panic: kernel diagnostic assertion "ps->ps_uvncount == 0" failed: file "/syzkaller/managers/multicore/kernel/sys/kern/kern_unveil.c", line 200
Stopped at      db_enter+0x18:  addq    $0x8,%rsp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
  56799  54761      0     0x14000      0x200    1  reaper
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
__assert(ffffffff81fb3612,ffffffff81fb6d40,c8,ffffffff81f75520) at __assert+0x2e sys/kern/subr_prf.c:154
unveil_destroy(ffff800020b2a710) at unveil_destroy+0x19f sys/kern/kern_unveil.c:200
exit1(ffff800020b28508,0,1) at exit1+0x38f sys/kern/kern_exit.c:218
sys_exit(ffff800020b28508,ffff80002501f690,ffff80002501f700) at sys_exit+0x17 sys/kern/kern_exit.c:94
syscall(ffff80002501f770) at syscall+0x552 mi_syscall sys/sys/syscall_mi.h:92 [inline]
syscall(ffff80002501f770) at syscall+0x552 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,1,0,1,0,7f7ffffeb084) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffeb050, count: 7
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb{0}> 
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
kernel diagnostic assertion "ps->ps_uvncount == 0" failed: file "/syzkaller/managers/multicore/kernel/sys/kern/kern_unveil.c", line 200
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
__assert(ffffffff81fb3612,ffffffff81fb6d40,c8,ffffffff81f75520) at __assert+0x2e sys/kern/subr_prf.c:154
unveil_destroy(ffff800020b2a710) at unveil_destroy+0x19f sys/kern/kern_unveil.c:200
exit1(ffff800020b28508,0,1) at exit1+0x38f sys/kern/kern_exit.c:218
sys_exit(ffff800020b28508,ffff80002501f690,ffff80002501f700) at sys_exit+0x17 sys/kern/kern_exit.c:94
syscall(ffff80002501f770) at syscall+0x552 mi_syscall sys/sys/syscall_mi.h:92 [inline]
syscall(ffff80002501f770) at syscall+0x552 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,1,0,1,0,7f7ffffeb084) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffeb050, count: -8
ddb{0}> show registers
rdi                                0
rsi                              0x1
rbp               0xffff80002501f4a0
rbx               0xffff80002501f550
rdx               0xffff800020b28508
rcx                                0
rax                                0
r8                0xffffffff81386d93    kprintf+0x173
r9                               0x1
r10                             0x25
r11               0xd81fd6a69213c8d2
r12                     0x3000000008
r13               0xffff80002501f4b0
r14                            0x100
r15                              0x1
rip               0xffffffff81dcdf98    db_enter+0x18
cs                               0x8
rflags                         0x246
rsp               0xffff80002501f490
ss                              0x10
db_enter+0x18:  addq    $0x8,%rsp
ddb{0}> show proc
PROC (syz-executor.0) pid=158577 stat=onproc
    flags process=1008<EXITING,SINGLEEXIT> proc=2000<WEXIT>
    pri=32, usrpri=77, nice=20
    forw=0xffffffffffffffff, list=0xffff800020b28ee8,0xffffffff82369d48
    process=0xffff800020b2a710 user=0xffff80002501a000, vmspace=0xfffffd807f00b170
    estcpu=27, cpticks=0, pctcpu=0.31
    user=0, sys=2, intr=0
ddb{0}> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 69029  175041  64742      0  3        0x82  piperd        syz-executor.1
 18447  120879      1      0  3    0x100083  ttyin         getty
 21078  286574      0      0  3     0x14200  bored         sosplice
 14507   40824  64742      0  2       0x482                syz-executor.0
 64742  523132  33815      0  3        0x82  thrsleep      syz-fuzzer
 64742  305344  33815      0  3   0x4000082  thrsleep      syz-fuzzer
 64742    7344  33815      0  3   0x4000082  thrsleep      syz-fuzzer
 64742  328945  33815      0  3   0x4000082  thrsleep      syz-fuzzer
 64742  478247  33815      0  3   0x4000082  thrsleep      syz-fuzzer
 64742  136097  33815      0  3   0x4000082  thrsleep      syz-fuzzer
 64742  224091  33815      0  3   0x4000082  thrsleep      syz-fuzzer
 64742  200616  33815      0  3   0x4000082  kqread        syz-fuzzer
 64742  243095  33815      0  3   0x4000082  thrsleep      syz-fuzzer
 64742  228979  33815      0  3   0x4000082  thrsleep      syz-fuzzer
 33815  276072  12749      0  3    0x10008a  pause         ksh
 12749  292407  36978      0  3        0x92  select        sshd
 36978  390831      1      0  3        0x80  select        sshd
 39120  440332  52677     74  3    0x100092  bpf           pflogd
 52677  226147      1      0  3        0x80  netio         pflogd
  9897  369530  95105     73  3    0x100090  kqread        syslogd
 95105  134382      1      0  3    0x100082  netio         syslogd
 70758   86002      1     77  3    0x100090  poll          dhclient
 86294  201302      1      0  3        0x80  poll          dhclient
 33333  411310      0      0  3     0x14200  pgzero        zerothread
 81772  251479      0      0  3     0x14200  aiodoned      aiodoned
 17454  288158      0      0  2     0x14200                update
 60504  462906      0      0  3     0x14200  cleaner       cleaner
 54761   56799      0      0  7     0x14200                reaper
 30392  506982      0      0  3     0x14200  pgdaemon      pagedaemon
 82508  381775      0      0  3     0x14200  bored         crynlk
 91958   94556      0      0  3     0x14200  bored         crypto
 47826  281909      0      0  3  0x40014200  acpi0         acpi0
 59530   38707      0      0  3  0x40014200                idle1
 70055    6395      0      0  2     0x14200                softnet
 35532  236878      0      0  2     0x14200                systqmp
 77902  171281      0      0  3     0x14200  bored         systq
 31948   49341      0      0  2  0x40014200                softclock
 11478  423049      0      0  3  0x40014200                idle0
 83951  304872      0      0  3     0x14200  bored         smr
     1   70825      0      0  3        0x82  wait          init
     0       0     -1      0  2     0x10200                swapper
ddb{0}> show all locks
ddb{0}> show malloc
           Type InUse  MemUse  HighUse   Limit  Requests Type Lim Kern Lim
         devbuf  9573   6450K    7600K  78643K     19839        0        0
            pcb    13      8K       8K  78643K       336        0        0
         rtable   111      4K       5K  78643K       887        0        0
         ifaddr    75     16K      17K  78643K       385        0        0
       counters    39     33K      33K  78643K        39        0        0
       ioctlops     0      0K       4K  78643K      1633        0        0
            iov     0      0K      32K  78643K       456        0        0
          mount     1      1K       1K  78643K         1        0        0
         vnodes  1207     76K      77K  78643K      4563        0        0
      UFS quota     1     32K      32K  78643K         1        0        0
      UFS mount     5     36K      36K  78643K         5        0        0
            shm     2      1K       9K  78643K        52        0        0
         VM map     2      1K       1K  78643K         2        0        0
            sem    12      0K       0K  78643K       354        0        0
        dirhash    12      2K       2K  78643K        12        0        0
           ACPI  1808    196K     290K  78643K     12765        0        0
      file desc     4      9K      25K  78643K      3555        0        0
          sigio     1      0K       0K  78643K        44        0        0
           proc    57     63K      83K  78643K       829        0        0
        subproc    32      2K       2K  78643K        71        0        0
    NFS srvsock     1      0K       0K  78643K         1        0        0
     NFS daemon     1     16K      16K  78643K         1        0        0
    ip_moptions     0      0K       0K  78643K       322        0        0
       in_multi    33      2K       2K  78643K       180        0        0
    ether_multi     1      0K       0K  78643K        18        0        0
            mrt     0      0K       0K  78643K        23        0        0
    ISOFS mount     1     32K      32K  78643K         1        0        0
  MSDOSFS mount     1     16K      16K  78643K         1        0        0
           ttys   108    477K     477K  78643K       108        0        0
           exec     0      0K       1K  78643K       540        0        0
        pagedep     1      8K       8K  78643K         1        0        0
       inodedep     1     32K      32K  78643K         1        0        0
         newblk     1      0K       0K  78643K         1        0        0
        VM swap     7     26K      26K  78643K         7        0        0
       UVM amap   112     22K      31K  78643K     12792        0        0
       UVM aobj   130      4K       4K  78643K       144        0        0
        memdesc     1      4K       4K  78643K         1        0        0
    crypto data     1      1K       1K  78643K         1        0        0
    ip6_options     0      0K       0K  78643K       196        0        0
            NDP    17      0K       0K  78643K       106        0        0
           temp   207   2748K    3388K  78643K     14517        0        0
         kqueue     0      0K       0K  78643K        48        0        0
      SYN cache     2     16K      16K  78643K         2        0        0
ddb{0}> show all pools
Name      Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp         64       11    0        5     1     0     1     1     0     8    0
plcache    128       20    0        0     1     0     1     1     0     8    0
rtpcb       80      171    0      169     1     0     1     1     0     8    0
rtentry    112       76    0       32     2     0     2     2     0     8    0
unpcb      120     1134    0     1124     1     0     1     1     0     8    0
syncache   264        4    0        4     1     1     0     1     0     8    0
tcpqe       32     9971    0     9971     2     2     0     2     0     8    0
tcpcb      544      620    0      616     1     0     1     1     0     8    0
inpcb      280     1614    0     1606     5     4     1     2     0     8    0
rttmr       72        7    0        7     5     5     0     1     0     8    0
nd6         48       12    0        6     1     0     1     1     0     8    0
pkpcb       40       20    0       20     9     9     0     1     0     8    0
swfcl       56        3    0        0     1     0     1     1     0     8    0
ppxss      1128      64    0       64     9     8     1     1     0     8    1
pffrag     232        1    0        1     1     1     0     1     0   482    0
pffrnode    88        1    0        1     1     1     0     1     0     8    0
pffrent     40        2    0        2     1     1     0     1     0     8    0
pfosfp      40      846    0      423     5     0     5     5     0     8    0
pfosfpen   112     1428    0      714    21     0    21    21     0     8    0
pfstitem    24       62    0       47     1     0     1     1     0     8    0
pfstkey    112       62    0       47     1     0     1     1     0     8    0
pfstate    328       62    0       47     3     0     3     3     0     8    0
pfrule     1360      21    0       16     2     1     1     2     0     8    0
art_heap8  4096       1    0        0     1     0     1     1     0     8    0
art_heap4  256      305    0      114    14     2    12    14     0     8    0
art_table   32      306    0      114     2     0     2     2     0     8    0
art_node    16       73    0       33     1     0     1     1     0     8    0
sysvmsgpl   40       13    0        8     3     2     1     1     0     8    0
semapl     112      352    0      342     1     0     1     1     0     8    0
shmpl      112      142    0       14     4     0     4     4     0     8    0
dirhash    1024      17    0        0     3     0     3     3     0     8    0
dino1pl    128     7185    0     5783    47     0    47    47     0     8    0
ffsino     272     7185    0     5783    96     0    96    96     0     8    0
nchpl      144    12300    0    10669    62     0    62    62     0     8    0
uvmvnodes   72     5926    0        0   108     0   108   108     0     8    0
vnodes     200     5926    0        0   312     0   312   312     0     8    0
namei      1024   39524    0    39524     2     1     1     1     0     8    1
percpumem   16       30    0        0     1     0     1     1     0     8    0
scsiplug    64       10    0       10     7     7     0     1     0     8    0
scxspl     192    38183    0    38183    29    28     1     6     0     8    1
plimitpl   152      314    0      306     1     0     1     1     0     8    0
sigapl     432     3751    0     3736     3     1     2     3     0     8    0
futexpl     56    43197    0    43197     1     0     1     1     0     8    1
knotepl    112      660    0      641     1     0     1     1     0     8    0
kqueuepl   104      812    0      810     1     0     1     1     0     8    0
pipepl     112     2146    0     2127     6     5     1     2     0     8    0
fdescpl    488     3752    0     3737     3     0     3     3     0     8    0
filepl     152    22648    0    22549    11     6     5     7     0     8    0
lockfpl    104     1396    0     1396     2     1     1     1     0     8    1
lockfspl    48      493    0      493     2     1     1     1     0     8    1
sessionpl  112       22    0       11     1     0     1     1     0     8    0
pgrppl      48       70    0       59     1     0     1     1     0     8    0
ucredpl     96     4729    0     4720     1     0     1     1     0     8    0
zombiepl   144     3737    0     3736     3     2     1     1     0     8    0
processpl  896     3768    0     3736     4     0     4     4     0     8    0
procpl     632    11775    0    11733    10     5     5     5     0     8    1
srpgc       64        9    0        9     6     6     0     1     0     8    0
sosppl     128       45    0       45    12    11     1     1     0     8    1
sockpl     384     2958    0     2939     6     3     3     4     0     8    1
mcl64k     65536     17    0        0     3     0     3     3     0     8    0
mcl16k     16384     15    0        0     2     0     2     2     0     8    0
mcl12k     12288     17    0        0     2     0     2     2     0     8    0
mcl9k      9216       9    0        0     1     0     1     1     0     8    0
mcl8k      8192      15    0        0     2     0     2     2     0     8    0
mcl4k      4096      13    0        0     2     0     2     2     0     8    0
mcl2k2     2112       8    0        0     1     0     1     1     0     8    0
mcl2k      2048     236    0        0    29     6    23    29     0     8    0
mtagpl      80       37    0        0     1     0     1     1     0     8    0
mbufpl     256      318    0        0    17     1    16    17     0     8    0
bufpl      256    15305    0     8276   440     0   440   440     0     8    0
anonpl      16   344238    0   332230   131    78    53    66     0   125    1
amapchunkpl 152   22619    0    22503    39    32     7    12     0   158    0
amappl16   192    18859    0    18178   108    73    35    46     0     8    0
amappl15   184        1    0        1     1     1     0     1     0     8    0
amappl14   176     1828    0     1818     1     0     1     1     0     8    0
amappl13   168        9    0        9     2     2     0     1     0     8    0
amappl12   160       14    0       14     2     2     0     1     0     8    0
amappl11   152     1383    0     1367     1     0     1     1     0     8    0
amappl10   144      277    0      271     1     0     1     1     0     8    0
amappl9    136      863    0      859     1     0     1     1     0     8    0
amappl8    128      433    0      404     2     0     2     2     0     8    0
amappl7    120      237    0      230     1     0     1     1     0     8    0
amappl6    112     1371    0     1362     1     0     1     1     0     8    0
amappl5    104      163    0      148     1     0     1     1     0     8    0
amappl4     96     4045    0     4014     2     1     1     2     0     8    0
amappl3     88     2250    0     2239     1     0     1     1     0     8    0
amappl2     80    29018    0    28946     4     2     2     3     0     8    0
amappl1     72    89121    0    88667    27    17    10    20     0     8    0
amappl      80    12099    0    12057     1     0     1     1     0    84    0
dma4096    4096       1    0        1     1     1     0     1     0     8    0
dma256     256        6    0        6     1     1     0     1     0     8    0
dma64       64      259    0      259     1     1     0     1     0     8    0
dma32       32        7    0        7     1     1     0     1     0     8    0
dma16       16       17    0       17     1     1     0     1     0     8    0
aobjpl      64      143    0       14     3     0     3     3     0     8    0
uaddrrnd    24     3752    0     3736     1     0     1     1     0     8    0
uaddrbest   32        2    0        0     1     0     1     1     0     8    0
uaddr       24     3752    0     3736     1     0     1     1     0     8    0
vmmpekpl   168    29472    0    29441     2     0     2     2     0     8    0
vmmpepl    168   455437    0   453598   194   108    86   102     0   357    1
vmsppl     368     3751    0     3736     2     0     2     2     0     8    0
pdppl      4096    7511    0     7472     7     1     6     6     0     8    0
pvpl        32   934067    0   918290   275   134   141   163     0   265   13
pmappl     232     3751    0     3736     2     1     1     2     0     8    0
extentpl    40       41    0       26     1     0     1     1     0     8    0
phpool     112      625    0       14    18     0    18    18     0     8    0