====================================== | [ 89.798645][ C2] #1: ffffffffb4377d20 (rcu_read_lock){....}-{1:3}, at: unwind_next_frame (./include/linux/rcupdate.h:300 (discriminator 2) ./include/linux/rcupdate.h:838 (discriminator 2) ./include/linux/rcupdate.h:1181 (discriminator 2) arch/x86/kernel/unwind_orc.c:495 (discriminator 2)) | [ 89.798941][ C2] #2: ffffffffb4377c00 (rcu_callback){....}-{0:0}, at: rcu_do_batch (./include/linux/rcupdate.h:300 (discriminator 2) kernel/rcu/tree.c:2611 (discriminator 2)) | [ 89.799225][ C2] Preemption disabled at: | [ 89.799228][ C2] handle_softirqs (kernel/softirq.c:463 (discriminator 1) kernel/softirq.c:598 (discriminator 1)) [ 89.799584][ C2] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 89.799586][ C2] Call Trace: [ 89.799588][ C2] [ 89.799590][ C2] dump_stack_lvl (lib/dump_stack.c:94 lib/dump_stack.c:120) [ 89.799596][ C2] ? handle_softirqs (kernel/softirq.c:463 (discriminator 1) kernel/softirq.c:598 (discriminator 1)) [ 89.799598][ C2] __might_resched.cold (kernel/sched/core.c:9163) [ 89.799602][ C2] ? arch_stack_walk (arch/x86/kernel/stacktrace.c:25) [ 89.799606][ C2] ? perf_trace_sched_switch (./include/linux/list.h:1021 (discriminator 3)) [ 89.799609][ C2] ? __kasan_slab_alloc (mm/kasan/common.c:340 mm/kasan/common.c:366) [ 89.799612][ C2] ? __alloc_object (mm/kmemleak.c:483 (discriminator 1) mm/kmemleak.c:665 (discriminator 1)) [ 89.799614][ C2] ? __create_object (mm/kmemleak.c:779) [ 89.799615][ C2] ? __kmalloc_cache_noprof (./include/linux/kmemleak.h:44 mm/slub.c:4575 mm/slub.c:4899 mm/slub.c:5415) [ 89.799620][ C2] __mutex_lock (kernel/locking/mutex.c:623 kernel/locking/mutex.c:820) [ 89.799624][ C2] ? validate_chain (kernel/locking/lockdep.c:3801 (discriminator 2) kernel/locking/lockdep.c:3821 (discriminator 2) kernel/locking/lockdep.c:3876 (discriminator 2)) [ 89.799627][ C2] ? __tcf_chain_put (net/sched/cls_api.c:694) [ 89.799632][ C2] ? ww_mutex_lock (kernel/locking/mutex.c:933) [ 89.799633][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5237) [ 89.799638][ C2] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5535) [ 89.799642][ C2] ? __tcf_chain_put (net/sched/cls_api.c:694) [ 89.799644][ C2] __tcf_chain_put (net/sched/cls_api.c:694) [ 89.799646][ C2] ? free_percpu.part.0 (./include/linux/spinlock.h:408 (discriminator 3) mm/percpu.c:2283 (discriminator 3)) [ 89.799650][ C2] tcf_action_rcu_free (net/sched/act_api.c:130 net/sched/act_api.c:370 net/sched/act_api.c:378) [ 89.799653][ C2] ? rcu_do_batch (./include/linux/rcupdate.h:310 (discriminator 2) kernel/rcu/tree.c:2619 (discriminator 2)) [ 89.799654][ C2] rcu_do_batch (kernel/rcu/tree.c:2617) [ 89.799659][ C2] ? trace_rcu_batch_end (./include/trace/events/rcu.h:714 (discriminator 19)) [ 89.799663][ C2] ? lockdep_hardirqs_on_prepare.part.0 (kernel/locking/lockdep.c:470 (discriminator 2) kernel/locking/lockdep.c:4411 (discriminator 2)) [ 89.799664][ C2] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472) [ 89.799667][ C2] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:178 (discriminator 6) kernel/locking/spinlock.c:198 (discriminator 6)) [ 89.799669][ C2] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:179 (discriminator 1) kernel/locking/spinlock.c:198 (discriminator 1)) [ 89.799672][ C2] rcu_core (kernel/rcu/tree.c:2869) [ 89.799675][ C2] handle_softirqs (kernel/softirq.c:622) [ 89.799676][ C2] ? find_held_lock (kernel/locking/lockdep.c:5350) [ 89.799684][ C2] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5535) [ 89.799686][ C2] ? _local_bh_enable (kernel/softirq.c:405 (discriminator 1)) [ 89.799689][ C2] __irq_exit_rcu (kernel/softirq.c:656 kernel/softirq.c:496 kernel/softirq.c:735) [ 89.799691][ C2] irq_exit_rcu (kernel/softirq.c:752) [ 89.799693][ C2] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1061 (discriminator 37) arch/x86/kernel/apic/apic.c:1061 (discriminator 37)) [ 89.799695][ C2] [ 89.799696][ C2] [ 89.799696][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5237) [ 89.799698][ C2] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697) [ 89.799701][ C2] RIP: 0010:orc_find.part.0 (arch/x86/kernel/unwind_orc.c:231 (discriminator 2)) [ 89.799703][ C2] Code: 01 00 00 89 c8 8b 14 95 0c 61 16 b5 48 8d 34 40 48 8d b4 36 74 42 e8 b4 83 c2 01 48 81 fe 0c 61 16 b5 0f 83 04 01 00 00 89 d7 <48> 8d 3c 7f 48 8d bc 3f 74 42 e8 b4 48 81 ff 0c 61 16 b5 0f 87 e9 All code ======== 0: 01 00 add %eax,(%rax) 2: 00 89 c8 8b 14 95 add %cl,-0x6aeb7438(%rcx) 8: 0c 61 or $0x61,%al a: 16 (bad) b: b5 48 mov $0x48,%ch d: 8d 34 40 lea (%rax,%rax,2),%esi 10: 48 8d b4 36 74 42 e8 lea -0x4b17bd8c(%rsi,%rsi,1),%rsi 17: b4 18: 83 c2 01 add $0x1,%edx 1b: 48 81 fe 0c 61 16 b5 cmp $0xffffffffb516610c,%rsi 22: 0f 83 04 01 00 00 jae 0x12c 28: 89 d7 mov %edx,%edi 2a:* 48 8d 3c 7f lea (%rdi,%rdi,2),%rdi <-- trapping instruction 2e: 48 8d bc 3f 74 42 e8 lea -0x4b17bd8c(%rdi,%rdi,1),%rdi 35: b4 36: 48 81 ff 0c 61 16 b5 cmp $0xffffffffb516610c,%rdi 3d: 0f .byte 0xf 3e: 87 e9 xchg %ebp,%ecx Code starting with the faulting instruction =========================================== 0: 48 8d 3c 7f lea (%rdi,%rdi,2),%rdi 4: 48 8d bc 3f 74 42 e8 lea -0x4b17bd8c(%rdi,%rdi,1),%rdi b: b4 c: 48 81 ff 0c 61 16 b5 cmp $0xffffffffb516610c,%rdi 13: 0f .byte 0xf 14: 87 e9 xchg %ebp,%ecx [ 89.799705][ C2] RSP: 0018:ffa0000001d76f68 EFLAGS: 00000293 [ 89.799708][ C2] RAX: 000000000002a9ad RBX: ffffffffb18ced87 RCX: 000000000002a9ad [ 89.799709][ C2] RDX: 000000000002a9b4 RSI: ffffffffb4f83c82 RDI: 000000000002a9b4 [ 89.799710][ C2] RBP: 0000000000000001 R08: 0000000000000001 R09: ff11000010342e58 [ 89.799711][ C2] R10: 0000000000010ced R11: 000000000002c952 R12: ffa0000001d770f8 [ 89.799711][ C2] R13: ffa0000001d770a0 R14: ff11000010342340 R15: 0000000000000000 [ 89.799714][ C2] ? kmem_cache_free (./include/linux/slab.h:950 (discriminator 1) mm/slub.c:2641 (discriminator 1) mm/slub.c:6251 (discriminator 1) mm/slub.c:6378 (discriminator 1)) [ 89.799720][ C2] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3)) [ 89.799722][ C2] unwind_next_frame (arch/x86/kernel/unwind_orc.c:217 arch/x86/kernel/unwind_orc.c:510) [ 89.799724][ C2] ? kmem_cache_free (./include/linux/slab.h:950 (discriminator 1) mm/slub.c:2641 (discriminator 1) mm/slub.c:6251 (discriminator 1) mm/slub.c:6378 (discriminator 1)) [ 89.799727][ C2] ? find_held_lock (kernel/locking/lockdep.c:5350) [ 89.799730][ C2] ? stack_access_ok (./arch/x86/include/asm/stacktrace.h:55) [ 89.799733][ C2] ? __unwind_start (arch/x86/kernel/unwind_orc.c:787) [ 89.799735][ C2] ? write_profile (profile.c:?) [ 89.799739][ C2] arch_stack_walk (arch/x86/kernel/stacktrace.c:25) [ 89.799743][ C2] ? kmem_cache_free (./include/linux/slab.h:950 (discriminator 1) mm/slub.c:2641 (discriminator 1) mm/slub.c:6251 (discriminator 1) mm/slub.c:6378 (discriminator 1)) [ 89.799747][ C2] stack_trace_save (kernel/stacktrace.c:122 (discriminator 1)) [ 89.799750][ C2] ? filter_irq_stacks (kernel/stacktrace.c:402) [ 89.799755][ C2] kasan_save_stack (mm/kasan/common.c:57) [ 89.799757][ C2] ? kasan_save_stack (mm/kasan/common.c:57) [ 89.799759][ C2] ? kasan_save_track (mm/kasan/common.c:78) [ 89.799761][ C2] ? __kasan_slab_alloc (mm/kasan/common.c:340 mm/kasan/common.c:366) [ 89.799762][ C2] ? kmem_cache_alloc_noprof (./include/linux/kasan.h:253 mm/slub.c:4570 mm/slub.c:4899 mm/slub.c:4906) [ 89.799764][ C2] ? __alloc_object (mm/kmemleak.c:483 (discriminator 1) mm/kmemleak.c:665 (discriminator 1)) [ 89.799765][ C2] ? __create_object (mm/kmemleak.c:779) [ 89.799766][ C2] ? __kmalloc_cache_noprof (./include/linux/kmemleak.h:44 mm/slub.c:4575 mm/slub.c:4899 mm/slub.c:5415) [ 89.799768][ C2] ? kmem_cache_free (./include/linux/slab.h:950 (discriminator 1) mm/slub.c:2641 (discriminator 1) mm/slub.c:6251 (discriminator 1) mm/slub.c:6378 (discriminator 1)) [ 89.799782][ C2] kasan_save_track (mm/kasan/common.c:78) [ 89.799784][ C2] __kasan_slab_alloc (mm/kasan/common.c:340 mm/kasan/common.c:366) [ 89.799787][ C2] kmem_cache_alloc_noprof (./include/linux/kasan.h:253 mm/slub.c:4570 mm/slub.c:4899 mm/slub.c:4906) [ 89.799791][ C2] __alloc_object (mm/kmemleak.c:483 (discriminator 1) mm/kmemleak.c:665 (discriminator 1)) [ 89.799793][ C2] __create_object (mm/kmemleak.c:779) [ 89.799795][ C2] __kmalloc_cache_noprof (./include/linux/kmemleak.h:44 mm/slub.c:4575 mm/slub.c:4899 mm/slub.c:5415) [ 89.799799][ C2] ? vms_complete_munmap_vmas (mm/vma.c:1361) [ 89.799802][ C2] kmem_cache_free (./include/linux/slab.h:950 (discriminator 1) mm/slub.c:2641 (discriminator 1) mm/slub.c:6251 (discriminator 1) mm/slub.c:6378 (discriminator 1)) [ 89.799804][ C2] ? fput (./include/linux/preempt.h:468 ./include/linux/file_ref.h:150 fs/file_table.c:586) [ 89.799807][ C2] vms_complete_munmap_vmas (mm/vma.c:1361) [ 89.799811][ C2] ? __mmap_new_vma (./include/linux/fs.h:523 mm/vma.c:1840 mm/vma.c:2585) [ 89.799812][ C2] ? perf_event_mmap (./include/linux/instrumented.h:82 ./include/linux/atomic/atomic-instrumented.h:32 kernel/events/core.c:9932) [ 89.799816][ C2] ? __mmap_new_vma (mm/vma.h:615 mm/vma.h:623 mm/vma.c:2583) [ 89.799821][ C2] ? vma_set_page_prot (mm/mmap.c:87) [ 89.799826][ C2] __mmap_region (mm/vma.c:2617 mm/vma.c:2780) [ 89.799828][ C2] ? vma_merge_new_range (mm/vma.c:1083) [ 89.799830][ C2] ? filemap_get_pages (mm/filemap.c:2725) [ 89.799836][ C2] ? mark_usage (kernel/locking/lockdep.c:4674) [ 89.799839][ C2] ? copy_page_to_iter (lib/iov_iter.c:374 lib/iov_iter.c:361) [ 89.799843][ C2] ? folio_mark_accessed (./include/linux/instrumented.h:82 ./include/asm-generic/bitops/instrumented-non-atomic.h:141 ./include/linux/page-flags.h:554 mm/swap.c:478 mm/swap.c:461) [ 89.799857][ C2] ? mas_prev (lib/maple_tree.c:5211 lib/maple_tree.c:5204) [ 89.799871][ C2] ? vm_unmapped_area (./include/trace/events/mmap.h:10 (discriminator 22) mm/mmap.c:674 (discriminator 22)) [ 89.799874][ C2] ? arch_get_unmapped_area_topdown (./include/linux/instrumented.h:82 ./include/asm-generic/bitops/instrumented-non-atomic.h:141 ./include/linux/thread_info.h:133 arch/x86/kernel/sys_x86_64.c:177) [ 89.799879][ C2] mmap_region (mm/vma.c:2857) [ 89.799882][ C2] ? mm_take_all_locks (mm/vma.c:2266 (discriminator 1)) [ 89.799883][ C2] ? __might_fault (mm/memory.c:7340 (discriminator 5)) [ 89.799888][ C2] ? __get_unmapped_area (./include/linux/security.h:1187 mm/mmap.c:863) [ 89.799891][ C2] ? ovl_file_end_write (./include/linux/fs.h:1353) [ 89.799894][ C2] do_mmap (mm/mmap.c:560) [ 89.799898][ C2] ? __ia32_sys_brk (mm/mmap.c:116) [ 89.799900][ C2] ? down_write_killable (./include/linux/instrumented.h:55 ./include/linux/atomic/atomic-instrumented.h:4457 kernel/locking/rwsem.c:268 kernel/locking/rwsem.c:1346 kernel/locking/rwsem.c:1361 kernel/locking/rwsem.c:1639) [ 89.799902][ C2] ? down_write (kernel/locking/rwsem.c:1627) [ 89.799906][ C2] vm_mmap_pgoff (mm/util.c:581) [ 89.799910][ C2] ? randomize_page (mm/util.c:387) [ 89.799914][ C2] ? __fget_files (./include/linux/rcupdate.h:871 fs/file.c:1101) [ 89.799919][ C2] ksys_mmap_pgoff (mm/mmap.c:606) [ 89.799921][ C2] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3)) [ 89.799924][ C2] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472) [ 89.799926][ C2] ? do_syscall_64 (./include/linux/entry-common.h:177 arch/x86/entry/syscall_64.c:89) [ 89.799927][ C2] do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) [ 89.799928][ C2] ? trace_hardirqs_off (kernel/trace/trace_preemptirq.c:104 (discriminator 1)) [ 89.799932][ C2] ? exc_page_fault (arch/x86/mm/fault.c:1480 (discriminator 3) arch/x86/mm/fault.c:1527 (discriminator 3)) [ 89.799934][ C2] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:121) [ 89.799936][ C2] RIP: 0033:0x7fdcb86ef85c [ 89.799939][ C2] Code: 1e fa 41 f7 c1 ff 0f 00 00 75 33 55 48 89 e5 41 54 41 89 cc 53 48 89 fb 48 85 ff 74 51 45 89 e2 48 89 df b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 24 5b 41 5c 5d c3 0f 1f 80 00 00 00 00 c7 05 All code ======== 0: 1e (bad) 1: fa cli 2: 41 f7 c1 ff 0f 00 00 test $0xfff,%r9d 9: 75 33 jne 0x3e b: 55 push %rbp c: 48 89 e5 mov %rsp,%rbp f: 41 54 push %r12 11: 41 89 cc mov %ecx,%r12d 14: 53 push %rbx 15: 48 89 fb mov %rdi,%rbx 18: 48 85 ff test %rdi,%rdi 1b: 74 51 je 0x6e 1d: 45 89 e2 mov %r12d,%r10d 20: 48 89 df mov %rbx,%rdi 23: b8 09 00 00 00 mov $0x9,%eax 28: 0f 05 syscall 2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction 30: 77 24 ja 0x56 32: 5b pop %rbx 33: 41 5c pop %r12 35: 5d pop %rbp 36: c3 ret 37: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 3e: c7 .byte 0xc7 3f: 05 .byte 0x5 Code starting with the faulting instruction =========================================== 0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax 6: 77 24 ja 0x2c 8: 5b pop %rbx 9: 41 5c pop %r12 b: 5d pop %rbp c: c3 ret d: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 14: c7 .byte 0xc7 15: 05 .byte 0x5 [ 89.799940][ C2] RSP: 002b:00007ffe2f282900 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 89.799942][ C2] RAX: ffffffffffffffda RBX: 00007fdcb86b9000 RCX: 00007fdcb86ef85c [ 89.799943][ C2] RDX: 0000000000000003 RSI: 0000000000002000 RDI: 00007fdcb86b9000 [ 89.799944][ C2] RBP: 00007ffe2f282910 R08: 0000000000000005 R09: 000000000002f000 [ 89.799944][ C2] R10: 0000000000000812 R11: 0000000000000206 R12: 0000000000000812 [ 89.799945][ C2] R13: 00007ffe2f282990 R14: 00007ffe2f282dc0 R15: 000000000002e954 | [ 89.819420][ C2] #1: ffffffffb4377d20 (rcu_read_lock){....}-{1:3}, at: unwind_next_frame (./include/linux/rcupdate.h:300 (discriminator 2) ./include/linux/rcupdate.h:838 (discriminator 2) ./include/linux/rcupdate.h:1181 (discriminator 2) arch/x86/kernel/unwind_orc.c:495 (discriminator 2)) | [ 89.819559][ C2] #2: ffffffffb4377c00 (rcu_callback){....}-{0:0}, at: rcu_do_batch (./include/linux/rcupdate.h:300 (discriminator 2) kernel/rcu/tree.c:2611 (discriminator 2)) | [ 89.819694][ C2] stack backtrace: | [ 89.819757][ C2] Tainted: [W]=WARN [ 89.819758][ C2] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 89.819759][ C2] Call Trace: [ 89.819760][ C2] [ 89.819761][ C2] dump_stack_lvl (lib/dump_stack.c:94 lib/dump_stack.c:120) [ 89.819764][ C2] __lock_acquire.cold (kernel/locking/lockdep.c:4830 kernel/locking/lockdep.c:4902 kernel/locking/lockdep.c:5187) [ 89.819767][ C2] ? dump_stack_lvl (lib/dump_stack.c:123 (discriminator 7)) [ 89.819769][ C2] lock_acquire.part.0 (kernel/locking/lockdep.c:5868 (discriminator 1)) [ 89.819771][ C2] ? __tcf_chain_put (net/sched/cls_api.c:694) [ 89.819773][ C2] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3)) [ 89.819775][ C2] ? lock_acquire (./include/trace/events/lock.h:24 (discriminator 22) kernel/locking/lockdep.c:5831 (discriminator 22)) [ 89.819777][ C2] __mutex_lock (kernel/locking/mutex.c:646 kernel/locking/mutex.c:820) [ 89.819779][ C2] ? __tcf_chain_put (net/sched/cls_api.c:694) [ 89.819781][ C2] ? __tcf_chain_put (net/sched/cls_api.c:694) [ 89.819783][ C2] ? ww_mutex_lock (kernel/locking/mutex.c:933) [ 89.819784][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5237) [ 89.819786][ C2] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5535) [ 89.819788][ C2] ? __tcf_chain_put (net/sched/cls_api.c:694) [ 89.819790][ C2] __tcf_chain_put (net/sched/cls_api.c:694) [ 89.819791][ C2] ? free_percpu.part.0 (./include/linux/spinlock.h:408 (discriminator 3) mm/percpu.c:2283 (discriminator 3)) [ 89.819794][ C2] tcf_action_rcu_free (net/sched/act_api.c:130 net/sched/act_api.c:370 net/sched/act_api.c:378) [ 89.819795][ C2] ? rcu_do_batch (./include/linux/rcupdate.h:310 (discriminator 2) kernel/rcu/tree.c:2619 (discriminator 2)) [ 89.819797][ C2] rcu_do_batch (kernel/rcu/tree.c:2617) [ 89.819799][ C2] ? trace_rcu_batch_end (./include/trace/events/rcu.h:714 (discriminator 19)) [ 89.819801][ C2] ? lockdep_hardirqs_on_prepare.part.0 (kernel/locking/lockdep.c:470 (discriminator 2) kernel/locking/lockdep.c:4411 (discriminator 2)) [ 89.819803][ C2] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472) [ 89.819805][ C2] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:178 (discriminator 6) kernel/locking/spinlock.c:198 (discriminator 6)) [ 89.819806][ C2] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:179 (discriminator 1) kernel/locking/spinlock.c:198 (discriminator 1)) [ 89.819808][ C2] rcu_core (kernel/rcu/tree.c:2869) [ 89.819810][ C2] handle_softirqs (kernel/softirq.c:622) [ 89.819812][ C2] ? find_held_lock (kernel/locking/lockdep.c:5350) [ 89.819814][ C2] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5535) [ 89.819816][ C2] ? _local_bh_enable (kernel/softirq.c:405 (discriminator 1)) [ 89.819818][ C2] __irq_exit_rcu (kernel/softirq.c:656 kernel/softirq.c:496 kernel/softirq.c:735) [ 89.819819][ C2] irq_exit_rcu (kernel/softirq.c:752) [ 89.819820][ C2] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1061 (discriminator 37) arch/x86/kernel/apic/apic.c:1061 (discriminator 37)) [ 89.819822][ C2] [ 89.819823][ C2] [ 89.819823][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5237) [ 89.819825][ C2] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697) [ 89.819826][ C2] RIP: 0010:orc_find.part.0 (arch/x86/kernel/unwind_orc.c:231 (discriminator 2)) [ 89.819828][ C2] Code: 01 00 00 89 c8 8b 14 95 0c 61 16 b5 48 8d 34 40 48 8d b4 36 74 42 e8 b4 83 c2 01 48 81 fe 0c 61 16 b5 0f 83 04 01 00 00 89 d7 <48> 8d 3c 7f 48 8d bc 3f 74 42 e8 b4 48 81 ff 0c 61 16 b5 0f 87 e9 All code ======== 0: 01 00 add %eax,(%rax) 2: 00 89 c8 8b 14 95 add %cl,-0x6aeb7438(%rcx) 8: 0c 61 or $0x61,%al a: 16 (bad) b: b5 48 mov $0x48,%ch d: 8d 34 40 lea (%rax,%rax,2),%esi 10: 48 8d b4 36 74 42 e8 lea -0x4b17bd8c(%rsi,%rsi,1),%rsi 17: b4 18: 83 c2 01 add $0x1,%edx 1b: 48 81 fe 0c 61 16 b5 cmp $0xffffffffb516610c,%rsi 22: 0f 83 04 01 00 00 jae 0x12c 28: 89 d7 mov %edx,%edi 2a:* 48 8d 3c 7f lea (%rdi,%rdi,2),%rdi <-- trapping instruction 2e: 48 8d bc 3f 74 42 e8 lea -0x4b17bd8c(%rdi,%rdi,1),%rdi 35: b4 36: 48 81 ff 0c 61 16 b5 cmp $0xffffffffb516610c,%rdi 3d: 0f .byte 0xf 3e: 87 e9 xchg %ebp,%ecx Code starting with the faulting instruction =========================================== 0: 48 8d 3c 7f lea (%rdi,%rdi,2),%rdi 4: 48 8d bc 3f 74 42 e8 lea -0x4b17bd8c(%rdi,%rdi,1),%rdi b: b4 c: 48 81 ff 0c 61 16 b5 cmp $0xffffffffb516610c,%rdi 13: 0f .byte 0xf 14: 87 e9 xchg %ebp,%ecx [ 89.819829][ C2] RSP: 0018:ffa0000001d76f68 EFLAGS: 00000293 [ 89.819831][ C2] RAX: 000000000002a9ad RBX: ffffffffb18ced87 RCX: 000000000002a9ad [ 89.819832][ C2] RDX: 000000000002a9b4 RSI: ffffffffb4f83c82 RDI: 000000000002a9b4 [ 89.819833][ C2] RBP: 0000000000000001 R08: 0000000000000001 R09: ff11000010342e58 [ 89.819834][ C2] R10: 0000000000010ced R11: 000000000002c952 R12: ffa0000001d770f8 [ 89.819834][ C2] R13: ffa0000001d770a0 R14: ff11000010342340 R15: 0000000000000000 [ 89.819836][ C2] ? kmem_cache_free (./include/linux/slab.h:950 (discriminator 1) mm/slub.c:2641 (discriminator 1) mm/slub.c:6251 (discriminator 1) mm/slub.c:6378 (discriminator 1)) [ 89.819839][ C2] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3)) [ 89.819841][ C2] unwind_next_frame (arch/x86/kernel/unwind_orc.c:217 arch/x86/kernel/unwind_orc.c:510) [ 89.819842][ C2] ? kmem_cache_free (./include/linux/slab.h:950 (discriminator 1) mm/slub.c:2641 (discriminator 1) mm/slub.c:6251 (discriminator 1) mm/slub.c:6378 (discriminator 1)) [ 89.819844][ C2] ? find_held_lock (kernel/locking/lockdep.c:5350) [ 89.819846][ C2] ? stack_access_ok (./arch/x86/include/asm/stacktrace.h:55) [ 89.819848][ C2] ? __unwind_start (arch/x86/kernel/unwind_orc.c:787) [ 89.819849][ C2] ? write_profile (profile.c:?) [ 89.819851][ C2] arch_stack_walk (arch/x86/kernel/stacktrace.c:25) [ 89.819854][ C2] ? kmem_cache_free (./include/linux/slab.h:950 (discriminator 1) mm/slub.c:2641 (discriminator 1) mm/slub.c:6251 (discriminator 1) mm/slub.c:6378 (discriminator 1)) [ 89.819856][ C2] stack_trace_save (kernel/stacktrace.c:122 (discriminator 1)) [ 89.819858][ C2] ? filter_irq_stacks (kernel/stacktrace.c:402) [ 89.819861][ C2] kasan_save_stack (mm/kasan/common.c:57) [ 89.819863][ C2] ? kasan_save_stack (mm/kasan/common.c:57) [ 89.819865][ C2] ? kasan_save_track (mm/kasan/common.c:78) [ 89.819866][ C2] ? __kasan_slab_alloc (mm/kasan/common.c:340 mm/kasan/common.c:366) [ 89.819868][ C2] ? kmem_cache_alloc_noprof (./include/linux/kasan.h:253 mm/slub.c:4570 mm/slub.c:4899 mm/slub.c:4906) [ 89.819869][ C2] ? __alloc_object (mm/kmemleak.c:483 (discriminator 1) mm/kmemleak.c:665 (discriminator 1)) [ 89.819870][ C2] ? __create_object (mm/kmemleak.c:779) [ 89.819871][ C2] ? __kmalloc_cache_noprof (./include/linux/kmemleak.h:44 mm/slub.c:4575 mm/slub.c:4899 mm/slub.c:5415) [ 89.819873][ C2] ? kmem_cache_free (./include/linux/slab.h:950 (discriminator 1) mm/slub.c:2641 (discriminator 1) mm/slub.c:6251 (discriminator 1) mm/slub.c:6378 (discriminator 1)) [ 89.819878][ C2] kasan_save_track (mm/kasan/common.c:78) [ 89.819880][ C2] __kasan_slab_alloc (mm/kasan/common.c:340 mm/kasan/common.c:366) [ 89.819881][ C2] kmem_cache_alloc_noprof (./include/linux/kasan.h:253 mm/slub.c:4570 mm/slub.c:4899 mm/slub.c:4906) [ 89.819884][ C2] __alloc_object (mm/kmemleak.c:483 (discriminator 1) mm/kmemleak.c:665 (discriminator 1)) [ 89.819885][ C2] __create_object (mm/kmemleak.c:779) [ 89.819887][ C2] __kmalloc_cache_noprof (./include/linux/kmemleak.h:44 mm/slub.c:4575 mm/slub.c:4899 mm/slub.c:5415) [ 89.819889][ C2] ? vms_complete_munmap_vmas (mm/vma.c:1361) [ 89.819891][ C2] kmem_cache_free (./include/linux/slab.h:950 (discriminator 1) mm/slub.c:2641 (discriminator 1) mm/slub.c:6251 (discriminator 1) mm/slub.c:6378 (discriminator 1)) [ 89.819892][ C2] ? fput (./include/linux/preempt.h:468 ./include/linux/file_ref.h:150 fs/file_table.c:586) [ 89.819894][ C2] vms_complete_munmap_vmas (mm/vma.c:1361) [ 89.819896][ C2] ? __mmap_new_vma (./include/linux/fs.h:523 mm/vma.c:1840 mm/vma.c:2585) [ 89.819897][ C2] ? perf_event_mmap (./include/linux/instrumented.h:82 ./include/linux/atomic/atomic-instrumented.h:32 kernel/events/core.c:9932) [ 89.819900][ C2] ? __mmap_new_vma (mm/vma.h:615 mm/vma.h:623 mm/vma.c:2583) [ 89.819902][ C2] ? vma_set_page_prot (mm/mmap.c:87) [ 89.819905][ C2] __mmap_region (mm/vma.c:2617 mm/vma.c:2780) [ 89.819906][ C2] ? vma_merge_new_range (mm/vma.c:1083) [ 89.819907][ C2] ? filemap_get_pages (mm/filemap.c:2725) [ 89.819910][ C2] ? mark_usage (kernel/locking/lockdep.c:4674) [ 89.819912][ C2] ? copy_page_to_iter (lib/iov_iter.c:374 lib/iov_iter.c:361) [ 89.819914][ C2] ? folio_mark_accessed (./include/linux/instrumented.h:82 ./include/asm-generic/bitops/instrumented-non-atomic.h:141 ./include/linux/page-flags.h:554 mm/swap.c:478 mm/swap.c:461) [ 89.819919][ C2] ? mas_prev (lib/maple_tree.c:5211 lib/maple_tree.c:5204) [ 89.819924][ C2] ? vm_unmapped_area (./include/trace/events/mmap.h:10 (discriminator 22) mm/mmap.c:674 (discriminator 22)) [ 89.819926][ C2] ? arch_get_unmapped_area_topdown (./include/linux/instrumented.h:82 ./include/asm-generic/bitops/instrumented-non-atomic.h:141 ./include/linux/thread_info.h:133 arch/x86/kernel/sys_x86_64.c:177) [ 89.819929][ C2] mmap_region (mm/vma.c:2857) [ 89.819930][ C2] ? mm_take_all_locks (mm/vma.c:2266 (discriminator 1)) [ 89.819932][ C2] ? __might_fault (mm/memory.c:7340 (discriminator 5)) [ 89.819934][ C2] ? __get_unmapped_area (./include/linux/security.h:1187 mm/mmap.c:863) [ 89.819936][ C2] ? ovl_file_end_write (./include/linux/fs.h:1353) [ 89.819938][ C2] do_mmap (mm/mmap.c:560) [ 89.819940][ C2] ? __ia32_sys_brk (mm/mmap.c:116) [ 89.819942][ C2] ? down_write_killable (./include/linux/instrumented.h:55 ./include/linux/atomic/atomic-instrumented.h:4457 kernel/locking/rwsem.c:268 kernel/locking/rwsem.c:1346 kernel/locking/rwsem.c:1361 kernel/locking/rwsem.c:1639) [ 89.819943][ C2] ? down_write (kernel/locking/rwsem.c:1627) [ 89.819945][ C2] vm_mmap_pgoff (mm/util.c:581) [ 89.819947][ C2] ? randomize_page (mm/util.c:387) [ 89.819949][ C2] ? __fget_files (./include/linux/rcupdate.h:871 fs/file.c:1101) [ 89.819952][ C2] ksys_mmap_pgoff (mm/mmap.c:606) [ 89.819953][ C2] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3)) [ 89.819955][ C2] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472) [ 89.819957][ C2] ? do_syscall_64 (./include/linux/entry-common.h:177 arch/x86/entry/syscall_64.c:89) [ 89.819958][ C2] do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) [ 89.819959][ C2] ? trace_hardirqs_off (kernel/trace/trace_preemptirq.c:104 (discriminator 1)) [ 89.819961][ C2] ? exc_page_fault (arch/x86/mm/fault.c:1480 (discriminator 3) arch/x86/mm/fault.c:1527 (discriminator 3)) [ 89.819963][ C2] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:121) [ 89.819964][ C2] RIP: 0033:0x7fdcb86ef85c [ 89.819966][ C2] Code: 1e fa 41 f7 c1 ff 0f 00 00 75 33 55 48 89 e5 41 54 41 89 cc 53 48 89 fb 48 85 ff 74 51 45 89 e2 48 89 df b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 24 5b 41 5c 5d c3 0f 1f 80 00 00 00 00 c7 05 All code ======== 0: 1e (bad) 1: fa cli 2: 41 f7 c1 ff 0f 00 00 test $0xfff,%r9d 9: 75 33 jne 0x3e b: 55 push %rbp c: 48 89 e5 mov %rsp,%rbp f: 41 54 push %r12 11: 41 89 cc mov %ecx,%r12d 14: 53 push %rbx 15: 48 89 fb mov %rdi,%rbx 18: 48 85 ff test %rdi,%rdi 1b: 74 51 je 0x6e 1d: 45 89 e2 mov %r12d,%r10d 20: 48 89 df mov %rbx,%rdi 23: b8 09 00 00 00 mov $0x9,%eax 28: 0f 05 syscall 2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction 30: 77 24 ja 0x56 32: 5b pop %rbx 33: 41 5c pop %r12 35: 5d pop %rbp 36: c3 ret 37: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 3e: c7 .byte 0xc7 3f: 05 .byte 0x5 Code starting with the faulting instruction =========================================== 0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax 6: 77 24 ja 0x2c 8: 5b pop %rbx 9: 41 5c pop %r12 b: 5d pop %rbp c: c3 ret d: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 14: c7 .byte 0xc7 15: 05 .byte 0x5 [ 89.819967][ C2] RSP: 002b:00007ffe2f282900 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 89.819968][ C2] RAX: ffffffffffffffda RBX: 00007fdcb86b9000 RCX: 00007fdcb86ef85c [ 89.819969][ C2] RDX: 0000000000000003 RSI: 0000000000002000 RDI: 00007fdcb86b9000 [ 89.819970][ C2] RBP: 00007ffe2f282910 R08: 0000000000000005 R09: 000000000002f000 [ 89.819971][ C2] R10: 0000000000000812 R11: 0000000000000206 R12: 0000000000000812 Finger prints: handle_softirqs:dump_stack_lvl:__mutex_lock:__tcf_chain_put:tcf_action_rcu_free __mutex_lock:__tcf_chain_put:tcf_action_rcu_free:rcu_do_batch:rcu_core