kern.securelevel: 0 -> 1 creating runtime link editor directory cache. preserving editor files. starting network daemons: sshd. starting local daemons:. Tue Jan 29 00:00:44 PST 2019 OpenBSD/amd64 (ci-openbsd-setuid-6.c.syzkaller.internal) (tty00) Warning: Permanently added '10.128.10.5' (ECDSA) to the list of known hosts. 2019/01/29 00:01:10 parsed 1 programs 2019/01/29 00:01:15 executed programs: 0 login: witness: thread 0xffff800020b93788 exiting with the following locks held: exclusive rrwlock inode r = 0 (0xfffffd806d2d91b8) locked @ /syzkaller/managers/setuid/kernel/sys/ufs/ufs/ufs_vnops.c:1547 panic: thread 0xffff800020b93788 cannot exit while holding sleeplocks Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 150458 65615 0 0x2 0x480 1 syz-executor0 *213613 48826 0 0x14000 0x200 0 reaper db_enter() at db_enter+0x18 panic() at panic+0x16c witness_thread_exit(dee946ff388364b2) at witness_thread_exit+0x244 reaper(0) at reaper+0x14f end trace frame: 0x0, count: 11 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> show panic thread 0xffff800020b93788 cannot exit while holding sleeplocks ddb{0}> trace db_enter() at db_enter+0x18 panic() at panic+0x16c witness_thread_exit(dee946ff388364b2) at witness_thread_exit+0x244 reaper(0) at reaper+0x14f end trace frame: 0x0, count: -4 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff800020b67bc0 rbx 0xffff800020b67c60 rdx 0xffffffff81ec9049 cmd0646_9_tim_udma+0x1780c rcx 0x201 rax 0x1 r8 0xffffffff816aa1c4 kprintf+0x174 r9 0x1 r10 0x944db55800ef347c r11 0xc6786de9bb00512e r12 0x3000000008 r13 0xffff800020b67bd0 r14 0x100 r15 0x1 rip 0xffffffff8156b348 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800020b67bb0 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{0}> show proc PROC (reaper) pid=213613 stat=onproc flags process=14000 proc=200 pri=4, usrpri=51, nice=20 forw=0xffffffffffffffff, list=0xffff800020b21068,0xffff800020b21c30 process=0xffff800020b5a9e0 user=0xffff800020b62000, vmspace=0xffffffff822fcba8 estcpu=1, cpticks=3, pctcpu=0.9 user=0, sys=3, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 86850 462840 24947 0 2 0x482 syz-executor1 65615 150458 24947 0 7 0x482 syz-executor0 24947 67936 14560 0 3 0x82 kqread syz-execprog 24947 107625 14560 0 3 0x4000082 thrsleep syz-execprog 24947 397134 14560 0 3 0x4000082 thrsleep syz-execprog 24947 294427 14560 0 3 0x4000082 thrsleep syz-execprog 24947 367223 14560 0 3 0x4000082 thrsleep syz-execprog 24947 522706 14560 0 3 0x4000082 thrsleep syz-execprog 24947 381413 14560 0 3 0x4000082 thrsleep syz-execprog 24947 270613 14560 0 3 0x4000082 thrsleep syz-execprog 24947 250559 14560 0 3 0x4000082 thrsleep syz-execprog 14560 273207 49612 0 3 0x10008a pause ksh 49612 109538 15408 0 3 0x92 select sshd 405 143982 1 0 3 0x100083 ttyin getty 15408 367760 1 0 3 0x80 select sshd 59821 48975 52463 73 2 0x100010 syslogd 52463 505617 1 0 3 0x100082 netio syslogd 49936 210409 1 77 3 0x100090 poll dhclient 70527 234469 1 0 3 0x80 poll dhclient 90249 325770 0 0 3 0x14200 pgzero zerothread 25357 176325 0 0 3 0x14200 aiodoned aiodoned 1525 210167 0 0 3 0x14200 syncer update 92398 371376 0 0 3 0x14200 cleaner cleaner *48826 213613 0 0 7 0x14200 reaper 28499 370915 0 0 3 0x14200 pgdaemon pagedaemon 58399 185562 0 0 3 0x14200 bored crynlk 42713 188281 0 0 3 0x14200 bored crypto 16576 459975 0 0 3 0x40014200 acpi0 acpi0 42080 19836 0 0 3 0x40014200 idle1 19364 207619 0 0 3 0x14200 bored softnet 8925 75904 0 0 3 0x14200 bored systqmp 68945 233424 0 0 3 0x14200 bored systq 92704 384255 0 0 3 0x40014200 bored softclock 28207 182884 0 0 3 0x40014200 idle0 1 324624 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 59821 (syslogd) thread 0xffff800020be5c30 (48975) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff823260a0) locked @ /syzkaller/managers/setuid/kernel/sys/kern/sched_bsd.c:436 exclusive rrwlock inode r = 0 (0xfffffd806eb8c098) locked @ /syzkaller/managers/setuid/kernel/sys/ufs/ufs/ufs_vnops.c:1547 ddb{0}>