======================================
| [  631.705664][    C1]  #1: ff1100000a270410 (&mapping->i_mmap_rwsem){++++}-{4:4}, at: vma_prepare (./include/linux/fs.h:513 mm/vma.c:300)
| [  631.705923][    C1]  #2: ffffffff9f377c00 (rcu_callback){....}-{0:0}, at: rcu_do_batch (./include/linux/rcupdate.h:300 (discriminator 2) kernel/rcu/tree.c:2611 (discriminator 2))
| [  631.706183][    C1]
| [  631.706183][    C1] stack backtrace:
[  631.706376][    C1] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[  631.706378][    C1] Call Trace:
[  631.706380][    C1]  <IRQ>
[  631.706382][    C1]  dump_stack_lvl (lib/dump_stack.c:94 lib/dump_stack.c:120)
[  631.706388][    C1]  print_usage_bug.part.0.cold (kernel/locking/lockdep.c:4042)
[  631.706392][    C1]  ? filter_irq_stacks (kernel/stacktrace.c:402)
[  631.706397][    C1]  mark_lock_irq (kernel/locking/lockdep.c:4013 kernel/locking/lockdep.c:4056 kernel/locking/lockdep.c:4267)
[  631.706400][    C1]  ? sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1061 (discriminator 37) arch/x86/kernel/apic/apic.c:1061 (discriminator 37))
[  631.706404][    C1]  ? asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697)
[  631.706407][    C1]  ? save_trace (kernel/locking/lockdep.c:589)
[  631.706410][    C1]  ? mas_wr_split (lib/maple_tree.c:2397 (discriminator 1) lib/maple_tree.c:2604 (discriminator 1) lib/maple_tree.c:3400 (discriminator 1) lib/maple_tree.c:3462 (discriminator 1))
[  631.706415][    C1]  mark_lock (kernel/locking/lockdep.c:4753)
[  631.706418][    C1]  mark_usage (kernel/locking/lockdep.c:4642)
[  631.706421][    C1]  __lock_acquire (kernel/locking/lockdep.c:5191)
[  631.706423][    C1]  ? mark_held_locks (kernel/locking/lockdep.c:4325)
[  631.706425][    C1]  ? rcu_do_batch (./include/linux/rcupdate.h:310 (discriminator 2) kernel/rcu/tree.c:2619 (discriminator 2))
[  631.706430][    C1]  lock_acquire.part.0 (kernel/locking/lockdep.c:5868 (discriminator 1))
[  631.706433][    C1]  ? tcf_mirred_release (./include/linux/spinlock.h:342 net/sched/act_mirred.c:78) act_mirred
[  631.706437][    C1]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3))
[  631.706439][    C1]  ? lock_acquire (./include/trace/events/lock.h:24 (discriminator 22) kernel/locking/lockdep.c:5831 (discriminator 22))
[  631.706443][    C1]  _raw_spin_lock (./include/linux/spinlock_api_smp.h:158 (discriminator 1) kernel/locking/spinlock.c:158 (discriminator 1))
[  631.706446][    C1]  ? tcf_mirred_release (./include/linux/spinlock.h:342 net/sched/act_mirred.c:78) act_mirred
[  631.706448][    C1] tcf_mirred_release (./include/linux/spinlock.h:342 net/sched/act_mirred.c:78) act_mirred
[  631.706452][    C1]  tcf_action_rcu_free (net/sched/act_api.c:367 net/sched/act_api.c:378)
[  631.706455][    C1]  ? rcu_do_batch (./include/linux/rcupdate.h:310 (discriminator 2) kernel/rcu/tree.c:2619 (discriminator 2))
[  631.706457][    C1]  rcu_do_batch (kernel/rcu/tree.c:2617)
[  631.706460][    C1]  ? mark_held_locks (kernel/locking/lockdep.c:4325)
[  631.706463][    C1]  ? sched_balance_softirq (kernel/sched/fair.c:13350)
[  631.706467][    C1]  ? trace_rcu_batch_end (./include/trace/events/rcu.h:714 (discriminator 19))
[  631.706470][    C1]  ? sched_balance_domains (kernel/sched/fair.c:12634)
[  631.706473][    C1]  ? mark_held_locks (kernel/locking/lockdep.c:4325)
[  631.706476][    C1]  ? lockdep_hardirqs_on_prepare.part.0 (kernel/locking/lockdep.c:470 (discriminator 2) kernel/locking/lockdep.c:4411 (discriminator 2))
[  631.706478][    C1]  ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472)
[  631.706481][    C1]  rcu_core (kernel/rcu/tree.c:2869)
[  631.706484][    C1]  handle_softirqs (kernel/softirq.c:622)
[  631.706487][    C1]  ? find_held_lock (kernel/locking/lockdep.c:5350)
[  631.706491][    C1]  ? __lock_release.isra.0 (kernel/locking/lockdep.c:5535)
[  631.706494][    C1]  ? _local_bh_enable (kernel/softirq.c:405 (discriminator 1))
[  631.706497][    C1]  __irq_exit_rcu (kernel/softirq.c:656 kernel/softirq.c:496 kernel/softirq.c:735)
[  631.706499][    C1]  irq_exit_rcu (kernel/softirq.c:752)
[  631.706502][    C1]  sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1061 (discriminator 37) arch/x86/kernel/apic/apic.c:1061 (discriminator 37))
[  631.706504][    C1]  </IRQ>
[  631.706505][    C1]  <TASK>
[  631.706506][    C1]  ? do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)
[  631.706509][    C1]  asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697)
[  631.706511][    C1] RIP: 0010:rcu_is_watching (kernel/rcu/tree.c:748)
[  631.706515][    C1] Code: b8 84 04 00 00 ff ff ff 3f 7f 01 c3 90 0f 0b 90 c3 e8 54 3b 78 00 65 48 8b 05 6c 0a 2b 04 eb d8 66 2e 0f 1f 84 00 00 00 00 00 <f3> 0f 1e fa 53 48 83 ec 08 65 ff 05 60 0a 2b 04 e8 db 94 2a 02 48
All code
========
   0:	b8 84 04 00 00       	mov    $0x484,%eax
   5:	ff                   	(bad)
   6:	ff                   	(bad)
   7:	ff                   	(bad)
   8:	3f                   	(bad)
   9:	7f 01                	jg     0xc
   b:	c3                   	ret
   c:	90                   	nop
   d:	0f 0b                	ud2
   f:	90                   	nop
  10:	c3                   	ret
  11:	e8 54 3b 78 00       	call   0x783b6a
  16:	65 48 8b 05 6c 0a 2b 	mov    %gs:0x42b0a6c(%rip),%rax        # 0x42b0a8a
  1d:	04 
  1e:	eb d8                	jmp    0xfffffffffffffff8
  20:	66 2e 0f 1f 84 00 00 	cs nopw 0x0(%rax,%rax,1)
  27:	00 00 00 
  2a:*	f3 0f 1e fa          	endbr64		<-- trapping instruction
  2e:	53                   	push   %rbx
  2f:	48 83 ec 08          	sub    $0x8,%rsp
  33:	65 ff 05 60 0a 2b 04 	incl   %gs:0x42b0a60(%rip)        # 0x42b0a9a
  3a:	e8 db 94 2a 02       	call   0x22a951a
  3f:	48                   	rex.W

Code starting with the faulting instruction
===========================================
   0:	f3 0f 1e fa          	endbr64
   4:	53                   	push   %rbx
   5:	48 83 ec 08          	sub    $0x8,%rsp
   9:	65 ff 05 60 0a 2b 04 	incl   %gs:0x42b0a60(%rip)        # 0x42b0a70
  10:	e8 db 94 2a 02       	call   0x22a94f0
  15:	48                   	rex.W
[  631.706517][    C1] RSP: 0018:ffa00000004d6c20 EFLAGS: 00000293
[  631.706521][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000000
[  631.706523][    C1] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ff1100002e8bbfe0
[  631.706524][    C1] RBP: ffffffff9c8c6bbd R08: 0000000000000001 R09: 0000000000000000
[  631.706526][    C1] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001
[  631.706527][    C1] R13: 0000000000000000 R14: ff1100002e8bbfe0 R15: 0000000000000000
[  631.706529][    C1]  ? kmem_cache_alloc_noprof (./include/linux/local_lock_internal.h:53 (discriminator 2) mm/slub.c:4744 (discriminator 2) mm/slub.c:4884 (discriminator 2) mm/slub.c:4906 (discriminator 2))
[  631.706535][    C1]  lock_acquire (./include/trace/events/lock.h:24 (discriminator 22) kernel/locking/lockdep.c:5831 (discriminator 22))
[  631.706538][    C1]  ? __alloc_object (mm/kmemleak.c:483 (discriminator 1) mm/kmemleak.c:665 (discriminator 1))
[  631.706541][    C1]  kmem_cache_alloc_noprof (./include/linux/local_lock_internal.h:53 (discriminator 2) mm/slub.c:4744 (discriminator 2) mm/slub.c:4884 (discriminator 2) mm/slub.c:4906 (discriminator 2))
[  631.706544][    C1]  ? kmem_cache_alloc_noprof (./include/linux/local_lock_internal.h:53 (discriminator 2) mm/slub.c:4744 (discriminator 2) mm/slub.c:4884 (discriminator 2) mm/slub.c:4906 (discriminator 2))
[  631.706548][    C1]  __alloc_object (mm/kmemleak.c:483 (discriminator 1) mm/kmemleak.c:665 (discriminator 1))
[  631.706550][    C1]  __create_object (mm/kmemleak.c:779)
[  631.706552][    C1]  ? kasan_save_track (mm/kasan/common.c:78)
[  631.706557][    C1]  kmem_cache_alloc_from_sheaf_noprof (./include/linux/kmemleak.h:44 (discriminator 32768) mm/slub.c:4575 (discriminator 32768) mm/slub.c:5209 (discriminator 32768))
[  631.706560][    C1]  dst_setup (lib/maple_tree.c:1065 (discriminator 7) lib/maple_tree.c:2350 (discriminator 7))
[  631.706564][    C1]  ? mas_descend (./include/linux/lockdep.h:249 lib/maple_tree.c:709 lib/maple_tree.c:715 lib/maple_tree.c:748 lib/maple_tree.c:946)
[  631.706566][    C1]  ? trace_ma_write (./include/trace/events/maple_tree.h:80 (discriminator 22))
[  631.706570][    C1]  mas_wr_split (lib/maple_tree.c:3460)
[  631.706574][    C1]  ? lock_acquire.part.0 (kernel/locking/lockdep.c:5868 (discriminator 1))
[  631.706576][    C1]  ? find_held_lock (kernel/locking/lockdep.c:5350)
[  631.706579][    C1]  ? __lock_release.isra.0 (kernel/locking/lockdep.c:5535)
[  631.706582][    C1]  ? mas_nomem.part.0 (lib/maple_tree.c:1119 (discriminator 1))
[  631.706584][    C1]  ? is_bpf_text_address (./include/linux/rcupdate.h:310 (discriminator 2) ./include/linux/rcupdate.h:869 (discriminator 2) kernel/bpf/core.c:749 (discriminator 2))
[  631.706590][    C1]  ? __kernel_text_address (kernel/extable.c:79)
[  631.706592][    C1]  ? write_profile (profile.c:?)
[  631.706595][    C1]  ? unwind_get_return_address (arch/x86/kernel/unwind_orc.c:385 arch/x86/kernel/unwind_orc.c:380)
[  631.706604][    C1]  ? __lock_acquire (kernel/locking/lockdep.c:5237)
[  631.706607][    C1]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3))
[  631.706611][    C1]  mas_store_prealloc (lib/maple_tree.c:4936)
[  631.706614][    C1]  ? lock_acquire (./include/trace/events/lock.h:24 (discriminator 22) kernel/locking/lockdep.c:5831 (discriminator 22))
[  631.706617][    C1]  ? mas_store (lib/maple_tree.c:231)
[  631.706619][    C1]  ? down_write (./include/linux/instrumented.h:55 ./include/linux/atomic/atomic-instrumented.h:4457 kernel/locking/rwsem.c:268 kernel/locking/rwsem.c:1346 kernel/locking/rwsem.c:1356 kernel/locking/rwsem.c:1626)
[  631.706624][    C1]  ? vma_prepare (mm/vma.c:322)
[  631.706627][    C1]  vma_complete (mm/vma.h:616 mm/vma.h:623 mm/vma.c:359)
[  631.706630][    C1]  ? init_multi_vma_prep (mm/vma.c:152)
[  631.706633][    C1]  __split_vma (mm/vma.c:569)
[  631.706636][    C1]  ? commit_merge (./include/linux/maple_tree.h:791 (discriminator 3))
[  631.706638][    C1]  ? mas_next_slot (./include/linux/lockdep.h:249 lib/maple_tree.c:709 lib/maple_tree.c:715 lib/maple_tree.c:4173)
[  631.706644][    C1]  vms_gather_munmap_vmas (mm/vma.c:1448)
[  631.706647][    C1]  ? __split_vma (mm/vma.c:565)
[  631.706650][    C1]  ? mas_walk (lib/maple_tree.c:2952 lib/maple_tree.c:4366)
[  631.706654][    C1]  __mmap_setup (mm/vma.c:2439)
[  631.706658][    C1]  ? unmap_region (mm/vma.c:492)
[  631.706660][    C1]  ? __mmap_new_vma (./include/linux/fs.h:523 mm/vma.c:1840 mm/vma.c:2585)
[  631.706662][    C1]  ? perf_event_mmap (./include/linux/instrumented.h:82 ./include/linux/atomic/atomic-instrumented.h:32 kernel/events/core.c:9932)
[  631.706667][    C1]  ? vma_wants_writenotify (mm/vma.c:2112)
[  631.706669][    C1]  ? vma_needs_dirty_tracking (mm/vma.c:2064 (discriminator 2))
[  631.706672][    C1]  ? uprobe_apply (./include/linux/rcupdate_trace.h:106 (discriminator 1))
[  631.706675][    C1]  ? vma_set_page_prot (mm/mmap.c:87)
[  631.706680][    C1]  __mmap_region (mm/vma.c:2753)
[  631.706683][    C1]  ? vma_merge_new_range (mm/vma.c:1083)
[  631.706685][    C1]  ? filemap_get_pages (mm/filemap.c:2725)
[  631.706690][    C1]  ? mark_usage (kernel/locking/lockdep.c:4674)
[  631.706693][    C1]  ? copy_page_to_iter (lib/iov_iter.c:374 lib/iov_iter.c:361)
[  631.706698][    C1]  ? folio_mark_accessed (./include/linux/instrumented.h:82 ./include/asm-generic/bitops/instrumented-non-atomic.h:141 ./include/linux/page-flags.h:554 mm/swap.c:478 mm/swap.c:461)
[  631.706707][    C1]  ? mas_prev (lib/maple_tree.c:5211 lib/maple_tree.c:5204)
[  631.706716][    C1]  ? vm_unmapped_area (./include/trace/events/mmap.h:10 (discriminator 22) mm/mmap.c:674 (discriminator 22))
[  631.706719][    C1]  ? arch_get_unmapped_area_topdown (./include/linux/instrumented.h:82 ./include/asm-generic/bitops/instrumented-non-atomic.h:141 ./include/linux/thread_info.h:133 arch/x86/kernel/sys_x86_64.c:177)
[  631.706725][    C1]  mmap_region (mm/vma.c:2857)
[  631.706728][    C1]  ? mm_take_all_locks (mm/vma.c:2266 (discriminator 1))
[  631.706730][    C1]  ? __might_fault (mm/memory.c:7340 (discriminator 5))
[  631.706734][    C1]  ? __get_unmapped_area (./include/linux/security.h:1187 mm/mmap.c:863)
[  631.706738][    C1]  ? ovl_file_end_write (./include/linux/fs.h:1353)
[  631.706742][    C1]  do_mmap (mm/mmap.c:560)
[  631.706746][    C1]  ? __ia32_sys_brk (mm/mmap.c:116)
[  631.706748][    C1]  ? down_write_killable (./include/linux/instrumented.h:55 ./include/linux/atomic/atomic-instrumented.h:4457 kernel/locking/rwsem.c:268 kernel/locking/rwsem.c:1346 kernel/locking/rwsem.c:1361 kernel/locking/rwsem.c:1639)
[  631.706751][    C1]  ? down_write (kernel/locking/rwsem.c:1627)
[  631.706755][    C1]  vm_mmap_pgoff (mm/util.c:581)
[  631.706759][    C1]  ? randomize_page (mm/util.c:387)
[  631.706762][    C1]  ? __fget_files (./include/linux/rcupdate.h:871 fs/file.c:1101)
[  631.706767][    C1]  ksys_mmap_pgoff (mm/mmap.c:606)
[  631.706770][    C1]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3))
[  631.706773][    C1]  ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472)
[  631.706776][    C1]  ? do_syscall_64 (./include/linux/entry-common.h:177 arch/x86/entry/syscall_64.c:89)
[  631.706777][    C1]  do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)
[  631.706779][    C1]  ? trace_hardirqs_off (kernel/trace/trace_preemptirq.c:104 (discriminator 1))
[  631.706783][    C1]  ? exc_page_fault (arch/x86/mm/fault.c:1480 (discriminator 3) arch/x86/mm/fault.c:1527 (discriminator 3))
[  631.706786][    C1]  entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:121)
[  631.706788][    C1] RIP: 0033:0x7f06f29ea85c
[  631.706792][    C1] Code: 1e fa 41 f7 c1 ff 0f 00 00 75 33 55 48 89 e5 41 54 41 89 cc 53 48 89 fb 48 85 ff 74 51 45 89 e2 48 89 df b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 24 5b 41 5c 5d c3 0f 1f 80 00 00 00 00 c7 05
All code
========
   0:	1e                   	(bad)
   1:	fa                   	cli
   2:	41 f7 c1 ff 0f 00 00 	test   $0xfff,%r9d
   9:	75 33                	jne    0x3e
   b:	55                   	push   %rbp
   c:	48 89 e5             	mov    %rsp,%rbp
   f:	41 54                	push   %r12
  11:	41 89 cc             	mov    %ecx,%r12d
  14:	53                   	push   %rbx
  15:	48 89 fb             	mov    %rdi,%rbx
  18:	48 85 ff             	test   %rdi,%rdi
  1b:	74 51                	je     0x6e
  1d:	45 89 e2             	mov    %r12d,%r10d
  20:	48 89 df             	mov    %rbx,%rdi
  23:	b8 09 00 00 00       	mov    $0x9,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax		<-- trapping instruction
  30:	77 24                	ja     0x56
  32:	5b                   	pop    %rbx
  33:	41 5c                	pop    %r12
  35:	5d                   	pop    %rbp
  36:	c3                   	ret
  37:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
  3e:	c7                   	.byte 0xc7
  3f:	05                   	.byte 0x5

Code starting with the faulting instruction
===========================================
   0:	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax
   6:	77 24                	ja     0x2c
   8:	5b                   	pop    %rbx
   9:	41 5c                	pop    %r12
   b:	5d                   	pop    %rbp
   c:	c3                   	ret
   d:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
  14:	c7                   	.byte 0xc7
  15:	05                   	.byte 0x5
[  631.706793][    C1] RSP: 002b:00007ffcfa9578c0 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[  631.706796][    C1] RAX: ffffffffffffffda RBX: 00007f06f2916000 RCX: 00007f06f29ea85c
[  631.706797][    C1] RDX: 0000000000000003 RSI: 0000000000001000 RDI: 00007f06f2916000
[  631.706799][    C1] RBP: 00007ffcfa9578d0 R08: 0000000000000005 R09: 000000000001b000
[  631.706801][    C1] R10: 0000000000000812 R11: 0000000000000206 R12: 0000000000000812


Finger prints:
mark_lock_irq:mark_lock:mark_usage:__lock_acquire:_raw_spin_lock