======================================
| [ 1122.284710][ C3] #0: ffff8880117ff5a0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap (./include/linux/seqlock.h:431 ./include/linux/mmap_lock.h:87 ./include/linux/mmap_lock.h:357 mm/mmap.c:1292) 
| [ 1122.285103][ C3] #1: ffffffff87379b40 (rcu_callback){....}-{0:0}, at: rcu_do_batch (./include/linux/rcupdate.h:331 kernel/rcu/tree.c:2570) 
| [ 1122.285516][    C3]
| [ 1122.285516][    C3] stack backtrace:
[ 1122.285802][    C3] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 1122.285805][    C3] Call Trace:
[ 1122.285807][    C3]  <IRQ>
[ 1122.285809][ C3] dump_stack_lvl (lib/dump_stack.c:123) 
[ 1122.285816][ C3] print_usage_bug.part.0 (kernel/locking/lockdep.c:4048) 
[ 1122.285821][ C3] mark_lock_irq (kernel/locking/lockdep.c:4013 kernel/locking/lockdep.c:4059 kernel/locking/lockdep.c:4270) 
[ 1122.285827][ C3] mark_lock (kernel/locking/lockdep.c:4756) 
[ 1122.285831][ C3] mark_usage (kernel/locking/lockdep.c:4645) 
[ 1122.285834][ C3] __lock_acquire (kernel/locking/lockdep.c:5194) 
[ 1122.285837][ C3] ? unwind_next_frame (./include/linux/rcupdate.h:874 ./include/linux/rcupdate.h:1155 arch/x86/kernel/unwind_orc.c:479) 
[ 1122.285842][ C3] ? exit_mmap (mm/mmap.c:1297) 
[ 1122.285846][ C3] lock_acquire.part.0 (kernel/locking/lockdep.c:473 kernel/locking/lockdep.c:5873) 
[ 1122.285849][ C3] ? xa_set_mark (lib/xarray.c:2076 lib/xarray.c:2146) 
[ 1122.285852][ C3] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) 
[ 1122.285857][ C3] ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5834) 
[ 1122.285860][ C3] ? xa_set_mark (lib/xarray.c:2076 lib/xarray.c:2146) 
[ 1122.285863][ C3] _raw_spin_lock (./include/linux/spinlock_api_smp.h:134 kernel/locking/spinlock.c:154) 
[ 1122.285866][ C3] ? xa_set_mark (lib/xarray.c:2076 lib/xarray.c:2146) 
[ 1122.285869][ C3] xa_set_mark (lib/xarray.c:2076 lib/xarray.c:2146) 
[ 1122.285871][ C3] ? __pfx_xa_set_mark (lib/xarray.c:2144) 
[ 1122.285873][ C3] ? __lock_acquire (kernel/locking/lockdep.c:5240) 
[ 1122.285878][ C3] ? find_held_lock (kernel/locking/lockdep.c:5353) 
[ 1122.285884][ C3] ref_tracker_dir_exit (lib/ref_tracker.c:54 lib/ref_tracker.c:223) 
[ 1122.285889][ C3] ? mark_held_locks (kernel/locking/lockdep.c:4328) 
[ 1122.285892][ C3] ? _raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194) 
[ 1122.285896][ C3] ? __pfx_ref_tracker_dir_exit (lib/ref_tracker.c:213) 
[ 1122.285900][ C3] ? ref_tracker_free (lib/ref_tracker.c:281) 
[ 1122.285903][ C3] ? __lock_acquire (kernel/locking/lockdep.c:5240) 
[ 1122.285906][ C3] ? __pfx_ref_tracker_free (lib/ref_tracker.c:281) 
[ 1122.285909][ C3] ? __sk_destruct (./include/linux/instrumented.h:96 ./include/linux/atomic/atomic-instrumented.h:400 ./include/linux/refcount.h:389 ./include/linux/refcount.h:432 ./include/linux/refcount.h:450 ./include/net/net_namespace.h:287 ./include/net/net_namespace.h:390 net/core/sock.c:2368) 
[ 1122.285915][ C3] ? rcu_do_batch (kernel/rcu/tree.c:2576) 
[ 1122.285918][ C3] ? rcu_core (kernel/rcu/tree.c:2834) 
[ 1122.285921][ C3] ? handle_softirqs (kernel/softirq.c:580) 
[ 1122.285925][ C3] __put_net (./include/linux/llist.h:238 ./include/linux/llist.h:265 net/core/net_namespace.c:732) 
[ 1122.285932][ C3] ? unlink_anon_vmas (mm/rmap.c:439) 
[ 1122.285938][ C3] ? __pfx___put_net (net/core/net_namespace.c:729) 
[ 1122.285943][ C3] ? bpf_sk_storage_free (./include/linux/rcupdate.h:341 ./include/linux/rcupdate.h:871 net/core/bpf_sk_storage.c:61) 
[ 1122.285949][ C3] __sk_destruct (./include/net/net_namespace.h:288 ./include/net/net_namespace.h:390 net/core/sock.c:2368) 
[ 1122.285953][ C3] ? rcu_do_batch (kernel/rcu/tree.c:2576) 
[ 1122.285955][ C3] rcu_do_batch (kernel/rcu/tree.c:2576) 
[ 1122.285958][ C3] ? find_held_lock (kernel/locking/lockdep.c:5353) 
[ 1122.285962][ C3] ? __pfx_rcu_do_batch (kernel/rcu/tree.c:2500) 
[ 1122.285966][ C3] ? mark_held_locks (kernel/locking/lockdep.c:4328) 
[ 1122.285968][ C3] ? note_gp_changes (kernel/rcu/tree.c:1326 (discriminator 1)) 
[ 1122.285971][ C3] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) 
[ 1122.285978][ C3] rcu_core (kernel/rcu/tree.c:2834) 
[ 1122.285982][ C3] handle_softirqs (kernel/softirq.c:580) 
[ 1122.285987][ C3] __irq_exit_rcu (kernel/softirq.c:614 kernel/softirq.c:453 kernel/softirq.c:680) 
[ 1122.285990][ C3] irq_exit_rcu (kernel/softirq.c:698) 
[ 1122.285992][ C3] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1050 arch/x86/kernel/apic/apic.c:1050) 
[ 1122.285996][    C3]  </IRQ>
[ 1122.285997][    C3]  <TASK>
[ 1122.285999][ C3] asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) 
[ 1122.286004][ C3] RIP: 0010:_raw_spin_unlock_irqrestore (./include/linux/spinlock_api_smp.h:152 kernel/locking/spinlock.c:194) 
[ 1122.286008][ C3] Code: 74 24 10 e8 b1 ec 77 fd 48 89 ef e8 69 3f 78 fd 81 e3 00 02 00 00 75 29 9c 58 f6 c4 02 75 35 48 85 db 74 01 fb bf 01 00 00 00 <e8> 2a fd 6b fd 65 8b 05 53 1b b2 02 85 c0 74 0e 5b 5d c3 cc cc cc
All code
========
   0:	74 24                	je     0x26
   2:	10 e8                	adc    %ch,%al
   4:	b1 ec                	mov    $0xec,%cl
   6:	77 fd                	ja     0x5
   8:	48 89 ef             	mov    %rbp,%rdi
   b:	e8 69 3f 78 fd       	call   0xfffffffffd783f79
  10:	81 e3 00 02 00 00    	and    $0x200,%ebx
  16:	75 29                	jne    0x41
  18:	9c                   	pushf
  19:	58                   	pop    %rax
  1a:	f6 c4 02             	test   $0x2,%ah
  1d:	75 35                	jne    0x54
  1f:	48 85 db             	test   %rbx,%rbx
  22:	74 01                	je     0x25
  24:	fb                   	sti
  25:	bf 01 00 00 00       	mov    $0x1,%edi
  2a:*	e8 2a fd 6b fd       	call   0xfffffffffd6bfd59		<-- trapping instruction
  2f:	65 8b 05 53 1b b2 02 	mov    %gs:0x2b21b53(%rip),%eax        # 0x2b21b89
  36:	85 c0                	test   %eax,%eax
  38:	74 0e                	je     0x48
  3a:	5b                   	pop    %rbx
  3b:	5d                   	pop    %rbp
  3c:	c3                   	ret
  3d:	cc                   	int3
  3e:	cc                   	int3
  3f:	cc                   	int3

Code starting with the faulting instruction
===========================================
   0:	e8 2a fd 6b fd       	call   0xfffffffffd6bfd2f
   5:	65 8b 05 53 1b b2 02 	mov    %gs:0x2b21b53(%rip),%eax        # 0x2b21b5f
   c:	85 c0                	test   %eax,%eax
   e:	74 0e                	je     0x1e
  10:	5b                   	pop    %rbx
  11:	5d                   	pop    %rbp
  12:	c3                   	ret
  13:	cc                   	int3
  14:	cc                   	int3
  15:	cc                   	int3
[ 1122.286011][    C3] RSP: 0018:ffffc900004f78d8 EFLAGS: 00000206
[ 1122.286015][    C3] RAX: 0000000000000002 RBX: 0000000000000200 RCX: 0000000000000040
[ 1122.286017][    C3] RDX: 0000000000000000 RSI: ffffffff86ebc1ba RDI: 0000000000000001
[ 1122.286018][    C3] RBP: ffffffff89cfab28 R08: 0000000000000001 R09: 0000000000000001
[ 1122.286020][    C3] R10: ffffffff87e15ad7 R11: ffffffff89cfab28 R12: 0000000000000001
[ 1122.286022][    C3] R13: ffff88800e4fe7d8 R14: dffffc0000000000 R15: 1ffff9200009ef22
[ 1122.286028][ C3] debug_object_activate (lib/debugobjects.c:837) 
[ 1122.286033][ C3] ? __pfx_debug_object_activate (lib/debugobjects.c:805) 
[ 1122.286037][ C3] ? find_held_lock (kernel/locking/lockdep.c:5353) 
[ 1122.286042][ C3] ? __pfx_free_object_rcu (mm/kmemleak.c:519) 
[ 1122.286048][ C3] __call_rcu_common.constprop.0 (kernel/rcu/rcu.h:237 kernel/rcu/tree.c:3075) 
[ 1122.286052][ C3] kmem_cache_free (./include/linux/kmemleak.h:49 mm/slub.c:2306 mm/slub.c:4643 mm/slub.c:4745) 
[ 1122.286058][ C3] ? unlink_anon_vmas (mm/rmap.c:439) 
[ 1122.286062][ C3] unlink_anon_vmas (mm/rmap.c:439) 
[ 1122.286068][ C3] free_pgtables (./include/linux/hugetlb_inline.h:11 mm/memory.c:383) 
[ 1122.286074][ C3] ? __pfx_free_pgtables (mm/memory.c:358) 
[ 1122.286076][ C3] ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5834) 
[ 1122.286078][ C3] ? exit_mmap (./include/linux/seqlock.h:431 ./include/linux/mmap_lock.h:87 ./include/linux/mmap_lock.h:357 mm/mmap.c:1292) 
[ 1122.286083][ C3] ? down_write (./arch/x86/include/asm/preempt.h:104 kernel/locking/rwsem.c:1307 kernel/locking/rwsem.c:1313 kernel/locking/rwsem.c:1578) 
[ 1122.286085][ C3] ? __pfx_down_write (kernel/locking/rwsem.c:1575) 
[ 1122.286090][ C3] exit_mmap (mm/mmap.c:1297) 
[ 1122.286094][ C3] ? __pfx_exit_mmap (mm/mmap.c:1259) 
[ 1122.286100][ C3] ? __mutex_unlock_slowpath (./arch/x86/include/asm/atomic64_64.h:101 ./include/linux/atomic/atomic-arch-fallback.h:4329 ./include/linux/atomic/atomic-long.h:1506 ./include/linux/atomic/atomic-instrumented.h:4481 kernel/locking/mutex.c:926) 
[ 1122.286110][ C3] mmput (kernel/fork.c:1189 kernel/fork.c:1123 kernel/fork.c:1144) 
[ 1122.286116][ C3] exit_mm (kernel/exit.c:582) 
[ 1122.286121][ C3] do_exit (kernel/exit.c:946) 
[ 1122.286124][ C3] ? __pfx_do_exit (kernel/exit.c:897) 
[ 1122.286127][ C3] ? do_group_exit (./include/linux/spinlock.h:402 kernel/exit.c:1101) 
[ 1122.286130][ C3] ? __lock_release (kernel/locking/lockdep.c:5539) 
[ 1122.286134][ C3] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) 
[ 1122.286138][ C3] do_group_exit (kernel/exit.c:1085) 
[ 1122.286142][ C3] __x64_sys_exit_group (kernel/exit.c:1113) 
[ 1122.286145][ C3] x64_sys_call (arch/x86/entry/syscall_64.c:37) 
[ 1122.286149][ C3] do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) 
[ 1122.286155][ C3] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) 
[ 1122.286158][    C3] RIP: 0033:0x7fad1afdfabd
[ 1122.286161][ C3] Code: Unable to access opcode bytes at 0x7fad1afdfa93.

Code starting with the faulting instruction
===========================================
[ 1122.286163][    C3] RSP: 002b:00007ffebc309d28 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 1122.286165][    C3] RAX: ffffffffffffffda RBX: 00007fad1b0bc9c0 RCX: 00007fad1afdfabd
[ 1122.286168][    C3] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000
[ 1122.286169][    C3] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000028
[ 1122.286171][    C3] R10: 00007ffebc309bb0 R11: 0000000000000246 R12: 00007fad1b0bc9c0


Finger prints:
mark_lock_irq:mark_lock:mark_usage:__lock_acquire:_raw_spin_lock