c8 48 8d 04 49 48 89 ca 48 8d
-[ 8086.955867] RSP: 0018:ffffffff82203df0 EFLAGS: 00000202
-[ 8086.955869] RAX: ff11000361e2a200 RBX: 0000000000000002 RCX: 000000000000001f
-[ 8086.955870] RDX: 0000000000000000 RSI: 000000003cf3cf3d RDI: 0000000000000000
-[ 8086.955871] RBP: ffffffff82203e28 R08: 0000075ae38471c8 R09: 0000000000000018
-[ 8086.955872] R10: 000000000000031a R11: ffffffff8238dca0 R12: ffd1ffffff200000
-[ 8086.955873] R13: ffffffff8238dca0 R14: 0000075ae38471c8 R15: 0000000000000002
-[ 8086.955875] cpuidle_enter+0x2e/0x50
-[ 8086.955880] call_cpuidle+0x23/0x40
-[ 8086.955884] do_idle+0x1be/0x220
-[ 8086.955887] cpu_startup_entry+0x20/0x30
-[ 8086.955889] rest_init+0xb5/0xc0
-[ 8086.955892] arch_call_rest_init+0xe/0x30
-[ 8086.955895] start_kernel+0x448/0x760
-[ 8086.955898] x86_64_start_kernel+0x109/0x150
-[ 8086.955900] secondary_startup_64_no_verify+0xe0/0xeb
-[ 8086.955904] </TASK>
-[ 8086.955904] ---[ end trace 0000000000000000 ]---
-[ 8086.955912] ------------[ cut here ]------------
-[ 8086.955913] kernel BUG at lib/dynamic_queue_limits.c:27!
-[ 8086.955918] invalid opcode: 0000 [#1] SMP
-[ 8086.955922] RIP: 0010:dql_completed+0x148/0x160
-[ 8086.955925] Code: c9 00 48 89 57 58 e9 46 ff ff ff 45 85 e4 41 0f 95 c4 41 39 db
-0f 95 c1 41 84 cc 74 05 45 85 ed 78 0a 44 89 c1 e9 27 ff ff ff <0f> 0b 01 f6 44 89
-c1 29 f1 0f 48 ca eb 8c cc cc cc cc cc cc cc cc
-[ 8086.955927] RSP: 0018:ffa0000000003e00 EFLAGS: 00010287
-[ 8086.955928] RAX: 000000000000006c RBX: ffa0000003eb0f78 RCX: ff11000109938000
-[ 8086.955929] RDX: 0000000000000003 RSI: 0000000000000160 RDI: ff110001002e9480
-[ 8086.955930] RBP: ffa0000000003ed8 R08: ff110001002e93c0 R09: ffa0000000003d28
-[ 8086.955931] R10: 0000000000007cc0 R11: 0000000000007c54 R12: 00000000ffffffd9
-[ 8086.955932] R13: ff1100037039cb00 R14: 00000000ffffffd9 R15: ff1100037039c048
-[ 8086.955933] FS: 0000000000000000(0000) GS:ff11000361e00000(0000) knlGS:0000000000000000
-[ 8086.955934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
-[ 8086.955935] CR2: 00007ffff7fca168 CR3: 000000013b08a003 CR4: 0000000000471ef8
-[ 8086.955936] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
-[ 8086.955937] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400
-[ 8086.955938] PKRU: 55555554
-[ 8086.955939] Call Trace:
-[ 8086.955939] <IRQ>
-[ 8086.955940] ? igc_poll+0x1a9/0x14d0 [igc]
-[ 8086.955949] __napi_poll+0x2e/0x1b0
-[ 8086.955952] net_rx_action+0x126/0x250
-[ 8086.955956] __do_softirq+0xd1/0x295
-[ 8086.955958] irq_exit_rcu+0xc5/0xf0
-[ 8086.955961] common_interrupt+0x86/0xa0
-[ 8086.955964] </IRQ>
-[ 8086.955965] <TASK>
-[ 8086.955965] asm_common_interrupt+0x27/0x40
-[ 8086.955968] RIP: 0010:cpuidle_enter_state+0xd3/0x3e0
-[ 8086.955971] Code: 73 f1 ff ff 49 89 c6 8b 05 e2 ca a7 00 85 c0 0f 8f b3 02 00 00
-31 ff e8 1b de 75 ff 80 7d d7 00 0f 85 cd 01 00 00 fb 45 85 ff <0f> 88 fd 00 00 00
-49 63 cf 4c 2b 75 c8 48 8d 04 49 48 89 ca 48 8d
-[ 8086.955972] RSP: 0018:ffffffff82203df0 EFLAGS: 00000202
-[ 8086.955973] RAX: ff11000361e2a200 RBX: 0000000000000002 RCX: 000000000000001f
-[ 8086.955974] RDX: 0000000000000000 RSI: 000000003cf3cf3d RDI: 0000000000000000
-[ 8086.955974] RBP: ffffffff82203e28 R08: 0000075ae38471c8 R09: 0000000000000018
-[ 8086.955975] R10: 000000000000031a R11: ffffffff8238dca0 R12: ffd1ffffff200000
-[ 8086.955976] R13: ffffffff8238dca0 R14: 0000075ae38471c8 R15: 0000000000000002
-[ 8086.955978] cpuidle_enter+0x2e/0x50
-[ 8086.955981] call_cpuidle+0x23/0x40
-[ 8086.955984] do_idle+0x1be/0x220
-[ 8086.955985] cpu_startup_entry+0x20/0x30
-[ 8086.955987] rest_init+0xb5/0xc0
-[ 8086.955990] arch_call_rest_init+0xe/0x30
-[ 8086.955992] start_kernel+0x448/0x760
-[ 8086.955994] x86_64_start_kernel+0x109/0x150
-[ 8086.955996] secondary_startup_64_no_verify+0xe0/0xeb
-[ 8086.955998] </TASK>
-[ 8086.955999] Modules linked in: xt_conntrack nft_chain_nat xt_MASQUERADE xt_addrtype
-nft_compat nf_tables nfnetlink br_netfilter bridge stp llc overlay dm_mod emrcha(PO) emriio(PO)
-rktpm(PO) cegbuf_mod(PO) patch_update(PO) se(PO) sgx_tgts(PO) mktme(PO) keylocker(PO) svtdx(PO)
-svfs_pci_hotplug(PO) vtd_mod(PO) davemem(PO) svmabort(PO) svindexio(PO) usbx2(PO) ehci_sched(PO)
-svheartbeat(PO) ioapic(PO) sv8259(PO) svintr(PO) lt(PO) pcierootport(PO) enginefw_mod(PO) ata(PO)
-smbus(PO) spiflash_cdf(PO) arden(PO) dsa_iax(PO) oobmsm_punit(PO) cpm(PO) svkdb(PO) ebg_pch(PO)
-pch(PO) sviotargets(PO) svbdf(PO) svmem(PO) svbios(PO) dram(PO) svtsc(PO) targets(PO) superio(PO)
-svkernel(PO) cswitch(PO) mcf(PO) pentiumIII_mod(PO) fs_svfs(PO) mdevdefdb(PO) svfs_os_services(O)
-ixgbe mdio mdio_devres libphy emeraldrapids_svdefs(PO) regsupport(O) libnvdimm nls_cp437
-snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio snd_hda_intel snd_intel_dspcfg
-snd_hda_codec snd_hwdep x86_pkg_temp_thermal snd_hda_core snd_pcm snd_timer isst_if_mbox_pci
-[ 8086.956029] input_leds isst_if_mmio sg snd isst_if_common soundcore wmi button sad9(O) drm
-fuse backlight configfs efivarfs ip_tables x_tables vmd sdhci led_class rtl8150 r8152 hid_generic
-pegasus mmc_block usbhid mmc_core hid megaraid_sas ixgb igb i2c_algo_bit ice i40e hpsa
-scsi_transport_sas e1000e e1000 e100 ax88179_178a usbnet xhci_pci sd_mod xhci_hcd t10_pi
-crc32c_intel crc64_rocksoft igc crc64 crc_t10dif usbcore crct10dif_generic ptp crct10dif_common
-usb_common pps_core
-[16762.543675] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.593 msecs
-[16762.543678] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.595 msecs
-[16762.543673] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.495 msecs
-[16762.543679] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.599 msecs
-[16762.543678] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.598 msecs
-[16762.543690] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.605 msecs
-[16762.543684] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.599 msecs
-[16762.543693] INFO: NMI handler (kgdb_nmi_handler) took too long to run: 8675587.613 msecs
-[16762.543784] ---[ end trace 0000000000000000 ]---
-[16762.849099] RIP: 0010:dql_completed+0x148/0x160
-PANIC: Fatal exception in interrupt
-
-Fixes: 9b275176270e ("igc: Add ndo_tx_timeout support")
-Tested-by: Alejandra Victoria Alcaraz <alejandra.victoria.alcaraz@intel.com>
-Signed-off-by: Muhammad Husaini Zulkifli <muhammad.husaini.zulkifli@intel.com>
-Acked-by: Sasha Neftin <sasha.neftin@intel.com>
-Tested-by: Naama Meir <naamax.meir@linux.intel.com>
-Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
-Reviewed-by: Simon Horman <simon.horman@corigine.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
-(cherry-picked from commit d4a7ce642100765119a872d4aba1bf63e3a22c8a)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- drivers/net/ethernet/intel/igc/igc_main.c | 40 ++++++++++++++++-------
- 1 file changed, 28 insertions(+), 12 deletions(-)
-
-diff --git a/drivers/net/ethernet/intel/igc/igc_main.c b/drivers/net/ethernet/intel/igc/igc_main.c
-index 8b554311518c..a3f89e1dca72 100644
---- a/drivers/net/ethernet/intel/igc/igc_main.c
-+++ b/drivers/net/ethernet/intel/igc/igc_main.c
-@@ -310,6 +310,33 @@ static void igc_clean_all_tx_rings(struct igc_adapter *adapter)
- igc_clean_tx_ring(adapter->tx_ring[i]);
- }
-
-+static void igc_disable_tx_ring_hw(struct igc_ring *ring)
-+{
-+ struct igc_hw *hw = &ring->q_vector->adapter->hw;
-+ u8 idx = ring->reg_idx;
-+ u32 txdctl;
-+
-+ txdctl = rd32(IGC_TXDCTL(idx));
-+ txdctl &= ~IGC_TXDCTL_QUEUE_ENABLE;
-+ txdctl |= IGC_TXDCTL_SWFLUSH;
-+ wr32(IGC_TXDCTL(idx), txdctl);
-+}
-+
-+/**
-+ * igc_disable_all_tx_rings_hw - Disable all transmit queue operation
-+ * @adapter: board private structure
-+ */
-+static void igc_disable_all_tx_rings_hw(struct igc_adapter *adapter)
-+{
-+ int i;
-+
-+ for (i = 0; i < adapter->num_tx_queues; i++) {
-+ struct igc_ring *tx_ring = adapter->tx_ring[i];
-+
-+ igc_disable_tx_ring_hw(tx_ring);
-+ }
-+}
-+
- /**
- * igc_setup_tx_resources - allocate Tx resources (Descriptors)
- * @tx_ring: tx descriptor ring (for a specific queue) to setup
-@@ -4993,6 +5020,7 @@ void igc_down(struct igc_adapter *adapter)
- /* clear VLAN promisc flag so VFTA will be updated if necessary */
- adapter->flags &= ~IGC_FLAG_VLAN_PROMISC;
-
-+ igc_disable_all_tx_rings_hw(adapter);
- igc_clean_all_tx_rings(adapter);
- igc_clean_all_rx_rings(adapter);
- }
-@@ -7094,18 +7122,6 @@ void igc_enable_rx_ring(struct igc_ring *ring)
- igc_alloc_rx_buffers(ring, igc_desc_unused(ring));
- }
-
--static void igc_disable_tx_ring_hw(struct igc_ring *ring)
--{
-- struct igc_hw *hw = &ring->q_vector->adapter->hw;
-- u8 idx = ring->reg_idx;
-- u32 txdctl;
--
-- txdctl = rd32(IGC_TXDCTL(idx));
-- txdctl &= ~IGC_TXDCTL_QUEUE_ENABLE;
-- txdctl |= IGC_TXDCTL_SWFLUSH;
-- wr32(IGC_TXDCTL(idx), txdctl);
--}
--
- void igc_disable_tx_ring(struct igc_ring *ring)
- {
- igc_disable_tx_ring_hw(ring);
--- /dev/null
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Linus Torvalds <torvalds@linux-foundation.org>
+Date: Tue, 25 Jul 2023 09:38:32 -0700
+Subject: [PATCH] mm: suppress mm fault logging if fatal signal already pending
+
+Commit eda0047296a1 ("mm: make the page fault mmap locking killable")
+intentionally made it much easier to trigger the "page fault fails
+because a fatal signal is pending" situation, by having the mmap locking
+fail early in that case.
+
+We have long aborted page faults in other fatal cases when the actual IO
+for a page is interrupted by SIGKILL - which is particularly useful for
+the traditional case of NFS hanging due to network issues, but local
+filesystems could cause it too if you happened to get the SIGKILL while
+waiting for a page to be faulted in (eg lock_folio_maybe_drop_mmap()).
+
+So aborting the page fault wasn't a new condition - but it now triggers
+earlier, before we even get to 'handle_mm_fault()'. And as a result the
+error doesn't go through our 'fault_signal_pending()' logic, and doesn't
+get filtered away there.
+
+Normally you'd never even notice, because if a fatal signal is pending,
+the new SIGSEGV we send ends up being ignored anyway.
+
+But it turns out that there is one very noticeable exception: if you
+enable 'show_unhandled_signals', the aborted page fault will be logged
+in the kernel messages, and you'll get a scary line looking something
+like this in your logs:
+
+ pverados[2183248]: segfault at 55e5a00f9ae0 ip 000055e5a00f9ae0 sp 00007ffc0720bea8 error 14 in perl[55e5a00d4000+195000] likely on CPU 10 (core 4, socket 0)
+
+which is rather misleading. It's not really a segfault at all, it's
+just "the thread was killed before the page fault completed, so we
+aborted the page fault".
+
+Fix this by just making it clear that a pending fatal signal means that
+any new signal coming in after that is implicitly handled. This will
+avoid the misleading logging, since now the signal isn't 'unhandled' any
+more.
+
+Reported-and-tested-by: Fiona Ebner <f.ebner@proxmox.com>
+Tested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
+Link: https://lore.kernel.org/lkml/8d063a26-43f5-0bb7-3203-c6a04dc159f8@proxmox.com/
+Acked-by: Oleg Nesterov <oleg@redhat.com>
+Fixes: eda0047296a1 ("mm: make the page fault mmap locking killable")
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+(cherry-picked from commit 5f0bc0b042fc77ff70e14c790abdec960cde4ec1)
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+---
+ kernel/signal.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/kernel/signal.c b/kernel/signal.c
+index ae26da61c4d9..060f834e9c1a 100644
+--- a/kernel/signal.c
++++ b/kernel/signal.c
+@@ -561,6 +561,10 @@ bool unhandled_signal(struct task_struct *tsk, int sig)
+ if (handler != SIG_IGN && handler != SIG_DFL)
+ return false;
+
++ /* If dying, we handle all new signals by ignoring them */
++ if (fatal_signal_pending(tsk))
++ return false;
++
+ /* if ptraced, let the tracer determine */
+ return !tsk->ptrace;
+ }
--- /dev/null
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Sean Christopherson <seanjc@google.com>
+Date: Wed, 23 Aug 2023 18:01:04 -0700
+Subject: [PATCH] KVM: x86/mmu: Fix an sign-extension bug with mmu_seq that
+ hangs vCPUs
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Upstream commit ba6e3fe25543 ("KVM: x86/mmu: Grab mmu_invalidate_seq in
+kvm_faultin_pfn()") unknowingly fixed the bug in v6.3 when refactoring
+how KVM tracks the sequence counter snapshot.
+
+Take the vCPU's mmu_seq snapshot as an "unsigned long" instead of an "int"
+when checking to see if a page fault is stale, as the sequence count is
+stored as an "unsigned long" everywhere else in KVM. This fixes a bug
+where KVM will effectively hang vCPUs due to always thinking page faults
+are stale, which results in KVM refusing to "fix" faults.
+
+mmu_invalidate_seq (née mmu_notifier_seq) is a sequence counter used when
+KVM is handling page faults to detect if userspace mappings relevant to
+the guest were invalidated between snapshotting the counter and acquiring
+mmu_lock, i.e. to ensure that the userspace mapping KVM is using to
+resolve the page fault is fresh. If KVM sees that the counter has
+changed, KVM simply resumes the guest without fixing the fault.
+
+What _should_ happen is that the source of the mmu_notifier invalidations
+eventually goes away, mmu_invalidate_seq becomes stable, and KVM can once
+again fix guest page fault(s).
+
+But for a long-lived VM and/or a VM that the host just doesn't particularly
+like, it's possible for a VM to be on the receiving end of 2 billion (with
+a B) mmu_notifier invalidations. When that happens, bit 31 will be set in
+mmu_invalidate_seq. This causes the value to be turned into a 32-bit
+negative value when implicitly cast to an "int" by is_page_fault_stale(),
+and then sign-extended into a 64-bit unsigned when the signed "int" is
+implicitly cast back to an "unsigned long" on the call to
+mmu_invalidate_retry_hva().
+
+As a result of the casting and sign-extension, given a sequence counter of
+e.g. 0x8002dc25, mmu_invalidate_retry_hva() ends up doing
+
+ if (0x8002dc25 != 0xffffffff8002dc25)
+
+and signals that the page fault is stale and needs to be retried even
+though the sequence counter is stable, and KVM effectively hangs any vCPU
+that takes a page fault (EPT violation or #NPF when TDP is enabled).
+
+Reported-by: Brian Rak <brak@vultr.com>
+Reported-by: Amaan Cheval <amaan.cheval@gmail.com>
+Reported-by: Eric Wheeler <kvm@lists.ewheeler.net>
+Closes: https://lore.kernel.org/all/f023d927-52aa-7e08-2ee5-59a2fbc65953@gameservers.com
+Fixes: a955cad84cda ("KVM: x86/mmu: Retry page fault if root is invalidated by memslot update")
+Signed-off-by: Sean Christopherson <seanjc@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+(cherry-picked from commit 82d811ff566594de3676f35808e8a9e19c5c864c in stable v6.1.51)
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+---
+ arch/x86/kvm/mmu/mmu.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
+index 3220c1285984..c42ba5cde7a4 100644
+--- a/arch/x86/kvm/mmu/mmu.c
++++ b/arch/x86/kvm/mmu/mmu.c
+@@ -4261,7 +4261,8 @@ static int kvm_faultin_pfn(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault)
+ * root was invalidated by a memslot update or a relevant mmu_notifier fired.
+ */
+ static bool is_page_fault_stale(struct kvm_vcpu *vcpu,
+- struct kvm_page_fault *fault, int mmu_seq)
++ struct kvm_page_fault *fault,
++ unsigned long mmu_seq)
+ {
+ struct kvm_mmu_page *sp = to_shadow_page(vcpu->arch.mmu->root.hpa);
+
+++ /dev/null
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Linus Torvalds <torvalds@linux-foundation.org>
-Date: Tue, 25 Jul 2023 09:38:32 -0700
-Subject: [PATCH] mm: suppress mm fault logging if fatal signal already pending
-
-Commit eda0047296a1 ("mm: make the page fault mmap locking killable")
-intentionally made it much easier to trigger the "page fault fails
-because a fatal signal is pending" situation, by having the mmap locking
-fail early in that case.
-
-We have long aborted page faults in other fatal cases when the actual IO
-for a page is interrupted by SIGKILL - which is particularly useful for
-the traditional case of NFS hanging due to network issues, but local
-filesystems could cause it too if you happened to get the SIGKILL while
-waiting for a page to be faulted in (eg lock_folio_maybe_drop_mmap()).
-
-So aborting the page fault wasn't a new condition - but it now triggers
-earlier, before we even get to 'handle_mm_fault()'. And as a result the
-error doesn't go through our 'fault_signal_pending()' logic, and doesn't
-get filtered away there.
-
-Normally you'd never even notice, because if a fatal signal is pending,
-the new SIGSEGV we send ends up being ignored anyway.
-
-But it turns out that there is one very noticeable exception: if you
-enable 'show_unhandled_signals', the aborted page fault will be logged
-in the kernel messages, and you'll get a scary line looking something
-like this in your logs:
-
- pverados[2183248]: segfault at 55e5a00f9ae0 ip 000055e5a00f9ae0 sp 00007ffc0720bea8 error 14 in perl[55e5a00d4000+195000] likely on CPU 10 (core 4, socket 0)
-
-which is rather misleading. It's not really a segfault at all, it's
-just "the thread was killed before the page fault completed, so we
-aborted the page fault".
-
-Fix this by just making it clear that a pending fatal signal means that
-any new signal coming in after that is implicitly handled. This will
-avoid the misleading logging, since now the signal isn't 'unhandled' any
-more.
-
-Reported-and-tested-by: Fiona Ebner <f.ebner@proxmox.com>
-Tested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
-Link: https://lore.kernel.org/lkml/8d063a26-43f5-0bb7-3203-c6a04dc159f8@proxmox.com/
-Acked-by: Oleg Nesterov <oleg@redhat.com>
-Fixes: eda0047296a1 ("mm: make the page fault mmap locking killable")
-Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-(cherry-picked from commit 5f0bc0b042fc77ff70e14c790abdec960cde4ec1)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- kernel/signal.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/kernel/signal.c b/kernel/signal.c
-index ae26da61c4d9..060f834e9c1a 100644
---- a/kernel/signal.c
-+++ b/kernel/signal.c
-@@ -561,6 +561,10 @@ bool unhandled_signal(struct task_struct *tsk, int sig)
- if (handler != SIG_IGN && handler != SIG_DFL)
- return false;
-
-+ /* If dying, we handle all new signals by ignoring them */
-+ if (fatal_signal_pending(tsk))
-+ return false;
-+
- /* if ptraced, let the tracer determine */
- return !tsk->ptrace;
- }
+++ /dev/null
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Sean Christopherson <seanjc@google.com>
-Date: Wed, 23 Aug 2023 18:01:04 -0700
-Subject: [PATCH] KVM: x86/mmu: Fix an sign-extension bug with mmu_seq that
- hangs vCPUs
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Upstream commit ba6e3fe25543 ("KVM: x86/mmu: Grab mmu_invalidate_seq in
-kvm_faultin_pfn()") unknowingly fixed the bug in v6.3 when refactoring
-how KVM tracks the sequence counter snapshot.
-
-Take the vCPU's mmu_seq snapshot as an "unsigned long" instead of an "int"
-when checking to see if a page fault is stale, as the sequence count is
-stored as an "unsigned long" everywhere else in KVM. This fixes a bug
-where KVM will effectively hang vCPUs due to always thinking page faults
-are stale, which results in KVM refusing to "fix" faults.
-
-mmu_invalidate_seq (née mmu_notifier_seq) is a sequence counter used when
-KVM is handling page faults to detect if userspace mappings relevant to
-the guest were invalidated between snapshotting the counter and acquiring
-mmu_lock, i.e. to ensure that the userspace mapping KVM is using to
-resolve the page fault is fresh. If KVM sees that the counter has
-changed, KVM simply resumes the guest without fixing the fault.
-
-What _should_ happen is that the source of the mmu_notifier invalidations
-eventually goes away, mmu_invalidate_seq becomes stable, and KVM can once
-again fix guest page fault(s).
-
-But for a long-lived VM and/or a VM that the host just doesn't particularly
-like, it's possible for a VM to be on the receiving end of 2 billion (with
-a B) mmu_notifier invalidations. When that happens, bit 31 will be set in
-mmu_invalidate_seq. This causes the value to be turned into a 32-bit
-negative value when implicitly cast to an "int" by is_page_fault_stale(),
-and then sign-extended into a 64-bit unsigned when the signed "int" is
-implicitly cast back to an "unsigned long" on the call to
-mmu_invalidate_retry_hva().
-
-As a result of the casting and sign-extension, given a sequence counter of
-e.g. 0x8002dc25, mmu_invalidate_retry_hva() ends up doing
-
- if (0x8002dc25 != 0xffffffff8002dc25)
-
-and signals that the page fault is stale and needs to be retried even
-though the sequence counter is stable, and KVM effectively hangs any vCPU
-that takes a page fault (EPT violation or #NPF when TDP is enabled).
-
-Reported-by: Brian Rak <brak@vultr.com>
-Reported-by: Amaan Cheval <amaan.cheval@gmail.com>
-Reported-by: Eric Wheeler <kvm@lists.ewheeler.net>
-Closes: https://lore.kernel.org/all/f023d927-52aa-7e08-2ee5-59a2fbc65953@gameservers.com
-Fixes: a955cad84cda ("KVM: x86/mmu: Retry page fault if root is invalidated by memslot update")
-Signed-off-by: Sean Christopherson <seanjc@google.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-(cherry-picked from commit 82d811ff566594de3676f35808e8a9e19c5c864c in stable v6.1.51)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- arch/x86/kvm/mmu/mmu.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
-index 3220c1285984..c42ba5cde7a4 100644
---- a/arch/x86/kvm/mmu/mmu.c
-+++ b/arch/x86/kvm/mmu/mmu.c
-@@ -4261,7 +4261,8 @@ static int kvm_faultin_pfn(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault)
- * root was invalidated by a memslot update or a relevant mmu_notifier fired.
- */
- static bool is_page_fault_stale(struct kvm_vcpu *vcpu,
-- struct kvm_page_fault *fault, int mmu_seq)
-+ struct kvm_page_fault *fault,
-+ unsigned long mmu_seq)
- {
- struct kvm_mmu_page *sp = to_shadow_page(vcpu->arch.mmu->root.hpa);
-
--- /dev/null
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: kiler129 <grzegorz@noflash.pl>
+Date: Mon, 18 Sep 2023 15:19:26 +0200
+Subject: [PATCH] allow opt-in to allow pass-through on broken hardware..
+
+adapted from https://github.com/kiler129/relax-intel-rmrr , licensed under MIT or GPL 2.0+
+---
+ drivers/iommu/intel/iommu.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
+index 1c5ba4dbfe78..887667218e3b 100644
+--- a/drivers/iommu/intel/iommu.c
++++ b/drivers/iommu/intel/iommu.c
+@@ -297,6 +297,7 @@ static int dmar_map_gfx = 1;
+ static int dmar_map_ipu = 1;
+ static int intel_iommu_superpage = 1;
+ static int iommu_identity_mapping;
++static int intel_relaxable_rmrr = 0;
+ static int iommu_skip_te_disable;
+
+ #define IDENTMAP_GFX 2
+@@ -358,6 +359,9 @@ static int __init intel_iommu_setup(char *str)
+ } else if (!strncmp(str, "tboot_noforce", 13)) {
+ pr_info("Intel-IOMMU: not forcing on after tboot. This could expose security risk for tboot\n");
+ intel_iommu_tboot_noforce = 1;
++ } else if (!strncmp(str, "relax_rmrr", 10)) {
++ pr_info("Intel-IOMMU: assuming all RMRRs are relaxable. This can lead to instability or data loss\n");
++ intel_relaxable_rmrr = 1;
+ } else {
+ pr_notice("Unknown option - '%s'\n", str);
+ }
+@@ -2538,7 +2542,7 @@ static bool device_rmrr_is_relaxable(struct device *dev)
+ return false;
+
+ pdev = to_pci_dev(dev);
+- if (IS_USB_DEVICE(pdev) || IS_GFX_DEVICE(pdev))
++ if (intel_relaxable_rmrr || IS_USB_DEVICE(pdev) || IS_GFX_DEVICE(pdev))
+ return true;
+ else
+ return false;
+++ /dev/null
-From: kiler129 <grzegorz@noflash.pl>
-
-allow opt-in to allow pass-through on broken hardware..
-
-adapted from https://github.com/kiler129/relax-intel-rmrr , licensed under MIT or GPL 2.0+
-
---- a/drivers/iommu/intel/iommu.c
-+++ b/drivers/iommu/intel/iommu.c
-@@ -297,6 +297,7 @@
- static int dmar_map_ipu = 1;
- static int intel_iommu_superpage = 1;
- static int iommu_identity_mapping;
-+static int intel_relaxable_rmrr = 0;
- static int iommu_skip_te_disable;
-
- #define IDENTMAP_GFX 2
-@@ -358,6 +359,9 @@
- } else if (!strncmp(str, "tboot_noforce", 13)) {
- pr_info("Intel-IOMMU: not forcing on after tboot. This could expose security risk for tboot\n");
- intel_iommu_tboot_noforce = 1;
-+ } else if (!strncmp(str, "relax_rmrr", 10)) {
-+ pr_info("Intel-IOMMU: assuming all RMRRs are relaxable. This can lead to instability or data loss\n");
-+ intel_relaxable_rmrr = 1;
- } else {
- pr_notice("Unknown option - '%s'\n", str);
- }
-@@ -2538,7 +2542,7 @@
- return false;
-
- pdev = to_pci_dev(dev);
-- if (IS_USB_DEVICE(pdev) || IS_GFX_DEVICE(pdev))
-+ if (intel_relaxable_rmrr || IS_USB_DEVICE(pdev) || IS_GFX_DEVICE(pdev))
- return true;
- else
- return false;
projects / pve-kernel.git / commitdiff