====================================== | xx__-> echo $? | 0 | xx__-> [ 32.746990][ C2] BUG: spinlock bad magic on CPU#2, ip/294 | [ 32.747219][ C2] lock: noop_qdisc+0x240/0x300, .magic: 00000000, .owner: ip/294, .owner_cpu: 2 [ 32.747739][ C2] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 32.748074][ C2] Call Trace: [ 32.748193][ C2] [ 32.748269][ C2] dump_stack_lvl (lib/dump_stack.c:122) [ 32.748427][ C2] do_raw_spin_unlock (kernel/locking/spinlock_debug.c:100 kernel/locking/spinlock_debug.c:141) [ 32.748581][ C2] _raw_spin_unlock (./arch/x86/include/asm/preempt.h:94 ./include/linux/spinlock_api_smp.h:143 kernel/locking/spinlock.c:186) [ 32.748735][ C2] __dev_xmit_skb (./include/net/sch_generic.h:226 ./include/net/sch_generic.h:217 net/core/dev.c:3879) [ 32.748900][ C2] ? __pfx___dev_xmit_skb (net/core/dev.c:3784) [ 32.749051][ C2] ? __dev_queue_xmit (./include/linux/bottom_half.h:20 ./include/linux/rcupdate.h:890 net/core/dev.c:4348) [ 32.749201][ C2] ? lock_acquire (kernel/locking/lockdep.c:5732) [ 32.749349][ C2] ? __dev_queue_xmit (./include/linux/bottom_half.h:20 ./include/linux/rcupdate.h:890 net/core/dev.c:4348) [ 32.749500][ C2] __dev_queue_xmit (net/core/dev.c:4389) [ 32.749669][ C2] ? __lock_release (kernel/locking/lockdep.c:5435) [ 32.749817][ C2] ? ip_finish_output2 (./include/net/neighbour.h:542 net/ipv4/ip_output.c:235) [ 32.749967][ C2] ? __pfx___lock_release (kernel/locking/lockdep.c:5411) [ 32.750122][ C2] ? __pfx___dev_queue_xmit (net/core/dev.c:4332) [ 32.750271][ C2] ? mark_held_locks (kernel/locking/lockdep.c:4273) [ 32.750421][ C2] ? eth_header (net/ethernet/eth.c:100) [ 32.750572][ C2] ? neigh_resolve_output (./include/linux/netdevice.h:3159 net/core/neighbour.c:1560 net/core/neighbour.c:1545) [ 32.750728][ C2] ip_finish_output2 (./include/net/neighbour.h:542 net/ipv4/ip_output.c:235) [ 32.750882][ C2] ? find_held_lock (kernel/locking/lockdep.c:5249) [ 32.751038][ C2] ? __pfx_ip_finish_output2 (net/ipv4/ip_output.c:199) [ 32.751189][ C2] ? igmpv3_send_cr (./include/linux/rcupdate.h:336 ./include/linux/rcupdate.h:869 net/ipv4/igmp.c:719) [ 32.751342][ C2] ? __ip_finish_output (./include/linux/skbuff.h:1666 ./include/linux/skbuff.h:4954 net/ipv4/ip_output.c:307 net/ipv4/ip_output.c:295) [ 32.751498][ C2] ip_output (./include/linux/netfilter.h:303 net/ipv4/ip_output.c:433) [ 32.751619][ C2] ? __pfx_ip_output (net/ipv4/ip_output.c:427) [ 32.751770][ C2] ? igmpv3_send_cr (net/ipv4/igmp.c:721) [ 32.751920][ C2] ? ip_local_out (net/ipv4/ip_output.c:128) [ 32.752071][ C2] igmp_ifc_timer_expire (net/ipv4/igmp.c:815) [ 32.752219][ C2] ? __pfx_igmp_ifc_timer_expire (net/ipv4/igmp.c:809) [ 32.752403][ C2] call_timer_fn (kernel/time/timer.c:1792) [ 32.752564][ C2] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1782) [ 32.752735][ C2] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1782) [ 32.752886][ C2] ? __pfx_call_timer_fn (kernel/time/timer.c:1769) [ 32.753034][ C2] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:227) [ 32.753187][ C2] ? mark_held_locks (kernel/locking/lockdep.c:4273) [ 32.753336][ C2] __run_timers (kernel/time/timer.c:1844 kernel/time/timer.c:2417) [ 32.753495][ C2] ? __pfx_igmp_ifc_timer_expire (net/ipv4/igmp.c:809) [ 32.753684][ C2] ? __pfx___run_timers (kernel/time/timer.c:2388) [ 32.753840][ C2] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) [ 32.753990][ C2] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) [ 32.754142][ C2] ? lock_acquire (kernel/locking/lockdep.c:5732) [ 32.754287][ C2] ? run_timer_softirq (kernel/time/timer.c:2428 kernel/time/timer.c:2421 kernel/time/timer.c:2437 kernel/time/timer.c:2447) [ 32.754441][ C2] run_timer_softirq (kernel/time/timer.c:2429 kernel/time/timer.c:2421 kernel/time/timer.c:2437 kernel/time/timer.c:2447) [ 32.754590][ C2] handle_softirqs (kernel/softirq.c:554) [ 32.754749][ C2] irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637 kernel/softirq.c:649) [ 32.754872][ C2] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1043 arch/x86/kernel/apic/apic.c:1043) [ 32.755023][ C2] [ 32.755100][ C2] [ 32.755186][ C2] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) [ 32.755375][ C2] RIP: 0010:unwind_next_frame (arch/x86/kernel/unwind_orc.c:508) [ 32.755567][ C2] Code: 89 fa 48 c1 ea 03 0f b6 04 02 4c 89 fa 83 e2 07 38 d0 7f 08 84 c0 0f 85 b0 0d 00 00 41 0f b6 46 05 83 e0 07 0f 84 8b 0a 00 00 <3c> 01 0f 84 95 01 00 00 49 8d 76 04 4c 89 f9 48 b8 00 00 00 00 00 All code ======== 0: 89 fa mov %edi,%edx 2: 48 c1 ea 03 shr $0x3,%rdx 6: 0f b6 04 02 movzbl (%rdx,%rax,1),%eax a: 4c 89 fa mov %r15,%rdx d: 83 e2 07 and $0x7,%edx 10: 38 d0 cmp %dl,%al 12: 7f 08 jg 0x1c 14: 84 c0 test %al,%al 16: 0f 85 b0 0d 00 00 jne 0xdcc 1c: 41 0f b6 46 05 movzbl 0x5(%r14),%eax 21: 83 e0 07 and $0x7,%eax 24: 0f 84 8b 0a 00 00 je 0xab5 2a:* 3c 01 cmp $0x1,%al <-- trapping instruction 2c: 0f 84 95 01 00 00 je 0x1c7 32: 49 8d 76 04 lea 0x4(%r14),%rsi 36: 4c 89 f9 mov %r15,%rcx 39: 48 rex.W 3a: b8 00 00 00 00 mov $0x0,%eax ... Code starting with the faulting instruction =========================================== 0: 3c 01 cmp $0x1,%al 2: 0f 84 95 01 00 00 je 0x19d 8: 49 8d 76 04 lea 0x4(%r14),%rsi c: 4c 89 f9 mov %r15,%rcx f: 48 rex.W 10: b8 00 00 00 00 mov $0x0,%eax ... [ 32.756112][ C2] RSP: 0018:ffffc9000066f748 EFLAGS: 00000202 [ 32.756300][ C2] RAX: 0000000000000002 RBX: 0000000000000001 RCX: dffffc0000000000 [ 32.756528][ C2] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa2bd6208 [ 32.756764][ C2] RBP: ffffc9000066f8a0 R08: ffffc9000066f888 R09: 1ffff920000cdef2 [ 32.756987][ C2] R10: ffffc9000066f848 R11: ffffc9000066f889 R12: 1ffff920000cdef2 [ 32.757207][ C2] R13: ffffc9000066f848 R14: ffffffffa2efa7d6 R15: ffffffffa2efa7db [ 32.757444][ C2] ? unwind_next_frame (arch/x86/kernel/unwind_orc.c:495) [ 32.757599][ C2] ? do_exit (kernel/exit.c:872) [ 32.757714][ C2] ? __pfx_unwind_next_frame (arch/x86/kernel/unwind_orc.c:469) [ 32.757865][ C2] ? do_exit (kernel/exit.c:872) [ 32.757981][ C2] ? kernel_text_address (kernel/extable.c:99) [ 32.758135][ C2] ? __pfx_stack_trace_consume_entry (kernel/stacktrace.c:83) [ 32.758330][ C2] arch_stack_walk (arch/x86/kernel/stacktrace.c:24) [ 32.758483][ C2] ? do_exit (kernel/exit.c:872) [ 32.758608][ C2] stack_trace_save (kernel/stacktrace.c:123) [ 32.758758][ C2] ? __pfx_stack_trace_save (kernel/stacktrace.c:114) [ 32.758908][ C2] ? __pfx_validate_chain (kernel/locking/lockdep.c:3824) [ 32.759057][ C2] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:227) [ 32.759206][ C2] ? mark_lock (kernel/locking/lockdep.c:4655 (discriminator 3)) [ 32.759318][ C2] kasan_save_stack (mm/kasan/common.c:48) [ 32.759520][ C2] ? kasan_save_stack (mm/kasan/common.c:48) [ 32.759679][ C2] ? __kasan_record_aux_stack (mm/kasan/generic.c:541) [ 32.759844][ C2] ? __call_rcu_common.constprop.0 (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:87 ./arch/x86/include/asm/irqflags.h:123 kernel/rcu/tree.c:3107) [ 32.760059][ C2] ? kmem_cache_free (./include/linux/kmemleak.h:48 mm/slub.c:2213 mm/slub.c:4473 mm/slub.c:4548) [ 32.760222][ C2] ? __vm_area_free (kernel/fork.c:514) [ 32.760386][ C2] ? exit_mmap (mm/mmap.c:3438) [ 32.760549][ C2] ? mmput (kernel/fork.c:1412 kernel/fork.c:1347 kernel/fork.c:1367) [ 32.760676][ C2] ? exit_mm (kernel/exit.c:572) [ 32.760795][ C2] ? do_exit (kernel/exit.c:872) [ 32.760920][ C2] ? mark_lock (kernel/locking/lockdep.c:4655 (discriminator 3)) [ 32.761042][ C2] ? find_held_lock (kernel/locking/lockdep.c:5249) [ 32.761205][ C2] ? __lock_release (kernel/locking/lockdep.c:5435) [ 32.761374][ C2] ? __virt_addr_valid (./include/linux/rcupdate.h:336 ./include/linux/rcupdate.h:951 ./include/linux/mmzone.h:2034 arch/x86/mm/physaddr.c:65) [ 32.761539][ C2] ? __pfx___lock_release (kernel/locking/lockdep.c:5411) [ 32.761697][ C2] ? __pfx_lock_acquire.part.0 (kernel/locking/lockdep.c:5724) [ 32.761860][ C2] ? trace_lock_acquire (./include/trace/events/lock.h:24 (discriminator 52)) [ 32.762025][ C2] ? __virt_addr_valid (./include/linux/rcupdate.h:336 ./include/linux/rcupdate.h:951 ./include/linux/mmzone.h:2034 arch/x86/mm/physaddr.c:65) [ 32.762189][ C2] ? __virt_addr_valid (./arch/x86/include/asm/preempt.h:94 ./include/linux/rcupdate.h:953 ./include/linux/mmzone.h:2034 arch/x86/mm/physaddr.c:65) [ 32.762350][ C2] ? __pfx_free_object_rcu (mm/kmemleak.c:503) [ 32.762520][ C2] __kasan_record_aux_stack (mm/kasan/generic.c:541) [ 32.762681][ C2] ? __pfx_free_object_rcu (mm/kmemleak.c:503) [ 32.762845][ C2] __call_rcu_common.constprop.0 (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:87 ./arch/x86/include/asm/irqflags.h:123 kernel/rcu/tree.c:3107) [ 32.763045][ C2] kmem_cache_free (./include/linux/kmemleak.h:48 mm/slub.c:2213 mm/slub.c:4473 mm/slub.c:4548) [ 32.763214][ C2] ? __vm_area_free (kernel/fork.c:514) [ 32.763376][ C2] __vm_area_free (kernel/fork.c:514) [ 32.763539][ C2] exit_mmap (mm/mmap.c:3438) [ 32.763660][ C2] ? __pfx_exit_mmap (mm/mmap.c:3386) [ 32.763827][ C2] ? __mutex_unlock_slowpath (./arch/x86/include/asm/atomic64_64.h:101 ./include/linux/atomic/atomic-arch-fallback.h:4329 ./include/linux/atomic/atomic-long.h:1506 ./include/linux/atomic/atomic-instrumented.h:4481 kernel/locking/mutex.c:929) [ 32.763995][ C2] mmput (kernel/fork.c:1412 kernel/fork.c:1347 kernel/fork.c:1367) [ 32.764119][ C2] exit_mm (kernel/exit.c:572) [ 32.764240][ C2] do_exit (kernel/exit.c:872) [ 32.764363][ C2] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) [ 32.764530][ C2] ? __pfx_do_exit (kernel/exit.c:821) [ 32.764691][ C2] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) [ 32.764857][ C2] do_group_exit (kernel/exit.c:1012) [ 32.765017][ C2] __x64_sys_exit_group (kernel/exit.c:1040) [ 32.765181][ C2] x64_sys_call (./arch/x86/include/generated/asm/syscalls_64.h:61) [ 32.765345][ C2] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83) [ 32.765508][ C2] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) [ 32.765710][ C2] RIP: 0033:0x7f1db6534a8d [ 32.765875][ C2] Code: Unable to access opcode bytes at 0x7f1db6534a63. Code starting with the faulting instruction =========================================== [ 32.766081][ C2] RSP: 002b:00007ffcd051f708 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 32.766418][ C2] RAX: ffffffffffffffda RBX: 00007f1db66119c0 RCX: 00007f1db6534a8d [ 32.766675][ C2] RDX: 00000000000000e7 RSI: fffffffffffffe90 RDI: 0000000000000000 [ 32.766910][ C2] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000060 [ 32.767242][ C2] R10: 00007f1db6421fa8 R11: 0000000000000246 R12: 00007f1db66119c0 Finger prints: do_raw_spin_unlock:_raw_spin_unlock:__dev_xmit_skb:__dev_queue_xmit:ip_finish_output2