witness: lock order reversal:
1st 0xffffffff839ff700 &sched_lock (&sched_lock)
2nd 0xffffffff83804df8 &cq->cq_mtx (&cq->cq_mtx)
lock order [1] &sched_lock (&sched_lock) -> [2] &cq->cq_mtx (&cq->cq_mtx)
#0 mtx_enter+0x47 sys/kern/kern_lock.c:238
#1 clockintr_cancel+0x2f sys/kern/kern_clockintr.c:323
#2 mi_switch+0x165 x86_atomic_clearbits_u32 machine/atomic.h:-1 [inline]
#2 mi_switch+0x165 sys/kern/sched_bsd.c:371
#3 preempt+0x6a sys/kern/sched_bsd.c:338
#4 ast+0x165 mi_ast sys/sys/syscall_mi.h:252 [inline]
#4 ast+0x165 sys/arch/amd64/amd64/trap.c:543
#5 intr_user_exit+0x3c
lock order [2] &cq->cq_mtx (&cq->cq_mtx) -> [1] &sched_lock (&sched_lock)
#0 mtx_enter+0x47 sys/kern/kern_lock.c:238
#1 sleep_setup+0xc6 sys/kern/kern_synch.c:348
#2 msleep+0x114 sys/kern/kern_synch.c:245
#3 dt_ioctl_record_stop+0xbc sys/dev/dt/dt_dev.c:575
#4 dtclose+0x105 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline]
#4 dtclose+0x105 sys/dev/dt/dt_dev.c:232
#5 spec_close+0x45f sys/kern/spec_vnops.c:-1
#6 VOP_CLOSE+0x133 sys/kern/vfs_vops.c:156
#7 vn_closefile+0x12b vn_close sys/kern/vfs_vnops.c:292 [inline]
#7 vn_closefile+0x12b sys/kern/vfs_vnops.c:615
#8 fdrop+0x126 sys/kern/kern_descrip.c:1267
#9 closef+0x192 sys/kern/kern_descrip.c:1251
#10 fdfree+0x116 sys/kern/kern_descrip.c:1182
#11 exit1+0x58f sys/kern/kern_exit.c:214
#12 sys_exit+0x1a sys/kern/kern_exit.c:-1
#13 syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#13 syscall+0xb08 sys/arch/amd64/amd64/trap.c:579
#14 Xsyscall+0x128
Stopped at db_enter+0x25: addq $0x8,%rsp
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
the kernel did not panic
ddb{0}> trace
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
witness_checkorder(ffffffff83804df8,9,0) at witness_checkorder+0x10fb sys/kern/subr_witness.c:-1
mtx_enter(ffffffff83804de8) at mtx_enter+0x47 sys/kern/kern_lock.c:238
clockintr_cancel(ffffffff838042f0) at clockintr_cancel+0x2f sys/kern/kern_clockintr.c:323
mi_switch() at mi_switch+0x165 x86_atomic_clearbits_u32 machine/atomic.h:-1 [inline]
mi_switch() at mi_switch+0x165 sys/kern/sched_bsd.c:371
preempt() at preempt+0x6a sys/kern/sched_bsd.c:338
ast(ffff80003b3eeb70) at ast+0x165 mi_ast sys/sys/syscall_mi.h:252 [inline]
ast(ffff80003b3eeb70) at ast+0x165 sys/arch/amd64/amd64/trap.c:543
intr_user_exit() at intr_user_exit+0x3c
end of kernel
end trace frame: 0x7f058bb50040, count: -8
ddb{0}> show registers
rdi 0
rsi 0
rbp 0xffff80003b3ee980
rbx 0xfffffd80046fb330
rdx 0
rcx 0xffff80003c420550
rax 0xffffffff83803ff0 cpu_info_full_primary+0x1ff0
r8 0xffff80003b3ee860
r9 0x8080808080808080
r10 0x36041f343fda128c
r11 0x932329996c800b2d
r12 0
r13 0xfffffd8003f50dc0
r14 0x3
r15 0xffffffff
rip 0xffffffff815aaad5 db_enter+0x25
cs 0x8
rflags 0x246
rsp 0xffff80003b3ee970
ss 0
db_enter+0x25: addq $0x8,%rsp
ddb{0}> show proc
PROC (syz-executor) tid=154675 pid=92486 tcnt=2 stat=run
flags process=4000000<ITIMER> proc=0
runpri=50, usrpri=50, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0x0, list=0xffff80003c421740,0xffff8000ffff19d0
process=0xffff8000ffff5c58 user=0xffff80003b3e9000, vmspace=0xfffffd806d19dd30
estcpu=36, cpticks=2, pctcpu=0.0, user=2, sys=0, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
*92486 154675 78143 0 2 0x4000000 syz-executor
92486 17133 78143 0 2 0x4000000 syz-executor
78176 50600 57945 0 2 0 syz-executor
78176 94154 57945 0 3 0x4000080 kqread syz-executor
32912 39929 24241 0 3 0x80 nanoslp syz-executor
32912 395869 24241 0 3 0x4000080 kqread syz-executor
32912 244738 24241 0 3 0x4000080 fsleep syz-executor
32912 47026 24241 0 3 0x4000080 fsleep syz-executor
11597 172580 50330 0 2 0 syz-executor
11597 207911 50330 0 3 0x4000080 fsleep syz-executor
77075 459275 89499 60929 2 0x10 syz-executor
77075 318120 89499 60929 3 0x4000090 fsleep syz-executor
6557 345569 6601 0 2 0xc80 syz-executor
6557 55392 6601 0 3 0x4000080 ttyin syz-executor
14969 154140 66463 0 3 0x80 nanoslp syz-executor
14969 293020 66463 0 3 0x4000080 lockf syz-executor
14969 151415 66463 0 3 0x4000080 fsleep syz-executor
21917 224354 0 0 3 0x14200 acct acct
66463 298882 95834 0 2 0xc82 syz-executor
57945 147279 95834 0 3 0x82 nanoslp syz-executor
45087 286159 1 0 3 0x80 nanoslp init
32377 261887 0 0 3 0x14200 bored sosplice
26641 90819 26754 0 3 0x100082 sbwait arp
26754 140524 35180 0 3 0x10008a sigsusp sh
24241 347356 95834 0 2 0xc82 syz-executor
50330 499471 95834 0 3 0x82 nanoslp syz-executor
35180 461935 95834 0 3 0x82 wait syz-executor
6601 381472 95834 0 2 0xc82 syz-executor
89499 515656 95834 0 3 0x82 nanoslp syz-executor
78143 497331 95834 0 3 0x82 nanoslp syz-executor
95834 236324 51289 0 3 0x82 kqread syz-executor
51289 390462 78199 0 3 0x10008a sigsusp ksh
78199 220343 77413 0 3 0x98 kqread sshd-session
77413 322030 20279 0 3 0x92 kqread sshd-session
20279 461964 1 0 3 0x88 kqread sshd
52497 56817 61996 74 3 0x1100092 bpf pflogd
61996 430374 1 0 3 0x80 sbwait pflogd
26563 379049 26811 73 3 0x1100090 kqread syslogd
26811 517398 1 0 3 0x100082 sbwait syslogd
3399 426676 1 0 3 0x100080 kqread resolvd
50349 466059 26961 77 3 0x100092 kqread dhcpleased
19786 202202 26961 77 3 0x100092 kqread dhcpleased
26961 139089 1 0 3 0x80 kqread dhcpleased
6647 331557 0 0 3 0x14200 bored smr
71391 193917 0 0 2 0x14200 zerothread
3596 270913 0 0 3 0x14200 aiodoned aiodoned
76467 478651 0 0 3 0x14200 syncer update
9537 507624 0 0 3 0x14200 cleaner cleaner
80089 251058 0 0 3 0x14200 reaper reaper
17967 132415 0 0 3 0x14200 pgdaemon pagedaemon
19990 157740 0 0 3 0x14200 bored viomb
66749 233731 0 0 3 0x40014200 acpi0 acpi0
54608 45554 0 0 7 0x40014200 idle1
87043 327759 0 0 3 0x14200 bored softnet3
13501 257400 0 0 3 0x14200 bored softnet2
10720 272085 0 0 3 0x14200 bored softnet1
95823 283793 0 0 3 0x14200 bored softnet0
47850 351381 0 0 3 0x14200 bored systqmp
85536 127300 0 0 3 0x14200 bored systq
60634 419843 0 0 3 0x14200 tmoslp softclockmp
74836 32645 0 0 2 0x40014200 softclock
89630 48714 0 0 3 0x40014200 idle0
1 288424 0 0 3 0x82 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb{0}> show all locks
CPU 0:
exclusive mutex &sched_lock r = 0 (0xffffffff839ff700)
#0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5bb sys/kern/subr_witness.c:1160
#1 mtx_enter_try+0x178 sys/kern/kern_lock.c:-1
#2 mtx_enter+0x60 sys/kern/kern_lock.c:239
#3 preempt+0x35 sys/kern/sched_bsd.c:335
#4 ast+0x165 mi_ast sys/sys/syscall_mi.h:252 [inline]
#4 ast+0x165 sys/arch/amd64/amd64/trap.c:543
#5 intr_user_exit+0x3c
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10208 11081K 11435K 166960K 12388 0
pcb 18 14K 16K 166960K 331 0
rtable 145 6K 8K 166960K 456 0
pf 32 17K 19K 166960K 126 0
ifaddr 28 4K 7K 166960K 87 0
ifgroup 43 2K 2K 166960K 129 0
sysctl 1 1K 9K 166960K 8 0
counters 60 35K 37K 166960K 156 0
ioctlops 0 0K 4K 166960K 1620 0
iov 0 0K 16K 166960K 92 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1429 90K 90K 166960K 2032 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 6 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 33 0
dirhash 12 2K 2K 166960K 27 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 19 69K 244K 166960K 823 0
sigio 0 0K 0K 166960K 12 0
proc 63 79K 140K 166960K 652 0
subproc 72 4K 4K 166960K 90 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 70 0
in_multi 53 4K 6K 166960K 127 0
ether_multi 1 0K 0K 166960K 1 0
mrt 1 0K 0K 166960K 1 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 73 334K 334K 166960K 73 0
exec 0 0K 1K 166960K 498 0
fusefs mount 1 32K 32K 166960K 1 0
pfkey data 0 0K 0K 166960K 2 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 245 157K 175K 166960K 9068 0
UVM aobj 13 2K 2K 166960K 14 0
pinsyscall 44 88K 110K 166960K 1986 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 55 0
NDP 9 0K 1K 166960K 58 0
temp 57 8670K 8740K 166960K 32632 0
kqueue 14 22K 28K 166960K 175 0
SYN cache 2 16K 16K 166960K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 26 0 0 1 0 1 1 0 8 0
rtpcb 120 78 0 73 1 0 1 1 0 8 0
rtentry 176 137 0 77 5 0 5 5 0 8 0
unpcb 144 551 0 532 4 2 2 4 0 8 1
syncache 336 7 0 7 2 1 1 1 0 8 1
tcpqe 32 2 0 2 2 1 1 1 0 8 1
tcpcb 808 170 0 164 2 0 2 2 0 8 1
arp 128 21 0 10 1 0 1 1 0 8 0
inpcb 384 885 0 873 11 6 5 8 0 8 3
nd6 144 29 0 16 1 0 1 1 0 8 0
pkpcb 40 6 0 6 1 0 1 1 0 8 1
kcovpl 48 10 0 2 1 0 1 1 0 8 0
ppxss 1192 38 0 38 1 0 1 1 0 8 1
pppxif 1504 5 0 5 2 2 0 1 0 8 0
pfstscr 40 2 0 2 2 2 0 1 0 8 0
pffrag 232 2 0 0 1 0 1 1 0 482 0
pffrnode 88 2 0 0 1 0 1 1 0 8 0
pffrent 40 3 0 1 1 0 1 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfstitem 24 66 0 18 1 0 1 1 0 8 0
pfstkey 128 70 0 22 2 0 2 2 0 8 0
pfstate 384 68 0 20 6 0 6 6 0 8 0
pfrule 1344 21 0 15 2 0 2 2 0 8 0
art_heap8 4096 2 0 0 2 0 2 2 0 8 0
art_heap4 256 570 0 320 26 2 24 26 0 8 4
art_table 32 572 0 320 4 0 4 4 0 8 0
art_node 16 134 0 81 1 0 1 1 0 8 0
sysvmsgpl 40 7 0 5 2 1 1 1 0 8 0
semapl 112 29 0 19 1 0 1 1 0 8 0
shmpl 112 11 0 1 1 0 1 1 0 8 0
dirhash 1024 27 0 10 3 0 3 3 0 8 0
dino2pl 256 2822 0 1316 95 0 95 95 0 8 0
ffsino 288 2822 0 1316 109 0 109 109 0 8 0
nchpl 144 3898 0 2214 64 0 64 64 0 8 0
rtmask 32 10 0 10 2 1 1 1 0 8 1
uvmvnodes 80 3323 0 0 68 0 68 68 0 8 0
vnodes 216 3323 0 0 185 0 185 185 0 8 0
namei 1024 13035 0 13035 1 0 1 1 0 8 1
percpumem 16 93 0 48 1 0 1 1 0 8 0
kstatmem 264 82 0 62 3 1 2 3 0 8 0
scsiplug 72 2 0 2 2 1 1 1 0 8 1
scxspl 216 14295 0 14295 10 7 3 8 1 8 3
plimitpl 152 104 0 87 1 0 1 1 0 8 0
sigapl 424 1122 0 1069 8 1 7 7 0 8 0
knotepl 120 560 0 0 17 0 17 17 0 8 0
kqueuepl 224 378 0 367 6 5 1 5 0 8 0
pipepl 336 223 0 196 8 5 3 8 0 8 0
fdescpl 520 1101 0 1068 3 0 3 3 0 8 0
filepl 160 6235 0 6009 19 6 13 19 0 8 3
lockfpl 104 251 0 247 1 0 1 1 0 8 0
lockfspl 48 85 0 82 1 0 1 1 0 8 0
sessionpl 144 29 0 21 1 0 1 1 0 8 0
pgrppl 48 50 0 34 1 0 1 1 0 8 0
ucredpl 104 762 0 747 1 0 1 1 0 8 0
zombiepl 144 1069 0 1069 1 0 1 1 0 8 1
processpl 1208 1122 0 1069 5 0 5 5 0 8 0
procpl 656 2209 0 2146 7 1 6 6 0 8 0
srpgc 96 10 0 10 2 1 1 1 0 8 1
sosppl 168 3 0 3 2 1 1 1 0 8 1
sockpl 728 1532 0 1496 16 9 7 16 0 8 3
mcl64k 65536 8 0 0 1 0 1 1 0 8 0
mcl16k 16384 7 0 0 1 0 1 1 0 8 0
mcl12k 12288 2 0 0 1 0 1 1 0 8 0
mcl9k 9216 1 0 0 1 0 1 1 0 8 0
mcl8k 8192 4 0 0 1 0 1 1 0 8 0
mcl4k 4096 112 0 0 14 0 14 14 0 8 0
mcl2k2 2112 1 0 0 1 0 1 1 0 8 0
mcl2k 2048 39 0 0 4 0 4 4 0 8 0
mtagpl 96 17 0 0 1 0 1 1 0 8 0
mbufpl 256 1163 0 0 73 0 73 73 0 8 0
bufpl 280 4880 0 126 340 0 340 340 0 8 0
anonpl 32 9537 0 0 77 0 77 77 0 246 0
amapchunkpl 152 29458 0 28953 32 5 27 27 0 158 2
amappl16 200 3235 0 3207 22 13 9 15 0 8 4
amappl15 192 11 0 11 2 2 0 1 0 8 0
amappl14 184 127 0 115 1 0 1 1 0 8 0
amappl13 176 3 0 3 2 2 0 1 0 8 0
amappl12 168 1784 0 1751 4 2 2 3 0 8 0
amappl11 160 52 0 38 1 0 1 1 0 8 0
amappl10 152 77 0 77 1 1 0 1 0 8 0
amappl9 144 257 0 257 1 1 0 1 0 8 0
amappl8 136 47 0 44 1 0 1 1 0 8 0
amappl7 128 150 0 137 1 0 1 1 0 8 0
amappl6 120 202 0 198 1 0 1 1 0 8 0
amappl5 112 132 0 121 1 0 1 1 0 8 0
amappl4 104 354 0 331 1 0 1 1 0 8 0
amappl3 96 5745 0 5630 4 0 4 4 0 8 0
amappl2 88 712 0 647 2 0 2 2 0 8 0
amappl1 80 12098 0 11491 16 1 15 16 0 8 0
amappl 88 8194 0 8022 5 0 5 5 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 7 0 7 2 2 0 1 0 8 0
dma128 128 255 0 255 3 2 1 1 0 8 1
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 13 0 1 1 0 1 1 0 8 0
uaddrrnd 24 1101 0 1068 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1101 0 1068 1 0 1 1 0 8 0
vmmpekpl 168 10660 0 10618 3 0 3 3 0 8 0
vmmpepl 168 75399 0 73367 106 10 96 101 0 357 5
vmsppl 480 1100 0 1068 5 0 5 5 0 8 0
rwobjpl 72 25027 0 20745 78 0 78 78 0 8 0
pdppl 4096 2209 0 2136 103 30 73 87 0 8 0
pvpl 32 15418 0 0 125 0 125 125 0 265 0
pmappl 256 1100 0 1068 3 0 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 452 0 41 12 0 12 12 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
witness_checkorder(ffffffff83804df8,9,0) at witness_checkorder+0x10fb sys/kern/subr_witness.c:-1
mtx_enter(ffffffff83804de8) at mtx_enter+0x47 sys/kern/kern_lock.c:238
clockintr_cancel(ffffffff838042f0) at clockintr_cancel+0x2f sys/kern/kern_clockintr.c:323
mi_switch() at mi_switch+0x165 x86_atomic_clearbits_u32 machine/atomic.h:-1 [inline]
mi_switch() at mi_switch+0x165 sys/kern/sched_bsd.c:371
preempt() at preempt+0x6a sys/kern/sched_bsd.c:338
ast(ffff80003b3eeb70) at ast+0x165 mi_ast sys/sys/syscall_mi.h:252 [inline]
ast(ffff80003b3eeb70) at ast+0x165 sys/arch/amd64/amd64/trap.c:543
intr_user_exit() at intr_user_exit+0x3c
end of kernel
end trace frame: 0x7f058bb50040, count: -8
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x27: addq $0x8,%rsp
ddb{1}> trace
x86_ipi_db(ffff8000299ddff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
acpicpu_idle() at acpicpu_idle+0x41e sys/dev/acpi/acpicpu.c:1218
sched_idle(ffff8000299ddff0) at sched_idle+0x538 sys/kern/kern_sched.c:182
end trace frame: 0x0, count: -5