syzbot

 sign-in | mailing list | source | docs
🐞 Open [111]
🐞 Fixed [274]
🐞 Invalid [775]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Instances [tested repos]:
Name Last active Uptime Corpus Coverage 🛈 Crashes Execs Kernel build syzkaller build Bugs
Commit Config Freshness Status Commit Freshness Status All Only
ci-openbsd-main 31d broken 1511e544c213 .config 32d failing d7f584ee 1d07h all only
ci-openbsd-multicore 31d broken 1511e544c213 .config 32d failing d7f584ee 1d07h all only
ci-openbsd-setuid 31d broken 1511e544c213 .config 32d failing d7f584ee 1d07h all only
upstream (111):
Title Repro Cause bisect Fix bisect Count Last Reported Last activity
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (25) 6 4d16h 10d 4d12h
openbsd build error (22) 3 15d 23d 23d
openbsd test error: kernel: protection fault trap, code=NUM 19 24d 26d 26d
witness: lock_object uninitialized: ADDRxNUM 1 33d 33d 33d
uvm_fault: ffs2_balloc (5) 1 35d 35d 35d
assert "d->bd_in_uiomove == NUM" failed in bpf.c (2) 1 35d 35d 35d
protection_fault: mtx_enter 1 36d 36d 36d
panic: semexit - semid not allocated 1 36d 36d 36d
assert "ps->ps_uvncount == NUM" failed: filepanic: kernel diagnostic assertion "((flags & PGO_LOCKED) != NUM && rw_lock_ 1 38d 38d 38d
witness: pmap_unwire: wiring for pmap ADDR va ADDR didn't change! 2 44d 45d 45d
SYZFAIL: coverage filter is full (2) 3488 45d 46d 46d
protection_fault: klist_invalidate 1 46d 46d 46d
panic: thread -ADDR p_stat is -NUM 2 44d 47d 47d
assert "va >= entry->start" failed in uvm_fault.c 50 32d 48d 48d
panic: kernel diagnostic assertion "va >= entry->start" failed: file "/syzkaller/managers/setuid/kernel/sys/uvm/uvm_faul 1 48d 48d 48d
uvm_fault: rtrequest (3) 2 38d 51d 51d
panic: kernel diagnostic assertion "ps->ps_uvncount == NUM" failed: file " 1 53d 53d 53d
uvm_fault: spec_getattr 1 54d 54d 54d
panic: trap type NUM, code=NUM, pc=eaa29 1 55d 55d 55d
SYZFAIL: tun_id out of range (3) 253765 31d 58d 58d
panic: kernel diagnostic assertion "nlevel >= IPL_NONE" failed: 1 61d 61d 61d
panic: mutex 0xffffWAfRd8N0I7NeG:b7 8S8PL1 NUM noNtO T heLOlWd EiREnD m tOxN SY_SlCeaALL v7e5 NUM 1 61d 61d 61d
panic: kernel diagnostic assertion "map->limit == rtmap_limit" f 1 62d 62d 62d
SYZFAIL: failed to recv rpc (3) 536 33d 65d 65d
panic: kernel diagnostic assert 3 50d 67d 67d
malloc: free list modified: proc 1 71d 71d 71d
panic: Non dma-reachable buffer at curaddr ADDR(raw) (3) 4 40d 73d 73d
uvm_fault: lf_advlock 1 75d 75d 75d
assert "rdomain == rtable_l2(rdomain)" failed in route.c 2 46d 78d 78d
panic: kernel diagnostic assertion "uvm_page_owner_locked_p(pg)" failed 1 79d 79d 79d
assert "pr->ps_threadcnt == NUM" failed in kern_exit.c 1 80d 80d 80d
witness: lock_obwitness_checkordwitness_checkordrw_enter_write(ADDR)rw_enter_write+0unveil_delete_naunveil_delete_naunve 1 81d 81d 81d
uvm_fault: uao_detach 2 83d 86d 86d
panic: ffs_blkfree: freeing free frag 1 87d 87d 87d
assert "kd_lookup(kd->kd_unit) == NULL" failed in kcov.c 2 54d 92d 92d
panic: thread NUM p_stat is NUM (2) 3 33d 98d 98d
panic: pledge_namei: ni_pledge 2 57d 100d 100d
uvm_fault: unveil_add_vnode (2) 12 32d 113d 113d
kernel: protection fault trap, code=NUM (7) 6 67d 117d 117d
panic: malloc: allocation too large, type = NUM, size = ADDR (2) 126 31d 121d 121d
multicore build error (19) 9 1d04h 123d 123d
protection_fault: __x86_indirect_thunk_r11 (3) 9 73d 125d 125d
SYZFAIL: too much cover 9 34d 125d 125d
pool: free list modified: shmpl (5) 43 34d 126d 126d
witness: reversal: sbufsnd inode 4 62d 128d 128d
protection_fault: reaper 7 76d 130d 130d
SYZFAIL: SIGBUS 947 33d 136d 136d
panic: softclock: invalid to_clock: ADDR (2) 4 66d 138d 138d
panic: assertwaitok: non-zero mutex count: NUM (2) 178 31d 152d 152d
panic: missing alias (5) 42 38d 152d 152d
SYZFAIL: posix_spawn failed 131 35d 152d 152d
SYZFAIL: failed to mkdtemp 25983 31d 160d 160d
SYZFAIL: failed to mkdir 3854 31d 160d 160d
SYZFAIL: pipe failed 13 31d 160d 160d
assert "map->limit == rtmap_limit" failed in rtable.c 77 31d 162d 162d
SYZFAIL: tun: can't open device (4) 8 62d 164d 164d
witness: reversal: lock order data missing (4) 57671 31d 164d 164d
SYZFAIL: ioctl remote attach failed (5) 3214 31d 164d 164d
SYZFAIL: too many calls in output 57 31d 164d 164d
SYZFAIL: failed to send rpc 8408 31d 165d 165d
can't ssh into the instance 588 32d 214d 186d
assert "rw_write_held(uobj->vmobjlock)" failed in uvm_vnode.c 11 37d 221d 221d
pool: free list modified: pdppl (4) 8 60d 237d 237d
uvm_fault: arp_rtrequest (2) 18 76d 249d 249d
uvm_fault: proc_trampoline 6 86d 258d 258d
uvm_fault: witness_checkorder (5) 7 37d 272d 272d
pool: free list modified: rttmr 10 43d 275d 275d
protection_fault: lf_advlock (4) C 4 44d 277d 277d
assert "((flags & PGO_LOCKED) != NUM && rw_lock_held(uobj->vmobjlock)) || (flags & PGO_LOCKED) == NUM" failed in uvm_vno (4) 10 61d 283d 283d
panic: softclock: invalid to_clock: NUM 14 70d 293d 293d
panic: softclock: invalid to_clock: -ADDR 22 62d 296d 296d
protection_fault: sys_semop C 14 31d 297d 297d
assert "ps->ps_uvncount == NUM" failed in kern_unveil.c (4) C 10600 17d 302d 267d
assert "sc->sc_dev == NUM" failed in if_tun.c (5) 358 32d 303d 303d
assert "cifp != NULL" failed in route.c (3) 203 44d 310d 310d
assert "pg->wire_count == NUM" failed in vfs_biomem.c (3) 1384 33d 358d 358d
uvm_fault: pmap_page_remove (5) 16 68d 378d 378d
panic: acquiring blockable sleep lock with spinlock or critical section held (rwlock) vmmaplk (3) 168 38d 424d 424d
uvm_fault: ktrops (2) C 62 18d 450d 450d
uvm_fault: db_enter (5) 368 31d 467d 467d
uvm_fault: schedclock syz 11 107d 476d 298d
kernel: page fault trap, code=NUM (3) C 73 52d 506d 263d
malloc: free list modified: free (4) C 17 32d 527d 527d
panic: trap type NUM, code=NUM, pc=NUM (3) 210 43d 557d 557d
witness: lock_object uninitialized: ADDR (3) C 5212 17d 630d 488d
uvm_fault: hardclock (5) syz 4 507d 659d 659d
panic: ufsdirhash_lookup: bad offset in hash array (3) C 79 9d05h 670d 376d
protection_fault: sys_msgrcv (2) C 46 33d 801d 557d
uvm_fault: memcpy (5) C 20 54d 805d 805d
assert "uvn->u_obj.uo_refs == NUM" failed in uvm_vnode.c (2) syz 2 809d 809d 809d
panic: pmap_unwire: invalid PDE syz 6 220d 863d 805d
no output from test machine (8) C 510285 3d13h 872d 868d
uvm_fault: ffs_indirtrunc C 4 628d 916d 916d
witness: reversal: vmmaplk inode (3) C 1050 17d 948d 898d
SYZFATAL: executor NUM failed NUM times: executor NUM: exit status NUM syz 175427 9d20h 971d 971d
panic: bad dir (3) C 101 38d 977d 805d
panic: uvm_fault_unwire_locked: address not in map (4) C 516 18d 993d 974d
uvm_fault: ufs_lookup C 84 97d 1072d 424d
kernel: double fault trap, code=NUM (2) C 34 129d 1072d 1024d
panic: trap type NUM, code=NUM, pc=ADDR (2) 511 32d 1079d 1079d
protection_fault: ktrops C 259 133d 1082d 1062d
protection_fault: sblock syz 38 906d 1086d 1085d
assert "uvm_page_owner_locked_p(pg)" failed in uvm_page.c 6746 32d 1090d 1090d
uvm_fault: fifo_write (2) C 3430 108d 1093d 778d
SYZFAIL: tun: read failed syz 78301 17d 1111d 1079d
corrupted report (6) 2268 31d 1190d 1190d
uvm_fault: memset C 78 53d 1231d 1231d
SYZFAIL: command failed syz 12802 18d 1399d 1081d
suppressed report 335741 31d 1399d 1388d
panic: ufs_rename: lost dir entry C 114 24d 1773d 1011d
lost connection to test machine (2) 850741 5d01h 2189d never