kern.securelevel: 0 -> 1 creating runtime link editor directory cache. preserving editor files. starting network daemons: sshd. starting local daemons:. Mon Jan 28 02:53:25 PST 2019 OpenBSD/amd64 (ci-openbsd-setuid-6.c.syzkaller.internal) (tty00) Warning: Permanently added '10.128.0.188' (ECDSA) to the list of known hosts. 2019/01/28 02:53:58 parsed 1 programs 2019/01/28 02:54:03 executed programs: 0 login: witness: thread 0xffff800020b74260 exiting with the following locks held: exclusive rrwlock inode r = 0 (0xfffffd806e5204e8) locked @ /syzkaller/managers/setuid/kernel/sys/ufs/ufs/ufs_vnops.c:1547 panic: thread 0xffff800020b74260 cannot exit while holding sleeplocks Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 519328 56114 73 0x100010 0 0 syslogd * 73689 28842 0 0x14000 0x200 1 reaper db_enter() at db_enter+0x18 panic() at panic+0x16c witness_thread_exit(567ec270a070eff8) at witness_thread_exit+0x244 reaper(0) at reaper+0x14f end trace frame: 0x0, count: 11 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> show panic thread 0xffff800020b74260 cannot exit while holding sleeplocks ddb{1}> trace db_enter() at db_enter+0x18 panic() at panic+0x16c witness_thread_exit(567ec270a070eff8) at witness_thread_exit+0x244 reaper(0) at reaper+0x14f end trace frame: 0x0, count: -4 ddb{1}> show registers rdi 0 rsi 0x1 rbp 0xffff800020b67660 rbx 0xffff800020b67700 rdx 0xffffffff81ec88ae cmd0646_9_tim_udma+0x18cbf rcx 0x201 rax 0x1 r8 0xffffffff81aa9b64 kprintf+0x174 r9 0x1 r10 0x240721f02e75d4ad r11 0x57af5745b958fe44 r12 0x3000000008 r13 0xffff800020b67670 r14 0x100 r15 0x1 rip 0xffffffff819d4fa8 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800020b67650 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{1}> show proc PROC (reaper) pid=73689 stat=onproc flags process=14000 proc=200 pri=4, usrpri=51, nice=20 forw=0xffffffffffffffff, list=0xffff800020b20e10,0xffff800020b219d8 process=0xffff800020b5ad28 user=0xffff800020b62000, vmspace=0xffffffff822dc6f0 estcpu=1, cpticks=7, pctcpu=0.1 user=0, sys=3, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 35178 508408 37939 0 3 0x82 nanosleep syz-executor0 37939 207547 49966 0 3 0x82 thrsleep syz-execprog 37939 418686 49966 0 3 0x4000082 thrsleep syz-execprog 37939 479254 49966 0 3 0x4000082 thrsleep syz-execprog 37939 394056 49966 0 3 0x4000082 thrsleep syz-execprog 37939 418991 49966 0 3 0x4000082 thrsleep syz-execprog 37939 240450 49966 0 3 0x4000082 kqread syz-execprog 37939 15658 49966 0 3 0x4000082 thrsleep syz-execprog 37939 509931 49966 0 3 0x4000082 thrsleep syz-execprog 49966 97170 40232 0 3 0x10008a pause ksh 40232 451003 66035 0 3 0x92 select sshd 63386 454459 1 0 3 0x100083 ttyin getty 66035 150474 1 0 3 0x80 select sshd 56114 519328 19830 73 7 0x100010 syslogd 19830 105659 1 0 3 0x100082 netio syslogd 557 381638 1 77 3 0x100090 poll dhclient 91181 111379 1 0 3 0x80 poll dhclient 18364 345907 0 0 3 0x14200 pgzero zerothread 51051 460182 0 0 3 0x14200 aiodoned aiodoned 27698 217497 0 0 3 0x14200 syncer update 97045 199786 0 0 3 0x14200 cleaner cleaner *28842 73689 0 0 7 0x14200 reaper 25309 310342 0 0 3 0x14200 pgdaemon pagedaemon 11412 442192 0 0 3 0x14200 bored crynlk 9248 289841 0 0 3 0x14200 bored crypto 84670 244407 0 0 3 0x40014200 acpi0 acpi0 91606 489965 0 0 3 0x40014200 idle1 21831 283978 0 0 3 0x14200 bored softnet 64632 177232 0 0 3 0x14200 bored systqmp 22694 287238 0 0 3 0x14200 bored systq 87178 34941 0 0 3 0x40014200 bored softclock 61372 75622 0 0 3 0x40014200 idle0 1 241732 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 56114 (syslogd) thread 0xffff800020be52d0 (519328) exclusive rrwlock inode r = 0 (0xfffffd806eb993c8) locked @ /syzkaller/managers/setuid/kernel/sys/ufs/ufs/ufs_vnops.c:1547 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9450 6318K 6318K 78643K 10537 0 0 pcb 23 9K 9K 78643K 55 0 0 rtable 79 2K 2K 78643K 141 0 0 ifaddr 28 8K 8K 78643K 28 0 0 counters 39 33K 33K 78643K 39 0 0 ioctlops 0 0K 2K 78643K 14 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1166 73K 73K 78643K 1174 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 1K 78643K 2 0 0 VM map 2 1K 1K 78643K 2 0 0 sem 2 0K 0K 78643K 2 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1792 194K 288K 78643K 12592 0 0 file desc 2 4K 12K 78643K 10 0 0 proc 40 38K 58K 78643K 221 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 in_multi 22 1K 1K 78643K 22 0 0 ether_multi 1 0K 0K 78643K 1 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 36 159K 159K 78643K 36 0 0 exec 0 0K 1K 78643K 160 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 67 11K 11K 78643K 765 0 0 UVM aobj 2 2K 2K 78643K 2 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 NDP 6 0K 0K 78643K 6 0 0 temp 39 2345K 2409K 78643K 2648 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb{1}>