======================================
| [  358.291734] ------------[ cut here ]------------
| [  358.292181] DEBUG_LOCKS_WARN_ON(lock->magic != lock)
| [  358.292203] WARNING: CPU: 0 PID: 68 at kernel/locking/mutex.c:587 __mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:752) 
| [  358.293315] Modules linked in: act_gact cls_flower vxlan xt_mark sch_ingress act_mirred cls_basic sch_fq_codel sha1_generic xfrm_user xt_policy nft_compat nf_tables libcrc32c
[  358.295085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
[  358.295962] Workqueue: netns cleanup_net
[  358.296322] RIP: 0010:__mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:752) 
[ 358.296711] Code: ff 90 e8 a2 e7 70 ff 85 c0 74 23 8b 35 9c 8e db 00 85 f6 75 19 90 48 c7 c6 97 37 8a 95 48 c7 c7 3a ac 89 95 e8 00 04 26 ff 90 <0f> 0b 90 90 90 e9 03 fd ff ff 4c 8d 6d a0 4c 89 e7 4c 89 ee e8 d6
All code
========
   0:	ff 90 e8 a2 e7 70    	call   *0x70e7a2e8(%rax)
   6:	ff 85 c0 74 23 8b    	incl   -0x74dc8b40(%rbp)
   c:	35 9c 8e db 00       	xor    $0xdb8e9c,%eax
  11:	85 f6                	test   %esi,%esi
  13:	75 19                	jne    0x2e
  15:	90                   	nop
  16:	48 c7 c6 97 37 8a 95 	mov    $0xffffffff958a3797,%rsi
  1d:	48 c7 c7 3a ac 89 95 	mov    $0xffffffff9589ac3a,%rdi
  24:	e8 00 04 26 ff       	call   0xffffffffff260429
  29:	90                   	nop
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	90                   	nop
  2d:	90                   	nop
  2e:	90                   	nop
  2f:	e9 03 fd ff ff       	jmp    0xfffffffffffffd37
  34:	4c 8d 6d a0          	lea    -0x60(%rbp),%r13
  38:	4c 89 e7             	mov    %r12,%rdi
  3b:	4c 89 ee             	mov    %r13,%rsi
  3e:	e8                   	.byte 0xe8
  3f:	d6                   	(bad)

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	90                   	nop
   3:	90                   	nop
   4:	90                   	nop
   5:	e9 03 fd ff ff       	jmp    0xfffffffffffffd0d
   a:	4c 8d 6d a0          	lea    -0x60(%rbp),%r13
   e:	4c 89 e7             	mov    %r12,%rdi
  11:	4c 89 ee             	mov    %r13,%rsi
  14:	e8                   	.byte 0xe8
  15:	d6                   	(bad)
[  358.298170] RSP: 0018:ffffae7d80263a30 EFLAGS: 00010282
[  358.298610] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000ffffdfff
[  358.299203] RDX: 0000000000000000 RSI: 00000000ffffffea RDI: 0000000000000001
[  358.299753] RBP: ffffae7d80263ab0 R08: ffffffff95d78508 R09: 00000000ffffdfff
[  358.300291] R10: ffffffff95c98520 R11: ffffffff95d4af50 R12: ffff8e7b426a3a00
[  358.300855] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8e7b42660000
[  358.301461] FS:  0000000000000000(0000) GS:ffff8e7b7ec00000(0000) knlGS:0000000000000000
[  358.302108] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  358.302584] CR2: 0000560e8e895dec CR3: 0000000016460004 CR4: 0000000000770ef0
[  358.303166] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  358.303724] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  358.304274] PKRU: 55555554
[  358.304495] Call Trace:
[  358.304715]  <TASK>
[  358.304922] ? __warn (kernel/panic.c:677) 
[  358.305232] ? __mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:752) 
[  358.305556] ? report_bug (lib/bug.c:201 lib/bug.c:219) 
[  358.305879] ? handle_bug (arch/x86/kernel/traps.c:238) 
[  358.306208] ? exc_invalid_op (arch/x86/kernel/traps.c:259 (discriminator 1)) 
[  358.306542] ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:568) 
[  358.306902] ? __mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:752) 
[  358.307243] ? refcount_dec_and_mutex_lock (./arch/x86/include/asm/atomic.h:103 ./include/linux/atomic/atomic-arch-fallback.h:949 ./include/linux/atomic/atomic-instrumented.h:401 ./include/linux/refcount.h:261 ./include/linux/refcount.h:304 ./include/linux/refcount.h:322 lib/refcount.c:119 lib/refcount.c:113) 
[  358.307664] ? up_read (kernel/locking/rwsem.c:1622) 
[  358.307958] ? tc_setup_cb_destroy (net/sched/cls_api.c:3715) 
[  358.308345] ? refcount_dec_and_mutex_lock (./arch/x86/include/asm/atomic.h:103 ./include/linux/atomic/atomic-arch-fallback.h:949 ./include/linux/atomic/atomic-instrumented.h:401 ./include/linux/refcount.h:261 ./include/linux/refcount.h:304 ./include/linux/refcount.h:322 lib/refcount.c:119 lib/refcount.c:113) 
[  358.308792] refcount_dec_and_mutex_lock (./arch/x86/include/asm/atomic.h:103 ./include/linux/atomic/atomic-arch-fallback.h:949 ./include/linux/atomic/atomic-instrumented.h:401 ./include/linux/refcount.h:261 ./include/linux/refcount.h:304 ./include/linux/refcount.h:322 lib/refcount.c:119 lib/refcount.c:113) 
[  358.309224] __tcf_action_put (net/sched/act_api.c:377) 
[  358.309578] tcf_action_destroy (net/sched/act_api.c:413 net/sched/act_api.c:393 net/sched/act_api.c:1175) 
[  358.309906] tcf_exts_destroy (net/sched/cls_api.c:3312) 
[  358.310245] __fl_destroy_filter (./include/net/pkt_cls.h:261 net/sched/cls_flower.c:425) cls_flower
[  358.310718] __fl_delete (net/sched/cls_flower.c:574) cls_flower
[  358.311130] fl_destroy (net/sched/cls_flower.c:599) cls_flower
[  358.311506] tcf_proto_destroy (net/sched/cls_api.c:418) 
[  358.311857] tcf_chain_flush (net/sched/cls_api.c:737) 
[  358.312116] __tcf_block_put (net/sched/cls_api.c:1070 net/sched/cls_api.c:1141 net/sched/cls_api.c:1305) 
[  358.312373] clsact_destroy (net/sched/sch_ingress.c:304) sch_ingress
[  358.312694] __qdisc_destroy (net/sched/sch_generic.c:1067) 
[  358.312945] dev_shutdown (net/sched/sch_generic.c:1482) 
[  358.313246] unregister_netdevice_many_notify (./include/net/tcx.h:168 net/core/dev.c:11084) 
[  358.313582] default_device_exit_batch (net/core/dev.c:11629) 
[  358.313859] cleanup_net (net/core/net_namespace.c:636 (discriminator 3)) 
[  358.314126] ? process_one_work (kernel/workqueue.c:2606) 
[  358.314414] process_one_work (kernel/workqueue.c:2633) 
[  358.314678] worker_thread (kernel/workqueue.c:2700 kernel/workqueue.c:2787) 
[  358.314915] ? __pfx_worker_thread (kernel/workqueue.c:2733) 
[  358.315205] kthread (kernel/kthread.c:388) 
[  358.315439] ? __pfx_kthread (kernel/kthread.c:341) 
[  358.315674] ret_from_fork (arch/x86/kernel/process.c:147) 
[  358.315891] ? __pfx_kthread (kernel/kthread.c:341) 
[  358.316153] ret_from_fork_asm (arch/x86/entry/entry_64.S:250) 
| [  358.332502] #PF: supervisor read access in kernel mode
| [  358.333010] #PF: error_code(0x0000) - not-present page
| [  358.333489] PGD 0 P4D 0
| [  358.333761] Oops: 0000 [#1] PREEMPT SMP NOPTI
[  358.334982] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
[  358.336082] Workqueue: netns cleanup_net
[  358.336376] RIP: 0010:__mutex_unlock_slowpath (kernel/locking/mutex.c:945) 
[ 358.336669] Code: ff ff 4c 8d 65 08 4c 89 e7 e8 f0 78 00 00 48 89 ef e8 e8 bd 2d ff 48 8b 55 50 48 8d 45 50 48 39 c2 74 71 48 8b 75 50 48 89 ef <4c> 8b 6e 10 e8 9b ba 2d ff 48 89 e7 4c 89 ee 4d 89 ee e8 5d d9 2a
All code
========
   0:	ff                   	(bad)
   1:	ff 4c 8d 65          	decl   0x65(%rbp,%rcx,4)
   5:	08 4c 89 e7          	or     %cl,-0x19(%rcx,%rcx,4)
   9:	e8 f0 78 00 00       	call   0x78fe
   e:	48 89 ef             	mov    %rbp,%rdi
  11:	e8 e8 bd 2d ff       	call   0xffffffffff2dbdfe
  16:	48 8b 55 50          	mov    0x50(%rbp),%rdx
  1a:	48 8d 45 50          	lea    0x50(%rbp),%rax
  1e:	48 39 c2             	cmp    %rax,%rdx
  21:	74 71                	je     0x94
  23:	48 8b 75 50          	mov    0x50(%rbp),%rsi
  27:	48 89 ef             	mov    %rbp,%rdi
  2a:*	4c 8b 6e 10          	mov    0x10(%rsi),%r13		<-- trapping instruction
  2e:	e8 9b ba 2d ff       	call   0xffffffffff2dbace
  33:	48 89 e7             	mov    %rsp,%rdi
  36:	4c 89 ee             	mov    %r13,%rsi
  39:	4d 89 ee             	mov    %r13,%r14
  3c:	e8                   	.byte 0xe8
  3d:	5d                   	pop    %rbp
  3e:	d9 2a                	fldcw  (%rdx)

Code starting with the faulting instruction
===========================================
   0:	4c 8b 6e 10          	mov    0x10(%rsi),%r13
   4:	e8 9b ba 2d ff       	call   0xffffffffff2dbaa4
   9:	48 89 e7             	mov    %rsp,%rdi
   c:	4c 89 ee             	mov    %r13,%rsi
   f:	4d 89 ee             	mov    %r13,%r14
  12:	e8                   	.byte 0xe8
  13:	5d                   	pop    %rbp
  14:	d9 2a                	fldcw  (%rdx)
[  358.338037] RSP: 0018:ffffae7d80263aa0 EFLAGS: 00010207
[  358.338320] RAX: ffff8e7b426a3a50 RBX: ffff8e7b426a3f0e RCX: 0000000000000000
[  358.338776] RDX: 00007ffc75f4afff RSI: 00007ffc75f4afff RDI: ffff8e7b426a3a00
[  358.339573] RBP: ffff8e7b426a3a00 R08: 0000000000000000 R09: 0000000000000000
[  358.340555] R10: 0000000000000000 R11: ffffae7d80263ac0 R12: ffff8e7b426a3a08
[  358.341761] R13: 0000000000000001 R14: 0000000000000000 R15: ffff8e7b42660000
[  358.342917] FS:  0000000000000000(0000) GS:ffff8e7b7ed00000(0000) knlGS:0000000000000000
[  358.344210] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  358.345178] CR2: 00007ffc75f4b00f CR3: 0000000016460003 CR4: 0000000000770ef0
[  358.346341] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  358.347343] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  358.348262] PKRU: 55555554
[  358.348720] Call Trace:
[  358.349070]  <TASK>
[  358.349456] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434) 
[  358.349926] ? page_fault_oops (arch/x86/mm/fault.c:707) 
[  358.350284] ? exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:67 ./arch/x86/include/asm/irqflags.h:127 arch/x86/mm/fault.c:1515 arch/x86/mm/fault.c:1563) 
[  358.350631] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:570) 
[  358.351049] ? __mutex_unlock_slowpath (kernel/locking/mutex.c:945) 
[  358.351405] __tcf_action_put (net/sched/act_api.c:383) 
[  358.351697] tcf_action_destroy (net/sched/act_api.c:413 net/sched/act_api.c:393 net/sched/act_api.c:1175) 
[  358.351990] tcf_exts_destroy (net/sched/cls_api.c:3312) 
[  358.352284] __fl_destroy_filter (./include/net/pkt_cls.h:261 net/sched/cls_flower.c:425) cls_flower
[  358.352688] __fl_delete (net/sched/cls_flower.c:574) cls_flower
[  358.353039] fl_destroy (net/sched/cls_flower.c:599) cls_flower
[  358.353391] tcf_proto_destroy (net/sched/cls_api.c:418) 
[  358.353709] tcf_chain_flush (net/sched/cls_api.c:737) 
[  358.353998] __tcf_block_put (net/sched/cls_api.c:1070 net/sched/cls_api.c:1141 net/sched/cls_api.c:1305) 
[  358.354304] clsact_destroy (net/sched/sch_ingress.c:304) sch_ingress
[  358.354688] __qdisc_destroy (net/sched/sch_generic.c:1067) 
[  358.354996] dev_shutdown (net/sched/sch_generic.c:1482) 
[  358.355287] unregister_netdevice_many_notify (./include/net/tcx.h:168 net/core/dev.c:11084) 
[  358.355701] default_device_exit_batch (net/core/dev.c:11629) 
[  358.356070] cleanup_net (net/core/net_namespace.c:636 (discriminator 3)) 
[  358.356357] ? process_one_work (kernel/workqueue.c:2606) 
[  358.356689] process_one_work (kernel/workqueue.c:2633) 
[  358.357016] worker_thread (kernel/workqueue.c:2700 kernel/workqueue.c:2787) 
[  358.357318] ? __pfx_worker_thread (kernel/workqueue.c:2733) 
[  358.357659] kthread (kernel/kthread.c:388) 
[  358.357906] ? __pfx_kthread (kernel/kthread.c:341) 
[  358.358206] ret_from_fork (arch/x86/kernel/process.c:147) 
[  358.358482] ? __pfx_kthread (kernel/kthread.c:341) 
[  358.358776] ret_from_fork_asm (arch/x86/entry/entry_64.S:250) 
| [  358.380774] #PF: supervisor instruction fetch in kernel mode
| [  358.381084] #PF: error_code(0x0010) - not-present page
| [  358.381362] PGD 16463067 P4D 16463067 PUD 0
| [  358.381603] Oops: 0010 [#2] PREEMPT SMP NOPTI
[  358.382296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
[  358.382908] RIP: 0010:0xffffffff00000002
[ 358.383128] Code: Unable to access opcode bytes at 0xfffffffeffffffd8.

Code starting with the faulting instruction
===========================================
[  358.383484] RSP: 0018:ffffae7d8012be08 EFLAGS: 00010282
[  358.383765] RAX: 0000000000000004 RBX: 000000000000000a RCX: 0000000000000000
[  358.384151] RDX: ffffffff00000002 RSI: ffffffff95d801c8 RDI: ffff8e7b426a3a08
[  358.384536] RBP: ffff8e7b7edb08c0 R08: 0000000000000000 R09: 0000000000000000
[  358.384915] R10: 0000000000000000 R11: 0000000000100005 R12: ffff8e7b4183a140
[  358.385296] R13: 0000000000000009 R14: ffff8e7b7edb0960 R15: ffffffff94403fcd
[  358.385683] FS:  0000000000000000(0000) GS:ffff8e7b7ed80000(0000) knlGS:0000000000000000
[  358.386120] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  358.386432] CR2: fffffffeffffffd8 CR3: 0000000016460003 CR4: 0000000000770ef0
[  358.386824] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  358.387203] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  358.387587] PKRU: 55555554
[  358.387739] Call Trace:
[  358.387877]  <TASK>
[  358.387998] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434) 
[  358.388174] ? page_fault_oops (arch/x86/mm/fault.c:707) 
[  358.388403] ? exc_page_fault (arch/x86/mm/fault.c:1505 arch/x86/mm/fault.c:1563) 
[  358.388625] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:570) 
[  358.388860] ? rcu_core (kernel/rcu/tree.c:2190 kernel/rcu/tree.c:2465) 
[  358.389057] ? rcu_core (kernel/rcu/tree.c:2185 kernel/rcu/tree.c:2465) 
[  358.389249] ? rcu_core (kernel/rcu/tree.c:2190 kernel/rcu/tree.c:2465) 
[  358.389443] ? __do_softirq (kernel/softirq.c:553) 
[  358.389656] ? __pfx_smpboot_thread_fn (kernel/smpboot.c:107) 
[  358.389914] ? run_ksoftirqd (kernel/softirq.c:410 kernel/softirq.c:922 kernel/softirq.c:913) 
[  358.390121] ? smpboot_thread_fn (kernel/smpboot.c:164 (discriminator 3)) 
[  358.390361] ? kthread (kernel/kthread.c:388) 
[  358.390554] ? __pfx_kthread (kernel/kthread.c:341) 
[  358.390761] ? ret_from_fork (arch/x86/kernel/process.c:147) 
[  358.390974] ? __pfx_kthread (kernel/kthread.c:341) 


Finger prints:
__mutex_lock:refcount_dec_and_mutex_lock:__tcf_action_put:tcf_action_destroy
__mutex_unlock_slowpath:__tcf_action_put:tcf_action_destroy:tcf_exts_destroy