panic: kernel diagnostic assertion "refs > 1" failed: file "/syzkaller/managers/setuid/kernel/sys/kern/kern_synch.c", line 920
Stopped at db_enter+0x25: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
57829 6600 32767 0x10 0 0 syz-executor
*437162 35904 32767 0x10 0x4000000 1 syz-executor
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
panic(ffffffff8344eba7) at panic+0x1e5 sys/kern/subr_prf.c:198
__assert(ffffffff8348d1af,ffffffff8346e810,398,ffffffff8345ab00) at __assert+0x29 sys/kern/subr_prf.c:-1
refcnt_take(ffff8000015f0008) at refcnt_take+0x109 sys/kern/kern_synch.c:921
if_getgroupmembers(ffff80003c4311d0) at if_getgroupmembers+0x11d sys/net/if.c:3256
sys_ioctl(ffff80003c42b4f0,ffff80003c4313b0,ffff80003c431300) at sys_ioctl+0x674 sys/kern/sys_generic.c:-1
syscall(ffff80003c4313b0) at syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80003c4313b0) at syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x3f942c46130, count: 7
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
*cpu1: kernel diagnostic assertion "refs > 1" failed: file "/syzkaller/managers/setuid/kernel/sys/kern/kern_synch.c", line 920
ddb{1}> trace
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
panic(ffffffff8344eba7) at panic+0x1e5 sys/kern/subr_prf.c:198
__assert(ffffffff8348d1af,ffffffff8346e810,398,ffffffff8345ab00) at __assert+0x29 sys/kern/subr_prf.c:-1
refcnt_take(ffff8000015f0008) at refcnt_take+0x109 sys/kern/kern_synch.c:921
if_getgroupmembers(ffff80003c4311d0) at if_getgroupmembers+0x11d sys/net/if.c:3256
sys_ioctl(ffff80003c42b4f0,ffff80003c4313b0,ffff80003c431300) at sys_ioctl+0x674 sys/kern/sys_generic.c:-1
syscall(ffff80003c4313b0) at syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80003c4313b0) at syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x3f942c46130, count: -8
ddb{1}> show registers
rdi 0
rsi 0x1
rbp 0xffff80003c431030
rbx 0xffff8000299bee07
rdx 0xffff8000015a6ac0
rcx 0xffff80003c42b4f0
rax 0xffff8000299bdff0
r8 0x101010101010101
r9 0x8080808080808080
r10 0xc87e7362cde80e84
r11 0x2c20205e97f314a8
r12 0xffff8000299bec08
r13 0
r14 0
r15 0x1
rip 0xffffffff82c0b705 db_enter+0x25
cs 0x8
rflags 0x246
rsp 0xffff80003c431020
ss 0x10
db_enter+0x25: addq $0x8,%rsp
ddb{1}> show proc
PROC (syz-executor) tid=437162 pid=35904 tcnt=2 stat=onproc
flags process=10<SUGID> proc=4000000<THREAD>
runpri=32, usrpri=86, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80003c42a030,0xffff80003c42ba30
process=0xffff8000fffe4020 user=0xffff80003c42c000, vmspace=0xfffffd806c89c400
estcpu=36, cpticks=3, pctcpu=0.0, user=0, sys=3, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
6600 57829 36544 32767 7 0x10 syz-executor
6600 72679 36544 32767 3 0x4000090 fsleep syz-executor
35904 499624 69896 32767 2 0x10 syz-executor
*35904 437162 69896 32767 7 0x4000010 syz-executor
68684 368042 60146 32767 3 0x90 nanoslp syz-executor
68684 518881 60146 32767 3 0x4000090 sbwait syz-executor
68684 28046 60146 32767 3 0x4000090 fsleep syz-executor
9598 16530 60013 32767 3 0x90 nanoslp syz-executor
9598 202230 60013 32767 3 0x4000090 ttyin syz-executor
9598 231310 60013 32767 3 0x4000090 fsleep syz-executor
68157 3327 44861 32767 3 0x90 nanoslp syz-executor
68157 42346 44861 32767 3 0x4000090 fsleep syz-executor
68157 497748 44861 32767 3 0x4000090 fsleep syz-executor
39400 24727 86243 0 3 0x100082 sbwait arp
86243 365430 78489 0 3 0x10008a sigsusp sh
60013 119651 85021 32767 3 0x90 nanoslp syz-executor
36544 58596 7718 32767 3 0x90 nanoslp syz-executor
37142 15126 23126 32767 3 0x90 wait syz-executor
44861 311677 70808 32767 3 0x90 nanoslp syz-executor
60146 209485 65395 32767 3 0x90 nanoslp syz-executor
69896 277466 1464 32767 3 0x90 nanoslp syz-executor
78489 331269 70179 0 3 0x80 wait syz-executor
85021 508953 6034 0 3 0x82 wait syz-executor
1464 392855 6034 0 3 0x82 wait syz-executor
7718 395256 6034 0 3 0x82 wait syz-executor
9441 329869 6034 0 3 0x82 wait syz-executor
70179 347299 6034 0 3 0x82 wait syz-executor
23126 148750 6034 0 3 0x82 wait syz-executor
70808 68315 6034 0 3 0x82 wait syz-executor
65395 350930 6034 0 3 0x82 wait syz-executor
6034 322997 75877 0 3 0x82 kqread syz-executor
75877 313895 84354 0 3 0x10008a sigsusp ksh
84354 252839 87029 0 3 0x98 kqread sshd-session
87029 322752 11128 0 3 0x92 kqread sshd-session
97322 381982 1 0 3 0x100083 ttyin getty
11128 464939 1 0 3 0x88 kqread sshd
69748 463392 30852 73 3 0x1100090 kqread syslogd
30852 359654 1 0 3 0x100082 sbwait syslogd
63094 367382 1 0 3 0x100080 kqread resolvd
54592 71901 70047 77 3 0x100092 kqread dhcpleased
85735 461579 70047 77 3 0x100092 kqread dhcpleased
70047 252906 1 0 3 0x80 kqread dhcpleased
40125 425400 0 0 3 0x14200 bored smr
60394 126425 0 0 3 0x14200 pgzero zerothread
32186 408577 0 0 3 0x14200 aiodoned aiodoned
42595 219044 0 0 3 0x14200 syncer update
22513 127055 0 0 3 0x14200 cleaner cleaner
45299 27433 0 0 3 0x14200 reaper reaper
65110 467047 0 0 3 0x14200 pgdaemon pagedaemon
70843 67660 0 0 3 0x14200 bored viomb
78501 360405 0 0 3 0x40014200 acpi0 acpi0
97223 183650 0 0 3 0x40014200 idle1
47853 66131 0 0 3 0x14200 bored softnet1
35038 374663 0 0 3 0x14200 bored softnet0
59377 322933 0 0 3 0x14200 bored systqmp
61252 76110 0 0 3 0x14200 bored systq
29655 443556 0 0 3 0x14200 tmoslp softclockmp
32413 6703 0 0 3 0x40014200 tmoslp softclock
86836 194905 0 0 3 0x40014200 idle0
1 222281 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
Process 6600 (syz-executor) thread 0xffff80003c42afc0 (72679)
exclusive rrwlock inode r = 0 (0xfffffd8075e0b688)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320
#2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621
#3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527
#4 ufs_ihashins+0x4f ufs_ihash sys/ufs/ufs/ufs_ihash.c:-1 [inline]
#4 ufs_ihashins+0x4f sys/ufs/ufs/ufs_ihash.c:159
#5 ffs_vget+0x187 sys/ufs/ffs/ffs_vfsops.c:1232
#6 ffs_inode_alloc+0x279 sys/ufs/ffs/ffs_alloc.c:393
#7 ufs_makeinode+0xcd sys/ufs/ufs/ufs_vnops.c:1732
#8 ufs_mknod+0x5b sys/ufs/ufs/ufs_vnops.c:167
#9 VOP_MKNOD+0x101 sys/kern/vfs_vops.c:121
#10 domknodat+0x469 sys/kern/vfs_syscalls.c:1659
#11 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#11 syscall+0xb17 sys/arch/amd64/amd64/trap.c:783
#12 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd8075e0ba00)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320
#2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621
#3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527
#4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570
#5 vfs_lookup+0x11c sys/kern/vfs_lookup.c:-1
#6 namei+0x7ca sys/kern/vfs_lookup.c:250
#7 domknodat+0xb4 sys/kern/vfs_syscalls.c:1611
#8 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#8 syscall+0xb17 sys/arch/amd64/amd64/trap.c:783
#9 Xsyscall+0x128
Process 35904 (syz-executor) thread 0xffff80003c42b4f0 (437162)
shared rwlock netlock r = 0 (0xffffffff83960170)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 rw_do_enter_read+0x3e8 sys/kern/kern_rwlock.c:413
#2 if_getgroupmembers+0x66 sys/net/if.c:3240
#3 sys_ioctl+0x674 sys/kern/sys_generic.c:-1
#4 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#4 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783
#5 Xsyscall+0x128
exclusive rwlock iftmplk r = 0 (0xffffffff839600c0)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320
#2 if_getgroupmembers+0x51 sys/net/if.c:3238
#3 sys_ioctl+0x674 sys/kern/sys_generic.c:-1
#4 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#4 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783
#5 Xsyscall+0x128
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 11082 12022K 12034K 166960K 12176 0
pcb 17 12K 12K 166960K 17 0
rtable 227 6K 6K 166960K 362 0
pf 31 16K 16K 166960K 31 0
ifaddr 40 7K 7K 166960K 42 0
ifgroup 50 2K 2K 166960K 50 0
sysctl 3 1K 9K 166960K 8 0
counters 70 37K 37K 166960K 70 0
ioctlops 0 0K 2K 166960K 32 0
iov 0 0K 2K 166960K 5 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1287 81K 81K 166960K 1367 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 3 5K 5K 166960K 6 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 1K 166960K 85 0
dirhash 12 2K 2K 166960K 18 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 26 97K 129K 166960K 289 0
sigio 0 0K 0K 166960K 7 0
proc 58 99K 179K 166960K 504 0
subproc 72 4K 4K 166960K 72 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 32 0
in_multi 89 6K 6K 166960K 91 0
ether_multi 1 0K 0K 166960K 1 0
mrt 0 0K 0K 166960K 7 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 241 1076K 1076K 166960K 241 0
exec 0 0K 1K 166960K 371 0
fusefs mount 1 32K 32K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 253 145K 162K 166960K 4289 0
UVM aobj 9 2K 2K 166960K 10 0
pinsyscall 48 96K 116K 166960K 1341 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 7 0
NDP 11 0K 1K 166960K 25 0
temp 41 9075K 9154K 166960K 4388 0
kqueue 14 22K 29K 166960K 63 0
SYN cache 2 16K 16K 166960K 2 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 26 0 0 1 0 1 1 0 8 0
rtpcb 120 43 0 38 1 0 1 1 0 8 0
rtentry 176 106 0 1 5 0 5 5 0 8 0
unpcb 144 128 0 112 2 0 2 2 0 8 1
syncache 336 5 0 5 1 0 1 1 0 8 1
tcpcb 736 134 0 130 7 0 7 7 0 8 6
arp 136 17 0 0 1 0 1 1 0 8 0
ipq 40 1 0 1 1 0 1 1 0 8 1
ipqe 40 3 0 3 1 0 1 1 0 8 1
inpcb 328 266 0 258 7 0 7 7 0 8 6
ip6q 72 1 0 0 1 0 1 1 0 8 0
ip6af 40 2 0 0 1 0 1 1 0 8 0
nd6 152 24 0 0 1 0 1 1 0 8 0
kcovpl 48 8 0 0 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 425 0 0 27 0 27 27 0 8 0
art_table 40 426 0 0 5 0 5 5 0 8 0
art_node 32 106 0 10 1 0 1 1 0 8 0
sysvmsgpl 40 3 0 2 1 0 1 1 0 8 0
semupl 112 2 0 2 1 0 1 1 0 8 1
semapl 112 79 0 69 1 0 1 1 0 8 0
shmpl 112 7 0 1 1 0 1 1 0 8 0
dirhash 1024 21 0 4 3 0 3 3 0 8 0
dino2pl 256 1789 0 329 92 0 92 92 0 8 0
ffsino 296 1789 0 329 113 0 113 113 0 8 0
nchpl 144 2200 0 513 63 0 63 63 0 8 0
vnodes 216 1870 0 0 104 0 104 104 0 8 0
namei 1024 6790 0 6790 2 0 2 2 0 8 2
percpumem 16 50 0 0 1 0 1 1 0 8 0
kstatmem 264 24 0 0 2 0 2 2 0 8 0
scxspl 216 7494 0 7494 6 1 5 5 1 8 5
plimitpl 152 121 0 95 2 0 2 2 0 8 0
sigapl 424 575 0 521 7 0 7 7 0 8 0
knotepl 120 281 0 0 9 0 9 9 0 8 0
kqueuepl 224 82 0 70 2 0 2 2 0 8 0
pipepl 344 128 0 99 3 0 3 3 0 8 0
fdescpl 528 559 0 521 4 0 4 4 0 8 0
filepl 160 2582 0 2362 12 0 12 12 0 8 1
lockfpl 104 121 0 119 1 0 1 1 0 8 0
lockfspl 48 27 0 25 1 0 1 1 0 8 0
sessionpl 144 29 0 12 1 0 1 1 0 8 0
pgrppl 48 41 0 16 1 0 1 1 0 8 0
ucredpl 104 414 0 396 1 0 1 1 0 8 0
zombiepl 144 523 0 521 1 0 1 1 0 8 0
processpl 1232 575 0 521 5 0 5 5 0 8 0
procpl 664 824 0 762 7 0 7 7 0 8 0
sockpl 752 439 0 410 10 0 10 10 0 8 6
mcl64k 65536 1 0 0 1 0 1 1 0 8 0
mcl16k 16384 1 0 0 1 0 1 1 0 8 0
mcl8k 8192 2 0 0 1 0 1 1 0 8 0
mcl4k 4096 113 0 0 15 0 15 15 0 8 1
mcl2k 2048 26 0 0 4 0 4 4 0 8 0
mtagpl 96 2 0 0 1 0 1 1 0 8 0
mbufpl 256 285 0 0 18 0 18 18 0 8 0
bufpl 280 2417 0 102 166 0 166 166 0 8 0
anonpl 32 7584 0 0 62 0 62 62 0 246 0
amapchunkpl 152 13043 0 12460 30 0 30 30 0 158 6
amappl16 200 2534 0 2286 18 4 14 14 0 8 0
amappl15 192 7 0 7 1 1 0 1 0 8 0
amappl14 184 399 0 396 1 0 1 1 0 8 0
amappl13 176 109 0 98 1 0 1 1 0 8 0
amappl12 168 792 0 755 2 0 2 2 0 8 0
amappl11 160 6 0 6 1 1 0 1 0 8 0
amappl10 152 167 0 157 1 0 1 1 0 8 0
amappl9 144 265 0 265 1 1 0 1 0 8 0
amappl8 136 91 0 90 1 0 1 1 0 8 0
amappl7 128 138 0 126 1 0 1 1 0 8 0
amappl6 120 149 0 147 1 0 1 1 0 8 0
amappl5 112 86 0 79 1 0 1 1 0 8 0
amappl4 104 249 0 232 1 0 1 1 0 8 0
amappl3 96 2374 0 2241 5 1 4 4 0 8 0
amappl2 88 488 0 434 2 0 2 2 0 8 0
amappl1 80 9942 0 9327 17 0 17 17 0 8 2
amappl 88 3600 0 3414 5 0 5 5 0 92 0
uvmvnodes 80 105 0 0 3 0 3 3 0 8 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 9 0 1 1 0 1 1 0 8 0
uaddrrnd 24 559 0 521 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 559 0 521 1 0 1 1 0 8 0
vmmpekpl 168 6195 0 6161 2 0 2 2 0 8 0
vmmpepl 168 44256 0 41930 106 0 106 106 0 357 4
vmsppl 488 558 0 521 7 1 6 6 0 8 0
rwobjpl 80 15705 0 14466 26 0 26 26 0 8 0
pdppl 4096 1125 0 1042 109 24 85 99 0 8 2
pvpl 32 15985 0 0 129 0 129 129 0 265 0
pmappl 256 558 0 521 4 1 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 289 0 27 8 0 8 8 0 8 0
ddb{1}> machine ddbcpu 0
Stopped at x86_ipi_db+0x27: addq $0x8,%rsp
x86_ipi_db(ffffffff838fcff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x33 kd_curproc sys/dev/kcov.c:585 [inline]
__sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x33 sys/dev/kcov.c:153
__mp_lock(ffffffff83a0c2c0) at __mp_lock+0x1a3 __mp_lock_spin sys/kern/kern_lock.c:142 [inline]
__mp_lock(ffffffff83a0c2c0) at __mp_lock+0x1a3 sys/kern/kern_lock.c:173
uvm_fault(fffffd806c89c218,67791d08000,0,1) at uvm_fault+0x1ea sys/uvm/uvm_fault.c:650
upageflttrap(ffff80003c416f60,67791d08000) at upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:192
usertrap(ffff80003c416f60) at usertrap+0x430 sys/arch/amd64/amd64/trap.c:640
recall_trap() at recall_trap+0x8
end of kernel
end trace frame: 0x79514e24a380, count: 6
ddb{0}> trace
x86_ipi_db(ffffffff838fcff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x33 kd_curproc sys/dev/kcov.c:585 [inline]
__sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x33 sys/dev/kcov.c:153
__mp_lock(ffffffff83a0c2c0) at __mp_lock+0x1a3 __mp_lock_spin sys/kern/kern_lock.c:142 [inline]
__mp_lock(ffffffff83a0c2c0) at __mp_lock+0x1a3 sys/kern/kern_lock.c:173
uvm_fault(fffffd806c89c218,67791d08000,0,1) at uvm_fault+0x1ea sys/uvm/uvm_fault.c:650
upageflttrap(ffff80003c416f60,67791d08000) at upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:192
usertrap(ffff80003c416f60) at usertrap+0x430 sys/arch/amd64/amd64/trap.c:640
recall_trap() at recall_trap+0x8
end of kernel
end trace frame: 0x79514e24a380, count: -9
ddb{0}> machine ddbcpu 1
Stopped at db_enter+0x25: addq $0x8,%rsp
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
panic(ffffffff8344eba7) at panic+0x1e5 sys/kern/subr_prf.c:198
__assert(ffffffff8348d1af,ffffffff8346e810,398,ffffffff8345ab00) at __assert+0x29 sys/kern/subr_prf.c:-1
refcnt_take(ffff8000015f0008) at refcnt_take+0x109 sys/kern/kern_synch.c:921
if_getgroupmembers(ffff80003c4311d0) at if_getgroupmembers+0x11d sys/net/if.c:3256
sys_ioctl(ffff80003c42b4f0,ffff80003c4313b0,ffff80003c431300) at sys_ioctl+0x674 sys/kern/sys_generic.c:-1
syscall(ffff80003c4313b0) at syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80003c4313b0) at syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x3f942c46130, count: 7
ddb{1}> trace
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
panic(ffffffff8344eba7) at panic+0x1e5 sys/kern/subr_prf.c:198
__assert(ffffffff8348d1af,ffffffff8346e810,398,ffffffff8345ab00) at __assert+0x29 sys/kern/subr_prf.c:-1
refcnt_take(ffff8000015f0008) at refcnt_take+0x109 sys/kern/kern_synch.c:921
if_getgroupmembers(ffff80003c4311d0) at if_getgroupmembers+0x11d sys/net/if.c:3256
sys_ioctl(ffff80003c42b4f0,ffff80003c4313b0,ffff80003c431300) at sys_ioctl+0x674 sys/kern/sys_generic.c:-1
syscall(ffff80003c4313b0) at syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80003c4313b0) at syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x3f942c46130, count: -8