======================================
| [ 15.046550][ C2] #4: ffff88800a0bb358 (&br->multicast_lock){+.-.}-{3:3}, at: br_multicast_port_query_expired (./include/trace/events/../../../net/bridge/br_private.h:1293 ./include/trace/events/../../../net/bridge/br_private.h:1302 net/bridge/br_multicast.c:1906) bridge 
| [ 15.047096][ C2] #5: ffffffff8d95b5c0 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit (./include/linux/bottom_half.h:20 ./include/linux/rcupdate.h:901 net/core/dev.c:4555) 
| [   15.047717][    C2]
| [   15.047717][    C2] stack backtrace:
[   15.048007][    C2] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   15.048010][    C2] Workqueue: events_unbound linkwatch_event
[   15.048019][    C2] Call Trace:
[   15.048022][    C2]  <IRQ>
[ 15.048025][ C2] dump_stack_lvl (lib/dump_stack.c:123) 
[ 15.048035][ C2] lockdep_rcu_suspicious (kernel/locking/lockdep.c:6848) 
[ 15.048050][ C2] dev_hard_start_xmit (./include/net/net_namespace.h:418 ./include/linux/netdevice.h:2695 net/core/dev.c:2466 net/core/dev.c:3772 net/core/dev.c:3793) 
[ 15.048063][ C2] __dev_queue_xmit (net/core/dev.h:340 net/core/dev.c:4631) 
[ 15.048073][ C2] ? __build_skb_around (./arch/x86/include/asm/atomic.h:28 ./include/linux/atomic/atomic-arch-fallback.h:503 ./include/linux/atomic/atomic-instrumented.h:68 net/core/skbuff.c:381 net/core/skbuff.c:439) 
[ 15.048085][ C2] ? __pfx___dev_queue_xmit (net/core/dev.c:4538) 
[ 15.048088][ C2] ? __pfx___alloc_skb (net/core/skbuff.c:642) 
[ 15.048094][ C2] ? stack_trace_save (kernel/stacktrace.c:114) 
[ 15.048101][ C2] ? __pfx_stack_trace_save (kernel/stacktrace.c:114) 
[ 15.048109][ C2] ? __pfx___br_multicast_query_handle_vlan (net/bridge/br_multicast.c:909) bridge 
[ 15.048166][ C2] br_dev_queue_push_xmit (net/bridge/br_forward.c:34) bridge 
[ 15.048199][ C2] ? __pfx_br_dev_queue_push_xmit (net/bridge/br_forward.c:34) bridge 
[ 15.048231][ C2] ? br_multicast_count (./arch/x86/include/asm/bitops.h:206 ./arch/x86/include/asm/bitops.h:238 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 ./include/trace/events/../../../net/bridge/br_private.h:764 net/bridge/br_multicast.c:5052) bridge 
[ 15.048286][ C2] __br_multicast_send_query (net/bridge/br_multicast.c:1813) bridge 
[ 15.048332][ C2] ? __pfx___br_multicast_send_query (net/bridge/br_multicast.c:1789) bridge 
[ 15.048373][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5228) 
[ 15.048384][ C2] ? br_multicast_send_query (net/bridge/br_multicast.c:1891) bridge 
[ 15.048419][ C2] br_multicast_send_query (net/bridge/br_multicast.c:1891) bridge 
[ 15.048458][ C2] ? __pfx_br_multicast_send_query (net/bridge/br_multicast.c:1852) bridge 
[ 15.048491][ C2] ? br_multicast_port_query_expired (./include/trace/events/../../../net/bridge/br_private.h:1293 ./include/trace/events/../../../net/bridge/br_private.h:1302 net/bridge/br_multicast.c:1906) bridge 
[ 15.048529][ C2] ? __pfx_br_ip4_multicast_port_query_expired (net/bridge/br_multicast.c:1920) bridge 
[ 15.048564][ C2] ? __pfx_lock_acquire.part.0 (kernel/locking/lockdep.c:5816) 
[ 15.048570][ C2] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) 
[ 15.048575][ C2] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) 
[ 15.048579][ C2] ? lock_acquire (kernel/locking/lockdep.c:5824) 
[ 15.048582][ C2] ? br_multicast_port_query_expired (./include/trace/events/../../../net/bridge/br_private.h:1293 ./include/trace/events/../../../net/bridge/br_private.h:1302 net/bridge/br_multicast.c:1906) bridge 
[ 15.048623][ C2] ? br_multicast_port_query_expired (net/bridge/br_multicast.c:1917) bridge 
[ 15.048657][ C2] br_multicast_port_query_expired (net/bridge/br_multicast.c:1917) bridge 
[ 15.048694][ C2] ? __pfx_br_ip4_multicast_port_query_expired (net/bridge/br_multicast.c:1920) bridge 
[ 15.048727][ C2] call_timer_fn (kernel/time/timer.c:1789) 
[ 15.048732][ C2] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1779) 
[ 15.048735][ C2] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1779) 
[ 15.048739][ C2] ? __pfx_call_timer_fn (kernel/time/timer.c:1766) 
[ 15.048743][ C2] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:230) 
[ 15.048752][ C2] ? mark_held_locks (kernel/locking/lockdep.c:4323) 
[ 15.048764][ C2] __run_timers (kernel/time/timer.c:1841 kernel/time/timer.c:2414) 
[ 15.048768][ C2] ? __pfx_br_ip4_multicast_port_query_expired (net/bridge/br_multicast.c:1920) bridge 
[ 15.048810][ C2] ? __pfx___run_timers (kernel/time/timer.c:2385) 
[ 15.048813][ C2] ? clockevents_program_event (kernel/time/clockevents.c:326) 
[ 15.048823][ C2] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) 
[ 15.048827][ C2] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) 
[ 15.048831][ C2] ? lock_acquire (kernel/locking/lockdep.c:5824) 
[ 15.048834][ C2] ? run_timer_softirq (kernel/time/timer.c:2426 kernel/time/timer.c:2418 kernel/time/timer.c:2435 kernel/time/timer.c:2445) 
[ 15.048845][ C2] run_timer_softirq (kernel/time/timer.c:2427 kernel/time/timer.c:2418 kernel/time/timer.c:2435 kernel/time/timer.c:2445) 
[ 15.048850][ C2] handle_softirqs (kernel/softirq.c:561) 
[ 15.048858][ C2] ? do_raw_spin_unlock (./arch/x86/include/asm/atomic.h:23 ./include/linux/atomic/atomic-arch-fallback.h:457 ./include/linux/atomic/atomic-instrumented.h:33 ./include/asm-generic/qspinlock.h:57 kernel/locking/spinlock_debug.c:101 kernel/locking/spinlock_debug.c:141) 
[ 15.048866][ C2] __irq_exit_rcu (kernel/softirq.c:596 kernel/softirq.c:435 kernel/softirq.c:662) 
[ 15.048870][ C2] irq_exit_rcu (kernel/softirq.c:680) 
[ 15.048873][ C2] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049) 
[   15.048878][    C2]  </IRQ>
[   15.048879][    C2]  <TASK>
[ 15.048881][ C2] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) 
[ 15.048886][ C2] RIP: 0010:unwind_get_return_address (arch/x86/kernel/unwind_orc.c:369 arch/x86/kernel/unwind_orc.c:364) 
[ 15.048891][ C2] Code: ea 03 80 3c 02 00 75 36 48 8b 7b 58 e8 d2 dc 0d 00 85 c0 74 cf 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 ea 03 80 3c 02 00 <75> 1c 48 8b 43 58 5b 5d c3 cc cc cc cc e8 67 e1 8c 00 eb a0 48 89
All code
========
   0:	ea                   	(bad)
   1:	03 80 3c 02 00 75    	add    0x7500023c(%rax),%eax
   7:	36 48 8b 7b 58       	ss mov 0x58(%rbx),%rdi
   c:	e8 d2 dc 0d 00       	call   0xddce3
  11:	85 c0                	test   %eax,%eax
  13:	74 cf                	je     0xffffffffffffffe4
  15:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  1c:	fc ff df 
  1f:	48 89 ea             	mov    %rbp,%rdx
  22:	48 c1 ea 03          	shr    $0x3,%rdx
  26:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
  2a:*	75 1c                	jne    0x48		<-- trapping instruction
  2c:	48 8b 43 58          	mov    0x58(%rbx),%rax
  30:	5b                   	pop    %rbx
  31:	5d                   	pop    %rbp
  32:	c3                   	ret
  33:	cc                   	int3
  34:	cc                   	int3
  35:	cc                   	int3
  36:	cc                   	int3
  37:	e8 67 e1 8c 00       	call   0x8ce1a3
  3c:	eb a0                	jmp    0xffffffffffffffde
  3e:	48                   	rex.W
  3f:	89                   	.byte 0x89

Code starting with the faulting instruction
===========================================
   0:	75 1c                	jne    0x1e
   2:	48 8b 43 58          	mov    0x58(%rbx),%rax
   6:	5b                   	pop    %rbx
   7:	5d                   	pop    %rbp
   8:	c3                   	ret
   9:	cc                   	int3
   a:	cc                   	int3
   b:	cc                   	int3
   c:	cc                   	int3
   d:	e8 67 e1 8c 00       	call   0x8ce179
  12:	eb a0                	jmp    0xffffffffffffffb4
  14:	48                   	rex.W
  15:	89                   	.byte 0x89
[   15.048893][    C2] RSP: 0018:ffffc9000031f1d0 EFLAGS: 00000246
[   15.048897][    C2] RAX: dffffc0000000000 RBX: ffffc9000031f1e8 RCX: 1ffffffff1cf4801
[   15.048899][    C2] RDX: 1ffff92000063e48 RSI: 0000000000000004 RDI: ffffffff8a8c76c4
[   15.048900][    C2] RBP: ffffc9000031f240 R08: ffffc9000031f228 R09: fffff52000063e26
[   15.048902][    C2] R10: ffffc9000031f1e8 R11: ffffc9000031f229 R12: ffffc9000031f2b0
[   15.048903][    C2] R13: 0000000000000000 R14: ffff8880021645c0 R15: 0000000000092cc0
[ 15.048916][ C2] ? kasan_save_stack (mm/kasan/common.c:48) 
[ 15.048926][ C2] ? __pfx_stack_trace_consume_entry (kernel/stacktrace.c:83) 
[ 15.048930][ C2] arch_stack_walk (arch/x86/kernel/stacktrace.c:26) 
[ 15.048944][ C2] ? kasan_save_stack (mm/kasan/common.c:48) 
[ 15.048953][ C2] stack_trace_save (kernel/stacktrace.c:123) 
[ 15.048957][ C2] ? __pfx_stack_trace_save (kernel/stacktrace.c:114) 
[ 15.048965][ C2] ? find_held_lock (kernel/locking/lockdep.c:5341) 
[ 15.048973][ C2] kasan_save_stack (mm/kasan/common.c:48) 
[ 15.048976][ C2] ? get_partial_node.part.0 (mm/slub.c:2870) 
[ 15.048984][ C2] ? __pfx___lock_release (kernel/locking/lockdep.c:5503) 
[ 15.048989][ C2] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:230) 
[ 15.048992][ C2] ? mark_lock (kernel/locking/lockdep.c:4729 (discriminator 3)) 
[ 15.049000][ C2] ? mark_held_locks (kernel/locking/lockdep.c:4323) 
[ 15.049007][ C2] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4349 kernel/locking/lockdep.c:4408) 
[ 15.049015][ C2] ? get_partial_node.part.0 (mm/slub.c:2870) 
[ 15.049027][ C2] ? __alloc_object (mm/kmemleak.c:471 mm/kmemleak.c:651) 
[ 15.049033][ C2] ? ___slab_alloc (mm/slub.c:2831 mm/slub.c:2948 mm/slub.c:3806) 
[ 15.049037][ C2] ? __lock_release (kernel/locking/lockdep.c:5527) 
[ 15.049039][ C2] ? __alloc_object (mm/kmemleak.c:471 mm/kmemleak.c:651) 
[ 15.049044][ C2] ? get_any_partial (./include/linux/seqlock.h:72 ./include/linux/cpuset.h:144 mm/slub.c:2909) 
[ 15.049059][ C2] kasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69) 
[ 15.049063][ C2] __kasan_slab_alloc (mm/kasan/common.c:348) 
[ 15.049070][ C2] kmem_cache_alloc_noprof (./include/linux/kasan.h:250 mm/slub.c:4115 mm/slub.c:4164 mm/slub.c:4171) 
[ 15.049075][ C2] ? __pfx___mutex_unlock_slowpath (kernel/locking/mutex.c:885) 
[ 15.049086][ C2] __alloc_object (mm/kmemleak.c:471 mm/kmemleak.c:651) 
[ 15.049091][ C2] __create_object (mm/kmemleak.c:760) 
[ 15.049098][ C2] pcpu_alloc_noprof (mm/percpu.c:1892) 
[ 15.049118][ C2] fib6_nh_init (net/ipv6/route.c:3639) 
[ 15.049130][ C2] ? __pfx_fib6_nh_init (net/ipv6/route.c:3535) 
[ 15.049136][ C2] ? trace_kmalloc (./include/trace/events/kmem.h:54 (discriminator 21)) 
[ 15.049140][ C2] ? __kmalloc_noprof (mm/slub.c:4307) 
[ 15.049153][ C2] ip6_route_info_create (net/ipv6/route.c:3824) 
[ 15.049165][ C2] ? __pfx_ip6_route_info_create (net/ipv6/route.c:3705) 
[ 15.049180][ C2] ip6_route_add (net/ipv6/route.c:3867) 
[ 15.049187][ C2] addrconf_add_mroute (net/ipv6/addrconf.c:2535) 
[ 15.049193][ C2] ? __pfx_addrconf_add_mroute (net/ipv6/addrconf.c:2535) 
[ 15.049229][ C2] addrconf_add_dev (net/ipv6/addrconf.c:2567) 
[ 15.049234][ C2] addrconf_dev_config (net/ipv6/addrconf.c:3472) 
[ 15.049240][ C2] addrconf_notify (./include/linux/err.h:81 net/ipv6/addrconf.c:3741) 
[ 15.049255][ C2] notifier_call_chain (kernel/notifier.c:85 (discriminator 2)) 
[ 15.049273][ C2] netdev_state_change (net/core/dev.c:1538 net/core/dev.c:1529) 
[ 15.049280][ C2] ? __pfx_netdev_state_change (net/core/dev.c:1530) 
[ 15.049295][ C2] linkwatch_do_dev (net/core/link_watch.c:186) 
[ 15.049300][ C2] __linkwatch_run_queue (./include/linux/spinlock.h:376 net/core/link_watch.c:245) 
[ 15.049308][ C2] ? __pfx___linkwatch_run_queue (net/core/link_watch.c:195) 
[ 15.049314][ C2] ? lock_acquire (kernel/locking/lockdep.c:5824) 
[ 15.049325][ C2] linkwatch_event (net/core/link_watch.c:287) 
[ 15.049327][ C2] process_one_work (kernel/workqueue.c:3238) 
[ 15.049343][ C2] ? __pfx___lock_release (kernel/locking/lockdep.c:5503) 
[ 15.049349][ C2] ? __pfx_process_one_work (kernel/workqueue.c:3140) 
[ 15.049362][ C2] ? assign_work (kernel/workqueue.c:1200) 
[ 15.049373][ C2] worker_thread (kernel/workqueue.c:3313 kernel/workqueue.c:3400) 
[ 15.049387][ C2] ? __pfx_worker_thread (kernel/workqueue.c:3346) 
[ 15.049393][ C2] kthread (kernel/kthread.c:464) 
[ 15.049399][ C2] ? __pfx_kthread (kernel/kthread.c:413) 
[ 15.049408][ C2] ? __pfx_kthread (kernel/kthread.c:413) 
[ 15.049414][ C2] ret_from_fork (arch/x86/kernel/process.c:148) 
[ 15.049420][ C2] ? __pfx_kthread (kernel/kthread.c:413) 


Finger prints:
lockdep_rcu_suspicious:dev_hard_start_xmit:__dev_queue_xmit:br_dev_queue_push_xmit:__br_multicast_send_query