panic: kernel diagnostic assertion "ps->ps_uvncount == 0" failed: file "/syzkaller/managers/setuid/kernel/sys/kern/kern_unveil.c", line 195
Stopped at      db_enter+0xa:   popq    %rbp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399
panic() at panic+0x147 sys/kern/subr_prf.c:208
__assert(ffffffff8104ab04,ffff80002119bc50,ffff800004ae8000,60) at __assert+0x24 sys/kern/subr_prf.c:155
unveil_destroy(ffff8000210b7630) at unveil_destroy+0x158 sys/kern/kern_unveil.c:195
exit1(10,ffff8000210a3080,0) at exit1+0x280 sys/kern/kern_exit.c:215
sys_exit(ffffffff810c0ae3,ffff80002119bd00,10) at sys_exit+0x13 sys/kern/kern_exit.c:94
syscall(0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:99 [inline]
syscall(0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:583
Xsyscall(6,1,0,1,0,7f7ffffdf720) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffdf6d0, count: 7
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb{1}> 
ddb{1}> set $lines = 0
ddb{1}> show panic
kernel diagnostic assertion "ps->ps_uvncount == 0" failed: file "/syzkaller/managers/setuid/kernel/sys/kern/kern_unveil.c", line 195
ddb{1}> trace
db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399
panic() at panic+0x147 sys/kern/subr_prf.c:208
__assert(ffffffff8104ab04,ffff80002119bc50,ffff800004ae8000,60) at __assert+0x24 sys/kern/subr_prf.c:155
unveil_destroy(ffff8000210b7630) at unveil_destroy+0x158 sys/kern/kern_unveil.c:195
exit1(10,ffff8000210a3080,0) at exit1+0x280 sys/kern/kern_exit.c:215
sys_exit(ffffffff810c0ae3,ffff80002119bd00,10) at sys_exit+0x13 sys/kern/kern_exit.c:94
syscall(0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:99 [inline]
syscall(0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:583
Xsyscall(6,1,0,1,0,7f7ffffdf720) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffdf6d0, count: -8
ddb{1}> show registers
rdi               0xffffffff81e172e8    kprintf_mutex
rsi                              0x5
rbp               0xffff80002119bbb0
rbx               0xffff80002119bc50
rdx                            0x3fd
rcx                                0
rax                                0
r8                0xffff80002119bb80
r9                0x8080808080808080
r10                                0
r11               0xffffffff813f0580    x86_bus_space_io_read_1
r12                     0x3000000008
r13               0xffff80002119bbc0
r14                            0x100
r15               0xffffffff81bf1914    cmd0646_9_tim_udma+0x1eccb
rip               0xffffffff81837e9a    db_enter+0xa
cs                               0x8
rflags                         0x246
rsp               0xffff80002119bbb0
ss                              0x10
db_enter+0xa:   popq    %rbp
ddb{1}> show proc
PROC (syz-executor1) pid=238839 stat=onproc
    flags process=1018<EXITING,SUGID,SINGLEEXIT> proc=2000<WEXIT>
    pri=50, usrpri=86, nice=20
    forw=0xffffffffffffffff, list=0xffff8000210a3788,0xffff8000210a2280
    process=0xffff8000210b7630 user=0xffff800021196000, vmspace=0xffffff0065823c68
    estcpu=36, cpticks=6, pctcpu=0.0
    user=0, sys=1, intr=0
ddb{1}> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 31929  116507  62519      0  3         0x2  biowait       syz-executor0
 84739   14168  95474  65534  3        0x90  nanosleep     syz-executor1
 95474  344105  62519      0  3        0x82  wait          syz-executor1
 66849  179484      0      0  3     0x14200  bored         sosplice
 62519  118950  91777      0  3        0x82  thrsleep      syz-fuzzer
 62519  316117  91777      0  3   0x4000082  nanosleep     syz-fuzzer
 62519  405589  91777      0  3   0x4000082  thrsleep      syz-fuzzer
 62519  522214  91777      0  3   0x4000082  kqread        syz-fuzzer
 62519  510364  91777      0  3   0x4000082  thrsleep      syz-fuzzer
 62519  179436  91777      0  3   0x4000082  thrsleep      syz-fuzzer
 62519  172136  91777      0  3   0x4000082  nanosleep     syz-fuzzer
 62519  314705  91777      0  3   0x4000082  thrsleep      syz-fuzzer
 62519  154482  91777      0  3   0x4000082  thrsleep      syz-fuzzer
 62519  486952  91777      0  3   0x4000082  thrsleep      syz-fuzzer
 91777    4182   7452      0  3    0x10008a  pause         ksh
  7452  347835  64799      0  3        0x92  select        sshd
 34906  417495      1      0  3    0x100083  ttyin         getty
 64799  325993      1      0  3        0x80  select        sshd
 15754  523911  89260     73  3    0x100090  kqread        syslogd
 89260   36675      1      0  3    0x100082  netio         syslogd
 41563   12219      1     77  3    0x100090  poll          dhclient
  2130  370214      1      0  3        0x80  poll          dhclient
 16270  303262      0      0  3     0x14200  pgzero        zerothread
 95041  181528      0      0  3     0x14200  aiodoned      aiodoned
 34494  344881      0      0  3     0x14200  syncer        update
 97960  317925      0      0  3     0x14200  cleaner       cleaner
 20097  431698      0      0  3     0x14200  reaper        reaper
 77175   39781      0      0  3     0x14200  pgdaemon      pagedaemon
 52519  393392      0      0  3     0x14200  bored         crynlk
 50688  311137      0      0  3     0x14200  bored         crypto
  6019  472667      0      0  3  0x40014200  acpi0         acpi0
 30116  358176      0      0  3  0x40014200                idle1
 70920  382792      0      0  3     0x14200  bored         softnet
 38810   20841      0      0  3     0x14200  bored         systqmp
 76574  288057      0      0  3     0x14200  bored         systq
 18256  350034      0      0  3  0x40014200  bored         softclock
 38264   39962      0      0  7  0x40014200                idle0
     1  320911      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper