panic: acquiring blockable sleep lock with spinlock or critical section held (kernel_lock) &kernel_lock
Stopped at      db_enter+0x18:  addq    $0x8,%rsp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
* 60608  67909      0           0  0x4000000    0  syz-executor.3
 500745  51982      0     0x14000      0x200    1  reaper
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440
panic(ffffffff825a4184) at panic+0x177 sys/kern/subr_prf.c:202
witness_checkorder(ffffffff82a6f1a0,9,0) at witness_checkorder+0x116d sys/kern/subr_witness.c:833
__mp_lock(ffffffff82a6ef98) at __mp_lock+0xa1 read_rflags machine/cpufunc.h:195 [inline]
__mp_lock(ffffffff82a6ef98) at __mp_lock+0xa1 intr_disable machine/cpufunc.h:216 [inline]
__mp_lock(ffffffff82a6ef98) at __mp_lock+0xa1 sys/kern/kern_lock.c:142
selwakeup(fffffd8073df8e70) at selwakeup+0x16 klist_empty sys/sys/event.h:361 [inline]
selwakeup(fffffd8073df8e70) at selwakeup+0x16 sys/kern/sys_generic.c:885
sorwakeup(fffffd8073df8d58) at sorwakeup+0xc9 sys/kern/uipc_socket.c:1699
rip6_input(ffff80002e39ce28,ffff80002e39ce34,85,18) at rip6_input+0x6bc sys/netinet6/raw_ip6.c:224
ip_deliver(ffff80002e39ce28,ffff80002e39ce34,85,18) at ip_deliver+0x322 sys/netinet/ip_input.c:657
ip6_input_if(ffff80002e39ce28,ffff80002e39ce34,29,0,ffff80000019f2a8) at ip6_input_if+0x920
ipv6_input(ffff80000019f2a8,fffffd80674a2300) at ipv6_input+0x48 sys/netinet6/ip6_input.c:169
if_input_local(ffff80000019f2a8,fffffd80674a2300,18) at if_input_local+0x136 sys/net/if.c:778
ip6_output(fffffd80766f7600,ffff800000bc6f80,fffffd8079270a38,0,0,fffffd80792709c0) at ip6_output+0xf57
rip6_output(fffffd80766f7600,fffffd8073df8b78,ffff80002e39d190,0) at rip6_output+0x4ad sys/netinet6/raw_ip6.c:490
rip6_usrreq(fffffd8073df8b78,9,fffffd80766f7600,0,0,ffff8000ffff3508) at rip6_usrreq+0x5d3 sys/netinet6/raw_ip6.c:679
end trace frame: 0xffff80002e39d310, count: 0
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb{0}> 
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
*cpu0: acquiring blockable sleep lock with spinlock or critical section held (kernel_lock) &kernel_lock
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440
panic(ffffffff825a4184) at panic+0x177 sys/kern/subr_prf.c:202
witness_checkorder(ffffffff82a6f1a0,9,0) at witness_checkorder+0x116d sys/kern/subr_witness.c:833
__mp_lock(ffffffff82a6ef98) at __mp_lock+0xa1 read_rflags machine/cpufunc.h:195 [inline]
__mp_lock(ffffffff82a6ef98) at __mp_lock+0xa1 intr_disable machine/cpufunc.h:216 [inline]
__mp_lock(ffffffff82a6ef98) at __mp_lock+0xa1 sys/kern/kern_lock.c:142
selwakeup(fffffd8073df8e70) at selwakeup+0x16 klist_empty sys/sys/event.h:361 [inline]
selwakeup(fffffd8073df8e70) at selwakeup+0x16 sys/kern/sys_generic.c:885
sorwakeup(fffffd8073df8d58) at sorwakeup+0xc9 sys/kern/uipc_socket.c:1699
rip6_input(ffff80002e39ce28,ffff80002e39ce34,85,18) at rip6_input+0x6bc sys/netinet6/raw_ip6.c:224
ip_deliver(ffff80002e39ce28,ffff80002e39ce34,85,18) at ip_deliver+0x322 sys/netinet/ip_input.c:657
ip6_input_if(ffff80002e39ce28,ffff80002e39ce34,29,0,ffff80000019f2a8) at ip6_input_if+0x920
ipv6_input(ffff80000019f2a8,fffffd80674a2300) at ipv6_input+0x48 sys/netinet6/ip6_input.c:169
if_input_local(ffff80000019f2a8,fffffd80674a2300,18) at if_input_local+0x136 sys/net/if.c:778
ip6_output(fffffd80766f7600,ffff800000bc6f80,fffffd8079270a38,0,0,fffffd80792709c0) at ip6_output+0xf57
rip6_output(fffffd80766f7600,fffffd8073df8b78,ffff80002e39d190,0) at rip6_output+0x4ad sys/netinet6/raw_ip6.c:490
rip6_usrreq(fffffd8073df8b78,9,fffffd80766f7600,0,0,ffff8000ffff3508) at rip6_usrreq+0x5d3 sys/netinet6/raw_ip6.c:679
sosend(fffffd8073df8b78,0,ffff80002e39d3c8,0,0,0) at sosend+0x632 sys/kern/uipc_socket.c:582
dofilewritev(ffff8000ffff3508,5,ffff80002e39d3c8,0,ffff80002e39d4c0) at dofilewritev+0x19c sys/kern/sys_generic.c:381
sys_write(ffff8000ffff3508,ffff80002e39d468,ffff80002e39d4c0) at sys_write+0x83 sys/kern/sys_generic.c:301
syscall(ffff80002e39d530) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002e39d530) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xabecee147c0, count: -19
ddb{0}> show registers
rdi                                0
rsi                              0x1
rbp               0xffff80002e39c940
rbx               0xffffffff82987bff    cpu_info_full_primary+0x2bff
rdx                                0
rcx                                0
rax               0xffff8000ffff3508
r8                 0x101010101010101
r9                0x8080808080808080
r10               0xf337cfa55eeaf8fd
r11               0x7f8552bb2522a8e4
r12               0xffffffff82987a00    cpu_info_full_primary+0x2a00
r13                                0
r14                                0
r15                              0x1
rip               0xffffffff815a2d98    db_enter+0x18
cs                               0x8
rflags                         0x246
rsp               0xffff80002e39c930
ss                              0x10
db_enter+0x18:  addq    $0x8,%rsp
ddb{0}> show proc
PROC (syz-executor.3) pid=60608 stat=onproc
    flags process=0 proc=4000000<THREAD>
    pri=32, usrpri=82, nice=20
    forw=0xffffffffffffffff, list=0xffff8000ffff2008,0xffff80002e3c3a58
    process=0xffff80002e3c7628 user=0xffff80002e398000, vmspace=0xfffffd8070dc0a10
    estcpu=32, cpticks=1, pctcpu=0.0
    user=0, sys=1, intr=0
ddb{0}> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 67305  121736  24239      0  2           0                syz-executor.0
 67305  380448  24239      0  2   0x4000000                syz-executor.0
 67909  338607  61858      0  2           0                syz-executor.3
*67909   60608  61858      0  7   0x4000000                syz-executor.3
 67909  254610  61858      0  3   0x4000080  fsleep        syz-executor.3
 67909  407073  61858      0  3   0x4000080  fsleep        syz-executor.3
 35350  318201  17643      0  3        0x80  nanoslp       syz-executor.5
 35350  111287  17643      0  2   0x4000000                syz-executor.5
 35350   21247  17643      0  3   0x4000080  fsleep        syz-executor.5
 81998  287360  71051      0  3        0x82  piperd        syz-executor.6
 18313  416180  71051      0  3        0x82  nanoslp       syz-executor.4
 23859  249053  71051      0  2         0x2                syz-executor.1
 61858  299083  71051      0  3        0x82  nanoslp       syz-executor.3
 24239  179743  71051      0  3        0x82  nanoslp       syz-executor.0
 17643  131236  71051      0  3        0x82  nanoslp       syz-executor.5
 77627  317591  71051      0  3        0x82  piperd        syz-executor.2
 57408  418026      1      0  3    0x100083  ttyin         getty
 71163  511294      0      0  3     0x14200  bored         sosplice
  6242   97639  71051      0  3        0x82  piperd        syz-executor.7
 71051   39502  51394      0  3        0x82  kqread        syz-fuzzer
 71051  314733  51394      0  3   0x4000082  thrsleep      syz-fuzzer
 71051  516969  51394      0  3   0x4000082  thrsleep      syz-fuzzer
 71051  278152  51394      0  3   0x4000082  thrsleep      syz-fuzzer
 71051   64774  51394      0  3   0x4000082  thrsleep      syz-fuzzer
 71051  284851  51394      0  3   0x4000082  thrsleep      syz-fuzzer
 71051  275792  51394      0  3   0x4000082  thrsleep      syz-fuzzer
 71051  277601  51394      0  3   0x4000082  thrsleep      syz-fuzzer
 71051  265633  51394      0  3   0x4000082  thrsleep      syz-fuzzer
 51394  208816  64389      0  3    0x10008a  sigsusp       ksh
 64389  495352  34155      0  3        0x9a  kqread        sshd
 34155  152985      1      0  3        0x88  kqread        sshd
 65678  356920  70750     74  3   0x1100092  bpf           pflogd
 70750  207506      1      0  3        0x80  netio         pflogd
 12383   76013  74916     73  3   0x1100090  kqread        syslogd
 74916   14558      1      0  3    0x100082  netio         syslogd
 13931  438423      1      0  3    0x100080  kqread        resolvd
 88878  406744  32214     77  3    0x100092  kqread        dhcpleased
 70894  460745  32214     77  3    0x100092  kqread        dhcpleased
 32214  218075      1      0  3        0x80  kqread        dhcpleased
 25379  518704      0      0  3     0x14200  bored         smr
 82636   84213      0      0  2     0x14200                zerothread
 92434  442262      0      0  3     0x14200  aiodoned      aiodoned
 12691  227498      0      0  3     0x14200  syncer        update
 86843  271712      0      0  3     0x14200  cleaner       cleaner
 51982  500745      0      0  7     0x14200                reaper
 44623  491401      0      0  3     0x14200  pgdaemon      pagedaemon
 40523  145084      0      0  3     0x14200  bored         viomb
 78409  361841      0      0  3  0x40014200  acpi0         acpi0
 22445  487214      0      0  3  0x40014200                idle1
  3928   90142      0      0  3     0x14200  bored         softnet
 66002  432436      0      0  3     0x14200  bored         systqmp
  8886  264637      0      0  3     0x14200  bored         systq
 35670  134587      0      0  3  0x40014200  bored         softclock
 44184  432285      0      0  3  0x40014200                idle0
     1  400637      0      0  3     0x80082  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper
ddb{0}> show all locks
CPU 0:
exclusive mutex &table->inpt_mtx r = 0 (0xffffffff82a21700)
#0  witness_lock+0x44d
#1  mtx_enter_try+0x100
#2  mtx_enter+0x4b sys/kern/kern_lock.c:266
#3  rip6_input+0x28f
#4  ip_deliver+0x322 sys/netinet/ip_input.c:657
#5  ip6_input_if+0x920
#6  ipv6_input+0x48 sys/netinet6/ip6_input.c:169
#7  if_input_local+0x136 sys/net/if.c:778
#8  ip6_output+0xf57
#9  rip6_output+0x4ad sys/netinet6/raw_ip6.c:490
#10 rip6_usrreq+0x5d3 sys/netinet6/raw_ip6.c:679
#11 sosend+0x632 sys/kern/uipc_socket.c:582
#12 dofilewritev+0x19c sys/kern/sys_generic.c:381
#13 sys_write+0x83 sys/kern/sys_generic.c:301
#14 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#14 syscall+0x489 sys/arch/amd64/amd64/trap.c:585
#15 Xsyscall+0x128
CPU 1: