|
uvm_fault: uao_detach
|
|
|
|
1 |
2d09h |
2d09h
|
2d09h |
|
panic: ffs_blkfree: freeing free frag
|
|
|
|
1 |
3d14h |
3d14h
|
3d14h |
|
panic: pfi_attach_ifnet: pfi_kif_get failed
|
|
|
|
1 |
6d05h |
6d05h
|
6d05h |
|
assert "kd_lookup(kd->kd_unit) == NULL" failed in kcov.c
|
|
|
|
1 |
7d20h |
7d20h
|
7d20h |
|
panic: pool_do_get: shmpl free list modified: page ADDR; item addr ADDR; offset 0x0=0x0 != ADDR
|
|
|
|
1 |
8d16h |
8d16h
|
8d16h |
|
protection_fault: in6_addmulti (3)
|
|
|
|
1 |
10d |
10d
|
10d |
|
witness: lock_object uninitializwitness_checkorder(ADDRwitness_checkordrw_enter_write(frw_enter_write+0unveil_delete_nau
|
|
|
|
1 |
13d |
13d
|
13d |
|
uvm_fault: ufsdirhash_findfree
|
|
|
|
1 |
13d |
13d
|
13d |
|
panic: ffs2_balloc: unwind failed
|
|
|
|
1 |
14d |
14d
|
14d |
|
panic: thread NUM p_stat is NUM (2)
|
|
|
|
1 |
14d |
14d
|
14d |
|
uvm_fault: ffs_alloccg
|
|
|
|
1 |
14d |
14d
|
14d |
|
uvm_fault: ffs_nodealloccg (2)
|
|
|
|
2 |
14d |
15d
|
15d |
|
uvm_fault: ffs_fragextend
|
|
|
|
2 |
15d |
15d
|
15d |
|
uvm_fault: ffs_blkfree
|
|
|
|
6 |
14d |
15d
|
15d |
|
panic: pledge_namei: ni_pledge
|
|
|
|
1 |
15d |
15d
|
15d |
|
uvm_fault: ufs_direnter (3)
|
|
|
|
3 |
13d |
15d
|
15d |
|
uvm_fault: ffs_freefile
|
|
|
|
2 |
14d |
16d
|
16d |
|
protection_fault: icmp_mtudisc_timeout (2)
|
|
|
|
1 |
17d |
17d
|
17d |
|
panic: trap type NUM, code=NUM, pc=e9779
|
|
|
|
83 |
3h40m |
17d
|
17d |
|
panic: trap type NUM, code=NUM, pc=e94f9
|
|
|
|
4 |
18d |
18d
|
18d |
|
protection_fault: witness_checkorder (4)
|
|
|
|
1 |
19d |
19d
|
19d |
|
assert "uvm_page_owner_locked_p(pg)" failed in managers/multicore/kernel/sys/uvm/uvm_page.c
|
|
|
|
1 |
20d |
20d
|
20d |
|
panic: malloc: out of space in kmem_map (3)
|
|
|
|
1 |
21d |
21d
|
21d |
|
panic: ffs_freefile: freeing free inode (2)
|
|
|
|
1 |
23d |
23d
|
23d |
|
uvm_fault: ffs2_balloc (4)
|
|
|
|
17 |
13d |
24d
|
24d |
|
panic: trap type NUM, code=NUM, pc=e9509
|
|
|
|
36 |
19d |
25d
|
25d |
|
uvm_fault: softclock (5)
|
|
|
|
1 |
26d |
26d
|
26d |
|
uvm_fault: unveil_add_vnode (2)
|
|
|
|
4 |
3d06h |
29d
|
29d |
|
panic: trap type NUM, code=NUM, pc=e9439
|
|
|
|
1 |
30d |
30d
|
30d |
|
kernel: protection fault trap, code=NUM (7)
|
|
|
|
5 |
14d |
33d
|
33d |
|
panic: ffs_valloc: dup alloc (2)
|
|
|
|
47 |
3d14h |
34d
|
34d |
|
pool: double put: shmpl
|
|
|
|
2 |
26d |
35d
|
35d |
|
panic: malloc: allocation too large, type = NUM, size = ADDR (2)
|
|
|
|
5 |
16d |
37d
|
37d |
|
multicore build error (19)
|
|
|
|
2 |
3h06m |
39d
|
39d |
|
protection_fault: __x86_indirect_thunk_r11 (3)
|
|
|
|
3 |
2d13h |
41d
|
41d |
|
SYZFAIL: too much cover
|
|
|
|
2 |
23d |
41d
|
41d |
|
pool: free list modified: shmpl (5)
|
|
|
|
13 |
21h59m |
42d
|
42d |
|
panic: trap type NUM, code=NUM, pc=e9429
|
|
|
|
27 |
32d |
42d
|
42d |
|
witness: reversal: sbufsnd inode
|
|
|
|
3 |
43d |
43d
|
43d |
|
panic: trap type NUM, code=NUM, pc=e8fb9
|
|
|
|
3 |
43d |
44d
|
44d |
|
assert "start >= vm_map_min(map) && end <= vm_map_max(map)" failed in uvm_fault.c
|
|
|
|
1 |
46d |
46d
|
46d |
|
protection_fault: reaper
|
|
|
|
4 |
23d |
46d
|
46d |
|
panic: vpaopni_cg:en keerrinecl_b daidaogpn
|
|
|
|
1 |
46d |
46d
|
46d |
|
pool: free list modified: inpcb (3)
|
|
|
|
1 |
50d |
50d
|
50d |
|
SYZFAIL: SIGBUS
|
|
|
|
666 |
1h07m |
51d
|
51d |
|
witness: reversal: sbufrcv inode
|
|
|
|
2 |
51d |
52d
|
52d |
|
protection_fault: fill_file (4)
|
|
|
|
1 |
52d |
52d
|
52d |
|
protection_fault: done_flush (3)
|
|
|
|
5 |
39d |
52d
|
52d |
|
panic: pmap_remove_ptes: managed page without PG_PVLIST: va ADDR, opte ADDR (2)
|
|
|
|
1 |
53d |
53d
|
53d |
|
panic: softclock: invalid to_clock: ADDR (2)
|
|
|
|
2 |
1d19h |
54d
|
54d |
|
panic: trap type NUM, code=NUM, pc=e8f59
|
|
|
|
1 |
54d |
54d
|
54d |
|
panic: free: size too small NUM <= NUM / NUM (ADDR) type shm
|
|
|
|
2 |
7d05h |
57d
|
57d |
|
panic: pmap_remove_pte: unmanaged page marked PG_PVLIST: va ADDR, opte ADDR
|
|
|
|
1 |
58d |
58d
|
58d |
|
openbsd test error: lost connection to test machine (3)
|
|
|
|
1 |
59d |
59d
|
59d |
|
uvm_fault: dopselect
|
|
|
|
1 |
60d |
60d
|
60d |
|
panic: pr_find_pagehead: pdppl: incorrect page (2)
|
|
|
|
1 |
61d |
61d
|
61d |
|
panic: trap type NUM, code=NUM, pc=e88b9
|
|
|
|
4 |
61d |
64d
|
64d |
|
panic: curcpu->ci_proc_pmap didn't point to previous pmap
|
|
|
|
1 |
64d |
64d
|
64d |
|
uvm_fault: savectx (2)
|
|
|
|
20 |
1d05h |
64d
|
64d |
|
panic: vput: ref cnt (2)
|
|
|
|
1 |
65d |
65d
|
65d |
|
panic: trap type NUM, code=NUM, pc=e7069
|
|
|
|
2 |
66d |
66d
|
66d |
|
SYZFAIL: ShmemBuilder: too large output offset
|
|
|
|
1 |
66d |
66d
|
66d |
|
panic: assertwaitok: non-zero mutex count: NUM (2)
|
|
|
|
96 |
1d18h |
68d
|
68d |
|
panic: missing alias (5)
|
|
|
|
20 |
1d19h |
68d
|
68d |
|
assert "kq->kq_nknotes == NUM" failed in kern_event.c
|
|
|
|
1 |
68d |
68d
|
68d |
|
SYZFAIL: posix_spawn failed
|
|
|
|
56 |
9h12m |
68d
|
68d |
|
panic: pmap_unwire: wiring for pmap ADDR va ADDR didn't change!
|
|
|
|
1 |
70d |
70d
|
70d |
|
panic: uvm_faulWtARN_IuNGn:w irSeP_Ll oNckOT ed:L OaWdEREdreD OsNs SnYoSCt AiLnL map7
|
|
|
|
1 |
70d |
70d
|
70d |
|
panic: pool_do_get: rtentry: page empty
|
|
|
|
1 |
75d |
75d
|
75d |
|
SYZFAIL: failed to mkdtemp
|
|
|
|
18045 |
55m |
75d
|
75d |
|
SYZFAIL: failed to mkdir
|
|
|
|
2622 |
53m |
75d
|
75d |
|
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va ADDR, opte 0x3edff
|
|
|
|
1 |
76d |
76d
|
76d |
|
SYZFAIL: pipe failed
|
|
|
|
3 |
24d |
76d
|
76d |
|
assert "kn->kn_kq == kq" failed in kern_event.c
|
|
|
|
1 |
77d |
77d
|
77d |
|
uvm_fault: vm_terminate
|
|
|
|
4 |
39d |
77d
|
77d |
|
SYZFAIL: repeatedly failed to execute the program
|
|
|
|
8 |
14d |
77d
|
77d |
|
panic: vput: null vp
|
|
|
|
1 |
77d |
77d
|
77d |
|
assert "map->limit == rtmap_limit" failed in rtable.c
|
|
|
|
35 |
10h53m |
78d
|
78d |
|
SYZFAIL: coverage filter is full
|
|
|
|
383316 |
31d |
78d
|
78d |
|
witness: denied attempt to set clock forward to ADDR
|
|
|
|
1 |
79d |
79d
|
79d |
|
SYZFAIL: SIGSEGV
|
|
|
|
10 |
20d |
79d
|
79d |
|
panic: trap type NUM, code=NUM, pc=e6d89
|
|
|
|
1 |
79d |
79d
|
79d |
|
SYZFAIL: tun: can't open device (4)
|
|
|
|
6 |
22d |
79d
|
79d |
|
witness: reversal: lock order data missing (4)
|
|
|
|
25003 |
now |
79d
|
79d |
|
panic: trap type NUM, code=NUM, pc=e6d59
|
|
|
|
1 |
80d |
80d
|
80d |
|
SYZFAIL: ioctl remote attach failed (5)
|
|
|
|
140 |
12h37m |
80d
|
80d |
|
SYZFAIL: too many calls in output
|
|
|
|
41 |
1d12h |
80d
|
80d |
|
openbsd test error: SYZFAIL: failed to recv rpc
|
|
|
|
81 |
29d |
80d
|
80d |
|
SYZFAIL: failed to send rpc
|
|
|
|
3344 |
7m |
80d
|
80d |
|
multicore test error: SYZFAIL: setsid failed
|
|
|
|
8 |
81d |
81d
|
81d |
|
openbsd test error: no output from test machine
|
|
|
|
89 |
29d |
82d
|
82d |
|
multicore test error: SYZFAIL: failed to recv rpc
|
|
|
|
6300 |
1h04m |
82d
|
82d |
|
multicore test error: no output from test machine (3)
|
|
|
|
31 |
33d |
82d
|
82d |
|
panic: kernel diagnostic assertion "dupe == NULL" failed: file "/syzkaller/managers/multicore/kernel/sys/uvm/uvm_page.c"
|
|
|
|
2 |
64d |
94d
|
94d |
|
pool: free list modified: pmappl
|
|
|
|
3 |
38d |
124d
|
124d |
|
openbsd build error (21)
|
|
|
|
114 |
1d21h |
129d
|
129d |
|
can't ssh into the instance
|
|
|
|
460 |
6h28m |
129d
|
102d |
|
protection_fault: nd6_timer
|
|
|
|
8 |
41d |
130d
|
130d |
|
panic: vwakeup: neg numoutput
|
|
|
|
2 |
52d |
132d
|
132d |
|
panic: inconsistent bufpage counts
|
|
|
|
3 |
33d |
135d
|
135d |
|
uvm_fault: rw_enter (3)
|
|
|
|
2 |
60d |
137d
|
137d |
|
assert "rw_write_held(uobj->vmobjlock)" failed in uvm_vnode.c
|
|
|
|
3 |
60d |
137d
|
137d |
|
panic: ffs_blkfree: bad size (4)
|
|
|
|
5 |
43d |
141d
|
141d |
|
pool: free list modified: pdppl (4)
|
|
|
|
7 |
62d |
153d
|
153d |
|
panic: vrele: ref cnt
|
|
|
|
4 |
37d |
160d
|
160d |
|
assert "pmap->pm_type != PMAP_TYPE_EPT" failed in pmap.c (3)
|
|
|
|
8 |
34d |
161d
|
161d |
|
assert "!ISSET(rt->rt_flags, RTF_LOCAL)" failed in nd6.c (3)
|
|
|
|
4 |
35d |
162d
|
162d |
|
uvm_fault: VOP_LOCK (2)
|
|
|
|
5 |
76d |
165d
|
165d |
|
uvm_fault: arp_rtrequest (2)
|
|
|
|
17 |
2d02h |
165d
|
165d |
|
pool: cpu free list modified: mbufpl (4)
|
|
|
|
5 |
46d |
166d
|
166d |
|
uvm_fault: pool_do_get (3)
|
|
|
|
2 |
78d |
166d
|
166d |
|
panic: ifa_update_broadaddr does not support dynamic length (3)
|
|
|
|
35 |
13d |
166d
|
166d |
|
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va ADDR, opte 0x3efff
|
|
|
|
11 |
34d |
166d
|
166d |
|
panic: vref used where vget required (4)
|
|
|
|
9 |
47d |
171d
|
171d |
|
uvm_fault: checkalias
|
|
|
|
8 |
46d |
172d
|
172d |
|
uvm_fault: proc_trampoline
|
|
|
|
6 |
2d13h |
174d
|
174d |
|
uvm_fault: witness_checkorder (5)
|
|
|
|
6 |
1d16h |
187d
|
187d |
|
pool: free list modified: rttmr
|
|
|
|
8 |
23d |
190d
|
190d |
|
protection_fault: lf_advlock (4)
|
C |
|
|
2 |
39d |
193d
|
193d |
|
assert "((flags & PGO_LOCKED) != NUM && rw_lock_held(uobj->vmobjlock)) || (flags & PGO_LOCKED) == NUM" failed in uvm_vno (4)
|
|
|
|
9 |
4d08h |
199d
|
199d |
|
assert "nlevel >= IPL_NONE" failed in intr.c (2)
|
|
|
|
48 |
17h45m |
207d
|
207d |
|
panic: softclock: invalid to_clock: NUM
|
|
|
|
12 |
58d |
209d
|
209d |
|
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va ADDR, opte ADDR (4)
|
|
|
|
65 |
35d |
209d
|
209d |
|
panic: softclock: invalid to_clock: -ADDR
|
|
|
|
20 |
9d03h |
211d
|
211d |
|
protection_fault: sys_semop
|
C |
|
|
2 |
58d |
212d
|
212d |
|
assert "ps->ps_uvncount == NUM" failed in kern_unveil.c (4)
|
C |
|
|
3843 |
29m |
217d
|
183d |
|
assert "sc->sc_dev == NUM" failed in if_tun.c (5)
|
|
|
|
352 |
3d09h |
218d
|
218d |
|
uvm_fault: db_read_bytes
|
|
|
|
70 |
12h16m |
221d
|
221d |
|
assert "cifp != NULL" failed in route.c (3)
|
|
|
|
152 |
6h26m |
226d
|
226d |
|
uvm_fault: pool_gc_pages (2)
|
|
|
|
9 |
37d |
226d
|
226d |
|
assert "ISSET(bp->b_flags, B_BC)" failed in vfs_bio.c
|
|
|
|
8 |
79d |
243d
|
243d |
|
assert "pg->wire_count == NUM" failed in vfs_biomem.c (3)
|
|
|
|
936 |
5h31m |
274d
|
274d |
|
uvm_fault: pmap_page_remove (5)
|
|
|
|
14 |
10h22m |
294d
|
294d |
|
uvm_fault: km_free (2)
|
|
|
|
10 |
48d |
296d
|
296d |
|
assert "dupe == NULL" failed in uvm_page.c (4)
|
|
|
|
209 |
27d |
323d
|
323d |
|
panic: acquiring blockable sleep lock with spinlock or critical section held (rwlock) vmmaplk (3)
|
|
|
|
118 |
1d22h |
340d
|
340d |
|
uvm_fault: ktrops (2)
|
C |
|
|
28 |
1d12h |
365d
|
365d |
|
uvm_fault: db_enter (5)
|
|
|
|
208 |
5h35m |
383d
|
383d |
|
uvm_fault: schedclock
|
syz |
|
|
11 |
23d |
391d
|
214d |
|
kernel: page fault trap, code=NUM (3)
|
C |
|
|
69 |
4d05h |
422d
|
179d |
|
malloc: free list modified: free (4)
|
C |
|
|
16 |
25d |
443d
|
442d |
|
panic: trap type NUM, code=NUM, pc=NUM (3)
|
|
|
|
187 |
5h53m |
472d
|
472d |
|
witness: lock_object uninitialized: ADDR (3)
|
C |
|
|
2513 |
15m |
546d
|
404d |
|
uvm_fault: hardclock (5)
|
syz |
|
|
4 |
423d |
575d
|
575d |
|
panic: ufsdirhash_lookup: bad offset in hash array (3)
|
C |
|
|
79 |
25d |
586d
|
292d |
|
protection_fault: sys_msgrcv (2)
|
C |
|
|
31 |
146d |
716d
|
473d |
|
uvm_fault: memcpy (5)
|
C |
|
|
20 |
13d |
721d
|
721d |
|
assert "uvn->u_obj.uo_refs == NUM" failed in uvm_vnode.c (2)
|
syz |
|
|
2 |
724d |
724d
|
724d |
|
protection_fault: pool_do_put (2)
|
syz |
|
|
36 |
49d |
745d
|
422d |
|
panic: vop_generic_badop (2)
|
|
|
|
91 |
24d |
755d
|
755d |
|
panic: pmap_unwire: invalid PDE
|
syz |
|
|
6 |
135d |
779d
|
720d |
|
no output from test machine (8)
|
C |
|
|
467368 |
now |
788d
|
784d |
|
uvm_fault: ffs_indirtrunc
|
C |
|
|
4 |
544d |
832d
|
832d |
|
witness: reversal: vmmaplk inode (3)
|
C |
|
|
780 |
9h32m |
864d
|
814d |
|
SYZFATAL: executor NUM failed NUM times: executor NUM: exit status NUM
|
syz |
|
|
175427 |
9d14h |
887d
|
887d |
|
panic: bad dir (3)
|
C |
|
|
36 |
37d |
893d
|
721d |
|
panic: uvm_fault_unwire_locked: address not in map (4)
|
C |
|
|
330 |
32m |
908d
|
890d |
|
uvm_fault: x86_ipi_db (8)
|
|
|
|
293 |
9h58m |
952d
|
952d |
|
uvm_fault: ufs_lookup
|
C |
|
|
84 |
13d |
988d
|
340d |
|
kernel: double fault trap, code=NUM (2)
|
C |
|
|
34 |
45d |
988d
|
940d |
|
panic: trap type NUM, code=NUM, pc=ADDR (2)
|
|
|
|
440 |
1d07h |
995d
|
995d |
|
protection_fault: ktrops
|
C |
|
|
259 |
49d |
998d
|
978d |
|
protection_fault: sblock
|
syz |
|
|
38 |
822d |
1001d
|
1001d |
|
assert "uvm_page_owner_locked_p(pg)" failed in uvm_page.c
|
|
|
|
4963 |
now |
1006d
|
1006d |
|
uvm_fault: fifo_write (2)
|
C |
|
|
3430 |
23d |
1009d
|
694d |
|
SYZFAIL: tun: read failed
|
syz |
|
|
55227 |
now |
1026d
|
995d |
|
corrupted report (6)
|
|
|
|
1988 |
1h47m |
1106d
|
1106d |
|
uvm_fault: memset
|
C |
|
|
76 |
9d11h |
1147d
|
1147d |
|
SYZFAIL: command failed
|
syz |
|
|
8530 |
now |
1314d
|
997d |
|
suppressed report
|
|
|
|
334003 |
51m |
1315d
|
1304d |
|
panic: ufs_rename: lost dir entry
|
C |
|
|
94 |
6h19m |
1688d
|
926d |
|
lost connection to test machine (2)
|
|
|
|
846642 |
34m |
2105d
|
never |