Warning: Permanently added '10.128.0.219' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program panic: kernel diagnostic assertion "nlevel >= IPL_NONE" failed: file "/syzkaller/managers/setuid/kernel/sys/arch/amd64/amd64/intr.c", line 699 Stopped at db_enter+0x1c: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 94188 9166 0 0x14000 0x200 0 reaper db_enter() at db_enter+0x1c panic(ffffffff827a4430) at panic+0x17b __assert(ffffffff82820f81,ffffffff8283fe9b,2bb,ffffffff827a58e3) at __assert+0x29 splraise(b4d3953a) at splraise+0xb4 mtx_enter_try(fffffd806f0fa1b0) at mtx_enter_try+0x73 mtx_enter(fffffd806f0fa1b0) at mtx_enter+0x4f knote_remove(ffff80002120c2c0,fffffd806f0fa1b0,fffffd806f0fa238,3,0) at knote_remove+0x20d knote_fdclose(ffff80002120c2c0,3) at knote_fdclose+0xae fdfree(ffff80002120c2c0) at fdfree+0xdf exit1(ffff80002120c2c0,0,0,1) at exit1+0x3ff sys_exit(ffff80002120c2c0,ffff8000212b7710,ffff8000212b7760) at sys_exit+0x1a syscall(ffff8000212b77e0) at syscall+0x5e2 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x786558498500, count: 2 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: kernel diagnostic assertion "nlevel >= IPL_NONE" failed: file "/syzkaller/managers/setuid/kernel/sys/arch/amd64/amd64/intr.c", line 699 ddb{1}> trace db_enter() at db_enter+0x1c panic(ffffffff827a4430) at panic+0x17b __assert(ffffffff82820f81,ffffffff8283fe9b,2bb,ffffffff827a58e3) at __assert+0x29 splraise(b4d3953a) at splraise+0xb4 mtx_enter_try(fffffd806f0fa1b0) at mtx_enter_try+0x73 mtx_enter(fffffd806f0fa1b0) at mtx_enter+0x4f knote_remove(ffff80002120c2c0,fffffd806f0fa1b0,fffffd806f0fa238,3,0) at knote_remove+0x20d knote_fdclose(ffff80002120c2c0,3) at knote_fdclose+0xae fdfree(ffff80002120c2c0) at fdfree+0xdf exit1(ffff80002120c2c0,0,0,1) at exit1+0x3ff sys_exit(ffff80002120c2c0,ffff8000212b7710,ffff8000212b7760) at sys_exit+0x1a syscall(ffff8000212b77e0) at syscall+0x5e2 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x786558498500, count: -13 ddb{1}> show registers rdi 0 rsi 0x1 rbp 0xffff8000212b7350 rbx 0xffff800020d59b9f rdx 0x3fd rcx 0 rax 0x8f r8 0x101010101010101 r9 0x8080808080808080 r10 0x5bd7db132f8444b0 r11 0x13da9e14dcd06960 r12 0xffff800020d599a0 r13 0 r14 0 r15 0x1 rip 0xffffffff816fe4dc db_enter+0x1c cs 0x8 rflags 0x246 rsp 0xffff8000212b7340 ss 0x10 db_enter+0x1c: addq $0x8,%rsp ddb{1}> show proc PROC (syz-executor2064922864) pid=455245 stat=onproc flags process=1008 proc=2000 pri=0, usrpri=69, nice=20 forw=0xffffffffffffffff, list=0xffff80002120cab8,0xffff80002121b2c8 process=0xffff8000212b8878 user=0xffff8000212b2000, vmspace=0xfffffd806d6e6cd0 estcpu=36, cpticks=2, pctcpu=0.0 user=0, sys=2, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 7129 25536 54545 0 2 0 syz-executor2064922864 48092 123853 8962 0 2 0 syz-executor2064922864 52820 45976 75671 0 2 0 syz-executor2064922864 52820 321995 75671 0 3 0x4000080 fsleep syz-executor2064922864 97776 191385 8689 0 2 0 syz-executor2064922864 97776 346277 8689 0 2 0x4000000 syz-executor2064922864 10238 120310 90091 0 2 0 syz-executor2064922864 10238 440530 90091 0 2 0x4000000 syz-executor2064922864 15102 297378 95967 0 2 0 syz-executor2064922864 8689 113224 95967 0 3 0x80 nanoslp syz-executor2064922864 8962 358711 95967 0 3 0x80 nanoslp syz-executor2064922864 75671 476243 95967 0 3 0x80 nanoslp syz-executor2064922864 50377 363355 95967 0 2 0 syz-executor2064922864 54545 386240 95967 0 3 0x80 nanoslp syz-executor2064922864 90091 427139 95967 0 3 0x80 nanoslp syz-executor2064922864 77254 1913 95967 0 3 0x80 nanoslp syz-executor2064922864 95967 432803 3641 0 3 0x82 nanoslp syz-executor2064922864 3641 312633 11210 0 3 0x10008a sigsusp ksh 11210 287669 87907 0 3 0x9a kqread sshd 58872 60967 1 0 3 0x100083 ttyin getty 87907 117231 1 0 3 0x88 kqread sshd 13136 48438 63965 73 3 0x1100090 kqread syslogd 63965 47879 1 0 3 0x100082 netio syslogd 56323 472033 1 0 3 0x100080 kqread resolvd 58005 459730 68744 77 3 0x100092 kqread dhcpleased 70091 457709 68744 77 3 0x100092 kqread dhcpleased 68744 186994 1 0 3 0x80 kqread dhcpleased 61833 119840 0 0 3 0x14200 bored smr 55922 364643 0 0 2 0x14200 zerothread 95188 484234 0 0 3 0x14200 aiodoned aiodoned 96225 404314 0 0 3 0x14200 syncer update 91500 369249 0 0 3 0x14200 cleaner cleaner 9166 94188 0 0 7 0x14200 reaper 95596 475980 0 0 3 0x14200 pgdaemon pagedaemon 58454 405120 0 0 3 0x14200 bored viomb 94987 58861 0 0 3 0x40014200 acpi0 acpi0 16589 294349 0 0 3 0x40014200 idle1 24389 2979 0 0 3 0x14200 bored softnet3 40907 52325 0 0 3 0x14200 bored softnet2 49183 269729 0 0 3 0x14200 bored softnet1 78347 92896 0 0 3 0x14200 bored softnet0 31920 468182 0 0 3 0x14200 bored systqmp 61059 313930 0 0 3 0x14200 bored systq 41166 354042 0 0 3 0x40014200 bored softclock 82835 521955 0 0 3 0x40014200 idle0 1 382249 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10156 6389K 6420K 78643K 11234 0 pcb 13 8K 8K 78643K 13 0 rtable 58 1K 2K 78643K 110 0 pf 12 6K 6K 78643K 12 0 ifaddr 12 9K 9K 78643K 12 0 ifgroup 17 1K 1K 78643K 17 0 counters 44 33K 33K 78643K 44 0 ioctlops 0 0K 2K 78643K 21 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1174 73K 74K 78643K 1187 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 1K 1K 78643K 2 0 sem 2 0K 0K 78643K 2 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 1 0K 0K 78643K 1 0 proc 55 78K 79K 78643K 246 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 11 0K 0K 78643K 11 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 25 122K 122K 78643K 25 0 exec 0 0K 1K 78643K 243 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 142 70K 71K 78643K 5407 0 UVM aobj 3 2K 2K 78643K 3 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 3 0K 0K 78643K 3 0 temp 1 5904K 5968K 78643K 2940 0 kqueue 11 16K 32K 78643K 442 0 SYN cache 2 16K 16K 78643K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 20 0 17 1 0 1 1 0 8 0 rtentry 112 23 0 1 1 0 1 1 0 8 0 unpcb 144 33 0 20 1 0 1 1 0 8 0 syncache 304 5 0 5 2 1 1 1 0 8 1 tcpqe 32 232 0 232 1 1 0 1 0 8 0 tcpcb 808 426 0 419 2 0 2 2 0 8 0 arp 120 2 0 0 1 0 1 1 0 8 0 inpcb 368 444 0 435 2 0 2 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 96 0 0 6 0 6 6 0 8 0 art_table 32 97 0 0 1 0 1 1 0 8 0 art_node 16 22 0 2 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1422 0 37 87 0 87 87 0 8 0 ffsino 272 1422 0 37 93 0 93 93 0 8 0 nchpl 144 1606 0 47 58 0 58 58 0 8 0 uvmvnodes 80 1431 0 0 30 0 30 30 0 8 0 vnodes 216 1431 0 0 80 0 80 80 0 8 0 namei 1024 5088 0 5088 2 1 1 1 0 8 1 percpumem 16 35 0 0 1 0 1 1 0 8 0 kstatmem 264 6 0 0 1 0 1 1 0 8 0 scxspl 216 5064 0 5064 10 9 1 8 1 8 1 plimitpl 152 24 0 10 1 0 1 1 0 8 0 sigapl 424 738 0 692 6 0 6 6 0 8 0 futexpl 64 1766 0 1765 1 0 1 1 0 8 0 knotepl 120 89 0 0 3 0 3 3 0 8 0 kqueuepl 216 438 0 431 1 0 1 1 0 8 0 pipepl 320 87 0 84 2 1 1 1 0 8 0 fdescpl 496 721 0 694 5 1 4 4 0 8 0 filepl 152 2376 0 2320 3 0 3 3 0 8 0 lockfpl 104 6 0 4 1 0 1 1 0 8 0 lockfspl 48 4 0 2 1 0 1 1 0 8 0 sessionpl 144 17 0 9 1 0 1 1 0 8 0 pgrppl 48 17 0 9 1 0 1 1 0 8 0 ucredpl 104 66 0 56 1 0 1 1 0 8 0 zombiepl 144 695 0 692 2 1 1 1 0 8 0 processpl 1072 738 0 692 4 0 4 4 0 8 0 procpl 680 1161 0 1111 5 0 5 5 0 8 0 sockpl 488 497 0 472 4 0 4 4 0 8 0 mcl8k 8192 5 0 0 1 0 1 1 0 8 0 mcl4k 4096 3 0 0 1 0 1 1 0 8 0 mcl2k 2048 308 0 0 39 0 39 39 0 8 0 mtagpl 96 2 0 0 1 0 1 1 0 8 0 mbufpl 256 337 0 0 22 1 21 22 0 8 0 bufpl 288 2511 0 88 174 0 174 174 0 8 0 anonpl 24 183031 0 181012 27 13 14 23 0 186 1 amapchunkpl 152 18166 0 17922 15 1 14 14 0 158 3 amappl16 200 4796 0 4795 6 5 1 5 0 8 0 amappl15 192 7 0 7 1 1 0 1 0 8 0 amappl14 184 102 0 93 1 0 1 1 0 8 0 amappl13 176 11 0 11 1 1 0 1 0 8 0 amappl12 168 1230 0 1213 1 0 1 1 0 8 0 amappl11 160 75 0 65 1 0 1 1 0 8 0 amappl10 152 15 0 15 2 2 0 1 0 8 0 amappl9 144 199 0 199 2 2 0 1 0 8 0 amappl8 136 23 0 21 1 0 1 1 0 8 0 amappl7 128 444 0 430 1 0 1 1 0 8 0 amappl6 120 143 0 129 1 0 1 1 0 8 0 amappl5 112 126 0 118 1 0 1 1 0 8 0 amappl4 104 417 0 390 1 0 1 1 0 8 0 amappl3 96 4361 0 4312 2 0 2 2 0 8 0 amappl2 88 880 0 833 3 1 2 2 0 8 0 amappl1 80 10729 0 10275 15 4 11 11 0 8 0 amappl 88 5128 0 5032 3 0 3 3 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 721 0 694 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 721 0 694 1 0 1 1 0 8 0 vmmpekpl 168 8836 0 8813 2 0 2 2 0 8 0 vmmpepl 168 49622 0 48323 67 5 62 62 0 357 2 vmsppl 464 720 0 694 5 1 4 4 0 8 0 rwobjpl 56 21731 0 19649 31 1 30 31 0 8 0 pdppl 4096 1450 0 1388 88 22 66 66 0 8 4 pvpl 32 305356 0 300455 63 20 43 51 0 265 1 pmappl 248 720 0 694 3 1 2 2 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 529 0 26 15 0 15 15 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp x86_ipi_db(ffffffff82be2ff0) at x86_ipi_db+0x1e x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff82d11830) at __mp_lock+0x133 intr_handler(ffff8000211b9460,ffff80000067b200) at intr_handler+0x62 Xintr_ioapic_edge25_untramp() at Xintr_ioapic_edge25_untramp+0x18f __mp_lock(ffffffff82d11830) at __mp_lock+0x122 reaper(ffff8000211b37f0) at reaper+0x160 end trace frame: 0x0, count: 7 ddb{0}> trace x86_ipi_db(ffffffff82be2ff0) at x86_ipi_db+0x1e x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff82d11830) at __mp_lock+0x133 intr_handler(ffff8000211b9460,ffff80000067b200) at intr_handler+0x62 Xintr_ioapic_edge25_untramp() at Xintr_ioapic_edge25_untramp+0x18f __mp_lock(ffffffff82d11830) at __mp_lock+0x122 reaper(ffff8000211b37f0) at reaper+0x160 end trace frame: 0x0, count: -8 ddb{0}> machine ddbcpu 1 Stopped at db_enter+0x1c: addq $0x8,%rsp db_enter() at db_enter+0x1c panic(ffffffff827a4430) at panic+0x17b __assert(ffffffff82820f81,ffffffff8283fe9b,2bb,ffffffff827a58e3) at __assert+0x29 splraise(b4d3953a) at splraise+0xb4 mtx_enter_try(fffffd806f0fa1b0) at mtx_enter_try+0x73 mtx_enter(fffffd806f0fa1b0) at mtx_enter+0x4f knote_remove(ffff80002120c2c0,fffffd806f0fa1b0,fffffd806f0fa238,3,0) at knote_remove+0x20d knote_fdclose(ffff80002120c2c0,3) at knote_fdclose+0xae fdfree(ffff80002120c2c0) at fdfree+0xdf exit1(ffff80002120c2c0,0,0,1) at exit1+0x3ff sys_exit(ffff80002120c2c0,ffff8000212b7710,ffff8000212b7760) at sys_exit+0x1a syscall(ffff8000212b77e0) at syscall+0x5e2 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x786558498500, count: 2 ddb{1}> trace db_enter() at db_enter+0x1c panic(ffffffff827a4430) at panic+0x17b __assert(ffffffff82820f81,ffffffff8283fe9b,2bb,ffffffff827a58e3) at __assert+0x29 splraise(b4d3953a) at splraise+0xb4 mtx_enter_try(fffffd806f0fa1b0) at mtx_enter_try+0x73 mtx_enter(fffffd806f0fa1b0) at mtx_enter+0x4f knote_remove(ffff80002120c2c0,fffffd806f0fa1b0,fffffd806f0fa238,3,0) at knote_remove+0x20d knote_fdclose(ffff80002120c2c0,3) at knote_fdclose+0xae fdfree(ffff80002120c2c0) at fdfree+0xdf exit1(ffff80002120c2c0,0,0,1) at exit1+0x3ff sys_exit(ffff80002120c2c0,ffff8000212b7710,ffff8000212b7760) at sys_exit+0x1a syscall(ffff8000212b77e0) at syscall+0x5e2 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x786558498500, count: -13