====================================== | [ 15.408316][ C2] #5: ffff88800ef2b358 (&br->multicast_lock){+.-.}-{3:3}, at: br_multicast_port_query_expired (./include/trace/events/../../../net/bridge/br_private.h:1293 ./include/trace/events/../../../net/bridge/br_private.h:1302 net/bridge/br_multicast.c:1906) bridge | [ 15.409158][ C2] #6: ffffffff9c15b5c0 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit (./include/linux/bottom_half.h:20 ./include/linux/rcupdate.h:901 net/core/dev.c:4555) | [ 15.409762][ C2] | [ 15.409762][ C2] stack backtrace: [ 15.410226][ C2] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 15.410230][ C2] Workqueue: events_unbound linkwatch_event [ 15.410241][ C2] Call Trace: [ 15.410244][ C2] [ 15.410249][ C2] dump_stack_lvl (lib/dump_stack.c:123) [ 15.410262][ C2] lockdep_rcu_suspicious (kernel/locking/lockdep.c:6848) [ 15.410278][ C2] dev_hard_start_xmit (./include/net/net_namespace.h:418 ./include/linux/netdevice.h:2695 net/core/dev.c:2466 net/core/dev.c:3772 net/core/dev.c:3793) [ 15.410299][ C2] __dev_queue_xmit (net/core/dev.h:340 net/core/dev.c:4631) [ 15.410320][ C2] ? __build_skb_around (./arch/x86/include/asm/atomic.h:28 ./include/linux/atomic/atomic-arch-fallback.h:503 ./include/linux/atomic/atomic-instrumented.h:68 net/core/skbuff.c:381 net/core/skbuff.c:439) [ 15.410348][ C2] ? __pfx___dev_queue_xmit (net/core/dev.c:4538) [ 15.410352][ C2] ? __pfx___alloc_skb (net/core/skbuff.c:642) [ 15.410363][ C2] ? stack_trace_save (kernel/stacktrace.c:114) [ 15.410372][ C2] ? __pfx_stack_trace_save (kernel/stacktrace.c:114) [ 15.410388][ C2] ? __pfx___br_multicast_query_handle_vlan (net/bridge/br_multicast.c:909) bridge [ 15.410483][ C2] br_dev_queue_push_xmit (net/bridge/br_forward.c:34) bridge [ 15.410543][ C2] ? __pfx_br_dev_queue_push_xmit (net/bridge/br_forward.c:34) bridge [ 15.410597][ C2] ? br_multicast_count (./arch/x86/include/asm/bitops.h:206 ./arch/x86/include/asm/bitops.h:238 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 ./include/trace/events/../../../net/bridge/br_private.h:764 net/bridge/br_multicast.c:5052) bridge [ 15.410663][ C2] __br_multicast_send_query (net/bridge/br_multicast.c:1813) bridge [ 15.410742][ C2] ? __pfx___br_multicast_send_query (net/bridge/br_multicast.c:1789) bridge [ 15.410811][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5228) [ 15.410834][ C2] ? br_multicast_send_query (net/bridge/br_multicast.c:1891) bridge [ 15.410893][ C2] br_multicast_send_query (net/bridge/br_multicast.c:1891) bridge [ 15.410960][ C2] ? __pfx_br_multicast_send_query (net/bridge/br_multicast.c:1852) bridge [ 15.411008][ C2] ? br_multicast_port_query_expired (./include/trace/events/../../../net/bridge/br_private.h:1293 ./include/trace/events/../../../net/bridge/br_private.h:1302 net/bridge/br_multicast.c:1906) bridge [ 15.411056][ C2] ? __pfx_br_ip4_multicast_port_query_expired (net/bridge/br_multicast.c:1920) bridge [ 15.411103][ C2] ? __pfx_lock_acquire.part.0 (kernel/locking/lockdep.c:5816) [ 15.411114][ C2] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) [ 15.411123][ C2] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) [ 15.411131][ C2] ? lock_acquire (kernel/locking/lockdep.c:5824) [ 15.411134][ C2] ? br_multicast_port_query_expired (./include/trace/events/../../../net/bridge/br_private.h:1293 ./include/trace/events/../../../net/bridge/br_private.h:1302 net/bridge/br_multicast.c:1906) bridge [ 15.411202][ C2] ? br_multicast_port_query_expired (net/bridge/br_multicast.c:1917) bridge [ 15.411255][ C2] br_multicast_port_query_expired (net/bridge/br_multicast.c:1917) bridge [ 15.411320][ C2] ? __pfx_br_ip4_multicast_port_query_expired (net/bridge/br_multicast.c:1920) bridge [ 15.411379][ C2] call_timer_fn (kernel/time/timer.c:1789) [ 15.411387][ C2] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1779) [ 15.411391][ C2] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1779) [ 15.411399][ C2] ? __pfx_call_timer_fn (kernel/time/timer.c:1766) [ 15.411406][ C2] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:230) [ 15.411422][ C2] ? mark_held_locks (kernel/locking/lockdep.c:4323) [ 15.411447][ C2] __run_timers (kernel/time/timer.c:1841 kernel/time/timer.c:2414) [ 15.411455][ C2] ? __pfx_br_ip4_multicast_port_query_expired (net/bridge/br_multicast.c:1920) bridge [ 15.411527][ C2] ? __pfx___run_timers (kernel/time/timer.c:2385) [ 15.411532][ C2] ? clockevents_program_event (kernel/time/clockevents.c:326) [ 15.411551][ C2] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) [ 15.411560][ C2] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) [ 15.411568][ C2] ? lock_acquire (kernel/locking/lockdep.c:5824) [ 15.411573][ C2] ? run_timer_softirq (kernel/time/timer.c:2426 kernel/time/timer.c:2418 kernel/time/timer.c:2435 kernel/time/timer.c:2445) [ 15.411590][ C2] run_timer_softirq (kernel/time/timer.c:2427 kernel/time/timer.c:2418 kernel/time/timer.c:2435 kernel/time/timer.c:2445) [ 15.411599][ C2] handle_softirqs (kernel/softirq.c:561) [ 15.411623][ C2] __irq_exit_rcu (kernel/softirq.c:596 kernel/softirq.c:435 kernel/softirq.c:662) [ 15.411630][ C2] irq_exit_rcu (kernel/softirq.c:680) [ 15.411635][ C2] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049) [ 15.411645][ C2] [ 15.411647][ C2] [ 15.411652][ C2] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) [ 15.411661][ C2] RIP: 0010:_raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:152 kernel/locking/spinlock.c:194) [ 15.411669][ C2] Code: 10 e8 b1 3d 87 fd 48 89 ef e8 f9 ad 87 fd 81 e3 00 02 00 00 75 1d 9c 58 f6 c4 02 75 29 48 85 db 74 01 fb 65 ff 0d b5 0d ef 64 <74> 0e 5b 5d c3 cc cc cc cc e8 2f df ac fd eb dc 0f 1f 44 00 00 5b All code ======== 0: 10 e8 adc %ch,%al 2: b1 3d mov $0x3d,%cl 4: 87 fd xchg %edi,%ebp 6: 48 89 ef mov %rbp,%rdi 9: e8 f9 ad 87 fd call 0xfffffffffd87ae07 e: 81 e3 00 02 00 00 and $0x200,%ebx 14: 75 1d jne 0x33 16: 9c pushf 17: 58 pop %rax 18: f6 c4 02 test $0x2,%ah 1b: 75 29 jne 0x46 1d: 48 85 db test %rbx,%rbx 20: 74 01 je 0x23 22: fb sti 23: 65 ff 0d b5 0d ef 64 decl %gs:0x64ef0db5(%rip) # 0x64ef0ddf 2a:* 74 0e je 0x3a <-- trapping instruction 2c: 5b pop %rbx 2d: 5d pop %rbp 2e: c3 ret 2f: cc int3 30: cc int3 31: cc int3 32: cc int3 33: e8 2f df ac fd call 0xfffffffffdacdf67 38: eb dc jmp 0x16 3a: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 3f: 5b pop %rbx Code starting with the faulting instruction =========================================== 0: 74 0e je 0x10 2: 5b pop %rbx 3: 5d pop %rbp 4: c3 ret 5: cc int3 6: cc int3 7: cc int3 8: cc int3 9: e8 2f df ac fd call 0xfffffffffdacdf3d e: eb dc jmp 0xffffffffffffffec 10: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 15: 5b pop %rbx [ 15.411674][ C2] RSP: 0018:ffffc900002df868 EFLAGS: 00000286 [ 15.411680][ C2] RAX: 0000000000000002 RBX: 0000000000000200 RCX: 1ffffffff3c47cc3 [ 15.411683][ C2] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff9b14b761 [ 15.411686][ C2] RBP: ffff88800104f440 R08: 0000000000000001 R09: fffffbfff3c45be5 [ 15.411690][ C2] R10: ffffffff9e22df2f R11: ffff888001da2300 R12: ffff88800bfffad8 [ 15.411694][ C2] R13: 0000000000000000 R14: ffffc900002df8b8 R15: ffff88800bfffc10 [ 15.411717][ C2] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194) [ 15.411731][ C2] qlist_free_all (mm/kasan/quarantine.c:174) [ 15.411749][ C2] kasan_quarantine_reduce (./include/linux/srcu.h:357 mm/kasan/quarantine.c:287) [ 15.411763][ C2] __kasan_slab_alloc (mm/kasan/common.c:329) [ 15.411777][ C2] kmem_cache_alloc_node_noprof (mm/slub.c:4116 mm/slub.c:4164 mm/slub.c:4216) [ 15.411786][ C2] ? __pfx_lock_acquire.part.0 (kernel/locking/lockdep.c:5816) [ 15.411805][ C2] __alloc_skb (net/core/skbuff.c:659) [ 15.411814][ C2] ? __pfx___alloc_skb (net/core/skbuff.c:642) [ 15.411828][ C2] ? rtnl_prop_list_size (net/core/rtnetlink.c:1233) [ 15.411843][ C2] ? if_nlmsg_size (net/core/rtnetlink.c:1326) [ 15.411858][ C2] rtmsg_ifinfo_build_skb (./include/linux/skbuff.h:1339 ./include/net/netlink.h:1019 net/core/rtnetlink.c:4399) [ 15.411872][ C2] rtmsg_ifinfo_event.part.0 (net/core/rtnetlink.c:4443) [ 15.411892][ C2] rtmsg_ifinfo (net/core/rtnetlink.c:4452 net/core/rtnetlink.c:4450) [ 15.411910][ C2] netdev_state_change (net/core/dev.c:1540) [ 15.411918][ C2] ? __pfx_netdev_state_change (net/core/dev.c:1530) [ 15.411943][ C2] linkwatch_do_dev (net/core/link_watch.c:186) [ 15.411950][ C2] __linkwatch_run_queue (./include/linux/spinlock.h:376 net/core/link_watch.c:245) [ 15.411963][ C2] ? __pfx___linkwatch_run_queue (net/core/link_watch.c:195) [ 15.411974][ C2] ? lock_acquire (kernel/locking/lockdep.c:5824) [ 15.411990][ C2] linkwatch_event (net/core/link_watch.c:287) [ 15.411995][ C2] process_one_work (kernel/workqueue.c:3238) [ 15.412023][ C2] ? __pfx___lock_release (kernel/locking/lockdep.c:5503) [ 15.412034][ C2] ? __pfx_process_one_work (kernel/workqueue.c:3140) [ 15.412055][ C2] ? assign_work (kernel/workqueue.c:1200) [ 15.412074][ C2] worker_thread (kernel/workqueue.c:3313 kernel/workqueue.c:3400) [ 15.412101][ C2] ? __pfx_worker_thread (kernel/workqueue.c:3346) [ 15.412113][ C2] kthread (kernel/kthread.c:464) [ 15.412123][ C2] ? __pfx_kthread (kernel/kthread.c:413) [ 15.412142][ C2] ? __pfx_kthread (kernel/kthread.c:413) [ 15.412153][ C2] ret_from_fork (arch/x86/kernel/process.c:148) [ 15.412160][ C2] ? __pfx_kthread (kernel/kthread.c:413) Finger prints: lockdep_rcu_suspicious:dev_hard_start_xmit:__dev_queue_xmit:br_dev_queue_push_xmit:__br_multicast_send_query