======================================
| [ 588.799431][ C3] #3: ffff88800508b358 (&br->multicast_lock){+.-.}-{3:3}, at: br_multicast_port_query_expired (./include/trace/events/../../../net/bridge/br_private.h:1293 ./include/trace/events/../../../net/bridge/br_private.h:1302 net/bridge/br_multicast.c:1906) bridge 
| [ 588.800045][ C3] #4: ffffffffb955b5c0 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit (./include/linux/bottom_half.h:20 ./include/linux/rcupdate.h:901 net/core/dev.c:4555) 
| [  588.800527][    C3]
| [  588.800527][    C3] stack backtrace:
[  588.800838][    C3] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[  588.800840][    C3] Call Trace:
[  588.800842][    C3]  <IRQ>
[ 588.800845][ C3] dump_stack_lvl (lib/dump_stack.c:123) 
[ 588.800856][ C3] lockdep_rcu_suspicious (kernel/locking/lockdep.c:6848) 
[ 588.800873][ C3] dev_hard_start_xmit (./include/net/net_namespace.h:418 ./include/linux/netdevice.h:2695 net/core/dev.c:2466 net/core/dev.c:3772 net/core/dev.c:3793) 
[ 588.800891][ C3] __dev_queue_xmit (net/core/dev.h:340 net/core/dev.c:4631) 
[ 588.800900][ C3] ? ipv6_dev_get_saddr (net/ipv6/addrconf.c:1809) 
[ 588.800917][ C3] ? __pfx_ipv6_dev_get_saddr (net/ipv6/addrconf.c:1809) 
[ 588.800923][ C3] ? __pfx___dev_queue_xmit (net/core/dev.c:4538) 
[ 588.800926][ C3] ? debug_object_activate (lib/debugobjects.c:837) 
[ 588.800941][ C3] ? __pfx___br_multicast_query_handle_vlan (net/bridge/br_multicast.c:909) bridge 
[ 588.800998][ C3] ? br_ip6_multicast_alloc_query (./include/linux/skbuff.h:2776 net/bridge/br_multicast.c:1231) bridge 
[ 588.801038][ C3] br_dev_queue_push_xmit (net/bridge/br_forward.c:34) bridge 
[ 588.801073][ C3] ? __pfx_br_dev_queue_push_xmit (net/bridge/br_forward.c:34) bridge 
[ 588.801120][ C3] ? br_multicast_count (./arch/x86/include/asm/bitops.h:206 ./arch/x86/include/asm/bitops.h:238 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 ./include/trace/events/../../../net/bridge/br_private.h:764 net/bridge/br_multicast.c:5052) bridge 
[ 588.801160][ C3] __br_multicast_send_query (net/bridge/br_multicast.c:1813) bridge 
[ 588.801212][ C3] ? __pfx___br_multicast_send_query (net/bridge/br_multicast.c:1789) bridge 
[ 588.801253][ C3] ? __lock_acquire (kernel/locking/lockdep.c:5228) 
[ 588.801266][ C3] ? br_multicast_send_query (net/bridge/br_multicast.c:1891) bridge 
[ 588.801300][ C3] br_multicast_send_query (net/bridge/br_multicast.c:1891) bridge 
[ 588.801339][ C3] ? __pfx_br_multicast_send_query (net/bridge/br_multicast.c:1852) bridge 
[ 588.801372][ C3] ? br_multicast_port_query_expired (./include/trace/events/../../../net/bridge/br_private.h:1293 ./include/trace/events/../../../net/bridge/br_private.h:1302 net/bridge/br_multicast.c:1906) bridge 
[ 588.801409][ C3] ? __pfx_br_ip6_multicast_port_query_expired (net/bridge/br_multicast.c:1929) bridge 
[ 588.801444][ C3] ? __pfx_lock_acquire.part.0 (kernel/locking/lockdep.c:5816) 
[ 588.801450][ C3] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) 
[ 588.801455][ C3] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) 
[ 588.801459][ C3] ? lock_acquire (kernel/locking/lockdep.c:5824) 
[ 588.801462][ C3] ? br_multicast_port_query_expired (./include/trace/events/../../../net/bridge/br_private.h:1293 ./include/trace/events/../../../net/bridge/br_private.h:1302 net/bridge/br_multicast.c:1906) bridge 
[ 588.801503][ C3] ? br_multicast_port_query_expired (net/bridge/br_multicast.c:1917) bridge 
[ 588.801542][ C3] br_multicast_port_query_expired (net/bridge/br_multicast.c:1917) bridge 
[ 588.801579][ C3] ? __pfx_br_ip6_multicast_port_query_expired (net/bridge/br_multicast.c:1929) bridge 
[ 588.801613][ C3] call_timer_fn (kernel/time/timer.c:1789) 
[ 588.801620][ C3] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1779) 
[ 588.801623][ C3] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1779) 
[ 588.801627][ C3] ? __pfx_call_timer_fn (kernel/time/timer.c:1766) 
[ 588.801631][ C3] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:230) 
[ 588.801640][ C3] ? mark_held_locks (kernel/locking/lockdep.c:4323) 
[ 588.801653][ C3] __run_timers (kernel/time/timer.c:1841 kernel/time/timer.c:2414) 
[ 588.801657][ C3] ? __pfx_br_ip6_multicast_port_query_expired (net/bridge/br_multicast.c:1929) bridge 
[ 588.801698][ C3] ? __pfx___run_timers (kernel/time/timer.c:2385) 
[ 588.801702][ C3] ? clockevents_program_event (kernel/time/clockevents.c:326) 
[ 588.801713][ C3] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) 
[ 588.801717][ C3] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) 
[ 588.801721][ C3] ? lock_acquire (kernel/locking/lockdep.c:5824) 
[ 588.801724][ C3] ? run_timer_softirq (kernel/time/timer.c:2426 kernel/time/timer.c:2418 kernel/time/timer.c:2435 kernel/time/timer.c:2445) 
[ 588.801735][ C3] run_timer_softirq (kernel/time/timer.c:2427 kernel/time/timer.c:2418 kernel/time/timer.c:2435 kernel/time/timer.c:2445) 
[ 588.801740][ C3] handle_softirqs (kernel/softirq.c:561) 
[ 588.801756][ C3] __irq_exit_rcu (kernel/softirq.c:596 kernel/softirq.c:435 kernel/softirq.c:662) 
[ 588.801760][ C3] irq_exit_rcu (kernel/softirq.c:680) 
[ 588.801763][ C3] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049) 
[  588.801768][    C3]  </IRQ>
[  588.801770][    C3]  <TASK>
[ 588.801772][ C3] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) 
[ 588.801778][ C3] RIP: 0010:core_kernel_text (kernel/extable.c:67) 
[ 588.801784][ C3] Code: 00 48 85 c0 75 ed 48 89 ef 5d e9 d3 9e 3d 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 53 48 89 fb <48> 83 ec 08 48 81 ff 00 00 60 b5 72 09 48 81 ff dc fc 54 b8 72 5b
All code
========
   0:	00 48 85             	add    %cl,-0x7b(%rax)
   3:	c0 75 ed 48          	shlb   $0x48,-0x13(%rbp)
   7:	89 ef                	mov    %ebp,%edi
   9:	5d                   	pop    %rbp
   a:	e9 d3 9e 3d 00       	jmp    0x3d9ee2
   f:	0f 1f 00             	nopl   (%rax)
  12:	90                   	nop
  13:	90                   	nop
  14:	90                   	nop
  15:	90                   	nop
  16:	90                   	nop
  17:	90                   	nop
  18:	90                   	nop
  19:	90                   	nop
  1a:	90                   	nop
  1b:	90                   	nop
  1c:	90                   	nop
  1d:	90                   	nop
  1e:	90                   	nop
  1f:	90                   	nop
  20:	90                   	nop
  21:	90                   	nop
  22:	66 0f 1f 00          	nopw   (%rax)
  26:	53                   	push   %rbx
  27:	48 89 fb             	mov    %rdi,%rbx
  2a:*	48 83 ec 08          	sub    $0x8,%rsp		<-- trapping instruction
  2e:	48 81 ff 00 00 60 b5 	cmp    $0xffffffffb5600000,%rdi
  35:	72 09                	jb     0x40
  37:	48 81 ff dc fc 54 b8 	cmp    $0xffffffffb854fcdc,%rdi
  3e:	72 5b                	jb     0x9b

Code starting with the faulting instruction
===========================================
   0:	48 83 ec 08          	sub    $0x8,%rsp
   4:	48 81 ff 00 00 60 b5 	cmp    $0xffffffffb5600000,%rdi
   b:	72 09                	jb     0x16
   d:	48 81 ff dc fc 54 b8 	cmp    $0xffffffffb854fcdc,%rdi
  14:	72 5b                	jb     0x71
[  588.801787][    C3] RSP: 0000:ffffc9000a1f6e90 EFLAGS: 00000286
[  588.801791][    C3] RAX: dffffc0000000000 RBX: ffffffffb62f50a5 RCX: ffffc9000a1f8001
[  588.801793][    C3] RDX: 1ffff9200143ede8 RSI: 0000000000000001 RDI: ffffffffb62f50a5
[  588.801795][    C3] RBP: ffffffffb62f50a5 R08: ffffc9000a1f6f28 R09: fffff5200143edc6
[  588.801796][    C3] R10: ffffc9000a1f6ee8 R11: ffffc9000a1f6f29 R12: ffffc9000a1f6fb0
[  588.801798][    C3] R13: 0000000000000000 R14: ffff88801ba0c5c0 R15: ffffffffb6805d49
[ 588.801800][ C3] ? virtio_fs_enqueue_req (./include/linux/slab.h:905 ./include/linux/slab.h:946 fs/fuse/virtio_fs.c:1398) 
[ 588.801809][ C3] ? read_pages (mm/readahead.c:161) 
[ 588.801815][ C3] ? read_pages (mm/readahead.c:161) 
[ 588.801825][ C3] ? read_pages (mm/readahead.c:161) 
[ 588.801832][ C3] ? read_pages (mm/readahead.c:161) 
[ 588.801835][ C3] kernel_text_address (kernel/extable.c:99) 
[ 588.801839][ C3] ? read_pages (mm/readahead.c:161) 
[ 588.801843][ C3] __kernel_text_address (kernel/extable.c:79) 
[ 588.801846][ C3] unwind_get_return_address (arch/x86/kernel/unwind_orc.c:369 arch/x86/kernel/unwind_orc.c:364) 
[ 588.801851][ C3] ? __pfx_stack_trace_consume_entry (kernel/stacktrace.c:83) 
[ 588.801857][ C3] arch_stack_walk (arch/x86/kernel/stacktrace.c:26) 
[ 588.801870][ C3] ? read_pages (mm/readahead.c:161) 
[ 588.801880][ C3] stack_trace_save (kernel/stacktrace.c:123) 
[ 588.801884][ C3] ? __pfx_stack_trace_save (kernel/stacktrace.c:114) 
[ 588.801886][ C3] ? __pfx_unwind_next_frame (arch/x86/kernel/unwind_orc.c:469) 
[ 588.801897][ C3] ? __pfx_validate_chain (kernel/locking/lockdep.c:3862) 
[ 588.801902][ C3] kasan_save_stack (mm/kasan/common.c:48) 
[ 588.801908][ C3] ? kasan_save_stack (mm/kasan/common.c:48) 
[ 588.801911][ C3] ? kasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69) 
[ 588.801914][ C3] ? __kasan_kmalloc (mm/kasan/common.c:398) 
[ 588.801917][ C3] ? __kmalloc_noprof (mm/slub.c:4295 mm/slub.c:4306) 
[ 588.801923][ C3] ? virtio_fs_enqueue_req (./include/linux/slab.h:905 ./include/linux/slab.h:946 fs/fuse/virtio_fs.c:1398) 
[ 588.801926][ C3] ? virtio_fs_send_req (fs/fuse/virtio_fs.c:1500) 
[ 588.801929][ C3] ? flush_bg_queue (fs/fuse/dev.c:323) 
[ 588.801934][ C3] ? fuse_request_queue_background (./include/linux/spinlock.h:391 fs/fuse/dev.c:617) 
[ 588.801938][ C3] ? fuse_simple_background (fs/fuse/dev.c:642) 
[ 588.801940][ C3] ? fuse_send_readpages (fs/fuse/file.c:995) 
[ 588.801945][ C3] ? fuse_readahead (fs/fuse/file.c:1033) 
[ 588.801948][ C3] ? __lock_acquire (kernel/locking/lockdep.c:5228) 
[ 588.801971][ C3] ? find_held_lock (kernel/locking/lockdep.c:5341) 
[ 588.801980][ C3] ? __lock_release (kernel/locking/lockdep.c:5527) 
[ 588.801983][ C3] ? __create_object (mm/kmemleak.c:766) 
[ 588.801988][ C3] ? __pfx___lock_release (kernel/locking/lockdep.c:5503) 
[ 588.801993][ C3] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:230) 
[ 588.801997][ C3] ? mark_lock (kernel/locking/lockdep.c:4729 (discriminator 3)) 
[ 588.802004][ C3] ? mark_held_locks (kernel/locking/lockdep.c:4323) 
[ 588.802012][ C3] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4349 kernel/locking/lockdep.c:4408) 
[ 588.802020][ C3] kasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69) 
[ 588.802025][ C3] __kasan_kmalloc (mm/kasan/common.c:398) 
[ 588.802031][ C3] __kmalloc_noprof (mm/slub.c:4295 mm/slub.c:4306) 
[ 588.802043][ C3] virtio_fs_enqueue_req (./include/linux/slab.h:905 ./include/linux/slab.h:946 fs/fuse/virtio_fs.c:1398) 
[ 588.802058][ C3] ? __pfx_virtio_fs_enqueue_req (fs/fuse/virtio_fs.c:1377) 
[ 588.802072][ C3] ? find_held_lock (kernel/locking/lockdep.c:5341) 
[ 588.802081][ C3] ? __lock_release (kernel/locking/lockdep.c:5527) 
[ 588.802085][ C3] ? fuse_get_unique (fs/fuse/dev.c:222) 
[ 588.802092][ C3] ? __pfx___lock_release (kernel/locking/lockdep.c:5503) 
[ 588.802098][ C3] ? __pfx_lock_acquire.part.0 (kernel/locking/lockdep.c:5816) 
[ 588.802108][ C3] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) 
[ 588.802116][ C3] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) 
[ 588.802126][ C3] ? fuse_get_unique (fs/fuse/dev.c:222) 
[ 588.802132][ C3] ? do_raw_spin_unlock (./arch/x86/include/asm/atomic.h:23 ./include/linux/atomic/atomic-arch-fallback.h:457 ./include/linux/atomic/atomic-instrumented.h:33 ./include/asm-generic/qspinlock.h:57 kernel/locking/spinlock_debug.c:101 kernel/locking/spinlock_debug.c:141) 
[ 588.802141][ C3] virtio_fs_send_req (fs/fuse/virtio_fs.c:1500) 
[ 588.802145][ C3] ? fuse_send_one (fs/fuse/dev.c:305) 
[ 588.802153][ C3] flush_bg_queue (fs/fuse/dev.c:323) 
[ 588.802171][ C3] fuse_request_queue_background (./include/linux/spinlock.h:391 fs/fuse/dev.c:617) 
[ 588.802180][ C3] fuse_simple_background (fs/fuse/dev.c:642) 
[ 588.802186][ C3] fuse_send_readpages (fs/fuse/file.c:995) 
[ 588.802197][ C3] fuse_readahead (fs/fuse/file.c:1033) 
[ 588.802215][ C3] ? __pfx_fuse_readahead (fs/fuse/file.c:1006) 
[ 588.802222][ C3] ? __lock_release (kernel/locking/lockdep.c:5527) 
[ 588.802225][ C3] ? __folio_batch_add_and_move (./include/linux/local_lock_internal.h:38 mm/swap.c:201) 
[ 588.802230][ C3] ? __pfx___lock_release (kernel/locking/lockdep.c:5503) 
[ 588.802234][ C3] ? __pfx_lock_acquire.part.0 (kernel/locking/lockdep.c:5816) 
[ 588.802246][ C3] read_pages (mm/readahead.c:161) 
[ 588.802251][ C3] ? __folio_batch_add_and_move (./include/linux/local_lock_internal.h:38 mm/swap.c:201) 
[ 588.802262][ C3] ? __pfx_read_pages (mm/readahead.c:148) 
[ 588.802284][ C3] page_cache_ra_unbounded (./include/linux/fs.h:944 mm/readahead.c:299) 
[ 588.802300][ C3] do_sync_mmap_readahead (mm/filemap.c:3260) 
[ 588.802308][ C3] ? __pfx_do_sync_mmap_readahead (mm/filemap.c:3192) 
[ 588.802321][ C3] ? __filemap_get_folio (mm/filemap.c:1905) 
[ 588.802330][ C3] filemap_fault (mm/filemap.c:3446) 
[ 588.802337][ C3] ? __lock_release (kernel/locking/lockdep.c:5527) 
[ 588.802340][ C3] ? do_fault_around (./include/linux/rcupdate.h:347 ./include/linux/rcupdate.h:880 mm/memory.c:5371) 
[ 588.802347][ C3] ? __pfx___lock_release (kernel/locking/lockdep.c:5503) 
[ 588.802352][ C3] ? __pfx_filemap_fault (mm/filemap.c:3405) 
[ 588.802363][ C3] ? do_fault_around (./include/linux/rcupdate.h:347 ./include/linux/rcupdate.h:880 mm/memory.c:5371) 
[ 588.802368][ C3] ? __pfx_filemap_map_pages (mm/filemap.c:3766) 
[ 588.802379][ C3] __do_fault (mm/memory.c:4990) 
[ 588.802391][ C3] do_pte_missing (mm/memory.c:5410 mm/memory.c:5544 mm/memory.c:4060) 
[ 588.802394][ C3] ? handle_pte_fault (./include/linux/rcupdate.h:347 ./include/linux/rcupdate.h:880 ./include/linux/pgtable.h:136 mm/memory.c:5901) 
[ 588.802401][ C3] handle_pte_fault (mm/memory.c:5907) 
[ 588.802409][ C3] ? __pfx_handle_pte_fault (mm/memory.c:5864) 
[ 588.802423][ C3] __handle_mm_fault (mm/memory.c:6050) 
[ 588.802428][ C3] ? __pfx___handle_mm_fault (mm/memory.c:5959) 
[ 588.802448][ C3] ? __pfx_lock_vma_under_rcu (mm/memory.c:6375) 
[ 588.802456][ C3] handle_mm_fault (mm/memory.c:6231) 
[ 588.802461][ C3] ? __pfx_handle_mm_fault (mm/memory.c:6186) 
[ 588.802475][ C3] do_user_addr_fault (arch/x86/mm/fault.c:1337) 
[ 588.802489][ C3] exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:87 ./arch/x86/include/asm/irqflags.h:147 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538) 
[ 588.802496][ C3] asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) 
[  588.802499][    C3] RIP: 0033:0x7f3ad5cd01b4
[ 588.802509][ C3] Code: Unable to access opcode bytes at 0x7f3ad5cd018a.

Code starting with the faulting instruction
===========================================
[  588.802510][    C3] RSP: 002b:00007fff3dda74e8 EFLAGS: 00010206
[  588.802513][    C3] RAX: 00007f3ad5cd01b4 RBX: 00007f3ad6006000 RCX: 0000000000000000
[  588.802515][    C3] RDX: 00007f3ad5cfcbb8 RSI: 0000000000000000 RDI: 00007f3ad5cfd158
[  588.802517][    C3] RBP: 00007fff3dda75b0 R08: 0000000000000000 R09: 0000000000000060
[  588.802519][    C3] R10: 00007f3ad5d03fa8 R11: 00007f3ad5d55910 R12: 0000000000000000


Finger prints:
lockdep_rcu_suspicious:dev_hard_start_xmit:__dev_queue_xmit:br_dev_queue_push_xmit:__br_multicast_send_query