kernel: protection fault trap, code=0
Stopped at      in_delmulti+0x8d:       movl    0xc(%r14),%r15d
ddb> 
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
the kernel did not panic
ddb> trace
in_delmulti(fbdfefffffffffff) at in_delmulti+0x8d sys/netinet/in.c:914
in_purgeaddr(ffff800000ad7300) at in_purgeaddr+0x156 sys/netinet/in.c:760
in_ifdetach(ffff800000ac7000) at in_ifdetach+0x74 sys/netinet/in.c:971
if_detach(ffff800000ac7000) at if_detach+0x140 sys/net/if.c:1032
tun_clone_destroy(ffff800000ac7000) at tun_clone_destroy+0x1c7 sys/net/if_tun.c:326
tun_dev_close(5d01,7) at tun_dev_close+0x160 sys/net/if_tun.c:477
spec_close(ffff80001f98cfe0) at spec_close+0x311 sys/kern/spec_vnops.c:560
VOP_CLOSE(fffffd805dc6d9c0,7,fffffd806c3bfb40,ffff80001d6bf160) at VOP_CLOSE+0xc0 sys/kern/vfs_vops.c:174
vn_closefile(fffffd80647f2d98,ffff80001d6bf160) at vn_closefile+0xd2 vn_close sys/kern/vfs_vnops.c:298 [inline]
vn_closefile(fffffd80647f2d98,ffff80001d6bf160) at vn_closefile+0xd2 sys/kern/vfs_vnops.c:614
fdrop(fffffd80647f2d98,ffff80001d6bf160) at fdrop+0xc2 sys/kern/kern_descrip.c:1279
closef(fffffd80647f2d98,ffff80001d6bf160) at closef+0x117 sys/kern/kern_descrip.c:1263
fdfree(ffff80001d6bf160) at fdfree+0x100 sys/kern/kern_descrip.c:1195
exit1(ffff80001d6bf160,0,0,1) at exit1+0x32c sys/kern/kern_exit.c:197
sys_exit(ffff80001d6bf160,ffff80001f98d270,ffff80001f98d2c0) at sys_exit+0x16 sys/kern/kern_exit.c:95
syscall(ffff80001f98d340) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffce8d0, count: -16
ddb> show registers
rdi                              0x2
rsi                                0
rbp               0xffff80001f98cdb0
rbx                                0
rdx                                0
rcx                              0x1
rax               0xffff80001d6bf160
r8                0xffff800000ad7300
r9                0xffffffff81256843    rt_ifa_purge+0x153
r10                              0x5
r11               0x2f40cef714a69816
r12                                0
r13                              0x3
r14               0xfbdfefffffffffff
r15                              0x1
rip               0xffffffff817ba21d    in_delmulti+0x8d
cs                               0x8
rflags                       0x10246    __ALIGN_SIZE+0xf246
rsp               0xffff80001f98cd50
ss                              0x10
in_delmulti+0x8d:       movl    0xc(%r14),%r15d
ddb> show proc
PROC (syz-executor.1) pid=42519 stat=onproc
    flags process=1008<EXITING,SINGLEEXIT> proc=2000<WEXIT>
    pri=32, usrpri=75, nice=20
    forw=0xffffffffffffffff, list=0xffff80001d6be018,0xffffffff8280e530
    process=0xffff80001d6c0ed0 user=0xffff80001f988000, vmspace=0xfffffd806bc0a000
    estcpu=25, cpticks=0, pctcpu=0.1
    user=0, sys=0, intr=0
ddb> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 88883  303869      0      0  3     0x14200  acct          acct
 41662  349328      0      0  3     0x14200  bored         sosplice
 22138  157800  81210      0  3         0x2  biowait       syz-executor.0
 81210  439852  14642      0  3        0x82  thrsleep      syz-fuzzer
 81210   50025  14642      0  3   0x4000082  nanosleep     syz-fuzzer
 81210  315259  14642      0  3   0x4000082  thrsleep      syz-fuzzer
 81210  142356  14642      0  3   0x4000082  thrsleep      syz-fuzzer
 81210  439256  14642      0  3   0x4000082  thrsleep      syz-fuzzer
 81210  248200  14642      0  2   0x4000002                syz-fuzzer
 81210  392688  14642      0  3   0x4000082  thrsleep      syz-fuzzer
 81210  295982  14642      0  3   0x4000082  thrsleep      syz-fuzzer
 14642  487640  67822      0  3    0x10008a  pause         ksh
 67822  134667  19167      0  3        0x92  select        sshd
 14563  122552      1      0  3    0x100083  ttyin         getty
 19167  130797      1      0  3        0x80  select        sshd
 81496  169399  59549     73  3    0x100090  kqread        syslogd
 59549  276759      1      0  3    0x100082  netio         syslogd
 47257   56647      1     77  2    0x100090                dhclient
 19775  225044      1      0  3        0x80  poll          dhclient
 97594  460037      0      0  3     0x14200  bored         smr
 24712  216215      0      0  2     0x14200                zerothread
 46181  513849      0      0  3     0x14200  aiodoned      aiodoned
 17559   82530      0      0  3     0x14200  syncer        update
  9321  123174      0      0  3     0x14200  cleaner       cleaner
  9030  134962      0      0  3     0x14200  reaper        reaper
 68398  120842      0      0  3     0x14200  pgdaemon      pagedaemon
 40830  205776      0      0  3     0x14200  bored         crynlk
 36426  445785      0      0  3     0x14200  bored         crypto
 85841  441756      0      0  3  0x40014200  acpi0         acpi0
 53254  482663      0      0  3     0x14200  bored         softnet
 86884   42326      0      0  2     0x14200                systqmp
 88424  355899      0      0  3     0x14200  bored         systq
 60671   23331      0      0  3  0x40014200  bored         softclock
 89105  225256      0      0  3  0x40014200                idle0
     1  388146      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper
ddb> show all locks
No such command
ddb> show malloc
           Type InUse  MemUse  HighUse   Limit  Requests Type Lim
         devbuf  9458   6326K    6972K  78643K     11056        0
            pcb    13      8K       8K  78643K        75        0
         rtable   139      9K      10K  78643K       374        0
         ifaddr    60     14K      16K  78643K       110        0
         sysctl     2      0K       0K  78643K         2        0
       counters    21     16K      17K  78643K        25        0
       ioctlops     0      0K       4K  78643K        71        0
            iov     0      0K      12K  78643K        17        0
          mount     1      1K       1K  78643K         1        0
         vnodes  1219     77K      77K  78643K      1355        0
      UFS quota     1     32K      32K  78643K         1        0
      UFS mount     5     36K      36K  78643K         5        0
            shm     2      1K       5K  78643K         5        0
         VM map     2      0K       0K  78643K         2        0
            sem    12      0K       1K  78643K        92        0
        dirhash     9      1K       2K  78643K        12        0
           ACPI  1809    195K     288K  78643K     12938        0
      file desc     4      9K      25K  78643K       343        0
           proc    49     38K      54K  78643K       397        0
        subproc    23      1K       2K  78643K        34        0
    NFS srvsock     1      0K       0K  78643K         1        0
     NFS daemon     1     16K      16K  78643K         1        0
    ip_moptions     0      0K       0K  78643K        30        0
       in_multi    56      3K       3K  78643K       128        0
    ether_multi     1      0K       0K  78643K        12        0
            mrt     0      0K       0K  78643K         2        0
    ISOFS mount     1     32K      32K  78643K         1        0
  MSDOSFS mount     1     16K      16K  78643K         1        0
           ttys    55    254K     254K  78643K        55        0
           exec     0      0K       1K  78643K       201        0
        pagedep     1      8K       8K  78643K         1        0
       inodedep     1     32K      32K  78643K         1        0
         newblk     1      0K       0K  78643K         1        0
        VM swap     7     26K      26K  78643K         7        0
       UVM amap   147     23K      25K  78643K      1639        0
       UVM aobj     4      2K       3K  78643K         8        0
        memdesc     1      4K       4K  78643K         1        0
    crypto data     1      1K       1K  78643K         1        0
    ip6_options     0      0K       0K  78643K        56        0
            NDP     6      0K       0K  78643K        23        0
           temp    84   3868K    3933K  78643K     15141        0
         kqueue     3      4K      12K  78643K        29        0
      SYN cache     2     16K      16K  78643K         2        0
ddb> show all pools
Name      Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp         64        8    0        3     1     0     1     1     0     8    0
rtpcb       88       41    0       39     1     0     1     1     0     8    0
rtentry    112       74    0       27     2     0     2     2     0     8    0
unpcb      120      197    0      189     1     0     1     1     0     8    0
syncache   272        6    0        6     2     1     1     1     0     8    1
tcpqe       32      301    0      301     2     1     1     1     0     8    1
tcpcb      592      475    0      455     8     4     4     5     0     8    1
inpcb      296      709    0      698     3     1     2     2     0     8    0
rttmr       72        1    0        1     1     1     0     1     0     8    0
nd6         48       22    0       12     1     0     1     1     0     8    0
pfstscr     40        6    0        3     1     0     1     1     0     8    0
pfrktable  1344      33    0       21     2     1     1     2     0     8    0
pftag       88        8    0        4     1     0     1     1     0     8    0
pfstitem    24        3    0        0     1     0     1     1     0     8    0
pfstkey    112        6    0        3     1     0     1     1     0     8    0
pfstate    328        4    0        2     1     0     1     1     0     8    0
pfrule     1360      16    0        4     1     0     1     1     0     8    0
art_heap8  4096       2    0        0     2     0     2     2     0     8    0
art_heap4  256      348    0       60    18     0    18    18     0     8    0
art_table   32      350    0       60     3     0     3     3     0     8    0
art_node    16       73    0       26     1     0     1     1     0     8    0
sysvmsgpl   40       23    0       22     1     0     1     1     0     8    0
semupl     112        2    0        2     1     1     0     1     0     8    0
semapl     112       80    0       70     1     0     1     1     0     8    0
shmpl      112        5    0        4     2     1     1     1     0     8    0
dirhash    1024      17    0       10     3     0     3     3     0     8    1
dino2pl    256     1808    0      410    88     0    88    88     0     8    0
ffsino     240     1808    0      410    83     0    83    83     0     8    0
nchpl      144     2445    0      877    60     0    60    60     0     8    0
uvmvnodes   72     1957    0        0    36     0    36    36     0     8    0
vnodes     208     1957    0        0   103     0   103   103     0     8    0
namei      1024    6343    0     6343     1     0     1     1     0     8    1
pfiaddrpl  120       18    0        6     1     0     1     1     0     8    0
scxspl     200     7244    0     7243     1     0     1     1     0     8    0
plimitpl   152       41    0       34     1     0     1     1     0     8    0
sigapl     424      531    0      502     4     0     4     4     0     8    0
futexpl     56     7098    0     7098     1     0     1     1     0     8    1
knotepl    112       84    0       70     1     0     1     1     0     8    0
kqueuepl   152       48    0       46     1     0     1     1     0     8    0
pipepl     272      117    0      109     3     2     1     2     0     8    0
fdescpl    432      515    0      502     2     0     2     2     0     8    0
filepl     120     2941    0     2859     5     1     4     5     0     8    1
lockfpl    104       59    0       58     1     0     1     1     0     8    0
lockfspl    48       26    0       25     1     0     1     1     0     8    0
sessionpl  120       17    0        7     1     0     1     1     0     8    0
pgrppl      48       19    0        9     1     0     1     1     0     8    0
ucredpl     96      244    0      237     1     0     1     1     0     8    0
zombiepl   144      503    0      502     1     0     1     1     0     8    0
processpl  944      531    0      502     4     0     4     4     0     8    0
procpl     632      914    0      878     4     0     4     4     0     8    0
sockpl     400      959    0      941     5     2     3     4     0     8    1
mcl64k     65536      8    0        8     2     1     1     1     0     8    1
mcl16k     16384      3    0        3     2     1     1     1     0     8    1
mcl12k     12288     11    0       11     2     1     1     1     0     8    1
mcl9k      9216       3    0        3     2     1     1     1     0     8    1
mcl8k      8192       8    0        8     1     0     1     1     0     8    1
mcl4k      4096      39    0       39     3     2     1     1     0     8    1
mcl2k      2048   93592    0    93542    22    15     7    19     0     8    0
mtagpl      96       61    0       33     3     1     2     2     0     8    0
mbufpl     256   150684    0   150516    25     3    22    22     0     8    1
bufpl      280     3899    0      116   271     0   271   271     0     8    0
anonpl      16    64322    0    46605    90    10    80    80     0   107    8
amapchunkpl 152    2343    0     2169    20     8    12    14     0   158    5
amappl16   192     2287    0     1357    53     6    47    53     0     8    0
amappl15   184        3    0        1     1     0     1     1     0     8    0
amappl14   176      313    0      308     1     0     1     1     0     8    0
amappl13   168       26    0       23     1     0     1     1     0     8    0
amappl12   160       24    0       21     1     0     1     1     0     8    0
amappl11   152      355    0      344     1     0     1     1     0     8    0
amappl10   144       12    0        8     1     0     1     1     0     8    0
amappl9    136      353    0      352     1     0     1     1     0     8    0
amappl8    128      340    0      286     2     0     2     2     0     8    0
amappl7    120      101    0       90     1     0     1     1     0     8    0
amappl6    112      191    0      184     1     0     1     1     0     8    0
amappl5    104      142    0      132     1     0     1     1     0     8    0
amappl4     96      733    0      704     1     0     1     1     0     8    0
amappl3     88      275    0      266     1     0     1     1     0     8    0
amappl2     80     3277    0     3211     2     0     2     2     0     8    0
amappl1     72    20716    0    20314    22    13     9    17     0     8    0
amappl      80     1149    0     1099     2     0     2     2     0    84    0
dma4096    4096       1    0        1     1     1     0     1     0     8    0
dma256     256        6    0        6     1     1     0     1     0     8    0
dma128     128      253    0      253     1     1     0     1     0     8    0
dma64       64        6    0        6     1     1     0     1     0     8    0
dma32       32        7    0        7     1     1     0     1     0     8    0
dma16       16       18    0       17     1     0     1     1     0     8    0
aobjpl      64        7    0        4     1     0     1     1     0     8    0
uaddrrnd    24      515    0      502     1     0     1     1     0     8    0
uaddrbest   32        2    0        0     1     0     1     1     0     8    0
uaddr       24      515    0      502     1     0     1     1     0     8    0
vmmpekpl   168     7219    0     7194     2     0     2     2     0     8    0
vmmpepl    168    69213    0    67239   119    22    97   115     0   357    6
vmsppl     272      514    0      502     2     1     1     2     0     8    0
pdppl      4096    1036    0     1004     6     1     5     6     0     8    0
pvpl        32   196070    0   175455   201    12   189   189     0   265   19
pmappl     200      514    0      502     1     0     1     1     0     8    0
extentpl    40       53    0       36     1     0     1     1     0     8    0
phpool     112      271    0       31     7     0     7     7     0     8    0
ddb> machine ddbcpu 0
No such command
ddb> trace
in_delmulti(fbdfefffffffffff) at in_delmulti+0x8d sys/netinet/in.c:914
in_purgeaddr(ffff800000ad7300) at in_purgeaddr+0x156 sys/netinet/in.c:760
in_ifdetach(ffff800000ac7000) at in_ifdetach+0x74 sys/netinet/in.c:971
if_detach(ffff800000ac7000) at if_detach+0x140 sys/net/if.c:1032
tun_clone_destroy(ffff800000ac7000) at tun_clone_destroy+0x1c7 sys/net/if_tun.c:326
tun_dev_close(5d01,7) at tun_dev_close+0x160 sys/net/if_tun.c:477
spec_close(ffff80001f98cfe0) at spec_close+0x311 sys/kern/spec_vnops.c:560
VOP_CLOSE(fffffd805dc6d9c0,7,fffffd806c3bfb40,ffff80001d6bf160) at VOP_CLOSE+0xc0 sys/kern/vfs_vops.c:174
vn_closefile(fffffd80647f2d98,ffff80001d6bf160) at vn_closefile+0xd2 vn_close sys/kern/vfs_vnops.c:298 [inline]
vn_closefile(fffffd80647f2d98,ffff80001d6bf160) at vn_closefile+0xd2 sys/kern/vfs_vnops.c:614
fdrop(fffffd80647f2d98,ffff80001d6bf160) at fdrop+0xc2 sys/kern/kern_descrip.c:1279
closef(fffffd80647f2d98,ffff80001d6bf160) at closef+0x117 sys/kern/kern_descrip.c:1263
fdfree(ffff80001d6bf160) at fdfree+0x100 sys/kern/kern_descrip.c:1195
exit1(ffff80001d6bf160,0,0,1) at exit1+0x32c sys/kern/kern_exit.c:197
sys_exit(ffff80001d6bf160,ffff80001f98d270,ffff80001f98d2c0) at sys_exit+0x16 sys/kern/kern_exit.c:95
syscall(ffff80001f98d340) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffce8d0, count: -16
ddb> machine ddbcpu 1
No such command
ddb> trace
in_delmulti(fbdfefffffffffff) at in_delmulti+0x8d sys/netinet/in.c:914
in_purgeaddr(ffff800000ad7300) at in_purgeaddr+0x156 sys/netinet/in.c:760
in_ifdetach(ffff800000ac7000) at in_ifdetach+0x74 sys/netinet/in.c:971
if_detach(ffff800000ac7000) at if_detach+0x140 sys/net/if.c:1032
tun_clone_destroy(ffff800000ac7000) at tun_clone_destroy+0x1c7 sys/net/if_tun.c:326
tun_dev_close(5d01,7) at tun_dev_close+0x160 sys/net/if_tun.c:477
spec_close(ffff80001f98cfe0) at spec_close+0x311 sys/kern/spec_vnops.c:560
VOP_CLOSE(fffffd805dc6d9c0,7,fffffd806c3bfb40,ffff80001d6bf160) at VOP_CLOSE+0xc0 sys/kern/vfs_vops.c:174
vn_closefile(fffffd80647f2d98,ffff80001d6bf160) at vn_closefile+0xd2 vn_close sys/kern/vfs_vnops.c:298 [inline]
vn_closefile(fffffd80647f2d98,ffff80001d6bf160) at vn_closefile+0xd2 sys/kern/vfs_vnops.c:614
fdrop(fffffd80647f2d98,ffff80001d6bf160) at fdrop+0xc2 sys/kern/kern_descrip.c:1279
closef(fffffd80647f2d98,ffff80001d6bf160) at closef+0x117 sys/kern/kern_descrip.c:1263
fdfree(ffff80001d6bf160) at fdfree+0x100 sys/kern/kern_descrip.c:1195
exit1(ffff80001d6bf160,0,0,1) at exit1+0x32c sys/kern/kern_exit.c:197
sys_exit(ffff80001d6bf160,ffff80001f98d270,ffff80001f98d2c0) at sys_exit+0x16 sys/kern/kern_exit.c:95
syscall(ffff80001f98d340) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffce8d0, count: -16