kernel: protection fault trap, code=0
Stopped at in6_addmulti+0xc4: movzbl 0x1(%rax),%ebx
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
the kernel did not panic
ddb{1}> trace
in6_addmulti(ffff800024b22bd8,ffff800000d1d000,ffff800024b22c6c) at in6_addmulti+0xc4 sys/netinet6/in6.c:1037
in6_update_ifa(ffff800000d1d000,ffff800024b22ce0,0) at in6_update_ifa+0x1418 in6_joingroup sys/netinet6/in6.c:1154 [inline]
in6_update_ifa(ffff800000d1d000,ffff800024b22ce0,0) at in6_update_ifa+0x1418 sys/netinet6/in6.c:776
in6_ifattach_linklocal(ffff800000d1d000,0) at in6_ifattach_linklocal+0x28d sys/netinet6/in6_ifattach.c:281
in6_ifattach(ffff800000d1d000) at in6_ifattach+0x1bb sys/netinet6/in6_ifattach.c:405
ifnewlladdr(ffff800000d1d000) at ifnewlladdr+0x180 sys/net/if.c:3204
ifioctl(fffffd8067f265e8,8020691f,ffff800024b22f40,ffff8000211f58d0) at ifioctl+0x1f5e sys/net/if.c:2253
sys_ioctl(ffff8000211f58d0,ffff800024b23058,ffff800024b230a0) at sys_ioctl+0x4a2
syscall(ffff800024b23120) at syscall+0x606 mi_syscall sys/sys/syscall_mi.h:110 [inline]
syscall(ffff800024b23120) at syscall+0x606 sys/arch/amd64/amd64/trap.c:625
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x5fb17d5bd30, count: -9
ddb{1}> show registers
rdi 0xffff80002c7f0000
rsi 0x4a52 __ALIGN_SIZE+0x3a52
rbp 0xffff800024b22ac0
rbx 0
rdx 0xffff80002c7f0000
rcx 0x4a51 __ALIGN_SIZE+0x3a51
rax 0xdeaf0036deafbead
r8 0x2
r9 0xfffffd8073423010
r10 0x4b937265e1a97644
r11 0x49527ecf01d27b08
r12 0xffff800000cf9400
r13 0xffff800024b22bd8
r14 0xffff800024b22c6c
r15 0xffff800000d1d000
rip 0xffffffff810e3c54 in6_addmulti+0xc4
cs 0x8
rflags 0x10286 __ALIGN_SIZE+0xf286
rsp 0xffff800024b22940
ss 0x10
in6_addmulti+0xc4: movzbl 0x1(%rax),%ebx
ddb{1}> show proc
PROC (syz-executor.5) pid=299598 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=32, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff8000211f4b38,0xffff8000211f4320
process=0xffff8000212a6e28 user=0xffff800024b1e000, vmspace=0xfffffd8008a06898
estcpu=36, cpticks=0, pctcpu=0.0
user=0, sys=0, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
66708 418342 60902 0 3 0x80 nanoslp syz-executor.0
66708 366363 60902 0 3 0x4000080 fsleep syz-executor.0
66708 160490 60902 0 3 0x4000080 netio syz-executor.0
6461 272866 40090 0 2 0 syz-executor.4
6461 184366 40090 0 2 0x4000000 syz-executor.4
67915 489719 93841 0 7 0 syz-executor.5
67915 184629 93841 0 3 0x4000000 smrbar syz-executor.5
*67915 299598 93841 0 7 0x4000000 syz-executor.5
79635 363531 69444 0 3 0x82 piperd syz-executor.3
40090 376899 69444 0 2 0x482 syz-executor.4
72956 346018 1 0 3 0 vmmaplk syz-executor.4
72956 507786 1 0 3 0x4000000 vmmaplk syz-executor.4
72956 98142 1 0 3 0x4000080 fsleep syz-executor.4
72956 237057 1 0 3 0x4000000 vmmaplk syz-executor.4
68549 16015 69444 0 3 0x2 biowait syz-executor.6
93841 295837 69444 0 2 0x482 syz-executor.5
69235 377918 0 0 3 0x14200 acct acct
37871 234474 0 0 3 0x14200 bored sosplice
60125 4668 69444 0 3 0x82 piperd syz-executor.7
61558 266191 69444 0 2 0x482 syz-executor.2
84010 445995 69444 0 2 0x482 syz-executor.1
60902 74395 69444 0 2 0x482 syz-executor.0
69444 224479 14226 0 3 0x82 wait syz-fuzzer
69444 69177 14226 0 3 0x4000082 thrsleep syz-fuzzer
69444 445073 14226 0 3 0x4000082 wait syz-fuzzer
69444 41904 14226 0 3 0x4000082 kqread syz-fuzzer
69444 10933 14226 0 3 0x4000082 wait syz-fuzzer
69444 293532 14226 0 3 0x4000082 wait syz-fuzzer
69444 420738 14226 0 3 0x4000082 wait syz-fuzzer
69444 197760 14226 0 3 0x4000082 thrsleep syz-fuzzer
69444 416150 14226 0 3 0x4000082 thrsleep syz-fuzzer
69444 123822 14226 0 3 0x4000082 thrsleep syz-fuzzer
69444 302720 14226 0 3 0x4000082 thrsleep syz-fuzzer
69444 439123 14226 0 3 0x4000082 wait syz-fuzzer
69444 485404 14226 0 3 0x4000082 wait syz-fuzzer
69444 498686 14226 0 3 0x4000082 wait syz-fuzzer
69444 299320 14226 0 3 0x4000082 thrsleep syz-fuzzer
14226 306727 49620 0 3 0x10008a sigsusp ksh
49620 296935 61065 0 3 0x9a kqread sshd
56955 473580 1 0 3 0x100083 ttyin getty
61065 517264 1 0 3 0x88 kqread sshd
20599 245486 68946 74 3 0x1100092 bpf pflogd
68946 397866 1 0 3 0x80 netio pflogd
20959 87449 22938 73 3 0x1100090 kqread syslogd
22938 282774 1 0 3 0x100082 netio syslogd
4816 84360 1 0 3 0x100080 kqread resolvd
11092 403130 92027 77 3 0x100092 kqread dhcpleased
73034 277544 92027 77 3 0x100092 kqread dhcpleased
92027 209563 1 0 3 0x80 kqread dhcpleased
10792 284945 0 0 3 0x14200 bored smr
46488 501805 0 0 2 0x14200 zerothread
52864 280141 0 0 3 0x14200 aiodoned aiodoned
63436 8670 0 0 3 0x14200 syncer update
44990 257203 0 0 3 0x14200 cleaner cleaner
96691 127476 0 0 3 0x14200 reaper reaper
53292 182290 0 0 3 0x14200 pgdaemon pagedaemon
46712 54177 0 0 3 0x14200 bored viomb
90746 264461 0 0 3 0x40014200 acpi0 acpi0
9324 362823 0 0 3 0x40014200 idle1
24869 404318 0 0 3 0x14200 bored softnet
70189 310349 0 0 3 0x14200 bored softnet
74045 379733 0 0 3 0x14200 bored softnet
72074 444296 0 0 2 0x14200 softnet
87845 258188 0 0 3 0x14200 bored systqmp
35276 463841 0 0 3 0x14200 bored systq
97589 506232 0 0 3 0x40014200 bored softclock
87637 276093 0 0 3 0x40014200 idle0
1 202166 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10212 6495K 7311K 78643K 13993 0
pcb 13 16K 18K 78643K 422 0
rtable 175 15K 18K 78643K 892 0
ifaddr 72 23K 26K 78643K 257 0
sysctl 2 0K 0K 78643K 2 0
counters 56 35K 36K 78643K 232 0
ioctlops 0 0K 4K 78643K 1875 0
iov 0 0K 20K 78643K 203 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 4 0
vnodes 1443 90K 90K 78643K 3061 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 3 5K 9K 78643K 31 0
VM map 2 1K 1K 78643K 2 0
sem 12 0K 0K 78643K 163 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12548 0
file desc 14 49K 81K 78643K 2221 0
sigio 0 0K 0K 78643K 323 0
proc 73 91K 140K 78643K 828 0
subproc 117 7K 7K 78643K 208 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 102 0
in_multi 61 4K 6K 78643K 226 0
ether_multi 1 0K 0K 78643K 4 0
mrt 0 0K 0K 78643K 6 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 73 334K 334K 78643K 73 0
exec 0 0K 1K 78643K 647 0
tdb 3 0K 0K 78643K 3 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 8 62K 64K 78643K 10 0
UVM amap 335 96K 112K 78643K 17152 0
UVM aobj 131 4K 4K 78643K 131 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 72 0
NDP 13 0K 0K 78643K 89 0
temp 137 5778K 6802K 78643K 16924 0
kqueue 12 18K 24K 78643K 231 0
SYN cache 2 16K 16K 78643K 2 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 22 0 0 1 0 1 1 0 8 0
rtpcb 120 253 0 250 5 4 1 3 0 8 0
rtentry 112 241 0 169 4 0 4 4 0 8 0
unpcb 144 4478 0 4461 31 25 6 8 0 8 5
syncache 296 21 0 21 7 7 0 1 0 8 0
tcpqe 32 530 0 530 5 5 0 2 0 8 0
tcpcb 776 847 0 842 35 34 1 14 0 8 0
arp 120 40 0 27 1 0 1 1 0 8 0
inpcb 368 2410 0 2398 41 39 2 16 0 8 0
nd6 48 53 0 40 1 0 1 1 0 8 0
kcovpl 48 16 0 7 1 0 1 1 0 8 0
ppxss 1256 68 0 68 5 5 0 1 0 8 0
pppxif 1456 6 0 6 2 2 0 1 0 8 0
pfstscr 40 6 0 6 2 2 0 1 0 8 0
pffrag 232 25 0 25 1 1 0 1 0 482 0
pffrnode 88 25 0 25 1 1 0 1 0 8 0
pffrent 40 49 0 49 1 1 0 1 0 8 0
pfosfp 40 1474 0 1048 5 0 5 5 0 8 0
pfosfpen 112 1474 0 753 21 0 21 21 0 8 0
pfanchor 1280 7 0 0 1 0 1 1 0 8 0
pfstitem 24 52 0 42 1 0 1 1 0 8 0
pfstkey 128 60 0 50 2 1 1 2 0 8 0
pfstate 384 54 0 44 4 2 2 4 0 8 0
pfrule 1344 21 0 16 2 1 1 2 0 8 0
art_heap8 4096 3 0 2 3 2 1 2 0 8 0
art_heap4 256 1089 0 769 32 11 21 30 0 8 0
art_table 32 1092 0 771 4 0 4 4 0 8 0
art_node 16 240 0 174 1 0 1 1 0 8 0
sysvmsgpl 40 74 0 70 1 0 1 1 0 8 0
semapl 112 156 0 146 1 0 1 1 0 8 0
shmpl 112 128 0 0 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 4318 0 2873 91 0 91 91 0 8 0
ffsino 272 4318 0 2873 97 0 97 97 0 8 0
nchpl 144 7813 0 6169 63 0 63 63 0 8 0
rtmask 32 9 0 9 4 4 0 1 0 8 0
uvmvnodes 80 5824 0 0 119 0 119 119 0 8 0
vnodes 216 5824 0 0 324 0 324 324 0 8 0
namei 1024 27190 0 27189 5 4 1 2 0 8 0
percpumem 16 129 0 88 1 0 1 1 0 8 0
vmpool 696 4 0 4 1 1 0 1 0 8 0
kstatmem 264 106 0 80 2 0 2 2 0 8 0
scsiplug 72 3 0 3 1 1 0 1 0 8 0
scxspl 216 21430 0 21429 19 18 1 8 0 8 0
plimitpl 152 244 0 227 1 0 1 1 0 8 0
sigapl 424 2549 0 2501 9 3 6 8 0 8 0
futexpl 64 19392 0 19390 1 0 1 1 0 8 0
knotepl 120 338 0 0 9 0 9 9 0 8 0
kqueuepl 216 685 0 677 19 18 1 5 0 8 0
pipepl 320 600 0 571 16 13 3 8 0 8 0
fdescpl 496 2510 0 2483 8 3 5 5 0 8 1
filepl 152 20485 0 20226 50 33 17 19 0 8 6
lockfpl 104 600 0 598 1 0 1 1 0 8 0
lockfspl 48 208 0 206 1 0 1 1 0 8 0
sessionpl 144 32 0 14 1 0 1 1 0 8 0
pgrppl 48 74 0 56 1 0 1 1 0 8 0
ucredpl 104 1680 0 1668 1 0 1 1 0 8 0
zombiepl 144 2503 0 2501 3 2 1 1 0 8 0
processpl 1072 2549 0 2501 5 1 4 5 0 8 0
procpl 696 6446 0 6376 12 4 8 9 0 8 0
srpgc 96 18 0 18 9 8 1 1 0 8 1
sosppl 168 20 0 20 5 5 0 1 0 8 0
sockpl 488 7208 0 7177 158 137 21 28 0 8 16
mcl64k 65536 14 0 0 2 0 2 2 0 8 0
mcl16k 16384 7 0 0 1 0 1 1 0 8 0
mcl12k 12288 22 0 0 2 0 2 2 0 8 0
mcl9k 9216 4 0 0 1 0 1 1 0 8 0
mcl8k 8192 17 0 0 3 0 3 3 0 8 0
mcl4k 4096 18 0 0 3 0 3 3 0 8 0
mcl2k2 2112 4 0 0 1 0 1 1 0 8 0
mcl2k 2048 397 0 0 49 0 49 49 0 8 0
mtagpl 96 76 0 0 2 0 2 2 0 8 0
mbufpl 256 1832 0 0 105 0 105 105 0 8 0
bufpl 288 7011 0 686 452 0 452 452 0 8 0
anonpl 24 560286 0 542455 168 45 123 147 0 186 0
amapchunkpl 152 49055 0 48293 51 18 33 43 0 158 0
amappl16 200 6937 0 6313 76 42 34 46 0 8 0
amappl15 192 7 0 7 1 1 0 1 0 8 0
amappl14 184 187 0 170 2 0 2 2 0 8 0
amappl13 176 3 0 3 1 1 0 1 0 8 0
amappl12 168 524 0 523 1 0 1 1 0 8 0
amappl11 160 49 0 34 1 0 1 1 0 8 0
amappl10 152 50 0 39 1 0 1 1 0 8 0
amappl9 144 974 0 974 7 6 1 1 0 8 1
amappl8 136 240 0 172 3 0 3 3 0 8 0
amappl7 128 185 0 156 2 0 2 2 0 8 0
amappl6 120 239 0 225 2 1 1 2 0 8 0
amappl5 112 211 0 201 1 0 1 1 0 8 0
amappl4 104 595 0 563 3 2 1 2 0 8 0
amappl3 96 6984 0 6928 2 0 2 2 0 8 0
amappl2 88 3031 0 2952 4 2 2 4 0 8 0
amappl1 80 59407 0 58635 28 10 18 28 0 8 0
amappl 88 16493 0 16301 6 1 5 5 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 130 0 0 3 0 3 3 0 8 0
uaddrrnd 24 2516 0 2489 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 2516 0 2489 1 0 1 1 0 8 0
vmmpekpl 168 25445 0 25384 3 0 3 3 0 8 0
vmmpepl 168 241670 0 238843 228 88 140 156 0 357 5
vmsppl 440 2515 0 2489 5 1 4 4 0 8 0
rwobjpl 56 71550 0 63733 120 8 112 112 0 8 1
pdppl 4096 5039 0 4978 251 180 71 77 0 8 10
pvpl 32 1135997 0 1112224 392 183 209 367 0 265 0
pmappl 248 2515 0 2489 3 1 2 3 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 1146 0 243 26 0 26 26 0 8 0
ddb{1}> machine ddbcpu 0
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
ddb{0}> trace
x86_ipi_db(ffffffff82b24ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
__mp_lock(ffffffff82db6020) at __mp_lock+0x122 __mp_lock_spin sys/kern/kern_lock.c:116 [inline]
__mp_lock(ffffffff82db6020) at __mp_lock+0x122 sys/kern/kern_lock.c:147
intr_handler(ffff8000293b53e0,ffff80000067c100) at intr_handler+0x5e sys/arch/amd64/amd64/intr.c:532
Xintr_ioapic_edge24_untramp() at Xintr_ioapic_edge24_untramp+0x18f
__mp_lock(ffffffff82db6020) at __mp_lock+0x122 __mp_lock_spin sys/kern/kern_lock.c:116 [inline]
__mp_lock(ffffffff82db6020) at __mp_lock+0x122 sys/kern/kern_lock.c:147
intr_handler(ffff8000293b5530,ffff80000006ba00) at intr_handler+0x5e sys/arch/amd64/amd64/intr.c:532
Xintr_ioapic_edge21_untramp() at Xintr_ioapic_edge21_untramp+0x18f
end of kernel
end trace frame: 0x7f7fffff2ee0, count: -9
ddb{0}> machine ddbcpu 1
Stopped at in6_addmulti+0xc4: movzbl 0x1(%rax),%ebx
ddb{1}> trace
in6_addmulti(ffff800024b22bd8,ffff800000d1d000,ffff800024b22c6c) at in6_addmulti+0xc4 sys/netinet6/in6.c:1037
in6_update_ifa(ffff800000d1d000,ffff800024b22ce0,0) at in6_update_ifa+0x1418 in6_joingroup sys/netinet6/in6.c:1154 [inline]
in6_update_ifa(ffff800000d1d000,ffff800024b22ce0,0) at in6_update_ifa+0x1418 sys/netinet6/in6.c:776
in6_ifattach_linklocal(ffff800000d1d000,0) at in6_ifattach_linklocal+0x28d sys/netinet6/in6_ifattach.c:281
in6_ifattach(ffff800000d1d000) at in6_ifattach+0x1bb sys/netinet6/in6_ifattach.c:405
ifnewlladdr(ffff800000d1d000) at ifnewlladdr+0x180 sys/net/if.c:3204
ifioctl(fffffd8067f265e8,8020691f,ffff800024b22f40,ffff8000211f58d0) at ifioctl+0x1f5e sys/net/if.c:2253
sys_ioctl(ffff8000211f58d0,ffff800024b23058,ffff800024b230a0) at sys_ioctl+0x4a2
syscall(ffff800024b23120) at syscall+0x606 mi_syscall sys/sys/syscall_mi.h:110 [inline]
syscall(ffff800024b23120) at syscall+0x606 sys/arch/amd64/amd64/trap.c:625
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x5fb17d5bd30, count: -9