syzbot

 sign-in | mailing list | source | docs
🐞 Open [116]
🐞 Fixed [290]
🐞 Invalid [887]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Instances [tested repos]:
Name Last active Uptime Corpus Coverage 🛈 Crashes Execs Kernel build syzkaller build Bugs
Commit Config Freshness Status Commit Freshness Status All Only
ci-openbsd-main now 9h27m 7972 45101 1834 3205260 db91578bce12 .config 22h42m 32a0e5ed 2d05h all only
ci-openbsd-multicore now 9h36m 8046 47534 1690 5339971 db91578bce12 .config 22h42m 32a0e5ed 2d05h all only
ci-openbsd-setuid now 9h19m 4611 30022 5113 1501872 db91578bce12 .config 22h42m 32a0e5ed 2d05h all only
upstream (116):
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Last activity
panic: pool_p_free: rttmr free list modified: page ADDR; item addr ADDR; offset 0x10=ADDR 2 1 2d10h 2d10h 2d10h
assert "atomic_load_int(&fdp->fd_nuserevents) == NUM" failed in kern_descrip.c -1 2 21h24m 2d18h 2d18h
panic: softclock: invalid to_clock: -ADDR (3) 2 1 7d10h 7d10h 7d10h
protection_fault: sysctl_doproc -1 1 8d23h 8d23h 8d23h
uvm_fault: dt_ioctl_record_stop (2) -1 153 15m 9d16h 9d16h
uvm_fault: putc (2) -1 1 20d 20d 20d
panic: unhandled af (5) 2 1 21d 21d 21d
assert "cifp != NULL" failed in route.c (5) -1 2 21d 23d 23d
protection_fault: icmp_mtudisc_timeout (4) -1 4 8d07h 24d 24d
syzkaller: make host failed: failed to run ["gmake" "host" "ci"]: exit status 2 (5) -1 117 12d 27d 27d
panic: trap type NUM, code=NUM, pc=bd4f9 (2) 2 3 8d18h 29d 29d
panic: softclock: invalid to_clock: ADDR (4) 2 1 30d 30d 30d
uvm_fault: pmap_page_remove (6) -1 1 30d 30d 30d
SYZFAIL: open of /dev/kcov failed (2) -1 42 3d00h 31d 31d
protection_fault: pf_anchor_global_RB_REMOVE (2) -1 1 39d 39d 39d
assert "d->bd_in_uiomove == NUM" failed in bpf.c (4) -1 1 42d 42d 42d
panic: kernel diagnostic assertion "refs != ~NUM" failed: file "/syzkaller/managers/multicore/kernel/sys/kern/kern_synch 2 1 43d 43d 43d
uvm_fault: sys_shmat -1 1 43d 43d 43d
uvm_fault: _copyin -1 5 1d22h 46d 46d
SYZFAIL: tun: can't open device (6) -1 31 8d07h 49d 49d
protection_fault: mtx_enter (2) -1 1 52d 52d 52d
assert "(LIST_NEXT(inp, inp_lhash) == NULL) || (LIST_NEXT(inp, inp_lhash) == _Q_INVALID)" failed in in_pcb.c -1 1 58d 58d 58d
assert "!ISSET(inp->inp_flags, INP_IPV6)" failed in in_pcb.c -1 2 58d 58d 58d
protection_fault: in_pcbhash_lookup -1 3 58d 58d 58d
witness: reversal: sbufsnd inode (3) -1 4 16d 60d 60d
protection_fault: in6_addmulti (4) -1 1 62d 62d 62d
assert "next != NULL && next->start <= entry->end" failed in uvm_fault.c (5) -1 3 8d15h 82d 82d
witness: userret: mlockall -1 2 83d 84d 84d
uvm_fault: witness_checkorder (6) -1 25 3d10h 85d 85d
witness: reversal: &sched_lock &cq->cq_mtx -1 3 51d 87d 87d
assert "uvm_page_owner_locked_p(pg, TRUE)" failed in uvm_page.c (2) -1 2 43d 88d 88d
assert "kd_lookup(kd->kd_unit) == NULL" failed in kcov.c (3) -1 2 57d 88d 88d
SYZFAIL: dup2(NUM, kInPipeFd) failed (2) -1 2 68d 90d 90d
assert "rn != NULL" failed in pipex.c -1 14 10h21m 92d 92d
uvm_fault: mtx_enter_try -1 6 35d 95d 95d
uvm_fault: _copyinstr -1 13 6d16h 99d 99d
assert "(sih->sih_state & SIS_RESTART) == NUM" failed in kern_softintr.c -1 2 43d 102d 102d
openbsd build error (23) -1 9 80d 102d 102d
protection_fault: __x86_indirect_thunk_r11 (4) -1 4 50d 103d 103d
SYZFAIL: can't reallocate -1 4 59d 104d 104d
SYZFAIL: invalid kcov comp type -1 6 60d 106d 106d
witness: reversal: &cq->cq_mtx &sched_lock -1 27 14h49m 110d 110d
uvm_fault: copyout -1 194 20h23m 110d 110d
panic: vrele: v_writecount != NUM 2 2 62d 115d 115d
multicore test error: SYZFATAL: image testing failed w/o kernel bug (2) -1 2 33d 116d 116d
uvm_fault: mtx_enter -1 35 11h55m 121d 121d
panic: uvm_fault_unwire_locked: address not in map (5) 2 34 1d07h 130d 130d
panic: mtx ADDR: locking against myself (2) 2 331 3h18m 152d 152d
assert "info->rti_ifa->ifa_ifp != NULL" failed in route.c -1 12 65d 154d 154d
panic: chgproccnt: procs < NUM 2 4 53d 169d 169d
uvm_fault: savectx (3) -1 100 3h46m 171d 171d
SYZFAIL: repeatedly failed to execute the program (2) -1 7 12d 172d 172d
panic: trap type NUM, code=NUM, pc=NUM (4) 2 9 7d08h 172d 172d
SYZFAIL: coverage filter is full (3) -1 439542 5d07h 173d 173d
protection_fault: bpfdetach -1 27 1d22h 175d 175d
uvm_fault: x86_ipi_db (9) -1 168 12h49m 176d 176d
SYZFAIL: SIGBUS (2) -1 34 1d00h 179d 179d
assert "rdomain == rtable_l2(rdomain)" failed in route.c (2) -1 5 2d05h 181d 181d
assert "sc->sc_dev == NUM" failed in if_tun.c (6) -1 35 1d05h 181d 181d
witness: reversal: fdlock inode -1 4 54d 181d 181d
witness: reversal: sbufrcv inode (2) -1 11 17d 182d 182d
assert "refs != ~NUM" failed in kern_synch.c -1 351 2h30m 183d 183d
SYZFAIL: too many calls in output (2) -1 55 9d02h 184d 184d
kernel: protection fault trap, code=NUM (8) -1 8 72d 184d 184d
SYZFAIL: posix_spawnp failed -1 364 6h06m 184d 184d
assert "map->limit == rtmap_limit" failed in rtable.c (2) -1 121 4h33m 184d 184d
uvm_fault: proc_trampoline (2) -1 85 8h43m 185d 185d
protection_fault: witness_checkorder (5) -1 6 9d03h 185d 185d
panic: pledge_namei: ni_pledge (2) 2 4 7d22h 185d 185d
uvm_fault: arp_rtrequest (3) -1 257 1d11h 186d 186d
protection_fault: copyout -1 7 33d 186d 186d
pool: free list modified: shmpl (6) -1 355 16h18m 187d 187d
uvm_fault: db_enter (6) -1 418 1d01h 187d 187d
can't ssh into the instance (2) -1 29176 5m 187d 187d
suppressed report (2) -1 8093 27m 187d 187d
panic: missing alias (6) 2 276 1h53m 187d 187d
SYZFAIL: failed to recv rpc (4) -1 725 45m 187d 187d
panic: trap type NUM, code=NUM, pc=ADDR (3) 2 278 1d05h 187d 187d
corrupted report (7) -1 3195 15m 188d 188d
witness: reversal: lock order data missing (5) -1 125918 now 188d 188d
SYZFAIL: ioctl remote attach failed (6) -1 23774 5m 188d 188d
SYZFAIL: failed to mkdtemp (2) -1 24614 now 188d 188d
SYZFAIL: failed to send rpc (2) -1 14937 now 188d 188d
SYZFAIL: tun_id out of range (4) -1 1336047 now 188d 188d
SYZFAIL: failed to mkdir (2) -1 2375 5m 188d 188d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (25) -1 78 3d06h 242d 236d
SYZFAIL: too much cover -1 191 15h45m 357d 357d
SYZFAIL: pipe failed -1 54 1d01h 392d 392d
pool: free list modified: rttmr -1 63 15h05m 506d 506d
protection_fault: lf_advlock (4) -1 C 18 6d07h 509d 509d
protection_fault: sys_semop -1 C 103 3d09h 528d 528d
uvm_fault: ktrops (2) -1 C 156 1d21h 681d 681d
uvm_fault: schedclock -1 syz 11 339d 707d 530d
kernel: page fault trap, code=NUM (3) -1 C 87 8h14m 737d 495d
malloc: free list modified: free (4) -1 C 22 3d02h 759d 758d
uvm_fault: hardclock (5) -1 syz 4 738d 891d 891d
panic: ufsdirhash_lookup: bad offset in hash array (3) 2 C 79 30d 902d 607d
protection_fault: sys_msgrcv (2) -1 C 144 8h42m 1032d 789d
uvm_fault: memcpy (5) -1 C 34 1d01h 1036d 1036d
assert "uvn->u_obj.uo_refs == NUM" failed in uvm_vnode.c (2) -1 syz 2 1040d 1040d 1040d
panic: pmap_unwire: invalid PDE 2 syz 6 451d 1094d 1036d
no output from test machine (8) -1 C 657700 now 1104d 1100d
uvm_fault: ffs_indirtrunc -1 C 5 119d 1148d 1148d
witness: reversal: vmmaplk inode (3) -1 C 1060 32d 1180d 1130d
SYZFATAL: executor NUM failed NUM times: executor NUM: exit status NUM -1 syz 175427 5d22h 1202d 1202d
panic: bad dir (3) 2 C 179 4h09m 1209d 1037d
uvm_fault: ufs_lookup -1 C 93 54d 1304d 656d
kernel: double fault trap, code=NUM (2) -1 C 34 361d 1304d 1255d
protection_fault: ktrops -1 C 259 365d 1314d 1294d
protection_fault: sblock -1 syz 38 1138d 1317d 1317d
uvm_fault: fifo_write (2) -1 C 3430 339d 1325d 1010d
SYZFAIL: tun: read failed -1 syz 265511 now 1342d 1311d
uvm_fault: memset -1 C 86 62d 1463d 1463d
SYZFAIL: command failed -1 syz 13443 2h05m 1630d 1313d
panic: ufs_rename: lost dir entry 2 C 122 17d 2004d 1242d
lost connection to test machine (2) -1 866301 40m 2421d never