====================================== | [ 1156.106532] #6: ffffffff9c9678c0 (rcu_read_lock){....}-{1:2}, at: netif_receive_skb (./include/linux/rcupdate.h:298 ./include/linux/rcupdate.h:750 net/core/dev.c:5729 net/core/dev.c:5801) | [ 1156.106988] #7: ffffffff9c9678c0 (rcu_read_lock){....}-{1:2}, at: ip_local_deliver_finish (./include/linux/rcupdate.h:298 ./include/linux/rcupdate.h:750 net/ipv4/ip_input.c:232) | [ 1156.107465] | [ 1156.107465] stack backtrace: [ 1156.108055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 1156.108649] Call Trace: [ 1156.108793] [ 1156.108913] dump_stack_lvl (lib/dump_stack.c:108) [ 1156.109120] __lock_acquire (kernel/locking/lockdep.c:5138) [ 1156.109345] ? sk_filter_trim_cap (./include/linux/rcupdate.h:298 ./include/linux/rcupdate.h:750 net/core/filter.c:151) [ 1156.109581] lock_acquire (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5756 kernel/locking/lockdep.c:5719) [ 1156.109776] ? tcp_v4_rcv (./include/linux/skbuff.h:1619 ./include/net/tcp.h:2510 net/ipv4/tcp_ipv4.c:2326) [ 1156.109979] ? sk_filter_trim_cap (net/core/filter.c:165) [ 1156.110229] _raw_spin_lock_nested (kernel/locking/spinlock.c:379) [ 1156.110465] ? tcp_v4_rcv (./include/linux/skbuff.h:1619 ./include/net/tcp.h:2510 net/ipv4/tcp_ipv4.c:2326) [ 1156.110663] tcp_v4_rcv (./include/linux/skbuff.h:1619 ./include/net/tcp.h:2510 net/ipv4/tcp_ipv4.c:2326) [ 1156.110854] ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205 (discriminator 1)) [ 1156.111098] ip_local_deliver_finish (./include/linux/rcupdate.h:779 net/ipv4/ip_input.c:234) [ 1156.111342] __netif_receive_skb_one_core (net/core/dev.c:5542 (discriminator 4)) [ 1156.111614] netif_receive_skb (net/core/dev.c:5742 net/core/dev.c:5801) [ 1156.111834] tcf_mirred_to_dev (net/sched/act_mirred.c:327) act_mirred [ 1156.112118] tcf_mirred_act (net/sched/act_mirred.c:459 (discriminator 2)) act_mirred [ 1156.112379] ? tcf_skbedit_act (net/sched/act_skbedit.c:51 (discriminator 3)) act_skbedit [ 1156.112664] tcf_action_exec (net/sched/act_api.c:1101 net/sched/act_api.c:1074) [ 1156.112875] fl_classify (net/sched/cls_flower.c:345) cls_flower [ 1156.113133] ? fl_mask_lookup (./include/linux/rcupdate.h:308 ./include/linux/rcupdate.h:783 ./include/linux/rhashtable.h:673 net/sched/cls_flower.c:262 net/sched/cls_flower.c:295) cls_flower [ 1156.113411] ? fl_mask_lookup (net/sched/cls_flower.c:296) cls_flower [ 1156.113684] ? __pfx_usage_match (kernel/locking/lockdep.c:2256) [ 1156.113909] ? __bfs (kernel/locking/lockdep.c:1787) [ 1156.114081] ? check_irq_usage (kernel/locking/lockdep.c:2823) [ 1156.114302] ? check_path.constprop.0 (kernel/locking/lockdep.c:2145) [ 1156.114550] ? check_noncircular (kernel/locking/lockdep.c:2172) [ 1156.114776] ? __lock_acquire (kernel/locking/lockdep.c:5133 (discriminator 1)) [ 1156.115002] tcf_classify (./include/net/tc_wrapper.h:197 net/sched/cls_api.c:1734 net/sched/cls_api.c:1830) [ 1156.115202] tc_run (net/core/dev.c:3945) [ 1156.115372] __dev_queue_xmit (net/core/dev.c:4069 net/core/dev.c:4301) [ 1156.115597] ? mark_held_locks (kernel/locking/lockdep.c:4274) [ 1156.115808] ip_finish_output2 (./include/linux/netdevice.h:3171 ./include/net/neighbour.h:526 ./include/net/neighbour.h:540 net/ipv4/ip_output.c:235) [ 1156.116093] ? __ip_queue_xmit (net/ipv4/ip_output.c:535) [ 1156.116312] __ip_queue_xmit (net/ipv4/ip_output.c:535) [ 1156.116528] __tcp_transmit_skb (net/ipv4/tcp_output.c:1462 (discriminator 4)) [ 1156.116755] tcp_write_xmit (net/ipv4/tcp_output.c:2792) [ 1156.116968] __tcp_push_pending_frames (net/ipv4/tcp_output.c:2977) [ 1156.117218] tcp_rcv_state_process (net/ipv4/tcp_input.c:5654 net/ipv4/tcp_input.c:6870) [ 1156.117463] ? tcp_v4_rcv (./include/linux/skbuff.h:1619 ./include/net/tcp.h:2510 net/ipv4/tcp_ipv4.c:2326) [ 1156.117662] ? tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1929) [ 1156.117866] tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1929) [ 1156.118062] tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2329) [ 1156.118252] ? process_backlog (net/core/dev.c:5978 (discriminator 2)) [ 1156.118467] ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205 (discriminator 1)) [ 1156.118709] ip_local_deliver_finish (./include/linux/rcupdate.h:779 net/ipv4/ip_input.c:234) [ 1156.118952] __netif_receive_skb_one_core (net/core/dev.c:5542 (discriminator 4)) [ 1156.119212] process_backlog (./include/linux/rcupdate.h:779 net/core/dev.c:5985) [ 1156.119418] __napi_poll.constprop.0 (net/core/dev.c:6584) [ 1156.119659] net_rx_action (net/core/dev.c:6655 net/core/dev.c:6786) [ 1156.119863] __do_softirq (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:207 ./include/trace/events/irq.h:142 kernel/softirq.c:554) [ 1156.120063] irq_exit_rcu (kernel/softirq.c:427 kernel/softirq.c:632 kernel/softirq.c:644) [ 1156.120254] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1076 (discriminator 14)) [ 1156.120510] [ 1156.120631] [ 1156.120753] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:649) [ 1156.121030] RIP: 0010:finish_task_switch.isra.0 (./arch/x86/include/asm/jump_label.h:27 kernel/sched/core.c:4960 kernel/sched/core.c:5284) [ 1156.121324] Code: 89 ff 48 c7 02 00 00 00 00 e8 3b 66 ca 00 48 85 db 75 e2 4c 89 ff e8 0e 53 ca 00 e8 69 e7 10 00 fb 65 48 8b 04 25 40 ef 02 00 <66> 90 4d 85 ed 74 21 65 48 8b 04 25 40 ef 02 00 4c 3b a8 e8 04 00 All code ======== 0: 89 ff mov %edi,%edi 2: 48 c7 02 00 00 00 00 movq $0x0,(%rdx) 9: e8 3b 66 ca 00 call 0xca6649 e: 48 85 db test %rbx,%rbx 11: 75 e2 jne 0xfffffffffffffff5 13: 4c 89 ff mov %r15,%rdi 16: e8 0e 53 ca 00 call 0xca5329 1b: e8 69 e7 10 00 call 0x10e789 20: fb sti 21: 65 48 8b 04 25 40 ef mov %gs:0x2ef40,%rax 28: 02 00 2a:* 66 90 xchg %ax,%ax <-- trapping instruction 2c: 4d 85 ed test %r13,%r13 2f: 74 21 je 0x52 31: 65 48 8b 04 25 40 ef mov %gs:0x2ef40,%rax 38: 02 00 3a: 4c rex.WR 3b: 3b .byte 0x3b 3c: a8 e8 test $0xe8,%al 3e: 04 00 add $0x0,%al Code starting with the faulting instruction =========================================== 0: 66 90 xchg %ax,%ax 2: 4d 85 ed test %r13,%r13 5: 74 21 je 0x28 7: 65 48 8b 04 25 40 ef mov %gs:0x2ef40,%rax e: 02 00 10: 4c rex.WR 11: 3b .byte 0x3b 12: a8 e8 test $0xe8,%al 14: 04 00 add $0x0,%al [ 1156.122288] RSP: 0018:ffffb8ba40133d08 EFLAGS: 00000202 [ 1156.122570] RAX: ffff9baa42459a40 RBX: 0000000000000000 RCX: 0000000000000000 [ 1156.122951] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff9af8b677 [ 1156.123329] RBP: ffffb8ba40133d38 R08: 0000000000000001 R09: 0000000000000001 [ 1156.123703] R10: 0000000000000000 R11: 0000000000000001 R12: ffff9baa436f8000 [ 1156.124081] R13: 0000000000000000 R14: ffff9baa7ecaf998 R15: ffff9baa7ecaf980 [ 1156.124460] ? finish_task_switch.isra.0 (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:77 kernel/sched/sched.h:1397 kernel/sched/core.c:5154 kernel/sched/core.c:5272) [ 1156.124724] ? finish_task_switch.isra.0 (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:77 kernel/sched/sched.h:1397 kernel/sched/core.c:5154 kernel/sched/core.c:5272) [ 1156.124992] __schedule (kernel/sched/core.c:6733) [ 1156.125187] schedule (./arch/x86/include/asm/preempt.h:84 kernel/sched/core.c:6803 kernel/sched/core.c:6817) [ 1156.125368] pipe_write (fs/pipe.c:589 (discriminator 7)) [ 1156.125559] ? find_held_lock (kernel/locking/lockdep.c:5244) [ 1156.125766] ? __pfx_autoremove_wake_function (kernel/sched/wait.c:383) [ 1156.126046] vfs_write (./include/linux/fs.h:2085 fs/read_write.c:497 fs/read_write.c:590) [ 1156.126233] ksys_write (fs/read_write.c:643) [ 1156.126420] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4300 kernel/locking/lockdep.c:4359 kernel/locking/lockdep.c:4311) [ 1156.126692] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83) [ 1156.126897] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129) [ 1156.127173] RIP: 0033:0x7f5be8361957 [ 1156.127372] Code: 0b 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74 24 All code ======== 0: 0b 00 or (%rax),%eax 2: f7 d8 neg %eax 4: 64 89 02 mov %eax,%fs:(%rdx) 7: 48 c7 c0 ff ff ff ff mov $0xffffffffffffffff,%rax e: eb b7 jmp 0xffffffffffffffc7 10: 0f 1f 00 nopl (%rax) 13: f3 0f 1e fa endbr64 17: 64 8b 04 25 18 00 00 mov %fs:0x18,%eax 1e: 00 1f: 85 c0 test %eax,%eax 21: 75 10 jne 0x33 23: b8 01 00 00 00 mov $0x1,%eax 28: 0f 05 syscall 2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction 30: 77 51 ja 0x83 32: c3 ret 33: 48 83 ec 28 sub $0x28,%rsp 37: 48 89 54 24 18 mov %rdx,0x18(%rsp) 3c: 48 rex.W 3d: 89 .byte 0x89 3e: 74 24 je 0x64 Code starting with the faulting instruction =========================================== 0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax 6: 77 51 ja 0x59 8: c3 ret 9: 48 83 ec 28 sub $0x28,%rsp d: 48 89 54 24 18 mov %rdx,0x18(%rsp) 12: 48 rex.W 13: 89 .byte 0x89 14: 74 24 je 0x3a [ 1156.128328] RSP: 002b:00007ffd139758e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1156.128730] RAX: ffffffffffffffda RBX: 000055adf394ba20 RCX: 00007f5be8361957 [ 1156.129101] RDX: 0000000000002000 RSI: 00007ffd13975900 RDI: 0000000000000001 [ 1156.129473] RBP: 0000000000000008 R08: 0000000000000000 R09: 0000000000000000 [ 1156.129848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000002000 Finger prints: dump_stack_lvl:__lock_acquire:lock_acquire:_raw_spin_lock_nested