syzbot


panic: vcpulock: lock not held

Status: fixed on 2021/09/06 04:40
Reported-by: syzbot+36244e105daffa1a81b6@syzkaller.appspotmail.com
Fix commit: 5f3d69798ad5 vmm(4): fix vcpu locking issues reported by syzbot
First crash: 1177d, last: 1177d

Sample crash report:
panic: vcpulock: lock not held
Starting stack trace...
panic(ffffffff82401061) at panic+0x155 sys/kern/subr_prf.c:233
rw_assert_wrlock(ffff8000226f9320) at rw_assert_wrlock+0xb7 sys/kern/kern_rwlock.c:384
vcpu_writeregs_vmx(ffff8000226f8f80,5,1,ffff800000b91410) at vcpu_writeregs_vmx+0x4e vcpu_reload_vmcs_vmx sys/arch/amd64/amd64/vmm.c:1771 [inline]
vcpu_writeregs_vmx(ffff8000226f8f80,5,1,ffff800000b91410) at vcpu_writeregs_vmx+0x4e sys/arch/amd64/amd64/vmm.c:2096
VOP_IOCTL(fffffd806e406ad0,82485608,ffff800000b91400,1,fffffd807f7d8a20,ffff800021662540) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:295
vn_ioctl(fffffd806c66cc40,82485608,ffff800000b91400,ffff800021662540) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531
sys_ioctl(ffff800021662540,ffff800022725898,ffff8000227258f0) at sys_ioctl+0x49e
syscall(ffff800022725960) at syscall+0x571 sys/arch/amd64/amd64/trap.c:587
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xe30d0e119f0, count: 249
End of stack trace.
syncing disks...panic: ffs_update: bad link cnt
Starting stack trace...
panic(ffffffff824b76bf) at panic+0x155 sys/kern/subr_prf.c:233
ffs_update(fffffd807bbfd2d0,0) at ffs_update+0x313 sys/ufs/ffs/ffs_inode.c:101
VOP_FSYNC(fffffd806a28b778,fffffd807f7d8a20,2,ffff800021662540) at VOP_FSYNC+0xcc sys/kern/vfs_vops.c:360
ffs_sync_vnode(fffffd806a28b778,ffff800022725260) at ffs_sync_vnode+0x187 sys/ufs/ffs/ffs_vfsops.c:1194
vfs_mount_foreach_vnode(ffff8000006ce000,ffffffff82107d90,ffff800022725260) at vfs_mount_foreach_vnode+0x55 sys/kern/vfs_subr.c:890
ffs_sync(ffff8000006ce000,2,0,fffffd807f7d8a20,ffff800021662540) at ffs_sync+0x10c sys/ufs/ffs/ffs_vfsops.c:1245
sys_sync(ffff800021662540,0,0) at sys_sync+0xbc sys/kern/vfs_syscalls.c:539
vfs_syncwait(ffff800021662540,1) at vfs_syncwait+0x36
vfs_shutdown(ffff800021662540) at vfs_shutdown+0x5d sys/kern/vfs_subr.c:1765
boot(100) at boot+0xbb sys/arch/amd64/amd64/machdep.c:834
reboot(100) at reboot+0x77
panic(ffffffff82401061) at panic+0x175 sys/kern/subr_prf.c:235
rw_assert_wrlock(ffff8000226f9320) at rw_assert_wrlock+0xb7 sys/kern/kern_rwlock.c:384
vcpu_writeregs_vmx(ffff8000226f8f80,5,1,ffff800000b91410) at vcpu_writeregs_vmx+0x4e vcpu_reload_vmcs_vmx sys/arch/amd64/amd64/vmm.c:1771 [inline]
vcpu_writeregs_vmx(ffff8000226f8f80,5,1,ffff800000b91410) at vcpu_writeregs_vmx+0x4e sys/arch/amd64/amd64/vmm.c:2096
VOP_IOCTL(fffffd806e406ad0,82485608,ffff800000b91400,1,fffffd807f7d8a20,ffff800021662540) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:295
vn_ioctl(fffffd806c66cc40,82485608,ffff800000b91400,ffff800021662540) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531
sys_ioctl(ffff800021662540,ffff800022725898,ffff8000227258f0) at sys_ioctl+0x49e
syscall(ffff800022725960) at syscall+0x571 sys/arch/amd64/amd64/trap.c:587
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xe30d0e119f0, count: 238
End of stack trace.

dump to dev 4,1 not possible
rebooting...
SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000080000000 = 2048 MiB
CPUs found: 2     Max CPUs supported: 2
SeaBIOS (version 1.8.2-google)
Machine UUID 7bbb59a4-3b4e-2ed3-58f8-154d5cc405f8
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f2430: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Sending Seabios boot VM event.
Booting from Hard Disk 0...
>> OpenBSD/amd64 BOOT 3.53
boot> set $lines = 0
set: syntax error
boot> set $maxwidth = 0
set: syntax error
boot> show panic
boot: illegal argument panic
boot> trace
boot> show registers
boot> show proc
boot> ps
boot> show all locks
boot> show malloc
boot> show all pools
boot> machine ddbcpu 0
machine: syntax error
boot> trace
boot> machine ddbcpu 1
machine: syntax error
boot> trace

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/09/01 03:37 openbsd 444296aeff58 7eb7e152 .config console log report ci-openbsd-main panic: vcpulock: lock not held
* Struck through repros no longer work on HEAD.