====================================== | [ 1164.077102][ C0] #5: ffffffffa03a5bf8 (remove_cache_srcu){.+.+}-{0:0}, at: kasan_quarantine_reduce (./include/linux/srcu.h:187 (discriminator 2) ./include/linux/srcu.h:294 (discriminator 2) mm/kasan/quarantine.c:259 (discriminator 2)) | [ 1164.077313][ C0] #6: ffffffffa018bc80 (rcu_callback){....}-{0:0}, at: rcu_do_batch (./include/linux/rcupdate.h:300 (discriminator 2) kernel/rcu/tree.c:2611 (discriminator 2)) | [ 1164.077489][ C0] | [ 1164.077489][ C0] stack backtrace: [ 1164.077616][ C0] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 1164.077619][ C0] Workqueue: netns cleanup_net [ 1164.077622][ C0] Call Trace: [ 1164.077624][ C0] [ 1164.077625][ C0] dump_stack_lvl (lib/dump_stack.c:94 lib/dump_stack.c:120) [ 1164.077631][ C0] print_usage_bug.part.0.cold (kernel/locking/lockdep.c:4042) [ 1164.077634][ C0] ? filter_irq_stacks (kernel/stacktrace.c:402) [ 1164.077637][ C0] mark_lock_irq (kernel/locking/lockdep.c:4013 kernel/locking/lockdep.c:4056 kernel/locking/lockdep.c:4267) [ 1164.077639][ C0] ? sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1061 (discriminator 37) arch/x86/kernel/apic/apic.c:1061 (discriminator 37)) [ 1164.077641][ C0] ? asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697) [ 1164.077643][ C0] ? save_trace (kernel/locking/lockdep.c:589) [ 1164.077644][ C0] ? ip_mc_msfilter (net/ipv4/igmp.c:2552) [ 1164.077648][ C0] mark_lock (kernel/locking/lockdep.c:4753) [ 1164.077650][ C0] mark_usage (kernel/locking/lockdep.c:4642) [ 1164.077652][ C0] __lock_acquire (kernel/locking/lockdep.c:5191) [ 1164.077653][ C0] ? mark_held_locks (kernel/locking/lockdep.c:4325) [ 1164.077654][ C0] ? rcu_do_batch (./include/linux/rcupdate.h:310 (discriminator 2) kernel/rcu/tree.c:2619 (discriminator 2)) [ 1164.077657][ C0] lock_acquire.part.0 (kernel/locking/lockdep.c:5868 (discriminator 1)) [ 1164.077659][ C0] ? tcf_mirred_release (./include/linux/spinlock.h:342 net/sched/act_mirred.c:78) act_mirred [ 1164.077660][ C0] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3)) [ 1164.077662][ C0] ? lock_acquire (./include/trace/events/lock.h:24 (discriminator 22) kernel/locking/lockdep.c:5831 (discriminator 22)) [ 1164.077664][ C0] _raw_spin_lock (./include/linux/spinlock_api_smp.h:158 (discriminator 1) kernel/locking/spinlock.c:158 (discriminator 1)) [ 1164.077666][ C0] ? tcf_mirred_release (./include/linux/spinlock.h:342 net/sched/act_mirred.c:78) act_mirred [ 1164.077667][ C0] tcf_mirred_release (./include/linux/spinlock.h:342 net/sched/act_mirred.c:78) act_mirred [ 1164.077669][ C0] tcf_action_rcu_free (net/sched/act_api.c:367 net/sched/act_api.c:378) [ 1164.077670][ C0] ? rcu_do_batch (./include/linux/rcupdate.h:310 (discriminator 2) kernel/rcu/tree.c:2619 (discriminator 2)) [ 1164.077672][ C0] rcu_do_batch (kernel/rcu/tree.c:2617) [ 1164.077675][ C0] ? trace_rcu_batch_end (./include/trace/events/rcu.h:714 (discriminator 19)) [ 1164.077677][ C0] ? mark_held_locks (kernel/locking/lockdep.c:4325) [ 1164.077678][ C0] ? lockdep_hardirqs_on_prepare.part.0 (kernel/locking/lockdep.c:470 (discriminator 2) kernel/locking/lockdep.c:4411 (discriminator 2)) [ 1164.077680][ C0] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472) [ 1164.077681][ C0] rcu_core (kernel/rcu/tree.c:2869) [ 1164.077683][ C0] handle_softirqs (kernel/softirq.c:622) [ 1164.077685][ C0] ? find_held_lock (kernel/locking/lockdep.c:5350) [ 1164.077686][ C0] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5535) [ 1164.077688][ C0] ? _local_bh_enable (kernel/softirq.c:405 (discriminator 1)) [ 1164.077690][ C0] __irq_exit_rcu (kernel/softirq.c:656 kernel/softirq.c:496 kernel/softirq.c:735) [ 1164.077691][ C0] irq_exit_rcu (kernel/softirq.c:752) [ 1164.077693][ C0] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1061 (discriminator 37) arch/x86/kernel/apic/apic.c:1061 (discriminator 37)) [ 1164.077694][ C0] [ 1164.077695][ C0] [ 1164.077696][ C0] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697) [ 1164.077697][ C0] RIP: 0010:_raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:178 (discriminator 12) kernel/locking/spinlock.c:198 (discriminator 12)) [ 1164.077700][ C0] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 61 10 9d fd 48 89 df e8 e9 66 9d fd f7 c5 00 02 00 00 75 1f 9c 58 f6 c4 02 75 2f 01 00 00 00 e8 80 f4 8f fd 65 8b 05 29 1a 5e 02 85 c0 74 12 5b All code ======== 0: f5 cmc 1: 53 push %rbx 2: 48 8b 74 24 10 mov 0x10(%rsp),%rsi 7: 48 89 fb mov %rdi,%rbx a: 48 83 c7 18 add $0x18,%rdi e: e8 61 10 9d fd call 0xfffffffffd9d1074 13: 48 89 df mov %rbx,%rdi 16: e8 e9 66 9d fd call 0xfffffffffd9d6704 1b: f7 c5 00 02 00 00 test $0x200,%ebp 21: 75 1f jne 0x42 23: 9c pushf 24: 58 pop %rax 25: f6 c4 02 test $0x2,%ah 28: 75 2f jne 0x59 2a:* bf 01 00 00 00 mov $0x1,%edi <-- trapping instruction 2f: e8 80 f4 8f fd call 0xfffffffffd8ff4b4 34: 65 8b 05 29 1a 5e 02 mov %gs:0x25e1a29(%rip),%eax # 0x25e1a64 3b: 85 c0 test %eax,%eax 3d: 74 12 je 0x51 3f: 5b pop %rbx Code starting with the faulting instruction =========================================== 0: bf 01 00 00 00 mov $0x1,%edi 5: e8 80 f4 8f fd call 0xfffffffffd8ff48a a: 65 8b 05 29 1a 5e 02 mov %gs:0x25e1a29(%rip),%eax # 0x25e1a3a 11: 85 c0 test %eax,%eax 13: 74 12 je 0x27 15: 5b pop %rbx [ 1164.077701][ C0] RSP: 0018:ffa00000004871b8 EFLAGS: 00000246 [ 1164.077703][ C0] RAX: 0000000000000092 RBX: ff11000001041440 RCX: ffffffff9ed78613 [ 1164.077704][ C0] RDX: ff110000090b8040 RSI: ffffffff9f693d1a RDI: ffffffff9f0727c0 [ 1164.077705][ C0] RBP: 0000000000000246 R08: 0000000000000000 R09: 0000000000000000 [ 1164.077706][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: ff1100000dd1c468 [ 1164.077707][ C0] R13: 0000000000000000 R14: ffa0000000487200 R15: 0000000000000000 [ 1164.077709][ C0] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:178 (discriminator 6) kernel/locking/spinlock.c:198 (discriminator 6)) [ 1164.077711][ C0] qlist_free_all (mm/kasan/quarantine.c:163 (discriminator 2) mm/kasan/quarantine.c:179 (discriminator 2)) [ 1164.077713][ C0] kasan_quarantine_reduce (mm/kasan/quarantine.c:286) [ 1164.077715][ C0] __kasan_slab_alloc (mm/kasan/common.c:350) [ 1164.077717][ C0] kmem_cache_alloc_node_noprof (./include/linux/kasan.h:253 mm/slub.c:4570 mm/slub.c:4899 mm/slub.c:4951) [ 1164.077720][ C0] __alloc_skb (net/core/skbuff.c:702 (discriminator 7)) [ 1164.077722][ C0] ? __alloc_skb (./include/linux/bottom_half.h:20 (discriminator 2) net/core/skbuff.c:695 (discriminator 2)) [ 1164.077724][ C0] ? napi_skb_cache_get (./include/linux/local_lock_internal.h:61) [ 1164.077725][ C0] ? atomic_notifier_call_chain (./include/linux/rcupdate.h:871 kernel/notifier.c:224) [ 1164.077727][ C0] rtmsg_fib (./include/linux/skbuff.h:1386 ./include/net/netlink.h:1055 net/ipv4/fib_semantics.c:551) [ 1164.077730][ C0] ? fib_dump_info (net/ipv4/fib_semantics.c:1725) [ 1164.077731][ C0] ? ret_from_fork_asm (arch/x86/entry/entry_64.S:245) [ 1164.077735][ C0] fib_table_delete (net/ipv4/fib_trie.c:1740 (discriminator 1)) [ 1164.077737][ C0] ? find_held_lock (kernel/locking/lockdep.c:5350) [ 1164.077738][ C0] ? fib_table_lookup (net/ipv4/fib_trie.c:1604) [ 1164.077740][ C0] ? lockdep_rtnl_is_held (./include/linux/lockdep.h:249 net/core/rtnetlink.c:182) [ 1164.077742][ C0] ? fib_get_table (net/ipv4/fib_frontend.c:124 (discriminator 2)) [ 1164.077744][ C0] fib_magic (net/ipv4/fib_frontend.c:1136) [ 1164.077746][ C0] ? fib_new_table (net/ipv4/fib_frontend.c:88 (discriminator 1)) [ 1164.077750][ C0] fib_del_ifaddr (net/ipv4/fib_frontend.c:1247 (discriminator 3)) [ 1164.077752][ C0] ? lock_acquire (./include/trace/events/lock.h:24 (discriminator 22) kernel/locking/lockdep.c:5831 (discriminator 22)) [ 1164.077753][ C0] fib_inetaddr_event (net/ipv4/fib_frontend.c:1478) [ 1164.077755][ C0] notifier_call_chain (kernel/notifier.c:85) [ 1164.077757][ C0] blocking_notifier_call_chain (kernel/notifier.c:380 kernel/notifier.c:368) [ 1164.077759][ C0] __inet_del_ifa (net/ipv4/devinet.c:450) [ 1164.077761][ C0] ? lockdep_rtnl_is_held (./include/linux/lockdep.h:249 net/core/rtnetlink.c:182) [ 1164.077763][ C0] inetdev_event (net/ipv4/devinet.c:487 net/ipv4/devinet.c:328 net/ipv4/devinet.c:1655) [ 1164.077764][ C0] ? mutex_is_locked (./include/linux/instrumented.h:82 ./include/linux/atomic/atomic-instrumented.h:3188 kernel/locking/mutex.h:48 kernel/locking/mutex.c:65) [ 1164.077767][ C0] notifier_call_chain (kernel/notifier.c:85) [ 1164.077769][ C0] unregister_netdevice_many_notify (net/core/dev.c:2287 net/core/dev.c:2301 net/core/dev.c:12446) [ 1164.077772][ C0] ? unregister_netdevice_queued (./include/linux/list.h:404 (discriminator 3)) [ 1164.077774][ C0] ? mutex_is_locked (./include/linux/instrumented.h:82 ./include/linux/atomic/atomic-instrumented.h:3188 kernel/locking/mutex.h:48 kernel/locking/mutex.c:65) [ 1164.077775][ C0] ? rtnl_is_locked (net/core/rtnetlink.c:169) [ 1164.077777][ C0] ? unregister_netdevice_queue (net/core/dev.c:12311 (discriminator 1)) [ 1164.077780][ C0] default_device_exit_batch (net/core/dev.c:12507 net/core/dev.c:13099) [ 1164.077782][ C0] ? unregister_netdev (./include/net/net_namespace.h:419 (discriminator 7)) [ 1164.077785][ C0] ? perf_trace_sched_switch (./include/linux/list.h:1021 (discriminator 3)) [ 1164.077787][ C0] ? fou_exit_net (net/ipv4/fou_core.c:1228) [ 1164.077791][ C0] ops_undo_list (net/core/net_namespace.c:205 net/core/net_namespace.c:252) [ 1164.077793][ C0] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472) [ 1164.077794][ C0] ? netns_install (./include/linux/ns_common.h:26) [ 1164.077795][ C0] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5535) [ 1164.077797][ C0] ? idr_destroy (lib/radix-tree.c:310 lib/radix-tree.c:674 lib/radix-tree.c:1563) [ 1164.077800][ C0] cleanup_net (net/core/net_namespace.c:702) [ 1164.077802][ C0] ? net_passive_dec (./include/linux/llist.h:241) [ 1164.077803][ C0] ? process_one_work (kernel/workqueue.c:3290 (discriminator 2)) [ 1164.077805][ C0] ? lock_acquire (./include/trace/events/lock.h:24 (discriminator 22) kernel/locking/lockdep.c:5831 (discriminator 22)) [ 1164.077806][ C0] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3)) [ 1164.077808][ C0] process_one_work (kernel/workqueue.c:3314) [ 1164.077811][ C0] ? pwq_dec_nr_in_flight (kernel/workqueue.c:1822 (discriminator 4)) [ 1164.077813][ C0] ? lock_acquire.part.0 (kernel/locking/lockdep.c:5868 (discriminator 1)) [ 1164.077815][ C0] worker_thread (kernel/workqueue.c:3397 kernel/workqueue.c:3478) [ 1164.077818][ C0] ? rescuer_thread (./include/linux/list.h:404 (discriminator 3)) [ 1164.077820][ C0] ? __kthread_parkme (./include/linux/instrumented.h:82 ./include/asm-generic/bitops/instrumented-non-atomic.h:141 kernel/kthread.c:272) [ 1164.077822][ C0] ? rescuer_thread (./include/linux/list.h:404 (discriminator 3)) [ 1164.077823][ C0] kthread (kernel/kthread.c:436) [ 1164.077825][ C0] ? trace_irq_enable.constprop.0 (./include/trace/events/preemptirq.h:40 (discriminator 22)) [ 1164.077828][ C0] ? kthread_affine_node (kernel/kthread.c:378) [ 1164.077830][ C0] ret_from_fork (arch/x86/kernel/process.c:158) [ 1164.077833][ C0] ? arch_exit_to_user_mode_prepare.isra.0 (arch/x86/entry/syscall_64.c:37) [ 1164.077835][ C0] ? __switch_to (arch/x86/kernel/process_64.c:403 arch/x86/kernel/process_64.c:663) [ 1164.077837][ C0] ? kthread_affine_node (kernel/kthread.c:378) Finger prints: mark_lock_irq:mark_lock:mark_usage:__lock_acquire:_raw_spin_lock