(In reply to Marcus Meissner from comment #3) > might be a security bug? ;) I was not trying to hack my own laptop :-) Overlooking your irony tag, it looks like a use-after-free. device_del klist_del(n) klist_put(n) knode_klist(n)->put(n) (called via __x86_indirect_thunk_rax()) and the put() address (also in rax!) has wrong page permissions.