Warning: Permanently added '10.128.1.30' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program panic: kernel diagnostic assertion "nlevel >= IPL_NONE" failed: file "/syzkaller/managers/setuid/kernel/sys/arch/amd64/amd64/intr.c", line 699 Stopped at db_enter+0x1c: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 325617 94806 0 0 0 0 syz-executor3868290927 db_enter() at db_enter+0x1c panic(ffffffff8279f709) at panic+0x17b __assert(ffffffff8281d9e3,ffffffff8283c03e,2bb,ffffffff827a18af) at __assert+0x29 splraise(e8ef53e2) at splraise+0xb4 mtx_enter_try(fffffd806f0d45e8) at mtx_enter_try+0x73 mtx_enter(fffffd806f0d45e8) at mtx_enter+0x4f knote_remove(ffff800021235d58,fffffd806f0d45e8,fffffd806f0d4670,3,0) at knote_remove+0x20d knote_fdclose(ffff800021235d58,3) at knote_fdclose+0xae fdfree(ffff800021235d58) at fdfree+0xdf exit1(ffff800021235d58,0,0,1) at exit1+0x3e4 sys_exit(ffff800021235d58,ffff8000212776b0,ffff800021277700) at sys_exit+0x1a syscall(ffff800021277780) at syscall+0x5e2 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x769d8b71cba0, count: 2 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: kernel diagnostic assertion "nlevel >= IPL_NONE" failed: file "/syzkaller/managers/setuid/kernel/sys/arch/amd64/amd64/intr.c", line 699 ddb{1}> trace db_enter() at db_enter+0x1c panic(ffffffff8279f709) at panic+0x17b __assert(ffffffff8281d9e3,ffffffff8283c03e,2bb,ffffffff827a18af) at __assert+0x29 splraise(e8ef53e2) at splraise+0xb4 mtx_enter_try(fffffd806f0d45e8) at mtx_enter_try+0x73 mtx_enter(fffffd806f0d45e8) at mtx_enter+0x4f knote_remove(ffff800021235d58,fffffd806f0d45e8,fffffd806f0d4670,3,0) at knote_remove+0x20d knote_fdclose(ffff800021235d58,3) at knote_fdclose+0xae fdfree(ffff800021235d58) at fdfree+0xdf exit1(ffff800021235d58,0,0,1) at exit1+0x3e4 sys_exit(ffff800021235d58,ffff8000212776b0,ffff800021277700) at sys_exit+0x1a syscall(ffff800021277780) at syscall+0x5e2 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x769d8b71cba0, count: -13 ddb{1}> show registers rdi 0 rsi 0x1 rbp 0xffff8000212772f0 rbx 0xffff800020d59b9f rdx 0x3fd rcx 0 rax 0x8f r8 0x101010101010101 r9 0x8080808080808080 r10 0x6c058cf2d565ce61 r11 0x17fa2a0062d7a008 r12 0xffff800020d599a0 r13 0 r14 0 r15 0x1 rip 0xffffffff81b3671c db_enter+0x1c cs 0x8 rflags 0x246 rsp 0xffff8000212772e0 ss 0x10 db_enter+0x1c: addq $0x8,%rsp ddb{1}> show proc PROC (syz-executor3868290927) pid=90246 stat=onproc flags process=1008 proc=2000 pri=0, usrpri=50, nice=20 forw=0xffffffffffffffff, list=0xffff800021235808,0xffff800021235570 process=0xffff8000ffff4018 user=0xffff800021272000, vmspace=0xfffffd8078750760 estcpu=36, cpticks=2, pctcpu=0.0 user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 7896 187625 70919 0 2 0 syz-executor3868290927 7896 468297 70919 0 2 0x4000000 syz-executor3868290927 72647 325634 58250 0 2 0 syz-executor3868290927 72647 16717 58250 0 2 0x4000000 syz-executor3868290927 30673 271481 97773 0 2 0 syz-executor3868290927 30673 183783 97773 0 2 0x4000000 syz-executor3868290927 94806 325617 17034 0 7 0 syz-executor3868290927 94806 327011 17034 0 2 0x4000000 syz-executor3868290927 50412 277664 53534 0 2 0 syz-executor3868290927 55999 84508 95431 0 2 0 syz-executor3868290927 65950 472168 8724 0 2 0 syz-executor3868290927 65950 72047 8724 0 3 0x4000080 fsleep syz-executor3868290927 17034 394616 58668 0 3 0x80 nanoslp syz-executor3868290927 70919 231237 58668 0 3 0x80 nanoslp syz-executor3868290927 95431 149427 58668 0 2 0 syz-executor3868290927 39104 265216 58668 0 3 0x80 nanoslp syz-executor3868290927 58250 222660 58668 0 3 0x80 nanoslp syz-executor3868290927 97773 488413 58668 0 2 0 syz-executor3868290927 8724 430385 58668 0 2 0 syz-executor3868290927 53534 168128 58668 0 2 0 syz-executor3868290927 58668 192393 49820 0 3 0x82 nanoslp syz-executor3868290927 49820 191632 71981 0 3 0x10008a sigsusp ksh 71981 195584 55563 0 2 0x12 sshd 66571 60174 1 0 3 0x100083 ttyin getty 55563 229333 1 0 3 0x88 kqread sshd 68037 65861 71414 73 3 0x1100090 kqread syslogd 71414 44865 1 0 3 0x100082 netio syslogd 45794 372011 1 0 3 0x100080 kqread resolvd 12546 7802 17343 77 3 0x100092 kqread dhcpleased 3838 34063 17343 77 3 0x100092 kqread dhcpleased 17343 335823 1 0 3 0x80 kqread dhcpleased 39673 130193 0 0 3 0x14200 bored smr 29071 294620 0 0 2 0x14200 zerothread 74655 101453 0 0 3 0x14200 aiodoned aiodoned 60866 121466 0 0 3 0x14200 syncer update 29807 359717 0 0 3 0x14200 cleaner cleaner 50761 399045 0 0 2 0x14200 reaper 41586 78013 0 0 3 0x14200 pgdaemon pagedaemon 17291 266484 0 0 3 0x14200 bored viomb 8976 396788 0 0 3 0x40014200 acpi0 acpi0 81836 199784 0 0 3 0x40014200 idle1 61500 496837 0 0 3 0x14200 bored softnet3 43608 101481 0 0 3 0x14200 bored softnet2 17493 93323 0 0 3 0x14200 bored softnet1 22142 329928 0 0 3 0x14200 bored softnet0 69266 457248 0 0 3 0x14200 bored systqmp 93262 402412 0 0 3 0x14200 bored systq 9079 386273 0 0 3 0x40014200 bored softclock 26794 446246 0 0 3 0x40014200 idle0 1 409714 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks CPU 0: exclusive sched_lock &sched_lock r = 0 (0xffffffff82d40ab0) #0 witness_lock+0x447 #1 sleep_setup+0x92 #2 msleep+0xd6 #3 taskq_next_work+0x6e #4 taskq_thread+0x135 #5 proc_trampoline+0x1c exclusive mutex softnet0 r = 0 (0xffff80000002d028) #0 witness_lock+0x447 #1 mtx_enter_try+0x104 #2 mtx_enter+0x4f #3 taskq_next_work+0x37 #4 taskq_thread+0x135 #5 proc_trampoline+0x1c ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10156 6389K 6420K 78643K 11234 0 pcb 13 8K 8K 78643K 13 0 rtable 58 1K 2K 78643K 110 0 pf 12 6K 6K 78643K 12 0 ifaddr 12 9K 9K 78643K 12 0 ifgroup 17 1K 1K 78643K 17 0 counters 44 33K 33K 78643K 44 0 ioctlops 0 0K 2K 78643K 21 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1174 73K 74K 78643K 1187 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 1K 1K 78643K 2 0 sem 2 0K 0K 78643K 2 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 1 0K 0K 78643K 1 0 proc 55 78K 79K 78643K 246 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 11 0K 0K 78643K 11 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 25 122K 122K 78643K 25 0 exec 0 0K 1K 78643K 243 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 128 6K 6K 78643K 3485 0 UVM aobj 3 2K 2K 78643K 3 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 3 0K 0K 78643K 3 0 temp 1 5904K 5968K 78643K 2840 0 kqueue 11 16K 24K 78643K 202 0 SYN cache 2 16K 16K 78643K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 20 0 17 1 0 1 1 0 8 0 rtentry 112 23 0 1 1 0 1 1 0 8 0 unpcb 144 33 0 20 1 0 1 1 0 8 0 syncache 304 5 0 5 2 1 1 1 0 8 1 tcpqe 32 165 0 165 1 1 0 1 0 8 0 tcpcb 808 8 0 5 1 0 1 1 0 8 0 arp 120 2 0 0 1 0 1 1 0 8 0 inpcb 368 211 0 202 2 0 2 2 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 97 0 0 7 0 7 7 0 8 0 art_table 32 98 0 0 1 0 1 1 0 8 0 art_node 16 22 0 2 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1422 0 37 87 0 87 87 0 8 0 ffsino 272 1422 0 37 93 0 93 93 0 8 0 nchpl 144 1606 0 47 58 0 58 58 0 8 0 uvmvnodes 80 1431 0 0 30 0 30 30 0 8 0 vnodes 216 1431 0 0 80 0 80 80 0 8 0 namei 1024 4256 0 4256 2 1 1 1 0 8 1 percpumem 16 35 0 0 1 0 1 1 0 8 0 kstatmem 264 6 0 0 1 0 1 1 0 8 0 scxspl 216 5042 0 5042 10 9 1 8 1 8 1 plimitpl 152 16 0 10 1 0 1 1 0 8 0 sigapl 424 507 0 461 6 0 6 6 0 8 0 futexpl 64 379 0 378 1 0 1 1 0 8 0 knotepl 120 48 0 0 2 0 2 2 0 8 0 kqueuepl 216 203 0 196 1 0 1 1 0 8 0 pipepl 320 87 0 84 2 1 1 1 0 8 0 fdescpl 496 490 0 461 5 1 4 4 0 8 0 filepl 152 1311 0 1255 3 0 3 3 0 8 0 lockfpl 104 6 0 4 1 0 1 1 0 8 0 lockfspl 48 4 0 2 1 0 1 1 0 8 0 sessionpl 144 17 0 9 1 0 1 1 0 8 0 pgrppl 48 17 0 9 1 0 1 1 0 8 0 ucredpl 104 66 0 56 1 0 1 1 0 8 0 zombiepl 144 462 0 461 2 1 1 1 0 8 0 processpl 1072 507 0 461 4 0 4 4 0 8 0 procpl 680 702 0 650 5 0 5 5 0 8 0 sockpl 488 264 0 239 4 0 4 4 0 8 0 mcl8k 8192 6 0 0 1 0 1 1 0 8 0 mcl4k 4096 3 0 0 1 0 1 1 0 8 0 mcl2k 2048 309 0 0 33 2 31 33 0 8 0 mtagpl 96 4 0 0 1 0 1 1 0 8 0 mbufpl 256 360 0 0 19 0 19 19 0 8 0 bufpl 288 2511 0 88 174 0 174 174 0 8 0 anonpl 24 202813 0 200755 27 14 13 24 0 186 0 amapchunkpl 152 12096 0 11856 12 1 11 11 0 158 1 amappl16 200 6046 0 6045 6 5 1 5 0 8 0 amappl15 192 16 0 16 1 1 0 1 0 8 0 amappl14 184 105 0 96 1 0 1 1 0 8 0 amappl13 176 11 0 11 1 1 0 1 0 8 0 amappl12 168 978 0 960 1 0 1 1 0 8 0 amappl11 160 52 0 42 1 0 1 1 0 8 0 amappl10 152 17 0 17 3 2 1 1 0 8 1 amappl9 144 258 0 258 2 1 1 1 0 8 1 amappl8 136 35 0 33 1 0 1 1 0 8 0 amappl7 128 210 0 194 1 0 1 1 0 8 0 amappl6 120 144 0 131 1 0 1 1 0 8 0 amappl5 112 106 0 97 1 0 1 1 0 8 0 amappl4 104 417 0 389 1 0 1 1 0 8 0 amappl3 96 2775 0 2727 2 0 2 2 0 8 0 amappl2 88 672 0 622 3 1 2 2 0 8 0 amappl1 80 10021 0 9553 15 4 11 11 0 8 0 amappl 88 3212 0 3123 3 0 3 3 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 490 0 461 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 490 0 461 1 0 1 1 0 8 0 vmmpekpl 168 7737 0 7718 2 0 2 2 0 8 0 vmmpepl 168 41408 0 40139 66 8 58 58 0 357 2 vmsppl 464 489 0 461 5 1 4 4 0 8 0 rwobjpl 56 21630 0 19515 32 1 31 31 0 8 1 pdppl 4096 988 0 922 88 22 66 66 0 8 0 pvpl 32 306797 0 301912 61 20 41 52 0 265 1 pmappl 248 489 0 461 3 1 2 2 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 520 0 27 15 0 15 15 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp x86_ipi_db(ffffffff82bbdff0) at x86_ipi_db+0x1e x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 end of kernel end trace frame: 0x769d8b71cba0, count: 12 ddb{0}> trace x86_ipi_db(ffffffff82bbdff0) at x86_ipi_db+0x1e x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 end of kernel end trace frame: 0x769d8b71cba0, count: -3 ddb{0}> machine ddbcpu 1 Stopped at db_enter+0x1c: addq $0x8,%rsp db_enter() at db_enter+0x1c panic(ffffffff8279f709) at panic+0x17b __assert(ffffffff8281d9e3,ffffffff8283c03e,2bb,ffffffff827a18af) at __assert+0x29 splraise(e8ef53e2) at splraise+0xb4 mtx_enter_try(fffffd806f0d45e8) at mtx_enter_try+0x73 mtx_enter(fffffd806f0d45e8) at mtx_enter+0x4f knote_remove(ffff800021235d58,fffffd806f0d45e8,fffffd806f0d4670,3,0) at knote_remove+0x20d knote_fdclose(ffff800021235d58,3) at knote_fdclose+0xae fdfree(ffff800021235d58) at fdfree+0xdf exit1(ffff800021235d58,0,0,1) at exit1+0x3e4 sys_exit(ffff800021235d58,ffff8000212776b0,ffff800021277700) at sys_exit+0x1a syscall(ffff800021277780) at syscall+0x5e2 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x769d8b71cba0, count: 2 ddb{1}> trace db_enter() at db_enter+0x1c panic(ffffffff8279f709) at panic+0x17b __assert(ffffffff8281d9e3,ffffffff8283c03e,2bb,ffffffff827a18af) at __assert+0x29 splraise(e8ef53e2) at splraise+0xb4 mtx_enter_try(fffffd806f0d45e8) at mtx_enter_try+0x73 mtx_enter(fffffd806f0d45e8) at mtx_enter+0x4f knote_remove(ffff800021235d58,fffffd806f0d45e8,fffffd806f0d4670,3,0) at knote_remove+0x20d knote_fdclose(ffff800021235d58,3) at knote_fdclose+0xae fdfree(ffff800021235d58) at fdfree+0xdf exit1(ffff800021235d58,0,0,1) at exit1+0x3e4 sys_exit(ffff800021235d58,ffff8000212776b0,ffff800021277700) at sys_exit+0x1a syscall(ffff800021277780) at syscall+0x5e2 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x769d8b71cba0, count: -13