syzbot

 sign-in | mailing list | source | docs
🐞 Open [168]
🐞 Fixed [294]
🐞 Invalid [932]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c

Status: upstream: reported on 2025/12/10 19:32
Reported-by: syzbot+f3c3aa16434bc13e3138@syzkaller.appspotmail.com
First crash: 11d, last: now

Sample crash report:
panic: kernel diagnostic assertion "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == 0" failed: file "/syzkaller/managers/main/kernel/sys/uvm/uvm_page.c", line 1306
Starting stack trace...
panic(ffffffff8337bf4d) at panic+0x1ba sys/kern/subr_prf.c:229
__assert(ffffffff833b9417,ffffffff833a66da,51a,ffffffff833ec4ac) at __assert+0x29 sys/kern/subr_prf.c:-1
uvm_pageactivate(fffffd800714c600) at uvm_pageactivate+0x1e2 sys/uvm/uvm_page.c:1303
uvm_fault_lower(ffff80003c92ec60,ffff80003c92ec98,ffff80003c92ebe0) at uvm_fault_lower+0x22a sys/uvm/uvm_fault.c:1391
uvm_fault(fffffd807747e018,200000002000,2,1) at uvm_fault+0x241 sys/uvm/uvm_fault.c:-1
uvm_fault_wire(fffffd807747e018,200000002000,200000013000,1) at uvm_fault_wire+0x73 sys/uvm/uvm_fault.c:1703
uvm_map_pageable_wire(fffffd807747e018,fffffd806caec830,fffffd806caec248,0,0,0) at uvm_map_pageable_wire+0x3dc sys/uvm/uvm_map.c:2125
sys_mlock(ffff800033909248,ffff80003c92ef70,ffff80003c92eec0) at sys_mlock+0x23d sys/uvm/uvm_mmap.c:849
syscall(ffff80003c92ef70) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003c92ef70) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xc9a32cc3220, count: 247
End of stack trace.

Crashes (8242):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/12/21 22:20 openbsd 83a64bde9847 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 22:01 openbsd 83a64bde9847 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 20:56 openbsd 83a64bde9847 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 20:32 openbsd 83a64bde9847 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 19:25 openbsd 83a64bde9847 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 18:48 openbsd 83a64bde9847 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 17:42 openbsd 83a64bde9847 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 17:39 openbsd 83a64bde9847 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 16:37 openbsd 83a64bde9847 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 14:59 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 14:01 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 13:00 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 12:37 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 11:02 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 10:43 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 09:38 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 08:57 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 07:53 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 07:33 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 06:32 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 05:23 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 05:07 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 04:06 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 04:05 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 03:05 openbsd 668f1f05e71c e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 01:56 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 01:55 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 00:52 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/21 00:20 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 23:13 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 22:33 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 21:30 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 20:27 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 19:40 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 18:36 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 18:18 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 17:14 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 17:02 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 15:34 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 15:19 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 14:18 openbsd df8f251ef5f9 e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 13:16 openbsd ddef1afac53e e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 12:24 openbsd ddef1afac53e e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/20 11:22 openbsd ddef1afac53e e14dbeb9 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
2025/12/10 19:32 openbsd d004c0aeba6f 48b27acc .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main assert "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed in uvm_page.c
* Struck through repros no longer work on HEAD.