Bug#1033398: linux-image-amd64: reproducible kernel freeze on 5.19+
Package: linux-image-amd64
Version: 6.1.20-1
Severity: important
X-Debbugs-Cc: tim.ruehsen@gmx.de
Dear Maintainer,
* What led up to the situation?
We run a priviledged eBPF based tool with a communication between kernel and user space.
It runs without issues on kernels 4.15 to 5.18.
On kernels 5.19+, the whole system freezes after a few minutes.
It seems that with more system activities (load, forks) the freeze happens earlier.
The underlying hardware seems to play no role, we could reproduce this on different
bare metal systems as well as within a qemu based VM.
Since the running program is rather complex, it is not easily possible to carve out a small reproducer.
We can provide gdb backtraces from freezes inside qemu.
-- System Information:
Debian Release: 12.0
APT prefers testing-security
APT policy: (500, 'testing-security'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-7-amd64 (SMP w/20 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=locale: Cannot set LC_ALL to default locale: No such file or directory
UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages linux-image-amd64 depends on:
ii linux-image-6.1.0-7-amd64 6.1.20-1
linux-image-amd64 recommends no packages.
linux-image-amd64 suggests no packages.
-- debconf information:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LC_MONETARY = "en_DE.UTF-8",
LC_COLLATE = "en_DE.UTF-8",
LANG = "en_US.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_US.UTF-8").
locale: Cannot set LC_ALL to default locale: No such file or directory
(gdb) thread apply all bt full
Thread 8 (Thread 1.8 (CPU#7 [running])):
#0 arch_atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/atomic.h:29
No locals.
#1 atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/atomic/atomic-instrumented.h:28
No locals.
#2 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
val = <optimized out>
#3 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
prev = <optimized out>
next = <optimized out>
node = 0xffff88813bdf1b40
old = <optimized out>
tail = 2097152
idx = 0
queue = <optimized out>
cnt = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
#4 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=7, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
__esi = <optimized out>
__edx = <optimized out>
__edi = <optimized out>
__ecx = <optimized out>
__eax = <optimized out>
#5 queued_spin_lock_slowpath (val=7, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
No locals.
#6 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
val = 7
val = <optimized out>
#7 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
No locals.
#8 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
No locals.
#9 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
No locals.
#10 0xffffffff812e1ba7 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
No locals.
#11 alloc_vmap_area (size=size@entry=20480, align=align@entry=16384, vstart=vstart@entry=18446683600570023936, vend=vend@entry=18446718784942112767, node=node@entry=-1, gfp_mask=3264, gfp_mask@entry=3520) at mm/vmalloc.c:1634
va = 0xffff88802dbb05c0
freed = 0
addr = <optimized out>
purged = 0
ret = <optimized out>
retry = <optimized out>
__func__ = "alloc_vmap_area"
#12 0xffffffff812e2111 in __get_vm_area_node (size=20480, size@entry=16384, align=align@entry=16384, shift=shift@entry=12, flags=flags@entry=34, start=start@entry=18446683600570023936, end=end@entry=18446718784942112767, node=-1, gfp_mask=3520, caller=0xffffffff8109ad0f <kernel_clone+191>) at mm/vmalloc.c:2501
va = <optimized out>
area = 0xffff888113d8dfc0
requested_size = 16384
#13 0xffffffff812e52c4 in __vmalloc_node_range (size=<optimized out>, size@entry=16384, align=align@entry=16384, start=<optimized out>, end=<optimized out>, gfp_mask=gfp_mask@entry=3520, prot=..., vm_flags=<optimized out>, node=<optimized out>, caller=<optimized out>) at mm/vmalloc.c:3173
area = <optimized out>
ret = <optimized out>
kasan_flags = <optimized out>
real_size = 16384
real_align = 16384
shift = 12
again = <optimized out>
#14 0xffffffff8109969d in alloc_thread_stack_node (node=<optimized out>, tsk=<optimized out>) at kernel/fork.c:316
vm = <optimized out>
stack = <optimized out>
i = 2
vm = <optimized out>
stack = <optimized out>
i = <optimized out>
s = <optimized out>
pscr2_ret__ = <optimized out>
__vpp_verify = <optimized out>
pxo_old__ = <optimized out>
pxo_new__ = <optimized out>
pxo_old__ = <optimized out>
pxo_new__ = <optimized out>
pxo_old__ = <optimized out>
pxo_new__ = <optimized out>
pxo_old__ = <optimized out>
pxo_new__ = <optimized out>
__fortify_size = <optimized out>
#15 dup_task_struct (node=-1, orig=0xffff888036d89940) at kernel/fork.c:982
tsk = 0xffff8881072f8000
err = <optimized out>
free_stack = <optimized out>
tsk = <optimized out>
err = <optimized out>
free_tsk = <optimized out>
free_stack = <optimized out>
#16 copy_process (pid=pid@entry=0x0 <fixed_percpu_data>, trace=trace@entry=0, node=node@entry=-1, args=args@entry=0xffffc90020eb3e48) at kernel/fork.c:2096
pidfd = -1
retval = -12
p = <optimized out>
delayed = {
signal = {
sig = {
0
}
},
node = {
next = 0x0 <fixed_percpu_data>,
pprev = 0xffff8880372d67d8
}
}
pidfile = 0x0 <fixed_percpu_data>
clone_flags = 16640
nsp = <optimized out>
__vpp_verify = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
#17 0xffffffff8109ad0f in kernel_clone (args=args@entry=0xffffc90020eb3e48) at kernel/fork.c:2685
clone_flags = 16640
vfork = {
done = 0,
wait = {
lock = {
raw_lock = {
{
val = {
counter = 0
},
{
locked = 0 '\000',
pending = 0 '\000'
},
{
locked_pending = 0,
tail = 0
}
}
}
},
task_list = {
next = 0x0 <fixed_percpu_data>,
prev = 0x0 <fixed_percpu_data>
}
}
}
pid = <optimized out>
p = <optimized out>
trace = 0
nr = <optimized out>
#18 0xffffffff8109b3f4 in __do_sys_vfork (__unused=<optimized out>) at kernel/fork.c:2788
args = {
flags = 16640,
pidfd = 0x0 <fixed_percpu_data>,
child_tid = 0x0 <fixed_percpu_data>,
parent_tid = 0x0 <fixed_percpu_data>,
exit_signal = 17,
stack = 0,
stack_size = 0,
tls = 0,
set_tid = 0x0 <fixed_percpu_data>,
set_tid_size = 0,
cgroup = 0,
io_thread = 0,
kthread = 0,
idle = 0,
fn = 0x0 <fixed_percpu_data>,
fn_arg = 0x0 <fixed_percpu_data>,
cgrp = 0x0 <fixed_percpu_data>,
cset = 0x0 <fixed_percpu_data>
}
#19 0xffffffff81a1415b in do_syscall_x64 (nr=<optimized out>, regs=0xffffc90020eb3f58) at arch/x86/entry/common.c:50
unr = <optimized out>
#20 do_syscall_64 (regs=0xffffc90020eb3f58, nr=<optimized out>) at arch/x86/entry/common.c:80
No locals.
#21 0xffffffff81c0009b in entry_SYSCALL_64 () at /build/linux-Jo42U8/linux-6.1.15/arch/x86/entry/entry_64.S:120
No locals.
#22 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 7 (Thread 1.7 (CPU#6 [running])):
#0 arch_atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/atomic.h:29
No locals.
#1 atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/atomic/atomic-instrumented.h:28
No locals.
#2 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
val = <optimized out>
#3 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
prev = <optimized out>
next = <optimized out>
node = 0xffff88813bdb1b40
old = <optimized out>
tail = 1835008
idx = 0
queue = <optimized out>
cnt = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
#4 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=6, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
__esi = <optimized out>
__edx = <optimized out>
__edi = <optimized out>
__ecx = <optimized out>
__eax = <optimized out>
#5 queued_spin_lock_slowpath (val=6, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
No locals.
#6 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
val = 6
val = <optimized out>
#7 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
No locals.
#8 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
No locals.
#9 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
No locals.
#10 0xffffffff812e1ba7 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
No locals.
#11 alloc_vmap_area (size=size@entry=20480, align=align@entry=16384, vstart=vstart@entry=18446683600570023936, vend=vend@entry=18446718784942112767, node=node@entry=-1, gfp_mask=3264, gfp_mask@entry=3520) at mm/vmalloc.c:1634
va = 0xffff88802daa7180
freed = 0
addr = <optimized out>
purged = 0
ret = <optimized out>
retry = <optimized out>
__func__ = "alloc_vmap_area"
#12 0xffffffff812e2111 in __get_vm_area_node (size=20480, size@entry=16384, align=align@entry=16384, shift=shift@entry=12, flags=flags@entry=34, start=start@entry=18446683600570023936, end=end@entry=18446718784942112767, node=-1, gfp_mask=3520, caller=0xffffffff8109ad0f <kernel_clone+191>) at mm/vmalloc.c:2501
va = <optimized out>
area = 0xffff888102490ac0
requested_size = 16384
#13 0xffffffff812e52c4 in __vmalloc_node_range (size=<optimized out>, size@entry=16384, align=align@entry=16384, start=<optimized out>, end=<optimized out>, gfp_mask=gfp_mask@entry=3520, prot=..., vm_flags=<optimized out>, node=<optimized out>, caller=<optimized out>) at mm/vmalloc.c:3173
area = <optimized out>
ret = <optimized out>
kasan_flags = <optimized out>
real_size = 16384
real_align = 16384
shift = 12
again = <optimized out>
#14 0xffffffff8109969d in alloc_thread_stack_node (node=<optimized out>, tsk=<optimized out>) at kernel/fork.c:316
vm = <optimized out>
stack = <optimized out>
i = 2
vm = <optimized out>
stack = <optimized out>
i = <optimized out>
s = <optimized out>
pscr2_ret__ = <optimized out>
__vpp_verify = <optimized out>
pxo_old__ = <optimized out>
pxo_new__ = <optimized out>
pxo_old__ = <optimized out>
pxo_new__ = <optimized out>
pxo_old__ = <optimized out>
pxo_new__ = <optimized out>
pxo_old__ = <optimized out>
pxo_new__ = <optimized out>
__fortify_size = <optimized out>
#15 dup_task_struct (node=-1, orig=0xffff8880160b9940) at kernel/fork.c:982
tsk = 0xffff88811082e500
err = <optimized out>
free_stack = <optimized out>
tsk = <optimized out>
err = <optimized out>
free_tsk = <optimized out>
free_stack = <optimized out>
#16 copy_process (pid=pid@entry=0x0 <fixed_percpu_data>, trace=trace@entry=0, node=node@entry=-1, args=args@entry=0xffffc90020ddbe58) at kernel/fork.c:2096
pidfd = -1
retval = -12
p = <optimized out>
delayed = {
signal = {
sig = {
0
}
},
node = {
next = 0x0 <fixed_percpu_data>,
pprev = 0xffff88811293f0d8
}
}
pidfile = 0x0 <fixed_percpu_data>
clone_flags = 18874368
nsp = <optimized out>
__vpp_verify = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
#17 0xffffffff8109ad0f in kernel_clone (args=args@entry=0xffffc90020ddbe58) at kernel/fork.c:2685
clone_flags = 18874368
vfork = {
done = 0,
wait = {
lock = {
raw_lock = {
{
val = {
counter = 0
},
{
locked = 0 '\000',
pending = 0 '\000'
},
{
locked_pending = 0,
tail = 0
}
}
}
},
task_list = {
next = 0x0 <fixed_percpu_data>,
prev = 0x0 <fixed_percpu_data>
}
}
}
pid = <optimized out>
p = <optimized out>
trace = 0
nr = <optimized out>
#18 0xffffffff8109b0f8 in __do_sys_clone (clone_flags=<optimized out>, newsp=<optimized out>, parent_tidptr=<optimized out>, child_tidptr=<optimized out>, tls=<optimized out>) at kernel/fork.c:2826
args = {
flags = 18874368,
pidfd = 0x0 <fixed_percpu_data>,
child_tid = 0x7f280b14c850,
parent_tid = 0x0 <fixed_percpu_data>,
exit_signal = 17,
stack = 0,
stack_size = 0,
tls = 0,
set_tid = 0x0 <fixed_percpu_data>,
set_tid_size = 0,
cgroup = 0,
io_thread = 0,
kthread = 0,
idle = 0,
fn = 0x0 <fixed_percpu_data>,
fn_arg = 0x0 <fixed_percpu_data>,
cgrp = 0x0 <fixed_percpu_data>,
cset = 0x0 <fixed_percpu_data>
}
#19 0xffffffff81a1415b in do_syscall_x64 (nr=<optimized out>, regs=0xffffc90020ddbf58) at arch/x86/entry/common.c:50
unr = <optimized out>
#20 do_syscall_64 (regs=0xffffc90020ddbf58, nr=<optimized out>) at arch/x86/entry/common.c:80
No locals.
#21 0xffffffff81c0009b in entry_SYSCALL_64 () at /build/linux-Jo42U8/linux-6.1.15/arch/x86/entry/entry_64.S:120
No locals.
#22 0x00007ffe64384d10 in ?? ()
No symbol table info available.
#23 0x0000563202de6388 in ?? ()
No symbol table info available.
#24 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 6 (Thread 1.6 (CPU#5 [running])):
#0 arch_atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/atomic.h:29
No locals.
#1 atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/atomic/atomic-instrumented.h:28
No locals.
#2 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
val = <optimized out>
#3 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
prev = <optimized out>
next = <optimized out>
node = 0xffff88813bd71b40
old = <optimized out>
tail = 1572864
idx = 0
queue = <optimized out>
cnt = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
#4 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=5, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
__esi = <optimized out>
__edx = <optimized out>
__edi = <optimized out>
__ecx = <optimized out>
__eax = <optimized out>
#5 queued_spin_lock_slowpath (val=5, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
No locals.
#6 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
val = 5
val = <optimized out>
#7 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
No locals.
#8 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
No locals.
#9 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
No locals.
#10 0xffffffff812e4ad7 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
No locals.
#11 find_vmap_area (addr=18446683601121837056) at mm/vmalloc.c:1853
va = <optimized out>
va = <optimized out>
#12 find_vm_area (addr=0xffffc90020e40000) at mm/vmalloc.c:2573
va = <optimized out>
va = <optimized out>
#13 __vunmap (addr=0xffffc90020e40000, deallocate_pages=1) at mm/vmalloc.c:2687
area = <optimized out>
#14 0xffffffff812e4df1 in free_work (w=<optimized out>) at mm/vmalloc.c:97
p = <optimized out>
t = 0x0 <fixed_percpu_data>
llnode = <optimized out>
__mptr = <optimized out>
#15 0xffffffff810bec87 in process_one_work (worker=worker@entry=0xffff8881008803c0, work=0xffff88813bd6d788) at kernel/workqueue.c:2289
pwq = 0xffff88813bd76900
pool = 0xffff88813bd70800
cpu_intensive = false
work_data = 18446612687368972549
collision = 0x0 <fixed_percpu_data>
#16 0xffffffff810bf22d in worker_thread (__worker=0xffff8881008803c0) at kernel/workqueue.c:2436
work = <optimized out>
worker = 0xffff8881008803c0
pool = 0xffff88813bd70800
recheck = <optimized out>
#17 0xffffffff810c68d9 in kthread (_create=0xffff888100881200) at kernel/kthread.c:376
param = {
sched_priority = 0
}
create = 0xffff888100881200
threadfn = 0xffffffff810bf1e0 <worker_thread>
data = 0xffff8881008803c0
done = 0xffffc900001a3db8
self = 0xffff888100c4df80
ret = -4
#18 0xffffffff81002072 in ret_from_fork () at /build/linux-Jo42U8/linux-6.1.15/arch/x86/entry/entry_64.S:306
No locals.
#19 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 5 (Thread 1.5 (CPU#4 [running])):
#0 arch_atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/atomic.h:29
No locals.
#1 atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/atomic/atomic-instrumented.h:28
No locals.
#2 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
val = <optimized out>
#3 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
prev = <optimized out>
next = <optimized out>
node = 0xffff88813bd31b40
old = <optimized out>
tail = 1310720
idx = 0
queue = <optimized out>
cnt = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
#4 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=4, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
__esi = <optimized out>
__edx = <optimized out>
__edi = <optimized out>
__ecx = <optimized out>
__eax = <optimized out>
#5 queued_spin_lock_slowpath (val=4, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
No locals.
#6 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
val = 4
val = <optimized out>
#7 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
No locals.
#8 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
No locals.
#9 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
No locals.
#10 0xffffffff812e4ad7 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
No locals.
#11 find_vmap_area (addr=18446683601122656256) at mm/vmalloc.c:1853
va = <optimized out>
va = <optimized out>
#12 find_vm_area (addr=0xffffc90020f08000) at mm/vmalloc.c:2573
va = <optimized out>
va = <optimized out>
#13 __vunmap (addr=0xffffc90020f08000, deallocate_pages=1) at mm/vmalloc.c:2687
area = <optimized out>
#14 0xffffffff812e4df1 in free_work (w=<optimized out>) at mm/vmalloc.c:97
p = <optimized out>
t = 0x0 <fixed_percpu_data>
llnode = <optimized out>
__mptr = <optimized out>
#15 0xffffffff810bec87 in process_one_work (worker=worker@entry=0xffff888115b706c0, work=0xffff88813bd2d788) at kernel/workqueue.c:2289
pwq = 0xffff88813bd36900
pool = 0xffff88813bd30800
cpu_intensive = false
work_data = 18446612687368710405
collision = 0x0 <fixed_percpu_data>
#16 0xffffffff810bf22d in worker_thread (__worker=0xffff888115b706c0) at kernel/workqueue.c:2436
work = <optimized out>
worker = 0xffff888115b706c0
pool = 0xffff88813bd30800
recheck = <optimized out>
#17 0xffffffff810c68d9 in kthread (_create=0xffff88810685a300) at kernel/kthread.c:376
param = {
sched_priority = 0
}
create = 0xffff88810685a300
threadfn = 0xffffffff810bf1e0 <worker_thread>
data = 0xffff888115b706c0
done = 0xffffc9000039bdb8
self = 0xffff88810087b680
ret = -4
#18 0xffffffff81002072 in ret_from_fork () at /build/linux-Jo42U8/linux-6.1.15/arch/x86/entry/entry_64.S:306
No locals.
#19 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 4 (Thread 1.4 (CPU#3 [halted ])):
#0 0xffffffff81a2a8ea in native_halt () at arch/x86/include/asm/irqflags.h:58
No locals.
#1 0xffffffff81077604 in halt () at arch/x86/include/asm/paravirt.h:178
__esi = <optimized out>
__edx = <optimized out>
__edi = <optimized out>
__ecx = <optimized out>
__eax = <optimized out>
#2 kvm_wait (val=3 '\003', ptr=0xffffffff837c2b4c <vmap_area_lock> "\003") at arch/x86/kernel/kvm.c:1060
No locals.
#3 kvm_wait (ptr=0xffffffff837c2b4c <vmap_area_lock> "\003", val=3 '\003') at arch/x86/kernel/kvm.c:1048
_flags = <optimized out>
__dummy = <optimized out>
__dummy2 = <optimized out>
__dummy = <optimized out>
__dummy2 = <optimized out>
#4 0xffffffff81a2be54 in pv_wait (val=3 '\003', ptr=0xffffffff837c2b4c <vmap_area_lock> "\003") at arch/x86/include/asm/paravirt.h:603
__esi = <optimized out>
__edx = <optimized out>
__edi = <optimized out>
__ecx = <optimized out>
__eax = <optimized out>
#5 pv_wait_head_or_lock (node=0xffff88813bcf1b40, lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:470
pn = 0xffff88813bcf1b40
lp = 0xffff88813ffc63c0
loop = <optimized out>
waitcnt = <optimized out>
pn = <optimized out>
lp = <optimized out>
waitcnt = <optimized out>
loop = <optimized out>
gotlock = <optimized out>
__ai_ptr = <optimized out>
__ret = <optimized out>
#6 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:511
prev = <optimized out>
next = 0x0 <fixed_percpu_data>
node = 0xffff88813bcf1b40
old = <optimized out>
tail = <optimized out>
idx = <optimized out>
queue = <optimized out>
cnt = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
#7 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=3, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
__esi = <optimized out>
__edx = <optimized out>
__edi = <optimized out>
__ecx = <optimized out>
__eax = <optimized out>
#8 queued_spin_lock_slowpath (val=3, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
No locals.
#9 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
val = 3
val = <optimized out>
#10 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
No locals.
#11 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
No locals.
#12 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
No locals.
#13 0xffffffff812e4856 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
No locals.
#14 find_vmap_area (addr=18446718784938865248) at mm/vmalloc.c:1853
va = <optimized out>
#15 0xffffffff813517df in check_heap_object (to_user=false, n=8, ptr=0xffffe8ffffce7260) at mm/usercopy.c:176
area = <optimized out>
addr = 18446718784938865248
offset = <optimized out>
folio = <optimized out>
addr = <optimized out>
offset = <optimized out>
folio = <optimized out>
area = <optimized out>
#16 __check_object_size (to_user=false, n=8, ptr=0xffffe8ffffce7260) at mm/usercopy.c:250
branch = <optimized out>
#17 __check_object_size (ptr=ptr@entry=0xffffe8ffffce7260, n=n@entry=8, to_user=to_user@entry=false) at mm/usercopy.c:212
No locals.
#18 0xffffffff81281105 in check_object_size (to_user=false, n=8, ptr=0xffffe8ffffce7260) at include/linux/thread_info.h:199
No locals.
#19 __copy_from_user_inatomic (n=8, from=0x7fff2a5b6178, to=0xffffe8ffffce7260) at include/linux/uaccess.h:64
res = <optimized out>
#20 copy_from_user_nofault (dst=dst@entry=0xffffe8ffffce7260, src=0x7fff2a5b6178, size=size@entry=8) at mm/maccess.c:118
ret = -14
#21 0xffffffff811e9ab8 in bpf_probe_read_user_common (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffce7260) at kernel/trace/bpf_trace.c:167
ret = <optimized out>
ret = <optimized out>
__fortify_size = <optimized out>
#22 ____bpf_probe_read_compat (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffce7260) at kernel/trace/bpf_trace.c:291
No locals.
#23 bpf_probe_read_compat (dst=18446718784938865248, size=<optimized out>, unsafe_ptr=<optimized out>, __ur_1=<optimized out>, __ur_2=<optimized out>) at kernel/trace/bpf_trace.c:287
No locals.
#24 0xffffffffc002c472 in ?? ()
No symbol table info available.
#25 0xffffc9001f523a58 in ?? ()
No symbol table info available.
#26 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 3 (Thread 1.3 (CPU#2 [halted ])):
#0 0xffffffff81a2a8ea in native_halt () at arch/x86/include/asm/irqflags.h:58
No locals.
#1 0xffffffff81077604 in halt () at arch/x86/include/asm/paravirt.h:178
__esi = <optimized out>
__edx = <optimized out>
__edi = <optimized out>
__ecx = <optimized out>
__eax = <optimized out>
#2 kvm_wait (val=1 '\001', ptr=0xffff88813bcb1b54 "\001") at arch/x86/kernel/kvm.c:1060
No locals.
#3 kvm_wait (ptr=0xffff88813bcb1b54 "\001", val=1 '\001') at arch/x86/kernel/kvm.c:1048
_flags = <optimized out>
__dummy = <optimized out>
__dummy2 = <optimized out>
__dummy = <optimized out>
__dummy2 = <optimized out>
#4 0xffffffff81a2bdfe in pv_wait (val=1 '\001', ptr=0xffff88813bcb1b54 "\001") at arch/x86/include/asm/paravirt.h:603
__esi = <optimized out>
__edx = <optimized out>
__edi = <optimized out>
__ecx = <optimized out>
__eax = <optimized out>
#5 pv_wait_node (prev=0xffff88813bcf1b40, node=0xffff88813bcb1b40) at kernel/locking/qspinlock_paravirt.h:325
pn = 0xffff88813bcb1b40
pp = 0xffff88813bcf1b40
loop = <optimized out>
wait_early = <optimized out>
pn = <optimized out>
pp = <optimized out>
loop = <optimized out>
wait_early = <optimized out>
__ai_ptr = <optimized out>
__ret = <optimized out>
__ai_ptr = <optimized out>
__ret = <optimized out>
__old = <optimized out>
__new = <optimized out>
__ptr = <optimized out>
__ptr = <optimized out>
__ptr = <optimized out>
__ptr = <optimized out>
#6 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:476
prev = 0xffff88813bcf1b40
next = 0x0 <fixed_percpu_data>
node = 0xffff88813bcb1b40
old = <optimized out>
tail = <optimized out>
idx = <optimized out>
queue = <optimized out>
cnt = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
#7 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=1, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
__esi = <optimized out>
__edx = <optimized out>
__edi = <optimized out>
__ecx = <optimized out>
__eax = <optimized out>
#8 queued_spin_lock_slowpath (val=1, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
No locals.
#9 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
val = 1
val = <optimized out>
#10 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
No locals.
#11 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
No locals.
#12 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
No locals.
#13 0xffffffff812e4856 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
No locals.
#14 find_vmap_area (addr=18446718784938603120) at mm/vmalloc.c:1853
va = <optimized out>
#15 0xffffffff813517df in check_heap_object (to_user=false, n=8, ptr=0xffffe8ffffca7270) at mm/usercopy.c:176
area = <optimized out>
addr = 18446718784938603120
offset = <optimized out>
folio = <optimized out>
addr = <optimized out>
offset = <optimized out>
folio = <optimized out>
area = <optimized out>
#16 __check_object_size (to_user=false, n=8, ptr=0xffffe8ffffca7270) at mm/usercopy.c:250
branch = <optimized out>
#17 __check_object_size (ptr=ptr@entry=0xffffe8ffffca7270, n=n@entry=8, to_user=to_user@entry=false) at mm/usercopy.c:212
No locals.
#18 0xffffffff81281105 in check_object_size (to_user=false, n=8, ptr=0xffffe8ffffca7270) at include/linux/thread_info.h:199
No locals.
#19 __copy_from_user_inatomic (n=8, from=0x7ffc78b0c4b0, to=0xffffe8ffffca7270) at include/linux/uaccess.h:64
res = <optimized out>
#20 copy_from_user_nofault (dst=dst@entry=0xffffe8ffffca7270, src=0x7ffc78b0c4b0, size=size@entry=8) at mm/maccess.c:118
ret = -14
#21 0xffffffff811e9ab8 in bpf_probe_read_user_common (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffca7270) at kernel/trace/bpf_trace.c:167
ret = <optimized out>
ret = <optimized out>
__fortify_size = <optimized out>
#22 ____bpf_probe_read_compat (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffca7270) at kernel/trace/bpf_trace.c:291
No locals.
#23 bpf_probe_read_compat (dst=18446718784938603120, size=<optimized out>, unsafe_ptr=<optimized out>, __ur_1=<optimized out>, __ur_2=<optimized out>) at kernel/trace/bpf_trace.c:287
No locals.
#24 0xffffffffc002c3f2 in ?? ()
No symbol table info available.
#25 0xffffc9001f833f58 in ?? ()
No symbol table info available.
#26 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 2 (Thread 1.2 (CPU#1 [running])):
#0 arch_atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/atomic.h:29
No locals.
#1 atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/atomic/atomic-instrumented.h:28
No locals.
#2 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
val = <optimized out>
#3 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
prev = <optimized out>
next = <optimized out>
node = 0xffff88813bc71b40
old = <optimized out>
tail = 524288
idx = 0
queue = <optimized out>
cnt = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
#4 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=1, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
__esi = <optimized out>
__edx = <optimized out>
__edi = <optimized out>
__ecx = <optimized out>
__eax = <optimized out>
#5 queued_spin_lock_slowpath (val=1, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
No locals.
#6 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
val = 1
val = <optimized out>
#7 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
No locals.
#8 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
No locals.
#9 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
No locals.
#10 0xffffffff812e1ba7 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
No locals.
#11 alloc_vmap_area (size=size@entry=20480, align=align@entry=16384, vstart=vstart@entry=18446683600570023936, vend=vend@entry=18446718784942112767, node=node@entry=-1, gfp_mask=3264, gfp_mask@entry=3520) at mm/vmalloc.c:1634
va = 0xffff888027918f80
freed = 0
addr = <optimized out>
purged = 0
ret = <optimized out>
retry = <optimized out>
__func__ = "alloc_vmap_area"
#12 0xffffffff812e2111 in __get_vm_area_node (size=20480, size@entry=16384, align=align@entry=16384, shift=shift@entry=12, flags=flags@entry=34, start=start@entry=18446683600570023936, end=end@entry=18446718784942112767, node=-1, gfp_mask=3520, caller=0xffffffff8109ad0f <kernel_clone+191>) at mm/vmalloc.c:2501
va = <optimized out>
area = 0xffff888106b02dc0
requested_size = 16384
#13 0xffffffff812e52c4 in __vmalloc_node_range (size=<optimized out>, size@entry=16384, align=align@entry=16384, start=<optimized out>, end=<optimized out>, gfp_mask=gfp_mask@entry=3520, prot=..., vm_flags=<optimized out>, node=<optimized out>, caller=<optimized out>) at mm/vmalloc.c:3173
area = <optimized out>
ret = <optimized out>
kasan_flags = <optimized out>
real_size = 16384
real_align = 16384
shift = 12
again = <optimized out>
#14 0xffffffff8109969d in alloc_thread_stack_node (node=<optimized out>, tsk=<optimized out>) at kernel/fork.c:316
vm = <optimized out>
stack = <optimized out>
i = 2
vm = <optimized out>
stack = <optimized out>
i = <optimized out>
s = <optimized out>
pscr2_ret__ = <optimized out>
__vpp_verify = <optimized out>
pxo_old__ = <optimized out>
pxo_new__ = <optimized out>
pxo_old__ = <optimized out>
pxo_new__ = <optimized out>
pxo_old__ = <optimized out>
pxo_new__ = <optimized out>
pxo_old__ = <optimized out>
pxo_new__ = <optimized out>
__fortify_size = <optimized out>
#15 dup_task_struct (node=-1, orig=0xffff888109928000) at kernel/fork.c:982
tsk = 0xffff888036d79940
err = <optimized out>
free_stack = <optimized out>
tsk = <optimized out>
err = <optimized out>
free_tsk = <optimized out>
free_stack = <optimized out>
#16 copy_process (pid=pid@entry=0x0 <fixed_percpu_data>, trace=trace@entry=0, node=node@entry=-1, args=args@entry=0xffffc90020f1bdd8) at kernel/fork.c:2096
pidfd = -1
retval = -12
p = <optimized out>
delayed = {
signal = {
sig = {
0
}
},
node = {
next = 0x0 <fixed_percpu_data>,
pprev = 0xffff88811934b658
}
}
pidfile = 0x0 <fixed_percpu_data>
clone_flags = 18874368
nsp = <optimized out>
__vpp_verify = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
#17 0xffffffff8109ad0f in kernel_clone (args=args@entry=0xffffc90020f1bdd8) at kernel/fork.c:2685
clone_flags = 18874368
vfork = {
done = 0,
wait = {
lock = {
raw_lock = {
{
val = {
counter = 0
},
{
locked = 0 '\000',
pending = 0 '\000'
},
{
locked_pending = 0,
tail = 0
}
}
}
},
task_list = {
next = 0x0 <fixed_percpu_data>,
prev = 0x0 <fixed_percpu_data>
}
}
}
pid = <optimized out>
p = <optimized out>
trace = 0
nr = <optimized out>
#18 0xffffffff8109b0f8 in __do_sys_clone (clone_flags=<optimized out>, newsp=<optimized out>, parent_tidptr=<optimized out>, child_tidptr=<optimized out>, tls=<optimized out>) at kernel/fork.c:2826
args = {
flags = 18874368,
pidfd = 0x0 <fixed_percpu_data>,
child_tid = 0x7fa040ecf850,
parent_tid = 0x0 <fixed_percpu_data>,
exit_signal = 17,
stack = 0,
stack_size = 0,
tls = 0,
set_tid = 0x0 <fixed_percpu_data>,
set_tid_size = 0,
cgroup = 0,
io_thread = 0,
kthread = 0,
idle = 0,
fn = 0x0 <fixed_percpu_data>,
fn_arg = 0x0 <fixed_percpu_data>,
cgrp = 0x0 <fixed_percpu_data>,
cset = 0x0 <fixed_percpu_data>
}
#19 0xffffffff81a1415b in do_syscall_x64 (nr=<optimized out>, regs=0xffffc90020f1bf58) at arch/x86/entry/common.c:50
unr = <optimized out>
#20 do_syscall_64 (regs=0xffffc90020f1bf58, nr=<optimized out>) at arch/x86/entry/common.c:80
No locals.
#21 0xffffffff81c0009b in entry_SYSCALL_64 () at /build/linux-Jo42U8/linux-6.1.15/arch/x86/entry/entry_64.S:120
No locals.
#22 0x00007ffee385dc30 in ?? ()
No symbol table info available.
#23 0x000056342113a0f8 in ?? ()
No symbol table info available.
#24 0x0000000000000002 in fixed_percpu_data ()
No symbol table info available.
#25 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 1 (Thread 1.1 (CPU#0 [running])):
#0 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
val = <optimized out>
#1 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
prev = <optimized out>
next = <optimized out>
node = 0xffff88813bc31b40
old = <optimized out>
tail = 262144
idx = 0
queue = <optimized out>
cnt = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
_val = <optimized out>
__PTR = <optimized out>
VAL = <optimized out>
__vpp_verify = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
pao_ID__ = <optimized out>
pao_tmp__ = <optimized out>
pto_val__ = <optimized out>
pto_tmp__ = <optimized out>
#2 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=0, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
__esi = <optimized out>
__edx = <optimized out>
__edi = <optimized out>
__ecx = <optimized out>
__eax = <optimized out>
#3 queued_spin_lock_slowpath (val=0, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
No locals.
#4 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
val = 0
val = <optimized out>
#5 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
No locals.
#6 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
No locals.
#7 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
No locals.
#8 0xffffffff812e4ad7 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
No locals.
#9 find_vmap_area (addr=18446683601120362496) at mm/vmalloc.c:1853
va = <optimized out>
va = <optimized out>
#10 find_vm_area (addr=0xffffc90020cd8000) at mm/vmalloc.c:2573
va = <optimized out>
va = <optimized out>
#11 __vunmap (addr=0xffffc90020cd8000, deallocate_pages=1) at mm/vmalloc.c:2687
area = <optimized out>
#12 0xffffffff812e4df1 in free_work (w=<optimized out>) at mm/vmalloc.c:97
p = <optimized out>
t = 0x0 <fixed_percpu_data>
llnode = <optimized out>
__mptr = <optimized out>
#13 0xffffffff810bec87 in process_one_work (worker=worker@entry=0xffff888118c76000, work=0xffff88813bc2d788) at kernel/workqueue.c:2289
pwq = 0xffff88813bc36900
pool = 0xffff88813bc30800
cpu_intensive = false
work_data = 18446612687367661829
collision = 0x0 <fixed_percpu_data>
#14 0xffffffff810bf22d in worker_thread (__worker=0xffff888118c76000) at kernel/workqueue.c:2436
work = <optimized out>
worker = 0xffff888118c76000
pool = 0xffff88813bc30800
recheck = <optimized out>
#15 0xffffffff810c68d9 in kthread (_create=0xffff888118f7df40) at kernel/kthread.c:376
param = {
sched_priority = 0
}
create = 0xffff888118f7df40
threadfn = 0xffffffff810bf1e0 <worker_thread>
data = 0xffff888118c76000
done = 0xffffc90000043db8
self = 0xffff88811904b080
ret = -4
#16 0xffffffff81002072 in ret_from_fork () at /build/linux-Jo42U8/linux-6.1.15/arch/x86/entry/entry_64.S:306
No locals.
#17 0x0000000000000000 in ?? ()
No symbol table info available.
(gdb) thread apply all bt
Thread 8 (Thread 1.8 (CPU#7 [running])):
#0 arch_atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/atomic.h:29
#1 atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/atomic/atomic-instrumented.h:28
#2 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
#3 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
#4 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=7, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
#5 queued_spin_lock_slowpath (val=7, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
#6 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
#7 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
#8 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
#9 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
#10 0xffffffff812e4856 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
#11 find_vmap_area (addr=18446718784940002176) at mm/vmalloc.c:1853
#12 0xffffffff813517df in check_heap_object (to_user=false, n=8, ptr=0xffffe8ffffdfcb80) at mm/usercopy.c:176
#13 __check_object_size (to_user=false, n=8, ptr=0xffffe8ffffdfcb80) at mm/usercopy.c:250
#14 __check_object_size (ptr=ptr@entry=0xffffe8ffffdfcb80, n=n@entry=8, to_user=to_user@entry=false) at mm/usercopy.c:212
#15 0xffffffff81281105 in check_object_size (to_user=false, n=8, ptr=0xffffe8ffffdfcb80) at include/linux/thread_info.h:199
#16 __copy_from_user_inatomic (n=8, from=0x7fff1cada4c8, to=0xffffe8ffffdfcb80) at include/linux/uaccess.h:64
#17 copy_from_user_nofault (dst=dst@entry=0xffffe8ffffdfcb80, src=0x7fff1cada4c8, size=size@entry=8) at mm/maccess.c:118
#18 0xffffffff811e9ab8 in bpf_probe_read_user_common (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffdfcb80) at kernel/trace/bpf_trace.c:167
#19 ____bpf_probe_read_compat (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffdfcb80) at kernel/trace/bpf_trace.c:291
#20 bpf_probe_read_compat (dst=18446718784940002176, size=<optimized out>, unsafe_ptr=<optimized out>, __ur_1=<optimized out>, __ur_2=<optimized out>) at kernel/trace/bpf_trace.c:287
#21 0xffffffffc002c6d6 in ?? ()
#22 0xffffc90000b3fba8 in ?? ()
#23 0x0000000000000000 in ?? ()
Thread 7 (Thread 1.7 (CPU#6 [running])):
#0 arch_atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/atomic.h:29
#1 atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/atomic/atomic-instrumented.h:28
#2 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
#3 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
#4 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=6, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
#5 queued_spin_lock_slowpath (val=6, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
#6 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
#7 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
#8 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
#9 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
#10 0xffffffff812e4ad7 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
#11 find_vmap_area (addr=18446683601079189504) at mm/vmalloc.c:1853
#12 find_vm_area (addr=0xffffc9001e594000) at mm/vmalloc.c:2573
#13 __vunmap (addr=0xffffc9001e594000, deallocate_pages=1) at mm/vmalloc.c:2687
#14 0xffffffff812e4df1 in free_work (w=<optimized out>) at mm/vmalloc.c:97
#15 0xffffffff810bec87 in process_one_work (worker=worker@entry=0xffff888115785300, work=0xffff88813bdad788) at kernel/workqueue.c:2289
#16 0xffffffff810bf22d in worker_thread (__worker=0xffff888115785300) at kernel/workqueue.c:2436
#17 0xffffffff810c68d9 in kthread (_create=0xffff8881157807c0) at kernel/kthread.c:376
#18 0xffffffff81002072 in ret_from_fork () at /build/linux-Jo42U8/linux-6.1.15/arch/x86/entry/entry_64.S:306
#19 0x0000000000000000 in ?? ()
Thread 6 (Thread 1.6 (CPU#5 [running])):
#0 arch_atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/atomic.h:29
#1 atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/atomic/atomic-instrumented.h:28
#2 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
#3 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
#4 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=5, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
#5 queued_spin_lock_slowpath (val=5, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
#6 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
#7 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
#8 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
#9 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
#10 0xffffffff812e4856 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
#11 find_vmap_area (addr=18446718784939477888) at mm/vmalloc.c:1853
#12 0xffffffff813517df in check_heap_object (to_user=false, n=8, ptr=0xffffe8ffffd7cb80) at mm/usercopy.c:176
#13 __check_object_size (to_user=false, n=8, ptr=0xffffe8ffffd7cb80) at mm/usercopy.c:250
#14 __check_object_size (ptr=ptr@entry=0xffffe8ffffd7cb80, n=n@entry=8, to_user=to_user@entry=false) at mm/usercopy.c:212
#15 0xffffffff81281105 in check_object_size (to_user=false, n=8, ptr=0xffffe8ffffd7cb80) at include/linux/thread_info.h:199
#16 __copy_from_user_inatomic (n=8, from=0x7fffb17f9348, to=0xffffe8ffffd7cb80) at include/linux/uaccess.h:64
#17 copy_from_user_nofault (dst=dst@entry=0xffffe8ffffd7cb80, src=0x7fffb17f9348, size=size@entry=8) at mm/maccess.c:118
#18 0xffffffff811e9ab8 in bpf_probe_read_user_common (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffd7cb80) at kernel/trace/bpf_trace.c:167
#19 ____bpf_probe_read_compat (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffd7cb80) at kernel/trace/bpf_trace.c:291
#20 bpf_probe_read_compat (dst=18446718784939477888, size=<optimized out>, unsafe_ptr=<optimized out>, __ur_1=<optimized out>, __ur_2=<optimized out>) at kernel/trace/bpf_trace.c:287
#21 0xffffffffc002c6d6 in ?? ()
#22 0xffffc9001db37f58 in ?? ()
#23 0x0000000000000000 in ?? ()
Thread 5 (Thread 1.5 (CPU#4 [running])):
#0 arch_atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/atomic.h:29
#1 atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/atomic/atomic-instrumented.h:28
#2 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
#3 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
#4 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=4, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
#5 queued_spin_lock_slowpath (val=4, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
#6 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
#7 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
#8 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
#9 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
#10 0xffffffff812e1ba7 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
#11 alloc_vmap_area (size=size@entry=20480, align=align@entry=16384, vstart=vstart@entry=18446683600570023936, vend=vend@entry=18446718784942112767, node=node@entry=-1, gfp_mask=3264, gfp_mask@entry=3520) at mm/vmalloc.c:1634
#12 0xffffffff812e2111 in __get_vm_area_node (size=20480, size@entry=16384, align=align@entry=16384, shift=shift@entry=12, flags=flags@entry=34, start=start@entry=18446683600570023936, end=end@entry=18446718784942112767, node=-1, gfp_mask=3520, caller=0xffffffff8109ad0f <kernel_clone+191>) at mm/vmalloc.c:2501
#13 0xffffffff812e52c4 in __vmalloc_node_range (size=<optimized out>, size@entry=16384, align=align@entry=16384, start=<optimized out>, end=<optimized out>, gfp_mask=gfp_mask@entry=3520, prot=..., vm_flags=<optimized out>, node=<optimized out>, caller=<optimized out>) at mm/vmalloc.c:3173
#14 0xffffffff8109969d in alloc_thread_stack_node (node=<optimized out>, tsk=<optimized out>) at kernel/fork.c:316
#15 dup_task_struct (node=-1, orig=0xffff88804b821940) at kernel/fork.c:982
#16 copy_process (pid=pid@entry=0x0 <fixed_percpu_data>, trace=trace@entry=0, node=node@entry=-1, args=args@entry=0xffffc9001e6cfe90) at kernel/fork.c:2096
#17 0xffffffff8109ad0f in kernel_clone (args=args@entry=0xffffc9001e6cfe90) at kernel/fork.c:2685
#18 0xffffffff8109b0f8 in __do_sys_clone (clone_flags=<optimized out>, newsp=<optimized out>, parent_tidptr=<optimized out>, child_tidptr=<optimized out>, tls=<optimized out>) at kernel/fork.c:2826
#19 0xffffffff81a1415b in do_syscall_x64 (nr=<optimized out>, regs=0xffffc9001e6cff58) at arch/x86/entry/common.c:50
#20 do_syscall_64 (regs=0xffffc9001e6cff58, nr=<optimized out>) at arch/x86/entry/common.c:80
#21 0xffffffff81c0009b in entry_SYSCALL_64 () at /build/linux-Jo42U8/linux-6.1.15/arch/x86/entry/entry_64.S:120
#22 0x00007fff0c906cb0 in ?? ()
#23 0x000055cad6efc170 in ?? ()
#24 0x0000000000000000 in ?? ()
Thread 4 (Thread 1.4 (CPU#3 [running])):
#0 arch_atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/atomic.h:29
#1 atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/atomic/atomic-instrumented.h:28
#2 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
#3 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
#4 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=3, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
#5 queued_spin_lock_slowpath (val=3, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
#6 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
#7 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
#8 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
#9 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
#10 0xffffffff812e4856 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
#11 find_vmap_area (addr=18446718784938953600) at mm/vmalloc.c:1853
#12 0xffffffff813517df in check_heap_object (to_user=false, n=8, ptr=0xffffe8ffffcfcb80) at mm/usercopy.c:176
#13 __check_object_size (to_user=false, n=8, ptr=0xffffe8ffffcfcb80) at mm/usercopy.c:250
#14 __check_object_size (ptr=ptr@entry=0xffffe8ffffcfcb80, n=n@entry=8, to_user=to_user@entry=false) at mm/usercopy.c:212
#15 0xffffffff81281105 in check_object_size (to_user=false, n=8, ptr=0xffffe8ffffcfcb80) at include/linux/thread_info.h:199
#16 __copy_from_user_inatomic (n=8, from=0x7ff1a79fe9d8, to=0xffffe8ffffcfcb80) at include/linux/uaccess.h:64
#17 copy_from_user_nofault (dst=dst@entry=0xffffe8ffffcfcb80, src=0x7ff1a79fe9d8, size=size@entry=8) at mm/maccess.c:118
#18 0xffffffff811e9ab8 in bpf_probe_read_user_common (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffcfcb80) at kernel/trace/bpf_trace.c:167
#19 ____bpf_probe_read_compat (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffcfcb80) at kernel/trace/bpf_trace.c:291
#20 bpf_probe_read_compat (dst=18446718784938953600, size=<optimized out>, unsafe_ptr=<optimized out>, __ur_1=<optimized out>, __ur_2=<optimized out>) at kernel/trace/bpf_trace.c:287
#21 0xffffffffc002c6d6 in ?? ()
#22 0xffffc900004039a8 in ?? ()
#23 0x0000000000000000 in ?? ()
Thread 3 (Thread 1.3 (CPU#2 [running])):
#0 arch_atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/atomic.h:29
#1 atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/atomic/atomic-instrumented.h:28
#2 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
#3 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
#4 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=2, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
#5 queued_spin_lock_slowpath (val=2, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
#6 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
#7 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
#8 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
#9 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
#10 0xffffffff812e4856 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
#11 find_vmap_area (addr=18446718784938691456) at mm/vmalloc.c:1853
#12 0xffffffff813517df in check_heap_object (to_user=false, n=8, ptr=0xffffe8ffffcbcb80) at mm/usercopy.c:176
#13 __check_object_size (to_user=false, n=8, ptr=0xffffe8ffffcbcb80) at mm/usercopy.c:250
#14 __check_object_size (ptr=ptr@entry=0xffffe8ffffcbcb80, n=n@entry=8, to_user=to_user@entry=false) at mm/usercopy.c:212
#15 0xffffffff81281105 in check_object_size (to_user=false, n=8, ptr=0xffffe8ffffcbcb80) at include/linux/thread_info.h:199
#16 __copy_from_user_inatomic (n=8, from=0x7f8ba5ffb038, to=0xffffe8ffffcbcb80) at include/linux/uaccess.h:64
#17 copy_from_user_nofault (dst=dst@entry=0xffffe8ffffcbcb80, src=0x7f8ba5ffb038, size=size@entry=8) at mm/maccess.c:118
#18 0xffffffff811e9ab8 in bpf_probe_read_user_common (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffcbcb80) at kernel/trace/bpf_trace.c:167
#19 ____bpf_probe_read_compat (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffcbcb80) at kernel/trace/bpf_trace.c:291
#20 bpf_probe_read_compat (dst=18446718784938691456, size=<optimized out>, unsafe_ptr=<optimized out>, __ur_1=<optimized out>, __ur_2=<optimized out>) at kernel/trace/bpf_trace.c:287
#21 0xffffffffc002c6d6 in ?? ()
#22 0xffffc90002da3d88 in ?? ()
#23 0x0000000000000000 in ?? ()
Thread 2 (Thread 1.2 (CPU#1 [running])):
#0 arch_atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/atomic.h:29
#1 atomic_read (v=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/atomic/atomic-instrumented.h:28
#2 pv_hybrid_queued_unfair_trylock (lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:88
#3 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:446
#4 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=1, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
#5 queued_spin_lock_slowpath (val=1, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
#6 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
#7 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
#8 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
#9 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
#10 0xffffffff812e1ba7 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
#11 alloc_vmap_area (size=size@entry=20480, align=align@entry=16384, vstart=vstart@entry=18446683600570023936, vend=vend@entry=18446718784942112767, node=node@entry=-1, gfp_mask=3264, gfp_mask@entry=3520) at mm/vmalloc.c:1634
#12 0xffffffff812e2111 in __get_vm_area_node (size=20480, size@entry=16384, align=align@entry=16384, shift=shift@entry=12, flags=flags@entry=34, start=start@entry=18446683600570023936, end=end@entry=18446718784942112767, node=-1, gfp_mask=3520, caller=0xffffffff8109ad0f <kernel_clone+191>) at mm/vmalloc.c:2501
#13 0xffffffff812e52c4 in __vmalloc_node_range (size=<optimized out>, size@entry=16384, align=align@entry=16384, start=<optimized out>, end=<optimized out>, gfp_mask=gfp_mask@entry=3520, prot=..., vm_flags=<optimized out>, node=<optimized out>, caller=<optimized out>) at mm/vmalloc.c:3173
#14 0xffffffff8109969d in alloc_thread_stack_node (node=<optimized out>, tsk=<optimized out>) at kernel/fork.c:316
#15 dup_task_struct (node=-1, orig=0xffff888015cd9940) at kernel/fork.c:982
#16 copy_process (pid=pid@entry=0x0 <fixed_percpu_data>, trace=trace@entry=0, node=node@entry=-1, args=args@entry=0xffffc9001e41fdb8) at kernel/fork.c:2096
#17 0xffffffff8109ad0f in kernel_clone (args=args@entry=0xffffc9001e41fdb8) at kernel/fork.c:2685
#18 0xffffffff8109b3f4 in __do_sys_vfork (__unused=<optimized out>) at kernel/fork.c:2788
#19 0xffffffff81a1415b in do_syscall_x64 (nr=<optimized out>, regs=0xffffc9001e41ff58) at arch/x86/entry/common.c:50
#20 do_syscall_64 (regs=0xffffc9001e41ff58, nr=<optimized out>) at arch/x86/entry/common.c:80
#21 0xffffffff81c0009b in entry_SYSCALL_64 () at /build/linux-Jo42U8/linux-6.1.15/arch/x86/entry/entry_64.S:120
#22 0x0000000000000000 in ?? ()
Thread 1 (Thread 1.1 (CPU#0 [halted ])):
#0 0xffffffff81a2a8ea in native_halt () at arch/x86/include/asm/irqflags.h:58
#1 0xffffffff81077604 in halt () at arch/x86/include/asm/paravirt.h:178
#2 kvm_wait (val=3 '\003', ptr=0xffffffff837c2b4c <vmap_area_lock> "\003") at arch/x86/kernel/kvm.c:1060
#3 kvm_wait (ptr=0xffffffff837c2b4c <vmap_area_lock> "\003", val=3 '\003') at arch/x86/kernel/kvm.c:1048
#4 0xffffffff81a2be54 in pv_wait (val=3 '\003', ptr=0xffffffff837c2b4c <vmap_area_lock> "\003") at arch/x86/include/asm/paravirt.h:603
#5 pv_wait_head_or_lock (node=0xffff88813bc31b40, lock=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/qspinlock_paravirt.h:470
#6 __pv_queued_spin_lock_slowpath (lock=0xffffffff837c2b4c <vmap_area_lock>, val=<optimized out>) at kernel/locking/qspinlock.c:511
#7 0xffffffff81a2b6f0 in pv_queued_spin_lock_slowpath (val=3, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/paravirt.h:591
#8 queued_spin_lock_slowpath (val=3, lock=0xffffffff837c2b4c <vmap_area_lock>) at arch/x86/include/asm/qspinlock.h:51
#9 queued_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/asm-generic/qspinlock.h:114
#10 do_raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:186
#11 __raw_spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock_api_smp.h:134
#12 _raw_spin_lock (lock=lock@entry=0xffffffff837c2b4c <vmap_area_lock>) at kernel/locking/spinlock.c:154
#13 0xffffffff812e4856 in spin_lock (lock=0xffffffff837c2b4c <vmap_area_lock>) at include/linux/spinlock.h:350
#14 find_vmap_area (addr=18446718784938167168) at mm/vmalloc.c:1853
#15 0xffffffff813517df in check_heap_object (to_user=false, n=8, ptr=0xffffe8ffffc3cb80) at mm/usercopy.c:176
#16 __check_object_size (to_user=false, n=8, ptr=0xffffe8ffffc3cb80) at mm/usercopy.c:250
#17 __check_object_size (ptr=ptr@entry=0xffffe8ffffc3cb80, n=n@entry=8, to_user=to_user@entry=false) at mm/usercopy.c:212
#18 0xffffffff81281105 in check_object_size (to_user=false, n=8, ptr=0xffffe8ffffc3cb80) at include/linux/thread_info.h:199
#19 __copy_from_user_inatomic (n=8, from=0x7ffd58f860b8, to=0xffffe8ffffc3cb80) at include/linux/uaccess.h:64
#20 copy_from_user_nofault (dst=dst@entry=0xffffe8ffffc3cb80, src=0x7ffd58f860b8, size=size@entry=8) at mm/maccess.c:118
#21 0xffffffff811e9ab8 in bpf_probe_read_user_common (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffc3cb80) at kernel/trace/bpf_trace.c:167
#22 ____bpf_probe_read_compat (unsafe_ptr=<optimized out>, size=<optimized out>, dst=0xffffe8ffffc3cb80) at kernel/trace/bpf_trace.c:291
#23 bpf_probe_read_compat (dst=18446718784938167168, size=<optimized out>, unsafe_ptr=<optimized out>, __ur_1=<optimized out>, __ur_2=<optimized out>) at kernel/trace/bpf_trace.c:287
#24 0xffffffffc002c6d6 in ?? ()
#25 0xffffc9001dd77a58 in ?? ()
#26 0x0000000000000000 in ?? ()
Reply to: