panic: kernel diagnostic assertion "pg->wire_count == 1" failed: file "/syzkaller/managers/setuid/kernel/sys/kern/vfs_biomem.c", line 329
Stopped at      db_enter+0xa:   popq    %rbp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
*502942  45848  65534        0x10          0    1K syz-executor0
db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399
panic() at panic+0x147 sys/kern/subr_prf.c:208
__assert(ffffffff813986c4,ffff8000211c3700,ffffffff81ed6db8,ffffff007eb5b300) at __assert+0x24 sys/kern/subr_prf.c:155
buf_free_pages(ffff800018097000) at buf_free_pages+0x167 sys/kern/vfs_biomem.c:318
buf_dealloc_mem(ffffff007eb65f00) at buf_dealloc_mem+0xb6 sys/kern/vfs_biomem.c:194
buf_put(ffffff007eb5b300) at buf_put+0x11f sys/kern/vfs_bio.c:130
brelse(2) at brelse+0x19f sys/kern/vfs_bio.c:921
vinvalbuf(0,ffffff006a19fd30,ffffff006a19fd48,0,ffff80000066f800,11) at vinvalbuf+0x2e2 sys/kern/vfs_subr.c:1925
ffs_truncate(ffffff007ecf1398,ffffff007682a6c8,ffffff006a19f2e0,ffffff006a19fd30) at ffs_truncate+0xc93 sys/ufs/ffs/ffs_inode.c:325
ufs_rmdir(ffffff007ecf1398) at ufs_rmdir+0x277 sys/ufs/ufs/ufs_vnops.c:1354
VOP_RMDIR(0,ffffff007682a6c8,8) at VOP_RMDIR+0x6a sys/kern/vfs_vops.c:469
dounlinkat(890,ffff8000210a3c38,0,ffff8000211c3c70) at dounlinkat+0xf5 sys/kern/vfs_syscalls.c:1695
syscall(0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:99 [inline]
syscall(0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:583
Xsyscall(6,89,7f7fffff7970,89,27b19346c80,7f7fffff7dc0) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffff7db0, count: 1
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb{1}> 
ddb{1}> set $lines = 0
ddb{1}> show panic
kernel diagnostic assertion "pg->wire_count == 1" failed: file "/syzkaller/managers/setuid/kernel/sys/kern/vfs_biomem.c", line 329
ddb{1}> trace
db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399
panic() at panic+0x147 sys/kern/subr_prf.c:208
__assert(ffffffff813986c4,ffff8000211c3700,ffffffff81ed6db8,ffffff007eb5b300) at __assert+0x24 sys/kern/subr_prf.c:155
buf_free_pages(ffff800018097000) at buf_free_pages+0x167 sys/kern/vfs_biomem.c:318
buf_dealloc_mem(ffffff007eb65f00) at buf_dealloc_mem+0xb6 sys/kern/vfs_biomem.c:194
buf_put(ffffff007eb5b300) at buf_put+0x11f sys/kern/vfs_bio.c:130
brelse(2) at brelse+0x19f sys/kern/vfs_bio.c:921
vinvalbuf(0,ffffff006a19fd30,ffffff006a19fd48,0,ffff80000066f800,11) at vinvalbuf+0x2e2 sys/kern/vfs_subr.c:1925
ffs_truncate(ffffff007ecf1398,ffffff007682a6c8,ffffff006a19f2e0,ffffff006a19fd30) at ffs_truncate+0xc93 sys/ufs/ffs/ffs_inode.c:325
ufs_rmdir(ffffff007ecf1398) at ufs_rmdir+0x277 sys/ufs/ufs/ufs_vnops.c:1354
VOP_RMDIR(0,ffffff007682a6c8,8) at VOP_RMDIR+0x6a sys/kern/vfs_vops.c:469
dounlinkat(890,ffff8000210a3c38,0,ffff8000211c3c70) at dounlinkat+0xf5 sys/kern/vfs_syscalls.c:1695
syscall(0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:99 [inline]
syscall(0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:583
Xsyscall(6,89,7f7fffff7970,89,27b19346c80,7f7fffff7dc0) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffff7db0, count: -14
ddb{1}> show registers
rdi               0xffffffff81e33dc0    kprintf_mutex
rsi                              0x5
rbp               0xffff8000211c3660
rbx               0xffff8000211c3700
rdx                            0x3fd
rcx                                0
rax                                0
r8                0xffff8000211c3630
r9                0x8080808080808080
r10               0xa9accf7c45794ada
r11               0xffffffff81969270    x86_bus_space_io_read_1
r12                     0x3000000008
r13               0xffff8000211c3670
r14                            0x100
r15               0xffffffff81bf49f1    cmd0646_9_tim_udma+0x1f0c6
rip               0xffffffff81bbd8da    db_enter+0xa
cs                               0x8
rflags                         0x246
rsp               0xffff8000211c3660
ss                              0x10
db_enter+0xa:   popq    %rbp
ddb{1}> show proc
PROC (syz-executor0) pid=502942 stat=onproc
    flags process=10<SUGID> proc=0
    pri=17, usrpri=83, nice=20
    forw=0xffffffffffffffff, list=0xffff8000210a3530,0xffffffff81ebe440
    process=0xffff8000210b6668 user=0xffff8000211be000, vmspace=0xffffff007f125a50
    estcpu=33, cpticks=2, pctcpu=0.0
    user=0, sys=2, intr=0
ddb{1}> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
*45848  502942      1  65534  7        0x10                syz-executor0
 71718  344209      1  65534  3        0x10  biowait       syz-executor1
 58190  328145      0      0  3     0x14200  bored         sosplice
 11082  482399  38771      0  3        0x82  thrsleep      syz-fuzzer
 11082  523209  38771      0  3   0x4000082  thrsleep      syz-fuzzer
 11082   33585  38771      0  3   0x4000082  thrsleep      syz-fuzzer
 11082  248053  38771      0  3   0x4000082  thrsleep      syz-fuzzer
 11082  325354  38771      0  3   0x4000082  thrsleep      syz-fuzzer
 11082  471505  38771      0  3   0x4000082  thrsleep      syz-fuzzer
 11082   61392  38771      0  3   0x4000082  thrsleep      syz-fuzzer
 11082  125171  38771      0  3   0x4000082  kqread        syz-fuzzer
 11082  171701  38771      0  3   0x4000082  thrsleep      syz-fuzzer
 11082  472452  38771      0  3   0x4000082  thrsleep      syz-fuzzer
 11082   88996  38771      0  3   0x4000082  thrsleep      syz-fuzzer
 38771  317144  80245      0  3    0x10008a  pause         ksh
 80245  385936  90694      0  3        0x92  select        sshd
 46195  149187      1      0  3    0x100083  ttyin         getty
 90694  371452      1      0  3        0x80  select        sshd
 63493   43227  13882     73  3    0x100010  biowait       syslogd
 13882  482645      1      0  3    0x100082  netio         syslogd
 17691  335083      1     77  3    0x100090  poll          dhclient
  6955  102414      1      0  3        0x80  poll          dhclient
 23854  281909      0      0  3     0x14200  pgzero        zerothread
 56830  380909      0      0  3     0x14200  aiodoned      aiodoned
 56197  323628      0      0  3     0x14200  syncer        update
 20027  172371      0      0  3     0x14200  cleaner       cleaner
 27498  205464      0      0  3     0x14200  reaper        reaper
 19114  213445      0      0  3     0x14200  pgdaemon      pagedaemon
 14843  162211      0      0  3     0x14200  bored         crynlk
 92312   66998      0      0  3     0x14200  bored         crypto
 73438  106103      0      0  3  0x40014200  acpi0         acpi0
 59053  198097      0      0  3  0x40014200                idle1
 60109  405013      0      0  3     0x14200  bored         softnet
 11190  389804      0      0  3     0x14200  bored         systqmp
 41040  161282      0      0  3     0x14200  bored         systq
 83884  190784      0      0  3  0x40014200  bored         softclock
 57282  240092      0      0  7  0x40014200                idle0
     1    9112      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper