======================================
| [    2.739802] #PF: supervisor read access in kernel mode
| [    2.739849] #PF: error_code(0x0000) - not-present page
| [    2.739887] PGD 0 P4D 0
| [    2.739911] Oops: 0000 [#1] PREEMPT SMP NOPTI
[    2.739998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
[    2.740089] Workqueue: mld mld_ifc_work
[    2.740123] RIP: 0010:xfrm_tmpl_resolve (net/xfrm/xfrm_policy.c:2492 net/xfrm/xfrm_policy.c:2541) 
[ 2.740161] Code: 4c 8b 6c 24 08 41 8b 47 6c 4d 89 f8 48 89 ea 4c 89 f6 4c 89 ef 50 8b 44 24 08 50 4c 8d 4c 24 6c e8 09 ce 00 00 49 89 c0 58 5a <41> f6 80 e8 02 00 00 fd 0f 85 29 03 00 00 4d 85 c0 0f 84 a7 00 00
All code
========
   0:	4c 8b 6c 24 08       	mov    0x8(%rsp),%r13
   5:	41 8b 47 6c          	mov    0x6c(%r15),%eax
   9:	4d 89 f8             	mov    %r15,%r8
   c:	48 89 ea             	mov    %rbp,%rdx
   f:	4c 89 f6             	mov    %r14,%rsi
  12:	4c 89 ef             	mov    %r13,%rdi
  15:	50                   	push   %rax
  16:	8b 44 24 08          	mov    0x8(%rsp),%eax
  1a:	50                   	push   %rax
  1b:	4c 8d 4c 24 6c       	lea    0x6c(%rsp),%r9
  20:	e8 09 ce 00 00       	call   0xce2e
  25:	49 89 c0             	mov    %rax,%r8
  28:	58                   	pop    %rax
  29:	5a                   	pop    %rdx
  2a:*	41 f6 80 e8 02 00 00 	testb  $0xfd,0x2e8(%r8)		<-- trapping instruction
  31:	fd 
  32:	0f 85 29 03 00 00    	jne    0x361
  38:	4d 85 c0             	test   %r8,%r8
  3b:	0f                   	.byte 0xf
  3c:	84                   	.byte 0x84
  3d:	a7                   	cmpsl  %es:(%rdi),%ds:(%rsi)
	...

Code starting with the faulting instruction
===========================================
   0:	41 f6 80 e8 02 00 00 	testb  $0xfd,0x2e8(%r8)
   7:	fd 
   8:	0f 85 29 03 00 00    	jne    0x337
   e:	4d 85 c0             	test   %r8,%r8
  11:	0f                   	.byte 0xf
  12:	84                   	.byte 0x84
  13:	a7                   	cmpsl  %es:(%rdi),%ds:(%rsi)
	...
[    2.740260] RSP: 0018:ffffabcb80053810 EFLAGS: 00010246
[    2.740297] RAX: 0000000000000002 RBX: 0000000000000000 RCX: ffff9ba644041794
[    2.740349] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff9ba6412a4500
[    2.740397] RBP: ffff9ba644041768 R08: 0000000000000000 R09: ffffabcb8005386c
[    2.740456] R10: ffff9ba641256d80 R11: 0000000000000002 R12: ffff9ba641256d98
[    2.740509] R13: ffff9ba644041794 R14: ffff9ba644041790 R15: ffff9ba641256c00
[    2.740563] FS:  0000000000000000(0000) GS:ffff9ba67ec00000(0000) knlGS:0000000000000000
[    2.740615] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    2.740660] CR2: 00000000000002e8 CR3: 0000000023244001 CR4: 0000000000770ef0
[    2.740731] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[    2.740794] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[    2.740848] PKRU: 55555554
[    2.740863] Call Trace:
[    2.740886]  <TASK>
[    2.740919] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434) 
[    2.740948] ? page_fault_oops (arch/x86/mm/fault.c:713) 
[    2.740975] ? netlink_has_listeners (net/netlink/af_netlink.c:1396) 
[    2.741012] ? exc_page_fault (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:72 arch/x86/mm/fault.c:1513 arch/x86/mm/fault.c:1563) 
[    2.741046] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) 
[    2.741079] ? xfrm_tmpl_resolve (net/xfrm/xfrm_policy.c:2492 net/xfrm/xfrm_policy.c:2541) 
[    2.741121] xfrm_resolve_and_create_bundle (net/xfrm/xfrm_policy.c:2836) 
[    2.741158] ? __pfx_ip6_pol_route_output (net/ipv6/route.c:2603) 
[    2.741195] ? enqueue_to_backlog (./include/net/rps.h:137 net/core/dev.c:4835) 
[    2.741235] ? xfrm_policy_inexact_lookup_rcu (./include/linux/rhashtable.h:133 ./include/linux/rhashtable.h:159 ./include/linux/rhashtable.h:604 ./include/linux/rhashtable.h:646 net/xfrm/xfrm_policy.c:2088) 
[    2.741270] ? xfrm_policy_lookup_bytype.constprop.0 (net/xfrm/xfrm_policy.c:2235) 
[    2.741323] ? rt_set_nexthop.constprop.0 (net/ipv4/route.c:1594) 
[    2.741362] xfrm_lookup_with_ifid (net/xfrm/xfrm_policy.c:3073 net/xfrm/xfrm_policy.c:3202) 
[    2.741400] xfrm_lookup_route (net/xfrm/xfrm_policy.c:3314) 
[    2.741429] __ip_queue_xmit (net/ipv4/ip_output.c:498) 
[    2.741463] l2tp_xmit_skb (net/l2tp/l2tp_core.c:1007 net/l2tp/l2tp_core.c:1093 net/l2tp/l2tp_core.c:1109) l2tp_core
[    2.741519] l2tp_eth_dev_xmit (net/l2tp/l2tp_eth.c:75) l2tp_eth
[    2.741562] dev_hard_start_xmit (./include/linux/netdevice.h:4878 ./include/linux/netdevice.h:4892 net/core/dev.c:3564 net/core/dev.c:3580) 
[    2.741595] sch_direct_xmit (net/sched/sch_generic.c:343) 
[    2.741624] __dev_queue_xmit (net/core/dev.c:3793 net/core/dev.c:4339) 
[    2.741652] ? xfrm_policy_lookup_bytype.constprop.0 (net/xfrm/xfrm_policy.c:2235) 
[    2.741706] ip6_finish_output2 (./include/net/neighbour.h:526 ./include/net/neighbour.h:540 net/ipv6/ip6_output.c:137) 
[    2.741742] ? ip6_mc_hdr.constprop.0 (./include/linux/skbuff.h:2964 ./include/linux/ipv6.h:108 net/ipv6/mcast.c:1713) 
[    2.741776] ? kmem_cache_alloc (mm/slub.c:3828 mm/slub.c:3852) 
[    2.741804] ip6_finish_output (net/ipv6/ip6_output.c:211 net/ipv6/ip6_output.c:222) 
[    2.741840] mld_sendpack (net/ipv6/mcast.c:1822) 
[    2.741870] mld_ifc_work (net/ipv6/mcast.c:2652) 
[    2.741900] process_one_work (kernel/workqueue.c:3254) 
[    2.741930] ? __pfx_worker_thread (kernel/workqueue.c:3362) 
[    2.741971] worker_thread (kernel/workqueue.c:3329 kernel/workqueue.c:3416) 
[    2.742000] ? __pfx_worker_thread (kernel/workqueue.c:3362) 
[    2.742033] kthread (kernel/kthread.c:388) 
[    2.742061] ? __pfx_kthread (kernel/kthread.c:341) 
[    2.742086] ret_from_fork (arch/x86/kernel/process.c:147) 
[    2.742120] ? __pfx_kthread (kernel/kthread.c:341) 


Finger prints:
xfrm_tmpl_resolve:xfrm_resolve_and_create_bundle:xfrm_lookup_with_ifid:xfrm_lookup_route