panic: Thread 0xffff800020b93530 cannot exit while holding sleeplocks Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 323361 11285 73 0x100010 0 0 syslogd *182340 17307 0 0x14000 0x200 1 reaper db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:399 panic() at panic+0x16c sys/kern/subr_prf.c:208 witness_thread_exit(4a716acb9293dd92) at witness_thread_exit+0x244 sys/kern/subr_witness.c:1377 reaper(0) at reaper+0x14f sys/kern/kern_exit.c:412 end trace frame: 0x0, count: 11 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> show panic Thread 0xffff800020b93530 cannot exit while holding sleeplocks ddb{1}> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:399 panic() at panic+0x16c sys/kern/subr_prf.c:208 witness_thread_exit(4a716acb9293dd92) at witness_thread_exit+0x244 sys/kern/subr_witness.c:1377 reaper(0) at reaper+0x14f sys/kern/kern_exit.c:412 end trace frame: 0x0, count: -4 ddb{1}> show registers rdi 0 rsi 0x1 rbp 0xffff800020b67920 rbx 0xffff800020b679c0 rdx 0xffffffff81ec49f8 cmd0646_9_tim_udma+0x15dbb rcx 0 rax 0 r8 0xffffffff813ff014 kprintf+0x174 r9 0x1 r10 0xcc6855dc1a7b6d3c r11 0x71ae89a496097c78 r12 0x3000000008 r13 0xffff800020b67930 r14 0x100 r15 0x1 rip 0xffffffff817251a8 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800020b67910 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{1}> show proc PROC (reaper) pid=182340 stat=onproc flags process=14000 proc=200 pri=4, usrpri=53, nice=20 forw=0xffffffffffffffff, list=0xffff800020b212c0,0xffff800020b21780 process=0xffff800020b5b3b8 user=0xffff800020b62000, vmspace=0xffffffff82302a88 estcpu=3, cpticks=3, pctcpu=0.35 user=0, sys=3, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 85256 273088 31554 32767 3 0x90 nanosleep syz-executor0 89013 190162 81463 32767 3 0x90 piperd syz-executor1 31554 345499 5734 0 3 0x82 wait syz-executor0 81463 146550 5734 0 3 0x82 wait syz-executor1 80727 382532 0 0 3 0x14200 bored sosplice 5734 515727 8550 0 3 0x82 thrsleep syz-fuzzer 5734 294827 8550 0 3 0x4000082 thrsleep syz-fuzzer 5734 185595 8550 0 3 0x4000082 thrsleep syz-fuzzer 5734 129714 8550 0 3 0x4000082 thrsleep syz-fuzzer 5734 522817 8550 0 3 0x4000082 thrsleep syz-fuzzer 5734 597 8550 0 3 0x4000082 thrsleep syz-fuzzer 5734 430592 8550 0 3 0x4000082 thrsleep syz-fuzzer 5734 449956 8550 0 3 0x4000082 kqread syz-fuzzer 5734 23446 8550 0 3 0x4000082 thrsleep syz-fuzzer 5734 2559 8550 0 3 0x4000082 thrsleep syz-fuzzer 8550 187544 25967 0 3 0x10008a pause ksh 25967 318224 14686 0 3 0x92 select sshd 38328 283710 1 0 3 0x100083 ttyin getty 14686 199476 1 0 3 0x80 select sshd 11285 323361 68165 73 7 0x100010 syslogd 68165 294436 1 0 3 0x100082 netio syslogd 83780 100911 1 77 3 0x100090 poll dhclient 18523 403039 1 0 3 0x80 poll dhclient 42739 85173 0 0 3 0x14200 pgzero zerothread 11837 338881 0 0 3 0x14200 aiodoned aiodoned 63187 84401 0 0 3 0x14200 syncer update 96510 50388 0 0 3 0x14200 cleaner cleaner *17307 182340 0 0 7 0x14200 reaper 68520 704 0 0 3 0x14200 pgdaemon pagedaemon 61447 445210 0 0 3 0x14200 bored crynlk 81304 40881 0 0 3 0x14200 bored crypto 3615 368063 0 0 3 0x40014200 acpi0 acpi0 69739 311237 0 0 3 0x40014200 idle1 53244 489359 0 0 3 0x14200 bored softnet 58400 394164 0 0 3 0x14200 bored systqmp 16005 474957 0 0 3 0x14200 bored systq 3506 513170 0 0 3 0x40014200 bored softclock 22661 178506 0 0 3 0x40014200 idle0 1 264645 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 11285 (syslogd) thread 0xffff800020be59d8 (323361) exclusive rrwlock inode r = 0 (0xfffffd806eb902b8) locked @ /syzkaller/managers/setuid/kernel/sys/ufs/ufs/ufs_vnops.c:1547 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9460 6321K 6321K 78643K 10837 0 0 pcb 23 9K 11K 78643K 1488 0 0 rtable 97 3K 3K 78643K 2023 0 0 ifaddr 36 11K 11K 78643K 393 0 0 counters 39 33K 33K 78643K 39 0 0 ioctlops 0 0K 2K 78643K 73 0 0 iov 0 0K 24K 78643K 178 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1201 75K 75K 78643K 3023 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 5K 78643K 38 0 0 VM map 2 1K 1K 78643K 2 0 0 sem 12 0K 0K 78643K 235 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1792 194K 288K 78643K 12592 0 0 file desc 7 21K 33K 78643K 2602 0 0 sigio 0 0K 0K 78643K 50 0 0 proc 41 38K 70K 78643K 1882 0 0 subproc 68 69634K 69634K 78643K 2040 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 337 0 0 in_multi 33 2K 2K 78643K 738 0 0 ether_multi 1 0K 0K 78643K 12 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 60 265K 265K 78643K 60 0 0 exec 0 0K 1K 78643K 595 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 89 21K 30K 78643K 8666 0 0 UVM aobj 130 4K 4K 78643K 142 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 0K 78643K 58 0 0 NDP 5 0K 0K 78643K 183 0 0 temp 120 2358K 2430K 78643K 12274 0 0 kqueue 0 0K 0K 78643K 38 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 62 0 58 1 0 1 1 0 8 0 inpcbpl 280 1094 0 1087 1 0 1 1 0 8 0 plimitpl 152 159 0 150 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtentry 112 563 0 523 2 0 2 2 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpcb 544 367 0 363 1 0 1 1 0 8 0 nd6 48 120 0 116 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 2629 0 2440 12 0 12 12 0 8 0 art_table 32 2630 0 2440 2 0 2 2 0 8 0 art_node 16 562 0 528 1 0 1 1 0 8 0 sysvmsgpl 40 16 0 6 1 0 1 1 0 8 0 semapl 112 233 0 223 1 0 1 1 0 8 0 shmpl 112 140 0 12 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 4833 0 3378 47 0 47 47 0 8 0 ffsino 272 4833 0 3378 98 0 98 98 0 8 0 nchpl 144 8560 0 6988 59 0 59 59 0 8 0 uvmvnodes 72 5862 0 0 107 0 107 107 0 8 0 vnodes 200 5862 0 0 309 0 309 309 0 8 0 namei 1024 29166 0 29166 1 0 1 1 0 8 1 percpumem 16 30 0 0 1 0 1 1 0 8 0 scxspl 192 21865 0 21865 24 21 3 6 0 8 3 sigapl 432 2595 0 2580 5 2 3 3 0 8 1 futexpl 56 25094 0 25094 1 0 1 1 0 8 1 knotepl 112 1738 0 1711 5 3 2 2 0 8 0 kqueuepl 104 794 0 792 1 0 1 1 0 8 0 pipepl 112 2388 0 2369 7 5 2 2 0 8 1 fdescpl 488 2596 0 2580 3 0 3 3 0 8 0 filepl 152 17383 0 17285 12 7 5 7 0 8 0 lockfpl 96 518 0 518 6 5 1 1 0 8 1 lockfspl 24 1261 0 1261 6 5 1 1 0 8 1 sessionpl 112 75 0 65 1 0 1 1 0 8 0 pgrppl 48 127 0 117 1 0 1 1 0 8 0 ucredpl 96 6244 0 6235 1 0 1 1 0 8 0 zombiepl 144 2581 0 2580 2 1 1 1 0 8 0 processpl 840 2611 0 2580 4 0 4 4 0 8 0 procpl 600 6987 0 6945 4 0 4 4 0 8 0 srpgc 64 336 0 336 9 8 1 1 0 8 1 sosppl 128 69 0 69 11 10 1 1 0 8 1 sockpl 384 2651 0 2634 7 4 3 4 0 8 1 mcl64k 65536 5 0 0 1 0 1 1 0 8 0 mcl16k 16384 3 0 0 1 0 1 1 0 8 0 mcl12k 12288 16 0 0 2 0 2 2 0 8 0 mcl9k 9216 14 0 0 1 0 1 1 0 8 0 mcl8k 8192 11 0 0 2 0 2 2 0 8 0 mcl4k 4096 18 0 0 3 0 3 3 0 8 1 mcl2k2 2112 8 0 0 1 0 1 1 0 8 0 mcl2k 2048 109 0 0 13 0 13 13 0 8 0 mtagpl 80 1 0 0 1 0 1 1 0 8 0 mbufpl 256 236 0 0 10 1 9 10 0 8 0 bufpl 256 8957 0 1988 436 0 436 436 0 8 0 anonpl 16 281397 0 275737 113 73 40 40 0 125 10 amapchunkpl 152 17800 0 17705 34 29 5 9 0 158 0 amappl16 192 13523 0 13249 111 85 26 27 0 8 9 amappl15 184 351 0 349 1 0 1 1 0 8 0 amappl14 176 301 0 298 2 1 1 1 0 8 0 amappl13 168 427 0 421 1 0 1 1 0 8 0 amappl12 160 390 0 389 1 0 1 1 0 8 0 amappl11 152 681 0 672 1 0 1 1 0 8 0 amappl10 144 283 0 279 1 0 1 1 0 8 0 amappl9 136 592 0 590 1 0 1 1 0 8 0 amappl8 128 939 0 907 2 0 2 2 0 8 0 amappl7 120 439 0 429 1 0 1 1 0 8 0 amappl6 112 382 0 372 1 0 1 1 0 8 0 amappl5 104 554 0 543 1 0 1 1 0 8 0 amappl4 96 564 0 537 2 1 1 2 0 8 0 amappl3 88 398 0 392 1 0 1 1 0 8 0 amappl2 80 21870 0 21819 2 0 2 2 0 8 0 amappl1 72 71871 0 71419 24 14 10 19 0 8 0 amappl 72 7665 0 7626 1 0 1 1 0 75 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 141 0 12 3 0 3 3 0 8 0 uaddrrnd 24 2596 0 2580 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2596 0 2580 1 0 1 1 0 8 0 vmmpekpl 168 25333 0 25310 2 0 2 2 0 8 0 vmmpepl 168 298158 0 296816 152 79 73 79 0 357 10 vmsppl 360 2595 0 2580 2 0 2 2 0 8 0 pdppl 4096 5199 0 5160 6 0 6 6 0 8 1 pvpl 32 790227 0 781391 227 117 110 112 0 265 30 pmappl 224 2595 0 2580 12 10 2 2 0 8 1 extentpl 40 39 0 25 1 0 1 1 0 8 0 phpool 112 590 0 3 17 0 17 17 0 8 0