(In reply to Jiri Slaby from comment #0) >> (gdb) p *s >> [...] >> exec_command = {0x200000000000000, 0x0, 0x561c9a282960, 0x0, 0x0, 0x0, 0x0}, I checked the code but I cannot see currently where the boggus value "0x200000000000000" could come from. It doesn't look random though, it looks like the value was set to 0 but one bit was not cleared. It might be interesting to see if the other crashes show the same wrong value at the same location. Maybe you could try to test the system RAM... otherwise without a reproducer I'm running out of idea.