illumos gate

An OmniOS user reported a crash while testing the bits from #13674 .
By mistake, the user ran a shell script which looped doing something like:

while :; do
    pfexec bhyvectl --vm="$VM_NAME" --destroy
    pfexec bhyve .... -o config.dump=1 "$VM_NAME" 
done

while $VM_NAME was already running.

> ::status
debugging crash dump vmcore.0 (64-bit) from xxxx
operating system: 5.11 bhyve-march2021-sync-0-gfa511c933c (i86pc)
build version: gfx-drm - heads/master-0-gbdc58b1-dirty

image uuid: 060db466-xxx
panic message: BAD TRAP: type=e (#pf Page fault) rp=fffffe007b5d9970 addr=38 occurred in module "unix" due to a NULL pointer dereference
dump content: kernel pages and pages from PID -1

> $C
fffffe007b5d9aa0 mutex_enter+0xb()
fffffe007b5d9b00 vmm_do_vm_destroy_locked+0x138(fffffe59d7a0c000, 1, fffffe007b5d9b1c)
fffffe007b5d9b40 vmmdev_do_vm_destroy+0xae(fffffe007b5d9b6b, fffffe59e1662430)
fffffe007b5d9cb0 vmm_ioctl+0x1e9(11f00000000, 564d02, c36120, 202403, fffffe59e1662430, fffffe007b5d9e08)
fffffe007b5d9cf0 cdev_ioctl+0x2b(11f00000000, 564d02, c36120, 202403, fffffe59e1662430, fffffe007b5d9e08)
fffffe007b5d9d40 spec_ioctl+0x45(fffffe5bc4f38c00, 564d02, c36120, 202403, fffffe59e1662430, fffffe007b5d9e08, 0)
fffffe007b5d9dd0 fop_ioctl+0x5b(fffffe5bc4f38c00, 564d02, c36120, 202403, fffffe59e1662430, fffffe007b5d9e08, 0)
fffffe007b5d9ef0 ioctl+0x153(3, 564d02, c36120)
fffffe007b5d9f00 sys_syscall+0x283()

> vmm_do_vm_destroy_locked+0x138::dis
vmm_do_vm_destroy_locked+0x12e: jmp    -0x39    <vmm_do_vm_destroy_locked+0xf7>
vmm_do_vm_destroy_locked+0x130: movq   %rbx,%rdi
vmm_do_vm_destroy_locked+0x133: call   +0x1dac8 <vmm_zsd_rem_vm>
vmm_do_vm_destroy_locked+0x138: jmp    -0xd8    <vmm_do_vm_destroy_locked+0x65>
vmm_do_vm_destroy_locked+0x13d: nopl   (%rax)
vmm_do_vm_destroy_locked+0x140: movl   $0x763,%edx

> vmm_list::walk list | ::print -at vmm_softc_t vmm_zsd
fffffe59d7a0c1a8 vmm_zsd_t *vmm_zsd = 0