panic: kqueue_scan:914: kq=0xfffffd806ea00138 kn=0xfffffd806ed910e0 knote !ACTIVE
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*416263 5692 32767 0x10 0x4000000 0K syz-executor.1
25159 47424 32767 0x10 0 1 syz-executor.1
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic(ffffffff821c24cb) at panic+0x15c sys/kern/subr_prf.c:207
kqueue_do_check(fffffd806ea00138,ffffffff82211778,392) at kqueue_do_check+0x232 sys/kern/kern_event.c:622
kqueue_scan(fffffd806ea00138,7c,20000000,ffff800024fa9410,ffff800020aa9398,ffff800024fa945c) at kqueue_scan+0x68c sys/kern/kern_event.c:915
sys_kevent(ffff800020aa9398,ffff800024fa94d8,ffff800024fa9520) at sys_kevent+0x492 sys/kern/kern_event.c:604
syscall(ffff800024fa95a0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800024fa95a0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xbbf8cf35b80, count: 8
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
kqueue_scan:914: kq=0xfffffd806ea00138 kn=0xfffffd806ed910e0 knote !ACTIVE
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic(ffffffff821c24cb) at panic+0x15c sys/kern/subr_prf.c:207
kqueue_do_check(fffffd806ea00138,ffffffff82211778,392) at kqueue_do_check+0x232 sys/kern/kern_event.c:622
kqueue_scan(fffffd806ea00138,7c,20000000,ffff800024fa9410,ffff800020aa9398,ffff800024fa945c) at kqueue_scan+0x68c sys/kern/kern_event.c:915
sys_kevent(ffff800020aa9398,ffff800024fa94d8,ffff800024fa9520) at sys_kevent+0x492 sys/kern/kern_event.c:604
syscall(ffff800024fa95a0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800024fa95a0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xbbf8cf35b80, count: -7
ddb{0}> show registers
rdi 0xffffffff81e78427 db_enter+0x17
rsi 0x26b7 __ALIGN_SIZE+0x16b7
rbp 0xffff800024fa8f20
rbx 0xffff800024fa8fd0
rdx 0x26b8 __ALIGN_SIZE+0x16b8
rcx 0xffff800022f88000
rax 0xffff800022f88000
r8 0xffffffff81e0d50f kprintf+0x16f
r9 0x1
r10 0x25
r11 0x1a2076bebb2fff84
r12 0x3000000008
r13 0xffff800024fa8f30
r14 0x100
r15 0x1
rip 0xffffffff81e78428 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff800024fa8f10
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb{0}> show proc
PROC (syz-executor.1) pid=416263 stat=onproc
flags process=10<SUGID> proc=4000000<THREAD>
pri=24, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff800020a7cea8,0xffffffff82645730
process=0xffff800020a90f10 user=0xffff800024fa4000, vmspace=0xfffffd806ea2c8a8
estcpu=36, cpticks=0, pctcpu=0.0
user=0, sys=0, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
5692 314978 47424 32767 2 0x10 syz-executor.1
5692 376420 47424 32767 2 0x4000010 syz-executor.1
* 5692 416263 47424 32767 7 0x4000010 syz-executor.1
75578 116766 15197 32767 3 0x90 nanosleep syz-executor.0
75578 420121 15197 32767 3 0x4000090 netio syz-executor.0
75578 432261 15197 32767 3 0x4000090 fsleep syz-executor.0
47424 25159 58295 32767 7 0x10 syz-executor.1
58295 279199 86978 0 3 0x82 wait syz-executor.1
15197 523194 536 32767 2 0x490 syz-executor.0
536 461037 86978 0 3 0x82 wait syz-executor.0
28608 135442 0 0 3 0x14200 bored sosplice
86978 6088 32749 0 3 0x82 thrsleep syz-fuzzer
86978 169463 32749 0 3 0x4000082 thrsleep syz-fuzzer
86978 489848 32749 0 3 0x4000082 thrsleep syz-fuzzer
86978 468605 32749 0 3 0x4000082 thrsleep syz-fuzzer
86978 184793 32749 0 3 0x4000082 thrsleep syz-fuzzer
86978 274967 32749 0 3 0x4000082 thrsleep syz-fuzzer
86978 172855 32749 0 3 0x4000082 thrsleep syz-fuzzer
86978 280577 32749 0 3 0x4000082 kqread syz-fuzzer
86978 457754 32749 0 3 0x4000082 thrsleep syz-fuzzer
86978 140110 32749 0 3 0x4000082 thrsleep syz-fuzzer
32749 43278 26504 0 3 0x10008a pause ksh
26504 285135 55407 0 3 0x92 select sshd
66316 50251 1 0 3 0x100083 ttyin getty
55407 111513 1 0 3 0x80 select sshd
91893 16739 19668 73 3 0x100090 kqread syslogd
19668 408171 1 0 3 0x100082 netio syslogd
74054 237037 1 77 3 0x100090 poll dhclient
11691 206632 1 0 3 0x80 poll dhclient
80757 45086 0 0 3 0x14200 pgzero zerothread
35254 104247 0 0 3 0x14200 aiodoned aiodoned
38701 57568 0 0 3 0x14200 syncer update
97874 106943 0 0 3 0x14200 cleaner cleaner
84091 311114 0 0 3 0x14200 reaper reaper
57937 125950 0 0 3 0x14200 pgdaemon pagedaemon
66175 476887 0 0 3 0x14200 bored crynlk
70786 315118 0 0 3 0x14200 bored crypto
37387 439565 0 0 3 0x40014200 acpi0 acpi0
94056 88783 0 0 3 0x40014200 idle1
43974 431396 0 0 3 0x14200 bored softnet
44114 511702 0 0 3 0x14200 bored systqmp
28606 295903 0 0 3 0x14200 bored systq
81804 432175 0 0 3 0x40014200 bored softclock
16769 340048 0 0 3 0x40014200 idle0
44146 252539 0 0 3 0x14200 bored smr
1 478614 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 5692 (syz-executor.1) thread 0xffff800020aa9398 (416263)
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff8263ede8)
#0 witness_lock+0x52e sys/kern/subr_witness.c:1164
#1 __mp_acquire_count+0x51 sys/kern/kern_lock.c:227
#2 mi_switch+0x392 sys/kern/sched_bsd.c:439
#3 sleep_finish+0x113 sys/kern/kern_synch.c:415
#4 sleep_finish_all+0x32 sleep_finish_timeout sys/kern/kern_synch.c:444 [inline]
#4 sleep_finish_all+0x32 sys/kern/kern_synch.c:206
#5 tsleep+0x1cc sys/kern/kern_synch.c:155
#6 kqueue_scan+0x399 sys/kern/kern_event.c:870
#7 sys_kevent+0x492 sys/kern/kern_event.c:604
#8 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#8 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
#9 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9482 6334K 6334K 78643K 11810 0
pcb 13 10K 12K 78643K 15 0
rtable 109 3K 4K 78643K 12865 0
ifaddr 39 17K 20K 78643K 2244 0
counters 43 33K 33K 78643K 661 0
ioctlops 0 0K 2K 78643K 855 0
iov 0 0K 32K 78643K 3173 0
mount 1 1K 1K 78643K 1 0
vnodes 1215 76K 76K 78643K 8510 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 255 0
VM map 2 1K 1K 78643K 2 0
sem 12 0K 0K 78643K 8208 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1809 196K 290K 78643K 12766 0
file desc 8 25K 33K 78643K 16858 0
sigio 0 0K 0K 78643K 353 0
proc 48 50K 83K 78643K 15629 0
subproc 34 2K 2K 78643K 5287 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 1K 78643K 5783 0
in_multi 33 2K 2K 78643K 4248 0
ether_multi 1 0K 0K 78643K 65 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 133 599K 599K 78643K 133 0
exec 0 0K 1K 78643K 6125 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 250 29K 45K 78643K 65252 0
UVM aobj 130 4K 4K 78643K 139 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 1422 0
NDP 5 0K 0K 78643K 936 0
temp 102 3021K 3117K 78643K 70786 0
kqueue 7 5K 37K 78643K 21578 0
SYN cache 2 16K 16K 78643K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 649 0 643 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtpcb 80 3282 0 3280 1 0 1 1 0 8 0
rtentry 112 3292 0 3246 2 0 2 2 0 8 0
unpcb 120 29606 0 29548 46 43 3 3 0 8 1
syncache 264 221 0 221 72 72 0 1 0 8 0
sackhl 24 5 0 5 4 4 0 1 0 8 0
tcpqe 32 874 0 874 59 59 0 3 0 8 0
tcpcb 544 13274 0 13270 229 227 2 13 0 8 1
ipq 40 197 0 197 79 79 0 1 0 8 0
ipqe 40 5119 0 5119 79 79 0 1 0 8 0
inpcb 280 27497 0 27490 186 183 3 9 0 8 2
ip6q 72 27 0 27 22 21 1 1 0 8 1
ip6af 40 56 0 56 21 20 1 1 0 8 1
nd6 48 752 0 748 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 14320 0 14074 39 23 16 17 0 8 0
art_table 32 14321 0 14074 6 3 3 3 0 8 1
art_node 16 3291 0 3249 1 0 1 1 0 8 0
sysvmsgpl 40 54 0 29 1 0 1 1 0 8 0
semupl 112 2 0 2 1 1 0 1 0 8 0
semapl 112 8206 0 8196 1 0 1 1 0 8 0
shmpl 112 137 0 9 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino1pl 128 19583 0 18148 48 1 47 47 0 8 0
ffsino 272 19583 0 18148 99 3 96 97 0 8 0
nchpl 144 41403 0 39800 60 0 60 60 0 8 0
uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0
vnodes 208 5926 0 0 312 0 312 312 0 8 0
namei 1024 188406 0 188406 9 8 1 1 0 8 1
percpumem 16 341 0 309 1 0 1 1 0 8 0
scxspl 192 146944 0 146944 164 163 1 7 0 8 1
plimitpl 152 3053 0 3043 1 0 1 1 0 8 0
sigapl 432 16102 0 16086 14 12 2 3 0 8 0
futexpl 56 362731 0 362730 8 7 1 1 0 8 0
knotepl 112 17579 0 17558 69 68 1 3 0 8 0
kqueuepl 104 22831 0 22825 51 50 1 4 0 8 0
pipelkpl 48 6702 0 6692 1 0 1 1 0 8 0
pipepl 120 13404 0 13385 57 56 1 4 0 8 0
fdescpl 496 16103 0 16086 4 1 3 3 0 8 0
filepl 152 175648 0 175544 262 256 6 14 0 8 1
lockfpl 104 5361 0 5360 1 0 1 1 0 8 0
lockfspl 48 1500 0 1499 1 0 1 1 0 8 0
sessionpl 112 326 0 316 1 0 1 1 0 8 0
pgrppl 48 815 0 805 1 0 1 1 0 8 0
ucredpl 96 29938 0 29929 1 0 1 1 0 8 0
zombiepl 144 16086 0 16086 9 8 1 1 0 8 1
processpl 960 16119 0 16086 5 0 5 5 0 8 0
procpl 624 50068 0 50022 67 62 5 5 0 8 1
sosppl 128 515 0 515 61 60 1 1 0 8 1
sockpl 400 60955 0 60886 333 322 11 18 0 8 3
mcl64k 65536 65 0 0 6 2 4 4 0 8 0
mcl16k 16384 65 0 0 4 1 3 3 0 8 0
mcl12k 12288 116 0 0 3 1 2 2 0 8 0
mcl9k 9216 73 0 0 4 2 2 2 0 8 0
mcl8k 8192 41 0 0 4 1 3 3 0 8 0
mcl4k 4096 41 0 0 4 1 3 3 0 8 0
mcl2k2 2112 10 0 0 1 0 1 1 0 8 0
mcl2k 2048 450 0 0 43 33 10 43 0 8 0
mtagpl 80 1 0 0 1 0 1 1 0 8 0
mbufpl 256 2070 0 0 36 0 36 36 0 8 0
bufpl 280 58671 0 52379 450 0 450 450 0 8 0
anonpl 16 2398200 0 2386014 410 343 67 82 0 125 0
amapchunkpl 152 170310 0 170179 564 545 19 20 0 158 12
amappl16 192 91835 0 91043 668 616 52 65 0 8 10
amappl15 184 3317 0 3314 1 0 1 1 0 8 0
amappl14 176 4079 0 4071 1 0 1 1 0 8 0
amappl13 168 1577 0 1575 32 31 1 1 0 8 0
amappl12 160 1871 0 1871 32 32 0 1 0 8 0
amappl11 152 2891 0 2879 1 0 1 1 0 8 0
amappl10 144 1746 0 1743 1 0 1 1 0 8 0
amappl9 136 6359 0 6353 1 0 1 1 0 8 0
amappl8 128 4724 0 4553 9 3 6 6 0 8 0
amappl7 120 3631 0 3613 1 0 1 1 0 8 0
amappl6 112 2134 0 2109 1 0 1 1 0 8 0
amappl5 104 4545 0 4536 1 0 1 1 0 8 0
amappl4 96 16053 0 16017 2 1 1 2 0 8 0
amappl3 88 3937 0 3929 1 0 1 1 0 8 0
amappl2 80 106584 0 106495 3 1 2 3 0 8 0
amappl1 72 456702 0 456224 24 14 10 20 0 8 0
amappl 80 55653 0 55608 2 0 2 2 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 138 0 9 3 0 3 3 0 8 0
uaddrrnd 24 16103 0 16086 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 16103 0 16086 1 0 1 1 0 8 0
vmmpekpl 168 156330 0 156298 3 0 3 3 0 8 0
vmmpepl 168 2278418 0 2276086 804 667 137 140 0 357 27
vmsppl 368 16102 0 16086 2 0 2 2 0 8 0
pdppl 4096 32213 0 32172 7 1 6 6 0 8 0
pvpl 32 5920915 0 5905330 1107 944 163 193 0 265 11
pmappl 232 16102 0 16086 55 53 2 2 0 8 1
extentpl 40 46 0 29 1 0 1 1 0 8 0
phpool 112 888 0 686 7 0 7 7 0 8 0