panic: kernel diagnostic assertion "suser(curproc) == 0" failed: file "/syzkaller/managers/main/kernel/sys/dev/dt/dt_dev.c", line 431 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440 panic(ffffffff824292db) at panic+0x161 sys/kern/subr_prf.c:202 __assert(ffffffff8249abe3,ffffffff824b8dae,1af,ffffffff8246aab5) at __assert+0x25 sys/kern/subr_prf.c:161 dt_ioctl_record_stop(ffff800000b2f180) at dt_ioctl_record_stop+0x165 sys/dev/dt/dt_dev.c:431 dtclose(11e6e,1,2000,ffff800021677260) at dtclose+0xc2 dt_pcb_purge sys/dev/dt/dt_dev.c:582 [inline] dtclose(11e6e,1,2000,ffff800021677260) at dtclose+0xc2 sys/dev/dt/dt_dev.c:204 spec_close(ffff8000230e7260) at spec_close+0x363 sys/kern/spec_vnops.c:572 VOP_CLOSE(fffffd80688c01f0,1,fffffd807f7d89c0,ffff800021677260) at VOP_CLOSE+0xde sys/kern/vfs_vops.c:156 vn_closefile(fffffd806c6e3358,ffff800021677260) at vn_closefile+0xd2 vn_close sys/kern/vfs_vnops.c:298 [inline] vn_closefile(fffffd806c6e3358,ffff800021677260) at vn_closefile+0xd2 sys/kern/vfs_vnops.c:624 fdrop(fffffd806c6e3358,ffff800021677260) at fdrop+0xc7 sys/kern/kern_descrip.c:1279 closef(fffffd806c6e3358,ffff800021677260) at closef+0x117 sys/kern/kern_descrip.c:1263 fdfree(ffff800021677260) at fdfree+0xf3 sys/kern/kern_descrip.c:1195 exit1(ffff800021677260,0,0,1) at exit1+0x35d sys/kern/kern_exit.c:202 sys_exit(ffff800021677260,ffff8000230e74f0,ffff8000230e7550) at sys_exit+0x16 sys/kern/kern_exit.c:95 syscall(ffff8000230e75c0) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585 end trace frame: 0xffff8000230e7640, count: 0 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: kernel diagnostic assertion "suser(curproc) == 0" failed: file "/syzkaller/managers/main/kernel/sys/dev/dt/dt_dev.c", line 431 ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440 panic(ffffffff824292db) at panic+0x161 sys/kern/subr_prf.c:202 __assert(ffffffff8249abe3,ffffffff824b8dae,1af,ffffffff8246aab5) at __assert+0x25 sys/kern/subr_prf.c:161 dt_ioctl_record_stop(ffff800000b2f180) at dt_ioctl_record_stop+0x165 sys/dev/dt/dt_dev.c:431 dtclose(11e6e,1,2000,ffff800021677260) at dtclose+0xc2 dt_pcb_purge sys/dev/dt/dt_dev.c:582 [inline] dtclose(11e6e,1,2000,ffff800021677260) at dtclose+0xc2 sys/dev/dt/dt_dev.c:204 spec_close(ffff8000230e7260) at spec_close+0x363 sys/kern/spec_vnops.c:572 VOP_CLOSE(fffffd80688c01f0,1,fffffd807f7d89c0,ffff800021677260) at VOP_CLOSE+0xde sys/kern/vfs_vops.c:156 vn_closefile(fffffd806c6e3358,ffff800021677260) at vn_closefile+0xd2 vn_close sys/kern/vfs_vnops.c:298 [inline] vn_closefile(fffffd806c6e3358,ffff800021677260) at vn_closefile+0xd2 sys/kern/vfs_vnops.c:624 fdrop(fffffd806c6e3358,ffff800021677260) at fdrop+0xc7 sys/kern/kern_descrip.c:1279 closef(fffffd806c6e3358,ffff800021677260) at closef+0x117 sys/kern/kern_descrip.c:1263 fdfree(ffff800021677260) at fdfree+0xf3 sys/kern/kern_descrip.c:1195 exit1(ffff800021677260,0,0,1) at exit1+0x35d sys/kern/kern_exit.c:202 sys_exit(ffff800021677260,ffff8000230e74f0,ffff8000230e7550) at sys_exit+0x16 sys/kern/kern_exit.c:95 syscall(ffff8000230e75c0) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffcf620, count: -15 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff8000230e7080 rbx 0 rdx 0 rcx 0 rax 0xffff800021677260 r8 0x101010101010101 r9 0x8080808080808080 r10 0x87302404dfbee0f8 r11 0x982c3a26968cff76 r12 0 r13 0xffff800000b2f180 r14 0 r15 0x1 rip 0xffffffff8103e808 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff8000230e7070 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (syz-executor.0) pid=475673 stat=onproc flags process=1018 proc=2000 pri=32, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff8000216777a0,0xffffffff828bf260 process=0xffff8000216853b0 user=0xffff8000230e2000, vmspace=0xfffffd806ae46670 estcpu=36, cpticks=2, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 44705 200882 47563 0 3 0x82 nanoslp syz-executor.0 9615 218198 47563 0 2 0x2 syz-executor.1 48442 435384 0 0 3 0x14200 bored sosplice 9933 163532 0 0 3 0x14200 acct acct 47563 377500 9888 0 3 0x82 thrsleep syz-fuzzer 47563 779 9888 0 3 0x4000082 nanoslp syz-fuzzer 47563 81900 9888 0 3 0x4000082 thrsleep syz-fuzzer 47563 21728 9888 0 3 0x4000082 thrsleep syz-fuzzer 47563 261262 9888 0 3 0x4000082 thrsleep syz-fuzzer 47563 401362 9888 0 3 0x4000082 kqread syz-fuzzer 9888 133636 58342 0 3 0x10008a sigsusp ksh 58342 458645 78044 0 3 0x9a poll sshd 90544 499799 1 0 3 0x100083 ttyin getty 78044 215339 1 0 3 0x88 poll sshd 91006 126867 84945 73 3 0x100090 kqread syslogd 84945 469950 1 0 3 0x100082 netio syslogd 58304 306340 1 0 3 0x100080 kqread resolvd 52808 132692 13449 77 3 0x100092 kqread dhcpleased 69386 458266 13449 77 3 0x100092 kqread dhcpleased 13449 313291 1 0 3 0x80 kqread dhcpleased 90388 332254 0 0 3 0x14200 bored smr 52955 177765 0 0 2 0x14200 zerothread 14933 321436 0 0 3 0x14200 aiodoned aiodoned 81125 356644 0 0 3 0x14200 syncer update 27497 441280 0 0 3 0x14200 cleaner cleaner 30156 266307 0 0 3 0x14200 reaper reaper 70862 44235 0 0 3 0x14200 pgdaemon pagedaemon 22640 195508 0 0 3 0x14200 bored viomb 85407 163828 0 0 3 0x40014200 acpi0 acpi0 61586 99413 0 0 3 0x14200 bored softnet 95785 379052 0 0 3 0x14200 bored systqmp 95381 381494 0 0 3 0x14200 bored systq 28714 67695 0 0 3 0x40014200 bored softclock 42886 25386 0 0 3 0x40014200 idle0 1 150447 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10114 6396K 7004K 78643K 12713 0 pcb 13 12K 14K 78643K 125 0 rtable 92 4K 9K 78643K 773 0 ifaddr 37 9K 12K 78643K 217 0 counters 20 16K 16K 78643K 29 0 ioctlops 0 0K 4K 78643K 120 0 iov 0 0K 12K 78643K 115 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1273 80K 80K 78643K 1813 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 15 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 0K 78643K 330 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12598 0 file desc 5 13K 25K 78643K 726 0 proc 57 55K 63K 78643K 428 0 subproc 26 1K 1K 78643K 91 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 28 0 in_multi 22 1K 2K 78643K 138 0 ether_multi 1 0K 0K 78643K 20 0 mrt 0 0K 0K 78643K 3 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 61 281K 281K 78643K 61 0 exec 0 0K 2K 78643K 822 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 189 29K 45K 78643K 9887 0 UVM aobj 87 6K 6K 78643K 88 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 23 0 NDP 5 0K 0K 78643K 30 0 temp 44 4182K 4258K 78643K 28103 0 kqueue 10 14K 18K 78643K 31 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 58 0 55 1 0 1 1 0 8 0 rtentry 112 108 0 75 3 1 2 2 0 8 1 unpcb 128 495 0 480 5 4 1 3 0 8 0 syncache 296 8 0 8 3 3 0 1 0 8 0 tcpqe 32 50 0 50 3 3 0 1 0 8 0 tcpcb 736 282 0 272 17 12 5 10 0 8 4 arp 88 16 0 12 1 0 1 1 0 8 0 ipq 40 3 0 3 1 1 0 1 0 8 0 ipqe 40 9 0 9 1 1 0 1 0 8 0 inpcb 304 726 0 716 22 17 5 9 0 8 4 nd6 48 23 0 20 2 1 1 1 0 8 0 pkpcb 40 3 0 3 1 1 0 1 0 8 0 kcovpl 48 7 0 5 1 0 1 1 0 8 0 pfrktable 1344 182 0 180 3 2 1 2 0 8 0 pftag 88 35 0 35 3 3 0 1 0 8 0 pfrule 1360 49 0 43 2 1 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 469 0 324 17 5 12 12 0 8 2 art_table 32 470 0 324 3 1 2 2 0 8 0 art_node 16 107 0 77 1 0 1 1 0 8 0 semapl 112 328 0 318 1 0 1 1 0 8 0 shmpl 112 85 0 1 3 0 3 3 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 2303 0 905 88 0 88 88 0 8 0 ffsino 240 2303 0 905 83 0 83 83 0 8 0 nchpl 144 3436 0 1843 60 0 60 60 0 8 0 uvmvnodes 80 2844 0 0 59 0 59 59 0 8 0 vnodes 224 2844 0 0 168 0 168 168 0 8 0 namei 1024 11280 0 11279 3 2 1 1 0 8 0 vmpool 528 8 0 8 2 2 0 1 0 8 0 pfiaddrpl 120 57 0 54 2 1 1 1 0 8 0 scsiplug 72 3 0 3 1 1 0 1 0 8 0 scxspl 216 14358 0 14358 9 8 1 8 0 8 1 plimitpl 152 114 0 106 1 0 1 1 0 8 0 sigapl 424 942 0 911 4 0 4 4 0 8 0 futexpl 64 7041 0 7041 4 3 1 1 0 8 1 knotepl 112 376 0 338 2 0 2 2 0 8 0 kqueuepl 184 151 0 145 4 3 1 4 0 8 0 pipepl 304 166 0 156 4 3 1 4 0 8 0 fdescpl 432 927 0 911 3 1 2 3 0 8 0 filepl 120 5792 0 5687 12 8 4 7 0 8 0 lockfpl 104 115 0 113 1 0 1 1 0 8 0 lockfspl 48 45 0 43 1 0 1 1 0 8 0 sessionpl 144 22 0 12 1 0 1 1 0 8 0 pgrppl 48 22 0 12 1 0 1 1 0 8 0 ucredpl 96 498 0 487 1 0 1 1 0 8 0 zombiepl 144 912 0 911 1 0 1 1 0 8 0 processpl 1000 942 0 911 6 1 5 5 0 8 0 procpl 672 1947 0 1911 6 2 4 5 0 8 0 sosppl 168 5 0 5 2 2 0 1 0 8 0 sockpl 448 1282 0 1254 33 25 8 14 0 8 4 mcl64k 65536 80 0 80 3 2 1 1 0 8 1 mcl16k 16384 8 0 8 4 3 1 1 0 8 1 mcl12k 12288 45 0 45 3 2 1 1 0 8 1 mcl9k 9216 18 0 18 3 2 1 1 0 8 1 mcl8k 8192 41 0 41 4 3 1 1 0 8 1 mcl4k 4096 366 0 366 3 2 1 1 0 8 1 mcl2k2 2112 6 0 6 2 2 0 1 0 8 0 mcl2k 2048 76946 0 76903 12 5 7 11 0 8 0 mtagpl 96 592 0 592 8 5 3 7 0 8 3 mbufpl 256 129338 0 129155 49 29 20 46 0 8 0 bufpl 288 5295 0 132 369 0 369 369 0 8 0 anonpl 24 257764 0 244063 154 43 111 132 0 188 6 amapchunkpl 152 25420 0 24881 44 20 24 35 0 158 2 amappl16 200 2742 0 2156 43 11 32 43 0 8 0 amappl15 192 84 0 78 1 0 1 1 0 8 0 amappl14 184 4 0 0 1 0 1 1 0 8 0 amappl13 176 57 0 56 1 0 1 1 0 8 0 amappl12 168 57 0 48 1 0 1 1 0 8 0 amappl11 160 349 0 338 1 0 1 1 0 8 0 amappl10 152 321 0 318 1 0 1 1 0 8 0 amappl9 144 464 0 461 1 0 1 1 0 8 0 amappl8 136 418 0 388 2 0 2 2 0 8 0 amappl7 128 98 0 89 1 0 1 1 0 8 0 amappl6 120 160 0 146 1 0 1 1 0 8 0 amappl5 112 1024 0 1014 1 0 1 1 0 8 0 amappl4 104 1070 0 1043 1 0 1 1 0 8 0 amappl3 96 259 0 240 1 0 1 1 0 8 0 amappl2 88 400 0 362 2 0 2 2 0 8 0 amappl1 80 19487 0 19071 12 2 10 12 0 8 0 amappl 88 9516 0 9376 4 0 4 4 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 87 0 1 2 0 2 2 0 8 0 uaddrrnd 24 935 0 919 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 935 0 919 1 0 1 1 0 8 0 vmmpekpl 168 10129 0 10109 2 0 2 2 0 8 0 vmmpepl 168 89592 0 87848 142 36 106 106 0 357 28 vmsppl 272 934 0 919 3 1 2 2 0 8 0 rwobjpl 24 25686 0 21463 26 0 26 26 0 8 0 pdppl 4096 1876 0 1838 63 23 40 44 0 8 2 pvpl 32 577711 0 560719 265 65 200 240 0 265 36 pmappl 216 934 0 919 2 1 1 2 0 8 0 extentpl 40 57 0 38 1 0 1 1 0 8 0 phpool 112 760 0 115 19 0 19 19 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440 panic(ffffffff824292db) at panic+0x161 sys/kern/subr_prf.c:202 __assert(ffffffff8249abe3,ffffffff824b8dae,1af,ffffffff8246aab5) at __assert+0x25 sys/kern/subr_prf.c:161 dt_ioctl_record_stop(ffff800000b2f180) at dt_ioctl_record_stop+0x165 sys/dev/dt/dt_dev.c:431 dtclose(11e6e,1,2000,ffff800021677260) at dtclose+0xc2 dt_pcb_purge sys/dev/dt/dt_dev.c:582 [inline] dtclose(11e6e,1,2000,ffff800021677260) at dtclose+0xc2 sys/dev/dt/dt_dev.c:204 spec_close(ffff8000230e7260) at spec_close+0x363 sys/kern/spec_vnops.c:572 VOP_CLOSE(fffffd80688c01f0,1,fffffd807f7d89c0,ffff800021677260) at VOP_CLOSE+0xde sys/kern/vfs_vops.c:156 vn_closefile(fffffd806c6e3358,ffff800021677260) at vn_closefile+0xd2 vn_close sys/kern/vfs_vnops.c:298 [inline] vn_closefile(fffffd806c6e3358,ffff800021677260) at vn_closefile+0xd2 sys/kern/vfs_vnops.c:624 fdrop(fffffd806c6e3358,ffff800021677260) at fdrop+0xc7 sys/kern/kern_descrip.c:1279 closef(fffffd806c6e3358,ffff800021677260) at closef+0x117 sys/kern/kern_descrip.c:1263 fdfree(ffff800021677260) at fdfree+0xf3 sys/kern/kern_descrip.c:1195 exit1(ffff800021677260,0,0,1) at exit1+0x35d sys/kern/kern_exit.c:202 sys_exit(ffff800021677260,ffff8000230e74f0,ffff8000230e7550) at sys_exit+0x16 sys/kern/kern_exit.c:95 syscall(ffff8000230e75c0) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffcf620, count: -15 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440 panic(ffffffff824292db) at panic+0x161 sys/kern/subr_prf.c:202 __assert(ffffffff8249abe3,ffffffff824b8dae,1af,ffffffff8246aab5) at __assert+0x25 sys/kern/subr_prf.c:161 dt_ioctl_record_stop(ffff800000b2f180) at dt_ioctl_record_stop+0x165 sys/dev/dt/dt_dev.c:431 dtclose(11e6e,1,2000,ffff800021677260) at dtclose+0xc2 dt_pcb_purge sys/dev/dt/dt_dev.c:582 [inline] dtclose(11e6e,1,2000,ffff800021677260) at dtclose+0xc2 sys/dev/dt/dt_dev.c:204 spec_close(ffff8000230e7260) at spec_close+0x363 sys/kern/spec_vnops.c:572 VOP_CLOSE(fffffd80688c01f0,1,fffffd807f7d89c0,ffff800021677260) at VOP_CLOSE+0xde sys/kern/vfs_vops.c:156 vn_closefile(fffffd806c6e3358,ffff800021677260) at vn_closefile+0xd2 vn_close sys/kern/vfs_vnops.c:298 [inline] vn_closefile(fffffd806c6e3358,ffff800021677260) at vn_closefile+0xd2 sys/kern/vfs_vnops.c:624 fdrop(fffffd806c6e3358,ffff800021677260) at fdrop+0xc7 sys/kern/kern_descrip.c:1279 closef(fffffd806c6e3358,ffff800021677260) at closef+0x117 sys/kern/kern_descrip.c:1263 fdfree(ffff800021677260) at fdfree+0xf3 sys/kern/kern_descrip.c:1195 exit1(ffff800021677260,0,0,1) at exit1+0x35d sys/kern/kern_exit.c:202 sys_exit(ffff800021677260,ffff8000230e74f0,ffff8000230e7550) at sys_exit+0x16 sys/kern/kern_exit.c:95 syscall(ffff8000230e75c0) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffcf620, count: -15