====================================== | [ 13.445000][ C2] #0: ffffffffa2d81e90 (remove_cache_srcu){.+.+}-{0:0}, at: kasan_quarantine_reduce (./include/linux/srcu.h:161 ./include/linux/srcu.h:253 mm/kasan/quarantine.c:259) | [ 13.445408][ C2] #1: ffffffffa2b793c0 (rcu_callback){....}-{0:0}, at: rcu_do_batch (./include/linux/rcupdate.h:331 kernel/rcu/tree.c:2570) | [ 13.445787][ C2] | [ 13.445787][ C2] stack backtrace: [ 13.446052][ C2] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 13.446057][ C2] Call Trace: [ 13.446062][ C2] [ 13.446064][ C2] dump_stack_lvl (lib/dump_stack.c:123) [ 13.446074][ C2] print_usage_bug.part.0 (kernel/locking/lockdep.c:4048) [ 13.446079][ C2] mark_lock_irq (kernel/locking/lockdep.c:4013 kernel/locking/lockdep.c:4059 kernel/locking/lockdep.c:4270) [ 13.446085][ C2] mark_lock (kernel/locking/lockdep.c:4756) [ 13.446088][ C2] mark_usage (kernel/locking/lockdep.c:4645) [ 13.446091][ C2] __lock_acquire (kernel/locking/lockdep.c:5194) [ 13.446094][ C2] ? unwind_next_frame (./include/linux/rcupdate.h:874 ./include/linux/rcupdate.h:1155 arch/x86/kernel/unwind_orc.c:479) [ 13.446105][ C2] ? do_sys_openat2 (./include/linux/fs.h:2903 fs/open.c:1431) [ 13.446113][ C2] lock_acquire.part.0 (kernel/locking/lockdep.c:473 kernel/locking/lockdep.c:5873) [ 13.446116][ C2] ? xa_set_mark (lib/xarray.c:2076 lib/xarray.c:2146) [ 13.446119][ C2] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) [ 13.446122][ C2] ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5834) [ 13.446125][ C2] ? xa_set_mark (lib/xarray.c:2076 lib/xarray.c:2146) [ 13.446128][ C2] _raw_spin_lock (./include/linux/spinlock_api_smp.h:134 kernel/locking/spinlock.c:154) [ 13.446131][ C2] ? xa_set_mark (lib/xarray.c:2076 lib/xarray.c:2146) [ 13.446138][ C2] xa_set_mark (lib/xarray.c:2076 lib/xarray.c:2146) [ 13.446141][ C2] ? __pfx_xa_set_mark (lib/xarray.c:2144) [ 13.446143][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5240) [ 13.446148][ C2] ? find_held_lock (kernel/locking/lockdep.c:5353) [ 13.446155][ C2] ref_tracker_dir_exit (lib/ref_tracker.c:54 lib/ref_tracker.c:223) [ 13.446160][ C2] ? mark_held_locks (kernel/locking/lockdep.c:4328) [ 13.446162][ C2] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194) [ 13.446166][ C2] ? __pfx_ref_tracker_dir_exit (lib/ref_tracker.c:213) [ 13.446170][ C2] ? ref_tracker_free (lib/ref_tracker.c:281) [ 13.446174][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5240) [ 13.446177][ C2] ? __pfx_ref_tracker_free (lib/ref_tracker.c:281) [ 13.446180][ C2] ? __sk_destruct (./include/linux/instrumented.h:96 ./include/linux/atomic/atomic-instrumented.h:400 ./include/linux/refcount.h:389 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/net_namespace.h:287 ./include/net/net_namespace.h:390 net/core/sock.c:2368) [ 13.446196][ C2] ? rcu_do_batch (./include/linux/rcupdate.h:341 kernel/rcu/tree.c:2578) [ 13.446199][ C2] ? rcu_core (kernel/rcu/tree.c:2834) [ 13.446203][ C2] ? handle_softirqs (kernel/softirq.c:580) [ 13.446207][ C2] __put_net (./include/linux/llist.h:238 ./include/linux/llist.h:265 net/core/net_namespace.c:732) [ 13.446214][ C2] ? kmem_cache_alloc_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4204) [ 13.446223][ C2] ? __pfx___put_net (net/core/net_namespace.c:729) [ 13.446227][ C2] ? bpf_sk_storage_free (./include/linux/rcupdate.h:341 ./include/linux/rcupdate.h:871 net/core/bpf_sk_storage.c:61) [ 13.446235][ C2] __sk_destruct (./include/net/net_namespace.h:288 ./include/net/net_namespace.h:390 net/core/sock.c:2368) [ 13.446238][ C2] ? rcu_do_batch (kernel/rcu/tree.c:2576) [ 13.446242][ C2] rcu_do_batch (./include/linux/rcupdate.h:341 kernel/rcu/tree.c:2578) [ 13.446246][ C2] ? find_held_lock (kernel/locking/lockdep.c:5353) [ 13.446250][ C2] ? __pfx_rcu_do_batch (kernel/rcu/tree.c:2500) [ 13.446254][ C2] ? mark_held_locks (kernel/locking/lockdep.c:4328) [ 13.446256][ C2] ? note_gp_changes (kernel/rcu/tree.c:1326 (discriminator 1)) [ 13.446260][ C2] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) [ 13.446267][ C2] rcu_core (kernel/rcu/tree.c:2834) [ 13.446271][ C2] handle_softirqs (kernel/softirq.c:580) [ 13.446275][ C2] __irq_exit_rcu (kernel/softirq.c:614 kernel/softirq.c:453 kernel/softirq.c:680) [ 13.446278][ C2] irq_exit_rcu (kernel/softirq.c:698) [ 13.446280][ C2] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1050 arch/x86/kernel/apic/apic.c:1050) [ 13.446284][ C2] [ 13.446285][ C2] [ 13.446286][ C2] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) [ 13.446293][ C2] RIP: 0010:_raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:152 kernel/locking/spinlock.c:194) [ 13.446297][ C2] Code: 74 24 10 e8 81 d8 7e fd 48 89 ef e8 39 2b 7f fd 81 e3 00 02 00 00 75 29 9c 58 f6 c4 02 75 35 48 85 db 74 01 fb bf 01 00 00 00 fa e8 72 fd 65 8b 05 53 fb b4 02 85 c0 74 0e 5b 5d c3 cc cc cc All code ======== 0: 74 24 je 0x26 2: 10 e8 adc %ch,%al 4: 81 d8 7e fd 48 89 sbb $0x8948fd7e,%eax a: ef out %eax,(%dx) b: e8 39 2b 7f fd call 0xfffffffffd7f2b49 10: 81 e3 00 02 00 00 and $0x200,%ebx 16: 75 29 jne 0x41 18: 9c pushf 19: 58 pop %rax 1a: f6 c4 02 test $0x2,%ah 1d: 75 35 jne 0x54 1f: 48 85 db test %rbx,%rbx 22: 74 01 je 0x25 24: fb sti 25: bf 01 00 00 00 mov $0x1,%edi 2a:* e8 fa e8 72 fd call 0xfffffffffd72e929 <-- trapping instruction 2f: 65 8b 05 53 fb b4 02 mov %gs:0x2b4fb53(%rip),%eax # 0x2b4fb89 36: 85 c0 test %eax,%eax 38: 74 0e je 0x48 3a: 5b pop %rbx 3b: 5d pop %rbp 3c: c3 ret 3d: cc int3 3e: cc int3 3f: cc int3 Code starting with the faulting instruction =========================================== 0: e8 fa e8 72 fd call 0xfffffffffd72e8ff 5: 65 8b 05 53 fb b4 02 mov %gs:0x2b4fb53(%rip),%eax # 0x2b4fb5f c: 85 c0 test %eax,%eax e: 74 0e je 0x1e 10: 5b pop %rbx 11: 5d pop %rbp 12: c3 ret 13: cc int3 14: cc int3 15: cc int3 [ 13.446300][ C2] RSP: 0018:ffffc90000727c78 EFLAGS: 00000206 [ 13.446307][ C2] RAX: 0000000000000006 RBX: 0000000000000200 RCX: 0000000000000080 [ 13.446310][ C2] RDX: 0000000000000000 RSI: ffffffffa26a76e1 RDI: 0000000000000001 [ 13.446311][ C2] RBP: ffff888001040f40 R08: 0000000000000001 R09: 0000000000000001 [ 13.446313][ C2] R10: ffffffffa35f75d7 R11: 00000000000003a0 R12: ffff888004bc21e4 [ 13.446315][ C2] R13: 0000000000000000 R14: ffffc90000727cc8 R15: ffff888007267064 [ 13.446321][ C2] qlist_free_all (mm/kasan/quarantine.c:174) [ 13.446325][ C2] kasan_quarantine_reduce (./include/linux/srcu.h:400 mm/kasan/quarantine.c:287) [ 13.446329][ C2] __kasan_slab_alloc (mm/kasan/common.c:329) [ 13.446336][ C2] kmem_cache_alloc_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4204) [ 13.446341][ C2] getname_flags (fs/namei.c:146) [ 13.446352][ C2] do_sys_openat2 (./include/linux/fs.h:2903 fs/open.c:1431) [ 13.446355][ C2] ? __pfx_do_sys_openat2 (fs/open.c:1422) [ 13.446360][ C2] ? trace_rcu_segcb_stats (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745 ./include/trace/events/rcu.h:537) [ 13.446364][ C2] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) [ 13.446366][ C2] ? __call_rcu_common.constprop.0 (kernel/rcu/tree.c:3115) [ 13.446369][ C2] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) [ 13.446374][ C2] __x64_sys_openat (fs/open.c:1463) [ 13.446377][ C2] ? fput_close_sync (fs/file_table.c:568) [ 13.446384][ C2] ? __pfx___x64_sys_openat (fs/open.c:1463) [ 13.446389][ C2] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) [ 13.446391][ C2] ? do_syscall_64 (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:119 ./include/linux/entry-common.h:199 arch/x86/entry/syscall_64.c:90) [ 13.446396][ C2] do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) [ 13.446400][ C2] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) [ 13.446403][ C2] RIP: 0033:0x7fad8b8e29a6 [ 13.446409][ C2] Code: c0 f6 c2 40 75 4e 89 d0 45 31 d2 25 00 00 41 00 3d 00 00 41 00 74 3d 64 8b 04 25 18 00 00 00 85 c0 75 61 b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 9e 00 00 00 48 8b 54 24 38 64 48 2b 14 25 All code ======== 0: c0 f6 c2 shl $0xc2,%dh 3: 40 75 4e rex jne 0x54 6: 89 d0 mov %edx,%eax 8: 45 31 d2 xor %r10d,%r10d b: 25 00 00 41 00 and $0x410000,%eax 10: 3d 00 00 41 00 cmp $0x410000,%eax 15: 74 3d je 0x54 17: 64 8b 04 25 18 00 00 mov %fs:0x18,%eax 1e: 00 1f: 85 c0 test %eax,%eax 21: 75 61 jne 0x84 23: b8 01 01 00 00 mov $0x101,%eax 28: 0f 05 syscall 2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction 30: 0f 87 9e 00 00 00 ja 0xd4 36: 48 8b 54 24 38 mov 0x38(%rsp),%rdx 3b: 64 fs 3c: 48 rex.W 3d: 2b .byte 0x2b 3e: 14 25 adc $0x25,%al Code starting with the faulting instruction =========================================== 0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax 6: 0f 87 9e 00 00 00 ja 0xaa c: 48 8b 54 24 38 mov 0x38(%rsp),%rdx 11: 64 fs 12: 48 rex.W 13: 2b .byte 0x2b 14: 14 25 adc $0x25,%al [ 13.446412][ C2] RSP: 002b:00007fff657402e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 13.446415][ C2] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fad8b8e29a6 [ 13.446416][ C2] RDX: 00000000002a0000 RSI: 0000563e02db94b0 RDI: 000000000000000b [ 13.446418][ C2] RBP: 00007fff65740540 R08: 0000000000000003 R09: 0000000000000020 [ 13.446420][ C2] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 Finger prints: mark_lock_irq:mark_lock:mark_usage:__lock_acquire:_raw_spin_lock