kern.securelevel: 0 -> 1
creating runtime link editor directory cache.
preserving editor files.
starting network daemons: sshd.
starting local daemons:.
Fri Jan 25 01:42:20 PST 2019

OpenBSD/amd64 (ci-openbsd-multicore-4.c.syzkaller.internal) (tty00)

Warning: Permanently added '10.128.0.210' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
login: lock order reversal:

 1st 0xfffffd806d614f80 inode (&ip->i_lock) @ /syzkaller/managers/multicore/kernel/sys/ufs/ufs/ufs_vnops.c:1547

 2nd 0xfffffd807f7c67f8 fdlock (&newfdp->fd_fd.fd_lock) @ /syzkaller/managers/multicore/kernel/sys/kern/vfs_syscalls.c:1113

lock order "&newfdp->fd_fd.fd_lock"(rwlock) -> "&ip->i_lock"(rrwlock) first seen at:

#0  witness_checkorder+0x6d8

#1  _rw_enter+0xbf

#2  _rrw_enter+0x5c

#3  VOP_LOCK+0x55

#4  vn_closefile+0x11e

#5  fdrop+0xdf

#6  closef+0x128

#7  finishdup+0x2cc

#8  dodup3+0x5da

#9  syscall+0x5a0

#10 Xsyscall+0x128

lock order "&ip->i_lock"(rrwlock) -> "&newfdp->fd_fd.fd_lock"(rwlock) first seen at:

#0  witness_checkorder+0x6d8

#1  _rw_enter_write+0x6b

#2  doopenat+0x679

#3  syscall+0x5a0

#4  Xsyscall+0x128

Stopped at      db_enter+0x18:  addq    $0x8,%rsp

ddb{0}> 

ddb{0}> set $lines = 0

ddb{0}> show panic

the kernel did not panic

ddb{0}> trace

db_enter() at db_enter+0x18

witness_checkorder(79db3275ff2465d5,ffffffff81ee4b9d,459,0,fffffd807f7c67f8) at witness_checkorder+0x12f9

_rw_enter_write(0,1,1) at _rw_enter_write+0x6b

doopenat(ae693c3f463dc669,0,ffff800020b744b8,1190e5cb7c8,0,50) at doopenat+0x679

syscall(caf084539f826dba) at syscall+0x5a0

Xsyscall(6,0,1165bf9e0c8,0,1165bf9e0a8,1165bf9e0a0) at Xsyscall+0x128

end of kernel

end trace frame: 0x1190e5cb800, count: -6

ddb{0}> show registers

rdi                              0x3

rsi               0xffffffff821dad78    __sancov_gen_cov_switch_values.125+0x28

rbp               0xffff800020c17b00

rbx                              0x3

rdx                             0x8b

rcx                              0x3

rax                                0

r8                0xffffffff81e8d9bf    witness_checkorder+0x12cf

r9                               0x5

r10               0x51d18c2bd52e6884

r11               0x5ccd9507b4682770

r12               0xfffffd80025d8570

r13               0xffffffff81f25008    apollo_pio_rec+0x161

r14               0xffffffff822ca450    w_lodata+0x51830

r15               0xffffffff822cdec0    w_lodata+0x552a0

rip               0xffffffff8171e6c8    db_enter+0x18

cs                               0x8

rflags                         0x246

rsp               0xffff800020c17af0

ss                                 0

db_enter+0x18:  addq    $0x8,%rsp

ddb{0}> show proc

PROC (syz-executor1946) pid=190813 stat=onproc

    flags process=0 proc=4000000<THREAD>

    pri=32, usrpri=50, nice=20

    forw=0xffffffffffffffff, list=0xffff800020b74260,0xffff800020b752d8

    process=0xffff800020bcb710 user=0xffff800020c12000, vmspace=0xfffffd806e921b48

    estcpu=36, cpticks=0, pctcpu=0.0

    user=0, sys=0, intr=0

ddb{0}> ps

   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND

 47543    9107  98686      0  2           0                syz-executor1946

 47543  358443  98686      0  7   0x4000000                syz-executor1946

 91694  252564   6151      0  2           0                syz-executor1946

*91694  190813   6151      0  7   0x4000000                syz-executor1946

 91694  409568   6151      0  2   0x4000000                syz-executor1946

 98686   88220  24258      0  3        0x80  nanosleep     syz-executor1946

  6151  277969  24258      0  3        0x80  nanosleep     syz-executor1946

 24258   94023  48006      0  3        0x82  nanosleep     syz-executor1946

 48006  180577  11174      0  3    0x10008a  pause         ksh

 11174  132453  50816      0  3        0x92  select        sshd

 55781  272133      1      0  3    0x100083  ttyin         getty

 50816  169381      1      0  3        0x80  select        sshd

 44756  465893  69120     73  2    0x100090                syslogd

 69120  508776      1      0  3    0x100082  netio         syslogd

 86756   63979      1     77  3    0x100090  poll          dhclient

 36293  324585      1      0  3        0x80  poll          dhclient

 59764  425633      0      0  2     0x14200                zerothread

 28593  348272      0      0  3     0x14200  aiodoned      aiodoned

 52471  305557      0      0  3     0x14200  syncer        update

 60144  412117      0      0  3     0x14200  cleaner       cleaner

  4133   92384      0      0  3     0x14200  reaper        reaper

 82005   17799      0      0  3     0x14200  pgdaemon      pagedaemon

 61041  458604      0      0  3     0x14200  bored         crynlk

 98719  277870      0      0  3     0x14200  bored         crypto

 46537   56770      0      0  3  0x40014200  acpi0         acpi0

 98249  504127      0      0  3  0x40014200                idle1

 96670  508805      0      0  3     0x14200  bored         softnet

 96927   55003      0      0  3     0x14200  bored         systqmp

 45333  356745      0      0  3     0x14200  bored         systq

 21283   43065      0      0  3  0x40014200  bored         softclock

 83456  368178      0      0  3  0x40014200                idle0

     1   38763      0      0  3        0x82  wait          init

     0       0     -1      0  3     0x10200  scheduler     swapper

ddb{0}>