======================================
| [    1.980774] ------------[ cut here ]------------
| [    1.980816] rcuref - imbalanced put()
| [    1.980817] WARNING: lib/rcuref.c:266 at 0x0, CPU#3: swapper/3/0
| [    1.980881] Modules linked in: act_gact cls_flower sch_ingress vxlan
[    1.980982] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[    1.981014] RIP: 0010:rcuref_put_slowpath (lib/rcuref.c:266 (discriminator 4))
[    1.981049] Code: c0 75 0d c3 81 fe ff ff ff bf 77 0f 85 f6 78 03 31 c0 c3 c7 07 00 00 00 a0 eb f5 48 83 ec 08 48 89 3c 24 48 8d 3d 30 04 4a 01 <67> 48 0f b9 3a 48 8b 14 24 31 c0 c7 02 00 00 00 e0 48 83 c4 08 c3
All code
========
   0:	c0 75 0d c3          	shlb   $0xc3,0xd(%rbp)
   4:	81 fe ff ff ff bf    	cmp    $0xbfffffff,%esi
   a:	77 0f                	ja     0x1b
   c:	85 f6                	test   %esi,%esi
   e:	78 03                	js     0x13
  10:	31 c0                	xor    %eax,%eax
  12:	c3                   	ret
  13:	c7 07 00 00 00 a0    	movl   $0xa0000000,(%rdi)
  19:	eb f5                	jmp    0x10
  1b:	48 83 ec 08          	sub    $0x8,%rsp
  1f:	48 89 3c 24          	mov    %rdi,(%rsp)
  23:	48 8d 3d 30 04 4a 01 	lea    0x14a0430(%rip),%rdi        # 0x14a045a
  2a:*	67 48 0f b9 3a       	ud1    (%edx),%rdi		<-- trapping instruction
  2f:	48 8b 14 24          	mov    (%rsp),%rdx
  33:	31 c0                	xor    %eax,%eax
  35:	c7 02 00 00 00 e0    	movl   $0xe0000000,(%rdx)
  3b:	48 83 c4 08          	add    $0x8,%rsp
  3f:	c3                   	ret

Code starting with the faulting instruction
===========================================
   0:	67 48 0f b9 3a       	ud1    (%edx),%rdi
   5:	48 8b 14 24          	mov    (%rsp),%rdx
   9:	31 c0                	xor    %eax,%eax
   b:	c7 02 00 00 00 e0    	movl   $0xe0000000,(%rdx)
  11:	48 83 c4 08          	add    $0x8,%rsp
  15:	c3                   	ret
[    1.981145] RSP: 0018:ff490c084013ce78 EFLAGS: 00010296
[    1.981171] RAX: 00000000dfffffff RBX: ff3b9b73818e1c80 RCX: ff3b9b7384d5a0c0
[    1.981213] RDX: 003f709430436d28 RSI: 00000000dfffffff RDI: ffffffffaee7e6f0
[    1.981250] RBP: ff3b9b73818e1c70 R08: ff3b9b7383119d20 R09: 00000000002a0014
[    1.981288] R10: ff3b9b7381034200 R11: ff3b9b7383119d20 R12: ff3b9b73818e1ce8
[    1.981335] R13: ff490c084013cf40 R14: 0000000000000019 R15: 0000000000000000
[    1.981383] FS:  0000000000000000(0000) GS:ff3b9b740f94c000(0000) knlGS:0000000000000000
[    1.981432] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    1.981469] CR2: 00007f0ecc9e9680 CR3: 0000000013846005 CR4: 0000000000771ef0
[    1.981505] PKRU: 55555554
[    1.981520] Call Trace:
[    1.981538]  <IRQ>
[    1.981554]  dst_release_immediate (./arch/x86/include/asm/preempt.h:95 (discriminator 1) ./include/linux/rcuref.h:174 (discriminator 1) net/core/dst.c:184 (discriminator 1))
[    1.981590]  rt_fibinfo_free_cpus.part.0 (net/ipv4/fib_semantics.c:196)
[    1.981620]  fib_nh_common_release (net/ipv4/fib_semantics.c:207)
[    1.981646]  free_fib_info_rcu (./include/net/nexthop.h:480 net/ipv4/fib_semantics.c:229)
[    1.981672]  rcu_core (kernel/rcu/tree.c:2612 (discriminator 1) kernel/rcu/tree.c:2857 (discriminator 1))
[    1.981696]  handle_softirqs (./arch/x86/include/asm/jump_label.h:37 ./include/trace/events/irq.h:142 kernel/softirq.c:623)
[    1.981720]  irq_exit_rcu (kernel/softirq.c:657 kernel/softirq.c:496 kernel/softirq.c:723 kernel/softirq.c:739)
[    1.981741]  sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1056 (discriminator 47) arch/x86/kernel/apic/apic.c:1056 (discriminator 47))
[    1.981771]  </IRQ>
[    1.981787]  <TASK>
[    1.981802]  asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697)
[    1.981830] RIP: 0010:pv_native_safe_halt (arch/x86/kernel/paravirt.c:82)
[    1.981861] Code: 48 8b 3d 74 3a 44 01 e8 1f 00 00 00 48 2b 05 28 a1 60 00 c3 0f 1f 80 00 00 00 00 f3 0f 1e fa eb 07 0f 00 2d a5 b8 21 00 fb f4 <c3> 0f 1f 40 d6 8b 17 89 d6 83 e6 fe 0f 01 f9 66 90 48 c1 e2 20 48
All code
========
   0:	48 8b 3d 74 3a 44 01 	mov    0x1443a74(%rip),%rdi        # 0x1443a7b
   7:	e8 1f 00 00 00       	call   0x2b
   c:	48 2b 05 28 a1 60 00 	sub    0x60a128(%rip),%rax        # 0x60a13b
  13:	c3                   	ret
  14:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
  1b:	f3 0f 1e fa          	endbr64
  1f:	eb 07                	jmp    0x28
  21:	0f 00 2d a5 b8 21 00 	verw   0x21b8a5(%rip)        # 0x21b8cd
  28:	fb                   	sti
  29:	f4                   	hlt
  2a:*	c3                   	ret		<-- trapping instruction
  2b:	0f 1f 40 d6          	nopl   -0x2a(%rax)
  2f:	8b 17                	mov    (%rdi),%edx
  31:	89 d6                	mov    %edx,%esi
  33:	83 e6 fe             	and    $0xfffffffe,%esi
  36:	0f 01 f9             	rdtscp
  39:	66 90                	xchg   %ax,%ax
  3b:	48 c1 e2 20          	shl    $0x20,%rdx
  3f:	48                   	rex.W

Code starting with the faulting instruction
===========================================
   0:	c3                   	ret
   1:	0f 1f 40 d6          	nopl   -0x2a(%rax)
   5:	8b 17                	mov    (%rdi),%edx
   7:	89 d6                	mov    %edx,%esi
   9:	83 e6 fe             	and    $0xfffffffe,%esi
   c:	0f 01 f9             	rdtscp
   f:	66 90                	xchg   %ax,%ax
  11:	48 c1 e2 20          	shl    $0x20,%rdx
  15:	48                   	rex.W
[    1.981956] RSP: 0018:ff490c08400afed8 EFLAGS: 00000216
[    1.981988] RAX: ff3b9b740f94c000 RBX: ff3b9b73812e8000 RCX: 0000000000000000
[    1.982026] RDX: 4000000000000000 RSI: 0000000000000000 RDI: 0000000000015e0c
[    1.982063] RBP: 0000000000000003 R08: 0000000000015e0c R09: ff3b9b73beda4990
[    1.982108] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[    1.982149] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[    1.982194]  ? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:146)
[    1.982224]  default_idle (./arch/x86/include/asm/paravirt.h:107 arch/x86/kernel/process.c:767)
[    1.982247]  default_idle_call (./include/linux/cpuidle.h:144 kernel/sched/idle.c:123)
[    1.982270]  do_idle (kernel/sched/idle.c:192 kernel/sched/idle.c:332)
[    1.982292]  cpu_startup_entry (kernel/sched/idle.c:429)
[    1.982314]  start_secondary (arch/x86/kernel/smpboot.c:312)
[    1.982338]  common_startup_64 (arch/x86/kernel/head_64.S:419)
| [    1.982475] #PF: error_code(0x0002) - not-present page
| [    1.982498] PGD 14201067 P4D 14202067 PUD 0
| [    1.982530] Oops: Oops: 0002 [#1] SMP
| [    1.982616] Tainted: [W]=WARN
[    1.982638] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[    1.982671] RIP: 0010:dst_dev_put (./include/linux/netdevice.h:4376 (discriminator 36) ./include/linux/netdevice.h:4476 (discriminator 36) net/core/dst.c:154 (discriminator 36))
[    1.982696] Code: 30 20 33 d7 ad 48 89 03 48 8b 05 83 5b 79 01 48 85 c0 74 0a 48 8b 80 18 05 00 00 65 ff 00 48 85 ed 74 0a 48 8b 85 18 05 00 00 <65> ff 08 5b 5d c3 66 90 f3 0f 1e fa 0f 1f 44 00 00 31 c0 c3 0f 1f
All code
========
   0:	30 20                	xor    %ah,(%rax)
   2:	33 d7                	xor    %edi,%edx
   4:	ad                   	lods   (%rsi),%eax
   5:	48 89 03             	mov    %rax,(%rbx)
   8:	48 8b 05 83 5b 79 01 	mov    0x1795b83(%rip),%rax        # 0x1795b92
   f:	48 85 c0             	test   %rax,%rax
  12:	74 0a                	je     0x1e
  14:	48 8b 80 18 05 00 00 	mov    0x518(%rax),%rax
  1b:	65 ff 00             	incl   %gs:(%rax)
  1e:	48 85 ed             	test   %rbp,%rbp
  21:	74 0a                	je     0x2d
  23:	48 8b 85 18 05 00 00 	mov    0x518(%rbp),%rax
  2a:*	65 ff 08             	decl   %gs:(%rax)		<-- trapping instruction
  2d:	5b                   	pop    %rbx
  2e:	5d                   	pop    %rbp
  2f:	c3                   	ret
  30:	66 90                	xchg   %ax,%ax
  32:	f3 0f 1e fa          	endbr64
  36:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  3b:	31 c0                	xor    %eax,%eax
  3d:	c3                   	ret
  3e:	0f                   	.byte 0xf
  3f:	1f                   	(bad)

Code starting with the faulting instruction
===========================================
   0:	65 ff 08             	decl   %gs:(%rax)
   3:	5b                   	pop    %rbx
   4:	5d                   	pop    %rbp
   5:	c3                   	ret
   6:	66 90                	xchg   %ax,%ax
   8:	f3 0f 1e fa          	endbr64
   c:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  11:	31 c0                	xor    %eax,%eax
  13:	c3                   	ret
  14:	0f                   	.byte 0xf
  15:	1f                   	(bad)
[    1.982785] RSP: 0018:ff490c084013ce80 EFLAGS: 00010286
[    1.982812] RAX: 0000000000000000 RBX: ff3b9b7384e37780 RCX: 0000000000000002
[    1.982854] RDX: 003f709430436d28 RSI: ffffffffffffffff RDI: ff3b9b7384e37780
[    1.982889] RBP: ff3b9b7382f4b300 R08: ff3b9b7383119d20 R09: 00000000002a0014
[    1.982925] R10: ff3b9b7381034200 R11: ff3b9b7383119d20 R12: ff3b9b73818e1ce8
[    1.982964] R13: ff490c084013cf40 R14: 0000000000000019 R15: 0000000000000000
[    1.983007] FS:  0000000000000000(0000) GS:ff3b9b740f94c000(0000) knlGS:0000000000000000
[    1.983044] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    1.983077] CR2: ff3b9b740f94c000 CR3: 0000000013846005 CR4: 0000000000771ef0
[    1.983118] PKRU: 55555554
[    1.983135] Call Trace:
[    1.983149]  <IRQ>
[    1.983162]  rt_fibinfo_free_cpus.part.0 (net/ipv4/fib_semantics.c:196)
[    1.983196]  fib_nh_common_release (net/ipv4/fib_semantics.c:207)
[    1.983226]  free_fib_info_rcu (./include/net/nexthop.h:480 net/ipv4/fib_semantics.c:229)
[    1.983244]  rcu_core (kernel/rcu/tree.c:2612 (discriminator 1) kernel/rcu/tree.c:2857 (discriminator 1))
[    1.983265]  handle_softirqs (./arch/x86/include/asm/jump_label.h:37 ./include/trace/events/irq.h:142 kernel/softirq.c:623)
[    1.983286]  irq_exit_rcu (kernel/softirq.c:657 kernel/softirq.c:496 kernel/softirq.c:723 kernel/softirq.c:739)
[    1.983312]  sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1056 (discriminator 47) arch/x86/kernel/apic/apic.c:1056 (discriminator 47))
[    1.983339]  </IRQ>
[    1.983351]  <TASK>
[    1.983365]  asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:697)
[    1.983397] RIP: 0010:pv_native_safe_halt (arch/x86/kernel/paravirt.c:82)
[    1.983426] Code: 48 8b 3d 74 3a 44 01 e8 1f 00 00 00 48 2b 05 28 a1 60 00 c3 0f 1f 80 00 00 00 00 f3 0f 1e fa eb 07 0f 00 2d a5 b8 21 00 fb f4 <c3> 0f 1f 40 d6 8b 17 89 d6 83 e6 fe 0f 01 f9 66 90 48 c1 e2 20 48
All code
========
   0:	48 8b 3d 74 3a 44 01 	mov    0x1443a74(%rip),%rdi        # 0x1443a7b
   7:	e8 1f 00 00 00       	call   0x2b
   c:	48 2b 05 28 a1 60 00 	sub    0x60a128(%rip),%rax        # 0x60a13b
  13:	c3                   	ret
  14:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
  1b:	f3 0f 1e fa          	endbr64
  1f:	eb 07                	jmp    0x28
  21:	0f 00 2d a5 b8 21 00 	verw   0x21b8a5(%rip)        # 0x21b8cd
  28:	fb                   	sti
  29:	f4                   	hlt
  2a:*	c3                   	ret		<-- trapping instruction
  2b:	0f 1f 40 d6          	nopl   -0x2a(%rax)
  2f:	8b 17                	mov    (%rdi),%edx
  31:	89 d6                	mov    %edx,%esi
  33:	83 e6 fe             	and    $0xfffffffe,%esi
  36:	0f 01 f9             	rdtscp
  39:	66 90                	xchg   %ax,%ax
  3b:	48 c1 e2 20          	shl    $0x20,%rdx
  3f:	48                   	rex.W

Code starting with the faulting instruction
===========================================
   0:	c3                   	ret
   1:	0f 1f 40 d6          	nopl   -0x2a(%rax)
   5:	8b 17                	mov    (%rdi),%edx
   7:	89 d6                	mov    %edx,%esi
   9:	83 e6 fe             	and    $0xfffffffe,%esi
   c:	0f 01 f9             	rdtscp
   f:	66 90                	xchg   %ax,%ax
  11:	48 c1 e2 20          	shl    $0x20,%rdx
  15:	48                   	rex.W
[    1.983508] RSP: 0018:ff490c08400afed8 EFLAGS: 00000216
[    1.983539] RAX: ff3b9b740f94c000 RBX: ff3b9b73812e8000 RCX: 0000000000000000
[    1.983579] RDX: 4000000000000000 RSI: 0000000000000000 RDI: 0000000000015e0c
[    1.983616] RBP: 0000000000000003 R08: 0000000000015e0c R09: ff3b9b73beda4990
[    1.983653] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[    1.983698] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[    1.983732]  ? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:146)
[    1.983761]  default_idle (./arch/x86/include/asm/paravirt.h:107 arch/x86/kernel/process.c:767)
[    1.983783]  default_idle_call (./include/linux/cpuidle.h:144 kernel/sched/idle.c:123)
[    1.983804]  do_idle (kernel/sched/idle.c:192 kernel/sched/idle.c:332)
[    1.983825]  cpu_startup_entry (kernel/sched/idle.c:429)
[    1.983846]  start_secondary (arch/x86/kernel/smpboot.c:312)


Finger prints:
rcuref_put_slowpath:dst_release_immediate:fib_nh_common_release:free_fib_info_rcu:rcu_core
dst_dev_put:fib_nh_common_release:free_fib_info_rcu:rcu_core:handle_softirqs