witness: thread 0xffff800020b74bc0 exiting with the following locks held: exclusive rrwlock inode r = 0 (0xfffffd806e4791b8) locked @ /syzkaller/managers/setuid/kernel/sys/ufs/ufs/ufs_vnops.c:1547 panic: thread 0xffff800020b74bc0 cannot exit while holding sleeplocks Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 132368 79072 73 0x100010 0 0 syslogd *224087 62516 0 0x14000 0x200 1 reaper db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:399 panic() at panic+0x16c sys/kern/subr_prf.c:208 witness_thread_exit(3972cdadee3a451d) at witness_thread_exit+0x244 sys/kern/subr_witness.c:1377 reaper(0) at reaper+0x14f sys/kern/kern_exit.c:412 end trace frame: 0x0, count: 11 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> show panic thread 0xffff800020b74bc0 cannot exit while holding sleeplocks ddb{1}> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:399 panic() at panic+0x16c sys/kern/subr_prf.c:208 witness_thread_exit(3972cdadee3a451d) at witness_thread_exit+0x244 sys/kern/subr_witness.c:1377 reaper(0) at reaper+0x14f sys/kern/kern_exit.c:412 end trace frame: 0x0, count: -4 ddb{1}> show registers rdi 0 rsi 0x1 rbp 0xffff800020b67530 rbx 0xffff800020b675d0 rdx 0xffffffff81ec4a97 cmd0646_9_tim_udma+0x1642a rcx 0x201 rax 0x1 r8 0xffffffff815ebf54 kprintf+0x174 r9 0x1 r10 0xbb9eb24afe478b2b r11 0x681ea1739d26da54 r12 0x3000000008 r13 0xffff800020b67540 r14 0x100 r15 0x1 rip 0xffffffff81388a48 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800020b67520 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{1}> show proc PROC (reaper) pid=224087 stat=onproc flags process=14000 proc=200 pri=4, usrpri=51, nice=20 forw=0xffffffffffffffff, list=0xffff800020b21770,0xffff800020b21c30 process=0xffff800020b5a350 user=0xffff800020b62000, vmspace=0xffffffff822f2bf0 estcpu=1, cpticks=3, pctcpu=0.4 user=0, sys=3, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 92188 278521 75580 0 3 0x82 nanosleep syz-executor0 75580 440564 22959 0 3 0x82 thrsleep syz-execprog 75580 523908 22959 0 3 0x4000082 thrsleep syz-execprog 75580 296295 22959 0 3 0x4000082 thrsleep syz-execprog 75580 379177 22959 0 3 0x4000082 thrsleep syz-execprog 75580 211191 22959 0 3 0x4000082 thrsleep syz-execprog 75580 111579 22959 0 3 0x4000082 kqread syz-execprog 75580 172658 22959 0 3 0x4000082 thrsleep syz-execprog 75580 336842 22959 0 3 0x4000082 thrsleep syz-execprog 75580 472410 22959 0 3 0x4000082 thrsleep syz-execprog 22959 469964 85459 0 3 0x10008a pause ksh 85459 244492 63182 0 3 0x92 select sshd 57409 434154 1 0 3 0x100083 ttyin getty 63182 263740 1 0 3 0x80 select sshd 79072 132368 55396 73 7 0x100010 syslogd 55396 113233 1 0 3 0x100082 netio syslogd 9803 402944 1 77 3 0x100090 poll dhclient 29881 354760 1 0 3 0x80 poll dhclient 74375 101548 0 0 3 0x14200 pgzero zerothread 83550 311478 0 0 3 0x14200 aiodoned aiodoned 42288 165737 0 0 3 0x14200 syncer update 65297 210007 0 0 3 0x14200 cleaner cleaner *62516 224087 0 0 7 0x14200 reaper 94117 55774 0 0 3 0x14200 pgdaemon pagedaemon 87073 234280 0 0 3 0x14200 bored crynlk 72601 90384 0 0 3 0x14200 bored crypto 77018 308922 0 0 3 0x40014200 acpi0 acpi0 16745 248294 0 0 3 0x40014200 idle1 15172 121056 0 0 3 0x14200 bored softnet 76734 184436 0 0 3 0x14200 bored systqmp 64223 100417 0 0 3 0x14200 bored systq 63437 387799 0 0 3 0x40014200 bored softclock 95971 301705 0 0 3 0x40014200 idle0 1 130682 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 79072 (syslogd) thread 0xffff800020be5c30 (132368) exclusive rrwlock inode r = 0 (0xfffffd806eba4098) locked @ /syzkaller/managers/setuid/kernel/sys/ufs/ufs/ufs_vnops.c:1547 ddb{1}>