======================================
| [ 4830.811118][ C2] #2: ffffffff87f8d560 (rcu_read_lock){....}-{1:3}, at: unwind_next_frame (./include/linux/rcupdate.h:331 ./include/linux/rcupdate.h:841 ./include/linux/rcupdate.h:1155 arch/x86/kernel/unwind_orc.c:479) 
| [ 4830.811522][ C2] #3: ffffc90000218d60 ((&icsk->icsk_retransmit_timer)){+.-.}-{0:0}, at: call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1737) 
| [ 4830.811976][    C2]
| [ 4830.811976][    C2] stack backtrace:
[ 4830.812272][    C2] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 4830.812274][    C2] Call Trace:
[ 4830.812278][    C2]  <IRQ>
[ 4830.812280][ C2] dump_stack_lvl (lib/dump_stack.c:123) 
[ 4830.812287][ C2] print_usage_bug.part.0 (kernel/locking/lockdep.c:4048) 
[ 4830.812292][ C2] mark_lock_irq (kernel/locking/lockdep.c:4013 kernel/locking/lockdep.c:4059 kernel/locking/lockdep.c:4270) 
[ 4830.812296][ C2] ? stack_depot_save_flags (lib/stackdepot.c:552 lib/stackdepot.c:619) 
[ 4830.812303][ C2] ? validate_chain (kernel/locking/lockdep.c:3804 kernel/locking/lockdep.c:3824 kernel/locking/lockdep.c:3879) 
[ 4830.812306][ C2] ? save_trace (kernel/locking/lockdep.c:595) 
[ 4830.812311][ C2] mark_lock (kernel/locking/lockdep.c:4756) 
[ 4830.812315][ C2] mark_usage (kernel/locking/lockdep.c:4645) 
[ 4830.812318][ C2] __lock_acquire (kernel/locking/lockdep.c:5194) 
[ 4830.812322][ C2] ? irq_exit_rcu (kernel/softirq.c:698) 
[ 4830.812325][ C2] ? sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1050 arch/x86/kernel/apic/apic.c:1050) 
[ 4830.812328][ C2] ? asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) 
[ 4830.812333][ C2] ? unwind_next_frame (./arch/x86/include/asm/unwind.h:125 arch/x86/kernel/unwind_orc.c:588) 
[ 4830.812337][ C2] lock_acquire.part.0 (kernel/locking/lockdep.c:473 kernel/locking/lockdep.c:5873) 
[ 4830.812341][ C2] ? xa_set_mark (lib/xarray.c:2076 lib/xarray.c:2146) 
[ 4830.812345][ C2] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) 
[ 4830.812351][ C2] ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5834) 
[ 4830.812354][ C2] ? xa_set_mark (lib/xarray.c:2076 lib/xarray.c:2146) 
[ 4830.812358][ C2] _raw_spin_lock (./include/linux/spinlock_api_smp.h:134 kernel/locking/spinlock.c:154) 
[ 4830.812361][ C2] ? xa_set_mark (lib/xarray.c:2076 lib/xarray.c:2146) 
[ 4830.812365][ C2] xa_set_mark (lib/xarray.c:2076 lib/xarray.c:2146) 
[ 4830.812368][ C2] ? __pfx_xa_set_mark (lib/xarray.c:2144) 
[ 4830.812373][ C2] ? mark_held_locks (kernel/locking/lockdep.c:4328) 
[ 4830.812377][ C2] ? kasan_quarantine_put (mm/kasan/quarantine.c:234 (discriminator 1)) 
[ 4830.812380][ C2] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) 
[ 4830.812384][ C2] ref_tracker_dir_exit (lib/ref_tracker.c:54 lib/ref_tracker.c:223) 
[ 4830.812387][ C2] ? kfree (mm/slub.c:4643 mm/slub.c:4842) 
[ 4830.812392][ C2] ? ref_tracker_free (lib/ref_tracker.c:281) 
[ 4830.812394][ C2] ? __pfx_ref_tracker_dir_exit (lib/ref_tracker.c:213) 
[ 4830.812398][ C2] ? ref_tracker_free (lib/ref_tracker.c:281) 
[ 4830.812400][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5240) 
[ 4830.812404][ C2] ? __pfx_ref_tracker_free (lib/ref_tracker.c:281) 
[ 4830.812406][ C2] ? __sk_destruct (./include/linux/instrumented.h:96 ./include/linux/atomic/atomic-instrumented.h:400 ./include/linux/refcount.h:389 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/net_namespace.h:287 ./include/net/net_namespace.h:390 net/core/sock.c:2368) 
[ 4830.812414][ C2] ? call_timer_fn (kernel/time/timer.c:1748) 
[ 4830.812416][ C2] ? __run_timers (kernel/time/timer.c:1799 kernel/time/timer.c:2372) 
[ 4830.812419][ C2] ? run_timer_base (kernel/time/timer.c:2385 kernel/time/timer.c:2376 kernel/time/timer.c:2393) 
[ 4830.812423][ C2] __put_net (./include/linux/llist.h:238 ./include/linux/llist.h:265 net/core/net_namespace.c:732) 
[ 4830.812428][ C2] ? stack_trace_save (kernel/stacktrace.c:123) 
[ 4830.812432][ C2] ? __pfx___put_net (net/core/net_namespace.c:729) 
[ 4830.812436][ C2] ? bpf_sk_storage_free (./include/linux/rcupdate.h:341 ./include/linux/rcupdate.h:871 net/core/bpf_sk_storage.c:61) 
[ 4830.812441][ C2] __sk_destruct (./include/net/net_namespace.h:288 ./include/net/net_namespace.h:390 net/core/sock.c:2368) 
[ 4830.812445][ C2] ? __pfx_tcp_write_timer (net/ipv4/tcp_timer.c:727) 
[ 4830.812452][ C2] call_timer_fn (kernel/time/timer.c:1748) 
[ 4830.812455][ C2] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1737) 
[ 4830.812457][ C2] ? call_timer_fn (./include/linux/lockdep.h:31 kernel/time/timer.c:1737) 
[ 4830.812460][ C2] ? __pfx_call_timer_fn (kernel/time/timer.c:1724) 
[ 4830.812465][ C2] ? mark_held_locks (kernel/locking/lockdep.c:4328) 
[ 4830.812470][ C2] __run_timers (kernel/time/timer.c:1799 kernel/time/timer.c:2372) 
[ 4830.812473][ C2] ? __pfx_tcp_write_timer (net/ipv4/tcp_timer.c:727) 
[ 4830.812479][ C2] ? __pfx___run_timers (kernel/time/timer.c:2343) 
[ 4830.812483][ C2] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) 
[ 4830.812487][ C2] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) 
[ 4830.812489][ C2] ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5834) 
[ 4830.812492][ C2] ? run_timer_base (kernel/time/timer.c:2384 kernel/time/timer.c:2376 kernel/time/timer.c:2393) 
[ 4830.812497][ C2] run_timer_base (kernel/time/timer.c:2385 kernel/time/timer.c:2376 kernel/time/timer.c:2393) 
[ 4830.812501][ C2] run_timer_softirq (kernel/time/timer.c:2404) 
[ 4830.812503][ C2] handle_softirqs (kernel/softirq.c:579) 
[ 4830.812509][ C2] __irq_exit_rcu (kernel/softirq.c:614 kernel/softirq.c:453 kernel/softirq.c:680) 
[ 4830.812512][ C2] irq_exit_rcu (kernel/softirq.c:698) 
[ 4830.812515][ C2] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1050 arch/x86/kernel/apic/apic.c:1050) 
[ 4830.812518][    C2]  </IRQ>
[ 4830.812519][    C2]  <TASK>
[ 4830.812521][ C2] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) 
[ 4830.812524][ C2] RIP: 0010:unwind_next_frame (./arch/x86/include/asm/unwind.h:125 arch/x86/kernel/unwind_orc.c:588) 
[ 4830.812528][ C2] Code: 45 28 49 89 55 58 49 8d 75 30 48 89 c1 48 89 44 24 30 48 b8 00 00 00 00 00 fc ff df 48 c1 e9 03 80 3c 01 00 0f 85 84 11 00 00 <49> 8b 7d 28 4c 89 f9 e8 73 e8 44 00 48 3d 20 c9 c0 83 0f 84 cc 0b
All code
========
   0:	45 28 49 89          	sub    %r9b,-0x77(%r9)
   4:	55                   	push   %rbp
   5:	58                   	pop    %rax
   6:	49 8d 75 30          	lea    0x30(%r13),%rsi
   a:	48 89 c1             	mov    %rax,%rcx
   d:	48 89 44 24 30       	mov    %rax,0x30(%rsp)
  12:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  19:	fc ff df 
  1c:	48 c1 e9 03          	shr    $0x3,%rcx
  20:	80 3c 01 00          	cmpb   $0x0,(%rcx,%rax,1)
  24:	0f 85 84 11 00 00    	jne    0x11ae
  2a:*	49 8b 7d 28          	mov    0x28(%r13),%rdi		<-- trapping instruction
  2e:	4c 89 f9             	mov    %r15,%rcx
  31:	e8 73 e8 44 00       	call   0x44e8a9
  36:	48 3d 20 c9 c0 83    	cmp    $0xffffffff83c0c920,%rax
  3c:	0f                   	.byte 0xf
  3d:	84 cc                	test   %cl,%ah
  3f:	0b                   	.byte 0xb

Code starting with the faulting instruction
===========================================
   0:	49 8b 7d 28          	mov    0x28(%r13),%rdi
   4:	4c 89 f9             	mov    %r15,%rcx
   7:	e8 73 e8 44 00       	call   0x44e87f
   c:	48 3d 20 c9 c0 83    	cmp    $0xffffffff83c0c920,%rax
  12:	0f                   	.byte 0xf
  13:	84 cc                	test   %cl,%ah
  15:	0b                   	.byte 0xb
[ 4830.812530][    C2] RSP: 0000:ffffc9000173f020 EFLAGS: 00000246
[ 4830.812537][    C2] RAX: dffffc0000000000 RBX: 1ffff920002e7e0d RCX: 1ffff920002e7e29
[ 4830.812539][    C2] RDX: ffffffff848720f6 RSI: ffffc9000173f150 RDI: ffffc9000173f6f0
[ 4830.812540][    C2] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffc9000173f161
[ 4830.812542][    C2] R10: 0000000000000000 R11: ffffc9000173f160 R12: ffffc9000173f178
[ 4830.812544][    C2] R13: ffffc9000173f120 R14: ffffffff88fc61d4 R15: ffffc9000173f6f0
[ 4830.812548][ C2] ? fuse_send_readpages (fs/fuse/file.c:905) 
[ 4830.812555][ C2] ? fuse_simple_background (fs/fuse/dev.c:754) 
[ 4830.812559][ C2] ? kmem_cache_alloc_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4204) 
[ 4830.812563][ C2] ? __alloc_object (mm/kmemleak.c:476 mm/kmemleak.c:656) 
[ 4830.812569][ C2] ? __pfx_unwind_next_frame (arch/x86/kernel/unwind_orc.c:469) 
[ 4830.812573][ C2] ? fuse_simple_background (fs/fuse/dev.c:754) 
[ 4830.812577][ C2] ? kernel_text_address (kernel/extable.c:99) 
[ 4830.812582][ C2] ? __pfx_stack_trace_consume_entry (kernel/stacktrace.c:83) 
[ 4830.812585][ C2] ? virtio_fs_enqueue_req (./include/linux/slab.h:909 ./include/linux/slab.h:948 fs/fuse/virtio_fs.c:1397) 
[ 4830.812589][ C2] arch_stack_walk (arch/x86/kernel/stacktrace.c:24) 
[ 4830.812595][ C2] ? fuse_send_readpages (fs/fuse/file.c:905) 
[ 4830.812599][ C2] stack_trace_save (kernel/stacktrace.c:123) 
[ 4830.812602][ C2] ? __pfx_stack_trace_save (kernel/stacktrace.c:114) 
[ 4830.812606][ C2] ? __alloc_object (mm/kmemleak.c:476 mm/kmemleak.c:656) 
[ 4830.812610][ C2] set_track_prepare (mm/slub.c:936) 
[ 4830.812612][ C2] ? __kmalloc_noprof (./include/linux/kmemleak.h:43 mm/slub.c:4152 mm/slub.c:4197 mm/slub.c:4327 mm/slub.c:4340) 
[ 4830.812615][ C2] ? virtio_fs_enqueue_req (./include/linux/slab.h:909 ./include/linux/slab.h:948 fs/fuse/virtio_fs.c:1397) 
[ 4830.812617][ C2] ? virtio_fs_send_req (fs/fuse/virtio_fs.c:1499) 
[ 4830.812619][ C2] ? flush_bg_queue (fs/fuse/dev.c:419) 
[ 4830.812622][ C2] ? fuse_request_queue_background (./include/linux/spinlock.h:391 fs/fuse/dev.c:729) 
[ 4830.812625][ C2] ? fuse_simple_background (fs/fuse/dev.c:754) 
[ 4830.812629][ C2] ? lockdep_init_map_type (kernel/locking/lockdep.c:4976) 
[ 4830.812634][ C2] __alloc_object (mm/kmemleak.c:692) 
[ 4830.812637][ C2] __create_object (mm/kmemleak.c:765) 
[ 4830.812641][ C2] ? virtio_fs_enqueue_req (./include/linux/slab.h:909 ./include/linux/slab.h:948 fs/fuse/virtio_fs.c:1397) 
[ 4830.812644][ C2] __kmalloc_noprof (./include/linux/kmemleak.h:43 mm/slub.c:4152 mm/slub.c:4197 mm/slub.c:4327 mm/slub.c:4340) 
[ 4830.812648][ C2] virtio_fs_enqueue_req (./include/linux/slab.h:909 ./include/linux/slab.h:948 fs/fuse/virtio_fs.c:1397) 
[ 4830.812653][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5240) 
[ 4830.812656][ C2] ? __pfx_virtio_fs_enqueue_req (fs/fuse/virtio_fs.c:1376) 
[ 4830.812659][ C2] ? rcu_read_lock_any_held (kernel/rcu/update.c:386 kernel/rcu/update.c:380) 
[ 4830.812665][ C2] ? validate_chain (kernel/locking/lockdep.c:3804 kernel/locking/lockdep.c:3824 kernel/locking/lockdep.c:3879) 
[ 4830.812669][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5240) 
[ 4830.812674][ C2] ? find_held_lock (kernel/locking/lockdep.c:5353) 
[ 4830.812677][ C2] ? fuse_get_unique (fs/fuse/dev.c:318) 
[ 4830.812680][ C2] ? __lock_release (kernel/locking/lockdep.c:5539) 
[ 4830.812684][ C2] ? do_raw_spin_unlock (./arch/x86/include/asm/atomic.h:23 ./include/linux/atomic/atomic-arch-fallback.h:457 ./include/linux/atomic/atomic-instrumented.h:33 ./include/asm-generic/qspinlock.h:57 kernel/locking/spinlock_debug.c:101 kernel/locking/spinlock_debug.c:141) 
[ 4830.812688][ C2] virtio_fs_send_req (fs/fuse/virtio_fs.c:1499) 
[ 4830.812691][ C2] ? fuse_send_one (fs/fuse/dev.c:401) 
[ 4830.812695][ C2] flush_bg_queue (fs/fuse/dev.c:419) 
[ 4830.812700][ C2] fuse_request_queue_background (./include/linux/spinlock.h:391 fs/fuse/dev.c:729) 
[ 4830.812705][ C2] fuse_simple_background (fs/fuse/dev.c:754) 
[ 4830.812709][ C2] fuse_send_readpages (fs/fuse/file.c:905) 
[ 4830.812713][ C2] fuse_readahead (fs/fuse/file.c:939) 
[ 4830.812720][ C2] read_pages (./include/linux/pagemap.h:1381 ./include/linux/pagemap.h:1405 mm/readahead.c:162) 
[ 4830.812724][ C2] ? __folio_batch_add_and_move (./arch/x86/include/asm/preempt.h:104 mm/swap.c:201) 
[ 4830.812728][ C2] ? __pfx_read_pages (mm/readahead.c:147) 
[ 4830.812734][ C2] page_cache_ra_unbounded (./include/linux/fs.h:944 mm/readahead.c:298) 
[ 4830.812739][ C2] do_sync_mmap_readahead (mm/filemap.c:3272) 
[ 4830.812744][ C2] ? __pfx_do_sync_mmap_readahead (mm/filemap.c:3212) 
[ 4830.812749][ C2] ? __filemap_get_folio (mm/filemap.c:1918) 
[ 4830.812754][ C2] filemap_fault (mm/filemap.c:3412) 
[ 4830.812757][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5240) 
[ 4830.812761][ C2] ? __pfx_filemap_map_pages (mm/filemap.c:3701) 
[ 4830.812764][ C2] ? __pfx_filemap_fault (mm/filemap.c:3371) 
[ 4830.812767][ C2] ? find_held_lock (kernel/locking/lockdep.c:5353) 
[ 4830.812770][ C2] ? do_fault_around (./include/linux/rcupdate.h:341 ./include/linux/rcupdate.h:871 mm/memory.c:5571) 
[ 4830.812773][ C2] ? __lock_release (kernel/locking/lockdep.c:5539) 
[ 4830.812777][ C2] ? do_fault_around (./include/linux/rcupdate.h:341 ./include/linux/rcupdate.h:871 mm/memory.c:5571) 
[ 4830.812781][ C2] __do_fault (mm/memory.c:5189) 
[ 4830.812784][ C2] do_pte_missing (mm/memory.c:5610 mm/memory.c:5744 mm/memory.c:4251) 
[ 4830.812788][ C2] handle_pte_fault (mm/memory.c:6089) 
[ 4830.812791][ C2] ? __lock_acquire (kernel/locking/lockdep.c:5240) 
[ 4830.812795][ C2] ? __pfx_handle_pte_fault (mm/memory.c:6046) 
[ 4830.812798][ C2] ? reacquire_held_locks (kernel/locking/lockdep.c:5388) 
[ 4830.812802][ C2] ? do_user_addr_fault (arch/x86/mm/fault.c:1327) 
[ 4830.812806][ C2] __handle_mm_fault (mm/memory.c:6232) 
[ 4830.812810][ C2] ? __pfx___handle_mm_fault (mm/memory.c:6141) 
[ 4830.812813][ C2] ? lock_vma_under_rcu (./include/linux/rcupdate.h:341 ./include/linux/rcupdate.h:871 mm/mmap_lock.c:171) 
[ 4830.812817][ C2] ? __lock_release (kernel/locking/lockdep.c:5585) 
[ 4830.812824][ C2] ? __pfx_lock_vma_under_rcu (mm/mmap_lock.c:137) 
[ 4830.812828][ C2] handle_mm_fault (mm/memory.c:6413) 
[ 4830.812832][ C2] ? __pfx_handle_mm_fault (mm/memory.c:6368) 
[ 4830.812837][ C2] do_user_addr_fault (arch/x86/mm/fault.c:1337) 
[ 4830.812841][ C2] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) 
[ 4830.812845][ C2] exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:109 ./arch/x86/include/asm/irqflags.h:151 arch/x86/mm/fault.c:1484 arch/x86/mm/fault.c:1532) 
[ 4830.812848][ C2] asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) 
[ 4830.812851][    C2] RIP: 0033:0x7f4d1c71cca0
[ 4830.812861][ C2] Code: Unable to access opcode bytes at 0x7f4d1c71cc76.

Code starting with the faulting instruction
===========================================
[ 4830.812862][    C2] RSP: 002b:00007fff4f4263b8 EFLAGS: 00010202
[ 4830.812865][    C2] RAX: 00007f4d1c58dce8 RBX: 00000d2ec18506b2 RCX: 0000000000000000
[ 4830.812866][    C2] RDX: 00007f4d1c71cca0 RSI: 00007f4d1c88e98c RDI: 0000000000000001
[ 4830.812868][    C2] RBP: 00007fff4f426690 R08: 0000000000000000 R09: 00000000069682ac
[ 4830.812870][    C2] R10: 00007f4d1c58dce8 R11: 0000000000000206 R12: 0000000000000000


Finger prints:
mark_lock_irq:mark_lock:mark_usage:__lock_acquire:_raw_spin_lock