panic: assertwaitok: non-zero mutex count: 2 Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *143947 3495 0 0x8000002 0x1 0 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82fe71bc) at panic+0x1cf sys/kern/subr_prf.c:198 assertwaitok() at assertwaitok+0x16f sys/kern/subr_xxx.c:163 mi_switch() at mi_switch+0x45b sys/kern/sched_bsd.c:431 yield() at yield+0x61 sys/kern/sched_bsd.c:320 malloc(20,7f,1) at malloc+0xe5 sys/kern/kern_malloc.c:170 ktrsyscall(ffff80002a45b448,2e,18,ffff80003741de70) at ktrsyscall+0x17e sys/kern/kern_ktrace.c:174 syscall(ffff80003741de70) at syscall+0x2ad mi_syscall sys/sys/syscall_mi.h:156 [inline] syscall(ffff80003741de70) at syscall+0x2ad sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x77b51c8d0810, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: assertwaitok: non-zero mutex count: 2 ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82fe71bc) at panic+0x1cf sys/kern/subr_prf.c:198 assertwaitok() at assertwaitok+0x16f sys/kern/subr_xxx.c:163 mi_switch() at mi_switch+0x45b sys/kern/sched_bsd.c:431 yield() at yield+0x61 sys/kern/sched_bsd.c:320 malloc(20,7f,1) at malloc+0xe5 sys/kern/kern_malloc.c:170 ktrsyscall(ffff80002a45b448,2e,18,ffff80003741de70) at ktrsyscall+0x17e sys/kern/kern_ktrace.c:174 syscall(ffff80003741de70) at syscall+0x2ad mi_syscall sys/sys/syscall_mi.h:156 [inline] syscall(ffff80003741de70) at syscall+0x2ad sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x77b51c8d0810, count: -9 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80003741da90 rbx 0 rdx 0 rcx 0 rax 0xffff80002a45b448 r8 0 r9 0x8080808080808080 r10 0xcd283069f03b0924 r11 0x6d8979027d2519af r12 0 r13 0 r14 0 r15 0x1 rip 0xffffffff82d36cc5 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80003741da80 ss 0 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (syz-executor) tid=143947 pid=3495 tcnt=1 stat=onproc flags process=8000002 proc=1 runpri=80, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a490528,0xffff80002a4b51d8 process=0xffff80002a59d318 user=0xffff800037418000, vmspace=0xfffffd805ecf3178 estcpu=36, cpticks=19, pctcpu=0.12, user=0, sys=33, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 53970 267953 44874 0 2 0x8100000 sh 17938 500215 56078 0 2 0x8000000 syz-executor 17938 41992 56078 0 2 0xc000000 syz-executor 5538 403658 5694 0 2 0x8000000 syz-executor 5538 29961 5694 0 3 0xc000080 fsleep syz-executor 5538 30546 5694 0 3 0xc000080 fsleep syz-executor 76565 302765 32836 0 2 0x8000000 syz-executor 76565 101415 32836 0 2 0xc000000 syz-executor 76565 78532 32836 0 3 0xc000080 fsleep syz-executor 93046 102207 33153 0 2 0x8100002 sh 44874 356602 74086 0 3 0x810008a sigsusp sh * 3495 143947 1462 0 7 0x8000003 syz-executor 74086 230211 1462 0 3 0x8000082 wait syz-executor 33153 293580 1462 0 3 0x8000082 wait syz-executor 35065 245929 1462 0 3 0x8000082 piperd syz-executor 87881 177696 1462 0 2 0x8000003 syz-executor 5694 175119 1462 0 2 0x8000482 syz-executor 32836 258213 1462 0 2 0x8000482 syz-executor 56078 120745 1462 0 2 0x8000003 syz-executor 2573 480477 0 0 3 0x14200 bored sosplice 1462 404004 79450 0 2 0x8000003 syz-executor 79450 236519 15828 0 3 0x810008a sigsusp ksh 15828 5204 6565 0 3 0x18000098 kqread sshd-session 6565 464144 4179 0 3 0x18000092 kqread sshd-session 67702 200239 1 0 3 0x18100083 ttyin getty 4179 492173 1 0 3 0x18000088 kqread sshd 52480 46112 2721 73 2 0x19100010 syslogd 2721 153310 1 0 3 0x18100082 sbwait syslogd 13072 413910 1 0 3 0x18100080 kqread resolvd 63265 239285 89054 77 3 0x18100092 kqread dhcpleased 61858 14294 89054 77 3 0x18100092 kqread dhcpleased 89054 452095 1 0 3 0x18000080 kqread dhcpleased 41504 25357 0 0 3 0x14200 bored smr 41401 318861 0 0 2 0x14200 zerothread 89225 182170 0 0 3 0x14200 aiodoned aiodoned 62547 130285 0 0 3 0x14200 syncer update 67306 439130 0 0 3 0x14200 cleaner cleaner 71120 425358 0 0 3 0x14200 reaper reaper 24256 301533 0 0 3 0x14200 pgdaemon pagedaemon 30249 382774 0 0 3 0x14200 bored viomb 20862 415963 0 0 3 0x40014200 acpi0 acpi0 79664 354423 0 0 3 0x14200 bored softnet3 66542 459778 0 0 3 0x14200 bored softnet2 74075 60624 0 0 3 0x14200 bored softnet1 19363 246403 0 0 3 0x14200 bored softnet0 57343 177902 0 0 3 0x14200 bored systqmp 91616 421804 0 0 3 0x14200 bored systq 4280 283247 0 0 2 0x40014200 softclock 28231 310699 0 0 3 0x40014200 idle0 1 139055 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10179 10095K 10421K 166960K 12322 0 pcb 17 13K 14K 166960K 169 0 rtable 166 7K 9K 166960K 2087 0 pf 33 13K 18K 166960K 255 0 ifaddr 35 6K 8K 166960K 282 0 ifgroup 54 2K 2K 166960K 323 0 sysctl 2 0K 0K 166960K 2 0 counters 31 17K 18K 166960K 98 0 ioctlops 0 0K 4K 166960K 172 0 iov 0 0K 24K 166960K 40 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1452 91K 91K 166960K 2913 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 11 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 61 0 dirhash 15 2K 3K 166960K 36 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 17 61K 97K 166960K 1992 0 sigio 0 0K 0K 166960K 22 0 proc 59 59K 124K 166960K 2071 0 subproc 104 6K 7K 166960K 902 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 76 0 in_multi 67 5K 7K 166960K 705 0 ether_multi 1 0K 0K 166960K 3 0 mrt 0 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 85 387K 387K 166960K 85 0 exec 0 0K 1K 166960K 1158 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 196 71K 93K 166960K 16259 0 UVM aobj 20 4K 4K 166960K 20 0 pinsyscall 38 76K 102K 166960K 4437 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 51 0 NDP 12 0K 2K 166960K 203 0 temp 76 6808K 6923K 166960K 54389 0 kqueue 13 20K 30K 166960K 113 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 228 0 225 1 0 1 1 0 8 0 rtentry 112 715 0 645 4 1 3 4 0 8 0 unpcb 144 545 0 530 3 1 2 2 0 8 1 syncache 336 5 0 5 2 1 1 1 0 8 1 tcpqe 32 2 0 2 1 0 1 1 0 8 1 tcpcb 808 356 0 349 8 0 8 8 0 8 7 arp 88 128 0 115 1 0 1 1 0 8 0 ipq 40 4 0 4 1 0 1 1 0 8 1 ipqe 40 91 0 91 1 0 1 1 0 8 1 inpcb 336 1125 0 1114 10 1 9 9 0 8 8 nd6 104 189 0 174 1 0 1 1 0 8 0 pkpcb 40 4 0 4 2 1 1 1 0 8 1 kcovpl 48 70 0 62 1 0 1 1 0 8 0 ppxss 1072 2 0 2 1 0 1 1 0 8 1 pfrktable 1344 18 0 17 1 0 1 1 0 8 0 pfanchor 1288 17 0 15 1 0 1 1 0 8 0 pftag 88 5 0 5 1 0 1 1 0 8 1 pfrule 1344 25 0 23 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 2882 0 2565 32 3 29 29 0 8 6 art_table 32 2883 0 2565 4 0 4 4 0 8 1 art_node 16 714 0 651 1 0 1 1 0 8 0 sysvmsgpl 40 11 0 6 1 0 1 1 0 8 0 semupl 112 3 0 3 2 1 1 1 0 8 1 semapl 112 57 0 47 1 0 1 1 0 8 0 shmpl 112 17 0 0 1 0 1 1 0 8 0 dirhash 1024 33 0 14 3 0 3 3 0 8 0 dino2pl 256 3377 0 1759 102 0 102 102 0 8 0 ffsino 240 3377 0 1759 96 0 96 96 0 8 0 nchpl 144 4876 0 3132 65 0 65 65 0 8 0 uvmvnodes 80 4727 0 0 97 0 97 97 0 8 0 vnodes 216 4727 0 0 263 0 263 263 0 8 0 namei 1024 19554 0 19554 3 1 2 2 0 8 2 vcpupl 3904 4 0 0 1 0 1 1 0 8 0 vmpool 664 4 0 0 1 0 1 1 0 8 0 pfiaddrpl 120 4 0 4 2 1 1 1 0 8 1 kstatmem 264 158 0 134 3 0 3 3 0 8 1 scxspl 216 39370 0 39370 10 2 8 8 1 8 8 plimitpl 152 188 0 172 1 0 1 1 0 8 0 sigapl 424 2136 0 2090 7 1 6 7 0 8 0 futexpl 64 12031 0 12028 1 0 1 1 0 8 0 knotepl 120 46035 0 45988 10 0 10 10 0 8 8 kqueuepl 184 220 0 211 1 0 1 1 0 8 0 pipepl 288 380 0 353 4 1 3 3 0 8 0 fdescpl 432 2119 0 2090 5 1 4 5 0 8 0 filepl 120 8639 0 8401 14 1 13 13 0 8 5 lockfpl 104 434 0 432 2 0 2 2 0 8 1 lockfspl 48 187 0 185 1 0 1 1 0 8 0 sessionpl 144 84 0 76 1 0 1 1 0 8 0 pgrppl 48 169 0 153 1 0 1 1 0 8 0 ucredpl 104 1069 0 1058 1 0 1 1 0 8 0 zombiepl 144 2495 0 2495 2 1 1 1 0 8 1 processpl 1088 2136 0 2090 4 0 4 4 0 8 0 procpl 648 3643 0 3592 7 1 6 6 0 8 1 sosppl 168 6 0 5 2 1 1 1 0 8 0 sockpl 504 1911 0 1882 20 8 12 17 0 8 7 mcl64k 65536 635 0 633 2 1 1 1 0 8 0 mcl16k 16384 198 0 198 2 1 1 1 0 8 1 mcl12k 12288 118 0 118 2 1 1 1 0 8 1 mcl9k 9216 63 0 63 2 1 1 1 0 8 1 mcl8k 8192 269 0 269 2 1 1 1 0 8 1 mcl4k 4096 78 0 78 2 1 1 1 0 8 1 mcl2k2 2112 3 0 3 1 0 1 1 0 8 1 mcl2k 2048 9180 0 9078 28 9 19 25 0 8 5 mtagpl 96 38 0 36 2 1 1 1 0 8 0 mbufpl 256 26585 0 26400 28 7 21 25 0 8 5 bufpl 280 10569 0 2279 593 0 593 593 0 8 0 anonpl 24 322173 0 319185 105 27 78 78 0 187 49 amapchunkpl 152 52790 0 52417 58 17 41 41 0 158 24 amappl16 200 5613 0 5600 23 13 10 15 0 8 8 amappl15 192 10 0 10 1 1 0 1 0 8 0 amappl14 184 211 0 201 1 0 1 1 0 8 0 amappl13 176 16 0 16 1 1 0 1 0 8 0 amappl12 168 3646 0 3617 3 1 2 3 0 8 0 amappl11 160 48 0 38 1 0 1 1 0 8 0 amappl10 152 13 0 13 1 1 0 1 0 8 0 amappl9 144 137 0 137 1 1 0 1 0 8 0 amappl8 136 26 0 24 1 0 1 1 0 8 0 amappl7 128 206 0 195 1 0 1 1 0 8 0 amappl6 120 719 0 715 1 0 1 1 0 8 0 amappl5 112 349 0 340 1 0 1 1 0 8 0 amappl4 104 522 0 506 1 0 1 1 0 8 0 amappl3 96 10297 0 10208 4 0 4 4 0 8 1 amappl2 88 1360 0 1302 2 0 2 2 0 8 0 amappl1 80 16279 0 15754 15 3 12 14 0 8 0 amappl 88 15491 0 15353 6 1 5 5 0 92 1 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 19 0 0 1 0 1 1 0 8 0 uaddrrnd 24 2123 0 2090 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2123 0 2090 1 0 1 1 0 8 0 vmmpekpl 168 17416 0 17359 3 0 3 3 0 8 0 vmmpepl 168 132901 0 131296 97 6 91 91 0 357 16 vmsppl 344 2122 0 2090 5 1 4 4 0 8 0 rwobjpl 24 42666 0 37088 34 0 34 34 0 8 0 pdppl 4096 4252 0 4184 211 139 72 82 0 8 4 pvpl 32 1121829 0 1113059 508 153 355 370 0 265 265 pmappl 216 2122 0 2090 3 1 2 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 563 0 176 12 0 12 12 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82fe71bc) at panic+0x1cf sys/kern/subr_prf.c:198 assertwaitok() at assertwaitok+0x16f sys/kern/subr_xxx.c:163 mi_switch() at mi_switch+0x45b sys/kern/sched_bsd.c:431 yield() at yield+0x61 sys/kern/sched_bsd.c:320 malloc(20,7f,1) at malloc+0xe5 sys/kern/kern_malloc.c:170 ktrsyscall(ffff80002a45b448,2e,18,ffff80003741de70) at ktrsyscall+0x17e sys/kern/kern_ktrace.c:174 syscall(ffff80003741de70) at syscall+0x2ad mi_syscall sys/sys/syscall_mi.h:156 [inline] syscall(ffff80003741de70) at syscall+0x2ad sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x77b51c8d0810, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82fe71bc) at panic+0x1cf sys/kern/subr_prf.c:198 assertwaitok() at assertwaitok+0x16f sys/kern/subr_xxx.c:163 mi_switch() at mi_switch+0x45b sys/kern/sched_bsd.c:431 yield() at yield+0x61 sys/kern/sched_bsd.c:320 malloc(20,7f,1) at malloc+0xe5 sys/kern/kern_malloc.c:170 ktrsyscall(ffff80002a45b448,2e,18,ffff80003741de70) at ktrsyscall+0x17e sys/kern/kern_ktrace.c:174 syscall(ffff80003741de70) at syscall+0x2ad mi_syscall sys/sys/syscall_mi.h:156 [inline] syscall(ffff80003741de70) at syscall+0x2ad sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x77b51c8d0810, count: -9