====================================== | [ 1058.718298][ C0] #0: ffff888005757720 (&mm->mmap_lock){++++}-{4:4}, at: lock_mm_and_find_vma (./include/linux/mmap_lock.h:209 mm/memory.c:6238 mm/memory.c:6298) | [ 1058.718655][ C0] #1: ffffc90000007d60 ((&n->timer)){+.-.}-{0:0}, at: call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1779) | [ 1058.719028][ C0] | [ 1058.719028][ C0] stack backtrace: [ 1058.719281][ C0] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 1058.719284][ C0] Call Trace: [ 1058.719286][ C0] [ 1058.719288][ C0] dump_stack_lvl (lib/dump_stack.c:123) [ 1058.719296][ C0] lockdep_rcu_suspicious (kernel/locking/lockdep.c:6848) [ 1058.719306][ C0] icmp6_send (./include/net/net_namespace.h:404 ./include/linux/netdevice.h:2669 net/ipv6/icmp.c:476) [ 1058.719324][ C0] ? __pfx_icmp6_send (net/ipv6/icmp.c:452) [ 1058.719333][ C0] ? __pfx_validate_chain (kernel/locking/lockdep.c:3862) [ 1058.719337][ C0] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:230) [ 1058.719340][ C0] ? mark_lock (kernel/locking/lockdep.c:4729 (discriminator 3)) [ 1058.719350][ C0] ? __lock_acquire (kernel/locking/lockdep.c:5228) [ 1058.719356][ C0] ? find_held_lock (kernel/locking/lockdep.c:5341) [ 1058.719363][ C0] ? __lock_release (kernel/locking/lockdep.c:5527) [ 1058.719365][ C0] ? neigh_invalidate (net/core/neighbour.c:1008) [ 1058.719370][ C0] ? __pfx___lock_release (kernel/locking/lockdep.c:5503) [ 1058.719374][ C0] ? lock_acquire.part.0 (kernel/locking/lockdep.c:469 kernel/locking/lockdep.c:5853) [ 1058.719385][ C0] ip6_link_failure (./include/linux/skbuff.h:1152 net/ipv6/route.c:2801) [ 1058.719393][ C0] ndisc_error_report (./include/net/dst.h:429 net/ipv6/ndisc.c:731) [ 1058.719399][ C0] neigh_invalidate (net/core/neighbour.c:1008) [ 1058.719409][ C0] neigh_timer_handler (net/core/neighbour.c:1109 (discriminator 2)) [ 1058.719418][ C0] ? __pfx_neigh_timer_handler (net/core/neighbour.c:1032) [ 1058.719421][ C0] call_timer_fn (kernel/time/timer.c:1789) [ 1058.719424][ C0] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1779) [ 1058.719427][ C0] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1779) [ 1058.719431][ C0] ? __pfx_call_timer_fn (kernel/time/timer.c:1766) [ 1058.719434][ C0] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:230) [ 1058.719442][ C0] ? mark_held_locks (kernel/locking/lockdep.c:4323) [ 1058.719452][ C0] __run_timers (kernel/time/timer.c:1841 kernel/time/timer.c:2414) [ 1058.719456][ C0] ? __pfx_neigh_timer_handler (net/core/neighbour.c:1032) [ 1058.719466][ C0] ? __pfx___run_timers (kernel/time/timer.c:2385) [ 1058.719469][ C0] ? clockevents_program_event (kernel/time/clockevents.c:326) [ 1058.719478][ C0] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) [ 1058.719483][ C0] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) [ 1058.719488][ C0] ? lock_acquire (kernel/locking/lockdep.c:5824) [ 1058.719490][ C0] ? run_timer_softirq (kernel/time/timer.c:2426 kernel/time/timer.c:2418 kernel/time/timer.c:2435 kernel/time/timer.c:2445) [ 1058.719500][ C0] run_timer_softirq (kernel/time/timer.c:2427 kernel/time/timer.c:2418 kernel/time/timer.c:2435 kernel/time/timer.c:2445) [ 1058.719505][ C0] handle_softirqs (kernel/softirq.c:561) [ 1058.719518][ C0] __irq_exit_rcu (kernel/softirq.c:596 kernel/softirq.c:435 kernel/softirq.c:662) [ 1058.719521][ C0] irq_exit_rcu (kernel/softirq.c:680) [ 1058.719524][ C0] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049) [ 1058.719528][ C0] [ 1058.719529][ C0] [ 1058.719531][ C0] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) [ 1058.719535][ C0] RIP: 0010:lock_acquire.part.0 (kernel/locking/lockdep.c:5816) [ 1058.719539][ C0] Code: 44 24 08 8b 74 24 04 e9 27 ff ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 54 <49> 89 fc 48 bf 00 00 00 00 00 fc ff df 55 53 48 81 ec b8 00 00 00 All code ======== 0: 44 24 08 rex.R and $0x8,%al 3: 8b 74 24 04 mov 0x4(%rsp),%esi 7: e9 27 ff ff ff jmp 0xffffffffffffff33 c: 66 66 2e 0f 1f 84 00 data16 cs nopw 0x0(%rax,%rax,1) 13: 00 00 00 00 17: 90 nop 18: 90 nop 19: 90 nop 1a: 90 nop 1b: 90 nop 1c: 90 nop 1d: 90 nop 1e: 90 nop 1f: 90 nop 20: 90 nop 21: 90 nop 22: 90 nop 23: 90 nop 24: 90 nop 25: 90 nop 26: 90 nop 27: 90 nop 28: 41 54 push %r12 2a:* 49 89 fc mov %rdi,%r12 <-- trapping instruction 2d: 48 bf 00 00 00 00 00 movabs $0xdffffc0000000000,%rdi 34: fc ff df 37: 55 push %rbp 38: 53 push %rbx 39: 48 81 ec b8 00 00 00 sub $0xb8,%rsp Code starting with the faulting instruction =========================================== 0: 49 89 fc mov %rdi,%r12 3: 48 bf 00 00 00 00 00 movabs $0xdffffc0000000000,%rdi a: fc ff df d: 55 push %rbp e: 53 push %rbx f: 48 81 ec b8 00 00 00 sub $0xb8,%rsp [ 1058.719542][ C0] RSP: 0018:ffffc900005b79f8 EFLAGS: 00000292 [ 1058.719545][ C0] RAX: 0000000000000001 RBX: ffffc900005b7a40 RCX: 0000000000000002 [ 1058.719547][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8c95aca0 [ 1058.719549][ C0] RBP: ffffc900005b7b20 R08: 0000000000000000 R09: 0000000000000000 [ 1058.719550][ C0] R10: ffffffff8d391197 R11: ffff888002062300 R12: 0000000000000001 [ 1058.719552][ C0] R13: 1ffff920000b6f42 R14: ffffffffffffffff R15: 0000000000000214 [ 1058.719569][ C0] mt_find (./include/linux/rcupdate.h:850 lib/maple_tree.c:6887) [ 1058.719573][ C0] ? mt_find (./include/linux/rcupdate.h:337 ./include/linux/rcupdate.h:849 lib/maple_tree.c:6887) [ 1058.719577][ C0] ? __pfx_mt_find (lib/maple_tree.c:6875) [ 1058.719589][ C0] ? mark_lock (kernel/locking/lockdep.c:4729 (discriminator 3)) [ 1058.719600][ C0] find_vma (mm/mmap.c:909) [ 1058.719604][ C0] ? __pfx_find_vma (mm/mmap.c:909) [ 1058.719611][ C0] ? down_read_trylock (kernel/locking/rwsem.c:1566 kernel/locking/rwsem.c:1561) [ 1058.719618][ C0] lock_mm_and_find_vma (mm/memory.c:6301) [ 1058.719624][ C0] do_user_addr_fault (arch/x86/mm/fault.c:1361) [ 1058.719639][ C0] exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:87 ./arch/x86/include/asm/irqflags.h:147 arch/x86/mm/fault.c:1489 arch/x86/mm/fault.c:1539) [ 1058.719644][ C0] asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) [ 1058.719647][ C0] RIP: 0010:strncpy_from_user (lib/strncpy_from_user.c:41 lib/strncpy_from_user.c:130) [ 1058.719651][ C0] Code: 00 00 00 48 89 fa 48 c1 ea 03 42 80 3c 0a 00 0f 85 f1 00 00 00 49 83 ee 08 49 89 44 2d 00 48 83 c5 08 49 83 fe 07 76 7a 89 f2 <49> 8b 04 2c 85 d2 74 b6 49 bf 00 00 00 00 00 fc ff df 48 89 eb eb All code ======== 0: 00 00 add %al,(%rax) 2: 00 48 89 add %cl,-0x77(%rax) 5: fa cli 6: 48 c1 ea 03 shr $0x3,%rdx a: 42 80 3c 0a 00 cmpb $0x0,(%rdx,%r9,1) f: 0f 85 f1 00 00 00 jne 0x106 15: 49 83 ee 08 sub $0x8,%r14 19: 49 89 44 2d 00 mov %rax,0x0(%r13,%rbp,1) 1e: 48 83 c5 08 add $0x8,%rbp 22: 49 83 fe 07 cmp $0x7,%r14 26: 76 7a jbe 0xa2 28: 89 f2 mov %esi,%edx 2a:* 49 8b 04 2c mov (%r12,%rbp,1),%rax <-- trapping instruction 2e: 85 d2 test %edx,%edx 30: 74 b6 je 0xffffffffffffffe8 32: 49 bf 00 00 00 00 00 movabs $0xdffffc0000000000,%r15 39: fc ff df 3c: 48 89 eb mov %rbp,%rbx 3f: eb .byte 0xeb Code starting with the faulting instruction =========================================== 0: 49 8b 04 2c mov (%r12,%rbp,1),%rax 4: 85 d2 test %edx,%edx 6: 74 b6 je 0xffffffffffffffbe 8: 49 bf 00 00 00 00 00 movabs $0xdffffc0000000000,%r15 f: fc ff df 12: 48 89 eb mov %rbp,%rbx 15: eb .byte 0xeb [ 1058.719654][ C0] RSP: 0018:ffffc900005b7cf8 EFLAGS: 00050246 [ 1058.719656][ C0] RAX: 00007ffffffff000 RBX: 00007f2a961922b1 RCX: 0000000000000fe0 [ 1058.719658][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88800abed7e0 [ 1058.719659][ C0] RBP: 0000000000000000 R08: fefefefefefefeff R09: dffffc0000000000 [ 1058.719661][ C0] R10: ffff88800abee7bf R11: 0000000000000000 R12: 00007f2a961922b1 [ 1058.719663][ C0] R13: ffff88800abed7e0 R14: 0000000000000fe0 R15: 8080808080808080 [ 1058.719678][ C0] ? strncpy_from_user (./arch/x86/include/asm/uaccess_64.h:70 lib/strncpy_from_user.c:129) [ 1058.719686][ C0] getname_flags (fs/namei.c:154) [ 1058.719691][ C0] ? find_held_lock (kernel/locking/lockdep.c:5341) [ 1058.719697][ C0] user_path_at (fs/namei.c:3072) [ 1058.719702][ C0] user_statfs (fs/statfs.c:103) [ 1058.719708][ C0] ? __pfx_user_statfs (fs/statfs.c:98) [ 1058.719714][ C0] ? lock_acquire (kernel/locking/lockdep.c:5824) [ 1058.719722][ C0] __do_sys_statfs (fs/statfs.c:194) [ 1058.719727][ C0] ? __pfx___do_sys_statfs (fs/statfs.c:191) [ 1058.719732][ C0] ? __rseq_handle_notify_resume (kernel/rseq.c:420) [ 1058.719735][ C0] ? do_user_addr_fault (./include/linux/mmap_lock.h:218 arch/x86/mm/fault.c:1417) [ 1058.719742][ C0] ? __pfx___rseq_handle_notify_resume (kernel/rseq.c:403) [ 1058.719754][ C0] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4349 kernel/locking/lockdep.c:4408) [ 1058.719759][ C0] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83) [ 1058.719766][ C0] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) [ 1058.719769][ C0] RIP: 0033:0x7f2a960174cb [ 1058.719773][ C0] Code: c3 66 0f 1f 44 00 00 48 8b 05 31 a9 0b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 f3 0f 1e fa b8 89 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 01 a9 0b 00 f7 d8 All code ======== 0: c3 ret 1: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1) 7: 48 8b 05 31 a9 0b 00 mov 0xba931(%rip),%rax # 0xba93f e: 64 c7 00 16 00 00 00 movl $0x16,%fs:(%rax) 15: b8 ff ff ff ff mov $0xffffffff,%eax 1a: c3 ret 1b: 0f 1f 40 00 nopl 0x0(%rax) 1f: f3 0f 1e fa endbr64 23: b8 89 00 00 00 mov $0x89,%eax 28: 0f 05 syscall 2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction 30: 77 05 ja 0x37 32: c3 ret 33: 0f 1f 40 00 nopl 0x0(%rax) 37: 48 8b 15 01 a9 0b 00 mov 0xba901(%rip),%rdx # 0xba93f 3e: f7 d8 neg %eax Code starting with the faulting instruction =========================================== 0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax 6: 77 05 ja 0xd 8: c3 ret 9: 0f 1f 40 00 nopl 0x0(%rax) d: 48 8b 15 01 a9 0b 00 mov 0xba901(%rip),%rdx # 0xba915 14: f7 d8 neg %eax [ 1058.719775][ C0] RSP: 002b:00007ffe943ae548 EFLAGS: 00000246 ORIG_RAX: 0000000000000089 [ 1058.719778][ C0] RAX: ffffffffffffffda RBX: 00007ffe943ae5c0 RCX: 00007f2a960174cb [ 1058.719780][ C0] RDX: 0000000000000000 RSI: 00007ffe943ae5c0 RDI: 00007f2a961922b1 [ 1058.719781][ C0] RBP: 00007f2a961922b1 R08: 0000000000000000 R09: 00000000069682ac [ 1058.719783][ C0] R10: fffffffffffffe90 R11: 0000000000000246 R12: 00007ffe943ae748 Finger prints: lockdep_rcu_suspicious:icmp6_send:ip6_link_failure:ndisc_error_report:neigh_invalidate