panic: kernel diagnostic assertion "ps->ps_uvncount == 0" failed: file "/syzkaller/managers/main/kernel/sys/kern/kern_unveil.c", line 188
Stopped at      db_enter+0x1c:  addq    $0x8,%rsp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82927b8e) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828e10c6,ffffffff828b33eb,bc,ffffffff82866e64) at __assert+0x29 sys/kern/subr_prf.c:157
unveil_destroy(ffff8000ffff8c98) at unveil_destroy+0x174 sys/kern/kern_unveil.c:188
exit1(ffff80002a6df7e8,0,0,3) at exit1+0x3d6 sys/kern/kern_exit.c:218
single_thread_check_locked(ffff80002a6df7e8,0,0) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:2039
userret(ffff80002a6df7e8) at userret+0x6f single_thread_check sys/kern/kern_sig.c:2058 [inline]
userret(ffff80002a6df7e8) at userret+0x6f sys/kern/kern_sig.c:1974
intr_user_exit() at intr_user_exit+0x3c
end of kernel
end trace frame: 0x7de5582b4180, count: 7
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb> 
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: kernel diagnostic assertion "ps->ps_uvncount == 0" failed: file "/syzkaller/managers/main/kernel/sys/kern/kern_unveil.c", line 188
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82927b8e) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828e10c6,ffffffff828b33eb,bc,ffffffff82866e64) at __assert+0x29 sys/kern/subr_prf.c:157
unveil_destroy(ffff8000ffff8c98) at unveil_destroy+0x174 sys/kern/kern_unveil.c:188
exit1(ffff80002a6df7e8,0,0,3) at exit1+0x3d6 sys/kern/kern_exit.c:218
single_thread_check_locked(ffff80002a6df7e8,0,0) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:2039
userret(ffff80002a6df7e8) at userret+0x6f single_thread_check sys/kern/kern_sig.c:2058 [inline]
userret(ffff80002a6df7e8) at userret+0x6f sys/kern/kern_sig.c:1974
intr_user_exit() at intr_user_exit+0x3c
end of kernel
end trace frame: 0x7de5582b4180, count: -8
ddb> show registers
rdi                                0
rsi                              0x1
rbp               0xffff800031b7dbf0
rbx               0xffff8000ffff8c98
rdx                                0
rcx                                0
rax               0xffff80002a6df7e8
r8                                 0
r9                0x8080808080808080
r10               0xd634b4d4253be176
r11               0xe274a93c89329926
r12                                0
r13                              0x2
r14                                0
r15                              0x1
rip               0xffffffff811a086c    db_enter+0x1c
cs                               0x8
rflags                         0x246
rsp               0xffff800031b7dbe0
ss                              0x10
db_enter+0x1c:  addq    $0x8,%rsp
ddb> show proc
PROC (syz-executor.5) tid=461291 pid=44072 tcnt=1 stat=onproc
    flags process=1008<EXITING,SINGLEEXIT> proc=82000<WEXIT,SUSPSINGLE>
    runpri=32, usrpri=84, slppri=32, nice=20
    wchan=0x0, wmesg=, ps_single=0xffff80002a602d60
    forw=0xffffffffffffffff, list=0xffff80002a6022c0,0xffff80002a6de010
    process=0xffff8000ffff8c98 user=0xffff800031b78000, vmspace=0xfffffd807514e2f0
    estcpu=34, cpticks=2, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 11945  196637   5426      0  2           0                syz-executor.6
 32982  408999  69424      0  2       0x480                syz-executor.4
 32982  200592  69424      0  3   0x4000080  pipewr        syz-executor.4
 32982  242875  69424      0  3   0x4000080  fsleep        syz-executor.4
  7529  377888  72215      0  2       0x482                syz-executor.5
 37898  275473  72215      0  2         0x2                syz-executor.7
 16257  482474      0      0  3     0x14200  acct          acct
  5426  281298  72215      0  2       0x482                syz-executor.6
 68497   79174  72215      0  2         0x2                syz-executor.3
 19031  473954      0      0  3     0x14280  nfsidl        nfsio
 27145  512184      0      0  3     0x14280  nfsidl        nfsio
 38969   43838      0      0  3     0x14280  nfsidl        nfsio
 66133  287728      0      0  3     0x14280  nfsidl        nfsio
 48861  231600      0      0  3     0x14280  nfsidl        nfsio
 94066   44310      0      0  3     0x14280  nfsidl        nfsio
  9249  311413      0      0  3     0x14280  nfsidl        nfsio
 13183  474464      0      0  3     0x14280  nfsidl        nfsio
 28861  207012      0      0  3     0x14280  nfsidl        nfsio
 49688  273129      0      0  3     0x14280  nfsidl        nfsio
 41988  460061      0      0  3     0x14280  nfsidl        nfsio
 55964  416812      0      0  3     0x14280  nfsidl        nfsio
 95691  391972      0      0  3     0x14280  nfsidl        nfsio
  7858  380432      0      0  3     0x14280  nfsidl        nfsio
 41976  277726      0      0  3     0x14280  nfsidl        nfsio
 21168  319582      0      0  3     0x14280  nfsidl        nfsio
 31360  260268      0      0  3     0x14280  nfsidl        nfsio
 50991  145578      0      0  3     0x14280  nfsidl        nfsio
 98099   98545      0      0  3     0x14280  nfsidl        nfsio
  6300  196905      0      0  3     0x14280  nfsidl        nfsio
  4701  191918  72215      0  2         0x2                syz-executor.2
 36788  477667  72215      0  2       0x482                syz-executor.0
 16118  509947      1      0  3  0x18100083  ttyin         getty
 23503  334139  72215      0  2         0x2                syz-executor.1
 69424  276964  72215      0  2       0x482                syz-executor.4
 11399  208761      0      0  3     0x14200  bored         sosplice
 72215  243605  63328      0  3  0x1a000082  thrsleep      syz-fuzzer
 72215  224392  63328      0  2  0x1e000482                syz-fuzzer
 72215   81424  63328      0  3  0x1e000082  wait          syz-fuzzer
 72215   37782  63328      0  3  0x1e000082  wait          syz-fuzzer
 72215  112293  63328      0  3  0x1e000082  thrsleep      syz-fuzzer
 72215  452557  63328      0  3  0x1e000082  wait          syz-fuzzer
 72215  458740  63328      0  3  0x1e000082  wait          syz-fuzzer
 72215  480138  63328      0  3  0x1e000082  thrsleep      syz-fuzzer
 72215  461572  63328      0  3  0x1e000082  wait          syz-fuzzer
 72215   45969  63328      0  3  0x1e000082  kqread        syz-fuzzer
 72215  430206  63328      0  3  0x1e000082  thrsleep      syz-fuzzer
 72215  286988  63328      0  3  0x1e000082  wait          syz-fuzzer
 72215  467932  63328      0  3  0x1e000082  wait          syz-fuzzer
 72215  332739  63328      0  3  0x1e000082  wait          syz-fuzzer
 63328  522815  97380      0  3   0x810008a  sigsusp       ksh
 97380  398225  26096      0  3  0x1800009a  kqread        sshd
 26096  100905      1      0  3  0x18000088  kqread        sshd
 84676   58606  61537     73  3  0x19100090  kqread        syslogd
 61537   70392      1      0  3  0x18100082  netio         syslogd
 75448  306525      1      0  3  0x18100080  kqread        resolvd
 26196  393478  73673     77  3  0x18100092  kqread        dhcpleased
 43119  423623  73673     77  3  0x18100092  kqread        dhcpleased
 73673  258593      1      0  3  0x18000080  kqread        dhcpleased
  9655  234437      0      0  3     0x14200  bored         smr
  3957   73016      0      0  2     0x14200                zerothread
 39222  191794      0      0  3     0x14200  aiodoned      aiodoned
 68637   15394      0      0  3     0x14200  syncer        update
 85160  221945      0      0  3     0x14200  cleaner       cleaner
 34821  259339      0      0  2     0x14200                reaper
 53715  462308      0      0  3     0x14200  pgdaemon      pagedaemon
 52811  226388      0      0  3     0x14200  bored         viomb
  5468  166213      0      0  3  0x40014200  acpi0         acpi0
 73386  432827      0      0  3     0x14200  bored         softnet3
 94636  275589      0      0  3     0x14200  bored         softnet2
 13782  409330      0      0  3     0x14200  bored         softnet1
  4086    8648      0      0  3     0x14200  bored         softnet0
 89903   24736      0      0  3     0x14200  bored         systqmp
 71810    3851      0      0  3     0x14200  bored         systq
 25169  195978      0      0  2  0x40014200                softclock
 43642  492932      0      0  3  0x40014200                idle0
     1  189740      0      0  3   0x8000082  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper
ddb> show all locks
No such command
ddb> show malloc
           Type InUse  MemUse  HighUse   Limit  Requests Type Lim
         devbuf 10202   6473K    7136K 166960K     23870        0
            pcb    15     18K      20K 166960K       632        0
         rtable   195      6K       7K 166960K      1548        0
             pf    27      8K       9K 166960K       225        0
         ifaddr    36     10K      12K 166960K       213        0
        ifgroup    44      1K       2K 166960K       326        0
         sysctl     1      0K       0K 166960K         1        0
       counters    29     17K      17K 166960K       121        0
       ioctlops     0      0K       2K 166960K       334        0
            iov     0      0K      16K 166960K       566        0
          mount     1      1K       1K 166960K         1        0
            log     0      0K       0K 166960K         4        0
         vnodes  1526     96K      96K 166960K      5158        0
      UFS quota     1     32K      32K 166960K         1        0
      UFS mount     5     36K      36K 166960K         5        0
            shm     2      1K       5K 166960K        58        0
         VM map     2      1K       1K 166960K         2        0
            sem    12      0K       0K 166960K       778        0
        dirhash    12      2K       2K 166960K        33        0
           ACPI  1697    195K     286K 166960K     12548        0
      file desc    15     53K      69K 166960K      5943        0
          sigio     1      0K       0K 166960K       184        0
           proc    62     75K      75K 166960K      1405        0
        subproc   104      6K       6K 166960K       403        0
    NFS srvsock     1      0K       0K 166960K         1        0
     NFS daemon     1     16K      16K 166960K         1        0
    ip_moptions     0      0K       0K 166960K      1117        0
       in_multi    77      5K       7K 166960K       415        0
    ether_multi     1      0K       0K 166960K         1        0
            mrt     1      0K       0K 166960K         4        0
    ISOFS mount     1     32K      32K 166960K         1        0
  MSDOSFS mount     1     16K      16K 166960K         1        0
           ttys   241   1076K    1076K 166960K       241        0
           exec     0      0K       1K 166960K      1342        0
            tdb     3      0K       0K 166960K         3        0
        VM swap     8     62K      64K 166960K        10        0
       UVM amap   396    167K     172K 166960K     56277        0
       UVM aobj   131      8K       8K 166960K       135        0
     pinsyscall    22     44K     100K 166960K      1965        0
        memdesc     1      4K       4K 166960K         1        0
    crypto data     1      1K       1K 166960K         1        0
    ip6_options     0      0K       0K 166960K       110        0
            NDP    10      0K       2K 166960K       166        0
           temp    74   6804K    6932K 166960K     45601        0
         kqueue    12     18K      26K 166960K       458        0
      SYN cache     2    104K     112K 166960K         3        0
ddb> show all pools
Name      Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb      120      526    0      523     4     2     2     3     0     8    1
rtentry    112      480    0      391     4     0     4     4     0     8    0
unpcb      144     3868    0     3855     6     5     1     6     0     8    0
syncache   336       82    0       82     2     2     0     1     0     8    0
sackhl      24        3    0        3     1     1     0     1     0     8    0
tcpqe       32       79    0       79     2     2     0     1     0     8    0
tcpcb      808     2494    0     2483    17    15     2    14     0     8    0
arp         88      104    0       90     1     0     1     1     0     8    0
ipq         40        7    0        7     1     0     1     1     0     8    1
ipqe        40      170    0      170     1     0     1     1     0     8    1
inpcb      360     5253    0     5239    29    26     3    15     0     8    1
nd6        104      101    0       82     1     0     1     1     0     8    0
pkpcb       40       25    0       25     1     1     0     1     0     8    0
kcovpl      48       31    0       23     1     0     1     1     0     8    0
ppxss      1072      51    0       50     1     0     1     1     0     8    0
art_heap8  4096       1    0        0     1     0     1     1     0     8    0
art_heap4  256     1700    0     1317    30     3    27    30     0     8    0
art_table   32     1701    0     1317     4     0     4     4     0     8    0
art_node    16      479    0      399     1     0     1     1     0     8    0
sysvmsgpl   40        7    0        5     1     0     1     1     0     8    0
semapl     112      776    0      766     1     0     1     1     0     8    0
shmpl      112      132    0        4     4     0     4     4     0     8    0
dirhash    1024      31    0       14     3     0     3     3     0     8    0
dino2pl    256     9371    0     7836    97     0    97    97     0     8    0
ffsino     240     9371    0     7836    91     0    91    91     0     8    0
nchpl      144    17502    0    15779    66     0    66    66     0     8    0
uvmvnodes   80     5926    0        0   121     0   121   121     0     8    0
vnodes     216     5926    0        0   330     0   330   330     0     8    0
namei      1024   61554    0    61554     6     5     1     3     0     8    1
vcpupl     2048      47    0        0     6     0     6     6     0     8    0
vmpool     664       53    0        6     4     0     4     4     0     8    0
kstatmem   264      204    0      184     2     0     2     2     0     8    0
scxspl     216    52390    0    52390    11     9     2     8     1     8    2
plimitpl   152      974    0      959     1     0     1     1     0     8    0
sigapl     424     6297    0     6231     8     0     8     8     0     8    0
futexpl     64    56317    0    56316     1     0     1     1     0     8    0
knotepl    120    65665    0    65583    10     4     6    10     0     8    0
kqueuepl   184      853    0      845     4     3     1     4     0     8    0
pipepl     288     1015    0      986    11     8     3     7     0     8    0
fdescpl    432     6179    0     6153     4     0     4     4     0     8    0
filepl     120    36922    0    36685    20    10    10    16     0     8    0
lockfpl    104     2227    0     2224     2     1     1     2     0     8    0
lockfspl    48      627    0      624     1     0     1     1     0     8    0
sessionpl  144       47    0       31     1     0     1     1     0     8    0
pgrppl      48      140    0      124     1     0     1     1     0     8    0
ucredpl    104     5216    0     5206     1     0     1     1     0     8    0
zombiepl   144     6308    0     6306     3     2     1     1     0     8    0
processpl  1072    6297    0     6231     5     0     5     5     0     8    0
procpl     680    14884    0    14801     9     1     8     9     0     8    0
sosppl     168       88    0       88     1     1     0     1     0     8    0
sockpl     488     9739    0     9709   149   140     9    37     0     8    4
mcl64k     65536    335    0      335     3     2     1     1     0     8    1
mcl16k     16384    164    0      164     3     2     1     1     0     8    1
mcl12k     12288    273    0      273     3     2     1     1     0     8    1
mcl9k      9216     122    0      122     2     1     1     1     0     8    1
mcl8k      8192     442    0      442     3     2     1     1     0     8    1
mcl4k      4096     680    0      680     4     3     1     2     0     8    1
mcl2k2     2112      41    0       41     1     1     0     1     0     8    0
mcl2k      2048   84830    0    84776    42    33     9    38     0     8    0
mtagpl      96     1146    0      964    14     6     8    14     0     8    0
mbufpl     256   182418    0   182147    78    45    33    51     0     8    0
bufpl      280    15396    0     9059   454     0   454   454     0     8    0
anonpl      24   692466    0   679119   109    16    93   109     0   188    0
amapchunkpl 152  199254    0   198459    53    15    38    49     0   158    2
amappl16   200    15517    0    15060    47    21    26    36     0     8    0
amappl15   192       52    0       51     1     0     1     1     0     8    0
amappl14   184      219    0      209     2     1     1     2     0     8    0
amappl13   176       27    0       27     2     2     0     1     0     8    0
amappl12   168     7156    0     7131     2     0     2     2     0     8    0
amappl11   160       48    0       37     1     0     1     1     0     8    0
amappl10   152       60    0       51     1     0     1     1     0     8    0
amappl9    144      191    0      190     1     0     1     1     0     8    0
amappl8    136      334    0      254     3     0     3     3     0     8    0
amappl7    128       87    0       71     1     0     1     1     0     8    0
amappl6    120      658    0      635     2     0     2     2     0     8    0
amappl5    112      398    0      386     1     0     1     1     0     8    0
amappl4    104      765    0      733     2     0     2     2     0     8    0
amappl3     96    35489    0    35417     3     0     3     3     0     8    0
amappl2     88     6902    0     6833     4     1     3     4     0     8    0
amappl1     80    31584    0    31092    22     9    13    22     0     8    0
amappl      88    55342    0    55110     7     0     7     7     0    92    0
dma4096    4096       1    0        1     1     1     0     1     0     8    0
dma1024    1024       1    0        0     1     0     1     1     0     8    0
dma256     256        6    0        6     1     1     0     1     0     8    0
dma128     128      253    0      253     1     1     0     1     0     8    0
dma64       64        6    0        6     1     1     0     1     0     8    0
dma32       32        7    0        7     1     1     0     1     0     8    0
dma16       16       18    0       17     1     0     1     1     0     8    0
aobjpl      72      134    0        4     3     0     3     3     0     8    0
uaddrrnd    24     6232    0     6158     1     0     1     1     0     8    0
uaddrbest   32        2    0        0     1     0     1     1     0     8    0
uaddr       24     6232    0     6158     1     0     1     1     0     8    0
vmmpekpl   168    45855    0    45785     4     0     4     4     0     8    0
vmmpepl    168   387552    0   385344   179    66   113   141     0   357    0
vmsppl     352     6231    0     6158     7     0     7     7     0     8    0
rwobjpl     24    99940    0    92399    48     1    47    47     0     8    0
pdppl      4096   12470    0    12363   366   256   110   113     0     8    3
pvpl        32  1811130    0  1792424   402   233   169   360     0   265    0
pmappl     216     6231    0     6158     5     0     5     5     0     8    0
extentpl    40       56    0       38     1     0     1     1     0     8    0
phpool     112      775    0      379    13     0    13    13     0     8    0
ddb> machine ddbcpu 0
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82927b8e) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828e10c6,ffffffff828b33eb,bc,ffffffff82866e64) at __assert+0x29 sys/kern/subr_prf.c:157
unveil_destroy(ffff8000ffff8c98) at unveil_destroy+0x174 sys/kern/kern_unveil.c:188
exit1(ffff80002a6df7e8,0,0,3) at exit1+0x3d6 sys/kern/kern_exit.c:218
single_thread_check_locked(ffff80002a6df7e8,0,0) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:2039
userret(ffff80002a6df7e8) at userret+0x6f single_thread_check sys/kern/kern_sig.c:2058 [inline]
userret(ffff80002a6df7e8) at userret+0x6f sys/kern/kern_sig.c:1974
intr_user_exit() at intr_user_exit+0x3c
end of kernel
end trace frame: 0x7de5582b4180, count: -8
ddb> machine ddbcpu 1
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82927b8e) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828e10c6,ffffffff828b33eb,bc,ffffffff82866e64) at __assert+0x29 sys/kern/subr_prf.c:157
unveil_destroy(ffff8000ffff8c98) at unveil_destroy+0x174 sys/kern/kern_unveil.c:188
exit1(ffff80002a6df7e8,0,0,3) at exit1+0x3d6 sys/kern/kern_exit.c:218
single_thread_check_locked(ffff80002a6df7e8,0,0) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:2039
userret(ffff80002a6df7e8) at userret+0x6f single_thread_check sys/kern/kern_sig.c:2058 [inline]
userret(ffff80002a6df7e8) at userret+0x6f sys/kern/kern_sig.c:1974
intr_user_exit() at intr_user_exit+0x3c
end of kernel
end trace frame: 0x7de5582b4180, count: -8