syzbot


uvm_fault: solock

Status: auto-obsoleted due to no activity on 2022/09/10 02:03
Reported-by: syzbot+4288fa7ff6c528df056f@syzkaller.appspotmail.com
First crash: 646d, last: 646d

Sample crash report:
uvm_fault(0xfffffd807d8e3550, 0x8, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at      solock+0x15:    movq    0x8(%rax),%rax
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
solock(fffffd8079447c80) at solock+0x15 sys/kern/uipc_socket2.c:282
soclose(fffffd8079447c80,0) at soclose+0x2f sys/kern/uipc_socket.c:328
soo_close(fffffd80655b5b40,ffff8000215ff260) at soo_close+0x40
fdrop(fffffd80655b5b40,ffff8000215ff260) at fdrop+0xc7 sys/kern/kern_descrip.c:1279
closef(fffffd80655b5b40,ffff8000215ff260) at closef+0x117 sys/kern/kern_descrip.c:1263
fdfree(ffff8000215ff260) at fdfree+0xe3 sys/kern/kern_descrip.c:1195
exit1(ffff8000215ff260,0,0,1) at exit1+0x35d sys/kern/kern_exit.c:202
sys_exit(ffff8000215ff260,ffff80002e7baed0,ffff80002e7baf30) at sys_exit+0x16 sys/kern/kern_exit.c:95
syscall(ffff80002e7bafa0) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffd9bc0, count: 5
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb> 
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: uvm_fault(0xfffffd807d8e3550, 0x8, 0, 1) -> e
ddb> trace
solock(fffffd8079447c80) at solock+0x15 sys/kern/uipc_socket2.c:282
soclose(fffffd8079447c80,0) at soclose+0x2f sys/kern/uipc_socket.c:328
soo_close(fffffd80655b5b40,ffff8000215ff260) at soo_close+0x40
fdrop(fffffd80655b5b40,ffff8000215ff260) at fdrop+0xc7 sys/kern/kern_descrip.c:1279
closef(fffffd80655b5b40,ffff8000215ff260) at closef+0x117 sys/kern/kern_descrip.c:1263
fdfree(ffff8000215ff260) at fdfree+0xe3 sys/kern/kern_descrip.c:1195
exit1(ffff8000215ff260,0,0,1) at exit1+0x35d sys/kern/kern_exit.c:202
sys_exit(ffff8000215ff260,ffff80002e7baed0,ffff80002e7baf30) at sys_exit+0x16 sys/kern/kern_exit.c:95
syscall(ffff80002e7bafa0) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffd9bc0, count: -10
ddb> show registers
rdi               0xfffffd8079447c80
rsi                                0
rbp               0xffff80002e7bac80
rbx                             0x19
rdx                                0
rcx               0xfffffd80655b5960
rax                                0
r8                                 0
r9                                 0
r10               0x3baaee2d5c22f5bc
r11               0x828957e97c2c8cd5
r12                                0
r13                                0
r14               0xfffffd8079447c80
r15               0xfffffd8079447c80
rip               0xffffffff81c722f5    solock+0x15
cs                               0x8
rflags                       0x10246    __ALIGN_SIZE+0xf246
rsp               0xffff80002e7bac60
ss                              0x10
solock+0x15:    movq    0x8(%rax),%rax
ddb> show proc
PROC (syz-executor.6) pid=268171 stat=onproc
    flags process=1008<EXITING,SINGLEEXIT> proc=2000<WEXIT>
    pri=32, usrpri=68, nice=20
    forw=0xffffffffffffffff, list=0xffff800024ad9cf0,0xffff8000215ffa50
    process=0xffff8000216a1b80 user=0xffff80002e7b6000, vmspace=0xfffffd807d8e3550
    estcpu=18, cpticks=1, pctcpu=0.0
    user=0, sys=1, intr=0
ddb> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 14463  438583  22796      0  2           0                syz-executor.3
 14463  299490  22796      0  3   0x4000080  fsleep        syz-executor.3
 53349  256519  34310      0  2           0                syz-executor.0
 53349  292518  34310      0  3   0x4000080  fsleep        syz-executor.0
 66659    4465  83336      0  2     0x81000                syz-executor.2
 66659  484351  83336      0  2   0x4081000                syz-executor.2
 66659  434757  83336      0  2   0x4081000                syz-executor.2
 66659  402864  83336      0  3   0x4003000  suspend       syz-executor.2
 65989  143960  42872      0  2           0                syz-executor.7
 65989  252775  42872      0  3   0x4000080  fsleep        syz-executor.7
 66643  311334  74026      0  2       0x482                syz-executor.5
 22796  421264  74026      0  2       0x482                syz-executor.3
 83336  259684  74026      0  3        0x82  nanoslp       syz-executor.2
 23187   76107  74026      0  3        0x82  nanoslp       syz-executor.6
 63954  166914  74026      0  2         0x2                syz-executor.4
 27949    3558      1      0  3    0x100083  ttyin         getty
  8344  195616      0      0  3     0x14200  acct          acct
 42872   52470  74026      0  3        0x82  nanoslp       syz-executor.7
 91139  471383      0      0  3     0x14200  bored         sosplice
 34310   71191  74026      0  2       0x482                syz-executor.0
 20837  220671  74026      0  2         0x2                syz-executor.1
 74026  219097  48585      0  3        0x82  thrsleep      syz-fuzzer
 74026  447461  48585      0  3   0x4000082  nanoslp       syz-fuzzer
 74026  112184  48585      0  3   0x4000082  thrsleep      syz-fuzzer
 74026  161516  48585      0  3   0x4000082  thrsleep      syz-fuzzer
 74026  320829  48585      0  3   0x4000082  kqread        syz-fuzzer
 74026  473194  48585      0  3   0x4000082  thrsleep      syz-fuzzer
 74026  428963  48585      0  3   0x4000082  thrsleep      syz-fuzzer
 74026  269190  48585      0  3   0x4000082  thrsleep      syz-fuzzer
 74026  157420  48585      0  3   0x4000082  thrsleep      syz-fuzzer
 48585  394744  37822      0  3    0x10008a  sigsusp       ksh
 37822  347159  18742      0  3        0x9a  kqread        sshd
 18742  144640      1      0  3        0x88  kqread        sshd
 62674  504935  11707     73  3   0x1100090  kqread        syslogd
 11707  368958      1      0  3    0x100082  netio         syslogd
 13975  483031      1      0  3    0x100080  kqread        resolvd
 90497   11064  29680     77  3    0x100092  kqread        dhcpleased
 86705   25280  29680     77  3    0x100092  kqread        dhcpleased
 29680  211992      1      0  3        0x80  kqread        dhcpleased
 33716  227438      0      0  3     0x14200  bored         smr
 25942  156959      0      0  2     0x14200                zerothread
 87788  434790      0      0  3     0x14200  aiodoned      aiodoned
 74470   44149      0      0  3     0x14200  syncer        update
 88098  234582      0      0  3     0x14200  cleaner       cleaner
 15933  377574      0      0  3     0x14200  reaper        reaper
 12054  197121      0      0  3     0x14200  pgdaemon      pagedaemon
 64765   57874      0      0  3     0x14200  bored         viomb
 90422  286718      0      0  3  0x40014200  acpi0         acpi0
 67968  399571      0      0  3     0x14200  bored         softnet
   287  404682      0      0  3     0x14200  bored         softnet
 74143  482916      0      0  3     0x14200  bored         softnet
 18259   91991      0      0  3     0x14200  bored         softnet
 59195  427327      0      0  3     0x14200  bored         systqmp
 99690  391512      0      0  3     0x14200  bored         systq
 92087  474923      0      0  2  0x40014200                softclock
 37879  452236      0      0  3  0x40014200                idle0
     1  183869      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper
ddb> show all locks
No such command
ddb> show malloc
           Type InUse  MemUse  HighUse   Limit  Requests Type Lim
         devbuf 10251   6566K    7958K  78643K     57668        0
            pcb    25     16K      18K  78643K       339        0
         rtable   174      5K       9K  78643K      1040        0
         ifaddr    69     15K      19K  78643K       471        0
         sysctl     2      0K       0K  78643K         2        0
       counters    25     17K      17K  78643K        73        0
       ioctlops     0      0K       4K  78643K      3343        0
            iov     0      0K      16K  78643K       841        0
          mount     1      1K       1K  78643K         1        0
            log     0      0K       0K  78643K         4        0
         vnodes  1428     89K      89K  78643K     10818        0
      UFS quota     1     32K      32K  78643K         1        0
      UFS mount     5     36K      36K  78643K         5        0
            shm     2      1K       9K  78643K        58        0
         VM map     2      0K       0K  78643K         2        0
            sem    12      0K       0K  78643K      1992        0
        dirhash    12      2K       2K  78643K        12        0
           ACPI  1697    195K     286K  78643K     12548        0
      file desc    15     53K      85K  78643K     13520        0
          sigio     0      0K       0K  78643K        56        0
           proc    58     59K      83K  78643K      1031        0
        subproc   104      6K       6K  78643K       286        0
    NFS srvsock     1      0K       0K  78643K         1        0
     NFS daemon     1     16K      16K  78643K         1        0
    ip_moptions     0      0K       0K  78643K       170        0
       in_multi    74      5K       6K  78643K       307        0
    ether_multi     1      0K       0K  78643K        12        0
            mrt     1      0K       0K  78643K         1        0
    ISOFS mount     1     32K      32K  78643K         1        0
  MSDOSFS mount     1     16K      16K  78643K         1        0
           ttys   163    731K     731K  78643K       163        0
           exec     0      0K       2K  78643K      1464        0
            tdb     3      0K       0K  78643K         3        0
        pagedep     1      8K       8K  78643K         1        0
       inodedep     1     32K      32K  78643K         1        0
         newblk     1      0K       0K  78643K         1        0
        VM swap     7     26K      26K  78643K         7        0
       UVM amap   284    219K     252K  78643K     70808        0
       UVM aobj   131      8K       8K  78643K       140        0
        memdesc     1      4K       4K  78643K         1        0
    crypto data     1      1K       1K  78643K         1        0
    ip6_options     1      0K       0K  78643K       841        0
            NDP     9      0K       2K  78643K       103        0
           temp  4247  12987K   24428K  78643K    183958        0
         kqueue    12     18K      26K  78643K       316        0
      SYN cache     2     16K      16K  78643K         2        0
ddb> show all pools
Name      Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb      120      152    0      149     1     0     1     1     0     8    0
rtentry    112      292    0      213     4     0     4     4     0     8    0
unpcb      136     4712    0     4698    37    36     1     7     0     8    0
syncache   296       14    0       14     4     4     0     1     0     8    0
tcpqe       32       11    0       11     3     3     0     1     0     8    0
tcpcb      736     3648    0     3642   111   107     4    14     0     8    3
arp         88       49    0       35     1     0     1     1     0     8    0
inpcb      312    11003    0    10981   113   107     6    11     0     8    3
nd6         48       71    0       52     1     0     1     1     0     8    0
pkpcb       40        9    0        9     1     1     0     1     0     8    0
kcovpl      48       22    0       14     1     0     1     1     0     8    0
ppxss      1152      27    0       27     7     7     0     1     0     8    0
pfstscr     40        7    0        7     2     2     0     1     0     8    0
pfosfp      40        2    0        2     1     1     0     1     0     8    0
pfosfpen   112        2    0        2     1     1     0     1     0     8    0
pfrktable  1344      26    0       26     2     2     0     1     0     8    0
pftag       88        1    0        0     1     0     1     1     0     8    0
pfqueue    264        2    0        2     2     2     0     1     0     8    0
pfstitem    24        4    0        4     1     1     0     1     0     8    0
pfstkey    112       11    0       11     2     2     0     1     0     8    0
pfstate    336        7    0        7     2     2     0     1     0     8    0
pfrule     1360     171    0      170     6     5     1     1     0     8    0
art_heap8  4096       1    0        0     1     0     1     1     0     8    0
art_heap4  256     1260    0      920    31     4    27    30     0     8    0
art_table   32     1261    0      920     4     0     4     4     0     8    0
art_node    16      291    0      223     1     0     1     1     0     8    0
sysvmsgpl   40      130    0       99     1     0     1     1     0     8    0
semapl     112     1923    0     1913     1     0     1     1     0     8    0
shmpl      112      137    0        9     4     0     4     4     0     8    0
dirhash    1024      17    0        0     3     0     3     3     0     8    0
dino2pl    256    17553    0    16094    92     0    92    92     0     8    0
ffsino     240    17553    0    16094    87     0    87    87     0     8    0
nchpl      144    35135    0    33503    63     0    63    63     0     8    0
uvmvnodes   80     5926    0        0   121     0   121   121     0     8    0
vnodes     224     5926    0        0   349     0   349   349     0     8    0
namei      1024  117636    0   117636     6     5     1     2     0     8    1
vcpupl     1984      75    0        3    10     0    10    10     0     8    0
vmpool     528      119    0       47     6     1     5     5     0     8    0
pfiaddrpl  120       13    0       13     2     2     0     1     0     8    0
kstatmem   264      114    0       96     2     0     2     2     0     8    0
scxspl     216    97716    0    97716    12    11     1     8     0     8    1
plimitpl   152      555    0      541     1     0     1     1     0     8    0
sigapl     424    13805    0    13760     8     2     6     8     0     8    0
futexpl     64   141538    0   141535     1     0     1     1     0     8    0
knotepl    120   115820    0   115740    24    20     4    17     0     8    0
kqueuepl   184     1032    0     1024    20    19     1     4     0     8    0
pipepl     304     1661    0     1633    46    43     3     8     0     8    0
fdescpl    432    13767    0    13741     4     0     4     4     0     8    0
filepl     120    78646    0    78329    97    86    11    16     0     8    0
lockfpl    104     1760    0     1758     3     2     1     2     0     8    0
lockfspl    48      492    0      490     1     0     1     1     0     8    0
sessionpl  144       38    0       22     1     0     1     1     0     8    0
pgrppl      48      137    0      121     1     0     1     1     0     8    0
ucredpl     96     5412    0     5402     1     0     1     1     0     8    0
zombiepl   144    13763    0    13760     1     0     1     1     0     8    0
processpl  1000   13805    0    13760    10     3     7     9     0     8    0
procpl     672    32250    0    32191    15     9     6     9     0     8    0
sosppl     168       76    0       76    12    12     0     1     0     8    0
sockpl     448    15886    0    15847   239   229    10    29     0     8    5
mcl64k     65536    346    0      346    20    19     1     1     0     8    1
mcl16k     16384    120    0      120    22    22     0     1     0     8    0
mcl12k     12288    392    0      392    18    17     1     1     0     8    1
mcl9k      9216     113    0      113    25    25     0     1     0     8    0
mcl8k      8192     746    0      746    17    16     1     1     0     8    1
mcl4k      4096    1816    0     1816     7     6     1     1     0     8    1
mcl2k2     2112     100    0      100    25    24     1     1     0     8    1
mcl2k      2048   87835    0    87732    38    22    16    28     0     8    0
mtagpl      96    10846    0     9408    62    18    44    50     0     8    0
mbufpl     256   221985    0   220284   179    49   130   151     0     8    0
bufpl      288    21011    0    14610   458     0   458   458     0     8    0
anonpl      24  2373990    0  2358089   223   122   101   125     0   188    0
amapchunkpl 152  203329    0   202744    55    30    25    36     0   158    0
amappl16   200    33296    0    32729   141   110    31    43     0     8    0
amappl15   192     4159    0     4154     1     0     1     1     0     8    0
amappl14   184     1437    0     1432     1     0     1     1     0     8    0
amappl13   176     2801    0     2798     1     0     1     1     0     8    0
amappl12   168      686    0      682     1     0     1     1     0     8    0
amappl11   160     4608    0     4590     1     0     1     1     0     8    0
amappl10   152       40    0       39     1     0     1     1     0     8    0
amappl9    144      624    0      618     1     0     1     1     0     8    0
amappl8    136     1099    0     1027     3     0     3     3     0     8    0
amappl7    128      372    0      361     1     0     1     1     0     8    0
amappl6    120      408    0      389     2     1     1     2     0     8    0
amappl5    112     8791    0     8777     1     0     1     1     0     8    0
amappl4    104     8560    0     8530     2     0     2     2     0     8    0
amappl3     96    40261    0    40214     2     0     2     2     0     8    0
amappl2     88    17404    0    17341     3     1     2     3     0     8    0
amappl1     80   319082    0   318460    30    16    14    19     0     8    0
amappl      88    69949    0    69788     4     0     4     4     0    92    0
dma4096    4096       1    0        1     1     1     0     1     0     8    0
dma1024    1024       1    0        0     1     0     1     1     0     8    0
dma256     256        6    0        6     1     1     0     1     0     8    0
dma128     128      253    0      253     1     1     0     1     0     8    0
dma64       64        6    0        6     1     1     0     1     0     8    0
dma32       32        7    0        7     1     1     0     1     0     8    0
dma16       16       18    0       17     1     0     1     1     0     8    0
aobjpl      72      139    0        9     3     0     3     3     0     8    0
uaddrrnd    24    13886    0    13788     1     0     1     1     0     8    0
uaddrbest   32        2    0        0     1     0     1     1     0     8    0
uaddr       24    13886    0    13788     1     0     1     1     0     8    0
vmmpekpl   168    83577    0    83522     4     1     3     3     0     8    0
vmmpepl    168  1288853    0  1286265   240   116   124   129     0   357    0
vmsppl     272    13885    0    13788     8     1     7     7     0     8    0
rwobjpl     24   302625    0   295023    50     3    47    48     0     8    0
pdppl      4096   27778    0    27648   541   405   136   139     0     8    6
pvpl        32  4597386    0  4577157   374   205   169   238     0   265    0
pmappl     216    13885    0    13788     8     2     6     6     0     8    0
extentpl    40       58    0       38     1     0     1     1     0     8    0
phpool     112     1984    0     1001    29     0    29    29     0     8    0
ddb> machine ddbcpu 0
No such command
ddb> trace
solock(fffffd8079447c80) at solock+0x15 sys/kern/uipc_socket2.c:282
soclose(fffffd8079447c80,0) at soclose+0x2f sys/kern/uipc_socket.c:328
soo_close(fffffd80655b5b40,ffff8000215ff260) at soo_close+0x40
fdrop(fffffd80655b5b40,ffff8000215ff260) at fdrop+0xc7 sys/kern/kern_descrip.c:1279
closef(fffffd80655b5b40,ffff8000215ff260) at closef+0x117 sys/kern/kern_descrip.c:1263
fdfree(ffff8000215ff260) at fdfree+0xe3 sys/kern/kern_descrip.c:1195
exit1(ffff8000215ff260,0,0,1) at exit1+0x35d sys/kern/kern_exit.c:202
sys_exit(ffff8000215ff260,ffff80002e7baed0,ffff80002e7baf30) at sys_exit+0x16 sys/kern/kern_exit.c:95
syscall(ffff80002e7bafa0) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffd9bc0, count: -10
ddb> machine ddbcpu 1
No such command
ddb> trace
solock(fffffd8079447c80) at solock+0x15 sys/kern/uipc_socket2.c:282
soclose(fffffd8079447c80,0) at soclose+0x2f sys/kern/uipc_socket.c:328
soo_close(fffffd80655b5b40,ffff8000215ff260) at soo_close+0x40
fdrop(fffffd80655b5b40,ffff8000215ff260) at fdrop+0xc7 sys/kern/kern_descrip.c:1279
closef(fffffd80655b5b40,ffff8000215ff260) at closef+0x117 sys/kern/kern_descrip.c:1263
fdfree(ffff8000215ff260) at fdfree+0xe3 sys/kern/kern_descrip.c:1195
exit1(ffff8000215ff260,0,0,1) at exit1+0x35d sys/kern/kern_exit.c:202
sys_exit(ffff8000215ff260,ffff80002e7baed0,ffff80002e7baf30) at sys_exit+0x16 sys/kern/kern_exit.c:95
syscall(ffff80002e7bafa0) at syscall+0x44e sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffd9bc0, count: -10

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/06/12 02:02 openbsd a97778adc736 0d5abf15 .config console log report ci-openbsd-main uvm_fault: solock
* Struck through repros no longer work on HEAD.