syzbot

 sign-in | mailing list | source | docs
🐞 Open [55]
🐞 Fixed [374]
🐞 Invalid [464]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Out of 464 bugs, 356 were automatically obsoleted (1 due to revoked reproducers), 108 were invalidated by users.
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported
Fatal trap NUM: page fault in inm_disconnect -1 2 90d 90d
panic: igmp_change_state: no igmp_ifsoftc for ifp ADDR (2) 2 1 90d 90d
panic: No memory for IFN 2 7 92d 211d
SYZFAIL: cover mmap failed (2) -1 10657 54d 564d
SYZFAIL: posix_spawnp failed -1 161707 54d 416d
SYZFAIL: tun: read failed (4) -1 13755 54d 104d
panic: a thread waited too long to allocate a page 2 65708 54d 1525d
SYZFAIL: open of /dev/kcov failed -1 27124 54d 294d
SYZFAIL: SIGILL (2) -1 1137 54d 386d
SYZFAIL: invalid kcov comp type (4) -1 6983 54d 402d
panic: sleeping thread holds tun_mtx 2 1005 54d 287d
SYZFAIL: SIGFPE (2) -1 975 54d 388d
panic: mq notifiers left (3) 2 1248 54d 377d
SYZFAIL: too much cover (3) -1 5788 54d 453d
panic: ASan: Invalid access, NUM-byte read at ADDR, StackMiddle(f2) (3) 2 162 54d 323d
SYZFAIL: SIGSEGV -1 115 54d 361d
SYZFAIL: SIGBUS (2) -1 139 54d 360d
SYZFAIL: failed to send rpc -1 1034 55d 610d
suppressed report (4) -1 20305 55d 969d
can't ssh into the instance -1 27462 55d 667d
SYZFAIL: too many calls in output -1 392 55d 609d
SYZFAIL: child stopped (2) -1 147 56d 376d
corrupted report (5) -1 1399 57d 822d
panic: brelse: non-VMIO buffer marked NOREUSE 2 1333 58d 290d
panic: vnode_pager_generic_getpages_done: page ADDR is mapped 2 25 99d 372d
Fatal trap NUM: page fault in igmp_ifdetach -1 1 102d 102d
panic: vm_object_terminate_single_page: page ADDR does not belong to a queue 2 145 72d 513d
Fatal trap NUM: page fault in mld_change_state -1 12 115d 384d
panic: pmap_remove_all: page ADDR is not managed 2 3304 77d 205d
panic: tcp_input_with_port: unspecified destination v4 address 2 29 77d 140d
panic: /syzkaller/managers/main/kernel/sys/kern/kern_timeout.c:LINE: _callout_stop_safe: Bad link elm ADDR prev->next != (2) 2 1 136d 136d
panic: vm_page_wire_mapped: wiring unreferenced page ADDR 2 1 140d 140d
Fatal trap NUM: page fault in witness_checkorder (2) -1 6 142d 160d
panic: if_freemulti: refcount -NUM 2 1 144d 144d
panic: negative vmsize for uid NUM 2 36 131d 325d
Fatal trap NUM: general protection fault in pfi_kkif_update (4) -1 1 151d 151d
panic: vm_object_unwire: missing page 2 8 160d 302d
panic: Assertion uio->uio_resid < NUM failed at /syzkaller/managers/i386/kernel/sys/netlink/netlink_domain.c:LINE 2 2 179d 179d
freebsd build error (22) -1 142 140d 168d
Fatal trap NUM: page fault in pfi_kkif_update (4) -1 1 180d 180d
panic: deadlkres: possible deadlock detected on allproc_lock 2 1 180d 180d
panic: /syzkaller/managers/i386/kernel/sys/kern/kern_timeout.c:LINE: callout_cc_add: Bad list head ADDR first->prev != h (2) 2 216 144d 209d
panic: CURVNET_SET at /syzkaller/managers/main/kernel/sys/netinet6/in6_mcast.c:LINE inp_gcmoptions() curvnet=ADDR vnet=N 2 3 185d 241d
panic: igmp_change_state: no igmp_ifsoftc for ifp ADDR 2 2 185d 237d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (12) -1 226 151d 633d
panic: inconsistent boundary count NUM 2 6 193d 336d
Fatal trap NUM: page fault in in_pcbremhash_locked (2) -1 45 155d 259d
Fatal trap NUM: page fault in ip6_freemoptions -1 1 202d 202d
panic: flush_newblk_dep: Bad newblk ADDR 2 3 204d 204d
panic: vm_page_grab_zero_partial: page ADDR is invalid 2 1 206d 206d
Fatal trap NUM: page fault in in_joingroup_locked -1 2 209d 262d
SYZFAIL: failed to mkdir -1 2 220d 220d
panic: /syzkaller/managers/i386/kernel/sys/kern/uipc_usrreq.c:LINE: uipc_sosend_stream_or_seqpacket: Empty stailq ADDR-> 2 1298 192d 318d
panic: sleeping thread[ htholredsa d tpuin_dm 2tx ti 2 1 238d 238d
Fatal trap NUM: page fault in in6_selecthlim (4) -1 1 242d 242d
Fatal trap NUM: page fault in link_elf_search_symbol -1 1 246d 246d
panic: deadlres_td_sleep_q: possible deadlock detected for ADDR (syz-executor), blocked for ADDR ticks 2 1 249d 249d
panic: starting DAD on non-tentative address ADDR 2 1 253d 253d
panic: ASan: Invalid access, NUM-byte read at ADDR, MallocRedZone(fb) (4) 2 1 253d 253d
panic: witness_warn (3) 2 1 256d 256d
panic: proc_dtor: non-empty p_ktr 2 1 267d 267d
panic: Assertion done != job_total_nbytes failed at /syzkaller/managers/i386/kernel/sys/kern/sys_socket.c:LINE (3) 2 3 273d 299d
panic: vm_page_dirty: page is invalid! 2 2 279d 322d
SYZFAIL: ShmemBuilder: too large output offset -1 1 279d 279d
panic: /syzkaller/managers/main/kernel/sys/kern/kern_timeout.c:LINE: _callout_stop_safe: Bad link elm ADDR prev->next != 2 2 279d 312d
panic: pmap_demote_pde: a wired mapping is missing PG_A 2 67 241d 467d
freebsd test error: SYZFATAL: image testing failed w/o kernel bug (2) -1 3 281d 317d
panic: Assertion pd->pcksum failed at /syzkaller/managers/main/kernel/sys/netpfil/pf/pf.c:LINE 2 7 282d 319d
panic: /syzkaller/managers/main/kernel/sys/netinet/in_pcb.c:LINE: in_pcblbgroup_insert: Bad list head ADDR first->prev ! 2 3 283d 320d
panic: negative vmsize for uid -NUM 2 1 308d 308d
panic: /syzkaller/managers/i386/kernel/sys/kern/kern_timeout.c:LINE: callout_process: Bad tailq NEXT(ADDR->tqh_last) != 2 1 310d 310d
Fatal trap NUM: page fault in witness_checkorder -1 4 311d 326d
panic: mutex so_rcv not owned at /syzkaller/managers/i386/kernel/sys/kern/uipc_usrreq.c:LINE 2 6 311d 314d
panic: /syzkaller/managers/i386/kernel/sys/netinet/in_pcb.c:LINE: in_pcblbgroup_insert: Bad list head ADDR first->prev ! 2 1 313d 313d
panic: pmap_growkernel: no memory to grow kernel (5) 2 457 274d 388d
panic: /syzkaller/managers/main/kernel/sys/kern/kern_timeout.c:LINE: callout_process: Bad tailq NEXT(ADDR->tqh_last) != 2 1 314d 314d
freebsd test error: can't ssh into the instance -1 11 275d 275d
panic: /syzkaller/managers/main/kernel/sys/netinet/in_pcb.c:LINE: in_pcbremlbgrouphash: Bad link elm ADDR next->prev != 2 1 321d 321d
panic: Assertion pd->pcksum failed at /syzkaller/managers/i386/kernel/sys/netpfil/pf/pf.c:LINE 2 1 322d 322d
Fatal trap NUM: page fault in __mtx_lock_flags (4) -1 1 326d 326d
panic: ip6_deletefraghdr: ext headers not contigous in mbuf ADDR m_len NUM >= offset NUM + NUM 2 686 287d 336d
panic: executing segment marked as unreachable at /syzkaller/managers/main/kernel/sys/netinet/in_pcb.c:LINE (in_pcbremlb 2 1 335d 335d
panic: /syzkaller/managers/i386/kernel/sys/kern/kern_timeout.c:LINE: callout_cc_add: Bad list head ADDR first->prev != h 2 202 297d 326d
panic: tcp_do_segment: sent too much 2 13 323d 355d
panic: Bad list head ADDR first->prev != head (2) 2 113 326d 354d
freebsd test error: lost connection to test machine (7) -1 2 371d 456d
SYZFAIL: coverage filter is full (2) -1 198808 385d 512d
freebsd test error: SYZFATAL: image testing failed w/o kernel bug -1 300 392d 423d
panic: mq notifiers left (2) 2 9 474d 480d
Fatal trap NUM: page fault in __mtx_lock_flags (3) -1 1 474d 474d
Fatal trap NUM: page fault in callout_process (3) -1 1 486d 486d
panic: pf_reassemble6: short mbuf chain 2 1 490d 490d
freebsd build error (19) -1 23 458d 459d
SYZFAIL: posix_spawn failed -1 4902 466d 609d
panic: pmap_growkernel: no memory to grow kernel (4) 2 29 473d 579d
panic: prefix ADDR has referencing addresses (6) 2 3 513d 597d
panic: mtx_lock() of destroyed mutex at sys/netinet/sctp_output.c:LINE (4) 2 1 525d 525d
SYZFAIL: SIGILL -1 101 487d 606d
Fatal trap NUM: page fault in in6_selecthlim (3) -1 739 497d 848d
SYZFAIL: child stopped -1 1 554d 554d
SYZFAIL: SIGBUS -1 8 554d 569d
SYZFAIL: clone failed -1 1 560d 560d
panic: strq ADDR not scheduled (4) 2 1 579d 579d
panic: if_ref: ifp ADDR has NUM refs 2 1 580d 580d
SYZFAIL: invalid kcov comp type (3) -1 1 591d 591d
SYZFAIL: SIGFPE -1 19 554d 594d
Fatal trap NUM: page fault in callout_process (2) -1 1 595d 595d
panic: mq notifiers left 2 21 555d 564d
Fatal trap NUM: pageJul NUM NUM:NUM:NUM fault in ip6_output -1 1 608d 608d
SYZFAIL: coverage filter is full -1 85109 570d 605d
panic: tcp_close: inp_socket NULL 2 4 610d 610d
freebsd test error: panic: ASan: Invalid access, NUM-byte write at ADDR, MallocRedZone(fb) -1 80 596d 602d
freebsd test error: lost connection to test machine (6) -1 7 659d 659d
panic: ASan: Invalid access, NUM-byte read at ADDR, MallocRedZone(fb) (3) 2 1 668d 668d
freebsd boot error: can't ssh into the instance (4) -1 3 673d 673d
Fatal trap NUM: page fault in sctp_free_assoc -1 35 638d 704d
panic: mtx_lock() of destroyed mutex at sys/netinet/sctp_output.c:LINE (3) 2 3 678d 721d
freebsd test error: SYZFATAL: failed to connect to host: dial tcp IP:NUM: i/o timeout -1 54 665d 667d
panic: rsm:ADDR nrsm:ADDR hit at soff:NUM null m (2) 2 3 706d 706d
Fatal trap NUM: page fault in __asan_load8_noabort (2) -1 8 710d 711d
panic: mb_free_extpg: m ADDR is not multipage! 2 1 711d 711d
Fatal trap NUM: page fault in m_free -1 2 711d 711d
Fatal trap NUM: page fault in kasan_atomic_fetchadd_int -1 1 711d 711d
Fatal trap NUM: page fault in callout_process -1 1 711d 711d
panic: Assertion mtx_unowned(m) failed at /syzkaller/managers/i386/kernel/sys/kern/kern_mutex.c:LINE (4) 2 2 713d 717d
panic: prefix ADDR has referencing addresses (5) 2 4 716d 754d
panic: pmap_growkernel: no memory to grow kernel (3) 2 965 679d 1612d
panic: vm_fault_lookup: fault on nofault entry, addr: ADDR (4) 2 18 682d 745d
syzkaller: make target failed: failed to run ["gmake" "target"]: exit status 2 (2) -1 10 633d 634d
Fatal trap NUM: page fault while in kernel mode (5) -1 15 710d 787d
panic: Assertion v != tid failed at /syzkaller/managers/i386/kernel/sys/kern/kern_mutex.c:LINE (2) 2 72 732d 1353d
panic: lock (sleep mutex) sctp-inp not locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_pcb.c:LINE 2 6 732d 735d
Fatal trap NUM: page fault in in6_unlink_ifa (4) -1 1 734d 734d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (11) -1 18 703d 729d
Fatal trap NUM: page fault in sctp_ss_default_add (3) -1 1 747d 747d
Fatal trap NUM: page fault in m_tag_delete_chain -1 21 710d 711d
syzkaller: make host failed: failed to run ["gmake" "host" "ci"]: exit status 2 (4) -1 118 674d 693d
freebsd build error (18) -1 8 712d 713d
panic: mtx_lock_spin: recursed on non-recursive mutex msgbuf @ /syzkaller/managers/i386/kernel/sys/kern/subr_msgbuf.c:LI 2 6 786d 812d
panic: deadlres_td_on_lock: possible deadlock detected for ADDR (syz-executor), blocked for NUM ticks 2 1 792d 792d
panic: Assertion mtx_unowned(m) failed at /syzkaller/managers/main/kernel/sys/kern/kern_mutex.c:LINE (4) 2 1 796d 796d
panic: mtx_lock() of destroyed mutex at sys/netinet/sctp_output.c:LINE (2) 2 1 813d 813d
panic: mtx_lock_spin: recursed on non-recursive mutex msgbuf @ /syzkaller/managers/main/kernel/sys/kern/subr_msgbuf.c:LI (2) 2 12 784d 813d
freebsd test error: lost connection to test machine (5) -1 1 855d 855d
panic: Assertion mtx_unowned(m) failed at /syzkaller/managers/i386/kernel/sys/kern/kern_mutex.c:LINE (3) 2 1 856d 856d
panic: prefix ADDR has referencing addresses (4) 2 2 865d 919d
panic: Assertion curthread->td_wantedlock == NULL failed at /syzkaller/managers/main/kernel/sys/kern/kern_mutex.c:LINE 2 4 879d 879d
panic: size_on_reasm_queue is NUM (3) 2 1 882d 882d
panic: Assertion done != job_total_nbytes failed at /syzkaller/managers/i386/kernel/sys/kern/sys_socket.c:LINE (2) 2 1 906d 906d
corrupted report (4) -1 21 936d 1472d
freebsd build error (17) -1 8 945d 983d
Fatal trap NUM: page fault in in6_unlink_ifa (3) -1 1 956d 956d
Fatal trap NUM: page fault in nd6_dad_timer (5) -1 2 959d 1031d
panic: mutex Giant owned at /syzkaller/managers/i386/kernel/sys/kern/kern_thread.c:LINE 2 252 929d 990d
panic: in6_pcblookup_hash_locked: invalid foreign address 2 syz 62 1091d 1141d
panic: prot 0x3 is not subset of max_prot NUM 2 C 2 948d 948d
SYZFAIL: child failed -1 syz 286 1435d 1853d
SYZFAIL: command failed -1 syz 34 1427d 1852d
panic: _mtx_lock_sleep: recursed on non-recursive mutex process lock @ /syzkaller/managers/main/kernel/sys/kern/kern_for 2 C 2 1318d 1318d
Fatal trap NUM: page fault while in kernel mode (4) -1 C 7 1127d 1452d
panic: huh, cumack ADDR greater than high-tsn ADDR in map 2 1 994d 994d
panic: _mtx_lock_sleep: recursed on non-recursive mutex sctp-tcb @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_pcb. (3) 2 1 996d 996d
panic: size_on_reasm_queue is NUM (2) 2 1 1002d 1002d
syzkaller: make host failed: failed to run ["gmake" "host" "ci"]: exit status 2 (3) -1 506 975d 1120d
Fatal trap NUM: general protection fault in pfi_kkif_update (3) -1 1 1027d 1027d
Fatal trap NUM: page fault in in6_selecthlim (2) -1 1 1049d 1049d
Fatal trap NUM: page fault in sctp_ss_default_add (2) -1 1 1066d 1066d
panic: Assertion done != job_total_nbytes failed at /syzkaller/managers/main/kernel/sys/kern/sys_socket.c:LINE (3) 2 1 1072d 1072d
panic: Rack:ADDR sb:ADDR rsm:ADDR -- first rsm mbuf not aligned to sb 2 1 1077d 1077d
panic: Assertion mtx_unowned(m) failed at /syzkaller/managers/main/kernel/sys/kern/kern_mutex.c:LINE (3) 2 1 1083d 1083d
panic: size_on_reasm_queue is NUM 2 1 1107d 1107d
panic: vtopde on a uva/gpa 0x1000 2 1 1118d 1118d
Fatal trap NUM: page fault in nd6_dad_timer (4) -1 2 1143d 1204d
suppressed report (3) -1 2 1155d 1239d
freebsd boot error: Fatal trap NUM: page fault while in kernel mode -1 159 1128d 1130d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 2 (3) -1 4 1190d 1190d
panic: prefix ADDR has referencing addresses (3) 2 1 1209d 1209d
freebsd boot error: can't ssh into the instance (3) -1 1 1222d 1222d
freebsd build error (15) -1 1099 1149d 1263d
panic: About to free ctl:ADDR so:ADDR and its in 1 2 C 20 1504d 1947d
Fatal trap NUM: page fault in in6_selecthlim -1 15 1266d 1629d
panic: Assertion mtx_unowned(m) failed at /syzkaller/managers/main/kernel/sys/kern/kern_mutex.c:LINE (2) 2 1 1272d 1272d
Fatal trap NUM: page fault in nd6_dad_timer (3) -1 3 1310d 1405d
panic: mtx_lock_spin: recursed on non-recursive mutex msgbuf @ /syzkaller/managers/main/kernel/sys/kern/subr_msgbuf.c:LI 2 1 1318d 1318d
freebsd boot error: can't ssh into the instance (2) -1 1 1338d 1338d
freebsd test error: SYZFATAL: BUG: executor version returned bad result: "" -1 52 1310d 1311d
suppressed report (2) -1 2 1358d 1364d
Fatal trap NUM: page fault in pfi_kkif_update (3) -1 1 1359d 1359d
panic: ASan: Invalid access, NUM-byte read at ADDR, StackLeft(f1) (2) 2 1 1361d 1361d
panic: _mtx_lock_sleep: recursed on non-recursive mutex sctp-tcb @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_pcb. (2) 2 1 1364d 1364d
Fatal trap NUM: page fault in knlist_remove_kq -1 1 1367d 1367d
Fatal trap NUM: page fault in sctp_notify_stream_reset_add -1 1 1375d 1375d
freebsd build error (14) -1 18 1358d 1359d
panic: ASan: Invalid access, NUM-byte write at ADDR, UseAfterScope(f8) (2) 2 1 1391d 1391d
panic: ASan: Invalid access, NUM-byte read in kvprintf 2 C 5 1600d 1619d
panic: Assertion done != job_total_nbytes failed at /syzkaller/managers/i386/kernel/sys/kern/sys_socket.c:LINE 2 1 1404d 1404d
panic: rack_output:NUM: r.start:ADDR < SND.UNA:ADDR; tp:ADDR, rack:ADDR, rsm:ADDR 2 C 270 1378d 1774d
panic: vm_fault_lookup: fault on nofault entry, addr: ADDR (3) 2 1 1413d 1413d
panic: prefix ADDR has referencing addresses (2) 2 3 1420d 1528d
Fatal trap NUM: page fault in sctp_wakeup_the_read_socket (4) -1 1 1422d 1422d
panic: Assertion task->ta_pending == NUM failed at /syzkaller/managers/i386/kernel/sys/kern/sys_socket.c:LINE 2 1 1426d 1426d
panic: Assertion mtx_unowned(m) failed at /syzkaller/managers/i386/kernel/sys/kern/kern_mutex.c:LINE (2) 2 2 1431d 1498d
Fatal trap NUM: page fault in kasan_atomic_load_int (2) -1 3 1432d 1501d
Fatal trap NUM: page fault in in6_unlink_ifa (2) -1 1 1441d 1441d
Fatal trap NUM: page fault in __asan_load8_noabort -1 1 1451d 1451d
SYZFAIL: too much cover (2) -1 120 1422d 1478d
Fatal trap NUM: page fault in memcpy_erms (2) -1 1 1459d 1459d
SYZFAIL: cover mmap failed -1 1 1461d 1461d
panic: ASan: Invalid access, NUM-byte read at ADDR, UMAUseAfterFree(fd) (3) 2 C 58 1376d 1429d
SYZFAIL: tun: read failed (3) -1 1 1474d 1474d
panic: strq ADDR not scheduled (3) 2 1 1475d 1475d
Fatal trap NUM: general protection fault in pfi_kkif_update (2) -1 1 1488d 1488d
panic: spin lock held too long (2) 2 1 1489d 1489d
SYZFAIL: invalid kcov comp type (2) -1 1 1492d 1492d
panic: ASan: Invalid access, NUM-byte read at ADDR, StackMiddle(f2) 2 1 1493d 1493d
panic: Don't own TCB lock 2 1 1496d 1496d
Fatal trap NUM: page fault in nd6_dad_timer (2) -1 1 1500d 1500d
syzkaller: make host failed: failed to run ["gmake" "host" "ci"]: exit status 2 (2) -1 106 1422d 1484d
freebsd build error (12) -1 2 1462d 1462d
panic: pmap_kasan_enter_alloc_4k: no memory to grow shadow map (2) 2 C 602 1604d 1653d
panic: out of swap space 2 C 15036 1526d 1769d
panic: ASan: Invalid access, NUM-byte read at ADDR, UseAfterScope(f8) 2 syz 7 1501d 1582d
panic: Queues are not empty when handling SHUTDOWN-ACK 2 syz 142 1533d 2103d
SYZFAIL: output overflow (2) -1 syz 14 1539d 1709d
panic: hpts_sane_input_insert: hpts:ADDR inp:ADDR incorrect CPU 2 C 186 1558d 1716d
SYZFAIL: tun: can't open device -1 syz 159 1660d 1852d
panic: m_copydata, offset > size of mbuf chain 2 syz 11 1655d 1658d
panic: hpts_sane_input_remove: hpts:ADDR inp:ADDR incorrect CPU 2 syz 5 1666d 1710d
panic: ASan: Invalid access, 2-byte read in sctp_common_input_processing 2 syz 8 1665d 1713d
panic: mtx_lock() of destroyed mutex at sys/netinet/sctp_pcb.c:LINE 2 syz 24 1724d 2150d
Fatal trap 9: general protection fault in __mtx_lock_sleep -1 syz 295 1718d 2392d
Fatal trap 9: general protection fault in sctp_timer_stop -1 syz 232 1718d 2032d
Fatal trap NUM: page fault in sctp_ss_default_add -1 1 1502d 1502d
panic: ASan: Invalid access, 8-byte read in __mtx_lock_sleep 2 syz 23 1621d 1704d
panic: ASan: Invalid access, 8-byte read in sctp_lower_sosend 2 syz 49 1588d 1696d
panic: ASan: Invalid access, 1-byte write in sctp_lower_sosend 2 syz 332 1610d 1714d
Fatal trap 12: page fault in __mtx_lock_sleep -1 syz 151 1719d 2367d
panic: Warning: Last msg marked incomplete, yet nothing left? 2 C 34 1514d 1768d
Fatal trap NUM: page fault in pfi_kkif_update (2) -1 1 1525d 1525d
panic: TCP stack bbr requested tcp_drop(ADDR) at connect() 2 1 1529d 1529d
panic: ASan: Invalid access, NUM-byte read in __mtx_lock_flags 2 C 188 1588d 1654d
panic: ASan: Invalid access, 8-byte write in sctp_timer_stop 2 C 269 1588d 1714d
Fatal trap 9: general protection fault in sctp_lower_sosend (2) -1 C 446 1718d 2038d
panic: ASan: Invalid access, NUM-byte read in sctp_ss_default_select 2 C 1 1657d 1657d
Fatal trap NUM: page fault while in kernel mode (3) -1 3 1543d 1557d
freebsd test error: lost connection to test machine (4) -1 896 1523d 1584d
panic: ASan: Invalid access, NUM-byte write at ADDR, StackMiddle(f2) 2 1 1558d 1558d
panic: ASan: Invalid access, NUM-byte read at ADDR, StackLeft(f1) 2 2 1566d 1576d
Fatal trap NUM: page fault in __mtx_lock_flags -1 2 1567d 1571d
freebsd build error (11) -1 1 1487d 1487d
panic: lock (sleep mutex) sctp-tcb not locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctputil.c:LINE (3) 2 1 1577d 1577d
panic: ASan: Invalid access, 4-byte read in sctp_timer_stop 2 27 1588d 1714d
panic: ASan: Invalid access, NUM-byte write in vn_read_from_obj 2 5 1588d 1631d
panic: ASan: Invalid access, NUM-byte read in sctp_ss_default_add 2 27 1588d 1641d
panic: ASan: Invalid access, NUM-byte read in sctp_free_assoc 2 3 1589d 1661d
panic: ASan: Invalid access, NUM-byte read in ip6_input 2 1 1591d 1591d
panic: ASan: Invalid access, NUM-byte read in witness_checkorder 2 3 1600d 1650d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (10) -1 2 1516d 1516d
SYZFAIL: tun: read failed (2) -1 19 1605d 1639d
panic: mtx_lock() of destroyed mutex at sys/netinet/sctp_output.c:LINE 2 1 1610d 1610d
panic: ASan: Invalid access, 8-byte read in callout_process 2 5 1614d 1713d
panic: ASan: Invalid access, NUM-byte write in devfs_get_cdevpriv 2 1 1615d 1615d
panic: ASan: Invalid access, NUM-byte read in __cap_rights_is_set 2 1 1621d 1621d
panic: prefix ADDR has referencing addresses 2 1 1622d 1622d
panic: strq ADDR not scheduled (2) 2 1 1625d 1625d
Fatal trap NUM: page fault in sctp_wakeup_the_read_socket -1 2 1626d 1642d
Fatal trap NUM: page fault in in6_unlink_ifa -1 1 1629d 1629d
Fatal trap NUM: page fault in pfi_kkif_update -1 1 1632d 1632d
Fatal trap NUM: general protection fault in pfi_kkif_update -1 1 1636d 1636d
panic: ASan: Invalid access, 4-byte read in sctp_gather_internal_ifa_flags 2 14 1642d 1713d
Fatal trap NUM: page fault in nd6_dad_timer -1 1 1642d 1642d
freebsd build error (10) -1 1 1558d 1558d
corrupted report (3) -1 3 1654d 1768d
panic: sctp_timer_start of type 5: inp = ADDR, stcb->sctp_ep ADDR 2 10 1663d 1715d
panic: ASan: Invalid access, 2-byte read in sctp_chunk_output 2 4 1664d 1708d
panic: ASan: Invalid access, 2-byte read in sctp_ss_fcfs_select 2 3 1669d 1697d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/i386/kernel/sys/netinet/sctputil.c:LINE (3) 2 7 1670d 1889d
panic: sctp_timeout_handler of type 5: inp = ADDR, stcb->sctp_ep ADDR 2 2 1671d 1702d
panic: ASan: Invalid access, NUM-byte read in sctp_ss_default_remove 2 1 1672d 1672d
panic: ASan: Invalid access, NUM-byte read in callout_cc_add 2 1 1678d 1678d
panic: ASan: Invalid access, NUM-byte read in smp_targeted_tlb_shootdown 2 2 1631d 1633d
panic: ASan: Invalid access, NUM-byte read in smp_masked_invlpg_range 2 C 1 1607d 1607d
panic: size_on_reasm_queue is 1412 2 1 1688d 1688d
freebsd test error: lost connection to test machine (3) -1 105 1660d 1713d
panic: ASan: Invalid access, 4-byte read at ADDR, RedZonePartial(3) 2 9 1707d 1717d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (9) -1 6 1625d 1627d
panic: 2 chunks left for stream 0. 2 1 1711d 1711d
panic: H:ADDR p_prev_slot:NUM not equal to p_cur_slot:NUM 2 15 1716d 1882d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_pcb.c:LINE 2 23 1718d 1973d
panic: ASan: Invalid access, 4-byte read at ADDR, UMAUseAfterFree(fd) 2 300 1688d 1717d
panic: _mtx_lock_sleep: recursed on non-recursive mutex sctp-create @ /syzkaller/managers/main/kernel/sys/netinet/sctp_p 2 1 1723d 1723d
panic: lock (sleep mutex) sctp-tcb not locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctputil.c:LINE (2) 2 2 1725d 1726d
Fatal trap 12: page fault in __mtx_assert (5) -1 7 1727d 1760d
panic: rsm:ADDR nrsm:ADDR rack:ADDR -- rsm->m is NULL? 2 C 25 1773d 1778d
panic: ASan: Invalid access, 4-byte read in in6_sin6_2_sin 2 C 8 1697d 1715d
panic: ASan: Invalid access, 4-byte read in sctp_connectx_helper_find 2 10 1714d 1714d
panic: Most recently used by in6_mfilter 2 3 1778d 1778d
panic: Most recently used by tcp_fsb 2 C 149 1778d 1778d
panic: rack_output: IP version incorrect: 0 2 C 31 1778d 1778d
panic: Most recently used by xform 2 C 115 1778d 1778d
Fatal trap 9: general protection fault in pfi_kkif_update -1 3 1738d 1780d
panic: _mtx_lock_sleep: recursed on non-recursive mutex sctp-tcb @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb. (2) 2 3 1739d 1788d
Fatal trap 12: page fault in sctp_add_to_readq -1 1 1739d 1739d
Fatal trap 12: page fault in in6_unlink_ifa (2) -1 syz 20 1725d 2112d
suppressed report -1 8 1676d 1813d
panic: ASan: Invalid access, 8-byte read at ADDR, UMAUseAfterFree(fd) 2 88 1715d 1717d
panic: ASan: Invalid access, 8-byte write at ADDR, UMAUseAfterFree(fd) 2 19 1715d 1716d
panic: size_on_reasm_queue is 1244 2 1 1746d 1746d
panic: H:ADDR p_prev_slot:LINE not equal to p_cur_slot:LINE 2 1 1751d 1751d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (8) -1 10 1681d 1854d
freebsd build error (8) -1 1 1714d 1713d
SYZFAIL: invalid kcov comp type -1 1443 1722d 1853d
panic: 1 chunks left for stream 0. 2 1 1758d 1758d
Fatal trap 9: general protection fault in sctp_ss_fb_clear -1 1 1766d 1766d
Fatal trap 12: page fault in callout_process (3) -1 1 1768d 1768d
Fatal trap 9: general protection fault in m_tag_locate -1 1 1773d 1773d
Fatal trap 12: page fault in sctp_inpcb_free -1 4 1791d 1891d
panic: mtx_unlock() of destroyed mutex at sys/netinet/sctp_usrreq.c:LINE 2 1 1792d 1792d
Fatal trap 12: page fault in exit1 -1 1 1806d 1806d
freebsd boot error: panic: ASan: Invalid access, 8-byte write at ADDR, MallocRedZone(fb) -1 18 1718d 1718d
freebsd build error (7) -1 2 1718d 1718d
Fatal trap 12: page fault in sctp_free_assoc -1 2 1814d 1869d
SYZFAIL: too much cover -1 2 1818d 1819d
freebsd build error (6) -1 6 1752d 1752d
panic: interrupts enabled 2 C 191 1753d 1753d
Fatal trap 12: page fault in sctp_is_vtag_good -1 1 1850d 1850d
panic: H:ADDR p_prev_slot:LINE not equal to p_cur_slot:NUM 2 1 1855d 1855d
Fatal trap 9: general protection fault in sctp_cmpaddr -1 13 1857d 1992d
Fatal trap 12: page fault in __mtx_assert (4) -1 2 1858d 1873d
panic: Memory modified after free ADDR(736) val=0 @ ADDR 2 21 1859d 1993d
SYZFAIL: output overflow -1 syz 38 1775d 1853d
SYZFAIL: tun: read failed -1 syz 1040 1772d 1853d
panic: sbflush_internal: ccc 0 mb 0 mbcnt 256 2 C 23 2467d 2558d
freebsd build error (5) -1 12 1849d 1878d
freebsd boot error: Fatal trap 12: page fault while in kernel mode -1 78 1794d 1795d
panic: _mtx_lock_sleep: recursed on non-recursive mutex sctp-create @ /syzkaller/managers/i386/kernel/sys/netinet/sctp_p 2 1 1866d 1866d
panic: Counter goes negative (2) 2 2 1870d 1891d
panic: lock (sleep mutex) sctp-tcb not locked @ /syzkaller/managers/i386/kernel/sys/netinet/sctputil.c:LINE 2 1 1875d 1875d
Fatal trap 9: general protection fault in sctp_chunk_output -1 17 1877d 1994d
freebsd test error: lost connection to test machine (2) -1 45 1789d 1789d
panic: Most recently used by sctp_stro 2 1 1885d 1885d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/i386/kernel/sys/kern/uipc_socket.c:LINE 2 1 1887d 1887d
panic: H:ADDR p_prev_slot:NUM not equal to p_cur_slot:ADDR 2 1 1890d 1890d
Fatal trap 12: page fault in sctp_ss_default_add -1 1 1895d 1895d
Fatal trap 9: general protection fault in sctp_is_vtag_good -1 2 1903d 1981d
panic: Assertion owner->td_proc->p_magic == P_MAGIC failed at /syzkaller/managers/i386/kernel/sys/kern/subr_turnstile.c: 2 3 1915d 1963d
Fatal trap 9: general protection fault in udp6_common_ctlinput (2) -1 1 1929d 1929d
panic: size_on_reasm_queue is 4 2 1 1935d 1935d
panic: _mtx_lock_sleep: recursed on non-recursive mutex sctp-tcb @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb. 2 3 1936d 1968d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (7) -1 8 1855d 1872d
Fatal trap 9: general protection fault in ck_epoch_poll_deferred (2) -1 4 1955d 2132d
Fatal trap 12: page fault in __mtx_assert (3) -1 3 1967d 2002d
panic: pfi_dynaddr_setup: non-NULL dyn 2 C 35 1908d 2149d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/i386/kernel/sys/netinet/sctputil.c:LINE (2) 2 2 1982d 1983d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/i386/kernel/sys/kern/uipc_ktls.c:LINE 2 C 6 1903d 2104d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (6) -1 34 1909d 2005d
Fatal trap 9: general protection fault in memcmp (2) -1 1 1953d 1953d
freebsd build error (4) -1 6 1898d 1928d
panic: Most recently used by kdtrace 2 5 1984d 1985d
panic: Flight size-express incorrect? 2 2 1988d 1991d
panic: sleepq_add: td ADDR to sleep on wchan ADDR with sleeping prohibited 2 C 6804 1980d 2018d
panic: pfi_kif_unref: ADDR has zero refs 2 C 2 1985d 1985d
panic: thread with borrowed priority returning to userland 2 syz 8 2108d 2142d
panic: tp:ADDR rc_sacked:LINE > out:LINE 2 C 185 2135d 2145d
panic: m_copydata, length > size of mbuf chain 2 C 93 2145d 2166d
panic: sbsndptr_noadv: sb_mb is NULL 2 C 686 2145d 2166d
panic: mtx_lock() of destroyed mutex at sys/kern/sys_socket.c:LINE 2 syz 43 2195d 2506d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/i386/kernel/sys/kern/sys_socket.c:LINE 2 syz 3 2229d 2244d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/main/kernel/sys/netinet/in_pcb.c:LINE 2 C 9 2249d 2249d
panic: _mtx_lock_sleep: recursed on non-recursive mutex rtentry @ /syzkaller/managers/main/kernel/sys/net/route.c:LINE 2 C 4 2295d 2482d
panic: mutex pcbinfohash not owned at /syzkaller/managers/i386/kernel/sys/netinet6/in6_pcb.c:LINE 2 syz 6 2324d 2324d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/main/kernel/sys/netinet6/in6_ifattach.c:LINE 2 syz 4 2345d 2347d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/i386/kernel/sys/netinet6/in6_ifattach.c:LINE (2) 2 syz 1 2347d 2347d
Fatal trap 12: page fault in thread_lock_validate -1 syz 1 2360d 2360d
panic: inp_leave_group: imf_sources not empty (2) 2 C 70 2466d 2499d
panic: non-kernel pmap pmap ADDR cpu 0 pcid 0 2 syz 1 2475d 2475d
panic: _mtx_lock_sleep: recursed on non-recursive mutex rtentry @ /syzkaller/managers/i386/kernel/sys/net/route.c:LINE 2 syz 1 2482d 2482d
panic: sbflush_internal: ccc 0 mb 0 mbcnt 512 2 syz 5 2482d 2540d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/main/kernel/sys/kern/sys_socket.c:LINE 2 syz 5 2495d 2506d
panic: Memory modified after free ADDR(256) val=0 @ ADDR 2 syz 6 2499d 2506d
panic: m_uiotombuf: progress != total 2 syz 2 2558d 2558d
panic: Bad tailq NEXT(ADDR->tqh_last) != NULL (2) 2 C 2194 1943d 2165d
panic: sx_try_xlock() of destroyed sx at sys/kern/uipc_sockbuf.c:LINE 2 8 2079d 2248d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/i386/kernel/sys/netinet/sctputil.c:LINE 2 1 2084d 2084d
corrupted report (2) -1 4 2090d 2122d
Fatal trap 12: page fault in tdq_notify -1 1 2096d 2096d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5) -1 2 2045d 2045d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 2 (2) -1 28 2013d 2015d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/main/kernel/sys/netinet/sctp_pcb.c:LINE 2 1 2115d 2115d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/main/kernel/sys/dev/hyperv/hvsock/hv_sock.c:LINE 2 2 2128d 2129d
panic: _mtx_lock_sleep: recursed on non-recursive mutex so_snd @ /syzkaller/managers/main/kernel/sys/kern/uipc_socket.c: 2 1 2129d 2129d
panic: size_on_all_streams smaller than control length 2 1 2133d 2133d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) -1 4 2045d 2045d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) -1 222 2051d 2376d
freebsd test error: lost connection to test machine -1 1269 2108d 2180d
freebsd build error (3) -1 13 2115d 2135d
Fatal trap 9: general protection fault in route_output -1 5 2154d 2155d
Fatal trap 9: general protection fault in fib4_lookup_nh_ext -1 4 2154d 2155d
Fatal trap 9: general protection fault in fib6_lookup_nh_basic -1 2 2154d 2155d
Fatal trap 9: general protection fault in pfi_kif_update -1 1 2155d 2155d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/main/kernel/sys/modules/tcp/rack/../../../netinet/tcp_stack 2 1 2161d 2161d
panic: refcount ADDR wraparound (2) 2 3883 2154d 2155d
Fatal trap 9: general protection fault in fib6_lookup -1 1494 2154d 2155d
Fatal trap 9: general protection fault in ip_output -1 624 2154d 2155d
Fatal trap 9: general protection fault in fib4_lookup -1 826 2154d 2155d
Fatal trap 9: general protection fault in nhop_free -1 110 2154d 2155d
Fatal trap 9: general protection fault while in kernel mode (2) -1 18 2154d 2155d
Fatal trap 9: general protection fault in sctp_source_address_selection -1 23 2154d 2155d
freebsd test error: timed out (3) -1 1 2205d 2205d
freebsd build error (2) -1 10 2234d 2290d
syzkaller: make host failed: failed to run ["gmake" "host" "ci"]: exit status 2 -1 2 2150d 2150d
panic: Memory modified after free ADDR(112) val=ADDR @ ADDR 2 1 2244d 2244d
panic: Bad link elm ADDR next->prev != elm (2) 2 1 2248d 2248d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/i386/kernel/sys/netinet/in_pcb.c:LINE 2 7 2248d 2249d
corrupted report -1 1 2249d 2249d
panic: uma_zalloc: Bucket pointer mangled. 2 1 2251d 2251d
panic: vm_page_free_prep: freeing wired page ADDR 2 C 2 2499d 2499d
freebsd boot error: Fatal trap 12: page fault in _thread_lock -1 1 2196d 2196d
Fatal trap 12: page fault in sctp_inpcb_bind -1 1 2280d 2280d
Fatal trap 9: general protection fault in ck_epoch_poll_deferred -1 1 2287d 2287d
Fatal trap 12: page fault in in6_unlink_ifa -1 1 2300d 2300d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/main/kernel/sys/netinet6/in6.c:LINE 2 1 2332d 2332d
freebsd test error: timed out (2) -1 3 2342d 2342d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/i386/kernel/sys/netinet6/in6.c:LINE 2 1 2351d 2351d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/main/kernel/sys/netinet/igmp.c:LINE 2 2 2354d 2354d
panic: uma: Freed item ADDR did not belong to zone mbuf_cluster 2 1 2359d 2359d
Fatal trap 12: page fault in callout_process -1 2 2361d 2475d
Fatal trap 12: page fault while in kernel mode (2) -1 2 2361d 2477d
panic: map ADDR end = ADDR, next->start = 0 2 1 2365d 2365d
Fatal trap 12: page fault in pmap_activate_sw -1 1 2382d 2382d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/main/kernel/sys/netinet/in_mcast.c:LINE 2 15 2354d 2354d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/i386/kernel/sys/netinet/in_mcast.c:LINE 2 21 2354d 2354d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/i386/kernel/sys/net/if.c:LINE 2 1669 2354d 2355d
freebsd boot error: panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/main/kernel/sys/net/if.c:LINE -1 24 2355d 2355d
panic: cap_rights_is_vset:LINE (2) 2 1 2395d 2395d
Fatal trap 9: general protection fault in udp6_common_ctlinput -1 1 2401d 2401d
freebsd build error -1 4 2404d 2404d
panic: pmap_growkernel: no memory to grow kernel 2 4 2494d 2514d
panic: Most recently used by temp 2 4 2503d 2507d
panic: Bad tailq NEXT(ADDR->tqh_last) != NULL 2 1 2508d 2508d
panic: Assertion lock == sq->sq_lock failed at /syzkaller/managers/main/kernel/sys/kern/subr_sleepqueue.c:LINE 2 1 2505d 2505d
panic: Duplicate free of ADDR from zone ADDR(16) slab ADDR(241) 2 1 2501d 2501d
Fatal trap 12: page fault in fifo_close -1 58 2493d 2505d
Fatal trap 12: page fault in __mtx_assert (2) -1 1 2501d 2501d
panic: pmap_demote_pde: firstpte and newpte map different physical addresses 2 2 2487d 2487d
panic: Bad link elm ADDR next->prev != elm 2 11 2496d 2514d
panic: Most recently used by ip6opt 2 3 2480d 2511d
Fatal trap 12: page fault in uma_dbg_free -1 1 2500d 2500d
Fatal trap 12: page fault in uma_dbg_alloc -1 1 2506d 2506d
Fatal trap 9: general protection fault in sys_nlm_syscall -1 2 2501d 2504d
panic: sctp: no chunks on the queues 2 188 2463d 2555d
Fatal trap 12: page fault in ip_output -1 2 2506d 2507d
Fatal trap 9: general protection fault in memcmp -1 23 2494d 2517d
Fatal trap 12: page fault in link_elf_search_symbol -1 5 2467d 2506d
Fatal trap 12: page fault in pmap_remove_pte -1 1 2494d 2494d
freebsd test error: timed out -1 14 2523d 2550d
Fatal trap 9: general protection fault in sbfree -1 2 2543d 2549d
Fatal trap 9: general protection fault in unp_gc -1 1 2557d 2557d
panic: sbready: sb ADDR NULL fnrdy 2 1 2559d 2559d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 2 -1 4 2541d 2542d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) -1 2 2485d 2485d
syzkaller: make target failed: failed to run ["gmake" "target"]: exit status 2 -1 4 2487d 2487d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 -1 1 2548d 2548d
lost connection to test machine -1 10 2562d 2562d