panic: knote_enqueue:1308: kq=0xfffffd806e9f0b60 kn=0xfffffd806ee4b000 knote !QUEUED
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
23689 22828 32767 0x10 0 1 syz-executor.1
*413797 22828 32767 0x10 0x4000000 0K syz-executor.1
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic(ffffffff8220bc89) at panic+0x15c sys/kern/subr_prf.c:207
kqueue_do_check(fffffd806e9f0b60,ffffffff8224fc7f,51c) at kqueue_do_check+0x232 sys/kern/kern_event.c:622
knote_enqueue(fffffd806ee4b000) at knote_enqueue+0x80 sys/kern/kern_event.c:1309
kqueue_register(fffffd806e9f0b60,ffff800024fc5b60,ffff800020a9c018) at kqueue_register+0x820 sys/kern/kern_event.c:795
sys_kevent(ffff800020a9c018,ffff800024fc5d28,ffff800024fc5d70) at sys_kevent+0x2b6 sys/kern/kern_event.c:578
syscall(ffff800024fc5df0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800024fc5df0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6e21e43bf0, count: 7
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
knote_enqueue:1308: kq=0xfffffd806e9f0b60 kn=0xfffffd806ee4b000 knote !QUEUED
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic(ffffffff8220bc89) at panic+0x15c sys/kern/subr_prf.c:207
kqueue_do_check(fffffd806e9f0b60,ffffffff8224fc7f,51c) at kqueue_do_check+0x232 sys/kern/kern_event.c:622
knote_enqueue(fffffd806ee4b000) at knote_enqueue+0x80 sys/kern/kern_event.c:1309
kqueue_register(fffffd806e9f0b60,ffff800024fc5b60,ffff800020a9c018) at kqueue_register+0x820 sys/kern/kern_event.c:795
sys_kevent(ffff800020a9c018,ffff800024fc5d28,ffff800024fc5d70) at sys_kevent+0x2b6 sys/kern/kern_event.c:578
syscall(ffff800024fc5df0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff800024fc5df0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:570
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6e21e43bf0, count: -8
ddb{0}> show registers
rdi 0xffffffff81e78427 db_enter+0x17
rsi 0x1e94 __ALIGN_SIZE+0xe94
rbp 0xffff800024fc5920
rbx 0xffff800024fc59d0
rdx 0x1e95 __ALIGN_SIZE+0xe95
rcx 0xffff800022fba000
rax 0xffff800022fba000
r8 0xffffffff81e0d50f kprintf+0x16f
r9 0x1
r10 0x25
r11 0x93aa7797069ee016
r12 0x3000000008
r13 0xffff800024fc5930
r14 0x100
r15 0x1
rip 0xffffffff81e78428 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff800024fc5910
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb{0}> show proc
PROC (syz-executor.1) pid=413797 stat=onproc
flags process=10<SUGID> proc=4000000<THREAD>
pri=80, usrpri=80, nice=20
forw=0xffffffffffffffff, list=0xffff800020a9d128,0xffffffff82645730
process=0xffff800020ae7a60 user=0xffff800024fc0000, vmspace=0xfffffd806ea25a18
estcpu=36, cpticks=0, pctcpu=0.0
user=0, sys=0, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
22828 23689 6745 32767 7 0x10 syz-executor.1
22828 501864 6745 32767 3 0x4000090 fsleep syz-executor.1
*22828 413797 6745 32767 7 0x4000010 syz-executor.1
87838 424940 10281 32767 3 0x90 nanosleep syz-executor.0
87838 317273 10281 32767 3 0x4000090 select syz-executor.0
6745 5126 75220 32767 3 0x90 nanosleep syz-executor.1
75220 441252 65799 0 3 0x82 wait syz-executor.1
10281 476976 71574 32767 3 0x90 nanosleep syz-executor.0
71574 236553 65799 0 3 0x82 wait syz-executor.0
58814 360809 0 0 3 0x14200 bored sosplice
65799 24921 11156 0 3 0x82 thrsleep syz-fuzzer
65799 182387 11156 0 3 0x4000082 nanosleep syz-fuzzer
65799 451887 11156 0 3 0x4000082 thrsleep syz-fuzzer
65799 10737 11156 0 3 0x4000082 kqread syz-fuzzer
65799 301544 11156 0 3 0x4000082 thrsleep syz-fuzzer
65799 61577 11156 0 3 0x4000082 thrsleep syz-fuzzer
65799 103806 11156 0 3 0x4000082 thrsleep syz-fuzzer
65799 80419 11156 0 3 0x4000082 thrsleep syz-fuzzer
65799 78424 11156 0 3 0x4000082 thrsleep syz-fuzzer
65799 518508 11156 0 3 0x4000082 nanosleep syz-fuzzer
11156 475279 30108 0 3 0x10008a pause ksh
30108 360904 63759 0 3 0x92 select sshd
35462 315077 1 0 3 0x100083 ttyin getty
63759 366143 1 0 3 0x80 select sshd
31627 213979 42575 73 3 0x100090 kqread syslogd
42575 475847 1 0 3 0x100082 netio syslogd
51952 215865 1 77 3 0x100090 poll dhclient
6531 211830 1 0 3 0x80 poll dhclient
25671 80073 0 0 2 0x14200 zerothread
25134 325816 0 0 3 0x14200 aiodoned aiodoned
33712 111573 0 0 3 0x14200 syncer update
34766 408624 0 0 3 0x14200 cleaner cleaner
66177 440005 0 0 3 0x14200 reaper reaper
2438 115883 0 0 3 0x14200 pgdaemon pagedaemon
16672 104844 0 0 3 0x14200 bored crynlk
9098 369201 0 0 3 0x14200 bored crypto
37716 171657 0 0 3 0x40014200 acpi0 acpi0
35564 451863 0 0 3 0x40014200 idle1
94556 13698 0 0 3 0x14200 bored softnet
64151 98083 0 0 3 0x14200 bored systqmp
30754 440582 0 0 3 0x14200 bored systq
21392 64621 0 0 3 0x40014200 bored softclock
69841 436222 0 0 3 0x40014200 idle0
83434 485209 0 0 3 0x14200 bored smr
1 108139 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 22828 (syz-executor.1) thread 0xffff800020a9c018 (413797)
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff8263ede8)
#0 witness_lock+0x52e sys/kern/subr_witness.c:1164
#1 syscall+0x400 mi_syscall sys/sys/syscall_mi.h:93 [inline]
#1 syscall+0x400 sys/arch/amd64/amd64/trap.c:570
#2 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9482 6334K 6334K 78643K 11834 0
pcb 13 14K 18K 78643K 17 0
rtable 109 3K 4K 78643K 12891 0
ifaddr 39 17K 21K 78643K 2295 0
counters 43 33K 33K 78643K 673 0
ioctlops 0 0K 2K 78643K 802 0
iov 0 0K 36K 78643K 3055 0
mount 1 1K 1K 78643K 1 0
vnodes 1215 76K 76K 78643K 9055 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 5K 78643K 195 0
VM map 2 1K 1K 78643K 2 0
sem 12 0K 0K 78643K 7711 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1809 196K 290K 78643K 12766 0
file desc 8 25K 33K 78643K 16185 0
sigio 0 0K 1K 78643K 4437 0
proc 48 50K 83K 78643K 15617 0
subproc 34 2K 2K 78643K 5389 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 2K 78643K 40596 0
in_multi 33 2K 2K 78643K 4226 0
ether_multi 1 0K 0K 78643K 83 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 133 599K 599K 78643K 133 0
exec 0 0K 1K 78643K 5946 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 259 30K 46K 78643K 60997 0
UVM aobj 130 4K 4K 78643K 139 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 1K 78643K 4950 0
NDP 5 0K 0K 78643K 954 0
temp 102 3021K 3133K 78643K 71920 0
kqueue 6 5K 36K 78643K 2424 0
SYN cache 2 16K 16K 78643K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 664 0 658 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtpcb 80 3169 0 3167 1 0 1 1 0 8 0
rtentry 112 3342 0 3296 2 0 2 2 0 8 0
unpcb 120 25094 0 25064 53 51 2 3 0 8 0
syncache 264 161 0 161 54 53 1 1 0 8 1
sackhl 24 1 0 1 1 1 0 1 0 8 0
tcpqe 32 66 0 66 40 39 1 1 0 8 1
tcpcb 544 71028 0 71024 487 482 5 17 0 8 4
ipq 40 215 0 215 59 58 1 1 0 8 1
ipqe 40 5241 0 5241 59 58 1 1 0 8 1
inpcb 280 88090 0 88082 452 447 5 17 0 8 3
ip6q 72 11 0 11 8 8 0 1 0 8 0
ip6af 40 11 0 11 6 6 0 1 0 8 0
nd6 48 751 0 747 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 14631 0 14382 35 19 16 17 0 8 0
art_table 32 14632 0 14382 3 0 3 3 0 8 0
art_node 16 3341 0 3299 1 0 1 1 0 8 0
sysvmsgpl 40 21 0 8 1 0 1 1 0 8 0
semupl 112 1 0 1 1 1 0 1 0 8 0
semapl 112 7707 0 7697 1 0 1 1 0 8 0
shmpl 112 137 0 9 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino1pl 128 19218 0 17758 48 0 48 48 0 8 0
ffsino 272 19218 0 17758 102 4 98 98 0 8 0
nchpl 144 41063 0 39462 60 0 60 60 0 8 0
uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0
vnodes 208 5926 0 0 312 0 312 312 0 8 0
namei 1024 201703 0 201703 12 11 1 1 0 8 1
percpumem 16 347 0 315 1 0 1 1 0 8 0
scxspl 192 138530 0 138530 142 139 3 5 0 8 3
plimitpl 152 2973 0 2964 1 0 1 1 0 8 0
sigapl 432 15411 0 15395 14 12 2 3 0 8 0
futexpl 56 476874 0 476873 10 9 1 1 0 8 0
knotepl 112 7736 0 7714 27 26 1 3 0 8 0
kqueuepl 104 11911 0 11907 61 60 1 4 0 8 0
pipelkpl 48 8392 0 8382 1 0 1 1 0 8 0
pipepl 120 16784 0 16765 60 58 2 4 0 8 1
fdescpl 496 15412 0 15395 4 1 3 3 0 8 0
filepl 152 231244 0 231145 373 365 8 17 0 8 4
lockfpl 104 7612 0 7611 1 0 1 1 0 8 0
lockfspl 48 2317 0 2316 1 0 1 1 0 8 0
sessionpl 112 332 0 322 1 0 1 1 0 8 0
pgrppl 48 745 0 735 1 0 1 1 0 8 0
ucredpl 96 36148 0 36139 1 0 1 1 0 8 0
zombiepl 144 15395 0 15395 7 6 1 1 0 8 1
processpl 960 15428 0 15395 5 0 5 5 0 8 0
procpl 624 45262 0 45217 29 25 4 5 0 8 0
sosppl 128 467 0 467 58 57 1 1 0 8 1
sockpl 400 116869 0 116830 878 852 26 29 0 8 21
mcl64k 65536 41 0 0 3 0 3 3 0 8 0
mcl16k 16384 50 0 0 4 2 2 3 0 8 0
mcl12k 12288 73 0 0 2 0 2 2 0 8 0
mcl9k 9216 46 0 0 3 1 2 2 0 8 0
mcl8k 8192 30 0 0 4 1 3 3 0 8 0
mcl4k 4096 33 0 0 4 1 3 3 0 8 0
mcl2k2 2112 17 0 0 2 0 2 2 0 8 0
mcl2k 2048 319 0 0 19 10 9 19 0 8 0
mtagpl 80 1 0 0 1 0 1 1 0 8 0
mbufpl 256 1618 0 0 25 0 25 25 0 8 0
bufpl 280 58782 0 52492 450 0 450 450 0 8 0
anonpl 16 2207858 0 2196007 454 389 65 75 0 125 0
amapchunkpl 152 157051 0 156914 395 382 13 20 0 158 6
amappl16 192 81177 0 80386 603 552 51 53 0 8 7
amappl15 184 2735 0 2732 1 0 1 1 0 8 0
amappl14 176 4242 0 4229 1 0 1 1 0 8 0
amappl13 168 1601 0 1601 36 36 0 1 0 8 0
amappl12 160 1003 0 996 2 1 1 1 0 8 0
amappl11 152 2603 0 2592 1 0 1 1 0 8 0
amappl10 144 1398 0 1391 1 0 1 1 0 8 0
amappl9 136 6924 0 6921 1 0 1 1 0 8 0
amappl8 128 5570 0 5400 6 0 6 6 0 8 0
amappl7 120 3324 0 3309 1 0 1 1 0 8 0
amappl6 112 1734 0 1709 1 0 1 1 0 8 0
amappl5 104 3999 0 3987 1 0 1 1 0 8 0
amappl4 96 16188 0 16147 6 4 2 2 0 8 0
amappl3 88 3606 0 3592 1 0 1 1 0 8 0
amappl2 80 100201 0 100110 3 1 2 3 0 8 0
amappl1 72 436201 0 435734 24 14 10 20 0 8 0
amappl 80 50993 0 50947 2 0 2 2 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 138 0 9 3 0 3 3 0 8 0
uaddrrnd 24 15412 0 15395 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 15412 0 15395 1 0 1 1 0 8 0
vmmpekpl 168 153883 0 153850 4 1 3 3 0 8 0
vmmpepl 168 2190339 0 2188004 639 494 145 148 0 357 36
vmsppl 368 15411 0 15395 2 0 2 2 0 8 0
pdppl 4096 30831 0 30790 11 5 6 6 0 8 0
pvpl 32 5666746 0 5651303 933 775 158 186 0 265 4
pmappl 232 15411 0 15395 37 35 2 2 0 8 1
extentpl 40 46 0 29 1 0 1 1 0 8 0
phpool 112 1621 0 1414 7 0 7 7 0 8 0