syzbot

 sign-in | mailing list | source | docs
🐞 Open [151]
🐞 Fixed [301]
🐞 Invalid [1100]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

witness: reversal: lock order data missing (5)

Status: upstream: reported on 2025/02/03 09:07
Reported-by: syzbot+6e45b18b14156f1df9f4@syzkaller.appspotmail.com
First crash: 507d, last: 25m
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
openbsd witness: reversal: lock order data missing (2) -1 C 173 1718d 1868d 0/3 closed as invalid on 2022/02/22 18:44
openbsd witness: reversal: lock order data missing (3) -1 8192 714d 1562d 3/3 fixed on 2024/07/10 22:52
openbsd witness: reversal: lock order data missing (4) -1 57671 582d 714d 0/3 auto-obsoleted due to no activity on 2025/01/09 12:07
openbsd witness: reversal: lock order data missing -1 C 667 1869d 1938d 3/3 fixed on 2021/05/14 01:59

Sample crash report:
witness: lock order reversal:
 1st 0xffff800037b9f720 fdlock (&newfdp->fd_fd.fd_lock)
 2nd 0xfffff2806d7dae98 inode (&ip->i_lock)
lock order [1] fdlock (&newfdp->fd_fd.fd_lock) -> [2] inode (&ip->i_lock)
lock order data 0xffffffff8349bd28 -> 0xffffffff8348eb19 is missing
lock order [2] inode (&ip->i_lock) -> [3] sbufrcv (&so->so_rcv.sb_lock)
#0  rw_do_enter_write+0xba sys/kern/kern_rwlock.c:234
#1  sblock+0xb6 sys/kern/uipc_socket2.c:536
#2  soreceive+0x27d sys/kern/uipc_socket.c:890
#3  fifo_read+0x117 sys/miscfs/fifofs/fifo_vnops.c:264
#4  VOP_READ+0x101 sys/kern/vfs_vops.c:227
#5  vn_rdwr+0x15b sys/kern/vfs_vnops.c:-1
#6  vndsetcred+0xa1 sys/dev/vnd.c:685
#7  vndioctl+0xdfc sys/dev/vnd.c:486
#8  VOP_IOCTL+0xac sys/kern/vfs_vops.c:264
#9  vn_ioctl+0xf8 sys/kern/vfs_vnops.c:537
#10 sys_ioctl+0x674 sys/kern/sys_generic.c:-1
#11 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#11 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783
#12 Xsyscall+0x128
lock order [3] sbufrcv (&so->so_rcv.sb_lock) -> [1] fdlock (&newfdp->fd_fd.fd_lock)
#0  rw_do_enter_write+0xba sys/kern/kern_rwlock.c:234
#1  unp_externalize+0x3cf sys/kern/uipc_usrreq.c:1074
#2  soreceive+0xc24 sys/kern/uipc_socket.c:1029
#3  recvit+0x40b sys/kern/uipc_syscalls.c:1078
#4  sys_recvmsg+0x1bf sys/kern/uipc_syscalls.c:878
#5  syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#5  syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783
#6  Xsyscall+0x128
Stopped at      db_enter+0x25:  addq    $0x8,%rsp
ddb{1}> 
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
the kernel did not panic
ddb{1}> trace
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
witness_checkorder(fffff2806d7dae98,9,0) at witness_checkorder+0x10d1 sys/kern/subr_witness.c:-1
rw_do_enter_write(fffff2806d7dae80,1) at rw_do_enter_write+0xba sys/kern/kern_rwlock.c:234
rrw_enter(fffff2806d7dae80,1) at rrw_enter+0xc6 sys/kern/kern_rwlock.c:621
VOP_LOCK(fffff2806d8dd370,2001) at VOP_LOCK+0xbd sys/kern/vfs_vops.c:527
vn_lock(fffff2806d8dd370,2001) at vn_lock+0xa4 sys/kern/vfs_vnops.c:576
vn_closefile(fffff2806307ae10,ffff800037b9c2c8) at vn_closefile+0x111 vn_close sys/kern/vfs_vnops.c:298 [inline]
vn_closefile(fffff2806307ae10,ffff800037b9c2c8) at vn_closefile+0x111 sys/kern/vfs_vnops.c:621
fdrop(fffff2806307ae10,ffff800037b9c2c8) at fdrop+0x121 sys/kern/kern_descrip.c:1281
knote_remove(ffff800037b9c2c8,fffff280742c7a80,fffff280742c7b10,5,0) at knote_remove+0x368 sys/kern/kern_event.c:2186
knote_fdclose(ffff800037b9c2c8,5) at knote_fdclose+0xf9 sys/kern/kern_event.c:2221
fdrelease(ffff800037b9c2c8,5) at fdrelease+0xf9 sys/kern/kern_descrip.c:761
sys_closefrom(ffff800037b9c2c8,ffff80002a2c6bc0,ffff80002a2c6b10) at sys_closefrom+0x13c sys/kern/kern_descrip.c:1471
syscall(ffff80002a2c6bc0) at syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a2c6bc0) at syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x92172d27930, count: -14
ddb{1}> show registers
rdi                                0
rsi                          0x80000    acpi_pdirpa+0x6be71
rbp               0xffff80002a2c6650
rbx                                0
rdx               0xffff8000015f9880
rcx               0xffff800037b9c2c8
rax                          0x7ffff    acpi_pdirpa+0x6be70
r8                0xffff80002a2c6530
r9                0x8080808080808080
r10               0xb8d15a118e274521
r11               0x3af7fc5a7c311d6f
r12               0xfffff280040c6d40
r13               0xfffff280048b3130
r14                              0x3
r15               0xffffffff8352831d    substchar+0xa3df
rip               0xffffffff81f4bd85    db_enter+0x25
cs                               0x8
rflags                         0x246
rsp               0xffff80002a2c6640
ss                              0x10
db_enter+0x25:  addq    $0x8,%rsp
ddb{1}> show proc
PROC (syz-executor) tid=327797 pid=47549 tcnt=3 stat=onproc
    flags process=0 proc=4000000<THREAD>
    runpri=32, usrpri=79, slppri=32, nice=20
    wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
    forw=0xffffffffffffffff, list=0xffff800037b9d258,0xffff800037b9c570
    process=0xffff80003c3cd838 user=0xffff80002a2c1000, vmspace=0xfffff28067b52b90
    estcpu=29, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0
ddb{1}> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 98506  410798  15651      0  2           0                syz-executor
 98506  382940  15651      0  3   0x4000080  fsleep        syz-executor
 98506  332806  15651      0  3   0x4000080  fsleep        syz-executor
 98506  470419  15651      0  3   0x4000080  fsleep        syz-executor
 48778  129049  59433      0  7        0x10                syz-executor
 48778  351893  59433      0  2   0x4000010                syz-executor
 47549  448060  35288      0  2           0                syz-executor
*47549  327797  35288      0  7   0x4000000                syz-executor
 47549  370726  35288      0  3   0x4000080  fsleep        syz-executor
 88112   92011  11201      0  2           0                syz-executor
 88112  364950  11201      0  3   0x4000080  fsleep        syz-executor
 89234  465340  37727      0  2         0x2                syz-executor
 88730  330382  37727      0  3        0x82  nanoslp       syz-executor
 66328  234627      0      0  3     0x14280  nfsidl        nfsio
 86831  368191      0      0  3     0x14280  nfsidl        nfsio
  8845   56058      0      0  3     0x14280  nfsidl        nfsio
 16900  348740      0      0  3     0x14280  nfsidl        nfsio
 32094  519179      0      0  3     0x14280  nfsidl        nfsio
 41786  417118      0      0  3     0x14280  nfsidl        nfsio
 95543  389710      0      0  3     0x14280  nfsidl        nfsio
 82352  128042      0      0  3     0x14280  nfsidl        nfsio
 14969  225271      0      0  3     0x14280  nfsidl        nfsio
 48469   59700      0      0  3     0x14280  nfsidl        nfsio
 28725   42833      0      0  3     0x14280  nfsidl        nfsio
 29477  161452      0      0  3     0x14280  nfsidl        nfsio
 40885   64779      0      0  3     0x14280  nfsidl        nfsio
 14696  340678      0      0  3     0x14280  nfsidl        nfsio
 77014   51617      0      0  3     0x14280  nfsidl        nfsio
 29884  428684      0      0  3     0x14280  nfsidl        nfsio
 86181  333440      0      0  3     0x14280  nfsidl        nfsio
 34935  166163      0      0  3     0x14280  nfsidl        nfsio
 41424  394275      0      0  3     0x14280  nfsidl        nfsio
 94176  441981      0      0  3     0x14280  nfsidl        nfsio
 15651    8070  37727      0  3        0x82  nanoslp       syz-executor
 59433  181692  37727      0  3        0x82  nanoslp       syz-executor
 35288  511074  37727      0  3        0x82  nanoslp       syz-executor
 22629  267873  37727      0  3        0x82  piperd        syz-executor
 11201  252552  37727      0  3        0x82  nanoslp       syz-executor
 81200  238489  37727      0  3        0x82  piperd        syz-executor
 37727  424906  53472      0  2         0x2                syz-executor
 53472  360299  17208      0  3    0x10008a  sigsusp       ksh
 17208    7472  46493      0  3        0x98  kqread        sshd-session
 46493  381926  29221      0  3        0x92  kqread        sshd-session
 59513  172722      1      0  3    0x100083  ttyopn        getty
 29221  513867      1      0  3        0x88  kqread        sshd
 91548  178508  68417     74  3   0x1100092  bpf           pflogd
 68417   11345      1      0  3        0x80  sbwait        pflogd
 88589  225785  19868     73  3   0x1100090  kqread        syslogd
 19868  444469      1      0  3    0x100082  sbwait        syslogd
 29269  362724      1      0  3    0x100080  kqread        resolvd
  9691  379949  11153     77  3    0x100092  kqread        dhcpleased
 76688  332065  11153     77  3    0x100092  kqread        dhcpleased
 11153   91530      1      0  3        0x80  kqread        dhcpleased
 54836  243227      0      0  3     0x14200  bored         smr
 89787  219379      0      0  2     0x14200                zerothread
 65202  146770      0      0  3     0x14200  aiodoned      aiodoned
 64956  486749      0      0  3     0x14200  syncer        update
 93857   56302      0      0  3     0x14200  cleaner       cleaner
 89144  358933      0      0  3     0x14200  reaper        reaper
 94531  259533      0      0  3     0x14200  pgdaemon      pagedaemon
 97590  361009      0      0  3     0x14200  bored         viomb
 94261   95808      0      0  3  0x40014200  acpi0         acpi0
 64859  100919      0      0  3  0x40014200                idle1
 23292   42877      0      0  3     0x14200  bored         softnet1
 39914  480143      0      0  2     0x14200                softnet0
 30268  399532      0      0  3     0x14200  bored         systqmp
 59207    8304      0      0  3     0x14200  bored         systq
 54020  434319      0      0  3     0x14200  tmoslp        softclockmp
 31253  450399      0      0  3  0x40014200  tmoslp        softclock
 79333  500335      0      0  3  0x40014200                idle0
     1   25837      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper
ddb{1}> show all locks
Process 47549 (syz-executor) thread 0xffff800037b9c2c8 (327797)
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff83b25380)
#0  witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0  witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1  vn_closefile+0x41 sys/kern/vfs_vnops.c:614
#2  fdrop+0x121 sys/kern/kern_descrip.c:1281
#3  knote_remove+0x368 sys/kern/kern_event.c:2186
#4  knote_fdclose+0xf9 sys/kern/kern_event.c:2221
#5  fdrelease+0xf9 sys/kern/kern_descrip.c:761
#6  sys_closefrom+0x13c sys/kern/kern_descrip.c:1471
#7  syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#7  syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783
#8  Xsyscall+0x128
exclusive rwlock fdlock r = 0 (0xffff800037b9f720)
#0  witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0  witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1  rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320
#2  sys_closefrom+0x1ed sys/kern/kern_descrip.c:1468
#3  syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#3  syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783
#4  Xsyscall+0x128
ddb{1}> show malloc
           Type InUse  MemUse  HighUse   Limit  Requests Type Lim
         devbuf 11082  12221K   12379K 166960K     12605        0
            pcb    17     13K      13K 166960K       102        0
         rtable   198     12K      13K 166960K       533        0
             pf    44     20K      28K 166960K       136        0
         ifaddr    33      5K       8K 166960K        71        0
        ifgroup    51      2K       2K 166960K       105        0
         sysctl     4      1K       9K 166960K         9        0
       counters    68     36K      38K 166960K       112        0
       ioctlops     0      0K       4K 166960K      1648        0
            iov     0      0K      24K 166960K        23        0
          mount     1      1K       1K 166960K         1        0
            log     0      0K       0K 166960K         4        0
         vnodes  1391     87K      88K 166960K      1887        0
      UFS quota     1     32K      32K 166960K         1        0
      UFS mount     5     36K      36K 166960K         5        0
            shm     2      1K       9K 166960K        13        0
         VM map     2      1K       1K 166960K         2        0
            sem    12      0K       0K 166960K        23        0
        dirhash    12      2K       2K 166960K        15        0
           ACPI  1692    195K     286K 166960K     12470        0
      file desc    15     50K      97K 166960K       568        0
          sigio     0      0K       0K 166960K         9        0
           proc    72    115K     180K 166960K       607        0
        subproc    63      3K       5K 166960K       163        0
    NFS srvsock     1      0K       0K 166960K         1        0
     NFS daemon     1     16K      16K 166960K         1        0
    ip_moptions     0      0K       0K 166960K        54        0
       in_multi    66      4K       7K 166960K       126        0
    ether_multi     1      0K       0K 166960K         3        0
            mrt     1      0K       0K 166960K        19        0
    ISOFS mount     1     32K      32K 166960K         1        0
  MSDOSFS mount     1     16K      16K 166960K         1        0
           ttys    97    440K     440K 166960K        97        0
           exec     0      0K       1K 166960K       517        0
   fusefs mount     1     32K      32K 166960K         1        0
            tdb     3      0K       0K 166960K         3        0
        VM swap     8     62K      64K 166960K        10        0
       UVM amap   231    159K     188K 166960K      6606        0
       UVM aobj    14      2K       2K 166960K        15        0
     pinsyscall    40     80K     106K 166960K      1752        0
        memdesc     1      4K       4K 166960K         1        0
    crypto data     1      1K       1K 166960K         1        0
    ip6_options     1      0K       0K 166960K        18        0
            NDP    11      0K       1K 166960K        46        0
           temp    45   9117K    9181K 166960K     25049        0
         kqueue    15     24K      30K 166960K       101        0
      SYN cache     2     16K      16K 166960K         2        0
ddb{1}> show all pools
Name      Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache    128       26    0        0     1     0     1     1     0     8    0
rtpcb      120       57    0       54     1     0     1     1     0     8    0
rtentry    176      145    0       76     6     0     6     6     0     8    0
unpcb      144      234    0      213     2     1     1     2     0     8    0
syncache   336        8    0        8     1     0     1     1     0     8    1
tcpcb      736       97    0       93     1     0     1     1     0     8    0
arp        136       23    0       11     1     0     1     1     0     8    0
inpcb      328      488    0      477     7     1     6     7     0     8    5
nd6        152       32    0       15     1     0     1     1     0     8    0
pkpcb       40        2    0        2     1     1     0     1     0     8    0
kcovpl      48       18    0       11     1     0     1     1     0     8    0
ppxss      1192      14    0       14     1     0     1     1     0     8    1
pppxif     1576       3    0        3     2     1     1     1     0     8    1
pfstscr     40        7    0        3     1     0     1     1     0     8    0
pffrag     232        2    0        0     1     0     1     1     0   482    0
pffrnode    88        2    0        0     1     0     1     1     0     8    0
pffrent     40        2    0        0     1     0     1     1     0     8    0
pfosfp      40     1428    0     1428     5     0     5     5     0     8    5
pfosfpen   112     1428    0     1428    21     0    21    21     0     8   21
pfrktable  1344      13    0        4     1     0     1     1     0     8    0
pfsrclim   320        2    0        2     1     1     0     1     0     8    0
pfanchor   1288       5    0        0     1     0     1     1     0     8    0
pftag       88        4    0        0     1     0     1     1     0     8    0
pfstitem    24       67    0       13     1     0     1     1     0     8    0
pfstkey    128       69    0       15     2     0     2     2     0     8    0
pfstate    448       64    0       13     7     0     7     7     0     8    0
pfrule     1360      30    0       21     2     1     1     2     0     8    0
rttmr      136        1    0        1     1     1     0     1     0     8    0
art_heap8  4096       3    0        1     3     0     3     3     0     8    1
art_heap4  256      655    0      338    30     2    28    29     0     8    4
art_table   40      658    0      339     5     0     5     5     0     8    0
art_node    32      145    0       83     1     0     1     1     0     8    0
sysvmsgpl   40       10    0        4     1     0     1     1     0     8    0
semapl      72       20    0       10     1     0     1     1     0     8    0
shmpl      112       12    0        1     1     0     1     1     0     8    0
dirhash    1024      19    0        2     3     0     3     3     0     8    0
dino2pl    256     2308    0      836    93     0    93    93     0     8    0
ffsino     296     2308    0      836   114     0   114   114     0     8    0
nchpl      144     3083    0     1369    64     0    64    64     0     8    0
rtmask      32        1    0        1     1     1     0     1     0     8    0
vnodes     216     2785    0        0   155     0   155   155     0     8    0
namei      1024    9870    0     9870     2     1     1     2     0     8    1
percpumem   16       71    0       22     1     0     1     1     0     8    0
pfiaddrpl  120        4    0        0     1     0     1     1     0     8    0
kstatmem   264       61    0       34     3     0     3     3     0     8    0
scsiplug    72        4    0        4     1     1     0     1     0     8    0
scxspl     216    10440    0    10440    13     5     8     8     1     8    8
plimitpl   152       70    0       54     1     0     1     1     0     8    0
sigapl     424      885    0      820     8     0     8     8     0     8    0
knotepl    120      743    0        0    23     0    23    23     0     8    0
kqueuepl   224      164    0      153     1     0     1     1     0     8    0
pipepl     344      324    0      297     9     0     9     9     0     8    5
fdescpl    528      849    0      820     3     0     3     3     0     8    0
filepl     160     4526    0     4309    16     0    16    16     0     8    4
lockfpl    104      268    0      265     2     1     1     2     0     8    0
lockfspl    48      123    0      120     1     0     1     1     0     8    0
sessionpl  144       51    0       42     1     0     1     1     0     8    0
pgrppl      48       72    0       55     1     0     1     1     0     8    0
ucredpl    104      570    0      556     1     0     1     1     0     8    0
zombiepl   144      821    0      820     1     0     1     1     0     8    0
processpl  1232     885    0      820     6     0     6     6     0     8    0
procpl     664     1561    0     1489     8     0     8     8     0     8    1
sockpl     752      790    0      755    11     2     9    11     0     8    5
mcl64k     65536      2    0        0     1     0     1     1     0     8    0
mcl16k     16384      4    0        0     1     0     1     1     0     8    0
mcl12k     12288      1    0        0     1     0     1     1     0     8    0
mcl8k      8192       4    0        0     1     0     1     1     0     8    0
mcl4k      4096     126    0        0    16     0    16    16     0     8    0
mcl2k2     2112       2    0        0     1     0     1     1     0     8    0
mcl2k      2048      20    0        0     3     0     3     3     0     8    0
mtagpl      96        6    0        0     1     0     1     1     0     8    0
mbufpl     256      443    0        0    27     0    27    27     0     8    0
bufpl      272     3353    0      107   217     0   217   217     0     8    0
anonpl      32     7547    0        0    62     1    61    61     0   115    0
amapchunkpl 152   20491    0    19968    39     2    37    37     0   158   14
amappl16   200     1764    0     1702    14     8     6    14     0     8    0
amappl15   192       18    0       16     1     0     1     1     0     8    0
amappl14   184      440    0      439     1     0     1     1     0     8    0
amappl13   176      132    0      119     1     0     1     1     0     8    0
amappl12   168     1110    0     1083     2     0     2     2     0     8    0
amappl11   160        4    0        4     1     1     0     1     0     8    0
amappl10   152      100    0       86     1     0     1     1     0     8    0
amappl9    144      319    0      319     1     1     0     1     0     8    0
amappl8    136      104    0      101     1     0     1     1     0     8    0
amappl7    128      173    0      160     1     0     1     1     0     8    0
amappl6    120      164    0      162     1     0     1     1     0     8    0
amappl5    112       98    0       86     1     0     1     1     0     8    0
amappl4    104      298    0      279     1     0     1     1     0     8    0
amappl3     96     4209    0     4104     4     0     4     4     0     8    0
amappl2     88      574    0      508     2     0     2     2     0     8    0
amappl1     80    12182    0    11599    14     1    13    14     0     8    0
amappl      88     5798    0     5640     6     1     5     5     0    92    0
uvmvnodes   80      117    0        0     3     0     3     3     0     8    0
dma65536   65536      1    0        1     1     1     0     1     0     8    0
dma4096    4096       1    0        1     1     1     0     1     0     8    0
dma2048    2048       1    0        1     1     1     0     1     0     8    0
dma1024    1024       1    0        0     1     0     1     1     0     8    0
dma256     256        6    0        6     1     1     0     1     0     8    0
dma128     128      253    0      253     1     1     0     1     0     8    0
dma64       64        6    0        6     1     1     0     1     0     8    0
dma32       32        7    0        7     1     1     0     1     0     8    0
dma16       16       18    0       17     1     0     1     1     0     8    0
aobjpl      72       14    0        1     1     0     1     1     0     8    0
uaddrrnd    24      849    0      820     1     0     1     1     0     8    0
uaddrbest   32        2    0        0     1     0     1     1     0     8    0
uaddr       24      849    0      820     1     0     1     1     0     8    0
vmmpekpl   168     9357    0     9295     3     0     3     3     0     8    0
vmmpepl    168    61838    0    59989    98     6    92    97     0   357    3
vmsppl     488      848    0      820     6     1     5     5     0     8    1
rwobjpl     80    18863    0    17775    28     4    24    28     0     8    0
pdppl      4096    1705    0     1640   101    32    69    87     0     8    4
pvpl        32    14191    0        0   115     0   115   115     0   265    0
pmappl     256      848    0      820     3     0     3     3     0     8    0
extentpl    40       45    0       27     1     0     1     1     0     8    0
phpool     112      517    0       40    14     0    14    14     0     8    0
ddb{1}> machine ddbcpu 0
Stopped at      x86_ipi_db+0x27:        addq    $0x8,%rsp
ddb{0}> trace
x86_ipi_db(ffffffff83959ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__mp_lock(ffffffff83b24b80) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:142 [inline]
__mp_lock(ffffffff83b24b80) at __mp_lock+0x192 sys/kern/kern_lock.c:173
intr_handler(ffff80003c447be0,ffff800000079600) at intr_handler+0xe9 sys/arch/amd64/amd64/intr.c:560
Xintr_ioapic_edge16_untramp() at Xintr_ioapic_edge16_untramp+0x18f
__mp_lock(ffffffff83b24b80) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:142 [inline]
__mp_lock(ffffffff83b24b80) at __mp_lock+0x192 sys/kern/kern_lock.c:173
softintr_dispatch(0) at softintr_dispatch+0x125 sys/kern/kern_softintr.c:83
dosoftint(0) at dosoftint+0x54 sys/arch/amd64/amd64/intr.c:862
Xsoftclock() at Xsoftclock+0x27
end of kernel
end trace frame: 0x77bdfed2f400, count: -10
ddb{0}> machine ddbcpu 1
Stopped at      db_enter+0x25:  addq    $0x8,%rsp
ddb{1}> trace
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
witness_checkorder(fffff2806d7dae98,9,0) at witness_checkorder+0x10d1 sys/kern/subr_witness.c:-1
rw_do_enter_write(fffff2806d7dae80,1) at rw_do_enter_write+0xba sys/kern/kern_rwlock.c:234
rrw_enter(fffff2806d7dae80,1) at rrw_enter+0xc6 sys/kern/kern_rwlock.c:621
VOP_LOCK(fffff2806d8dd370,2001) at VOP_LOCK+0xbd sys/kern/vfs_vops.c:527
vn_lock(fffff2806d8dd370,2001) at vn_lock+0xa4 sys/kern/vfs_vnops.c:576
vn_closefile(fffff2806307ae10,ffff800037b9c2c8) at vn_closefile+0x111 vn_close sys/kern/vfs_vnops.c:298 [inline]
vn_closefile(fffff2806307ae10,ffff800037b9c2c8) at vn_closefile+0x111 sys/kern/vfs_vnops.c:621
fdrop(fffff2806307ae10,ffff800037b9c2c8) at fdrop+0x121 sys/kern/kern_descrip.c:1281
knote_remove(ffff800037b9c2c8,fffff280742c7a80,fffff280742c7b10,5,0) at knote_remove+0x368 sys/kern/kern_event.c:2186
knote_fdclose(ffff800037b9c2c8,5) at knote_fdclose+0xf9 sys/kern/kern_event.c:2221
fdrelease(ffff800037b9c2c8,5) at fdrelease+0xf9 sys/kern/kern_descrip.c:761
sys_closefrom(ffff800037b9c2c8,ffff80002a2c6bc0,ffff80002a2c6b10) at sys_closefrom+0x13c sys/kern/kern_descrip.c:1471
syscall(ffff80002a2c6bc0) at syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a2c6bc0) at syscall+0xbd4 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x92172d27930, count: -14

Crashes (217632):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/06/25 14:03 openbsd 452256cb16b9 432fd51a .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 13:00 openbsd 452256cb16b9 432fd51a .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 12:51 openbsd 452256cb16b9 432fd51a .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 11:50 openbsd 452256cb16b9 432fd51a .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 10:49 openbsd 452256cb16b9 432fd51a .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 08:24 openbsd 7c9581f1cd1a cfa969bf .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 08:11 openbsd 7c9581f1cd1a cfa969bf .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 07:05 openbsd 7c9581f1cd1a cfa969bf .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 05:59 openbsd 7c9581f1cd1a cfa969bf .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 04:53 openbsd 7c9581f1cd1a cfa969bf .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 03:27 openbsd 7c9581f1cd1a cfa969bf .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 03:19 openbsd 7c9581f1cd1a cfa969bf .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 02:04 openbsd 7c9581f1cd1a cfa969bf .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 00:19 openbsd 7c9581f1cd1a cfa969bf .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/25 00:13 openbsd 7c9581f1cd1a cfa969bf .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 23:03 openbsd 7c9581f1cd1a cfa969bf .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 21:51 openbsd 7c9581f1cd1a cfa969bf .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 20:30 openbsd aea2b55f2b77 c1da772e .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 19:50 openbsd aea2b55f2b77 c1da772e .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 18:23 openbsd aea2b55f2b77 c1da772e .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 16:55 openbsd aea2b55f2b77 c1da772e .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 15:47 openbsd aea2b55f2b77 c1da772e .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 15:43 openbsd aea2b55f2b77 c1da772e .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 14:33 openbsd aea2b55f2b77 c1da772e .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 13:18 openbsd aea2b55f2b77 c1da772e .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 12:18 openbsd aea2b55f2b77 c1da772e .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 12:17 openbsd aea2b55f2b77 c1da772e .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 11:14 openbsd aea2b55f2b77 c1da772e .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 10:02 openbsd aea2b55f2b77 c1da772e .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 09:02 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 07:54 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 06:53 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 05:59 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 04:56 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 04:15 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 03:12 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 02:44 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 01:44 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 01:08 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/24 00:05 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/23 22:57 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/23 22:46 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2026/06/23 21:19 openbsd 26c6eebc6662 042555ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
2025/02/03 09:06 openbsd db5d28f093d6 568559e4 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore witness: reversal: lock order data missing
* Struck through repros no longer work on HEAD.