======================================
| xx__-> [ 1302.298991] ------------[ cut here ]------------
| [ 1302.299114] rcuref - imbalanced put()
| [ 1302.299116] WARNING: lib/rcuref.c:266 at 0x0, CPU#2: swapper/2/0
| [ 1302.299272] Modules linked in: bonding ip6t_rpfilter act_mirred act_tunnel_key bareudp mpls_gso mpls_iptunnel mpls_router xt_length act_ct nf_flow_table nft_chain_nat xt_nat cls_bpf act_gact cls_flower sch_ingress chacha libchacha chacha20poly1305 libpoly1305 tls unix_diag vxlan openvswitch psample nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nsh ipt_REJECT nf_reject_ipv4 nft_compat nf_tables [last unloaded: netdevsim]
[ 1302.299656] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 1302.299730] RIP: 0010:rcuref_put_slowpath (lib/rcuref.c:266 lib/rcuref.c:237)
[ 1302.299818] Code: b1 17 0f 94 c0 75 0e 5b c3 81 fe ff ff ff bf 77 12 85 f6 78 04 31 c0 5b c3 c7 03 00 00 00 a0 31 c0 5b c3 48 8d 3d 20 32 2f 01 <67> 48 0f b9 3a 31 c0 c7 03 00 00 00 e0 eb de 90 f3 0f 1e fa 48 b8
All code
========
   0:	b1 17                	mov    $0x17,%cl
   2:	0f 94 c0             	sete   %al
   5:	75 0e                	jne    0x15
   7:	5b                   	pop    %rbx
   8:	c3                   	ret
   9:	81 fe ff ff ff bf    	cmp    $0xbfffffff,%esi
   f:	77 12                	ja     0x23
  11:	85 f6                	test   %esi,%esi
  13:	78 04                	js     0x19
  15:	31 c0                	xor    %eax,%eax
  17:	5b                   	pop    %rbx
  18:	c3                   	ret
  19:	c7 03 00 00 00 a0    	movl   $0xa0000000,(%rbx)
  1f:	31 c0                	xor    %eax,%eax
  21:	5b                   	pop    %rbx
  22:	c3                   	ret
  23:	48 8d 3d 20 32 2f 01 	lea    0x12f3220(%rip),%rdi        # 0x12f324a
  2a:*	67 48 0f b9 3a       	ud1    (%edx),%rdi		<-- trapping instruction
  2f:	31 c0                	xor    %eax,%eax
  31:	c7 03 00 00 00 e0    	movl   $0xe0000000,(%rbx)
  37:	eb de                	jmp    0x17
  39:	90                   	nop
  3a:	f3 0f 1e fa          	endbr64
  3e:	48                   	rex.W
  3f:	b8                   	.byte 0xb8

Code starting with the faulting instruction
===========================================
   0:	67 48 0f b9 3a       	ud1    (%edx),%rdi
   5:	31 c0                	xor    %eax,%eax
   7:	c7 03 00 00 00 e0    	movl   $0xe0000000,(%rbx)
   d:	eb de                	jmp    0xffffffffffffffed
   f:	90                   	nop
  10:	f3 0f 1e fa          	endbr64
  14:	48                   	rex.W
  15:	b8                   	.byte 0xb8
[ 1302.300002] RSP: 0018:ffffaff080110e80 EFLAGS: 00010206
[ 1302.300063] RAX: 00000000dfffffff RBX: ffff9b188307ca00 RCX: 0000000000000003
[ 1302.300141] RDX: ffffffff9122f520 RSI: 00000000dfffffff RDI: ffffffff9207d4c0
[ 1302.300238] RBP: ffff9b188307c9c0 R08: ffff9b1889863870 R09: ffffffff909ca262
[ 1302.300313] R10: ffff9b1884cf0f00 R11: 0000000000000064 R12: 000034d75367e1b8
[ 1302.300385] R13: 000034d75367e1b8 R14: ffff9b18bed29c00 R15: 0000000000000000
[ 1302.300485] FS:  0000000000000000(0000) GS:ffff9b192c685000(0000) knlGS:0000000000000000
[ 1302.300567] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1302.300636] CR2: 00007fd63c09c000 CR3: 0000000019a46003 CR4: 0000000000772ef0
[ 1302.300709] PKRU: 55555554
[ 1302.300753] Call Trace:
[ 1302.300799]  <IRQ>
[ 1302.300860]  dst_release_immediate (./include/linux/rcuref.h:117 ./include/linux/rcuref.h:173 net/core/dst.c:184)
[ 1302.300949]  rt_fibinfo_free_cpus.part.0 (net/ipv4/fib_semantics.c:190)
[ 1302.301037]  fib_nh_common_release (net/ipv4/fib_semantics.c:207)
[ 1302.301121]  free_fib_info_rcu (./include/net/nexthop.h:480 (discriminator 3) net/ipv4/fib_semantics.c:229 (discriminator 3))
[ 1302.301196]  rcu_core (kernel/rcu/tree.c:2612 kernel/rcu/tree.c:2857)
[ 1302.301255]  ? rcu_core (kernel/rcu/tree.c:2531 kernel/rcu/tree.c:2857)
[ 1302.301322]  handle_softirqs (./arch/x86/include/asm/jump_label.h:37 ./include/trace/events/irq.h:142 kernel/softirq.c:623)
[ 1302.301383]  irq_exit_rcu (kernel/softirq.c:657 kernel/softirq.c:496 kernel/softirq.c:723 kernel/softirq.c:739)
[ 1302.301449]  sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1056 arch/x86/kernel/apic/apic.c:1056)
[ 1302.301516]  </IRQ>
[ 1302.301560]  <TASK>
[ 1302.301619]  asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697)
[ 1302.301704] RIP: 0010:pv_native_safe_halt (arch/x86/kernel/paravirt.c:82)
[ 1302.301787] Code: 48 8b 3d 44 8d 2f 01 e8 1f 00 00 00 48 2b 05 f8 83 46 00 c3 0f 1f 80 00 00 00 00 f3 0f 1e fa eb 07 0f 00 2d 35 9b 08 00 fb f4 <c3> 0f 1f 40 d6 8b 17 48 89 fe 89 d7 83 e7 fe 0f 01 f9 66 90 48 c1
All code
========
   0:	48 8b 3d 44 8d 2f 01 	mov    0x12f8d44(%rip),%rdi        # 0x12f8d4b
   7:	e8 1f 00 00 00       	call   0x2b
   c:	48 2b 05 f8 83 46 00 	sub    0x4683f8(%rip),%rax        # 0x46840b
  13:	c3                   	ret
  14:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
  1b:	f3 0f 1e fa          	endbr64
  1f:	eb 07                	jmp    0x28
  21:	0f 00 2d 35 9b 08 00 	verw   0x89b35(%rip)        # 0x89b5d
  28:	fb                   	sti
  29:	f4                   	hlt
  2a:*	c3                   	ret		<-- trapping instruction
  2b:	0f 1f 40 d6          	nopl   -0x2a(%rax)
  2f:	8b 17                	mov    (%rdi),%edx
  31:	48 89 fe             	mov    %rdi,%rsi
  34:	89 d7                	mov    %edx,%edi
  36:	83 e7 fe             	and    $0xfffffffe,%edi
  39:	0f 01 f9             	rdtscp
  3c:	66 90                	xchg   %ax,%ax
  3e:	48                   	rex.W
  3f:	c1                   	.byte 0xc1

Code starting with the faulting instruction
===========================================
   0:	c3                   	ret
   1:	0f 1f 40 d6          	nopl   -0x2a(%rax)
   5:	8b 17                	mov    (%rdi),%edx
   7:	48 89 fe             	mov    %rdi,%rsi
   a:	89 d7                	mov    %edx,%edi
   c:	83 e7 fe             	and    $0xfffffffe,%edi
   f:	0f 01 f9             	rdtscp
  12:	66 90                	xchg   %ax,%ax
  14:	48                   	rex.W
  15:	c1                   	.byte 0xc1
[ 1302.301935] RSP: 0018:ffffaff0800a7ed0 EFLAGS: 00000206
[ 1302.302001] RAX: ffff9b192c685000 RBX: ffff9b18812e5d00 RCX: 0000000000000000
[ 1302.302088] RDX: 0000000000000002 RSI: ffffffff917baf63 RDI: 0000000008c35604
[ 1302.302169] RBP: 0000000000000002 R08: 0000000008c35604 R09: 0000000000000088
[ 1302.302268] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[ 1302.302351] R13: 000001f3fffffc18 R14: 0000000000000000 R15: 0000000000000000
[ 1302.302424]  default_idle (./arch/x86/include/asm/paravirt.h:107 arch/x86/kernel/process.c:767)
[ 1302.302486]  default_idle_call (./include/linux/cpuidle.h:144 kernel/sched/idle.c:123)
[ 1302.302544]  do_idle (kernel/sched/idle.c:192 kernel/sched/idle.c:332)
[ 1302.302601]  cpu_startup_entry (kernel/sched/idle.c:429 (discriminator 1))
[ 1302.302659]  start_secondary (arch/x86/kernel/smpboot.c:312)


Finger prints:
rcuref_put_slowpath:dst_release_immediate:fib_nh_common_release:free_fib_info_rcu:rcu_core