syzbot

Instances [tested repos]:
Name	Last active	Execs	Kernel build				syzkaller build			Bugs
			Commit	Config	Freshness	Status	Commit	Freshness	Status	All	Only
ci-openbsd-main	1d02h	broken	1511e544c213	.config	1d14h		4b25d554	20h41m		all	only
ci-openbsd-multicore	1d02h	broken	1511e544c213	.config	1d14h		4b25d554	20h41m		all	only
ci-openbsd-setuid	1d02h	broken	1511e544c213	.config	1d14h		4b25d554	20h41m		all	only

upstream (144):
Title	Repro	Count	Last	Reported	Last activity
witness: lock_object uninitialized: ADDRxNUM		1	2d23h	2d23h	2d23h
uvm_fault: ffs2_balloc (5)		1	4d21h	4d21h	4d21h
assert "d->bd_in_uiomove == NUM" failed in bpf.c (2)		1	4d21h	4d21h	4d21h
protection_fault: mtx_enter		1	5d12h	5d12h	5d12h
panic: semexit - semid not allocated		1	5d13h	5d13h	5d13h
assert "ps->ps_uvncount == NUM" failed: filepanic: kernel diagnostic assertion "((flags & PGO_LOCKED) != NUM && rw_lock_		1	8d09h	8d09h	8d09h
witness: pmap_unwire: wiring for pmap ADDR va ADDR didn't change!		2	14d	15d	15d
SYZFAIL: coverage filter is full (2)		3488	15d	15d	15d
protection_fault: klist_invalidate		1	16d	16d	16d
panic: thread -ADDR p_stat is -NUM		2	14d	17d	17d
assert "va >= entry->start" failed in uvm_fault.c		50	1d15h	17d	17d
panic: kernel diagnostic assertion "va >= entry->start" failed: file "/syzkaller/managers/setuid/kernel/sys/uvm/uvm_faul		1	18d	18d	18d
uvm_fault: rtrequest (3)		2	7d17h	21d	21d
panic: kernel diagnostic assertion "ps->ps_uvncount == NUM" failed: file "		1	23d	23d	23d
uvm_fault: spec_getattr		1	23d	23d	23d
panic: trap type NUM, code=NUM, pc=eaa29		1	25d	25d	25d
SYZFAIL: tun_id out of range (3)		253765	1d02h	27d	27d
panic: kernel diagnostic assertion "nlevel >= IPL_NONE" failed:		1	30d	30d	30d
panic: mutex 0xffffWAfRd8N0I7NeG:b7 8S8PL1 NUM noNtO T heLOlWd EiREnD m tOxN SY_SlCeaALL v7e5 NUM		1	31d	31d	31d
panic: mutex ADDR not held in mtx_leave		1190	31d	31d	31d
panic: kernel diagnostic assertion "map->limit == rtmap_limit" f		1	32d	32d	32d
panic: kernel diagnostic assertion "ps->ps_uvncount == NUM" faile		96	29d	33d	33d
panic: kernel diagnostic assertion "pg->wire_count == NUM" failed		20	29d	33d	33d
SYZFAIL: failed to recv rpc (3)		536	3d02h	35d	35d
panic: kernel diagnostic assert		3	20d	36d	36d
malloc: free list modified: proc		1	40d	40d	40d
panic: Non dma-reachable buffer at curaddr ADDR(raw) (3)		4	10d	43d	43d
uvm_fault: lf_advlock		1	44d	44d	44d
assert "rdomain == rtable_l2(rdomain)" failed in route.c		2	15d	47d	47d
panic: kernel diagnostic assertion "uvm_page_owner_locked_p(pg)" failed		1	48d	48d	48d
assert "pr->ps_threadcnt == NUM" failed in kern_exit.c		1	50d	50d	50d
witness: lock_obwitness_checkordwitness_checkordrw_enter_write(ADDR)rw_enter_write+0unveil_delete_naunveil_delete_naunve		1	50d	50d	50d
uvm_fault: uao_detach		2	53d	56d	56d
panic: ffs_blkfree: freeing free frag		1	57d	57d	57d
panic: pfi_attach_ifnet: pfi_kif_get failed		1	59d	59d	59d
assert "kd_lookup(kd->kd_unit) == NULL" failed in kcov.c		2	24d	61d	61d
panic: pool_do_get: shmpl free list modified: page ADDR; item addr ADDR; offset 0x0=0x0 != ADDR		1	62d	62d	62d
protection_fault: in6_addmulti (3)		1	64d	64d	64d
witness: lock_object uninitializwitness_checkorder(ADDRwitness_checkordrw_enter_write(frw_enter_write+0unveil_delete_nau		1	66d	66d	66d
uvm_fault: ufsdirhash_findfree		1	67d	67d	67d
panic: ffs2_balloc: unwind failed		1	67d	67d	67d
panic: thread NUM p_stat is NUM (2)		3	3d02h	68d	68d
uvm_fault: ffs_alloccg		1	68d	68d	68d
uvm_fault: ffs_nodealloccg (2)		2	68d	69d	69d
uvm_fault: ffs_fragextend		2	68d	69d	69d
uvm_fault: ffs_blkfree		6	68d	69d	69d
panic: pledge_namei: ni_pledge		2	27d	69d	69d
uvm_fault: ufs_direnter (3)		3	67d	69d	69d
uvm_fault: ffs_freefile		2	68d	69d	69d
protection_fault: icmp_mtudisc_timeout (2)		1	71d	71d	71d
panic: trap type NUM, code=NUM, pc=e9779		133	41d	71d	71d
panic: trap type NUM, code=NUM, pc=e94f9		4	71d	72d	72d
protection_fault: witness_checkorder (4)		1	73d	73d	73d
assert "uvm_page_owner_locked_p(pg)" failed in managers/multicore/kernel/sys/uvm/uvm_page.c		1	73d	73d	73d
panic: malloc: out of space in kmem_map (3)		1	75d	75d	75d
panic: ffs_freefile: freeing free inode (2)		1	76d	76d	76d
uvm_fault: softclock (5)		1	80d	80d	80d
uvm_fault: unveil_add_vnode (2)		12	1d13h	83d	83d
panic: trap type NUM, code=NUM, pc=e9439		1	83d	83d	83d
kernel: protection fault trap, code=NUM (7)		6	36d	87d	87d
panic: malloc: allocation too large, type = NUM, size = ADDR (2)		126	1d03h	90d	90d
multicore build error (19)		5	3d20h	93d	93d
protection_fault: __x86_indirect_thunk_r11 (3)		9	42d	95d	95d
SYZFAIL: too much cover		9	3d22h	95d	95d
pool: free list modified: shmpl (5)		43	3d13h	95d	95d
witness: reversal: sbufsnd inode		4	31d	97d	97d
protection_fault: reaper		7	46d	100d	100d
SYZFAIL: SIGBUS		947	3d05h	105d	105d
panic: softclock: invalid to_clock: ADDR (2)		4	35d	107d	107d
panic: free: size too small NUM <= NUM / NUM (ADDR) type shm		2	60d	111d	111d
uvm_fault: savectx (2)		33	31d	118d	118d
panic: assertwaitok: non-zero mutex count: NUM (2)		178	1d02h	122d	122d
panic: missing alias (5)		42	7d17h	122d	122d
SYZFAIL: posix_spawn failed		131	4d12h	122d	122d
SYZFAIL: failed to mkdtemp		25983	1d02h	129d	129d
SYZFAIL: failed to mkdir		3854	1d03h	129d	129d
SYZFAIL: pipe failed		13	1d09h	130d	130d
SYZFAIL: repeatedly failed to execute the program		8	67d	131d	131d
assert "map->limit == rtmap_limit" failed in rtable.c		77	1d06h	131d	131d
SYZFAIL: SIGSEGV		10	74d	133d	133d
SYZFAIL: tun: can't open device (4)		8	31d	133d	133d
witness: reversal: lock order data missing (4)		57671	1d02h	133d	133d
SYZFAIL: ioctl remote attach failed (5)		3214	1d02h	134d	134d
SYZFAIL: too many calls in output		57	1d06h	134d	134d
SYZFAIL: failed to send rpc		8408	1d02h	134d	134d
can't ssh into the instance		588	2d01h	183d	155d
panic: inconsistent bufpage counts		3	86d	189d	189d
assert "rw_write_held(uobj->vmobjlock)" failed in uvm_vnode.c		11	6d22h	191d	191d
pool: free list modified: pdppl (4)		8	29d	206d	206d
assert "pmap->pm_type != PMAP_TYPE_EPT" failed in pmap.c (3)		8	88d	215d	215d
assert "!ISSET(rt->rt_flags, RTF_LOCAL)" failed in nd6.c (3)		4	89d	216d	216d
uvm_fault: arp_rtrequest (2)		18	46d	219d	219d
panic: ifa_update_broadaddr does not support dynamic length (3)		37	50d	219d	219d
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va ADDR, opte 0x3efff		11	88d	220d	220d
uvm_fault: proc_trampoline		6	56d	228d	228d
uvm_fault: witness_checkorder (5)		7	7d07h	241d	241d
pool: free list modified: rttmr		10	13d	244d	244d
protection_fault: lf_advlock (4)	C	4	13d	247d	247d
assert "((flags & PGO_LOCKED) != NUM && rw_lock_held(uobj->vmobjlock)) \|\| (flags & PGO_LOCKED) == NUM" failed in uvm_vno (4)		10	31d	252d	252d
panic: softclock: invalid to_clock: NUM		14	39d	263d	263d
panic: softclock: invalid to_clock: -ADDR		22	31d	265d	265d
protection_fault: sys_semop	C	14	1d08h	266d	266d
assert "ps->ps_uvncount == NUM" failed in kern_unveil.c (4)	C	10600	1d02h	271d	237d
assert "sc->sc_dev == NUM" failed in if_tun.c (5)		358	1d22h	272d	272d
uvm_fault: db_read_bytes		94	41d	275d	275d
assert "cifp != NULL" failed in route.c (3)		203	13d	280d	280d
assert "pg->wire_count == NUM" failed in vfs_biomem.c (3)		1384	2d21h	328d	328d
uvm_fault: pmap_page_remove (5)		16	37d	347d	347d
panic: acquiring blockable sleep lock with spinlock or critical section held (rwlock) vmmaplk (3)		168	7d19h	394d	394d
uvm_fault: ktrops (2)	C	62	1d14h	419d	419d
uvm_fault: db_enter (5)		368	1d08h	437d	437d
uvm_fault: schedclock	syz	11	77d	445d	268d
kernel: page fault trap, code=NUM (3)	C	73	22d	475d	233d
malloc: free list modified: free (4)	C	17	1d12h	497d	496d
panic: trap type NUM, code=NUM, pc=NUM (3)		210	13d	526d	526d
witness: lock_object uninitialized: ADDR (3)	C	5212	1d02h	600d	458d
uvm_fault: hardclock (5)	syz	4	476d	629d	628d
panic: ufsdirhash_lookup: bad offset in hash array (3)	C	79	9d07h	640d	345d
protection_fault: sys_msgrcv (2)	C	46	2d12h	770d	527d
uvm_fault: memcpy (5)	C	20	24d	774d	774d
assert "uvn->u_obj.uo_refs == NUM" failed in uvm_vnode.c (2)	syz	2	778d	778d	778d
panic: vop_generic_badop (2)		91	77d	809d	809d
panic: pmap_unwire: invalid PDE	syz	6	189d	832d	774d
no output from test machine (8)	C	510285	1d02h	841d	838d
uvm_fault: ffs_indirtrunc	C	4	597d	885d	885d
witness: reversal: vmmaplk inode (3)	C	1050	1d02h	917d	868d
SYZFATAL: executor NUM failed NUM times: executor NUM: exit status NUM	syz	175427	7d07h	940d	940d
panic: bad dir (3)	C	101	8d01h	947d	774d
panic: uvm_fault_unwire_locked: address not in map (4)	C	516	1d13h	962d	943d
uvm_fault: x86_ipi_db (8)		330	21d	1006d	1006d
uvm_fault: ufs_lookup	C	84	67d	1042d	394d
kernel: double fault trap, code=NUM (2)	C	34	99d	1042d	993d
panic: trap type NUM, code=NUM, pc=ADDR (2)		511	2d07h	1048d	1048d
protection_fault: ktrops	C	259	103d	1052d	1032d
protection_fault: sblock	syz	38	876d	1055d	1055d
assert "uvm_page_owner_locked_p(pg)" failed in uvm_page.c		6746	1d11h	1060d	1060d
uvm_fault: fifo_write (2)	C	3430	77d	1063d	747d
SYZFAIL: tun: read failed	syz	78301	1d02h	1080d	1048d
corrupted report (6)		2268	1d02h	1159d	1159d
uvm_fault: memset	C	78	22d	1201d	1201d
SYZFAIL: command failed	syz	12802	2d01h	1368d	1051d
suppressed report		335741	1d02h	1368d	1358d
panic: ufs_rename: lost dir entry	C	114	7d17h	1742d	980d
lost connection to test machine (2)		850731	1d02h	2159d	never