Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WARN in __mptcp_fastopen_gen_msk_ackseq(): sock owned by user #539

Open
matttbe opened this issue Jan 7, 2025 · 1 comment
Open

WARN in __mptcp_fastopen_gen_msk_ackseq(): sock owned by user #539

matttbe opened this issue Jan 7, 2025 · 1 comment
Labels
bug

Comments

@matttbe
Copy link
Member

matttbe commented Jan 7, 2025

While looking at upstreaming @pabeni's series called mptcp: rx path refactor having these commits:

  • 04f8fb9 ("mptcp: consolidate subflow cleanup")
  • 5efe61a ("mptcp: move the whole rx path under msk socket lock protection")
  • 93d575a ("mptcp: cleanup mem accounting")
  • 89005e3 ("net: dismiss sk_forward_alloc_get()")
  • ee1b2fe ("mptcp: dismiss __mptcp_rmem()")
  • 2a196cd ("mptcp: micro-optimize __mptcp_move_skb()")

I got a WARN in __mptcp_fastopen_gen_msk_ackseq() with the new DEBUG_NET_WARN_ON_ONCE(sock_owned_by_user_nocheck(sk)); added in commit 5efe61a ("mptcp: move the whole rx path under msk socket lock protection") when executing the ./mptcp_connect.sh selftest:

[  137.175779][    C0] ------------[ cut here ]------------
[ 137.176116][ C0] WARNING: CPU: 0 PID: 5799 at net/mptcp/fastopen.c:69 __mptcp_fastopen_gen_msk_ackseq (net/mptcp/fastopen.c:69)
[  137.176573][    C0] Modules linked in: sch_netem tcp_diag mptcp_diag inet_diag mptcp_token_test mptcp_crypto_test kunit
[  137.176921][    C0] CPU: 0 UID: 0 PID: 5799 Comm: mptcp_connect Tainted: G                 N 6.13.0-rc5+ #19
[  137.177227][    C0] Tainted: [N]=TEST
[  137.177334][    C0] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 137.177477][ C0] RIP: 0010:__mptcp_fastopen_gen_msk_ackseq (net/mptcp/fastopen.c:69)
[ 137.177628][ C0] Code: 8a 69 05 ff 4c 89 ea 58 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 b9 00 00 00 4c 8b 4d 30 e9 a3 fe ff ff 90 <0f> 0b 90 e9 1c fe ff ff 90 0f 0b 90 e9 81 fe ff ff e8 3e d8 98 fe
All code
========
   0:	8a 69 05             	mov    0x5(%rcx),%ch
   3:	ff 4c 89 ea          	decl   -0x16(%rcx,%rcx,4)
   7:	58                   	pop    %rax
   8:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
   f:	fc ff df 
  12:	48 c1 ea 03          	shr    $0x3,%rdx
  16:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
  1a:	0f 85 b9 00 00 00    	jne    0xd9
  20:	4c 8b 4d 30          	mov    0x30(%rbp),%r9
  24:	e9 a3 fe ff ff       	jmp    0xfffffffffffffecc
  29:	90                   	nop
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	90                   	nop
  2d:	e9 1c fe ff ff       	jmp    0xfffffffffffffe4e
  32:	90                   	nop
  33:	0f 0b                	ud2
  35:	90                   	nop
  36:	e9 81 fe ff ff       	jmp    0xfffffffffffffebc
  3b:	e8 3e d8 98 fe       	call   0xfffffffffe98d87e

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	90                   	nop
   3:	e9 1c fe ff ff       	jmp    0xfffffffffffffe24
   8:	90                   	nop
   9:	0f 0b                	ud2
   b:	90                   	nop
   c:	e9 81 fe ff ff       	jmp    0xfffffffffffffe92
  11:	e8 3e d8 98 fe       	call   0xfffffffffe98d854
[  137.178022][    C0] RSP: 0018:ffffc90000007398 EFLAGS: 00010202
[  137.178178][    C0] RAX: 0000000000000000 RBX: ffff888006fa8000 RCX: ffffffffba9b569b
[  137.178368][    C0] RDX: 0000000000000001 RSI: ffff8880085c9800 RDI: ffff888006fa8200
[  137.178534][    C0] RBP: ffff888006fa81c0 R08: 0000000000000001 R09: ffffed1000df5116
[  137.178709][    C0] R10: ffff888006fa88b7 R11: 0000000000000000 R12: 0000000000000000
[  137.178883][    C0] R13: 0000000000000004 R14: ffff8880110aa000 R15: ffff8880085c9858
[  137.179146][    C0] FS:  00007f365cd0c740(0000) GS:ffff88806d200000(0000) knlGS:0000000000000000
[  137.179341][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  137.179488][    C0] CR2: 00007f365ce58cf0 CR3: 000000000fe22000 CR4: 0000000000750ef0
[  137.179658][    C0] PKRU: 55555554
[  137.179747][    C0] Call Trace:
[  137.179853][    C0]  <IRQ>
[ 137.179918][ C0] ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259 (discriminator 1))
[ 137.180038][ C0] ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259 (discriminator 1))
[ 137.180160][ C0] ? check_fully_established (include/linux/spinlock.h:396)
[ 137.180277][ C0] ? __mptcp_fastopen_gen_msk_ackseq (net/mptcp/fastopen.c:69)
[ 137.180417][ C0] ? __warn.cold (kernel/panic.c:748)
[ 137.180531][ C0] ? __mptcp_fastopen_gen_msk_ackseq (net/mptcp/fastopen.c:69)
[ 137.180673][ C0] ? report_bug (lib/bug.c:180)
[ 137.180795][ C0] ? handle_bug (arch/x86/kernel/traps.c:285)
[ 137.180890][ C0] ? exc_invalid_op (arch/x86/kernel/traps.c:309 (discriminator 1))
[ 137.181005][ C0] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)
[ 137.181146][ C0] ? __mptcp_subflow_fully_established (arch/x86/include/asm/atomic64_64.h:20)
[ 137.181287][ C0] ? __mptcp_fastopen_gen_msk_ackseq (net/mptcp/fastopen.c:69)
[ 137.181426][ C0] ? __mptcp_subflow_fully_established (arch/x86/include/asm/atomic64_64.h:20)
[ 137.181566][ C0] check_fully_established (include/linux/spinlock.h:396)
[ 137.181682][ C0] mptcp_incoming_options (net/mptcp/options.c:1155 (discriminator 1))
[ 137.181795][ C0] ? tcp_v6_rcv (include/linux/spinlock.h:391)
[ 137.181913][ C0] ? __pfx_validate_chain (kernel/locking/lockdep.c:3860)
[ 137.182028][ C0] ? __pfx_mptcp_incoming_options (net/mptcp/options.c:1124)
[ 137.182183][ C0] ? find_held_lock (kernel/locking/lockdep.c:5339 (discriminator 1))
[ 137.182301][ C0] ? __subflow_state_change (include/linux/rcupdate.h:347 (discriminator 1))
[ 137.182415][ C0] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5525)
[ 137.182530][ C0] tcp_data_queue (net/ipv4/tcp_input.c:5233 (discriminator 1))
[ 137.182644][ C0] ? subflow_check_data_avail (net/mptcp/subflow.c:1392)
[ 137.182785][ C0] ? __pfx_tcp_data_queue (net/ipv4/tcp_input.c:5224)
[ 137.182917][ C0] ? __pfx_subflow_sched_work_if_closed (net/mptcp/subflow.c:1281)
[ 137.183056][ C0] tcp_rcv_state_process (net/ipv4/tcp_input.c:6978)
[ 137.183179][ C0] ? __pfx_tcp_rcv_state_process (net/ipv4/tcp_input.c:6726)
[ 137.183320][ C0] ? __pfx_lock_acquire.part.0 (kernel/locking/lockdep.c:5814)
[ 137.183437][ C0] ? do_raw_spin_lock (arch/x86/include/asm/atomic.h:107 (discriminator 1))
[ 137.183552][ C0] tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1667)
[ 137.183665][ C0] tcp_v6_rcv (include/linux/spinlock.h:391)
[ 137.183786][ C0] ? __pfx_tcp_v6_rcv (net/ipv6/tcp_ipv6.c:1746)
[ 137.183905][ C0] ? lock_acquire.part.0 (kernel/locking/lockdep.c:467 (discriminator 4))
[ 137.184021][ C0] ? ip6_input_finish (include/linux/rcupdate.h:337 (discriminator 1))
[ 137.184146][ C0] ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:438)
[ 137.184261][ C0] ? ip6_input_finish (include/linux/rcupdate.h:337 (discriminator 1))
[ 137.184379][ C0] ? ip6_input_finish (include/linux/rcupdate.h:337 (discriminator 1))
[ 137.184492][ C0] ip6_input_finish (include/linux/rcupdate.h:878)
[ 137.184603][ C0] ? trace_lock_acquire (include/trace/events/lock.h:24 (discriminator 2))
[ 137.184719][ C0] ip6_input (net/ipv6/ip6_input.c:489)
[ 137.184806][ C0] ? __pfx_ip6_input (net/ipv6/ip6_input.c:489)
[ 137.184927][ C0] ? tcp_v6_early_demux (include/linux/skbuff.h:1184 (discriminator 1))
[ 137.185045][ C0] ipv6_rcv (include/net/dst.h:469 (discriminator 1))
[ 137.185137][ C0] ? __pfx_ipv6_rcv (net/ipv6/ip6_input.c:303)
[ 137.185258][ C0] ? lock_acquire.part.0 (kernel/locking/lockdep.c:467 (discriminator 4))
[ 137.185372][ C0] ? process_backlog (include/linux/local_lock_internal.h:38 (discriminator 1))
[ 137.185490][ C0] ? __pfx_ipv6_rcv (net/ipv6/ip6_input.c:303)
[ 137.185602][ C0] __netif_receive_skb_one_core (net/core/dev.c:5667)
[ 137.185747][ C0] ? __pfx___netif_receive_skb_one_core (net/core/dev.c:5667)
[ 137.185896][ C0] ? process_backlog (include/linux/local_lock_internal.h:38 (discriminator 1))
[ 137.186028][ C0] ? lock_acquire (kernel/locking/lockdep.c:5822)
[ 137.186150][ C0] ? process_backlog (include/linux/local_lock_internal.h:38 (discriminator 1))
[ 137.186262][ C0] ? process_backlog (include/linux/local_lock_internal.h:38 (discriminator 1))
[ 137.186372][ C0] process_backlog (include/linux/rcupdate.h:878)
[ 137.186486][ C0] __napi_poll.constprop.0 (net/core/dev.c:6885)
[ 137.186598][ C0] net_rx_action (net/core/dev.c:6954)
[ 137.186719][ C0] ? __pfx_net_rx_action (net/core/dev.c:7038)
[ 137.186834][ C0] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 (discriminator 1))
[ 137.186980][ C0] ? mark_held_locks (kernel/locking/lockdep.c:4321 (discriminator 1))
[ 137.187116][ C0] handle_softirqs (kernel/softirq.c:561)
[ 137.187232][ C0] ? __pfx_handle_softirqs (kernel/softirq.c:519)
[ 137.187348][ C0] ? __dev_queue_xmit (include/linux/rcupdate.h:347 (discriminator 1))
[ 137.187460][ C0] do_softirq (kernel/softirq.c:462 (discriminator 20))
[  137.187545][    C0]  </IRQ>
[  137.187605][    C0]  <TASK>
[ 137.187662][ C0] __local_bh_enable_ip (kernel/softirq.c:389)
[ 137.187777][ C0] ? __dev_queue_xmit (include/linux/rcupdate.h:347 (discriminator 1))
[ 137.187891][ C0] __dev_queue_xmit (net/core/dev.c:4345)
[ 137.188009][ C0] ? ip6_finish_output2 (include/net/neighbour.h:539 (discriminator 2))
[ 137.188129][ C0] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5525)
[ 137.188243][ C0] ? __pfx___lock_release.isra.0 (kernel/locking/lockdep.c:5500)
[ 137.188383][ C0] ? __pfx___dev_queue_xmit (net/core/dev.c:4345)
[ 137.188496][ C0] ? __asan_memcpy (mm/kasan/shadow.c:105 (discriminator 1))
[ 137.188612][ C0] ? eth_header (net/ethernet/eth.c:100)
[ 137.188728][ C0] ? neigh_resolve_output (include/linux/netdevice.h:3266)
[ 137.188849][ C0] ? ip6_finish_output2 (include/linux/rcupdate.h:337 (discriminator 1))
[ 137.188966][ C0] ip6_finish_output2 (include/net/neighbour.h:539 (discriminator 2))
[ 137.189102][ C0] ip6_finish_output (net/ipv6/ip6_output.c:215)
[ 137.189226][ C0] ip6_output (include/linux/netfilter.h:303)
[ 137.189313][ C0] ? __pfx___lock_release.isra.0 (kernel/locking/lockdep.c:5500)
[ 137.189453][ C0] ? __pfx_ip6_output (net/ipv6/ip6_output.c:234)
[ 137.189567][ C0] ? trace_lock_acquire (include/trace/events/lock.h:24 (discriminator 2))
[ 137.189685][ C0] ? ip6_mtu (include/linux/rcupdate.h:347 (discriminator 1))
[ 137.189775][ C0] ip6_xmit (include/net/dst.h:459 (discriminator 1))
[ 137.189880][ C0] ? __pfx_validate_chain (kernel/locking/lockdep.c:3860)
[ 137.189995][ C0] ? hlock_class (arch/x86/include/asm/bitops.h:227)
[ 137.190120][ C0] ? __pfx_ip6_xmit (net/ipv6/ip6_output.c:269)
[ 137.190237][ C0] ? lock_acquire.part.0 (kernel/locking/lockdep.c:467 (discriminator 4))
[ 137.190351][ C0] ? inet6_csk_xmit (include/linux/rcupdate.h:337 (discriminator 1))
[ 137.190471][ C0] ? inet6_csk_route_socket (net/ipv6/inet6_connection_sock.c:105)
[ 137.190587][ C0] ? __pfx_lock_acquire.part.0 (kernel/locking/lockdep.c:5814)
[ 137.190703][ C0] ? trace_lock_acquire (include/trace/events/lock.h:24 (discriminator 2))
[ 137.190828][ C0] ? inet6_csk_xmit (include/linux/rcupdate.h:337 (discriminator 1))
[ 137.190941][ C0] ? lock_acquire (kernel/locking/lockdep.c:5822)
[ 137.191065][ C0] inet6_csk_xmit (net/ipv6/inet6_connection_sock.c:135 (discriminator 11))
[ 137.191180][ C0] ? __pfx_inet6_csk_xmit (net/ipv6/inet6_connection_sock.c:115)
[ 137.191305][ C0] __tcp_transmit_skb (net/ipv4/tcp_output.c:1468 (discriminator 1))
[ 137.191429][ C0] ? __alloc_skb (net/core/skbuff.c:694)
[ 137.191545][ C0] ? __pfx___tcp_transmit_skb (net/ipv4/tcp_output.c:1289)
[ 137.191671][ C0] ? __tcp_send_ack.part.0 (include/linux/skbuff.h:1331)
[ 137.191789][ C0] tcp_rcv_synsent_state_process (net/ipv4/tcp_input.c:6577)
[ 137.191941][ C0] ? hlock_class (arch/x86/include/asm/bitops.h:227)
[ 137.192083][ C0] ? mark_lock (kernel/locking/lockdep.c:4727 (discriminator 1))
[ 137.192173][ C0] ? __pfx_tcp_rcv_synsent_state_process (net/ipv4/tcp_input.c:6430)
[ 137.192317][ C0] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347)
[ 137.192459][ C0] ? kvm_clock_get_cycles (arch/x86/include/asm/preempt.h:94 (discriminator 1))
[ 137.192574][ C0] ? ktime_get (kernel/time/timekeeping.c:226)
[ 137.192668][ C0] tcp_rcv_state_process (net/ipv4/tcp_input.c:6771)
[ 137.192784][ C0] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5525)
[ 137.192904][ C0] ? __pfx_tcp_rcv_state_process (net/ipv4/tcp_input.c:6726)
[ 137.193046][ C0] ? hlock_class (arch/x86/include/asm/bitops.h:227)
[ 137.193185][ C0] ? mark_lock (kernel/locking/lockdep.c:4727 (discriminator 1))
[ 137.193279][ C0] tcp_v6_do_rcv (net/ipv6/tcp_ipv6.c:1667)
[ 137.193393][ C0] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347)
[ 137.193538][ C0] __release_sock (net/core/sock.c:3108)
[ 137.193658][ C0] release_sock (net/core/sock.c:3662)
[ 137.193775][ C0] mptcp_sendmsg_fastopen.constprop.0 (net/mptcp/protocol.c:1651)
[ 137.193923][ C0] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347)
[ 137.194074][ C0] mptcp_sendmsg (net/mptcp/protocol.c:1727)
[ 137.194198][ C0] ? __pfx_mptcp_sendmsg (net/mptcp/protocol.c:1711)
[ 137.194314][ C0] ? __might_fault (mm/memory.c:6751 (discriminator 2))
[ 137.194435][ C0] __sys_sendto (net/socket.c:711 (discriminator 1))
[ 137.194553][ C0] ? __pfx___sys_sendto (net/socket.c:2175)
[ 137.194668][ C0] ? __pfx___lock_release.isra.0 (kernel/locking/lockdep.c:5500)
[ 137.194818][ C0] ? rseq_update_cpu_node_id (kernel/rseq.c:109)
[ 137.194942][ C0] ? ksys_read (include/linux/file.h:62)
[ 137.195066][ C0] ? __pfx_ksys_read (fs/read_write.c:698)
[ 137.195186][ C0] __x64_sys_sendto (net/socket.c:2211)
[ 137.195300][ C0] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347)
[ 137.195442][ C0] do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1))
[ 137.195558][ C0] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)
[  137.195702][    C0] RIP: 0033:0x7f365ce44eb7
[ 137.195826][ C0] Code: c7 c0 ff ff ff ff eb be 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 80 3d b5 31 0e 00 00 41 89 ca 74 10 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 69 c3 55 48 89 e5 53 48 83 ec 38 44 89 4d d0
All code
========
   0:	c7 c0 ff ff ff ff    	mov    $0xffffffff,%eax
   6:	eb be                	jmp    0xffffffffffffffc6
   8:	66 2e 0f 1f 84 00 00 	cs nopw 0x0(%rax,%rax,1)
   f:	00 00 00 
  12:	90                   	nop
  13:	f3 0f 1e fa          	endbr64
  17:	80 3d b5 31 0e 00 00 	cmpb   $0x0,0xe31b5(%rip)        # 0xe31d3
  1e:	41 89 ca             	mov    %ecx,%r10d
  21:	74 10                	je     0x33
  23:	b8 2c 00 00 00       	mov    $0x2c,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax		<-- trapping instruction
  30:	77 69                	ja     0x9b
  32:	c3                   	ret
  33:	55                   	push   %rbp
  34:	48 89 e5             	mov    %rsp,%rbp
  37:	53                   	push   %rbx
  38:	48 83 ec 38          	sub    $0x38,%rsp
  3c:	44 89 4d d0          	mov    %r9d,-0x30(%rbp)

Code starting with the faulting instruction
===========================================
   0:	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax
   6:	77 69                	ja     0x71
   8:	c3                   	ret
   9:	55                   	push   %rbp
   a:	48 89 e5             	mov    %rsp,%rbp
   d:	53                   	push   %rbx
   e:	48 83 ec 38          	sub    $0x38,%rsp
  12:	44 89 4d d0          	mov    %r9d,-0x30(%rbp)
[  137.196232][    C0] RSP: 002b:00007ffc419f7898 EFLAGS: 00000202 ORIG_RAX: 000000000000002c
[  137.196411][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f365ce44eb7
[  137.196587][    C0] RDX: 0000000000002000 RSI: 00007ffc419f79ac RDI: 0000000000000003
[  137.196755][    C0] RBP: 0000000000000003 R08: 00005639b5c6b2d0 R09: 000000000000001c
[  137.196930][    C0] R10: 0000000020000000 R11: 0000000000000202 R12: 00005639b5c6b2a0
[  137.197107][    C0] R13: 00007ffc419f79ac R14: 00005639b2dfa8f1 R15: 0000000000000106
[  137.197289][    C0]  </TASK>
[  137.197377][    C0] irq event stamp: 43224
[ 137.197465][ C0] hardirqs last enabled at (43234): __up_console_sem (arch/x86/include/asm/irqflags.h:26)
[ 137.197666][ C0] hardirqs last disabled at (43243): __up_console_sem (kernel/printk/printk.c:342 (discriminator 3))
[ 137.197869][ C0] softirqs last enabled at (41446): __dev_queue_xmit (include/linux/rcupdate.h:347 (discriminator 1))
[ 137.198074][ C0] softirqs last disabled at (41447): do_softirq (kernel/softirq.c:462 (discriminator 20))
[  137.198277][    C0] ---[ end trace 0000000000000000 ]---
@matttbe matttbe added the bug label Jan 7, 2025
@matttbe
Copy link
Member Author

matttbe commented Jan 7, 2025

This is not that easy to reproduce:

# INFO: with MPTFO start
# 57 ns2 MPTCP -> ns1 (10.0.1.1:10054      ) MPTCP     (duration   375ms) [ OK ]
# 58 ns2 MPTCP -> ns1 (10.0.1.1:10055      ) MPTCP     [ 1967.590463][    C0] ------------[ cut here ]------------
[ 1967.590913][ C0] WARNING: CPU: 0 PID: 32487 at net/mptcp/fastopen.c:69 __mptcp_fastopen_gen_msk_ackseq (net/mptcp/fastopen.c:69)
[ 1967.591582][    C0] Modules linked in: nft_tproxy nf_tproxy_ipv6 nf_tproxy_ipv4 nft_socket nf_socket_ipv4 nf_socket_ipv6 nf_tables sch_netem
[ 1967.592152][    C0] CPU: 0 UID: 0 PID: 32487 Comm: mptcp_connect Not tainted 6.13.0-rc5+ #19
[ 1967.592439][    C0] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 1967.592655][ C0] RIP: 0010:__mptcp_fastopen_gen_msk_ackseq (net/mptcp/fastopen.c:69)
[ 1967.592826][ C0] Code: 8a 69 05 ff 4c 89 ea 58 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 b9 00 00 00 4c 8b 4d 30 e9 a3 fe ff ff 90 <0f> 0b 90 e9 1c fe ff ff 90 0f 0b 90 e9 81 fe ff ff e8 3e d8 98 fe
All code
========
   0:   8a 69 05                mov    0x5(%rcx),%ch
   3:   ff 4c 89 ea             decl   -0x16(%rcx,%rcx,4)
   7:   58                      pop    %rax
   8:   48 b8 00 00 00 00 00    movabs $0xdffffc0000000000,%rax
   f:   fc ff df
  12:   48 c1 ea 03             shr    $0x3,%rdx
  16:   80 3c 02 00             cmpb   $0x0,(%rdx,%rax,1)
  1a:   0f 85 b9 00 00 00       jne    0xd9
  20:   4c 8b 4d 30             mov    0x30(%rbp),%r9
  24:   e9 a3 fe ff ff          jmp    0xfffffffffffffecc
  29:   90                      nop
  2a:*  0f 0b                   ud2             <-- trapping instruction
  2c:   90                      nop
  2d:   e9 1c fe ff ff          jmp    0xfffffffffffffe4e
  32:   90                      nop
  33:   0f 0b                   ud2
  35:   90                      nop
  36:   e9 81 fe ff ff          jmp    0xfffffffffffffebc
  3b:   e8 3e d8 98 fe          call   0xfffffffffe98d87e

Code starting with the faulting instruction
===========================================
   0:   0f 0b                   ud2
   2:   90                      nop
   3:   e9 1c fe ff ff          jmp    0xfffffffffffffe24
   8:   90                      nop
   9:   0f 0b                   ud2
   b:   90                      nop
   c:   e9 81 fe ff ff          jmp    0xfffffffffffffe92
  11:   e8 3e d8 98 fe          call   0xfffffffffe98d854
[ 1967.593260][    C0] RSP: 0018:ffffc90000007400 EFLAGS: 00010202
[ 1967.593432][    C0] RAX: 0000000000000000 RBX: ffff88800b185c00 RCX: ffffffffaa1b569b
[ 1967.593614][    C0] RDX: 0000000000000001 RSI: ffff88800d4f7c00 RDI: ffff88800b185e00
[ 1967.593801][    C0] RBP: ffff88800b185dc0 R08: 0000000000000001 R09: ffffed1001630c96
[ 1967.594027][    C0] R10: ffff88800b1864b7 R11: 0000000000000000 R12: 0000000000000000
[ 1967.594213][    C0] R13: 0000000000000004 R14: ffff88800a88be80 R15: ffff88800d4f7c58
[ 1967.594404][    C0] FS:  00007f1c65bbd740(0000) GS:ffff88806d200000(0000) knlGS:0000000000000000
[ 1967.594964][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1967.595123][    C0] CR2: 00007f1c65d09cf0 CR3: 0000000011ba6000 CR4: 0000000000750ef0
[ 1967.595310][    C0] PKRU: 55555554
[ 1967.595417][    C0] Call Trace:
[ 1967.595517][    C0]  <IRQ>
[ 1967.595590][ C0] ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259 (discriminator 1))
[ 1967.595725][ C0] ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259 (discriminator 1))
[ 1967.595861][ C0] ? check_fully_established (include/linux/spinlock.h:396)
[ 1967.596000][ C0] ? __mptcp_fastopen_gen_msk_ackseq (net/mptcp/fastopen.c:69)
[ 1967.596166][ C0] ? __warn.cold (kernel/panic.c:748)
[ 1967.596291][ C0] ? __mptcp_fastopen_gen_msk_ackseq (net/mptcp/fastopen.c:69)
[ 1967.596537][ C0] ? report_bug (lib/bug.c:180)
[ 1967.596664][ C0] ? handle_bug (arch/x86/kernel/traps.c:285)
[ 1967.596767][ C0] ? exc_invalid_op (arch/x86/kernel/traps.c:309 (discriminator 1))
[ 1967.596935][ C0] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)
[ 1967.597087][ C0] ? __mptcp_subflow_fully_established (arch/x86/include/asm/atomic64_64.h:20)
[ 1967.597237][ C0] ? __mptcp_fastopen_gen_msk_ackseq (net/mptcp/fastopen.c:69)
[ 1967.597402][ C0] ? __mptcp_subflow_fully_established (arch/x86/include/asm/atomic64_64.h:20)
[ 1967.597553][ C0] check_fully_established (include/linux/spinlock.h:396)
[ 1967.597680][ C0] mptcp_incoming_options (net/mptcp/options.c:1155 (discriminator 1))
[ 1967.597798][ C0] ? tcp_v4_rcv (include/linux/spinlock.h:391)
[ 1967.597967][ C0] ? __pfx_validate_chain (kernel/locking/lockdep.c:3860)
[ 1967.598113][ C0] ? __pfx_mptcp_incoming_options (net/mptcp/options.c:1124)
[ 1967.598276][ C0] ? find_held_lock (kernel/locking/lockdep.c:5339 (discriminator 1))
[ 1967.598402][ C0] ? __subflow_state_change (include/linux/rcupdate.h:347 (discriminator 1))
[ 1967.598526][ C0] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5525)
[ 1967.598650][ C0] tcp_data_queue (net/ipv4/tcp_input.c:5233 (discriminator 1))
[ 1967.598775][ C0] ? subflow_check_data_avail (net/mptcp/subflow.c:1392)
[ 1967.598942][ C0] ? __pfx_tcp_data_queue (net/ipv4/tcp_input.c:5224)
[ 1967.599070][ C0] ? __pfx_subflow_sched_work_if_closed (net/mptcp/subflow.c:1281)
[ 1967.599219][ C0] tcp_rcv_state_process (net/ipv4/tcp_input.c:6978)
[ 1967.599343][ C0] ? __pfx_lock_acquire.part.0 (kernel/locking/lockdep.c:5814)
[ 1967.599461][ C0] ? __pfx_tcp_rcv_state_process (net/ipv4/tcp_input.c:6726)
[ 1967.599622][ C0] ? do_raw_spin_lock (arch/x86/include/asm/atomic.h:107 (discriminator 1))
[ 1967.599746][ C0] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114)
[ 1967.599884][ C0] tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1941)
[ 1967.600022][ C0] tcp_v4_rcv (include/linux/spinlock.h:391)
[ 1967.600157][ C0] ? __pfx_tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2180)
[ 1967.600286][ C0] ? trace_lock_acquire (include/trace/events/lock.h:24 (discriminator 2))
[ 1967.600414][ C0] ip_protocol_deliver_rcu (net/ipv4/ip_input.c:207)
[ 1967.600537][ C0] ip_local_deliver_finish (include/linux/rcupdate.h:878)
[ 1967.600694][ C0] ip_local_deliver (net/ipv4/ip_input.c:251)
[ 1967.600836][ C0] ? __pfx_ip_local_deliver (net/ipv4/ip_input.c:243)
[ 1967.600975][ C0] ? ip_rcv_finish_core (include/linux/skbuff.h:1152 (discriminator 1))
[ 1967.601106][ C0] ip_rcv (include/net/dst.h:469 (discriminator 4))
[ 1967.601214][ C0] ? __pfx_ip_rcv (net/ipv4/ip_input.c:560)
[ 1967.601348][ C0] ? lock_acquire.part.0 (kernel/locking/lockdep.c:467 (discriminator 4))
[ 1967.601475][ C0] ? process_backlog (include/linux/local_lock_internal.h:38 (discriminator 1))
[ 1967.601598][ C0] ? __pfx_ip_rcv (net/ipv4/ip_input.c:560)
[ 1967.601720][ C0] __netif_receive_skb_one_core (net/core/dev.c:5674 (discriminator 4))
[ 1967.601878][ C0] ? __pfx___netif_receive_skb_one_core (net/core/dev.c:5667)
[ 1967.602039][ C0] ? process_backlog (include/linux/local_lock_internal.h:38 (discriminator 1))
[ 1967.602169][ C0] ? lock_acquire (kernel/locking/lockdep.c:5822)
[ 1967.602289][ C0] ? process_backlog (include/linux/local_lock_internal.h:38 (discriminator 1))
[ 1967.602413][ C0] ? process_backlog (include/linux/local_lock_internal.h:38 (discriminator 1))
[ 1967.602532][ C0] process_backlog (include/linux/rcupdate.h:878)
[ 1967.602655][ C0] __napi_poll.constprop.0 (net/core/dev.c:6885)
[ 1967.602778][ C0] net_rx_action (net/core/dev.c:6954)
[ 1967.602918][ C0] ? __pfx_net_rx_action (net/core/dev.c:7038)
[ 1967.603043][ C0] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 (discriminator 1))
[ 1967.603198][ C0] ? mark_held_locks (kernel/locking/lockdep.c:4321 (discriminator 1))
[ 1967.603321][ C0] handle_softirqs (kernel/softirq.c:561)
[ 1967.603447][ C0] ? __pfx_handle_softirqs (kernel/softirq.c:519)
[ 1967.603568][ C0] ? __dev_queue_xmit (include/linux/rcupdate.h:347 (discriminator 1))
[ 1967.603691][ C0] do_softirq (kernel/softirq.c:462 (discriminator 20))
[ 1967.603786][    C0]  </IRQ>
[ 1967.603862][    C0]  <TASK>
[ 1967.603935][ C0] __local_bh_enable_ip (kernel/softirq.c:389)
[ 1967.604057][ C0] ? __dev_queue_xmit (include/linux/rcupdate.h:347 (discriminator 1))
[ 1967.604180][ C0] __dev_queue_xmit (net/core/dev.c:4345)
[ 1967.604306][ C0] ? ip_finish_output2 (include/net/neighbour.h:539 (discriminator 2))
[ 1967.604430][ C0] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5525)
[ 1967.604551][ C0] ? __pfx___lock_release.isra.0 (kernel/locking/lockdep.c:5500)
[ 1967.604697][ C0] ? __pfx___dev_queue_xmit (net/core/dev.c:4345)
[ 1967.604824][ C0] ? __asan_memcpy (mm/kasan/shadow.c:105 (discriminator 1))
[ 1967.604953][ C0] ? eth_header (net/ethernet/eth.c:100)
[ 1967.605075][ C0] ? neigh_resolve_output (include/linux/netdevice.h:3266)
[ 1967.605214][ C0] ip_finish_output2 (include/net/neighbour.h:539 (discriminator 2))
[ 1967.605336][ C0] ? trace_lock_acquire (include/trace/events/lock.h:24 (discriminator 2))
[ 1967.605468][ C0] ? kernel_text_address (kernel/extable.c:125 (discriminator 1))
[ 1967.605599][ C0] ? __pfx_ip_finish_output2 (net/ipv4/ip_output.c:200)
[ 1967.605723][ C0] ? mark_lock (kernel/locking/lockdep.c:4727 (discriminator 1))
[ 1967.605823][ C0] __ip_finish_output (net/ipv4/ip_output.c:314)
[ 1967.605960][ C0] ? __pfx___ip_finish_output (net/ipv4/ip_output.c:297)
(...)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@matttbe