panic: kernel diagnostic assertion "dtlookup(unit) == NULL" failed: file "/syzkaller/managers/main/kernel/sys/dev/dt/dt_dev.c", line 158
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
* 13682 26248 0 0 0x4000000 0 syz-executor.0
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440
panic(ffffffff82549a0b) at panic+0x161 sys/kern/subr_prf.c:202
__assert(ffffffff825b952b,ffffffff825dcd39,9e,ffffffff82566db3) at __assert+0x25 sys/kern/subr_prf.c:161
dtopen(31e6e,1,2000,ffff800026539268) at dtopen+0x1c4 sys/dev/dt/dt_dev.c:158
spec_open_clone(ffff80002ea1d088) at spec_open_clone+0x204
spec_open(ffff80002ea1d088) at spec_open+0x3f5 sys/kern/spec_vnops.c:155
VOP_OPEN(fffffd80693f0860,1,fffffd807f7d88a0,ffff800026539268) at VOP_OPEN+0x6c sys/kern/vfs_vops.c:138
vn_open(ffff80002ea1d2d8,1,0) at vn_open+0x467 sys/kern/vfs_vnops.c:183
doopenat(ffff800026539268,ffffff9c,20000000,0,0,ffff80002ea1d4c0) at doopenat+0x26a sys/kern/vfs_syscalls.c:1128
syscall(ffff80002ea1d530) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x3ed9365a910, count: 4
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: kernel diagnostic assertion "dtlookup(unit) == NULL" failed: file "/syzkaller/managers/main/kernel/sys/dev/dt/dt_dev.c", line 158
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440
panic(ffffffff82549a0b) at panic+0x161 sys/kern/subr_prf.c:202
__assert(ffffffff825b952b,ffffffff825dcd39,9e,ffffffff82566db3) at __assert+0x25 sys/kern/subr_prf.c:161
dtopen(31e6e,1,2000,ffff800026539268) at dtopen+0x1c4 sys/dev/dt/dt_dev.c:158
spec_open_clone(ffff80002ea1d088) at spec_open_clone+0x204
spec_open(ffff80002ea1d088) at spec_open+0x3f5 sys/kern/spec_vnops.c:155
VOP_OPEN(fffffd80693f0860,1,fffffd807f7d88a0,ffff800026539268) at VOP_OPEN+0x6c sys/kern/vfs_vops.c:138
vn_open(ffff80002ea1d2d8,1,0) at vn_open+0x467 sys/kern/vfs_vnops.c:183
doopenat(ffff800026539268,ffffff9c,20000000,0,0,ffff80002ea1d4c0) at doopenat+0x26a sys/kern/vfs_syscalls.c:1128
syscall(ffff80002ea1d530) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x3ed9365a910, count: -11
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff80002ea1ce60
rbx 0
rdx 0xffff800000d25140
rcx 0
rax 0xffff800026539268
r8 0x101010101010101
r9 0x8080808080808080
r10 0x3d6f56cc364090c8
r11 0xd075044b18fb4d16
r12 0
r13 0xffff800000bc4f00
r14 0
r15 0x1
rip 0xffffffff81d364f8 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff80002ea1ce50
ss 0
db_enter+0x18: addq $0x8,%rsp
ddb> show proc
PROC (syz-executor.0) pid=13682 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=84, usrpri=84, nice=20
forw=0xffffffffffffffff, list=0xffff8000265382a8,0xffff800026539a58
process=0xffff8000230fdb80 user=0xffff80002ea18000, vmspace=0xfffffd805e248340
estcpu=34, cpticks=1, pctcpu=0.0
user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
63487 523854 68970 0 2 0 syz-executor.6
63487 347302 68970 0 2 0x4000000 syz-executor.6
54403 402420 32087 0 2 0 syz-executor.1
54403 300951 32087 0 2 0x4000000 syz-executor.1
54403 181245 32087 0 2 0x4000000 syz-executor.1
19869 41957 18806 0 3 0 futex syz-executor.7
19869 32263 18806 0 3 0x4000080 fsleep syz-executor.7
19869 482721 18806 0 2 0x4000000 syz-executor.7
19869 223187 18806 0 2 0x4000000 syz-executor.7
12860 254470 21074 0 4 0x82004 syz-executor.3
12860 64561 21074 0 2 0x4002004 syz-executor.3
12860 214060 21074 0 4 0x4082004 syz-executor.3
12860 209792 21074 0 4 0x4082004 syz-executor.3
12860 195613 21074 0 4 0x4082004 syz-executor.3
26248 9672 13552 0 2 0 syz-executor.0
26248 327413 13552 0 3 0x4000080 dtread syz-executor.0
26248 392887 13552 0 2 0x4000000 syz-executor.0
*26248 13682 13552 0 7 0x4000000 syz-executor.0
40160 296868 1 0 3 0x100083 ttyin getty
45251 367339 53036 0 2 0x2 syz-executor.4
68970 458969 53036 0 3 0x82 nanoslp syz-executor.6
32087 97968 53036 0 3 0x82 nanoslp syz-executor.1
88424 506099 53036 0 2 0x2 syz-executor.5
18806 316891 53036 0 3 0x82 nanoslp syz-executor.7
21074 104484 53036 0 3 0x82 nanoslp syz-executor.3
13552 372407 53036 0 3 0x82 nanoslp syz-executor.0
92817 390577 0 0 3 0x14280 nfsidl nfsio
33194 496058 0 0 3 0x14280 nfsidl nfsio
80930 238672 0 0 3 0x14280 nfsidl nfsio
74288 15873 0 0 3 0x14280 nfsidl nfsio
90815 339721 0 0 3 0x14280 nfsidl nfsio
23836 376748 0 0 3 0x14280 nfsidl nfsio
63275 148005 53036 0 2 0x2 syz-executor.2
64870 214804 0 0 3 0x14200 bored sosplice
71419 483610 0 0 3 0x14200 acct acct
53036 366724 74252 0 3 0x82 thrsleep syz-fuzzer
53036 267714 74252 0 3 0x4000082 thrsleep syz-fuzzer
53036 406097 74252 0 3 0x4000082 kqread syz-fuzzer
53036 20236 74252 0 3 0x4000082 thrsleep syz-fuzzer
53036 1089 74252 0 3 0x4000082 thrsleep syz-fuzzer
53036 106490 74252 0 3 0x4000082 thrsleep syz-fuzzer
53036 428185 74252 0 3 0x4000082 thrsleep syz-fuzzer
53036 124176 74252 0 3 0x4000082 thrsleep syz-fuzzer
53036 468703 74252 0 3 0x4000082 thrsleep syz-fuzzer
74252 483286 86578 0 3 0x10008a sigsusp ksh
86578 119598 79829 0 3 0x9a poll sshd
79829 303998 1 0 3 0x88 poll sshd
57378 117308 57279 73 3 0x100090 kqread syslogd
57279 357467 1 0 3 0x100082 netio syslogd
24179 21690 1 0 3 0x100080 kqread resolvd
14689 200818 40297 77 3 0x100092 kqread dhcpleased
43661 189395 40297 77 3 0x100092 kqread dhcpleased
40297 211824 1 0 3 0x80 kqread dhcpleased
80112 197645 0 0 3 0x14200 bored smr
22324 67166 0 0 2 0x14200 zerothread
16620 302488 0 0 3 0x14200 aiodoned aiodoned
78726 1911 0 0 3 0x14200 syncer update
35564 329859 0 0 3 0x14200 cleaner cleaner
96714 299961 0 0 3 0x14200 reaper reaper
32528 74619 0 0 3 0x14200 pgdaemon pagedaemon
95955 101266 0 0 3 0x14200 bored viomb
91022 177228 0 0 3 0x40014200 acpi0 acpi0
52135 407109 0 0 2 0x14200 softnet
19579 259172 0 0 3 0x14200 bored systqmp
46329 514407 0 0 3 0x14200 bored systq
97385 69959 0 0 2 0x40014200 softclock
98819 244302 0 0 3 0x40014200 idle0
1 379835 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10204 6480K 7589K 78643K 41002 0
pcb 13 16K 18K 78643K 1502 0
rtable 177 24K 25K 78643K 4098 0
ifaddr 95 20K 23K 78643K 1355 0
sysctl 3 1K 1K 78643K 7 0
counters 28 17K 17K 78643K 139 0
ioctlops 0 0K 8K 78643K 1886 0
iov 0 0K 28K 78643K 2010 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 4 0
vnodes 1549 97K 97K 78643K 10779 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 57 0
VM map 2 0K 0K 78643K 2 0
sem 24 1K 1K 78643K 299 0
dirhash 6 1K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12598 0
file desc 16 57K 69K 78643K 9211 0
sigio 0 0K 0K 78643K 112 0
proc 58 55K 71K 78643K 2476 0
subproc 104 6K 7K 78643K 899 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 564 0
in_multi 48 3K 6K 78643K 980 0
ether_multi 1 0K 0K 78643K 109 0
mrt 1 0K 0K 78643K 72 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 199 890K 890K 78643K 199 0
exec 1 0K 2K 78643K 3842 0
pfkey data 0 0K 1K 78643K 4 0
tdb 3 0K 0K 78643K 3 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 469 783K 1357K 78643K 113430 0
UVM aobj 131 8K 8K 78643K 131 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 409 0
NDP 14 0K 2K 78643K 265 0
temp 147 4709K 4783K 78643K 95213 0
kqueue 10 14K 24K 78643K 353 0
SYN cache 2 16K 16K 78643K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 1945 0 1942 15 14 1 3 0 8 0
rtentry 112 867 0 816 4 0 4 4 0 8 0
unpcb 136 5780 0 5763 54 53 1 9 0 8 0
syncache 296 54 0 54 14 14 0 1 0 8 0
tcpqe 32 14 0 14 5 5 0 1 0 8 0
tcpcb 736 3135 0 3131 114 113 1 19 0 8 0
arp 88 145 0 136 1 0 1 1 0 8 0
ipq 40 94 0 94 9 9 0 1 0 8 0
ipqe 40 3769 0 3769 9 9 0 1 0 8 0
inpcb 304 7926 0 7919 124 121 3 14 0 8 2
rttmr 72 29 0 28 10 9 1 1 0 8 0
ip6q 72 5 0 5 2 2 0 1 0 8 0
ip6af 40 8 0 8 1 1 0 1 0 8 0
nd6 48 223 0 212 1 0 1 1 0 8 0
pkpcb 40 121 0 121 7 7 0 1 0 8 0
kcovpl 48 69 0 61 1 0 1 1 0 8 0
ppxss 1152 14 0 14 4 4 0 1 0 8 0
pfstscr 40 70 0 68 1 0 1 1 0 8 0
pfosfp 40 9 0 7 1 0 1 1 0 8 0
pfosfpen 112 9 0 0 1 0 1 1 0 8 0
pfrktable 1344 662 0 640 6 4 2 3 0 8 0
pftag 88 41 0 28 2 1 1 1 0 8 0
pfstitem 24 114 0 110 1 0 1 1 0 8 0
pfstkey 112 268 0 264 1 0 1 1 0 8 0
pfstate 320 134 0 132 1 0 1 1 0 8 0
pfrule 1360 428 0 234 20 3 17 17 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 3550 0 3286 47 26 21 30 0 8 0
art_table 32 3551 0 3286 4 0 4 4 0 8 0
art_node 16 856 0 812 1 0 1 1 0 8 0
sysvmsgpl 40 11 0 8 2 1 1 1 0 8 0
semupl 112 4 0 4 2 2 0 1 0 8 0
semapl 112 295 0 273 1 0 1 1 0 8 0
shmpl 112 128 0 0 4 0 4 4 0 8 0
dirhash 1024 17 0 13 3 1 2 3 0 8 0
dino2pl 256 13449 0 11990 92 0 92 92 0 8 0
ffsino 240 13449 0 11990 88 1 87 87 0 8 0
nchpl 144 26068 0 24449 63 1 62 63 0 8 0
uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0
vnodes 224 5926 0 0 349 0 349 349 0 8 0
namei 1024 94607 0 94603 6 5 1 2 0 8 0
vcpupl 1984 187 0 0 24 0 24 24 0 8 0
vmpool 528 208 0 21 13 0 13 13 0 8 0
pfiaddrpl 120 273 0 208 2 0 2 2 0 8 0
scsiplug 72 11 0 11 3 3 0 1 0 8 0
scxspl 216 79631 0 79631 26 25 1 8 0 8 1
plimitpl 152 1312 0 1298 1 0 1 1 0 8 0
sigapl 424 9386 0 9338 6 0 6 6 0 8 0
futexpl 64 86701 0 86699 6 5 1 1 0 8 0
knotepl 112 3334 0 3260 4 1 3 4 0 8 0
kqueuepl 184 1773 0 1767 24 23 1 4 0 8 0
pipepl 304 1562 0 1534 28 25 3 8 0 8 0
fdescpl 432 9365 0 9338 12 8 4 4 0 8 0
filepl 120 62302 0 62057 85 75 10 17 0 8 0
lockfpl 104 4750 0 4745 9 8 1 2 0 8 0
lockfspl 48 1421 0 1416 1 0 1 1 0 8 0
sessionpl 144 88 0 72 1 0 1 1 0 8 0
pgrppl 48 177 0 161 1 0 1 1 0 8 0
ucredpl 96 7136 0 7124 1 0 1 1 0 8 0
zombiepl 144 12019 0 12019 3 2 1 1 0 8 1
processpl 1000 9386 0 9338 7 0 7 7 0 8 0
procpl 672 25073 0 25004 20 13 7 8 0 8 0
sosppl 168 60 0 60 8 8 0 1 0 8 0
sockpl 448 15855 0 15828 309 304 5 30 0 8 2
mcl64k 65536 424 0 424 33 32 1 1 0 8 1
mcl16k 16384 92 0 92 22 22 0 1 0 8 0
mcl12k 12288 260 0 260 24 24 0 1 0 8 0
mcl9k 9216 107 0 107 26 25 1 1 0 8 1
mcl8k 8192 650 0 650 40 39 1 1 0 8 1
mcl4k 4096 903 0 903 26 25 1 1 0 8 1
mcl2k2 2112 57 0 57 30 30 0 1 0 8 0
mcl2k 2048 93815 0 93739 40 27 13 30 0 8 0
mtagpl 96 7532 0 6188 56 22 34 34 0 8 0
mbufpl 256 598941 0 596061 414 232 182 184 0 8 0
bufpl 288 19373 0 12965 459 0 459 459 0 8 0
anonpl 24 2665635 0 2643419 327 167 160 169 0 188 12
amapchunkpl 152 333016 0 332172 710 586 124 345 0 158 86
amappl16 200 27921 0 27084 173 116 57 63 0 8 6
amappl15 192 2449 0 2441 1 0 1 1 0 8 0
amappl14 184 1770 0 1763 1 0 1 1 0 8 0
amappl13 176 1410 0 1406 1 0 1 1 0 8 0
amappl12 168 492 0 487 1 0 1 1 0 8 0
amappl11 160 699 0 687 1 0 1 1 0 8 0
amappl10 152 59 0 57 1 0 1 1 0 8 0
amappl9 144 2125 0 2121 1 0 1 1 0 8 0
amappl8 136 3002 0 2902 4 0 4 4 0 8 0
amappl7 128 1593 0 1579 1 0 1 1 0 8 0
amappl6 120 2080 0 2053 3 2 1 2 0 8 0
amappl5 112 7309 0 7293 1 0 1 1 0 8 0
amappl4 104 3567 0 3536 2 1 1 2 0 8 0
amappl3 96 2099 0 2079 1 0 1 1 0 8 0
amappl2 88 2560 0 2510 3 1 2 3 0 8 0
amappl1 80 173513 0 172965 23 10 13 18 0 8 0
amappl 88 111847 0 111561 10 2 8 8 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 130 0 0 3 0 3 3 0 8 0
uaddrrnd 24 9573 0 9359 2 0 2 2 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 9573 0 9359 2 0 2 2 0 8 0
vmmpekpl 168 69880 0 69795 5 0 5 5 0 8 0
vmmpepl 168 890543 0 887559 417 273 144 173 0 357 2
vmsppl 272 9572 0 9359 15 0 15 15 0 8 0
rwobjpl 24 216404 0 208474 51 1 50 50 0 8 0
pdppl 4096 19152 0 18905 789 538 251 252 0 8 4
pvpl 32 4560143 0 4536298 553 325 228 259 0 265 15
pmappl 216 9572 0 9359 12 0 12 12 0 8 0
extentpl 40 57 0 38 1 0 1 1 0 8 0
phpool 112 2521 0 1370 34 0 34 34 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440
panic(ffffffff82549a0b) at panic+0x161 sys/kern/subr_prf.c:202
__assert(ffffffff825b952b,ffffffff825dcd39,9e,ffffffff82566db3) at __assert+0x25 sys/kern/subr_prf.c:161
dtopen(31e6e,1,2000,ffff800026539268) at dtopen+0x1c4 sys/dev/dt/dt_dev.c:158
spec_open_clone(ffff80002ea1d088) at spec_open_clone+0x204
spec_open(ffff80002ea1d088) at spec_open+0x3f5 sys/kern/spec_vnops.c:155
VOP_OPEN(fffffd80693f0860,1,fffffd807f7d88a0,ffff800026539268) at VOP_OPEN+0x6c sys/kern/vfs_vops.c:138
vn_open(ffff80002ea1d2d8,1,0) at vn_open+0x467 sys/kern/vfs_vnops.c:183
doopenat(ffff800026539268,ffffff9c,20000000,0,0,ffff80002ea1d4c0) at doopenat+0x26a sys/kern/vfs_syscalls.c:1128
syscall(ffff80002ea1d530) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x3ed9365a910, count: -11
ddb> machine ddbcpu 1
No such command
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440
panic(ffffffff82549a0b) at panic+0x161 sys/kern/subr_prf.c:202
__assert(ffffffff825b952b,ffffffff825dcd39,9e,ffffffff82566db3) at __assert+0x25 sys/kern/subr_prf.c:161
dtopen(31e6e,1,2000,ffff800026539268) at dtopen+0x1c4 sys/dev/dt/dt_dev.c:158
spec_open_clone(ffff80002ea1d088) at spec_open_clone+0x204
spec_open(ffff80002ea1d088) at spec_open+0x3f5 sys/kern/spec_vnops.c:155
VOP_OPEN(fffffd80693f0860,1,fffffd807f7d88a0,ffff800026539268) at VOP_OPEN+0x6c sys/kern/vfs_vops.c:138
vn_open(ffff80002ea1d2d8,1,0) at vn_open+0x467 sys/kern/vfs_vnops.c:183
doopenat(ffff800026539268,ffffff9c,20000000,0,0,ffff80002ea1d4c0) at doopenat+0x26a sys/kern/vfs_syscalls.c:1128
syscall(ffff80002ea1d530) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x3ed9365a910, count: -11