uvm_fault: bpfioctl (5)

uvm_fault: bpfioctl (5)

Status: upstream: reported on 2025/08/16 23:42
Reported-by: syzbot+50cc266bd89274e1283c@syzkaller.appspotmail.com
First crash: 117d, last: 45d

▶ ▼ Similar bugs (4)

Kernel	Title	Rank 🛈	Repro	Count	Last	Reported	Patched	Status
openbsd	uvm_fault: bpfioctl	-1	C	14	2250d	2334d	3/3	fixed on 2019/10/22 13:03
openbsd	uvm_fault: bpfioctl (4)	-1		1	627d	627d	0/3	auto-obsoleted due to no activity on 2024/06/22 18:07
openbsd	uvm_fault: bpfioctl (2)	-1		2	1170d	1172d	0/3	auto-obsoleted due to no activity on 2022/12/27 04:23
openbsd	uvm_fault: bpfioctl (3)	-1		1	888d	888d	0/3	auto-obsoleted due to no activity on 2023/10/05 10:17

Sample crash report:

uvm_fault(0xfffffd806c2458b0, 0x30, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at      bpfioctl+0x1164:        movq    0x30(%rax),%rdi
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
*410416  37007      0      0x2000  0x4080000    0  syz-executor
bpfioctl(51700,20004269,ffff80003691d2f0,41,ffff80003c95e7f0) at bpfioctl+0x1164 sys/net/bpf.c:892
VOP_IOCTL(fffffd8065c94a48,20004269,ffff80003691d2f0,41,fffffd8007bfb820,ffff80003c95e7f0) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264
vn_ioctl(fffffd806ab48100,20004269,ffff80003691d2f0,ffff80003c95e7f0) at vn_ioctl+0xea sys/kern/vfs_vnops.c:531
sys_ioctl(ffff80003c95e7f0,ffff80003691d4c0,ffff80003691d410) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1
syscall(ffff80003691d4c0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003691d4c0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xd8962b5c180, count: 9
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.

Crashes (2):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2025/10/27 21:38	openbsd	31b2223d374b	fd2207e7	.config	console log	report				[disk image] [bsd.gdb] [kernel image]	ci-openbsd-main	uvm_fault: bpfioctl
2025/08/16 23:41	openbsd	b1b6accd48af	1804e95e	.config	console log	report				[disk image] [bsd.gdb] [kernel image]	ci-openbsd-multicore	uvm_fault: bpfioctl

* ~~Struck through~~ repros no longer work on HEAD.