syzbot

panic: kernel diagnostic assertion "__mp_lock_held(&sched_lock, curcpu()) == 0" failed: file "/syzkaller/managers/multicore/kernel/sys/kern/kern_lock.c", line 63
Stopped at      db_enter+0xa:   popq    %rbp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399
panic() at panic+0x147 sys/kern/subr_prf.c:208
__assert(ffffffff819ccee4,ffff80002119cf50,ffff8000210b6978,ffff80000002f180) at __assert+0x24 sys/kern/subr_prf.c:155
_kernel_lock(ffff8000210b6978,ffff800021198000) at _kernel_lock+0x125 sys/kern/kern_lock.c:63
pageflttrap() at pageflttrap+0x6c sys/arch/amd64/amd64/trap.c:163
kerntrap(9) at kerntrap+0x8d sys/arch/amd64/amd64/trap.c:294
alltraps_kern(6,82000,ffffffffffffffff,0,9,ffff8000210b6978) at alltraps_kern+0x7b
ptsignal(2253,ffff8000210b6978,ffff800021070008) at ptsignal+0x115 sys/kern/kern_sig.c:944
mi_switch() at mi_switch+0x1fb sys/kern/sched_bsd.c:392
sleep_finish(1,ffff80002119d1e0) at sleep_finish+0xd3 sys/kern/kern_synch.c:312
sleep_finish_all(ffff80002119d1e0,32) at sleep_finish_all+0x22 sleep_finish_timeout sys/kern/kern_synch.c:336 [inline]
sleep_finish_all(ffff80002119d1e0,32) at sleep_finish_all+0x22 sys/kern/kern_synch.c:157
tsleep(ffff8000210b6978,3,0,ffff8000210700d0) at tsleep+0x142
single_thread_set(ffff8000210b6978,ffff8000210b6978,0) at single_thread_set+0x28b single_thread_wait sys/kern/kern_sig.c:2051 [inline]
single_thread_set(ffff8000210b6978,ffff8000210b6978,0) at single_thread_set+0x28b sys/kern/kern_sig.c:2042
exit1(ffff8000210b6978,9,0) at exit1+0x84 sys/kern/kern_exit.c:137
end trace frame: 0xffff80002119d3b0, count: 0
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb{0}> 
ddb{0}> set $lines = 0
ddb{0}> show panic
kernel diagnostic assertion "__mp_lock_held(&sched_lock, curcpu()) == 0" failed: file "/syzkaller/managers/multicore/kernel/sys/kern/kern_lock.c", line 63
ddb{0}> trace
db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399
panic() at panic+0x147 sys/kern/subr_prf.c:208
__assert(ffffffff819ccee4,ffff80002119cf50,ffff8000210b6978,ffff80000002f180) at __assert+0x24 sys/kern/subr_prf.c:155
_kernel_lock(ffff8000210b6978,ffff800021198000) at _kernel_lock+0x125 sys/kern/kern_lock.c:63
pageflttrap() at pageflttrap+0x6c sys/arch/amd64/amd64/trap.c:163
kerntrap(9) at kerntrap+0x8d sys/arch/amd64/amd64/trap.c:294
alltraps_kern(6,82000,ffffffffffffffff,0,9,ffff8000210b6978) at alltraps_kern+0x7b
ptsignal(2253,ffff8000210b6978,ffff800021070008) at ptsignal+0x115 sys/kern/kern_sig.c:944
mi_switch() at mi_switch+0x1fb sys/kern/sched_bsd.c:392
sleep_finish(1,ffff80002119d1e0) at sleep_finish+0xd3 sys/kern/kern_synch.c:312
sleep_finish_all(ffff80002119d1e0,32) at sleep_finish_all+0x22 sleep_finish_timeout sys/kern/kern_synch.c:336 [inline]
sleep_finish_all(ffff80002119d1e0,32) at sleep_finish_all+0x22 sys/kern/kern_synch.c:157
tsleep(ffff8000210b6978,3,0,ffff8000210700d0) at tsleep+0x142
single_thread_set(ffff8000210b6978,ffff8000210b6978,0) at single_thread_set+0x28b single_thread_wait sys/kern/kern_sig.c:2051 [inline]
single_thread_set(ffff8000210b6978,ffff8000210b6978,0) at single_thread_set+0x28b sys/kern/kern_sig.c:2042
exit1(ffff8000210b6978,9,0) at exit1+0x84 sys/kern/kern_exit.c:137
postsig(100,ffff8000210b6978) at postsig+0x3ea sigexit sys/kern/kern_sig.c:1500 [inline]
postsig(100,ffff8000210b6978) at postsig+0x3ea sys/kern/kern_sig.c:1432
userret(0) at userret+0x11b sys/kern/kern_sig.c:1882
syscall(0) at syscall+0x54d mi_syscall_return sys/sys/syscall_mi.h:122 [inline]
syscall(0) at syscall+0x54d sys/arch/amd64/amd64/trap.c:605
Xsyscall(6,58,e4c78aeaa00,53,0,e4bffdf0c20) at Xsyscall+0x128
end of kernel
end trace frame: 0xe4c0cbe6590, count: -18
ddb{0}> show registers
rdi               0xffffffff81e4ccd8    kprintf_mutex
rsi                              0x5
rbp               0xffff80002119ceb0
rbx               0xffff80002119cf50
rdx                            0x3fd
rcx                                0
rax                              0x1
r8                0xffff80002119ce80
r9                0x8080808080808080
r10                                0
r11               0xffffffff811311c0    x86_bus_space_io_read_1
r12                     0x3000000008
r13               0xffff80002119cec0
r14                            0x100
r15               0xffffffff81bf41d6    cmd0646_9_tim_udma+0x205dc
rip               0xffffffff811dd9ba    db_enter+0xa
cs                               0x8
rflags                         0x202
rsp               0xffff80002119ceb0
ss                              0x10
db_enter+0xa:   popq    %rbp
ddb{0}> show proc
PROC (syz-executor1) pid=176179 stat=sleep
    flags process=1000<SINGLEEXIT> proc=4002000<WEXIT,THREAD>
    pri=50, usrpri=70, nice=20
    forw=0x0, list=0xffff8000210844b8,0xffff8000210b7c48
    process=0xffff800021070008 user=0xffff800021198000, vmspace=0xffffff007f125c60
    estcpu=36, cpticks=0, pctcpu=0.0
    user=0, sys=0, intr=0
ddb{0}> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
*21344  176179  85943      0  3   0x4003000  suspend       syz-executor1
 21344  197598  85943      0  2   0x4081080                syz-executor1
 85943  314179  10398      0  3        0x82  nanosleep     syz-executor1
 15616  266325  10398      0  3        0x82  nanosleep     syz-executor0
 10398  503759  11244      0  3        0x82  thrsleep      syz-execprog
 10398   80677  11244      0  3   0x4000082  thrsleep      syz-execprog
 10398   77282  11244      0  3   0x4000082  thrsleep      syz-execprog
 10398  198075  11244      0  3   0x4000082  thrsleep      syz-execprog
 10398   68203  11244      0  3   0x4000082  thrsleep      syz-execprog
 10398  511845  11244      0  3   0x4000082  thrsleep      syz-execprog
 10398   49636  11244      0  3   0x4000082  thrsleep      syz-execprog
 10398  214767  11244      0  3   0x4000082  thrsleep      syz-execprog
 10398    1182  11244      0  3   0x4000082  thrsleep      syz-execprog
 10398  270896  11244      0  3   0x4000082  kqread        syz-execprog
 11244  233329  65666      0  3    0x10008a  pause         ksh
 65666  391579  40941      0  3        0x92  select        sshd
 40792  410818      1      0  3    0x100083  ttyin         getty
 40941  122764      1      0  3        0x80  select        sshd
 31826  151817  44156     73  3    0x100090  kqread        syslogd
 44156  340788      1      0  3    0x100082  netio         syslogd
 61712  304078      1     77  3    0x100090  poll          dhclient
 25102   44827      1      0  3        0x80  poll          dhclient
 33544  298902      0      0  2     0x14200                zerothread
 62239  234113      0      0  3     0x14200  aiodoned      aiodoned
 11736  365367      0      0  3     0x14200  syncer        update
 22313   96673      0      0  3     0x14200  cleaner       cleaner
 35985  473901      0      0  3     0x14200  reaper        reaper
 98186  232706      0      0  3     0x14200  pgdaemon      pagedaemon
 24241   40158      0      0  3     0x14200  bored         crynlk
 17010  156809      0      0  3     0x14200  bored         crypto
 52434  347356      0      0  3  0x40014200  acpi0         acpi0
 72501  481015      0      0  3  0x40014200                idle1
  1932  224219      0      0  3     0x14200  bored         softnet
 76063  177337      0      0  3     0x14200  bored         systqmp
  2846   66321      0      0  3     0x14200  bored         systq
 95433  471085      0      0  3  0x40014200  bored         softclock
 31311  445124      0      0  3  0x40014200                idle0
     1  488101      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper