Warning: Permanently added '10.128.0.87' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program panic: acquiring blockable sleep lock with spinlock or critical section held (kernel_lock) &kernel_lock Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 1659 48408 0 0 0 0 syz-executor968967385 *442416 48408 0 0 0x4000000 1 syz-executor968967385 db_enter() at db_enter+0x18 panic(ffffffff825a56b6) at panic+0x177 witness_checkorder(ffffffff82b47030,9,0) at witness_checkorder+0x116d __mp_lock(ffffffff82b46e28) at __mp_lock+0xa1 selwakeup(fffffd806d3044f8) at selwakeup+0x16 sorwakeup(fffffd806d3043e0) at sorwakeup+0xc9 rip6_input(ffff800021263d58,ffff800021263d64,3a,18) at rip6_input+0x692 icmp6_input(ffff800021263d58,ffff800021263d64,3a,18) at icmp6_input+0x8e8 ip_deliver(ffff800021263d58,ffff800021263d64,3a,18) at ip_deliver+0x322 ip6_input_if(ffff800021263d58,ffff800021263d64,29,0,ffff80000019f2a8) at ip6_input_if+0x920 ipv6_input(ffff80000019f2a8,fffffd807f00e500) at ipv6_input+0x48 if_input_local(ffff80000019f2a8,fffffd807f00e500,18) at if_input_local+0x136 ip6_output(fffffd806d4eca00,ffff800000bc6500,fffffd807330bde8,0,0,fffffd807330bd70) at ip6_output+0xf57 rip6_output(fffffd806dca1f00,fffffd806f1e35a8,ffff8000212640c0,0) at rip6_output+0x4ad end trace frame: 0xffff800021264160, count: 0 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: acquiring blockable sleep lock with spinlock or critical section held (kernel_lock) &kernel_lock ddb{1}> trace db_enter() at db_enter+0x18 panic(ffffffff825a56b6) at panic+0x177 witness_checkorder(ffffffff82b47030,9,0) at witness_checkorder+0x116d __mp_lock(ffffffff82b46e28) at __mp_lock+0xa1 selwakeup(fffffd806d3044f8) at selwakeup+0x16 sorwakeup(fffffd806d3043e0) at sorwakeup+0xc9 rip6_input(ffff800021263d58,ffff800021263d64,3a,18) at rip6_input+0x692 icmp6_input(ffff800021263d58,ffff800021263d64,3a,18) at icmp6_input+0x8e8 ip_deliver(ffff800021263d58,ffff800021263d64,3a,18) at ip_deliver+0x322 ip6_input_if(ffff800021263d58,ffff800021263d64,29,0,ffff80000019f2a8) at ip6_input_if+0x920 ipv6_input(ffff80000019f2a8,fffffd807f00e500) at ipv6_input+0x48 if_input_local(ffff80000019f2a8,fffffd807f00e500,18) at if_input_local+0x136 ip6_output(fffffd806d4eca00,ffff800000bc6500,fffffd807330bde8,0,0,fffffd807330bd70) at ip6_output+0xf57 rip6_output(fffffd806dca1f00,fffffd806f1e35a8,ffff8000212640c0,0) at rip6_output+0x4ad rip6_usrreq(fffffd806f1e35a8,9,fffffd806dca1f00,0,0,ffff80002119d7a8) at rip6_usrreq+0x5d3 sosend(fffffd806f1e35a8,0,ffff8000212642f8,0,0,0) at sosend+0x632 dofilewritev(ffff80002119d7a8,4,ffff8000212642f8,0,ffff8000212643f0) at dofilewritev+0x19c sys_write(ffff80002119d7a8,ffff800021264398,ffff8000212643f0) at sys_write+0x83 syscall(ffff800021264460) at syscall+0x489 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc390a92bf40, count: -20 ddb{1}> show registers rdi 0 rsi 0x1 rbp 0xffff800021263760 rbx 0xffff800020ce9bff rdx 0x3fd rcx 0 rax 0x68 r8 0x101010101010101 r9 0x8080808080808080 r10 0xcf9256cffabc6a65 r11 0xa7a218f186e10d55 r12 0xffff800020ce9a00 r13 0 r14 0 r15 0x1 rip 0xffffffff81f18858 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800021263750 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{1}> show proc PROC (syz-executor968967385) pid=442416 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=51, nice=20 forw=0xffffffffffffffff, list=0xffff80002119d508,0xffffffff82b44c30 process=0xffff800021233620 user=0xffff80002125f000, vmspace=0xfffffd806d352180 estcpu=4, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 48408 1659 78608 0 7 0 syz-executor968967385 *48408 442416 78608 0 7 0x4000000 syz-executor968967385 67130 97288 1111 0 2 0 syz-executor968967385 67130 196103 1111 0 2 0x4000000 syz-executor968967385 21886 493606 75362 0 2 0 syz-executor968967385 23142 101855 34482 0 2 0 syz-executor968967385 23142 14207 34482 0 3 0x4000080 fsleep syz-executor968967385 23288 32094 2984 0 2 0 syz-executor968967385 23288 92986 2984 0 3 0x4000080 fsleep syz-executor968967385 40655 4472 69211 0 2 0 syz-executor968967385 40655 403425 69211 0 3 0x4000080 fsleep syz-executor968967385 76443 358545 15198 0 2 0 syz-executor968967385 76443 272789 15198 0 2 0x4000000 syz-executor968967385 76443 374583 15198 0 3 0x4000080 fsleep syz-executor968967385 2984 487305 44794 0 3 0x80 nanoslp syz-executor968967385 69211 110835 44794 0 3 0x80 nanoslp syz-executor968967385 15198 90556 44794 0 3 0x80 nanoslp syz-executor968967385 34482 139021 44794 0 2 0x480 syz-executor968967385 26477 434697 95171 0 2 0 syz-executor968967385 26477 52747 95171 0 3 0x4000080 fsleep syz-executor968967385 1111 326125 44794 0 3 0x80 nanoslp syz-executor968967385 95171 165634 44794 0 2 0x480 syz-executor968967385 75362 207916 44794 0 2 0x480 syz-executor968967385 78608 257060 44794 0 2 0x480 syz-executor968967385 44794 298944 79332 0 3 0x82 nanoslp syz-executor968967385 79332 419679 36695 0 3 0x10008a sigsusp ksh 36695 358768 74941 0 3 0x9a kqread sshd 67297 113146 1 0 3 0x100083 ttyin getty 74941 345793 1 0 3 0x88 kqread sshd 74122 444746 88295 74 3 0x1100092 bpf pflogd 88295 414952 1 0 3 0x80 netio pflogd 21061 45138 65779 73 3 0x1100090 kqread syslogd 65779 272858 1 0 3 0x100082 netio syslogd 90680 452479 1 0 3 0x100080 kqread resolvd 55299 135625 18338 77 3 0x100092 kqread dhcpleased 3254 421796 18338 77 3 0x100092 kqread dhcpleased 18338 489826 1 0 3 0x80 kqread dhcpleased 46091 75544 0 0 3 0x14200 bored smr 77290 223594 0 0 2 0x14200 zerothread 17938 217437 0 0 3 0x14200 aiodoned aiodoned 79851 105253 0 0 3 0x14200 syncer update 69892 460594 0 0 3 0x14200 cleaner cleaner 63618 240494 0 0 3 0x14200 reaper reaper 25652 255271 0 0 3 0x14200 pgdaemon pagedaemon 8560 242519 0 0 3 0x14200 bored viomb 10078 207398 0 0 3 0x40014200 acpi0 acpi0 25286 156034 0 0 3 0x40014200 idle1 44622 102055 0 0 3 0x14200 bored softnet 78915 126728 0 0 3 0x14200 bored systqmp 20355 37856 0 0 3 0x14200 bored systq 26085 125539 0 0 3 0x40014200 bored softclock 26762 195664 0 0 3 0x40014200 idle0 1 215967 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks CPU 1: exclusive mutex &table->inpt_mtx r = 0 (0xffffffff82a900b0) #0 witness_lock+0x44d #1 mtx_enter_try+0x100 #2 mtx_enter+0x4b #3 rip6_input+0x1cf #4 icmp6_input+0x8e8 #5 ip_deliver+0x322 #6 ip6_input_if+0x920 #7 ipv6_input+0x48 #8 if_input_local+0x136 #9 ip6_output+0xf57 #10 rip6_output+0x4ad #11 rip6_usrreq+0x5d3 #12 sosend+0x632 #13 dofilewritev+0x19c #14 sys_write+0x83 #15 syscall+0x489 #16 Xsyscall+0x128 Process 48408 (syz-executor968967385) thread 0xffff80002119d7a8 (442416) exclusive rwlock netlock r = 0 (0xffffffff828f7720) #0 witness_lock+0x44d #1 solock+0x86 #2 sosend+0x517 #3 dofilewritev+0x19c #4 sys_write+0x83 #5 syscall+0x489 #6 Xsyscall+0x128 exclusive mutex &table->inpt_mtx r = 0 (0xffffffff82a900b0) #0 witness_lock+0x44d #1 mtx_enter_try+0x100 #2 mtx_enter+0x4b #3 rip6_input+0x1cf #4 icmp6_input+0x8e8 #5 ip_deliver+0x322 #6 ip6_input_if+0x920 #7 ipv6_input+0x48 #8 if_input_local+0x136 #9 ip6_output+0xf57 #10 rip6_output+0x4ad #11 rip6_usrreq+0x5d3 #12 sosend+0x632 #13 dofilewritev+0x19c #14 sys_write+0x83 #15 syscall+0x489 #16 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10149 6454K 6455K 78643K 11239 0 pcb 17 8K 8K 78643K 28 0 rtable 62 2K 2K 78643K 112 0 ifaddr 29 8K 8K 78643K 32 0 counters 40 33K 33K 78643K 40 0 ioctlops 0 0K 4K 78643K 1479 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 5 0 vnodes 1167 73K 73K 78643K 1180 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 1K 1K 78643K 2 0 sem 2 0K 0K 78643K 2 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 1 0K 0K 78643K 1 0 proc 67 87K 87K 78643K 282 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 4 0K 0K 78643K 11 0 in_multi 16 0K 0K 78643K 27 0 ether_multi 2 0K 0K 78643K 6 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 25 122K 122K 78643K 25 0 exec 0 0K 2K 78643K 432 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 183 7K 7K 78643K 2378 0 UVM aobj 3 2K 2K 78643K 3 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 4 0K 0K 78643K 18 0 NDP 4 0K 0K 78643K 4 0 temp 24 4694K 4757K 78643K 3220 0 kqueue 11 16K 18K 78643K 24 0 SYN cache 2 16K 16K 78643K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 17 0 14 1 0 1 1 0 8 0 rtentry 112 23 0 1 1 0 1 1 0 8 0 unpcb 136 35 0 20 1 0 1 1 0 8 0 syncache 296 5 0 5 2 1 1 1 0 8 1 tcpcb 736 30 0 5 3 0 3 3 0 8 0 arp 120 2 0 0 1 0 1 1 0 8 0 inpcb 312 76 0 62 2 0 2 2 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 11 0 0 1 0 1 1 0 8 0 pfstkey 112 11 0 0 1 0 1 1 0 8 0 pfstate 320 11 0 0 1 0 1 1 0 8 0 pfrule 1360 21 0 15 2 0 2 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 96 0 0 6 0 6 6 0 8 0 art_table 32 97 0 0 1 0 1 1 0 8 0 art_node 16 22 0 2 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1424 0 39 87 0 87 87 0 8 0 ffsino 272 1424 0 39 93 0 93 93 0 8 0 nchpl 144 1599 0 49 58 0 58 58 0 8 0 uvmvnodes 80 1434 0 0 30 0 30 30 0 8 0 vnodes 224 1434 0 0 85 0 85 85 0 8 0 namei 1024 4422 0 4422 2 1 1 1 0 8 1 percpumem 16 32 0 0 1 0 1 1 0 8 0 scxspl 216 4051 0 4051 10 2 8 8 0 8 8 plimitpl 152 16 0 9 1 0 1 1 0 8 0 sigapl 424 343 0 298 6 0 6 6 0 8 0 futexpl 64 68 0 63 1 0 1 1 0 8 0 knotepl 120 50 0 0 2 0 2 2 0 8 0 kqueuepl 216 20 0 13 1 0 1 1 0 8 0 pipepl 336 86 0 83 2 1 1 1 0 8 0 fdescpl 496 329 0 298 4 0 4 4 0 8 0 filepl 152 1189 0 1123 3 0 3 3 0 8 0 lockfpl 104 6 0 4 1 0 1 1 0 8 0 lockfspl 48 4 0 2 1 0 1 1 0 8 0 sessionpl 144 18 0 9 1 0 1 1 0 8 0 pgrppl 48 18 0 9 1 0 1 1 0 8 0 ucredpl 96 69 0 57 1 0 1 1 0 8 0 zombiepl 144 298 0 298 2 1 1 1 0 8 1 processpl 1064 343 0 298 4 0 4 4 0 8 0 procpl 672 358 0 305 5 0 5 5 0 8 0 sockpl 480 128 0 96 6 1 5 5 0 8 1 mcl8k 8192 2 0 0 1 0 1 1 0 8 0 mcl4k 4096 5 0 0 1 0 1 1 0 8 0 mcl2k 2048 77 0 0 10 0 10 10 0 8 0 mtagpl 96 1 0 0 1 0 1 1 0 8 0 mbufpl 256 125 0 0 8 0 8 8 0 8 0 bufpl 288 2026 0 93 139 0 139 139 0 8 0 anonpl 24 45876 0 41342 31 3 28 28 0 186 0 amapchunkpl 152 4398 0 4046 14 0 14 14 0 158 0 amappl16 200 42 0 36 2 1 1 1 0 8 0 amappl15 192 67 0 64 1 0 1 1 0 8 0 amappl14 184 1 0 1 1 1 0 1 0 8 0 amappl13 176 34 0 33 2 1 1 1 0 8 0 amappl12 168 7 0 7 2 1 1 1 0 8 1 amappl11 160 46 0 32 1 0 1 1 0 8 0 amappl10 152 8 0 6 1 0 1 1 0 8 0 amappl9 144 457 0 455 1 0 1 1 0 8 0 amappl8 136 393 0 373 1 0 1 1 0 8 0 amappl7 128 67 0 64 1 0 1 1 0 8 0 amappl6 120 114 0 101 1 0 1 1 0 8 0 amappl5 112 190 0 178 1 0 1 1 0 8 0 amappl4 104 639 0 617 1 0 1 1 0 8 0 amappl3 96 122 0 113 1 0 1 1 0 8 0 amappl2 88 372 0 332 1 0 1 1 0 8 0 amappl1 80 8943 0 8454 10 0 10 10 0 8 0 amappl 88 2085 0 1925 4 0 4 4 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 329 0 298 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 329 0 298 1 0 1 1 0 8 0 vmmpekpl 168 6232 0 6216 1 0 1 1 0 8 0 vmmpepl 168 27502 0 26090 64 2 62 62 0 357 0 vmsppl 368 328 0 298 3 0 3 3 0 8 0 rwobjpl 56 9803 0 7664 31 0 31 31 0 8 0 pdppl 4096 665 0 596 89 20 69 69 0 8 0 pvpl 32 140060 0 133193 58 2 56 56 0 265 0 pmappl 248 328 0 298 2 0 2 2 0 8 0 extentpl 40 58 0 38 1 0 1 1 0 8 0 phpool 112 455 0 24 13 0 13 13 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp x86_ipi_db(ffffffff8294dff0) at x86_ipi_db+0x1a x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 end of kernel end trace frame: 0x7f7fffff9cc0, count: 12 ddb{0}> trace x86_ipi_db(ffffffff8294dff0) at x86_ipi_db+0x1a x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 end of kernel end trace frame: 0x7f7fffff9cc0, count: -3 ddb{0}> machine ddbcpu 1 Stopped at db_enter+0x18: addq $0x8,%rsp db_enter() at db_enter+0x18 panic(ffffffff825a56b6) at panic+0x177 witness_checkorder(ffffffff82b47030,9,0) at witness_checkorder+0x116d __mp_lock(ffffffff82b46e28) at __mp_lock+0xa1 selwakeup(fffffd806d3044f8) at selwakeup+0x16 sorwakeup(fffffd806d3043e0) at sorwakeup+0xc9 rip6_input(ffff800021263d58,ffff800021263d64,3a,18) at rip6_input+0x692 icmp6_input(ffff800021263d58,ffff800021263d64,3a,18) at icmp6_input+0x8e8 ip_deliver(ffff800021263d58,ffff800021263d64,3a,18) at ip_deliver+0x322 ip6_input_if(ffff800021263d58,ffff800021263d64,29,0,ffff80000019f2a8) at ip6_input_if+0x920 ipv6_input(ffff80000019f2a8,fffffd807f00e500) at ipv6_input+0x48 if_input_local(ffff80000019f2a8,fffffd807f00e500,18) at if_input_local+0x136 ip6_output(fffffd806d4eca00,ffff800000bc6500,fffffd807330bde8,0,0,fffffd807330bd70) at ip6_output+0xf57 rip6_output(fffffd806dca1f00,fffffd806f1e35a8,ffff8000212640c0,0) at rip6_output+0x4ad end trace frame: 0xffff800021264160, count: 0 ddb{1}> trace db_enter() at db_enter+0x18 panic(ffffffff825a56b6) at panic+0x177 witness_checkorder(ffffffff82b47030,9,0) at witness_checkorder+0x116d __mp_lock(ffffffff82b46e28) at __mp_lock+0xa1 selwakeup(fffffd806d3044f8) at selwakeup+0x16 sorwakeup(fffffd806d3043e0) at sorwakeup+0xc9 rip6_input(ffff800021263d58,ffff800021263d64,3a,18) at rip6_input+0x692 icmp6_input(ffff800021263d58,ffff800021263d64,3a,18) at icmp6_input+0x8e8 ip_deliver(ffff800021263d58,ffff800021263d64,3a,18) at ip_deliver+0x322 ip6_input_if(ffff800021263d58,ffff800021263d64,29,0,ffff80000019f2a8) at ip6_input_if+0x920 ipv6_input(ffff80000019f2a8,fffffd807f00e500) at ipv6_input+0x48 if_input_local(ffff80000019f2a8,fffffd807f00e500,18) at if_input_local+0x136 ip6_output(fffffd806d4eca00,ffff800000bc6500,fffffd807330bde8,0,0,fffffd807330bd70) at ip6_output+0xf57 rip6_output(fffffd806dca1f00,fffffd806f1e35a8,ffff8000212640c0,0) at rip6_output+0x4ad rip6_usrreq(fffffd806f1e35a8,9,fffffd806dca1f00,0,0,ffff80002119d7a8) at rip6_usrreq+0x5d3 sosend(fffffd806f1e35a8,0,ffff8000212642f8,0,0,0) at sosend+0x632 dofilewritev(ffff80002119d7a8,4,ffff8000212642f8,0,ffff8000212643f0) at dofilewritev+0x19c sys_write(ffff80002119d7a8,ffff800021264398,ffff8000212643f0) at sys_write+0x83 syscall(ffff800021264460) at syscall+0x489 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc390a92bf40, count: -20 ddb{1}>