======================================
| [ 83.278509][ C1] #0: ffff888009f875a0 (&mm->mmap_lock){++++}-{4:4}, at: vms_complete_munmap_vmas (./include/linux/mmap_lock.h:180 mm/vma.c:1228) 
| [ 83.278921][ C1] #1: ffffffffa118b540 (rcu_callback){....}-{0:0}, at: rcu_do_batch (./include/linux/rcupdate.h:331 kernel/rcu/tree.c:2570) 
| [   83.279287][    C1]
| [   83.279287][    C1] stack backtrace:
[   83.279544][    C1] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   83.279547][    C1] Call Trace:
[   83.279549][    C1]  <IRQ>
[ 83.279551][ C1] dump_stack_lvl (lib/dump_stack.c:123) 
[ 83.279559][ C1] print_usage_bug.part.0 (kernel/locking/lockdep.c:4048) 
[ 83.279563][ C1] mark_lock_irq (kernel/locking/lockdep.c:4013 kernel/locking/lockdep.c:4059 kernel/locking/lockdep.c:4270) 
[ 83.279566][ C1] ? vms_clear_ptes.part.0 (mm/vma.c:1192) 
[ 83.279570][ C1] ? __pfx_unwind_next_frame (arch/x86/kernel/unwind_orc.c:469) 
[ 83.279575][ C1] ? save_trace (kernel/locking/lockdep.c:595) 
[ 83.279582][ C1] mark_lock (kernel/locking/lockdep.c:4756) 
[ 83.279585][ C1] mark_usage (kernel/locking/lockdep.c:4645) 
[ 83.279588][ C1] __lock_acquire (kernel/locking/lockdep.c:5194) 
[ 83.279591][ C1] ? __lock_acquire (kernel/locking/lockdep.c:5240) 
[ 83.279595][ C1] lock_acquire.part.0 (kernel/locking/lockdep.c:473 kernel/locking/lockdep.c:5873) 
[ 83.279598][ C1] ? simple_pin_fs (fs/libfs.c:1067) 
[ 83.279601][ C1] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) 
[ 83.279605][ C1] ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5834) 
[ 83.279607][ C1] ? simple_pin_fs (fs/libfs.c:1067) 
[ 83.279611][ C1] _raw_spin_lock (./include/linux/spinlock_api_smp.h:134 kernel/locking/spinlock.c:154) 
[ 83.279614][ C1] ? simple_pin_fs (fs/libfs.c:1067) 
[ 83.279617][ C1] simple_pin_fs (fs/libfs.c:1067) 
[ 83.279620][ C1] debugfs_remove (fs/debugfs/inode.c:805 fs/debugfs/inode.c:799) 
[ 83.279623][ C1] ref_tracker_dir_exit (lib/ref_tracker.c:412 lib/ref_tracker.c:196) 
[ 83.279629][ C1] ? __pfx_ref_tracker_free (lib/ref_tracker.c:254) 
[ 83.279631][ C1] ? __sk_destruct (./include/linux/instrumented.h:96 ./include/linux/atomic/atomic-instrumented.h:400 ./include/linux/refcount.h:389 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/net_namespace.h:287 ./include/net/net_namespace.h:390 net/core/sock.c:2376) 
[ 83.279637][ C1] ? rcu_do_batch (./include/linux/rcupdate.h:341 kernel/rcu/tree.c:2578) 
[ 83.279641][ C1] ? __pfx_ref_tracker_dir_exit (lib/ref_tracker.c:190) 
[ 83.279643][ C1] ? irq_exit_rcu (kernel/softirq.c:698) 
[ 83.279646][ C1] ? sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1050 arch/x86/kernel/apic/apic.c:1050) 
[ 83.279650][ C1] ? asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) 
[ 83.279654][ C1] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:152 kernel/locking/spinlock.c:194) 
[ 83.279657][ C1] ? __debug_check_no_obj_freed (lib/debugobjects.c:1110) 
[ 83.279662][ C1] ? free_unref_folios (mm/page_alloc.c:1276 mm/page_alloc.c:2774) 
[ 83.279666][ C1] ? folios_put_refs (mm/swap.c:992) 
[ 83.279673][ C1] ? free_pages_and_swap_cache (mm/swap_state.c:270) 
[ 83.279680][ C1] ? __tlb_batch_free_encoded_pages (mm/mmu_gather.c:137) 
[ 83.279684][ C1] ? tlb_finish_mmu (mm/mmu_gather.c:148 mm/mmu_gather.c:397 mm/mmu_gather.c:404 mm/mmu_gather.c:496) 
[ 83.279688][ C1] ? vms_clear_ptes.part.0 (mm/vma.c:1192) 
[ 83.279693][ C1] __put_net (net/core/net_namespace.c:732) 
[ 83.279699][ C1] __sk_destruct (./include/net/net_namespace.h:288 ./include/net/net_namespace.h:390 net/core/sock.c:2376) 
[ 83.279702][ C1] ? rcu_do_batch (kernel/rcu/tree.c:2576) 
[ 83.279706][ C1] rcu_do_batch (./include/linux/rcupdate.h:341 kernel/rcu/tree.c:2578) 
[ 83.279710][ C1] ? find_held_lock (kernel/locking/lockdep.c:5353) 
[ 83.279715][ C1] ? __pfx_rcu_do_batch (kernel/rcu/tree.c:2500) 
[ 83.279719][ C1] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194) 
[ 83.279722][ C1] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) 
[ 83.279726][ C1] ? _raw_spin_unlock_irqrestore (./arch/x86/include/asm/preempt.h:104 ./include/linux/spinlock_api_smp.h:152 kernel/locking/spinlock.c:194) 
[ 83.279731][ C1] rcu_core (kernel/rcu/tree.c:2834) 
[ 83.279736][ C1] handle_softirqs (kernel/softirq.c:580) 
[ 83.279741][ C1] __irq_exit_rcu (kernel/softirq.c:614 kernel/softirq.c:453 kernel/softirq.c:680) 
[ 83.279744][ C1] irq_exit_rcu (kernel/softirq.c:698) 
[ 83.279746][ C1] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1050 arch/x86/kernel/apic/apic.c:1050) 
[   83.279750][    C1]  </IRQ>
[   83.279751][    C1]  <TASK>
[ 83.279754][ C1] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) 
[ 83.279757][ C1] RIP: 0010:_raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:152 kernel/locking/spinlock.c:194) 
[ 83.279761][ C1] Code: 74 24 10 e8 81 4c 56 fd 48 89 ef e8 39 9f 56 fd 81 e3 00 02 00 00 75 29 9c 58 f6 c4 02 75 35 48 85 db 74 01 fb bf 01 00 00 00 <e8> ba 9c 4a fd 65 8b 05 f3 3c 1f 03 85 c0 74 0e 5b 5d e9 98 34 00
All code
========
   0:	74 24                	je     0x26
   2:	10 e8                	adc    %ch,%al
   4:	81 4c 56 fd 48 89 ef 	orl    $0xe8ef8948,-0x3(%rsi,%rdx,2)
   b:	e8 
   c:	39 9f 56 fd 81 e3    	cmp    %ebx,-0x1c7e02aa(%rdi)
  12:	00 02                	add    %al,(%rdx)
  14:	00 00                	add    %al,(%rax)
  16:	75 29                	jne    0x41
  18:	9c                   	pushf
  19:	58                   	pop    %rax
  1a:	f6 c4 02             	test   $0x2,%ah
  1d:	75 35                	jne    0x54
  1f:	48 85 db             	test   %rbx,%rbx
  22:	74 01                	je     0x25
  24:	fb                   	sti
  25:	bf 01 00 00 00       	mov    $0x1,%edi
  2a:*	e8 ba 9c 4a fd       	call   0xfffffffffd4a9ce9		<-- trapping instruction
  2f:	65 8b 05 f3 3c 1f 03 	mov    %gs:0x31f3cf3(%rip),%eax        # 0x31f3d29
  36:	85 c0                	test   %eax,%eax
  38:	74 0e                	je     0x48
  3a:	5b                   	pop    %rbx
  3b:	5d                   	pop    %rbp
  3c:	e9                   	.byte 0xe9
  3d:	98                   	cwtl
  3e:	34 00                	xor    $0x0,%al

Code starting with the faulting instruction
===========================================
   0:	e8 ba 9c 4a fd       	call   0xfffffffffd4a9cbf
   5:	65 8b 05 f3 3c 1f 03 	mov    %gs:0x31f3cf3(%rip),%eax        # 0x31f3cff
   c:	85 c0                	test   %eax,%eax
   e:	74 0e                	je     0x1e
  10:	5b                   	pop    %rbx
  11:	5d                   	pop    %rbp
  12:	e9                   	.byte 0xe9
  13:	98                   	cwtl
  14:	34 00                	xor    $0x0,%al
[   83.279763][    C1] RSP: 0018:ffffc90000ba73e8 EFLAGS: 00000206
[   83.279767][    C1] RAX: 0000000000000002 RBX: 0000000000000200 RCX: 0000000000000080
[   83.279769][    C1] RDX: 0000000000000000 RSI: ffffffffa0715cea RDI: 0000000000000001
[   83.279770][    C1] RBP: ffffffffa3b9efb8 R08: 0000000000000001 R09: 0000000000000001
[   83.279772][    C1] R10: ffffffffa1c7c7d7 R11: ffffffffa3b9efd0 R12: dffffc0000000000
[   83.279774][    C1] R13: ffff888061b08000 R14: 0000000000000000 R15: ffff888061b09000
[ 83.279780][ C1] __debug_check_no_obj_freed (lib/debugobjects.c:1110) 
[ 83.279784][ C1] ? validate_chain (kernel/locking/lockdep.c:3804 kernel/locking/lockdep.c:3824 kernel/locking/lockdep.c:3879) 
[ 83.279788][ C1] ? __pfx___debug_check_no_obj_freed (lib/debugobjects.c:1070) 
[ 83.279791][ C1] ? __lock_acquire (kernel/locking/lockdep.c:5240) 
[ 83.279795][ C1] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) 
[ 83.279801][ C1] free_unref_folios (mm/page_alloc.c:1276 mm/page_alloc.c:2774) 
[ 83.279806][ C1] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194) 
[ 83.279810][ C1] folios_put_refs (mm/swap.c:992) 
[ 83.279815][ C1] ? __pfx_folios_put_refs (mm/swap.c:942) 
[ 83.279819][ C1] ? mark_held_locks (kernel/locking/lockdep.c:4328) 
[ 83.279822][ C1] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) 
[ 83.279825][ C1] ? _raw_spin_unlock_irqrestore (./arch/x86/include/asm/preempt.h:104 ./include/linux/spinlock_api_smp.h:152 kernel/locking/spinlock.c:194) 
[ 83.279830][ C1] free_pages_and_swap_cache (mm/swap_state.c:270) 
[ 83.279834][ C1] ? __pfx_free_pages_and_swap_cache (mm/swap_state.c:251) 
[ 83.279840][ C1] ? mark_held_locks (kernel/locking/lockdep.c:4328) 
[ 83.279843][ C1] ? smp_call_function_many_cond (kernel/smp.c:877 (discriminator 1)) 
[ 83.279849][ C1] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) 
[ 83.279862][ C1] __tlb_batch_free_encoded_pages (mm/mmu_gather.c:137) 
[ 83.279865][ C1] ? flush_tlb_mm_range (./arch/x86/include/asm/preempt.h:104 (discriminator 1) arch/x86/mm/tlb.c:1461 (discriminator 1)) 
[ 83.279870][ C1] tlb_finish_mmu (mm/mmu_gather.c:148 mm/mmu_gather.c:397 mm/mmu_gather.c:404 mm/mmu_gather.c:496) 
[ 83.279874][ C1] vms_clear_ptes.part.0 (mm/vma.c:1192) 
[ 83.279879][ C1] ? __pfx_vms_clear_ptes.part.0 (mm/vma.c:1169) 
[ 83.279882][ C1] ? vms_complete_munmap_vmas (./include/linux/mmap_lock.h:180 mm/vma.c:1228) 
[ 83.279889][ C1] ? vms_complete_munmap_vmas (./include/linux/mmap_lock.h:180 mm/vma.c:1228) 
[ 83.279893][ C1] vms_complete_munmap_vmas (mm/vma.c:1233 mm/vma.c:1233) 
[ 83.279896][ C1] ? vms_gather_munmap_vmas (mm/vma.c:1408) 
[ 83.279902][ C1] do_vmi_align_munmap (mm/vma.c:1493) 
[ 83.279906][ C1] ? __pfx_do_vmi_align_munmap (mm/vma.c:1474) 
[ 83.279917][ C1] ? __vm_munmap (./include/linux/mmap_lock.h:147 mm/vma.c:3011) 
[ 83.279922][ C1] ? mas_walk (lib/maple_tree.c:3605 lib/maple_tree.c:4905) 
[ 83.279928][ C1] do_vmi_munmap (mm/vma.c:1540) 
[ 83.279933][ C1] __vm_munmap (mm/vma.c:3014) 
[ 83.279937][ C1] ? __pfx___vm_munmap (mm/vma.c:3005) 
[ 83.279940][ C1] ? find_held_lock (kernel/locking/lockdep.c:5353) 
[ 83.279944][ C1] ? exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:109 ./arch/x86/include/asm/irqflags.h:151 arch/x86/mm/fault.c:1484 arch/x86/mm/fault.c:1532) 
[ 83.279949][ C1] ? do_user_addr_fault (./arch/x86/include/asm/atomic.h:93 ./include/linux/atomic/atomic-arch-fallback.h:949 ./include/linux/atomic/atomic-instrumented.h:401 ./include/linux/refcount.h:389 ./include/linux/refcount.h:432 ./include/linux/mm.h:704 ./include/linux/mm.h:799 arch/x86/mm/fault.c:1338) 
[ 83.279956][ C1] __x64_sys_munmap (mm/mmap.c:1081) 
[ 83.279959][ C1] do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) 
[ 83.279966][ C1] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) 
[   83.279968][    C1] RIP: 0033:0x7fae2b011e8b
[ 83.279972][ C1] Code: ff ff 73 01 c3 48 8b 0d 73 9f 1b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 0b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 45 9f 1b 00 f7 d8 64 89 01 48
All code
========
   0:	ff                   	(bad)
   1:	ff 73 01             	push   0x1(%rbx)
   4:	c3                   	ret
   5:	48 8b 0d 73 9f 1b 00 	mov    0x1b9f73(%rip),%rcx        # 0x1b9f7f
   c:	f7 d8                	neg    %eax
   e:	64 89 01             	mov    %eax,%fs:(%rcx)
  11:	48 83 c8 ff          	or     $0xffffffffffffffff,%rax
  15:	c3                   	ret
  16:	66 0f 1f 84 00 00 00 	nopw   0x0(%rax,%rax,1)
  1d:	00 00 
  1f:	f3 0f 1e fa          	endbr64
  23:	b8 0b 00 00 00       	mov    $0xb,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax		<-- trapping instruction
  30:	73 01                	jae    0x33
  32:	c3                   	ret
  33:	48 8b 0d 45 9f 1b 00 	mov    0x1b9f45(%rip),%rcx        # 0x1b9f7f
  3a:	f7 d8                	neg    %eax
  3c:	64 89 01             	mov    %eax,%fs:(%rcx)
  3f:	48                   	rex.W

Code starting with the faulting instruction
===========================================
   0:	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax
   6:	73 01                	jae    0x9
   8:	c3                   	ret
   9:	48 8b 0d 45 9f 1b 00 	mov    0x1b9f45(%rip),%rcx        # 0x1b9f55
  10:	f7 d8                	neg    %eax
  12:	64 89 01             	mov    %eax,%fs:(%rcx)
  15:	48                   	rex.W
[   83.279974][    C1] RSP: 002b:00007ffde4f45f68 EFLAGS: 00000202 ORIG_RAX: 000000000000000b
[   83.279977][    C1] RAX: ffffffffffffffda RBX: 00005583aa4b4a10 RCX: 00007fae2b011e8b
[   83.279979][    C1] RDX: 0000000000040000 RSI: 0000000000040000 RDI: 00007fae1c99a000
[   83.279980][    C1] RBP: 00007fae1ce6ec90 R08: 00005583aa4b48f0 R09: 000000000000003f
[   83.279982][    C1] R10: 00007fae1c9b0000 R11: 0000000000000202 R12: 0000000000000018
[   83.279984][    C1] R13: 00005583aa1c2910 R14: 00005583aa3d13e0 R15: 0000000000000019
| [   83.308413][    C1] RCU nest depth: 0, expected: 0
| [   83.308608][    C1] INFO: lockdep is turned off.
| [   83.308938][    C1] Preemption disabled at:
| [ 83.308940][ C1] 0x0 
[   83.309283][    C1] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   83.309285][    C1] Call Trace:
[   83.309287][    C1]  <IRQ>
[ 83.309289][ C1] dump_stack_lvl (lib/dump_stack.c:123) 
[ 83.309297][ C1] __might_resched (kernel/sched/core.c:8796) 
[ 83.309307][ C1] down_write (./include/linux/kernel.h:73 kernel/locking/rwsem.c:1576) 
[ 83.309311][ C1] ? __pfx_down_write (kernel/locking/rwsem.c:1575) 
[ 83.309314][ C1] ? simple_recursive_removal (fs/libfs.c:614) 
[ 83.309319][ C1] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) 
[ 83.309325][ C1] ? do_raw_spin_unlock (./arch/x86/include/asm/atomic.h:23 ./include/linux/atomic/atomic-arch-fallback.h:457 ./include/linux/atomic/atomic-instrumented.h:33 ./include/asm-generic/qspinlock.h:57 kernel/locking/spinlock_debug.c:101 kernel/locking/spinlock_debug.c:141) 
[ 83.309331][ C1] simple_recursive_removal (./include/linux/dcache.h:409 ./include/linux/dcache.h:424 ./include/linux/dcache.h:434 fs/libfs.c:617) 
[ 83.309334][ C1] ? do_raw_spin_unlock (./arch/x86/include/asm/atomic.h:23 ./include/linux/atomic/atomic-arch-fallback.h:457 ./include/linux/atomic/atomic-instrumented.h:33 ./include/asm-generic/qspinlock.h:57 kernel/locking/spinlock_debug.c:101 kernel/locking/spinlock_debug.c:141) 
[ 83.309337][ C1] ? __pfx_remove_one (fs/debugfs/inode.c:780) 
[ 83.309344][ C1] debugfs_remove (fs/debugfs/inode.c:806 fs/debugfs/inode.c:799) 
[ 83.309347][ C1] ref_tracker_dir_exit (lib/ref_tracker.c:412 lib/ref_tracker.c:196) 
[ 83.309352][ C1] ? __pfx_ref_tracker_free (lib/ref_tracker.c:254) 
[ 83.309355][ C1] ? __sk_destruct (./include/linux/instrumented.h:96 ./include/linux/atomic/atomic-instrumented.h:400 ./include/linux/refcount.h:389 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/net_namespace.h:287 ./include/net/net_namespace.h:390 net/core/sock.c:2376) 
[ 83.309360][ C1] ? rcu_do_batch (./include/linux/rcupdate.h:341 kernel/rcu/tree.c:2578) 
[ 83.309366][ C1] ? __pfx_ref_tracker_dir_exit (lib/ref_tracker.c:190) 
[ 83.309369][ C1] ? irq_exit_rcu (kernel/softirq.c:698) 
[ 83.309374][ C1] ? sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1050 arch/x86/kernel/apic/apic.c:1050) 
[ 83.309379][ C1] ? asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) 
[ 83.309383][ C1] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:152 kernel/locking/spinlock.c:194) 
[ 83.309388][ C1] ? __debug_check_no_obj_freed (lib/debugobjects.c:1110) 
[ 83.309394][ C1] ? free_unref_folios (mm/page_alloc.c:1276 mm/page_alloc.c:2774) 
[ 83.309399][ C1] ? folios_put_refs (mm/swap.c:992) 
[ 83.309405][ C1] ? free_pages_and_swap_cache (mm/swap_state.c:270) 
[ 83.309411][ C1] ? __tlb_batch_free_encoded_pages (mm/mmu_gather.c:137) 
[ 83.309416][ C1] ? tlb_finish_mmu (mm/mmu_gather.c:148 mm/mmu_gather.c:397 mm/mmu_gather.c:404 mm/mmu_gather.c:496) 
[ 83.309419][ C1] ? vms_clear_ptes.part.0 (mm/vma.c:1192) 
[ 83.309425][ C1] __put_net (net/core/net_namespace.c:732) 
[ 83.309431][ C1] __sk_destruct (./include/net/net_namespace.h:288 ./include/net/net_namespace.h:390 net/core/sock.c:2376) 
[ 83.309434][ C1] ? rcu_do_batch (kernel/rcu/tree.c:2576) 
[ 83.309437][ C1] rcu_do_batch (./include/linux/rcupdate.h:341 kernel/rcu/tree.c:2578) 
[ 83.309442][ C1] ? find_held_lock (kernel/locking/lockdep.c:5353) 
[ 83.309448][ C1] ? __pfx_rcu_do_batch (kernel/rcu/tree.c:2500) 
[ 83.309453][ C1] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194) 
[ 83.309456][ C1] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) 
[ 83.309460][ C1] ? _raw_spin_unlock_irqrestore (./arch/x86/include/asm/preempt.h:104 ./include/linux/spinlock_api_smp.h:152 kernel/locking/spinlock.c:194) 
[ 83.309465][ C1] rcu_core (kernel/rcu/tree.c:2834) 
[ 83.309470][ C1] handle_softirqs (kernel/softirq.c:580) 
[ 83.309475][ C1] __irq_exit_rcu (kernel/softirq.c:614 kernel/softirq.c:453 kernel/softirq.c:680) 
[ 83.309478][ C1] irq_exit_rcu (kernel/softirq.c:698) 
[ 83.309480][ C1] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1050 arch/x86/kernel/apic/apic.c:1050) 
[   83.309483][    C1]  </IRQ>
[   83.309484][    C1]  <TASK>
[ 83.309486][ C1] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) 
[ 83.309489][ C1] RIP: 0010:_raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:152 kernel/locking/spinlock.c:194) 
[ 83.309492][ C1] Code: 74 24 10 e8 81 4c 56 fd 48 89 ef e8 39 9f 56 fd 81 e3 00 02 00 00 75 29 9c 58 f6 c4 02 75 35 48 85 db 74 01 fb bf 01 00 00 00 <e8> ba 9c 4a fd 65 8b 05 f3 3c 1f 03 85 c0 74 0e 5b 5d e9 98 34 00
All code
========
   0:	74 24                	je     0x26
   2:	10 e8                	adc    %ch,%al
   4:	81 4c 56 fd 48 89 ef 	orl    $0xe8ef8948,-0x3(%rsi,%rdx,2)
   b:	e8 
   c:	39 9f 56 fd 81 e3    	cmp    %ebx,-0x1c7e02aa(%rdi)
  12:	00 02                	add    %al,(%rdx)
  14:	00 00                	add    %al,(%rax)
  16:	75 29                	jne    0x41
  18:	9c                   	pushf
  19:	58                   	pop    %rax
  1a:	f6 c4 02             	test   $0x2,%ah
  1d:	75 35                	jne    0x54
  1f:	48 85 db             	test   %rbx,%rbx
  22:	74 01                	je     0x25
  24:	fb                   	sti
  25:	bf 01 00 00 00       	mov    $0x1,%edi
  2a:*	e8 ba 9c 4a fd       	call   0xfffffffffd4a9ce9		<-- trapping instruction
  2f:	65 8b 05 f3 3c 1f 03 	mov    %gs:0x31f3cf3(%rip),%eax        # 0x31f3d29
  36:	85 c0                	test   %eax,%eax
  38:	74 0e                	je     0x48
  3a:	5b                   	pop    %rbx
  3b:	5d                   	pop    %rbp
  3c:	e9                   	.byte 0xe9
  3d:	98                   	cwtl
  3e:	34 00                	xor    $0x0,%al

Code starting with the faulting instruction
===========================================
   0:	e8 ba 9c 4a fd       	call   0xfffffffffd4a9cbf
   5:	65 8b 05 f3 3c 1f 03 	mov    %gs:0x31f3cf3(%rip),%eax        # 0x31f3cff
   c:	85 c0                	test   %eax,%eax
   e:	74 0e                	je     0x1e
  10:	5b                   	pop    %rbx
  11:	5d                   	pop    %rbp
  12:	e9                   	.byte 0xe9
  13:	98                   	cwtl
  14:	34 00                	xor    $0x0,%al
[   83.309494][    C1] RSP: 0018:ffffc90000ba73e8 EFLAGS: 00000206
[   83.309497][    C1] RAX: 0000000000000002 RBX: 0000000000000200 RCX: 0000000000000080
[   83.309499][    C1] RDX: 0000000000000000 RSI: ffffffffa0715cea RDI: 0000000000000001
[   83.309501][    C1] RBP: ffffffffa3b9efb8 R08: 0000000000000001 R09: 0000000000000001
[   83.309502][    C1] R10: ffffffffa1c7c7d7 R11: ffffffffa3b9efd0 R12: dffffc0000000000
[   83.309504][    C1] R13: ffff888061b08000 R14: 0000000000000000 R15: ffff888061b09000
[ 83.309510][ C1] __debug_check_no_obj_freed (lib/debugobjects.c:1110) 
[ 83.309514][ C1] ? validate_chain (kernel/locking/lockdep.c:3804 kernel/locking/lockdep.c:3824 kernel/locking/lockdep.c:3879) 
[ 83.309518][ C1] ? __pfx___debug_check_no_obj_freed (lib/debugobjects.c:1070) 
[ 83.309521][ C1] ? __lock_acquire (kernel/locking/lockdep.c:5240) 
[ 83.309526][ C1] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) 
[ 83.309531][ C1] free_unref_folios (mm/page_alloc.c:1276 mm/page_alloc.c:2774) 
[ 83.309536][ C1] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194) 
[ 83.309540][ C1] folios_put_refs (mm/swap.c:992) 
[ 83.309545][ C1] ? __pfx_folios_put_refs (mm/swap.c:942) 
[ 83.309549][ C1] ? mark_held_locks (kernel/locking/lockdep.c:4328) 
[ 83.309552][ C1] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) 
[ 83.309555][ C1] ? _raw_spin_unlock_irqrestore (./arch/x86/include/asm/preempt.h:104 ./include/linux/spinlock_api_smp.h:152 kernel/locking/spinlock.c:194) 
[ 83.309560][ C1] free_pages_and_swap_cache (mm/swap_state.c:270) 
[ 83.309564][ C1] ? __pfx_free_pages_and_swap_cache (mm/swap_state.c:251) 
[ 83.309570][ C1] ? mark_held_locks (kernel/locking/lockdep.c:4328) 
[ 83.309573][ C1] ? smp_call_function_many_cond (kernel/smp.c:877 (discriminator 1)) 
[ 83.309580][ C1] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) 
[ 83.309592][ C1] __tlb_batch_free_encoded_pages (mm/mmu_gather.c:137) 
[ 83.309595][ C1] ? flush_tlb_mm_range (./arch/x86/include/asm/preempt.h:104 (discriminator 1) arch/x86/mm/tlb.c:1461 (discriminator 1)) 
[ 83.309601][ C1] tlb_finish_mmu (mm/mmu_gather.c:148 mm/mmu_gather.c:397 mm/mmu_gather.c:404 mm/mmu_gather.c:496) 
[ 83.309606][ C1] vms_clear_ptes.part.0 (mm/vma.c:1192) 
[ 83.309610][ C1] ? __pfx_vms_clear_ptes.part.0 (mm/vma.c:1169) 
[ 83.309613][ C1] ? vms_complete_munmap_vmas (./include/linux/mmap_lock.h:180 mm/vma.c:1228) 
[ 83.309620][ C1] ? vms_complete_munmap_vmas (./include/linux/mmap_lock.h:180 mm/vma.c:1228) 
[ 83.309625][ C1] vms_complete_munmap_vmas (mm/vma.c:1233 mm/vma.c:1233) 
[ 83.309628][ C1] ? vms_gather_munmap_vmas (mm/vma.c:1408) 
[ 83.309634][ C1] do_vmi_align_munmap (mm/vma.c:1493) 
[ 83.309638][ C1] ? __pfx_do_vmi_align_munmap (mm/vma.c:1474) 
[ 83.309649][ C1] ? __vm_munmap (./include/linux/mmap_lock.h:147 mm/vma.c:3011) 
[ 83.309654][ C1] ? mas_walk (lib/maple_tree.c:3605 lib/maple_tree.c:4905) 
[ 83.309662][ C1] do_vmi_munmap (mm/vma.c:1540) 
[ 83.309666][ C1] __vm_munmap (mm/vma.c:3014) 
[ 83.309670][ C1] ? __pfx___vm_munmap (mm/vma.c:3005) 
[ 83.309674][ C1] ? find_held_lock (kernel/locking/lockdep.c:5353) 
[ 83.309677][ C1] ? exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:109 ./arch/x86/include/asm/irqflags.h:151 arch/x86/mm/fault.c:1484 arch/x86/mm/fault.c:1532) 
[ 83.309682][ C1] ? do_user_addr_fault (./arch/x86/include/asm/atomic.h:93 ./include/linux/atomic/atomic-arch-fallback.h:949 ./include/linux/atomic/atomic-instrumented.h:401 ./include/linux/refcount.h:389 ./include/linux/refcount.h:432 ./include/linux/mm.h:704 ./include/linux/mm.h:799 arch/x86/mm/fault.c:1338) 
[ 83.309689][ C1] __x64_sys_munmap (mm/mmap.c:1081) 
[ 83.309691][ C1] do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) 
[ 83.309698][ C1] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) 
[   83.309700][    C1] RIP: 0033:0x7fae2b011e8b
[ 83.309702][ C1] Code: ff ff 73 01 c3 48 8b 0d 73 9f 1b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 0b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 45 9f 1b 00 f7 d8 64 89 01 48
All code
========
   0:	ff                   	(bad)
   1:	ff 73 01             	push   0x1(%rbx)
   4:	c3                   	ret
   5:	48 8b 0d 73 9f 1b 00 	mov    0x1b9f73(%rip),%rcx        # 0x1b9f7f
   c:	f7 d8                	neg    %eax
   e:	64 89 01             	mov    %eax,%fs:(%rcx)
  11:	48 83 c8 ff          	or     $0xffffffffffffffff,%rax
  15:	c3                   	ret
  16:	66 0f 1f 84 00 00 00 	nopw   0x0(%rax,%rax,1)
  1d:	00 00 
  1f:	f3 0f 1e fa          	endbr64
  23:	b8 0b 00 00 00       	mov    $0xb,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax		<-- trapping instruction
  30:	73 01                	jae    0x33
  32:	c3                   	ret
  33:	48 8b 0d 45 9f 1b 00 	mov    0x1b9f45(%rip),%rcx        # 0x1b9f7f
  3a:	f7 d8                	neg    %eax
  3c:	64 89 01             	mov    %eax,%fs:(%rcx)
  3f:	48                   	rex.W

Code starting with the faulting instruction
===========================================
   0:	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax
   6:	73 01                	jae    0x9
   8:	c3                   	ret
   9:	48 8b 0d 45 9f 1b 00 	mov    0x1b9f45(%rip),%rcx        # 0x1b9f55
  10:	f7 d8                	neg    %eax
  12:	64 89 01             	mov    %eax,%fs:(%rcx)
  15:	48                   	rex.W
[   83.309704][    C1] RSP: 002b:00007ffde4f45f68 EFLAGS: 00000202 ORIG_RAX: 000000000000000b
[   83.309707][    C1] RAX: ffffffffffffffda RBX: 00005583aa4b4a10 RCX: 00007fae2b011e8b
[   83.309708][    C1] RDX: 0000000000040000 RSI: 0000000000040000 RDI: 00007fae1c99a000
[   83.309710][    C1] RBP: 00007fae1ce6ec90 R08: 00005583aa4b48f0 R09: 000000000000003f
[   83.309711][    C1] R10: 00007fae1c9b0000 R11: 0000000000000202 R12: 0000000000000018


Finger prints:
mark_lock_irq:mark_lock:mark_usage:__lock_acquire:_raw_spin_lock
__might_resched:down_write:simple_recursive_removal:debugfs_remove:ref_tracker_dir_exit