======================================
| xx__-> [   26.041614][  T242] ip (242) used greatest stack depth: 24064 bytes left
| [   26.622776][  T254] ip (254) used greatest stack depth: 23264 bytes left
| [   31.047979][    C2] BUG: spinlock bad magic on CPU#2, ip/294
| [ 31.048199][ C2] lock: noop_qdisc+0x240/0x300, .magic: 00000000, .owner: ip/294, .owner_cpu: 2 
[   31.048697][    C2] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
[   31.049001][    C2] Call Trace:
[   31.049110][    C2]  <IRQ>
[ 31.049192][ C2] dump_stack_lvl (lib/dump_stack.c:122) 
[ 31.049345][ C2] do_raw_spin_unlock (kernel/locking/spinlock_debug.c:100 kernel/locking/spinlock_debug.c:141) 
[ 31.049492][ C2] _raw_spin_unlock (./arch/x86/include/asm/preempt.h:94 ./include/linux/spinlock_api_smp.h:143 kernel/locking/spinlock.c:186) 
[ 31.049633][ C2] __dev_xmit_skb (./include/net/sch_generic.h:226 ./include/net/sch_generic.h:217 net/core/dev.c:3879) 
[ 31.049774][ C2] ? __pfx___dev_xmit_skb (net/core/dev.c:3784) 
[ 31.049969][ C2] ? __dev_queue_xmit (./include/linux/bottom_half.h:20 ./include/linux/rcupdate.h:890 net/core/dev.c:4348) 
[ 31.050112][ C2] ? lock_acquire (kernel/locking/lockdep.c:5732) 
[ 31.050252][ C2] ? __dev_queue_xmit (./include/linux/bottom_half.h:20 ./include/linux/rcupdate.h:890 net/core/dev.c:4348) 
[ 31.050393][ C2] __dev_queue_xmit (net/core/dev.c:4389) 
[ 31.050541][ C2] ? __lock_release (kernel/locking/lockdep.c:5435) 
[ 31.050678][ C2] ? ip_finish_output2 (./include/net/neighbour.h:542 net/ipv4/ip_output.c:235) 
[ 31.050821][ C2] ? __pfx___lock_release (kernel/locking/lockdep.c:5411) 
[ 31.050958][ C2] ? __pfx___dev_queue_xmit (net/core/dev.c:4332) 
[ 31.051099][ C2] ? mark_held_locks (kernel/locking/lockdep.c:4273) 
[ 31.051238][ C2] ? eth_header (net/ethernet/eth.c:100) 
[ 31.051382][ C2] ? neigh_resolve_output (./include/linux/netdevice.h:3159 net/core/neighbour.c:1560 net/core/neighbour.c:1545) 
[ 31.051526][ C2] ip_finish_output2 (./include/net/neighbour.h:542 net/ipv4/ip_output.c:235) 
[ 31.051665][ C2] ? find_held_lock (kernel/locking/lockdep.c:5249) 
[ 31.051811][ C2] ? __pfx_ip_finish_output2 (net/ipv4/ip_output.c:199) 
[ 31.051949][ C2] ? igmpv3_send_cr (./include/linux/rcupdate.h:336 ./include/linux/rcupdate.h:869 net/ipv4/igmp.c:719) 
[ 31.052088][ C2] ? __ip_finish_output (./include/linux/skbuff.h:1666 ./include/linux/skbuff.h:4954 net/ipv4/ip_output.c:307 net/ipv4/ip_output.c:295) 
[ 31.052230][ C2] ip_output (./include/linux/netfilter.h:303 net/ipv4/ip_output.c:433) 
[ 31.052336][ C2] ? __pfx_ip_output (net/ipv4/ip_output.c:427) 
[ 31.052480][ C2] ? igmpv3_send_cr (net/ipv4/igmp.c:721) 
[ 31.052616][ C2] ? ip_local_out (net/ipv4/ip_output.c:128) 
[ 31.052754][ C2] igmp_ifc_timer_expire (net/ipv4/igmp.c:815) 
[ 31.052892][ C2] ? __pfx_igmp_ifc_timer_expire (net/ipv4/igmp.c:809) 
[ 31.053068][ C2] call_timer_fn (kernel/time/timer.c:1792) 
[ 31.053207][ C2] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1782) 
[ 31.053344][ C2] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1782) 
[ 31.053490][ C2] ? __pfx_call_timer_fn (kernel/time/timer.c:1769) 
[ 31.053643][ C2] ? hlock_class (./arch/x86/include/asm/bitops.h:227 ./arch/x86/include/asm/bitops.h:239 ./include/asm-generic/bitops/instrumented-non-atomic.h:142 kernel/locking/lockdep.c:227) 
[ 31.053793][ C2] ? mark_held_locks (kernel/locking/lockdep.c:4273) 
[ 31.053948][ C2] __run_timers (kernel/time/timer.c:1844 kernel/time/timer.c:2417) 
[ 31.054090][ C2] ? __pfx_igmp_ifc_timer_expire (net/ipv4/igmp.c:809) 
[ 31.054265][ C2] ? __pfx___run_timers (kernel/time/timer.c:2388) 
[ 31.054405][ C2] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) 
[ 31.054548][ C2] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) 
[ 31.054691][ C2] ? lock_acquire (kernel/locking/lockdep.c:5732) 
[ 31.054831][ C2] ? run_timer_softirq (kernel/time/timer.c:2428 kernel/time/timer.c:2421 kernel/time/timer.c:2437 kernel/time/timer.c:2447) 
[ 31.054969][ C2] run_timer_softirq (kernel/time/timer.c:2429 kernel/time/timer.c:2421 kernel/time/timer.c:2437 kernel/time/timer.c:2447) 
[ 31.055108][ C2] handle_softirqs (kernel/softirq.c:554) 
[ 31.055254][ C2] irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637 kernel/softirq.c:649) 
[ 31.055359][ C2] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1043 arch/x86/kernel/apic/apic.c:1043) 
[   31.055507][    C2]  </IRQ>
[   31.055587][    C2]  <TASK>
[ 31.055657][ C2] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) 
[ 31.055837][ C2] RIP: 0010:__call_rcu_common.constprop.0 (kernel/rcu/tree.c:3129) 
[ 31.056021][ C2] Code: 48 03 85 18 01 00 00 48 39 c2 0f 8f 69 02 00 00 e8 04 0b 1a 00 9c 58 f6 c4 02 0f 85 32 02 00 00 4d 85 ed 74 01 fb 48 83 c4 10 <5b> 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 80 3c 02 00 0f 85 08
All code
========
   0:	48 03 85 18 01 00 00 	add    0x118(%rbp),%rax
   7:	48 39 c2             	cmp    %rax,%rdx
   a:	0f 8f 69 02 00 00    	jg     0x279
  10:	e8 04 0b 1a 00       	call   0x1a0b19
  15:	9c                   	pushf
  16:	58                   	pop    %rax
  17:	f6 c4 02             	test   $0x2,%ah
  1a:	0f 85 32 02 00 00    	jne    0x252
  20:	4d 85 ed             	test   %r13,%r13
  23:	74 01                	je     0x26
  25:	fb                   	sti
  26:	48 83 c4 10          	add    $0x10,%rsp
  2a:*	5b                   	pop    %rbx		<-- trapping instruction
  2b:	5d                   	pop    %rbp
  2c:	41 5c                	pop    %r12
  2e:	41 5d                	pop    %r13
  30:	41 5e                	pop    %r14
  32:	41 5f                	pop    %r15
  34:	c3                   	ret
  35:	cc                   	int3
  36:	cc                   	int3
  37:	cc                   	int3
  38:	cc                   	int3
  39:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
  3d:	0f                   	.byte 0xf
  3e:	85 08                	test   %ecx,(%rax)

Code starting with the faulting instruction
===========================================
   0:	5b                   	pop    %rbx
   1:	5d                   	pop    %rbp
   2:	41 5c                	pop    %r12
   4:	41 5d                	pop    %r13
   6:	41 5e                	pop    %r14
   8:	41 5f                	pop    %r15
   a:	c3                   	ret
   b:	cc                   	int3
   c:	cc                   	int3
   d:	cc                   	int3
   e:	cc                   	int3
   f:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
  13:	0f                   	.byte 0xf
  14:	85 08                	test   %ecx,(%rax)
[   31.056511][    C2] RSP: 0018:ffffc9000055fbd8 EFLAGS: 00000286
[   31.056692][    C2] RAX: 0000000000000002 RBX: ffff8880032f3a20 RCX: 1ffffffff74f473e
[   31.056906][    C2] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb4d9b49c
[   31.057114][    C2] RBP: ffff88803613e900 R08: 0000000000000001 R09: fffffbfff74f2102
[   31.057331][    C2] R10: ffffffffba790817 R11: ffffc9000055f899 R12: ffff88803613ea18
[   31.057546][    C2] R13: 0000000000000200 R14: ffff88803613e9a0 R15: ffff88803613e9e8
[ 31.057757][ C2] ? __call_rcu_common.constprop.0 (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:87 ./arch/x86/include/asm/irqflags.h:147 kernel/rcu/tree.c:3128) 
[ 31.057945][ C2] kmem_cache_free (./include/linux/kmemleak.h:48 mm/slub.c:2213 mm/slub.c:4473 mm/slub.c:4548) 
[ 31.058088][ C2] ? exit_mmap (mm/mmap.c:3438) 
[ 31.058231][ C2] exit_mmap (mm/mmap.c:3438) 
[ 31.058336][ C2] ? __pfx_exit_mmap (mm/mmap.c:3386) 
[ 31.058482][ C2] ? __mutex_unlock_slowpath (./arch/x86/include/asm/atomic64_64.h:101 ./include/linux/atomic/atomic-arch-fallback.h:4329 ./include/linux/atomic/atomic-long.h:1506 ./include/linux/atomic/atomic-instrumented.h:4481 kernel/locking/mutex.c:929) 
[ 31.058627][ C2] mmput (kernel/fork.c:1412 kernel/fork.c:1347 kernel/fork.c:1367) 
[ 31.058735][ C2] exit_mm (kernel/exit.c:572) 
[ 31.058841][ C2] do_exit (kernel/exit.c:872) 
[ 31.058945][ C2] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) 
[ 31.059089][ C2] ? __pfx_do_exit (kernel/exit.c:821) 
[ 31.059235][ C2] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) 
[ 31.059378][ C2] do_group_exit (kernel/exit.c:1012) 
[ 31.059523][ C2] __x64_sys_exit_group (kernel/exit.c:1040) 
[ 31.059666][ C2] x64_sys_call (./arch/x86/include/generated/asm/syscalls_64.h:61) 
[ 31.059810][ C2] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83) 
[ 31.059950][ C2] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) 
[   31.060120][    C2] RIP: 0033:0x7f79eaad2a8d
[ 31.060264][ C2] Code: Unable to access opcode bytes at 0x7f79eaad2a63.

Code starting with the faulting instruction
===========================================
[   31.060450][    C2] RSP: 002b:00007ffd623e25c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   31.060659][    C2] RAX: ffffffffffffffda RBX: 00007f79eabaf9c0 RCX: 00007f79eaad2a8d
[   31.060865][    C2] RDX: 00000000000000e7 RSI: fffffffffffffe90 RDI: 0000000000000000
[   31.061067][    C2] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000060
[   31.061275][    C2] R10: 00007f79ea9bffa8 R11: 0000000000000246 R12: 00007f79eabaf9c0


Finger prints:
do_raw_spin_unlock:_raw_spin_unlock:__dev_xmit_skb:__dev_queue_xmit:ip_finish_output2