kernel: protection fault trap, code=0 Stopped at in6_addmulti+0xc4: movzbl 0x1(%rax),%ebx ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace in6_addmulti(ffff80002b3f0b88,ffff800000d17000,ffff80002b3f0c1c) at in6_addmulti+0xc4 sys/netinet6/in6.c:1037 in6_update_ifa(ffff800000d17000,ffff80002b3f0c90,0) at in6_update_ifa+0x1418 in6_joingroup sys/netinet6/in6.c:1154 [inline] in6_update_ifa(ffff800000d17000,ffff80002b3f0c90,0) at in6_update_ifa+0x1418 sys/netinet6/in6.c:776 in6_ifattach_linklocal(ffff800000d17000,0) at in6_ifattach_linklocal+0x28d sys/netinet6/in6_ifattach.c:281 in6_ifattach(ffff800000d17000) at in6_ifattach+0x1bb sys/netinet6/in6_ifattach.c:405 ifnewlladdr(ffff800000d17000) at ifnewlladdr+0x180 sys/net/if.c:3204 ifioctl(fffffd805ff665f0,8020691f,ffff80002b3f0ef0,ffff800021202838) at ifioctl+0x1f5e sys/net/if.c:2253 sys_ioctl(ffff800021202838,ffff80002b3f1008,ffff80002b3f1050) at sys_ioctl+0x4a2 syscall(ffff80002b3f10d0) at syscall+0x606 mi_syscall sys/sys/syscall_mi.h:110 [inline] syscall(ffff80002b3f10d0) at syscall+0x606 sys/arch/amd64/amd64/trap.c:625 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x47be01850b0, count: -9 ddb{0}> show registers rdi 0xffff80002afae000 rsi 0x4e1b __ALIGN_SIZE+0x3e1b rbp 0xffff80002b3f0a70 rbx 0 rdx 0xffff80002afae000 rcx 0x4e1a __ALIGN_SIZE+0x3e1a rax 0xdead0036dead4110 r8 0x2 r9 0 r10 0x2937a07f17a0c330 r11 0xfe052f4537193185 r12 0xffff800000d46c00 r13 0xffff80002b3f0b88 r14 0xffff80002b3f0c1c r15 0xffff800000d17000 rip 0xffffffff810e3c54 in6_addmulti+0xc4 cs 0x8 rflags 0x10286 __ALIGN_SIZE+0xf286 rsp 0xffff80002b3f08f0 ss 0x10 in6_addmulti+0xc4: movzbl 0x1(%rax),%ebx ddb{0}> show proc PROC (syz-executor.6) pid=215921 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff80002121d5e0,0xffff800021203328 process=0xffff8000ffff6a00 user=0xffff80002b3ec000, vmspace=0xfffffd8070f69a68 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 65747 355108 46572 0 3 0x80 nanoslp syz-executor.1 65747 137795 46572 0 3 0x4000080 fsleep syz-executor.1 11265 339340 48990 0 3 0x80 nanoslp syz-executor.7 11265 345562 48990 0 2 0x4000000 syz-executor.7 11265 249035 48990 0 3 0x4000080 fsleep syz-executor.7 16099 272273 17419 0 3 0x80 nanoslp syz-executor.0 16099 384700 17419 0 3 0x4000080 fsleep syz-executor.0 16099 395962 17419 0 3 0x4000080 fsleep syz-executor.0 16099 495177 17419 0 3 0x4000080 fsleep syz-executor.0 40768 57380 59043 0 3 0x80 nanoslp syz-executor.2 40768 92397 59043 0 3 0x4000080 fsleep syz-executor.2 40768 179641 59043 0 2 0x4000000 syz-executor.2 40768 151897 59043 0 3 0x4000080 fsleep syz-executor.2 14238 476507 17333 0 2 0x4081000 syz-executor.3 14238 51143 17333 0 2 0x4081000 syz-executor.3 14238 20464 17333 0 3 0x4003000 suspend syz-executor.3 17103 350826 26201 0 3 0x80 nanoslp syz-executor.4 17103 186661 26201 0 3 0x4000080 fsleep syz-executor.4 17103 379444 26201 0 3 0x4000080 fsleep syz-executor.4 17103 333177 26201 0 3 0x4000080 fsleep syz-executor.4 92188 377871 16359 0 3 0x80 nanoslp syz-executor.6 92188 205658 16359 0 3 0x4000000 smrbar syz-executor.6 *92188 215921 16359 0 7 0x4000000 syz-executor.6 92188 96059 16359 0 3 0x4000080 fsleep syz-executor.6 39017 430094 12672 0 3 0x80 nanoslp syz-executor.5 39017 324411 12672 0 3 0x4000080 netio syz-executor.5 39017 107175 12672 0 3 0x4000080 fsleep syz-executor.5 16359 253746 69456 0 3 0x82 nanoslp syz-executor.6 48990 403780 69456 0 3 0x82 nanoslp syz-executor.7 17419 394604 69456 0 3 0x82 nanoslp syz-executor.0 17333 217603 69456 0 3 0x82 nanoslp syz-executor.3 26201 255173 69456 0 3 0x82 nanoslp syz-executor.4 46572 202554 69456 0 3 0x82 nanoslp syz-executor.1 59043 18902 69456 0 3 0x82 nanoslp syz-executor.2 12672 456907 69456 0 3 0x82 nanoslp syz-executor.5 58264 100834 1 0 3 0x100083 ttyopn getty 51572 43667 0 0 3 0x14200 bored sosplice 69456 310437 72080 0 3 0x82 wait syz-fuzzer 69456 99204 72080 0 3 0x4000082 thrsleep syz-fuzzer 69456 82611 72080 0 3 0x4000082 wait syz-fuzzer 69456 408721 72080 0 3 0x4000082 thrsleep syz-fuzzer 69456 353105 72080 0 3 0x4000082 wait syz-fuzzer 69456 160383 72080 0 3 0x4000082 wait syz-fuzzer 69456 216775 72080 0 3 0x4000082 wait syz-fuzzer 69456 443459 72080 0 3 0x4000082 kqread syz-fuzzer 69456 354622 72080 0 3 0x4000082 thrsleep syz-fuzzer 69456 299664 72080 0 3 0x4000082 thrsleep syz-fuzzer 69456 57966 72080 0 3 0x4000082 thrsleep syz-fuzzer 69456 247539 72080 0 3 0x4000082 wait syz-fuzzer 69456 186608 72080 0 3 0x4000082 wait syz-fuzzer 69456 321852 72080 0 3 0x4000082 wait syz-fuzzer 69456 450799 72080 0 3 0x4000082 thrsleep syz-fuzzer 69456 16863 72080 0 3 0x4000082 thrsleep syz-fuzzer 72080 268969 42285 0 3 0x10008a sigsusp ksh 42285 333831 98225 0 3 0x9a kqread sshd 98225 514756 1 0 3 0x88 kqread sshd 4732 31146 91491 74 2 0x1100012 pflogd 91491 141129 1 0 3 0x80 netio pflogd 49484 246199 19167 73 3 0x1100090 kqread syslogd 19167 160327 1 0 3 0x100082 netio syslogd 38355 8811 1 0 3 0x100080 kqread resolvd 6480 399312 0 0 3 0x14200 bored smr 15131 76283 0 0 3 0x14200 pgzero zerothread 54958 111830 0 0 3 0x14200 aiodoned aiodoned 48142 25582 0 0 3 0x14200 syncer update 98064 283750 0 0 3 0x14200 cleaner cleaner 54497 511528 0 0 3 0x14200 reaper reaper 73288 174151 0 0 3 0x14200 pgdaemon pagedaemon 97930 79743 0 0 3 0x14200 bored viomb 86590 514519 0 0 3 0x40014200 acpi0 acpi0 22067 428226 0 0 7 0x40014200 idle1 44782 387123 0 0 3 0x14200 bored softnet 27053 430444 0 0 3 0x14200 bored softnet 97443 119918 0 0 2 0x14200 softnet 58531 459069 0 0 3 0x14200 bored softnet 18668 419181 0 0 2 0x14200 systqmp 21587 369576 0 0 3 0x14200 bored systq 93672 23786 0 0 3 0x40014200 bored softclock 94870 377845 0 0 3 0x40014200 idle0 1 109315 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10245 6533K 7036K 78643K 21060 0 pcb 13 22K 26K 78643K 4475 0 rtable 229 17K 18K 78643K 4672 0 ifaddr 86 29K 30K 78643K 1519 0 sysctl 3 1K 2K 78643K 8 0 counters 60 35K 36K 78643K 1250 0 ioctlops 0 0K 4K 78643K 3159 0 iov 0 0K 32K 78643K 2830 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1559 97K 98K 78643K 11149 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 3 5K 9K 78643K 288 0 VM map 2 1K 1K 78643K 2 0 sem 10 0K 1K 78643K 143 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 18 65K 89K 78643K 19001 0 sigio 0 0K 0K 78643K 652 0 proc 65 67K 115K 78643K 3196 0 subproc 104 6K 10K 78643K 991 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 1141 0 in_multi 81 5K 7K 78643K 1723 0 ether_multi 1 0K 0K 78643K 120 0 mrt 1 0K 0K 78643K 85 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 241 1076K 1076K 78643K 241 0 exec 0 0K 1K 78643K 3964 0 pfkey data 0 0K 0K 78643K 3 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 437 96K 112K 78643K 127985 0 UVM aobj 131 4K 4K 78643K 131 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 670 0 NDP 16 0K 1K 78643K 547 0 temp 145 5778K 6802K 78643K 154253 0 kqueue 6 10K 26K 78643K 1652 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 1855 0 1854 20 18 2 3 0 8 1 rtentry 112 1545 0 1450 5 1 4 4 0 8 1 unpcb 144 14907 0 14899 146 140 6 11 0 8 5 syncache 296 129 0 129 27 26 1 1 0 8 1 tcpqe 32 250 0 250 23 22 1 1 0 8 1 tcpcb 776 7658 0 7650 212 209 3 14 0 8 2 arp 120 220 0 196 1 0 1 1 0 8 0 inpcb 368 42059 0 42041 414 403 11 22 0 8 8 ip6q 72 5 0 5 2 2 0 1 0 8 0 ip6af 40 10 0 10 2 2 0 1 0 8 0 nd6 48 317 0 298 1 0 1 1 0 8 0 pkpcb 40 59 0 59 14 14 0 1 0 8 0 kcovpl 48 71 0 63 1 0 1 1 0 8 0 mppekey 1024 53 0 53 7 7 0 1 0 8 0 ppxss 1256 386 0 386 34 33 1 1 0 8 1 pppxif 1456 246 0 246 24 24 0 1 0 8 0 pffrag 232 73 0 71 7 6 1 1 0 482 0 pffrnode 88 73 0 71 7 6 1 1 0 8 0 pffrent 40 213 0 211 8 7 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfanchor 1280 5 0 0 1 0 1 1 0 8 0 pfstitem 24 348 0 324 1 0 1 1 0 8 0 pfstkey 128 348 0 324 3 2 1 2 0 8 0 pfstate 384 348 0 324 9 6 3 5 0 8 0 pfrule 1344 21 0 16 2 1 1 2 0 8 0 rttmr 136 23 0 23 7 7 0 1 0 8 0 art_heap8 4096 8 0 7 6 5 1 2 0 8 0 art_heap4 256 7553 0 7029 70 37 33 33 0 8 0 art_table 32 7561 0 7036 7 2 5 5 0 8 0 art_node 16 1530 0 1442 1 0 1 1 0 8 0 sysvmsgpl 40 10 0 4 1 0 1 1 0 8 0 semupl 112 3 0 3 2 2 0 1 0 8 0 semapl 112 8 0 0 1 0 1 1 0 8 0 shmpl 112 128 0 0 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 27314 0 25789 97 1 96 96 0 8 0 ffsino 272 27314 0 25789 102 0 102 102 0 8 0 nchpl 144 53320 0 51679 63 0 63 63 0 8 0 rtmask 32 13 0 13 5 5 0 1 0 8 0 uvmvnodes 80 7111 0 0 146 0 146 146 0 8 0 vnodes 216 7111 0 0 396 0 396 396 0 8 0 namei 1024 187200 0 187200 11 10 1 2 0 8 1 percpumem 16 638 0 595 1 0 1 1 0 8 0 vmpool 696 85 0 85 11 11 0 1 0 8 0 kstatmem 264 616 0 584 6 3 3 3 0 8 0 scsiplug 72 11 0 11 5 5 0 1 0 8 0 scxspl 216 154020 0 154020 41 40 1 8 0 8 1 plimitpl 152 2076 0 2060 1 0 1 1 0 8 0 sigapl 424 19236 0 19190 12 6 6 8 0 8 0 futexpl 64 190065 0 190053 1 0 1 1 0 8 0 knotepl 120 1110 0 0 11 0 11 11 0 8 0 kqueuepl 216 4451 0 4446 72 71 1 8 0 8 0 pipepl 320 5058 0 5030 131 128 3 17 0 8 0 fdescpl 496 19175 0 19147 6 1 5 5 0 8 0 filepl 152 152832 0 152598 240 224 16 23 0 8 6 lockfpl 104 4142 0 4140 8 7 1 2 0 8 0 lockfspl 48 1472 0 1470 1 0 1 1 0 8 0 sessionpl 144 88 0 72 1 0 1 1 0 8 0 pgrppl 48 339 0 323 1 0 1 1 0 8 0 ucredpl 104 17583 0 17573 1 0 1 1 0 8 0 zombiepl 144 19191 0 19190 7 6 1 1 0 8 0 processpl 1072 19236 0 19190 6 2 4 5 0 8 0 procpl 696 50978 0 50897 27 19 8 10 0 8 0 srpgc 96 75 0 75 25 24 1 1 0 8 1 sosppl 168 342 0 341 28 27 1 1 0 8 0 sockpl 488 58912 0 58885 991 979 12 37 0 8 8 mcl64k 65536 17 0 0 3 0 3 3 0 8 0 mcl16k 16384 25 0 0 4 1 3 3 0 8 0 mcl12k 12288 25 0 0 3 1 2 2 0 8 0 mcl9k 9216 15 0 0 2 0 2 2 0 8 0 mcl8k 8192 37 0 0 4 1 3 3 0 8 0 mcl4k 4096 25 0 0 3 0 3 3 0 8 0 mcl2k2 2112 5 0 0 1 0 1 1 0 8 0 mcl2k 2048 501 0 0 56 20 36 56 0 8 0 mtagpl 96 380 0 0 9 1 8 9 0 8 0 mbufpl 256 2157 0 0 102 0 102 102 0 8 0 bufpl 288 31798 0 24686 509 0 509 509 0 8 0 anonpl 24 3785322 0 3767193 358 232 126 170 0 186 0 amapchunkpl 152 365288 0 364448 149 115 34 62 0 158 0 amappl16 200 34334 0 33776 236 205 31 44 0 8 0 amappl15 192 4 0 3 2 1 1 1 0 8 0 amappl14 184 376 0 360 3 2 1 2 0 8 0 amappl13 176 8 0 8 1 1 0 1 0 8 0 amappl12 168 1195 0 1190 1 0 1 1 0 8 0 amappl11 160 53 0 44 1 0 1 1 0 8 0 amappl10 152 102 0 93 1 0 1 1 0 8 0 amappl9 144 1043 0 1041 1 0 1 1 0 8 0 amappl8 136 801 0 633 6 0 6 6 0 8 0 amappl7 128 339 0 315 2 0 2 2 0 8 0 amappl6 120 585 0 565 2 1 1 2 0 8 0 amappl5 112 646 0 640 1 0 1 1 0 8 0 amappl4 104 1439 0 1400 5 3 2 2 0 8 0 amappl3 96 56597 0 56531 2 0 2 2 0 8 0 amappl2 88 20769 0 20692 6 3 3 4 0 8 0 amappl1 80 432954 0 432194 30 14 16 28 0 8 0 amappl 88 126461 0 126217 8 2 6 6 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 130 0 0 3 0 3 3 0 8 0 uaddrrnd 24 19260 0 19232 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 19260 0 19232 1 0 1 1 0 8 0 vmmpekpl 168 146390 0 146326 4 0 4 4 0 8 0 vmmpepl 168 1756112 0 1753105 470 328 142 166 0 357 0 vmsppl 440 19259 0 19232 7 3 4 5 0 8 0 rwobjpl 56 458240 0 449162 158 30 128 129 0 8 0 pdppl 4096 38527 0 38464 840 777 63 83 0 8 0 pvpl 32 7490893 0 7466389 700 487 213 366 0 265 0 pmappl 248 19259 0 19232 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 2268 0 1297 28 0 28 28 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace in6_addmulti(ffff80002b3f0b88,ffff800000d17000,ffff80002b3f0c1c) at in6_addmulti+0xc4 sys/netinet6/in6.c:1037 in6_update_ifa(ffff800000d17000,ffff80002b3f0c90,0) at in6_update_ifa+0x1418 in6_joingroup sys/netinet6/in6.c:1154 [inline] in6_update_ifa(ffff800000d17000,ffff80002b3f0c90,0) at in6_update_ifa+0x1418 sys/netinet6/in6.c:776 in6_ifattach_linklocal(ffff800000d17000,0) at in6_ifattach_linklocal+0x28d sys/netinet6/in6_ifattach.c:281 in6_ifattach(ffff800000d17000) at in6_ifattach+0x1bb sys/netinet6/in6_ifattach.c:405 ifnewlladdr(ffff800000d17000) at ifnewlladdr+0x180 sys/net/if.c:3204 ifioctl(fffffd805ff665f0,8020691f,ffff80002b3f0ef0,ffff800021202838) at ifioctl+0x1f5e sys/net/if.c:2253 sys_ioctl(ffff800021202838,ffff80002b3f1008,ffff80002b3f1050) at sys_ioctl+0x4a2 syscall(ffff80002b3f10d0) at syscall+0x606 mi_syscall sys/sys/syscall_mi.h:110 [inline] syscall(ffff80002b3f10d0) at syscall+0x606 sys/arch/amd64/amd64/trap.c:625 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x47be01850b0, count: -9 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff800020d68ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 sched_idle(ffff800020d68ff0) at sched_idle+0x417 sys/kern/kern_sched.c:175 end trace frame: 0x0, count: -5