witness: userret: returning with the following locks held: exclusive rwlock solock r = 0 (0xfffffd8078858a20) #0 witness_lock+0x44d #1 unp_solock_peer+0x64 sys/kern/uipc_usrreq.c:168 #2 uipc_usrreq+0x7c6 sys/kern/uipc_usrreq.c:350 #3 sosend+0x61b sys/kern/uipc_socket.c:657 #4 sendit+0x65d sys/kern/uipc_syscalls.c:682 #5 sys_sendmsg+0x198 sys/kern/uipc_syscalls.c:589 #6 syscall+0x4c3 mi_syscall sys/sys/syscall_mi.h:101 [inline] #6 syscall+0x4c3 sys/arch/amd64/amd64/trap.c:585 #7 Xsyscall+0x128 panic: witness_warn Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *153414 97916 32767 0x10 0x4000000 0 syz-executor.1 369829 5539 0 0x14000 0x200 1 reaper db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82595df3) at panic+0x177 sys/kern/subr_prf.c:202 witness_warn(2,0,ffffffff8262507e) at witness_warn+0x65e witness_debugger sys/kern/subr_witness.c:2505 [inline] witness_warn(2,0,ffffffff8262507e) at witness_warn+0x65e sys/kern/subr_witness.c:1473 userret(ffff8000fffec548) at userret+0x265 sys/kern/kern_sig.c:2012 syscall(ffff8000295f23e0) at syscall+0x57e mi_syscall_return sys/sys/syscall_mi.h:128 [inline] syscall(ffff8000295f23e0) at syscall+0x57e sys/arch/amd64/amd64/trap.c:607 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x443e7693080, count: 9 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: witness_warn ddb{0}> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82595df3) at panic+0x177 sys/kern/subr_prf.c:202 witness_warn(2,0,ffffffff8262507e) at witness_warn+0x65e witness_debugger sys/kern/subr_witness.c:2505 [inline] witness_warn(2,0,ffffffff8262507e) at witness_warn+0x65e sys/kern/subr_witness.c:1473 userret(ffff8000fffec548) at userret+0x265 sys/kern/kern_sig.c:2012 syscall(ffff8000295f23e0) at syscall+0x57e mi_syscall_return sys/sys/syscall_mi.h:128 [inline] syscall(ffff8000295f23e0) at syscall+0x57e sys/arch/amd64/amd64/trap.c:607 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x443e7693080, count: -6 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff8000295f2110 rbx 0xffffffff82926bb7 cpu_info_full_primary+0x2bb7 rdx 0xffff800000bc7cc0 rcx 0 rax 0xffff8000fffec548 r8 0x101010101010101 r9 0x8080808080808080 r10 0xb0bb4b9bfe530b8a r11 0xa31e1f3bcd25e267 r12 0xffffffff829269b8 cpu_info_full_primary+0x29b8 r13 0 r14 0 r15 0x1 rip 0xffffffff81844108 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff8000295f2100 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{0}> show proc PROC (syz-executor.1) pid=153414 stat=onproc flags process=10 proc=4000000 pri=32, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff8000fffed7a8,0xffff8000fffecd38 process=0xffff8000fffe8440 user=0xffff8000295ed000, vmspace=0xfffffd8079d33458 estcpu=36, cpticks=5, pctcpu=0.0 user=0, sys=5, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 97916 294147 5125 32767 2 0x10 syz-executor.1 *97916 153414 5125 32767 7 0x4000010 syz-executor.1 22908 140629 7327 32767 2 0x10 syz-executor.4 22908 207578 7327 32767 3 0x4000090 fsleep syz-executor.4 29436 112895 51809 32767 2 0x10 syz-executor.3 29436 2464 51809 32767 3 0x4000090 fsleep syz-executor.3 76342 372 76790 32767 2 0x10 syz-executor.7 76342 312326 76790 32767 2 0x4000090 syz-executor.7 41260 379139 12882 32767 2 0x10 syz-executor.6 41260 494543 12882 32767 3 0x4000090 kqread syz-executor.6 56778 422691 25299 32767 2 0x10 syz-executor.2 76790 294633 93686 32767 2 0x490 syz-executor.7 93686 362789 21870 0 3 0x82 wait syz-executor.7 83231 457005 0 0 3 0x14200 bored sosplice 35424 49375 60651 32767 2 0x10 syz-executor.5 12882 120752 12058 32767 2 0x490 syz-executor.6 12058 379881 21870 0 3 0x82 wait syz-executor.6 7327 157218 47178 32767 2 0x490 syz-executor.4 60651 356394 21870 0 3 0x82 wait syz-executor.5 51809 177409 28474 32767 3 0x90 nanoslp syz-executor.3 25299 311780 31440 32767 2 0x490 syz-executor.2 47178 58650 21870 0 3 0x82 wait syz-executor.4 28474 125404 21870 0 3 0x82 wait syz-executor.3 9923 454516 81515 32767 2 0x490 syz-executor.0 31440 353281 21870 0 3 0x82 wait syz-executor.2 5125 166996 94706 32767 3 0x90 nanoslp syz-executor.1 94706 521205 21870 0 3 0x82 wait syz-executor.1 81515 14409 21870 0 3 0x82 wait syz-executor.0 21870 99270 14860 0 3 0x82 thrsleep syz-fuzzer 21870 233825 14860 0 2 0x4000482 syz-fuzzer 21870 192243 14860 0 3 0x4000082 thrsleep syz-fuzzer 21870 211275 14860 0 3 0x4000082 thrsleep syz-fuzzer 21870 194808 14860 0 2 0x4000082 syz-fuzzer 21870 93466 14860 0 3 0x4000082 thrsleep syz-fuzzer 21870 429333 14860 0 3 0x4000082 thrsleep syz-fuzzer 21870 181078 14860 0 3 0x4000082 thrsleep syz-fuzzer 21870 390823 14860 0 3 0x4000082 thrsleep syz-fuzzer 14860 502040 50813 0 3 0x10008a sigsusp ksh 50813 3916 8008 0 3 0x9a kqread sshd 16002 172446 1 0 3 0x100083 ttyin getty 8008 366737 1 0 3 0x88 kqread sshd 32374 237696 98777 73 2 0x1100010 syslogd 98777 373742 1 0 3 0x100082 netio syslogd 36030 130489 1 0 3 0x100080 kqread resolvd 80250 232853 60727 77 3 0x100092 kqread dhcpleased 91641 13799 60727 77 3 0x100092 kqread dhcpleased 60727 16948 1 0 3 0x80 kqread dhcpleased 37888 397394 0 0 3 0x14200 bored smr 13137 390754 0 0 2 0x14200 zerothread 46914 301090 0 0 3 0x14200 aiodoned aiodoned 63318 182161 0 0 3 0x14200 syncer update 96946 79902 0 0 3 0x14200 cleaner cleaner 5539 369829 0 0 7 0x14200 reaper 75015 472735 0 0 3 0x14200 pgdaemon pagedaemon 87709 483133 0 0 3 0x14200 bored viomb 95080 269424 0 0 3 0x40014200 acpi0 acpi0 34790 235111 0 0 3 0x40014200 idle1 45578 152251 0 0 3 0x14200 bored softnet 35936 413472 0 0 3 0x14200 bored softnet 55121 195215 0 0 3 0x14200 bored softnet 30181 133672 0 0 3 0x14200 bored softnet 66120 145583 0 0 2 0x14200 systqmp 85056 375961 0 0 3 0x14200 bored systq 57427 367216 0 0 2 0x40014200 softclock 54327 390943 0 0 3 0x40014200 idle0 1 116191 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks CPU 1: exclusive mutex &uvm.fpageqlock r = 0 (0xffffffff82a0a6c8) #0 witness_lock+0x44d #1 mtx_enter_try+0x100 #2 mtx_enter+0x4b sys/kern/kern_lock.c:266 #3 uvm_pmr_freepageq+0xcc sys/uvm/uvm_pmemrange.c:1333 #4 amap_wipeout+0x1ff sys/uvm/uvm_amap.c:523 #5 uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1599 #6 uvm_map_teardown+0x262 sys/uvm/uvm_map.c:2789 #7 uvmspace_free+0xa6 sys/uvm/uvm_map.c:3684 #8 reaper+0x19a sys/kern/kern_exit.c:454 #9 proc_trampoline+0x1c Process 97916 (syz-executor.1) thread 0xffff8000fffec548 (153414) exclusive rwlock solock r = 0 (0xfffffd8078858a20) #0 witness_lock+0x44d #1 unp_solock_peer+0x64 sys/kern/uipc_usrreq.c:168 #2 uipc_usrreq+0x7c6 sys/kern/uipc_usrreq.c:350 #3 sosend+0x61b sys/kern/uipc_socket.c:657 #4 sendit+0x65d sys/kern/uipc_syscalls.c:682 #5 sys_sendmsg+0x198 sys/kern/uipc_syscalls.c:589 #6 syscall+0x4c3 mi_syscall sys/sys/syscall_mi.h:101 [inline] #6 syscall+0x4c3 sys/arch/amd64/amd64/trap.c:585 #7 Xsyscall+0x128 Process 35424 (syz-executor.5) thread 0xffff8000fffe6010 (49375) exclusive rrwlock inode r = 0 (0xfffffd807946fe78) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:465 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:518 #4 ufs_ihashins+0x42 sys/ufs/ufs/ufs_ihash.c:140 #5 ffs_vget+0x141 sys/ufs/ffs/ffs_vfsops.c:1347 #6 ffs_inode_alloc+0x1be sys/ufs/ffs/ffs_alloc.c:394 #7 ufs_mkdir+0xf4 sys/ufs/ufs/ufs_vnops.c:1150 #8 VOP_MKDIR+0xbf sys/kern/vfs_vops.c:388 #9 domkdirat+0x121 sys/kern/vfs_syscalls.c:3116 #10 syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline] #10 syscall+0x435 sys/arch/amd64/amd64/trap.c:585 #11 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd80654661b0) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:465 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:518 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:567 #5 vfs_lookup+0xd1 sys/kern/vfs_lookup.c:413 #6 namei+0x36a sys/kern/vfs_lookup.c:245 #7 domkdirat+0x75 sys/kern/vfs_syscalls.c:3101 #8 syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline] #8 syscall+0x435 sys/arch/amd64/amd64/trap.c:585 #9 Xsyscall+0x128 Process 32374 (syslogd) thread 0xffff800021233a48 (237696) exclusive rrwlock inode r = 0 (0xfffffd806e6e7e70) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:465 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:518 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:567 #5 sys_fsync+0xf5 sys/kern/vfs_syscalls.c:2939 #6 syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline] #6 syscall+0x435 sys/arch/amd64/amd64/trap.c:585 #7 Xsyscall+0x128 Process 5539 (reaper) thread 0xffff800021233268 (369829)