login: panic: kernel diagnostic assertion "refs != ~0" failed: file "/syzkaller/managers/main/kernel/sys/kern/kern_synch.c", line 955 Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff83418933) at panic+0x1cf sys/kern/subr_prf.c:198 __assert(ffffffff83455194,ffffffff834aee01,3bb,ffffffff834885cd) at __assert+0x29 sys/kern/subr_prf.c:-1 refcnt_finalize(ffff80003c926c48,ffffffff8340d82c) at refcnt_finalize+0x1c8 sys/kern/kern_synch.c:956 pppx_if_destroy(285b9a,ffff80003c926c40) at pppx_if_destroy+0x3d sys/net/if_pppx.c:794 pppxclose(285b9a,41,2000,ffff80002a788010) at pppxclose+0xa0 sys/net/if_pppx.c:541 spec_close(ffff80003a8f14f0) at spec_close+0x417 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd806cce0ce0,41,fffffd8007ffd618,ffff80002a788010) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd807873b9d8,ffff80002a788010) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd807873b9d8,ffff80002a788010) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd807873b9d8,ffff80002a788010) at fdrop+0x121 sys/kern/kern_descrip.c:1281 closef(fffffd807873b9d8,ffff80002a788010) at closef+0x190 sys/kern/kern_descrip.c:1265 fdfree(ffff80002a788010) at fdfree+0x115 sys/kern/kern_descrip.c:1196 exit1(ffff80002a788010,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff80002a788010,ffff80003a8f1850,ffff80003a8f17a0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 end trace frame: 0xffff80003a8f1840, count: 0 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: kernel diagnostic assertion "refs != ~0" failed: file "/syzkaller/managers/main/kernel/sys/kern/kern_synch.c", line 955 ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff83418933) at panic+0x1cf sys/kern/subr_prf.c:198 __assert(ffffffff83455194,ffffffff834aee01,3bb,ffffffff834885cd) at __assert+0x29 sys/kern/subr_prf.c:-1 refcnt_finalize(ffff80003c926c48,ffffffff8340d82c) at refcnt_finalize+0x1c8 sys/kern/kern_synch.c:956 pppx_if_destroy(285b9a,ffff80003c926c40) at pppx_if_destroy+0x3d sys/net/if_pppx.c:794 pppxclose(285b9a,41,2000,ffff80002a788010) at pppxclose+0xa0 sys/net/if_pppx.c:541 spec_close(ffff80003a8f14f0) at spec_close+0x417 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd806cce0ce0,41,fffffd8007ffd618,ffff80002a788010) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd807873b9d8,ffff80002a788010) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd807873b9d8,ffff80002a788010) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd807873b9d8,ffff80002a788010) at fdrop+0x121 sys/kern/kern_descrip.c:1281 closef(fffffd807873b9d8,ffff80002a788010) at closef+0x190 sys/kern/kern_descrip.c:1265 fdfree(ffff80002a788010) at fdfree+0x115 sys/kern/kern_descrip.c:1196 exit1(ffff80002a788010,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff80002a788010,ffff80003a8f1850,ffff80003a8f17a0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003a8f1850) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003a8f1850) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7091238ee9b0, count: -16 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80003a8f12d0 rbx 0 rdx 0 rcx 0 rax 0xffff80002a788010 r8 0x101010101010101 r9 0x8080808080808080 r10 0xd7a703b5d29d0b8 r11 0xa6d8cfb39a7b2540 r12 0 r13 0 r14 0 r15 0x1 rip 0xffffffff824f7e95 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80003a8f12c0 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (syz-executor) tid=135359 pid=66647 tcnt=0 stat=onproc flags process=1008 proc=2000 runpri=32, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80002a788010 scnt=-1 ecnt=1 forw=0xffffffffffffffff, list=0xffff80003c90b778,0xffff80002a789ca8 process=0xffff8000ffff9f98 user=0xffff80003a8ec000, vmspace=0xfffffd807ece2a10 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 65764 316254 31423 0 2 0 syz-executor 65764 36334 31423 0 3 0x4000080 fsleep syz-executor 65764 479623 31423 0 3 0x4000080 fsleep syz-executor 65764 295050 31423 0 2 0x4000000 syz-executor 74696 227905 71818 0 2 0 syz-executor 74696 286742 71818 0 3 0x4000080 fsleep syz-executor 69484 120807 39879 0 2 0 syz-executor 69484 368781 39879 0 3 0x4000080 fsleep syz-executor 6649 495734 6089 0 2 0 syz-executor 6649 231413 6089 0 3 0x4000000 smrbar syz-executor 6649 182049 6089 0 3 0x4000080 fsleep syz-executor 78121 210557 91047 0 2 0 syz-executor 78121 431274 91047 0 3 0x4000080 fsleep syz-executor 87931 248879 64512 0 2 0 syz-executor 87931 356984 64512 0 3 0x4000080 kqsel syz-executor 87931 471217 64512 0 3 0x4000080 fsleep syz-executor 87931 516594 64512 0 3 0x4000080 fsleep syz-executor 75758 339527 61135 0 3 0x80 nanoslp syz-executor 75758 158850 61135 0 3 0x4000080 sbwait syz-executor 75758 482506 61135 0 3 0x4000080 fsleep syz-executor 75758 444388 61135 0 3 0x4000080 fsleep syz-executor 4733 119997 0 0 3 0x14280 nfsidl nfsio 8730 76180 0 0 3 0x14280 nfsidl nfsio 11443 69773 0 0 3 0x14280 nfsidl nfsio 319 397218 0 0 3 0x14280 nfsidl nfsio 30477 72303 0 0 3 0x14280 nfsidl nfsio 42667 259119 0 0 3 0x14280 nfsidl nfsio 430 480188 0 0 3 0x14280 nfsidl nfsio 66797 347504 0 0 3 0x14280 nfsidl nfsio 52979 364564 0 0 3 0x14280 nfsidl nfsio 41890 72738 0 0 3 0x14280 nfsidl nfsio 4544 35055 0 0 3 0x14280 nfsidl nfsio 11143 61772 0 0 3 0x14280 nfsidl nfsio 91063 493405 0 0 3 0x14280 nfsidl nfsio 49948 166825 0 0 3 0x14280 nfsidl nfsio 40986 462338 0 0 3 0x14280 nfsidl nfsio 43242 113296 0 0 3 0x14280 nfsidl nfsio 87649 201511 0 0 3 0x14280 nfsidl nfsio 49590 472468 0 0 3 0x14280 nfsidl nfsio 57228 212670 0 0 3 0x14280 nfsidl nfsio 80233 518674 0 0 3 0x14280 nfsidl nfsio 34509 310718 1 0 3 0x100083 ttyin getty 91047 323002 90240 0 3 0x82 nanoslp syz-executor 68324 470892 90240 0 3 0x82 nanoslp syz-executor 31423 175740 90240 0 2 0xc82 syz-executor 64512 134646 90240 0 3 0x82 nanoslp syz-executor 6089 185791 90240 0 2 0xc82 syz-executor 61135 515484 90240 0 3 0x82 nanoslp syz-executor 39879 342942 90240 0 3 0x82 nanoslp syz-executor 71818 278176 90240 0 2 0xc82 syz-executor 90240 374896 1 0 3 0x82 kqread syz-executor 30164 251781 1 73 3 0x1100090 kqread syslogd 6744 10828 0 0 3 0x14200 bored smr 24200 337416 0 0 2 0x14200 zerothread 32982 329493 0 0 3 0x14200 aiodoned aiodoned 86223 432604 0 0 3 0x14200 syncer update 71128 71251 0 0 3 0x14200 cleaner cleaner 92564 138733 0 0 3 0x14200 reaper reaper 30667 476418 0 0 3 0x14200 pgdaemon pagedaemon 18583 257543 0 0 3 0x14200 bored viomb 49270 368231 0 0 3 0x40014200 acpi0 acpi0 38270 223251 0 0 2 0x14200 softnet0 95769 496458 0 0 3 0x14200 smrbar systqmp 40392 267612 0 0 3 0x14200 bored systq 60828 251391 0 0 3 0x40014200 tmoslp softclock 32142 473537 0 0 3 0x40014200 idle0 1 192346 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb>