======================================
| [   58.137067][    C1]  #0: ff11000001e93378 (&mm->mmap_lock){++++}-{4:4}, at: vm_mmap_pgoff (./include/linux/mmap_lock.h:554 mm/util.c:579)
| [   58.137239][    C1]  #1: ffffffffb7177c00 (rcu_callback){....}-{0:0}, at: rcu_do_batch (./include/linux/rcupdate.h:300 (discriminator 2) kernel/rcu/tree.c:2611 (discriminator 2))
| [   58.137408][    C1]
| [   58.137408][    C1] stack backtrace:
[   58.137530][    C1] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   58.137532][    C1] Call Trace:
[   58.137534][    C1]  <IRQ>
[   58.137535][    C1]  dump_stack_lvl (lib/dump_stack.c:94 lib/dump_stack.c:120)
[   58.137541][    C1]  print_usage_bug.part.0.cold (kernel/locking/lockdep.c:4042)
[   58.137543][    C1]  ? filter_irq_stacks (kernel/stacktrace.c:402)
[   58.137547][    C1]  mark_lock_irq (kernel/locking/lockdep.c:4013 kernel/locking/lockdep.c:4056 kernel/locking/lockdep.c:4267)
[   58.137548][    C1]  ? sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1061 (discriminator 37) arch/x86/kernel/apic/apic.c:1061 (discriminator 37))
[   58.137550][    C1]  ? asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697)
[   58.137552][    C1]  ? save_trace (kernel/locking/lockdep.c:589)
[   58.137554][    C1]  ? __mmap_new_file_vma (mm/vma.c:2506)
[   58.137557][    C1]  mark_lock (kernel/locking/lockdep.c:4753)
[   58.137559][    C1]  mark_usage (kernel/locking/lockdep.c:4642)
[   58.137561][    C1]  __lock_acquire (kernel/locking/lockdep.c:5191)
[   58.137562][    C1]  ? mark_held_locks (kernel/locking/lockdep.c:4325)
[   58.137563][    C1]  ? rcu_do_batch (./include/linux/rcupdate.h:310 (discriminator 2) kernel/rcu/tree.c:2619 (discriminator 2))
[   58.137566][    C1]  lock_acquire.part.0 (kernel/locking/lockdep.c:5868 (discriminator 1))
[   58.137567][    C1]  ? tcf_mirred_release (./include/linux/spinlock.h:342 net/sched/act_mirred.c:78) act_mirred
[   58.137569][    C1]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3))
[   58.137571][    C1]  ? lock_acquire (./include/trace/events/lock.h:24 (discriminator 22) kernel/locking/lockdep.c:5831 (discriminator 22))
[   58.137573][    C1]  _raw_spin_lock (./include/linux/spinlock_api_smp.h:158 (discriminator 1) kernel/locking/spinlock.c:158 (discriminator 1))
[   58.137575][    C1]  ? tcf_mirred_release (./include/linux/spinlock.h:342 net/sched/act_mirred.c:78) act_mirred
[   58.137576][    C1] tcf_mirred_release (./include/linux/spinlock.h:342 net/sched/act_mirred.c:78) act_mirred
[   58.137578][    C1]  tcf_action_rcu_free (net/sched/act_api.c:367 net/sched/act_api.c:378)
[   58.137580][    C1]  ? rcu_do_batch (./include/linux/rcupdate.h:310 (discriminator 2) kernel/rcu/tree.c:2619 (discriminator 2))
[   58.137581][    C1]  rcu_do_batch (kernel/rcu/tree.c:2617)
[   58.137583][    C1]  ? mark_held_locks (kernel/locking/lockdep.c:4325)
[   58.137585][    C1]  ? sched_balance_softirq (kernel/sched/fair.c:13350)
[   58.137588][    C1]  ? trace_rcu_batch_end (./include/trace/events/rcu.h:714 (discriminator 19))
[   58.137590][    C1]  ? sched_balance_domains (kernel/sched/fair.c:12634)
[   58.137592][    C1]  ? mark_held_locks (kernel/locking/lockdep.c:4325)
[   58.137593][    C1]  ? lockdep_hardirqs_on_prepare.part.0 (kernel/locking/lockdep.c:470 (discriminator 2) kernel/locking/lockdep.c:4411 (discriminator 2))
[   58.137595][    C1]  ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472)
[   58.137597][    C1]  rcu_core (kernel/rcu/tree.c:2869)
[   58.137598][    C1]  handle_softirqs (kernel/softirq.c:622)
[   58.137600][    C1]  ? find_held_lock (kernel/locking/lockdep.c:5350)
[   58.137603][    C1]  ? __lock_release.isra.0 (kernel/locking/lockdep.c:5535)
[   58.137604][    C1]  ? _local_bh_enable (kernel/softirq.c:405 (discriminator 1))
[   58.137607][    C1]  __irq_exit_rcu (kernel/softirq.c:656 kernel/softirq.c:496 kernel/softirq.c:735)
[   58.137608][    C1]  irq_exit_rcu (kernel/softirq.c:752)
[   58.137610][    C1]  sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1061 (discriminator 37) arch/x86/kernel/apic/apic.c:1061 (discriminator 37))
[   58.137611][    C1]  </IRQ>
[   58.137612][    C1]  <TASK>
[   58.137612][    C1]  ? init_data_structures_once.part.0 (kernel/locking/lockdep.c:3397 (discriminator 1) kernel/locking/lockdep.c:3438 (discriminator 1) kernel/locking/lockdep.c:3482 (discriminator 1) kernel/locking/lockdep.c:1210 (discriminator 1))
[   58.137614][    C1]  asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697)
[   58.137615][    C1] RIP: 0010:lock_release (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:119 ./arch/x86/include/asm/irqflags.h:159 kernel/locking/lockdep.c:5892 kernel/locking/lockdep.c:5875)
[   58.137618][    C1] Code: d1 33 04 83 f8 01 0f 85 fd 00 00 00 9c 58 f6 c4 02 0f 85 12 01 00 00 41 f7 c7 00 02 00 00 0f 84 bf 00 00 00 fb 4c 8b 7c 24 18 <48> 8b 5c 24 08 4c 8b 74 24 10 48 83 c4 20 c3 65 8b 05 42 8b 33 04
All code
========
   0:	d1 33                	shll   $1,(%rbx)
   2:	04 83                	add    $0x83,%al
   4:	f8                   	clc
   5:	01 0f                	add    %ecx,(%rdi)
   7:	85 fd                	test   %edi,%ebp
   9:	00 00                	add    %al,(%rax)
   b:	00 9c 58 f6 c4 02 0f 	add    %bl,0xf02c4f6(%rax,%rbx,2)
  12:	85 12                	test   %edx,(%rdx)
  14:	01 00                	add    %eax,(%rax)
  16:	00 41 f7             	add    %al,-0x9(%rcx)
  19:	c7 00 02 00 00 0f    	movl   $0xf000002,(%rax)
  1f:	84 bf 00 00 00 fb    	test   %bh,-0x5000000(%rdi)
  25:	4c 8b 7c 24 18       	mov    0x18(%rsp),%r15
  2a:*	48 8b 5c 24 08       	mov    0x8(%rsp),%rbx		<-- trapping instruction
  2f:	4c 8b 74 24 10       	mov    0x10(%rsp),%r14
  34:	48 83 c4 20          	add    $0x20,%rsp
  38:	c3                   	ret
  39:	65 8b 05 42 8b 33 04 	mov    %gs:0x4338b42(%rip),%eax        # 0x4338b82

Code starting with the faulting instruction
===========================================
   0:	48 8b 5c 24 08       	mov    0x8(%rsp),%rbx
   5:	4c 8b 74 24 10       	mov    0x10(%rsp),%r14
   a:	48 83 c4 20          	add    $0x20,%rsp
   e:	c3                   	ret
   f:	65 8b 05 42 8b 33 04 	mov    %gs:0x4338b42(%rip),%eax        # 0x4338b58
[   58.137620][    C1] RSP: 0018:ffa0000000be7058 EFLAGS: 00000206
[   58.137622][    C1] RAX: 0000000000000046 RBX: ffffffffb7177d20 RCX: 0000000000000001
[   58.137623][    C1] RDX: 0000000000000001 RSI: ffffffffb6bebde8 RDI: ffffffffb666f6c0
[   58.137624][    C1] RBP: ffa0000000be72b8 R08: 0000000000000001 R09: ffa0000000be7108
[   58.137625][    C1] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffffb7d18f01
[   58.137626][    C1] R13: ffa0000000be7180 R14: ffffffffb3d4a6e1 R15: ffffffffb4681b39
[   58.137627][    C1]  ? vms_complete_munmap_vmas (mm/vma.c:1361)
[   58.137628][    C1]  ? unwind_next_frame (./include/linux/rcupdate.h:310 (discriminator 2) ./include/linux/rcupdate.h:869 (discriminator 2) ./include/linux/rcupdate.h:1181 (discriminator 2) arch/x86/kernel/unwind_orc.c:495 (discriminator 2))
[   58.137632][    C1]  ? vms_complete_munmap_vmas (mm/vma.c:1361)
[   58.137633][    C1]  unwind_next_frame (./include/linux/rcupdate.h:310 (discriminator 2) ./include/linux/rcupdate.h:869 (discriminator 2) ./include/linux/rcupdate.h:1181 (discriminator 2) arch/x86/kernel/unwind_orc.c:495 (discriminator 2))
[   58.137635][    C1]  ? stack_trace_save (kernel/stacktrace.c:122 (discriminator 1))
[   58.137637][    C1]  ? mark_usage (kernel/locking/lockdep.c:4674)
[   58.137638][    C1]  ? stack_access_ok (./arch/x86/include/asm/stacktrace.h:55)
[   58.137640][    C1]  ? __unwind_start (arch/x86/kernel/unwind_orc.c:787)
[   58.137642][    C1]  ? write_profile (profile.c:?)
[   58.137644][    C1]  arch_stack_walk (arch/x86/kernel/stacktrace.c:25)
[   58.137648][    C1]  ? kasan_save_stack (mm/kasan/common.c:57)
[   58.137652][    C1]  stack_trace_save (kernel/stacktrace.c:122 (discriminator 1))
[   58.137654][    C1]  ? filter_irq_stacks (kernel/stacktrace.c:402)
[   58.137656][    C1]  ? validate_chain (kernel/locking/lockdep.c:3801 (discriminator 2) kernel/locking/lockdep.c:3821 (discriminator 2) kernel/locking/lockdep.c:3876 (discriminator 2))
[   58.137657][    C1]  ? is_bpf_text_address (./include/linux/rcupdate.h:310 (discriminator 2) ./include/linux/rcupdate.h:869 (discriminator 2) kernel/bpf/core.c:749 (discriminator 2))
[   58.137660][    C1]  kasan_save_stack (mm/kasan/common.c:57)
[   58.137667][    C1]  kasan_record_aux_stack (mm/kasan/generic.c:556)
[   58.137669][    C1]  ? __remove_object (mm/kmemleak.c:609)
[   58.137671][    C1]  __call_rcu_common.constprop.0 (kernel/rcu/tree.c:3131)
[   58.137672][    C1]  ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472)
[   58.137674][    C1]  ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:178 (discriminator 6) kernel/locking/spinlock.c:198 (discriminator 6))
[   58.137676][    C1]  ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:179 (discriminator 1) kernel/locking/spinlock.c:198 (discriminator 1))
[   58.137677][    C1]  kmem_cache_free (./include/linux/kmemleak.h:50 mm/slub.c:2614 mm/slub.c:6251 mm/slub.c:6378)
[   58.137680][    C1]  ? fput (./include/linux/preempt.h:468 ./include/linux/file_ref.h:150 fs/file_table.c:586)
[   58.137683][    C1]  vms_complete_munmap_vmas (mm/vma.c:1361)
[   58.137685][    C1]  ? __mmap_new_vma (./include/linux/fs.h:523 mm/vma.c:1840 mm/vma.c:2585)
[   58.137686][    C1]  ? perf_event_mmap (./include/linux/instrumented.h:82 ./include/linux/atomic/atomic-instrumented.h:32 kernel/events/core.c:9932)
[   58.137689][    C1]  ? __mmap_new_vma (mm/vma.h:615 mm/vma.h:623 mm/vma.c:2583)
[   58.137692][    C1]  ? vma_set_page_prot (mm/mmap.c:87)
[   58.137695][    C1]  __mmap_region (mm/vma.c:2617 mm/vma.c:2780)
[   58.137697][    C1]  ? vma_merge_new_range (mm/vma.c:1083)
[   58.137698][    C1]  ? filemap_get_pages (mm/filemap.c:2725)
[   58.137701][    C1]  ? mark_usage (kernel/locking/lockdep.c:4674)
[   58.137703][    C1]  ? copy_page_to_iter (lib/iov_iter.c:374 lib/iov_iter.c:361)
[   58.137707][    C1]  ? folio_mark_accessed (./include/linux/instrumented.h:82 ./include/asm-generic/bitops/instrumented-non-atomic.h:141 ./include/linux/page-flags.h:554 mm/swap.c:478 mm/swap.c:461)
[   58.137712][    C1]  ? mas_prev (lib/maple_tree.c:5211 lib/maple_tree.c:5204)
[   58.137718][    C1]  ? vm_unmapped_area (./include/trace/events/mmap.h:10 (discriminator 22) mm/mmap.c:674 (discriminator 22))
[   58.137720][    C1]  ? arch_get_unmapped_area_topdown (./include/linux/instrumented.h:82 ./include/asm-generic/bitops/instrumented-non-atomic.h:141 ./include/linux/thread_info.h:133 arch/x86/kernel/sys_x86_64.c:177)
[   58.137724][    C1]  mmap_region (mm/vma.c:2857)
[   58.137726][    C1]  ? mm_take_all_locks (mm/vma.c:2266 (discriminator 1))
[   58.137727][    C1]  ? __might_fault (mm/memory.c:7340 (discriminator 5))
[   58.137730][    C1]  ? __get_unmapped_area (./include/linux/security.h:1187 mm/mmap.c:863)
[   58.137732][    C1]  ? ovl_file_end_write (./include/linux/fs.h:1353)
[   58.137735][    C1]  do_mmap (mm/mmap.c:560)
[   58.137738][    C1]  ? __ia32_sys_brk (mm/mmap.c:116)
[   58.137740][    C1]  ? down_write_killable (./include/linux/instrumented.h:55 ./include/linux/atomic/atomic-instrumented.h:4457 kernel/locking/rwsem.c:268 kernel/locking/rwsem.c:1346 kernel/locking/rwsem.c:1361 kernel/locking/rwsem.c:1639)
[   58.137741][    C1]  ? down_write (kernel/locking/rwsem.c:1627)
[   58.137743][    C1]  vm_mmap_pgoff (mm/util.c:581)
[   58.137746][    C1]  ? randomize_page (mm/util.c:387)
[   58.137748][    C1]  ? __fget_files (./include/linux/rcupdate.h:871 fs/file.c:1101)
[   58.137751][    C1]  ksys_mmap_pgoff (mm/mmap.c:606)
[   58.137753][    C1]  ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 3) kernel/rcu/tree.c:752 (discriminator 3))
[   58.137755][    C1]  ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4472)
[   58.137757][    C1]  ? do_syscall_64 (./include/linux/entry-common.h:177 arch/x86/entry/syscall_64.c:89)
[   58.137758][    C1]  do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)
[   58.137759][    C1]  ? trace_hardirqs_off (kernel/trace/trace_preemptirq.c:104 (discriminator 1))
[   58.137762][    C1]  ? exc_page_fault (arch/x86/mm/fault.c:1480 (discriminator 3) arch/x86/mm/fault.c:1527 (discriminator 3))
[   58.137764][    C1]  entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:121)
[   58.137765][    C1] RIP: 0033:0x7f547582a85c
[   58.137767][    C1] Code: 1e fa 41 f7 c1 ff 0f 00 00 75 33 55 48 89 e5 41 54 41 89 cc 53 48 89 fb 48 85 ff 74 51 45 89 e2 48 89 df b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 24 5b 41 5c 5d c3 0f 1f 80 00 00 00 00 c7 05
All code
========
   0:	1e                   	(bad)
   1:	fa                   	cli
   2:	41 f7 c1 ff 0f 00 00 	test   $0xfff,%r9d
   9:	75 33                	jne    0x3e
   b:	55                   	push   %rbp
   c:	48 89 e5             	mov    %rsp,%rbp
   f:	41 54                	push   %r12
  11:	41 89 cc             	mov    %ecx,%r12d
  14:	53                   	push   %rbx
  15:	48 89 fb             	mov    %rdi,%rbx
  18:	48 85 ff             	test   %rdi,%rdi
  1b:	74 51                	je     0x6e
  1d:	45 89 e2             	mov    %r12d,%r10d
  20:	48 89 df             	mov    %rbx,%rdi
  23:	b8 09 00 00 00       	mov    $0x9,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax		<-- trapping instruction
  30:	77 24                	ja     0x56
  32:	5b                   	pop    %rbx
  33:	41 5c                	pop    %r12
  35:	5d                   	pop    %rbp
  36:	c3                   	ret
  37:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
  3e:	c7                   	.byte 0xc7
  3f:	05                   	.byte 0x5

Code starting with the faulting instruction
===========================================
   0:	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax
   6:	77 24                	ja     0x2c
   8:	5b                   	pop    %rbx
   9:	41 5c                	pop    %r12
   b:	5d                   	pop    %rbp
   c:	c3                   	ret
   d:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
  14:	c7                   	.byte 0xc7
  15:	05                   	.byte 0x5
[   58.137768][    C1] RSP: 002b:00007ffe13641a80 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[   58.137770][    C1] RAX: ffffffffffffffda RBX: 00007f5475739000 RCX: 00007f547582a85c
[   58.137771][    C1] RDX: 0000000000000003 RSI: 0000000000001000 RDI: 00007f5475739000
[   58.137772][    C1] RBP: 00007ffe13641a90 R08: 0000000000000005 R09: 0000000000004000
[   58.137772][    C1] R10: 0000000000000812 R11: 0000000000000206 R12: 0000000000000812


Finger prints:
mark_lock_irq:mark_lock:mark_usage:__lock_acquire:_raw_spin_lock