====================================== | xx__-> [ 1634.376646] ------------[ cut here ]------------ | [ 1634.376700] rcuref - imbalanced put() | [ 1634.376701] WARNING: lib/rcuref.c:266 at 0x0, CPU#1: swapper/1/0 | [ 1634.376754] Modules linked in: xfrm_user l2tp_ip6 l2tp_eth l2tp_ip l2tp_netlink l2tp_core sctp sch_fq ipt_rpfilter act_tunnel_key bareudp act_mirred pktgen nft_chain_nat xt_nat nf_nat cls_bpf xt_conntrack nf_conntrack nf_defrag_ipv4 nf_defrag_ipv6 drop_monitor netdevsim psample cls_matchall act_gact cls_flower sch_ingress ip6t_rpfilter nft_compat nf_tables vxlan mpls_gso mpls_iptunnel mpls_router [ 1634.376991] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 1634.377025] RIP: 0010:rcuref_put_slowpath (lib/rcuref.c:266 (discriminator 4)) [ 1634.377060] Code: c0 75 0d c3 81 fe ff ff ff bf 77 0f 85 f6 78 03 31 c0 c3 c7 07 00 00 00 a0 eb f5 48 83 ec 08 48 89 3c 24 48 8d 3d 30 04 4a 01 <67> 48 0f b9 3a 48 8b 14 24 31 c0 c7 02 00 00 00 e0 48 83 c4 08 c3 All code ======== 0: c0 75 0d c3 shlb $0xc3,0xd(%rbp) 4: 81 fe ff ff ff bf cmp $0xbfffffff,%esi a: 77 0f ja 0x1b c: 85 f6 test %esi,%esi e: 78 03 js 0x13 10: 31 c0 xor %eax,%eax 12: c3 ret 13: c7 07 00 00 00 a0 movl $0xa0000000,(%rdi) 19: eb f5 jmp 0x10 1b: 48 83 ec 08 sub $0x8,%rsp 1f: 48 89 3c 24 mov %rdi,(%rsp) 23: 48 8d 3d 30 04 4a 01 lea 0x14a0430(%rip),%rdi # 0x14a045a 2a:* 67 48 0f b9 3a ud1 (%edx),%rdi <-- trapping instruction 2f: 48 8b 14 24 mov (%rsp),%rdx 33: 31 c0 xor %eax,%eax 35: c7 02 00 00 00 e0 movl $0xe0000000,(%rdx) 3b: 48 83 c4 08 add $0x8,%rsp 3f: c3 ret Code starting with the faulting instruction =========================================== 0: 67 48 0f b9 3a ud1 (%edx),%rdi 5: 48 8b 14 24 mov (%rsp),%rdx 9: 31 c0 xor %eax,%eax b: c7 02 00 00 00 e0 movl $0xe0000000,(%rdx) 11: 48 83 c4 08 add $0x8,%rsp 15: c3 ret [ 1634.377155] RSP: 0018:ff62a2f7000e4e78 EFLAGS: 00010296 [ 1634.377187] RAX: 00000000dfffffff RBX: ff4653df069edd80 RCX: ff4653df03128000 [ 1634.377228] RDX: 004e4f1755e398d8 RSI: 00000000dfffffff RDI: ffffffff9487e6f0 [ 1634.377272] RBP: ff4653df069edd70 R08: ff4653df033fd540 R09: 00000000802a0018 [ 1634.377314] R10: ff4653df01034200 R11: ff4653df033fd540 R12: ff4653df069edde8 [ 1634.377354] R13: ff62a2f7000e4f40 R14: 000000000000001a R15: 0000000000000000 [ 1634.377398] FS: 0000000000000000(0000) GS:ff4653dfa9e4c000(0000) knlGS:0000000000000000 [ 1634.377453] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1634.377488] CR2: 00007f12c450f500 CR3: 0000000029246004 CR4: 0000000000771ef0 [ 1634.377532] PKRU: 55555554 [ 1634.377546] Call Trace: [ 1634.377563] [ 1634.377578] dst_release_immediate (./arch/x86/include/asm/preempt.h:95 (discriminator 1) ./include/linux/rcuref.h:174 (discriminator 1) net/core/dst.c:184 (discriminator 1)) [ 1634.377611] rt_fibinfo_free_cpus.part.0 (net/ipv4/fib_semantics.c:196) [ 1634.377646] fib_nh_common_release (net/ipv4/fib_semantics.c:207) [ 1634.377676] free_fib_info_rcu (./include/net/nexthop.h:480 net/ipv4/fib_semantics.c:229) [ 1634.377694] rcu_core (kernel/rcu/tree.c:2612 (discriminator 1) kernel/rcu/tree.c:2857 (discriminator 1)) [ 1634.377717] handle_softirqs (./arch/x86/include/asm/jump_label.h:37 ./include/trace/events/irq.h:142 kernel/softirq.c:623) [ 1634.377740] irq_exit_rcu (kernel/softirq.c:657 kernel/softirq.c:496 kernel/softirq.c:723 kernel/softirq.c:739) [ 1634.377769] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1056 (discriminator 47) arch/x86/kernel/apic/apic.c:1056 (discriminator 47)) [ 1634.377801] [ 1634.377813] [ 1634.377824] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697) [ 1634.377859] RIP: 0010:pv_native_safe_halt (arch/x86/kernel/paravirt.c:82) [ 1634.377892] Code: 48 8b 3d 74 3a 44 01 e8 1f 00 00 00 48 2b 05 28 a1 60 00 c3 0f 1f 80 00 00 00 00 f3 0f 1e fa eb 07 0f 00 2d a5 b8 21 00 fb f4 0f 1f 40 d6 8b 17 89 d6 83 e6 fe 0f 01 f9 66 90 48 c1 e2 20 48 All code ======== 0: 48 8b 3d 74 3a 44 01 mov 0x1443a74(%rip),%rdi # 0x1443a7b 7: e8 1f 00 00 00 call 0x2b c: 48 2b 05 28 a1 60 00 sub 0x60a128(%rip),%rax # 0x60a13b 13: c3 ret 14: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 1b: f3 0f 1e fa endbr64 1f: eb 07 jmp 0x28 21: 0f 00 2d a5 b8 21 00 verw 0x21b8a5(%rip) # 0x21b8cd 28: fb sti 29: f4 hlt 2a:* c3 ret <-- trapping instruction 2b: 0f 1f 40 d6 nopl -0x2a(%rax) 2f: 8b 17 mov (%rdi),%edx 31: 89 d6 mov %edx,%esi 33: 83 e6 fe and $0xfffffffe,%esi 36: 0f 01 f9 rdtscp 39: 66 90 xchg %ax,%ax 3b: 48 c1 e2 20 shl $0x20,%rdx 3f: 48 rex.W Code starting with the faulting instruction =========================================== 0: c3 ret 1: 0f 1f 40 d6 nopl -0x2a(%rax) 5: 8b 17 mov (%rdi),%edx 7: 89 d6 mov %edx,%esi 9: 83 e6 fe and $0xfffffffe,%esi c: 0f 01 f9 rdtscp f: 66 90 xchg %ax,%ax 11: 48 c1 e2 20 shl $0x20,%rdx 15: 48 rex.W [ 1634.377978] RSP: 0018:ff62a2f70009fed8 EFLAGS: 00000206 [ 1634.378005] RAX: ff4653dfa9e4c000 RBX: ff4653df012dc440 RCX: 0000000000000000 [ 1634.378044] RDX: 4000000000000000 RSI: 0000000000000000 RDI: 000000000795e304 [ 1634.378086] RBP: 0000000000000001 R08: 000000000795e304 R09: ff4653df3eca4990 [ 1634.378121] R10: ff4653df08c89e58 R11: 0000000000000000 R12: 0000000000000000 [ 1634.378171] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1634.378210] ? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:146) [ 1634.378237] default_idle (./arch/x86/include/asm/paravirt.h:107 arch/x86/kernel/process.c:767) [ 1634.378258] default_idle_call (./include/linux/cpuidle.h:144 kernel/sched/idle.c:123) [ 1634.378280] do_idle (kernel/sched/idle.c:192 kernel/sched/idle.c:332) [ 1634.378300] cpu_startup_entry (kernel/sched/idle.c:429) [ 1634.378326] start_secondary (arch/x86/kernel/smpboot.c:312) Finger prints: rcuref_put_slowpath:dst_release_immediate:fib_nh_common_release:free_fib_info_rcu:rcu_core