|
pool: free list modified: pdppl (4)
|
|
|
|
8 |
91d |
268d
|
|
panic: kernel diagnostic assertion "nlevel >= IPL_NONE" failed:
|
|
|
|
1 |
92d |
92d
|
|
panic: mutex 0xffffWAfRd8N0I7NeG:b7 8S8PL1 NUM noNtO T heLOlWd EiREnD m tOxN SY_SlCeaALL v7e5 NUM
|
|
|
|
1 |
92d |
92d
|
|
assert "((flags & PGO_LOCKED) != NUM && rw_lock_held(uobj->vmobjlock)) || (flags & PGO_LOCKED) == NUM" failed in uvm_vno (4)
|
|
|
|
10 |
93d |
314d
|
|
panic: softclock: invalid to_clock: -ADDR
|
|
|
|
22 |
93d |
327d
|
|
witness: reversal: sbufsnd inode
|
|
|
|
4 |
93d |
159d
|
|
SYZFAIL: tun: can't open device (4)
|
|
|
|
8 |
93d |
195d
|
|
panic: kernel diagnostic assertion "map->limit == rtmap_limit" f
|
|
|
|
1 |
94d |
94d
|
|
openbsd test error: kernel: protection fault trap, code=NUM
|
|
|
|
19 |
55d |
57d
|
|
panic: softclock: invalid to_clock: ADDR (2)
|
|
|
|
4 |
97d |
169d
|
|
kernel: protection fault trap, code=NUM (7)
|
|
|
|
6 |
98d |
148d
|
|
uvm_fault: pmap_page_remove (5)
|
|
|
|
16 |
99d |
409d
|
|
panic: softclock: invalid to_clock: NUM
|
|
|
|
14 |
101d |
325d
|
|
malloc: free list modified: proc
|
|
|
|
1 |
102d |
102d
|
|
SYZFAIL: tun_id out of range (3)
|
|
|
|
253765 |
62d |
89d
|
|
witness: reversal: lock order data missing (4)
|
|
|
|
57671 |
62d |
195d
|
|
SYZFAIL: failed to send rpc
|
|
|
|
8408 |
62d |
196d
|
|
SYZFAIL: ioctl remote attach failed (5)
|
|
|
|
3214 |
62d |
195d
|
|
SYZFAIL: failed to mkdtemp
|
|
|
|
25983 |
62d |
191d
|
|
suppressed report
|
|
|
|
335741 |
62d |
1430d
|
|
panic: assertwaitok: non-zero mutex count: NUM (2)
|
|
|
|
178 |
62d |
184d
|
|
corrupted report (6)
|
|
|
|
2268 |
62d |
1221d
|
|
SYZFAIL: failed to mkdir
|
|
|
|
3854 |
63d |
191d
|
|
panic: malloc: allocation too large, type = NUM, size = ADDR (2)
|
|
|
|
126 |
63d |
152d
|
|
SYZFAIL: too many calls in output
|
|
|
|
57 |
63d |
196d
|
|
assert "map->limit == rtmap_limit" failed in rtable.c
|
|
|
|
77 |
63d |
193d
|
|
uvm_fault: db_enter (5)
|
|
|
|
368 |
63d |
499d
|
|
assert "uvm_page_owner_locked_p(pg)" failed in uvm_page.c
|
|
|
|
6746 |
63d |
1122d
|
|
assert "va >= entry->start" failed in uvm_fault.c
|
|
|
|
50 |
63d |
79d
|
|
assert "sc->sc_dev == NUM" failed in if_tun.c (5)
|
|
|
|
358 |
63d |
334d
|
|
can't ssh into the instance
|
|
|
|
588 |
63d |
245d
|
|
panic: trap type NUM, code=NUM, pc=ADDR (2)
|
|
|
|
511 |
64d |
1110d
|
|
protection_fault: __x86_indirect_thunk_r11 (3)
|
|
|
|
9 |
104d |
157d
|
|
assert "pg->wire_count == NUM" failed in vfs_biomem.c (3)
|
|
|
|
1384 |
64d |
389d
|
|
SYZFAIL: failed to recv rpc (3)
|
|
|
|
536 |
64d |
97d
|
|
SYZFAIL: SIGBUS
|
|
|
|
947 |
65d |
167d
|
|
pool: free list modified: shmpl (5)
|
|
|
|
43 |
65d |
157d
|
|
SYZFAIL: posix_spawn failed
|
|
|
|
131 |
66d |
184d
|
|
uvm_fault: lf_advlock
|
|
|
|
1 |
106d |
106d
|
|
uvm_fault: arp_rtrequest (2)
|
|
|
|
18 |
107d |
281d
|
|
protection_fault: reaper
|
|
|
|
7 |
108d |
162d
|
|
panic: missing alias (5)
|
|
|
|
42 |
69d |
184d
|
|
panic: acquiring blockable sleep lock with spinlock or critical section held (rwlock) vmmaplk (3)
|
|
|
|
168 |
69d |
456d
|
|
panic: kernel diagnostic assertion "uvm_page_owner_locked_p(pg)" failed
|
|
|
|
1 |
110d |
110d
|
|
assert "pr->ps_threadcnt == NUM" failed in kern_exit.c
|
|
|
|
1 |
111d |
111d
|
|
witness: lock_obwitness_checkordwitness_checkordrw_enter_write(ADDR)rw_enter_write+0unveil_delete_naunveil_delete_naunve
|
|
|
|
1 |
112d |
112d
|
|
panic: trap type NUM, code=NUM, pc=NUM (3)
|
|
|
|
210 |
75d |
588d
|
|
uvm_fault: uao_detach
|
|
|
|
2 |
115d |
117d
|
|
assert "cifp != NULL" failed in route.c (3)
|
|
|
|
203 |
75d |
342d
|
|
SYZFAIL: coverage filter is full (2)
|
|
|
|
3488 |
76d |
77d
|
|
uvm_fault: proc_trampoline
|
|
|
|
6 |
118d |
290d
|
|
panic: ffs_blkfree: freeing free frag
|
|
|
|
1 |
119d |
119d
|
|
panic: pfi_attach_ifnet: pfi_kif_get failed
|
|
|
|
1 |
121d |
121d
|
|
panic: free: size too small NUM <= NUM / NUM (ADDR) type shm
|
|
|
|
2 |
122d |
173d
|
|
uvm_fault: x86_ipi_db (8)
|
|
|
|
330 |
83d |
1068d
|
|
panic: pool_do_get: shmpl free list modified: page ADDR; item addr ADDR; offset 0x0=0x0 != ADDR
|
|
|
|
1 |
124d |
124d
|
|
protection_fault: in6_addmulti (3)
|
|
|
|
1 |
126d |
126d
|
|
witness: lock_object uninitializwitness_checkorder(ADDRwitness_checkordrw_enter_write(frw_enter_write+0unveil_delete_nau
|
|
|
|
1 |
128d |
128d
|
|
uvm_fault: ufsdirhash_findfree
|
|
|
|
1 |
128d |
128d
|
|
uvm_fault: ufs_direnter (3)
|
|
|
|
3 |
129d |
131d
|
|
SYZFAIL: repeatedly failed to execute the program
|
|
|
|
8 |
129d |
193d
|
|
panic: ffs2_balloc: unwind failed
|
|
|
|
1 |
129d |
129d
|
|
uvm_fault: ffs_blkfree
|
|
|
|
6 |
129d |
131d
|
|
uvm_fault: ffs_freefile
|
|
|
|
2 |
129d |
131d
|
|
uvm_fault: ffs_alloccg
|
|
|
|
1 |
130d |
130d
|
|
uvm_fault: ffs_nodealloccg (2)
|
|
|
|
2 |
130d |
131d
|
|
uvm_fault: ffs_fragextend
|
|
|
|
2 |
130d |
131d
|
|
panic: kernel diagnostic assertion "ps->ps_uvncount == NUM" faile
|
|
|
|
96 |
91d |
95d
|
|
panic: kernel diagnostic assertion "pg->wire_count == NUM" failed
|
|
|
|
20 |
91d |
95d
|
|
panic: mutex ADDR not held in mtx_leave
|
|
|
|
1190 |
92d |
93d
|
|
uvm_fault: savectx (2)
|
|
|
|
33 |
93d |
180d
|
|
protection_fault: icmp_mtudisc_timeout (2)
|
|
|
|
1 |
133d |
133d
|
|
panic: trap type NUM, code=NUM, pc=e94f9
|
|
|
|
4 |
133d |
134d
|
|
protection_fault: witness_checkorder (4)
|
|
|
|
1 |
134d |
134d
|
|
assert "uvm_page_owner_locked_p(pg)" failed in managers/multicore/kernel/sys/uvm/uvm_page.c
|
|
|
|
1 |
135d |
135d
|
|
SYZFAIL: SIGSEGV
|
|
|
|
10 |
135d |
195d
|
|
panic: ifa_update_broadaddr does not support dynamic length (3)
|
|
|
|
37 |
112d |
281d
|
|
panic: malloc: out of space in kmem_map (3)
|
|
|
|
1 |
137d |
137d
|
|
panic: ffs_freefile: freeing free inode (2)
|
|
|
|
1 |
138d |
138d
|
|
panic: vop_generic_badop (2)
|
|
|
|
91 |
139d |
871d
|
|
uvm_fault: softclock (5)
|
|
|
|
1 |
142d |
142d
|
|
uvm_fault: db_read_bytes
|
|
|
|
94 |
103d |
336d
|
|
panic: trap type NUM, code=NUM, pc=e9779
|
|
|
|
133 |
103d |
133d
|
|
panic: trap type NUM, code=NUM, pc=e9439
|
|
|
|
1 |
145d |
145d
|
|
panic: inconsistent bufpage counts
|
|
|
|
3 |
148d |
250d
|
|
assert "pmap->pm_type != PMAP_TYPE_EPT" failed in pmap.c (3)
|
|
|
|
8 |
149d |
277d
|
|
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va ADDR, opte 0x3efff
|
|
|
|
11 |
150d |
282d
|
|
assert "!ISSET(rt->rt_flags, RTF_LOCAL)" failed in nd6.c (3)
|
|
|
|
4 |
150d |
278d
|
|
panic: vrele: ref cnt
|
|
|
|
4 |
152d |
275d
|
|
uvm_fault: pool_gc_pages (2)
|
|
|
|
9 |
153d |
342d
|
|
pool: free list modified: pmappl
|
|
|
|
3 |
153d |
240d
|
|
protection_fault: done_flush (3)
|
|
|
|
5 |
154d |
168d
|
|
uvm_fault: vm_terminate
|
|
|
|
4 |
155d |
192d
|
|
openbsd build error (21)
|
|
|
|
114 |
117d |
244d
|
|
protection_fault: nd6_timer
|
|
|
|
8 |
157d |
245d
|
|
panic: ffs_blkfree: bad size (4)
|
|
|
|
5 |
158d |
257d
|
|
panic: ffs_valloc: dup alloc (2)
|
|
|
|
47 |
119d |
149d
|
|
panic: trap type NUM, code=NUM, pc=e8fb9
|
|
|
|
3 |
159d |
159d
|
|
assert "start >= vm_map_min(map) && end <= vm_map_max(map)" failed in uvm_fault.c
|
|
|
|
1 |
161d |
161d
|
|
panic: vpaopni_cg:en keerrinecl_b daidaogpn
|
|
|
|
1 |
162d |
162d
|
|
uvm_fault: checkalias
|
|
|
|
8 |
162d |
287d
|
|
pool: cpu free list modified: mbufpl (4)
|
|
|
|
5 |
162d |
281d
|
|
panic: vref used where vget required (4)
|
|
|
|
9 |
163d |
286d
|
|
uvm_fault: km_free (2)
|
|
|
|
10 |
164d |
411d
|
|
protection_fault: pool_do_put (2)
|
syz |
|
|
36 |
165d |
860d
|
|
pool: free list modified: inpcb (3)
|
|
|
|
1 |
165d |
165d
|
|
witness: reversal: sbufrcv inode
|
|
|
|
2 |
166d |
167d
|
|
protection_fault: fill_file (4)
|
|
|
|
1 |
167d |
167d
|
|
panic: vwakeup: neg numoutput
|
|
|
|
2 |
167d |
248d
|
|
uvm_fault: ffs2_balloc (4)
|
|
|
|
17 |
129d |
140d
|
|
panic: pmap_remove_ptes: managed page without PG_PVLIST: va ADDR, opte ADDR (2)
|
|
|
|
1 |
169d |
169d
|
|
panic: trap type NUM, code=NUM, pc=e8f59
|
|
|
|
1 |
169d |
169d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (24)
|
|
|
|
3 |
83d |
83d
|
|
panic: pmap_remove_pte: unmanaged page marked PG_PVLIST: va ADDR, opte ADDR
|
|
|
|
1 |
174d |
174d
|
|
panic: trap type NUM, code=NUM, pc=e9509
|
|
|
|
36 |
134d |
141d
|
|
openbsd test error: lost connection to test machine (3)
|
|
|
|
1 |
174d |
174d
|
|
uvm_fault: rw_enter (3)
|
|
|
|
2 |
175d |
252d
|
|
uvm_fault: dopselect
|
|
|
|
1 |
176d |
176d
|
|
panic: trap type NUM, code=NUM, pc=e88b9
|
|
|
|
4 |
176d |
179d
|
|
panic: pr_find_pagehead: pdppl: incorrect page (2)
|
|
|
|
1 |
177d |
177d
|
|
panic: kernel diagnostic assertion "dupe == NULL" failed: file "/syzkaller/managers/multicore/kernel/sys/uvm/uvm_page.c"
|
|
|
|
2 |
180d |
210d
|
|
panic: curcpu->ci_proc_pmap didn't point to previous pmap
|
|
|
|
1 |
180d |
180d
|
|
panic: vput: ref cnt (2)
|
|
|
|
1 |
181d |
181d
|
|
panic: trap type NUM, code=NUM, pc=e7069
|
|
|
|
2 |
182d |
182d
|
|
SYZFAIL: ShmemBuilder: too large output offset
|
|
|
|
1 |
182d |
182d
|
|
assert "dupe == NULL" failed in uvm_page.c (4)
|
|
|
|
209 |
142d |
439d
|
|
assert "kq->kq_nknotes == NUM" failed in kern_event.c
|
|
|
|
1 |
184d |
184d
|
|
openbsd test error: SYZFAIL: failed to recv rpc
|
|
|
|
81 |
145d |
196d
|
|
openbsd test error: no output from test machine
|
|
|
|
89 |
145d |
197d
|
|
panic: pmap_unwire: wiring for pmap ADDR va ADDR didn't change!
|
|
|
|
1 |
185d |
185d
|
|
panic: uvm_faulWtARN_IuNGn:w irSeP_Ll oNckOT ed:L OaWdEREdreD OsNs SnYoSCt AiLnL map7
|
|
|
|
1 |
186d |
186d
|
|
SYZFAIL: coverage filter is full
|
|
|
|
383316 |
146d |
194d
|
|
SYZFAIL: failed to recv rpc (2)
|
|
|
|
14 |
97d |
97d
|
|
multicore test error: SYZFAIL: failed to recv rpc
|
|
|
|
29 |
147d |
197d
|
|
panic: trap type NUM, code=NUM, pc=e9429
|
|
|
|
27 |
147d |
157d
|
|
multicore test error: no output from test machine (3)
|
|
|
|
31 |
148d |
197d
|
|
panic: pool_do_get: rtentry: page empty
|
|
|
|
1 |
190d |
190d
|
|
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va ADDR, opte ADDR (4)
|
|
|
|
65 |
151d |
325d
|
|
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va ADDR, opte 0x3edff
|
|
|
|
1 |
191d |
191d
|
|
uvm_fault: VOP_LOCK (2)
|
|
|
|
5 |
192d |
280d
|
|
assert "kn->kn_kq == kq" failed in kern_event.c
|
|
|
|
1 |
192d |
192d
|
|
panic: vput: null vp
|
|
|
|
1 |
193d |
193d
|
|
uvm_fault: pool_do_get (3)
|
|
|
|
2 |
194d |
281d
|
|
witness: denied attempt to set clock forward to ADDR
|
|
|
|
1 |
194d |
194d
|
|
assert "ISSET(bp->b_flags, B_BC)" failed in vfs_bio.c
|
|
|
|
8 |
194d |
358d
|
|
panic: trap type NUM, code=NUM, pc=e6d89
|
|
|
|
1 |
195d |
195d
|
|
panic: trap type NUM, code=NUM, pc=e6d59
|
|
|
|
1 |
195d |
195d
|
|
multicore test error: SYZFAIL: setsid failed
|
|
|
|
8 |
196d |
197d
|
|
panic: vclean: deadlock
|
|
|
|
324 |
192d |
193d
|
|
assert "vp->v_usecount == NUM" failed in vfs_subr.c
|
|
|
|
23 |
192d |
193d
|
|
panic: inconsistent poll.fdMutex
|
|
|
|
4 |
237d |
264d
|
|
panic: trap type NUM, code=NUM, pc=3ca09
|
|
|
|
6 |
239d |
239d
|
|
panic: pool_do_get: pfstate: page empty
|
|
|
|
1 |
239d |
239d
|
|
uvm_fault: unveil_add_vnode
|
|
|
|
3 |
240d |
338d
|
|
witness: reversal: amaplk vmmaplk
|
|
|
|
1 |
240d |
240d
|
|
panic: ffs_update: bad link cnt (2)
|
|
|
|
26 |
240d |
491d
|
|
assert "bp->b_data != NULL" failed in vfs_biomem.c (5)
|
|
|
|
6 |
240d |
288d
|
|
uvm_fault: vio_rxeof (2)
|
|
|
|
1 |
242d |
242d
|
|
panic: kernel diagnosticpm aap_susnewirrtei:o nw "irindugp ef o==r N pUmaLp L0xf" ffafiflfedd:NUM 0fil7e9 d"/s6yez4eka8l
|
|
|
|
1 |
245d |
245d
|
|
panic: runtime error: invalid memory address or nil pointer dereference (9)
|
|
|
|
6 |
245d |
307d
|
|
pool: free list modified: fdescpl (4)
|
|
|
|
14 |
245d |
506d
|
|
uvm_fault: ufs_symlink
|
|
|
|
1 |
245d |
245d
|
|
panic: runtime error: slice bounds out of range [:NUM] with capacity NUM
|
|
|
|
1 |
246d |
246d
|
|
panic:p a nic : kernel diagnostic assertion "((flags & PGO_LOCKED) != NUM && rw_lock_held(uobj->vmobjlock)) || (flags &
|
|
|
|
1 |
246d |
246d
|
|
panic: wd changed: "\x00\x00\x00\x00\x00" -> "/root"
|
|
|
|
1 |
247d |
247d
|
|
protection_fault: __x86_indirect_thunk_r11 (2)
|
|
|
|
15 |
239d |
322d
|
|
panic: pool_do_get: vnodes: page empty
|
|
|
|
1 |
248d |
248d
|
|
panic: runtime error: invalid memory address or nil pointer dereference [recovered]
|
|
|
|
2 |
249d |
250d
|
|
go runtime error
|
|
|
|
78 |
210d |
389d
|
|
assert "__mp_lock_held(&sched_lock, curcpu()) == NUM" failed in kern_lock.c (5)
|
|
|
|
32 |
210d |
285d
|
|
panic: trap type NUM, code=NUM, pc=3ca59
|
|
|
|
10 |
210d |
238d
|
|
protection_fault: sosend
|
|
|
|
1 |
251d |
251d
|
|
panic: m_copydata: short mbuf chain
|
|
|
|
1 |
252d |
252d
|
|
pool: free list modified: sockpl (3)
|
|
|
|
41 |
254d |
856d
|
|
panic: runtime error: index out of range [ADDR] with length NUM
|
|
|
|
16 |
246d |
334d
|
|
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va ADDR, opte 0x2401
|
|
|
|
1 |
255d |
255d
|
|
panic: acquiring blockable sleep lock with spinlock or critical section held (kernel_lock) &kernel_lock (8)
|
C |
|
|
175 |
250d |
263d
|
|
panic: runtime error: index out of range [NUM] with length NUM
|
|
|
|
1 |
256d |
256d
|
|
kernel: protection fault trap, code=NUM (6)
|
|
|
|
42 |
257d |
803d
|
|
uvm_fault: ufs_rmdir
|
|
|
|
1 |
257d |
257d
|
|
assert "obj == NULL || UVM_OBJ_IS_DUMMY(obj) || rw_write_held(obj->vmobjlock)" failed in uvm_page.c
|
|
|
|
1 |
257d |
257d
|
|
pool: free list modified: mbufpl (4)
|
|
|
|
1 |
264d |
264d
|
|
panic: reflect: call of reflect.Value.Uint on string Value [recovered]
|
|
|
|
1 |
264d |
264d
|
|
uvm_fault: ffs2_balloc (3)
|
|
|
|
5 |
264d |
368d
|
|
panic: reflect: call of reflect.Value.Int on string Value [recovered]
|
|
|
|
1 |
267d |
267d
|
|
panic: pool_do_get: rwobjpl: page empty
|
|
|
|
2 |
268d |
288d
|
|
panic: Read from remote host us-central1-ssh-serialport.googleapis.com: Connection reset by peer
|
|
|
|
1 |
181d |
181d
|
|
uvm_fault (3)
|
|
|
|
1 |
275d |
275d
|
|
panic: uvm_fault_WuAnRwNiIrNe_lGoc: SPLke d: NaOTddr essL OnWoEtRED iOnN mSapY
|
|
|
|
1 |
275d |
275d
|
|
panic: pool_do_get: sigapl: page empty
|
|
|
|
1 |
275d |
275d
|
|
panic: ffs_fsync: not dirty
|
|
|
|
3 |
276d |
286d
|
|
panic: pool_do_get: pkpcb: page empty
|
|
|
|
1 |
276d |
276d
|
|
panic: vop (2)
|
|
|
|
1 |
277d |
277d
|
|
panic: softclock: invalid to_clock: ADDR
|
|
|
|
58 |
237d |
329d
|
|
assert "(pg->pg_flags & PG_BUSY) == NUM" failed in pmap.c
|
|
|
|
28 |
238d |
279d
|
|
panic: vputonfreelist: lock count is not zero (3)
|
|
|
|
3 |
279d |
338d
|
|
protection_fault: solock_shared
|
|
|
|
2 |
279d |
282d
|
|
panic: trap type NUM, code=NUM, pc=3ca79
|
|
|
|
21 |
239d |
251d
|
|
panic: pool_do_get: filepl: page empty
|
|
|
|
1 |
280d |
280d
|
|
assert "mo->ro_magic == RWLOCK_OBJ_MAGIC" failed in kern_rwlock.c
|
|
|
|
1 |
280d |
280d
|
|
panic: trap type NUM, code=NUM, pc=3c709
|
|
|
|
1 |
280d |
280d
|
|
panic: broken type ref (4)
|
|
|
|
3 |
281d |
282d
|
|
multicore test error: SYZFATAL: failed to connect to host: dial tcp IP:NUM: connect: connection refused
|
|
|
|
55 |
242d |
245d
|
|
openbsd test error: SYZFATAL: failed to connect to host: dial tcp IP:NUM: connect: connection refused
|
|
|
|
27 |
242d |
245d
|
|
panic: trap type NUM, code=NUM, pc=3c7a9
|
|
|
|
2 |
282d |
288d
|
|
panic: time: Stop called on uninitialized Timer
|
|
|
|
2 |
283d |
288d
|
|
panic: thread NUM p_stat is NUM
|
|
|
|
1 |
283d |
283d
|
|
SYZFAIL: setsid failed
|
|
|
|
6562 |
207d |
210d
|
|
SYZFAIL: proc resp pipe read failed
|
|
|
|
2266 |
195d |
196d
|
|
protection_fault: ifaof_ifpforaddr
|
|
|
|
2 |
285d |
285d
|
|
panic: vop_generConnection to us-central1-ssh-serialport.googleapis.com closed by remote host.
|
|
|
|
1 |
285d |
285d
|
|
syzkaller: make target failed: failed to run ["gmake" "target"]: exit status 2 (4)
|
|
|
|
6 |
210d |
210d
|
|
multicore build error (18)
|
|
|
|
217 |
197d |
211d
|
|
panic: ffs_freefile: freeing free inode
|
|
|
|
1 |
287d |
287d
|
|
panic: pmap_enter: PG_PVLIST mapping with unmanaged page: va ADDR, opte ADDR, pa ADDR (2)
|
|
|
|
1 |
287d |
287d
|
|
protection_fault: strlcpy
|
|
|
|
1 |
288d |
288d
|
|
uvm_fault: kcov_remote_enter (2)
|
|
|
|
2 |
288d |
300d
|
|
protection_fault: done_flush (2)
|
C |
|
|
55 |
251d |
438d
|
|
pool: free list modified: tcpcb
|
|
|
|
1 |
291d |
291d
|
|
multicore boot error: can't ssh into the instance (6)
|
|
|
|
3 |
291d |
291d
|
|
uvm_fault: softclock (4)
|
|
|
|
9 |
291d |
322d
|
|
protection_fault: icmp_mtudisc_timeout
|
|
|
|
3 |
295d |
348d
|
|
panic: trap type NUM, code=NUM, pc=3c6d9
|
|
|
|
26 |
255d |
264d
|
|
panic: Non dma-reachable buffer at curaddr ADDR(raw) (2)
|
|
|
|
3 |
299d |
428d
|
|
syzkaller: make target failed: failed to run ["gmake" "target"]: exit status 2 (3)
|
|
|
|
6 |
211d |
211d
|
|
panic: vop_gserialport: Connection terminated to allow system upgrade. Please reconnect at your convenience. (2)
|
|
|
|
1 |
211d |
211d
|
|
panic: (4)
|
|
|
|
1 |
302d |
302d
|
|
uvm_fault: bpfioctl (4)
|
|
|
|
1 |
303d |
303d
|
|
assert "fp->f_count >= NUM" failed in kern_descrip.c
|
|
|
|
1 |
304d |
304d
|
|
panic: trap type NUM, code=NUM, pc=3c729
|
|
|
|
39 |
265d |
277d
|
|
uvm_fault: ufs_direnter (2)
|
|
|
|
1 |
306d |
306d
|
|
panic: wakeup: p_stat is NUM (4)
|
|
|
|
1 |
310d |
310d
|
|
uvm_fault: VOP_BWRITE
|
|
|
|
1 |
311d |
311d
|
|
uvm_fault: pf_purge_expired_states
|
|
|
|
2 |
312d |
389d
|
|
panic: bad arg kind: <nil> (13)
|
|
|
|
1 |
314d |
314d
|
|
uvm_fault: rt_timer_timer
|
|
|
|
3 |
315d |
327d
|
|
uvm_fault: strcmp
|
|
|
|
1 |
321d |
321d
|
|
assert "scan->kqs_start.kn_filter == EVFILT_MARKER" failed in kern_event.c
|
|
|
|
1 |
321d |
321d
|
|
protection_fault: witness_checkorder (3)
|
|
|
|
1 |
323d |
323d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (23)
|
|
|
|
168 |
285d |
382d
|
|
panic: pool_do_get: pfstkey: page empty
|
|
|
|
1 |
327d |
327d
|
|
panic: missing alias (4)
|
|
|
|
1 |
329d |
329d
|
|
protection_fault: softclock
|
|
|
|
2 |
334d |
378d
|
|
multicore test error: SYZFATAL: BUG: failed to run executor version: failed to run ["./syz-executor" "version"]: signal: bad system call (core
|
|
|
|
249 |
295d |
300d
|
|
uvm_fault: softclock_process_kclock_timeout (2)
|
|
|
|
4 |
337d |
456d
|
|
panic: vop_generic_Connection to us-central1-ssh-serialport.googleapis.com closed by remote host.
|
|
|
|
1 |
249d |
249d
|
|
assert "(bp->b_flags & B_BUSY) == NUM" failed in vfs_biomem.c
|
|
|
|
1 |
344d |
344d
|
|
panic: vop_gserialport: Connection terminated to allow system upgrade. Please reconnect at your convenience.
|
|
|
|
1 |
257d |
257d
|
|
pool: free list modified: pipepl
|
|
|
|
1 |
348d |
348d
|
|
assert "sin6tosa(&ro->ro_dst)->sa_family == AF_INET6" failed in
|
|
|
|
1 |
354d |
354d
|
|
panic: vop_geneserialport: Connection terminated to allow system upgrade. Please reconnect at your convenience.
|
|
|
|
1 |
271d |
271d
|
|
multicore build error (17)
|
|
|
|
10 |
362d |
488d
|
|
panic: Connection to us-central1-ssh-serialport.googleapis.com closed by remote host.
|
|
|
|
1 |
277d |
277d
|
|
panic: vopConnection to us-central1-ssh-serialport.googleapis.com closed by remote host.
|
|
|
|
1 |
279d |
279d
|
|
panic: ffs_blkfree: bad size (3)
|
|
|
|
1 |
375d |
375d
|
|
openbsd build error (20)
|
|
|
|
1 |
289d |
289d
|
|
panic: rw_enter: solock locking against myself (2)
|
syz |
|
|
3 |
379d |
576d
|
|
uvm_fault: rw_enter (2)
|
|
|
|
3 |
379d |
454d
|
|
openbsd boot error: can't ssh into the instance (7)
|
|
|
|
6 |
291d |
291d
|
|
multicore test error: SYZFATAL: BUG: failed to run executor version: failed to run ["./syz-executor" "version"]: signal: abort trap (core dump
|
|
|
|
210 |
291d |
295d
|
|
openbsd test error: SYZFATAL: BUG: failed to run executor version: failed to run ["./syz-executor" "version"]: signal: abort trap (core dump
|
|
|
|
105 |
291d |
295d
|
|
openbsd test error: SYZFATAL: BUG: failed to run executor version: failed to run ["./syz-executor" "version"]: signal: bad system call (core
|
|
|
|
126 |
295d |
300d
|
|
assert "bp->b_data != NULL" failed in vfs_biomem.c (4)
|
|
|
|
2 |
384d |
387d
|
|
multicore boot error: can't ssh into the instance (5)
|
|
|
|
24 |
351d |
351d
|
|
openbsd boot error: can't ssh into the instance (6)
|
|
|
|
12 |
351d |
351d
|
|
panic: vop_generic_
|
|
|
|
2 |
391d |
392d
|
|
uvm_fault: fifo_read
|
|
|
|
2 |
406d |
420d
|
|
assert "pmap->pm_type != PMAP_TYPE_EPT" failed in pmap.c (2)
|
|
|
|
1 |
409d |
409d
|
|
assert "rw_write_held(&map->lock)" failed in uvm_map.c
|
|
|
|
1 |
411d |
411d
|
|
panic: wakeup: p_stat is NUM (3)
|
|
|
|
2 |
419d |
505d
|
|
panic: vop_
|
|
|
|
1 |
336d |
336d
|
|
uvm_fault: witness_checkorder (4)
|
|
|
|
1 |
425d |
425d
|
|
assert "ps->ps_uvncount == NUM" failed in kern_unveil.c (3)
|
|
|
|
134 |
390d |
605d
|
|
uvm_fault: pool_do_put (3)
|
|
|
|
1 |
430d |
430d
|
|
uvm_fault: VOP_LOCK
|
|
|
|
1 |
433d |
433d
|
|
pool: free list modified: shmpl (4)
|
|
|
|
1 |
435d |
435d
|
|
panic: vConnection to ssh-serialport.googleapis.com closed by remote host.
|
|
|
|
1 |
437d |
437d
|
|
assert "((flags & PGO_LOCKED) != NUM && rw_lock_held(uobj->vmobjlock)) || (flags & PGO_LOCKED) == NUM" failed in uvm_vno (3)
|
|
|
|
4 |
439d |
540d
|
|
panic: runtime.errorString("integer divide by zero")
|
|
|
|
1 |
442d |
442d
|
|
panic: (3)
|
|
|
|
1 |
356d |
356d
|
|
assert "ifp != NULL" failed in if_ether.c (5)
|
|
|
|
181 |
408d |
802d
|
|
protection_fault: __x86_indirect_thunk_r11
|
|
|
|
1 |
450d |
450d
|
|
pool: cpu free list modified: mbufpl (3)
|
|
|
|
1 |
455d |
455d
|
|
pool: free list modified: mbufpl (3)
|
|
|
|
1 |
459d |
459d
|
|
assert "sc->sc_dev == NUM" failed in if_tun.c (4)
|
|
|
|
1 |
471d |
471d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (22)
|
|
|
|
15 |
473d |
648d
|
|
panic: (2)
|
|
|
|
1 |
388d |
388d
|
|
panic: ffs_blkfree: bad size (2)
|
|
|
|
1 |
481d |
481d
|
|
protection_fault: witness_checkorder (2)
|
C |
|
|
311 |
441d |
556d
|
|
panic: uvm_fault_unwire_locked: addrepasnsi cno:t i n k er n e l dmaipagnostic assertion "!_kernel_lock_held()" fa
|
|
|
|
1 |
482d |
482d
|
|
kqueue: knote !ACTIVE (2)
|
|
|
|
2 |
483d |
495d
|
|
protection_fault: lf_advlock (3)
|
|
|
|
6 |
489d |
729d
|
|
assert "pg->wire_count == NUM" failed in vfs_biomem.c (2)
|
|
|
|
2 |
495d |
525d
|
|
panic: thread ADDR not in SRUN: NUM
|
|
|
|
4 |
497d |
550d
|
|
panic: db_mtx_enter: mtx ADDR: locking against myself
|
|
|
|
1 |
499d |
499d
|
|
assert "__mp_lock_held(&sched_lock, curcpu()) == NUM" failed in sched_bsd.c
|
|
|
|
2 |
500d |
501d
|
|
panic: voserialport: Connection terminated to allow system upgrade. Please reconnect at your convenience.
|
|
|
|
1 |
503d |
503d
|
|
assert "self->ci_proc_pmap == p->p_vmspace->vm_map.pmap" failed in pmap.c
|
syz |
|
|
2 |
504d |
504d
|
|
assert "ps->ps_uvncount == NUM" failed in kernWARNING: SPL NOT LOWERED ON SYSCALL NUM NUM EXIT NUM aStopped at save
|
|
|
|
1 |
516d |
516d
|
|
assert "ps->ps_uvncount == NUM" failed in multicore/kernel/sys/kern/kern_unveil.c
|
|
|
|
1 |
516d |
516d
|
|
uvm_fault: softclock (3)
|
|
|
|
1 |
516d |
516d
|
|
openbsd build error (19)
|
|
|
|
18 |
528d |
805d
|
|
assert "__mp_lock_held(&sched_lock, curcpu()) == NUM" failed in kern_lock.c (3)
|
|
|
|
4 |
533d |
552d
|
|
uvm_fault: witness_checkorder (3)
|
C |
|
|
212 |
497d |
751d
|
|
protection_fault: remrunqueue
|
|
|
|
2 |
539d |
545d
|
|
assert "!ISSET(p->p_flag, P_WSLEEP) || p->p_stat == SSTOP" failed in kern_sched.c
|
syz |
|
|
81 |
535d |
560d
|
|
assert "to->to_kclock == KCLOCK_UPTIME" failed in kern_timeout.c (2)
|
|
|
|
1 |
540d |
540d
|
|
assert "dtlookup(unit) == NULL" failed in dt_dev.c (2)
|
|
|
|
1 |
541d |
541d
|
|
panic:Connection to ssh-serialport.googleapis.com closed by remote host.
|
|
|
|
1 |
557d |
557d
|
|
panic: uvm_fault_unwire_locked: WARaNdIdNGre:s sS PnotL iNn OmT aLpO
|
|
|
|
1 |
469d |
469d
|
|
panic: vop_gepneanic: kernel diagnostic assertion "!_kernel_lock_held()" failed: file "/syzkaller/managers/multicore/ker
|
|
|
|
1 |
560d |
560d
|
|
uvm_fault: bpfioctl (3)
|
|
|
|
1 |
565d |
565d
|
|
assert "cifp != NULL" failed in route.c (2)
|
|
|
|
18 |
566d |
794d
|
|
assert "sc->sc_dev == NUM" failed in if_tun.c (3)
|
|
|
|
68 |
570d |
1059d
|
|
panic: ffs_update: bad link cnt
|
|
|
|
18 |
585d |
1087d
|
|
panic: vop_genConnection to ssh-serialport.googleapis.com closed by remote host.
|
|
|
|
1 |
587d |
587d
|
|
panic: voConnection to ssh-serialport.googleapis.com closed by remote host.
|
|
|
|
1 |
594d |
594d
|
|
uvm_fault: db_enter (4)
|
|
|
|
30 |
600d |
942d
|
|
uvm_fault: igmp_leavegroup (4)
|
|
|
|
271 |
562d |
1028d
|
|
panic: vopp_ganenier:ic_ a
|
|
|
|
1 |
622d |
622d
|
|
kernel: page fault trap, code=NUM (2)
|
|
|
|
1 |
627d |
627d
|
|
uvm_fault: softclock_process_kclock_timeout
|
|
|
|
4 |
630d |
714d
|
|
multicore test error: no output from test machine (2)
|
|
|
|
1 |
633d |
633d
|
|
protection_fault: in6_addmulti (2)
|
|
|
|
4 |
635d |
700d
|
|
pool: free list modified: fdescpl (3)
|
|
|
|
10 |
636d |
929d
|
|
multicore build error (16)
|
|
|
|
252 |
636d |
864d
|
|
panic: vop_Connection to ssh-serialport.googleapis.com closed by remote host.
|
|
|
|
1 |
638d |
638d
|
|
uvm_fault: NUM TID PID UID PRFLAGS PFLAGS CPU COMMANDNUM(NUM,NUM,NUM,NUM,49b,ADDR) at NUMtimeout_ru
|
|
|
|
1 |
639d |
639d
|
|
assert "rw_write_held(uobj->vmobjlock)" failed in uvm_aobj.c
|
|
|
|
1 |
641d |
641d
|
|
panic: vo (2)
|
|
|
|
1 |
554d |
554d
|
|
assert "pg->wire_count == NUM" failed in vfs_biomem.c
|
|
|
|
10 |
649d |
985d
|
|
protection_fault: fill_file (2)
|
|
|
|
2 |
650d |
663d
|
|
panic: wakeup: p_stat is NUM (2)
|
|
|
|
4 |
652d |
708d
|
|
panic: Non dma-reachable buffer at curaddr ADDR(raw)
|
|
|
|
1 |
659d |
659d
|
|
uvm_fault: NUM TID PID UID PRFLAGS PFLAGS CPU COMMANDNUM(NUM,NUM,NUM,NUM,59d,ADDR) at NUMtimeout_ru
|
|
|
|
1 |
659d |
659d
|
|
protection_fault: __llvm_retpoline_r11 (2)
|
|
|
|
1 |
660d |
660d
|
|
openbsd test error: SYZFATAL: BUG: got no coverage:
|
|
|
|
2405 |
635d |
709d
|
|
multicore test error: SYZFATAL: BUG: got no coverage:
|
|
|
|
4785 |
635d |
709d
|
|
uvm_fault: kcov_remote_enter
|
|
|
|
3 |
666d |
784d
|
|
uvm_fault: ffs2_balloc (2)
|
|
|
|
3 |
673d |
743d
|
|
panic: missing alias (3)
|
|
|
|
1 |
675d |
675d
|
|
assert "to->to_kclock == KCLOCK_UPTIME" failed in kern_timeout.c
|
|
|
|
1 |
681d |
681d
|
|
uvm_fault: softclock (2)
|
|
|
|
2 |
685d |
698d
|
|
openbsd boot error: can't ssh into the instance (5)
|
|
|
|
1 |
685d |
685d
|
|
uvm_fault: NUM TID PID UID PRFLAGS PFLAGS CPU COMMAND*ADDR NUM NUM NUM ADDR NUM
|
|
|
|
1 |
696d |
696d
|
|
panic: voWARNpI_NgGe:n SePLr iNc_ObT adLOoWpE
|
|
|
|
1 |
615d |
615d
|
|
uvm_fault: NUM TID PID UID PRFLAGS PFLAGS CPU COMMANDNUM(NUM,NUM,NUM,NUM,58b,ADDR) at NUMtimeout_ru
|
|
|
|
1 |
706d |
706d
|
|
panic: vpoapn_giecn: ekrice_brnadelop
|
|
|
|
1 |
618d |
618d
|
|
uvm_fault: NUM TID PID UID PRFLAGS PFLAGS CPU COMMAND*ADDR NUM NUM 0x2 ADDR 0K syz
|
|
|
|
1 |
712d |
712d
|
|
syzkaller: make target failed: failed to run ["gmake" "target"]: exit status 2 (2)
|
|
|
|
12 |
635d |
635d
|
|
assert "((flags & PGO_LOCKED) != NUM && rw_lock_held(uobj->vmobjlock)) || (flags & PGO_LOCKED) == NUM" failed in uvm_vno (2)
|
|
|
|
1 |
741d |
741d
|
|
panic: vputonfreelist: lock count is not zero (2)
|
|
|
|
1 |
748d |
748d
|
|
panic: malloc: out of space in kmem_map (2)
|
|
|
|
1 |
751d |
751d
|
|
protection_fault: done_flush
|
|
|
|
81 |
761d |
1118d
|
|
assert "dupe == NULL" failed in uvm_page.c (3)
|
|
|
|
25 |
764d |
1133d
|
|
assert "ps->ps_uvncount == NUM" failed in kern_unveil.c (2)
|
|
|
|
5 |
768d |
978d
|
|
assert "ifa == rt->rt_ifa" failed in nd6.c (4)
|
|
|
|
1 |
769d |
769d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 2 (4)
|
|
|
|
63 |
768d |
816d
|
|
panic: pr_find_pagehead: pdppl: incorrect page
|
|
|
|
1 |
783d |
783d
|
|
syzkaller: make host failed: failed to run ["gmake" "host" "ci"]: exit status 2 (4)
|
|
|
|
9 |
788d |
788d
|
|
assert "d->bd_in_uiomove == NUM" failed in bpf.c
|
|
|
|
1 |
788d |
788d
|
|
uvm_fault: savectx
|
|
|
|
1 |
789d |
789d
|
|
openbsd boot error: can't ssh into the instance (4)
|
|
|
|
28 |
790d |
830d
|
|
assert "!_kernel_lock_held()" failed in uvm_map.c
|
|
|
|
6 |
792d |
953d
|
|
assert "__mp_lock_held(&sched_lock, curcpu()) == NUM" failed in kern_lock.c (2)
|
|
|
|
1 |
793d |
793d
|
|
pool: free list modified: inpcb (2)
|
|
|
|
2 |
794d |
848d
|
|
panic: vo
|
|
|
|
1 |
706d |
706d
|
|
uvm_fault: uvm_map_teardown
|
|
|
|
1 |
800d |
800d
|
|
panic: ufsdirhash_lookup: bad offset in hash array (2)
|
|
|
|
1 |
800d |
800d
|
|
panic: acquiring blockable sleep lock with spinlock or critical section held (rwlock) vmmaplk (2)
|
|
|
|
1 |
801d |
801d
|
|
multicore test error: no output from test machine
|
|
|
|
1 |
802d |
802d
|
|
malloc: free list modified: counters
|
|
|
|
9 |
804d |
1064d
|
|
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va ADDR, opte ADDR (3)
|
|
|
|
3 |
808d |
832d
|
|
protection_fault: fill_file
|
|
|
|
2 |
819d |
845d
|
|
uvm_fault: hardclock (4)
|
|
|
|
1 |
819d |
819d
|
|
multicore boot error: can't ssh into the instance (4)
|
|
|
|
51 |
790d |
790d
|
|
pool: free list modified: pdppl (3)
|
|
|
|
1 |
823d |
823d
|
|
uvm_fault: pool_gc_pages
|
|
|
|
4 |
825d |
1012d
|
|
witness: lock_object uninitialized: ADDR (2)
|
|
|
|
1 |
825d |
825d
|
|
uvm_fault: softclock
|
|
|
|
1 |
826d |
826d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (21)
|
|
|
|
12 |
827d |
838d
|
|
protection_fault: __llvm_retpoline_r11
|
|
|
|
1 |
827d |
827d
|
|
uvm_fault: pool_do_get (2)
|
|
|
|
2 |
828d |
852d
|
|
uvm_fault: rw_enter
|
|
|
|
1 |
832d |
832d
|
|
panic: amap_pp_adjref: negative reference count (2)
|
|
|
|
1 |
832d |
832d
|
|
assert "((flags & PGO_LOCKED) != NUM && rw_lock_held(uobj->vmobjlock)) || (flags & PGO_LOCKED) == NUM" failed in uvm_vno
|
|
|
|
1 |
834d |
834d
|
|
uvm_fault: ufs_direnter
|
|
|
|
1 |
845d |
845d
|
|
assert "bp->b_data != NULL" failed in vfs_biomem.c (3)
|
|
|
|
2 |
845d |
862d
|
|
uvm_fault: bpfioctl (2)
|
|
|
|
2 |
847d |
848d
|
|
panic: rw_enter: solock locking against myself
|
|
|
|
5 |
847d |
935d
|
|
multicore test error: SYZFATAL: BUG: program execution failed: executor NUM: EOF (2)
|
|
|
|
78 |
820d |
821d
|
|
openbsd test error: SYZFATAL: BUG: program execution failed: executor NUM: EOF
|
|
|
|
94 |
820d |
825d
|
|
uvm_fault: __kernel_phys_end
|
|
|
|
1 |
850d |
850d
|
|
panic: trap type NUM, code=NUM, pc=NUM (2)
|
|
|
|
1 |
862d |
862d
|
|
protection_fault: in6_addmulti
|
|
|
|
1 |
862d |
862d
|
|
panic: wakeup: p_stat is NUM
|
|
|
|
2 |
863d |
885d
|
|
protection_fault: witness_checkorder
|
|
|
|
1 |
876d |
876d
|
|
uvm_fault: NUM TID PID UID PRFLAGS PFLAGS CPU COMMAND*ADDR NUM NUM NUM ADDR 0K s
|
|
|
|
1 |
893d |
893d
|
|
malloc: free list modified: free (3)
|
|
|
|
1 |
900d |
900d
|
|
multicore test error: SYZFATAL: BUG: program execution failed: executor NUM: EOF
|
|
|
|
108 |
821d |
823d
|
|
uvm_fault: km_free
|
|
|
|
6 |
924d |
1112d
|
|
panic:client_loop: send disconnect: Broken pipe
|
|
|
|
4 |
927d |
1066d
|
|
panic: vopclient_loop: send disconnect: Broken pipe (3)
|
|
|
|
3 |
930d |
977d
|
|
panic: vopConnection to ssh-serialport.googleapis.com closed by remote host.
|
|
|
|
1 |
851d |
851d
|
|
pool: free list modified: inpcb
|
|
|
|
2 |
939d |
966d
|
|
pool: cpu free list modified: mbufpl (2)
|
|
|
|
1 |
942d |
942d
|
|
protection_fault: lf_advlock (2)
|
|
|
|
4 |
946d |
995d
|
|
pool: free list modified: art_heap4 (3)
|
|
|
|
1 |
953d |
953d
|
|
uvm_fault: solock
|
|
|
|
1 |
955d |
955d
|
|
panic: trap type NUM, code=NUM, pc=NUM
|
|
|
|
1 |
958d |
958d
|
|
uvm_fault: hardclock (3)
|
|
|
|
1 |
962d |
962d
|
|
assert "pmap->pm_type != PMAP_TYPE_EPT" failed in pmap.c
|
|
|
|
1 |
966d |
966d
|
|
panic: tcpp_nucp t
|
|
|
|
1 |
876d |
876d
|
|
pool: free list modified: bufpl
|
|
|
|
1 |
966d |
966d
|
|
panic: vop_gene
|
|
|
|
1 |
877d |
877d
|
|
panic: vop_generic_bclient_loop: send disconnect: Broken pipe
|
|
|
|
1 |
878d |
878d
|
|
panic: vop_generic_bapdoapn
|
|
|
|
1 |
886d |
886d
|
|
kernel: page fault trap, code=NUM
|
syz |
|
|
1 |
885d |
885d
|
|
panic: vop_client_loop: send disconnect: Broken pipe (2)
|
|
|
|
1 |
893d |
893d
|
|
panic: vop_gpeanneicri:c _kbeardonpe
|
|
|
|
1 |
894d |
894d
|
|
panic: vop_geneclient_loop: send disconnect: Broken pipe
|
|
|
|
1 |
889d |
889d
|
|
panic: voclient_loop: send disconnect: Broken pipe
|
|
|
|
1 |
976d |
976d
|
|
protection_fault: tun_enqueue
|
|
|
|
1 |
976d |
976d
|
|
assert "bp->b_data != NULL" failed in vfs_biomem.c (2)
|
|
|
|
2 |
976d |
1028d
|
|
witness: lock_object uninitialized: ADDR
|
|
|
|
71 |
982d |
1121d
|
|
panic: ufsdirhash_lookup: bad offset in hash array
|
|
|
|
1 |
982d |
982d
|
|
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va ADDR, opte ADDR (2)
|
|
|
|
1 |
984d |
984d
|
|
panic: vop_client_loop: send disconnect: Broken pipe
|
|
|
|
1 |
897d |
897d
|
|
panic: vop_generic_bpaadonipc
|
|
|
|
1 |
902d |
902d
|
|
pool: free list modified: sockpl (2)
|
|
|
|
3 |
994d |
1049d
|
|
malloc: free list modified: free (2)
|
|
|
|
1 |
999d |
999d
|
|
SYZFAIL: ioctl remote attach failed (4)
|
|
|
|
68 |
1002d |
1116d
|
|
uvm_fault: pmap_page_remove (4)
|
|
|
|
1 |
1007d |
1007d
|
|
protection_fault: pool_do_put
|
|
|
|
1 |
1019d |
1019d
|
|
panic: vpopa_ngiecn:kerericn_elba diagnostic assertion "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/k
|
|
|
|
1 |
938d |
938d
|
|
panic: vpoanp_igc:en e r i c _ b ad op
|
|
|
|
1 |
940d |
940d
|
|
panic: pmap_enter: PG_PVLIST mapping with unmanaged page: va ADDR, opte ADDR, pa ADDR
|
|
|
|
2 |
1030d |
1107d
|
|
panic: pool_do_get: pfiaddrpl: page empty
|
|
|
|
1 |
1031d |
1031d
|
|
panic: vop_generclient_loop: send disconnect: Broken pipe
|
|
|
|
1 |
945d |
945d
|
|
uvm_fault: putc
|
|
|
|
2 |
1035d |
1039d
|
|
uvm_fault: pf_anchor_global_RB_INSERT_COLOR
|
|
|
|
1 |
1037d |
1037d
|
|
panic: vop_pganeince:ri kce_rbandelo p
|
|
|
|
1 |
955d |
955d
|
|
panic: vop_genericp_anbaidc:o p
|
|
|
|
1 |
954d |
954d
|
|
panic: vop_generic_baclient_loop: send disconnect: Broken pipe
|
|
|
|
1 |
953d |
953d
|
|
panic: runtime error: invalid memory address or nil pointer dereference (8)
|
|
|
|
1 |
955d |
955d
|
|
uvm_fault: ffs2_balloc
|
|
|
|
1 |
1042d |
1042d
|
|
assert "ifa == rt->rt_ifa" failed in nd6.c (3)
|
|
|
|
2 |
1043d |
1070d
|
|
uvm_fault: VOP_ISLOCKED (2)
|
|
|
|
1 |
1044d |
1044d
|
|
panic: vpoapn_igc:e kernel diagnostic assertion "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/s
|
|
|
|
1 |
957d |
957d
|
|
panic: vclient_loop: send disconnect: Broken pipe (2)
|
|
|
|
1 |
956d |
956d
|
|
uvm_fault: db_enter (3)
|
|
|
|
1 |
956d |
956d
|
|
uvm_fault: pool_do_get
|
|
|
|
1 |
1051d |
1051d
|
|
panic: vclient_loop: send disconnect: Broken pipe
|
|
|
|
1 |
962d |
962d
|
|
uvm_fault: ktrops
|
|
|
|
1 |
1053d |
1053d
|
|
panic: vop_genericp_baandiocp:
|
|
|
|
1 |
1012d |
1012d
|
|
panic: vop_geneprianci_c: kernel diagnostic assertion "!_kernel_lock_held()" failed: file "/syzkaller/managers/multicore
|
|
|
|
1 |
975d |
975d
|
|
panic: broken type ref (3)
|
|
|
|
1 |
966d |
966d
|
|
panic: vop_generic_badpoapn
|
|
|
|
1 |
965d |
965d
|
|
panic: vop_genepranici_c:bakdeorpn
|
|
|
|
1 |
968d |
968d
|
|
uvm_fault: memcpy (4)
|
|
|
|
2 |
1055d |
1124d
|
|
multicore test error: SYZFATAL: BUG: program execution failed: bad reply magic ADDR
|
|
|
|
1 |
974d |
974d
|
|
openbsd test error: SYZFATAL: BUG: program execution failed: bad reply magic ADDR
|
|
|
|
3 |
974d |
974d
|
|
assert "la != NULL" failed in if_ether.c (2)
|
|
|
|
1 |
1063d |
1063d
|
|
protection_fault: sys_msgrcv
|
|
|
|
1 |
1068d |
1068d
|
|
panic: vop_geneprainci_cb:a kdeoprn
|
|
|
|
1 |
1069d |
1069d
|
|
panic:p a nic: kernel diagnostic assertion "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/sys/ke
|
|
|
|
1 |
981d |
981d
|
|
openbsd build error (18)
|
|
|
|
1 |
980d |
980d
|
|
uvm_fault: db_enter (2)
|
|
|
|
1 |
986d |
986d
|
|
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va ADDR, opte ADDR
|
|
|
|
3 |
1078d |
1127d
|
|
panic: vpoapn_igc:en keerricn_elba d o dpi
|
|
|
|
1 |
1078d |
1078d
|
|
kernel: privileged instruction fault trap, code=NUM
|
|
|
|
1 |
1080d |
1080d
|
|
uvm_fault: hardclock (2)
|
|
|
|
1 |
1081d |
1081d
|
|
panic: vop_generic_bad
|
|
|
|
1 |
993d |
993d
|
|
panic: vop_genclient_loop: send disconnect: Broken pipe (2)
|
|
|
|
1 |
998d |
998d
|
|
kernel: protection fault trap, code=NUM (4)
|
|
|
|
1 |
1000d |
1000d
|
|
panic: vop_genclient_loop: send disconnect: Broken pipe
|
|
|
|
1 |
1001d |
1001d
|
|
panic: vop_generic_client_loop: send disconnect: Broken pipe
|
|
|
|
1 |
1002d |
1002d
|
|
uvm_fault: ffs_nodealloccg
|
|
|
|
1 |
1093d |
1093d
|
|
assert "dtlookup(unit) == NULL" failed in dt_dev.c
|
|
|
|
1 |
1094d |
1094d
|
|
panic: vop_generic_pbaandiopc
|
|
|
|
1 |
1005d |
1005d
|
|
pool: free list modified: fdescpl
|
|
|
|
1 |
1097d |
1097d
|
|
assert "ifp != NULL" failed in if_ether.c (4)
|
|
|
|
2 |
1097d |
1142d
|
|
panic: vopclient_loop: send disconnect: Broken pipe (2)
|
|
|
|
1 |
1008d |
1008d
|
|
assert "ps->ps_uvncount == NUM" failed in kern_unveil.c
|
|
|
|
2 |
1109d |
1121d
|
|
panic: pmap_remove_ptes: managed page without PG_PVLIST: va ADDR, opte ADDR
|
|
|
|
1 |
1118d |
1118d
|
|
assert "bp->b_data != NULL" failed in vfs_biomem.c
|
|
|
|
1 |
1119d |
1119d
|
|
panic: runtime error: invalid memory address or nil pointer dereference (7)
|
|
|
|
1 |
1120d |
1120d
|
|
panic: missing alias (2)
|
|
|
|
2 |
1121d |
1121d
|
|
panic: vref used where vget required (3)
|
|
|
|
1 |
1121d |
1121d
|
|
panic: client_loop: send disconnect: Broken pipe (2)
|
|
|
|
1 |
1032d |
1032d
|
|
panic: vop_generic_WbAaRdNopI
|
|
|
|
1 |
1036d |
1036d
|
|
panic: apcaqniuci:r kinegr nbleol c kdaiblage snloesteipc laosscke r t io n " ! _ ke r n e l_ l o wcikt_hh s
|
|
|
|
1 |
1036d |
1036d
|
|
panic: acqupirainincg: b lo c kkaerblneel s l e ep l o c k d i a gwintohs tsipc i nl oc k o r c r it i c a l
|
|
|
|
1 |
1036d |
1036d
|
|
panic: vop_gclient_loop: send disconnect: Broken pipe
|
|
|
|
1 |
1036d |
1036d
|
|
panic: acquipraniincg: k e brnleolck daibaleg nsolseteip lc oacsks weirttiho n s "pi!nl_okecrkn oelr_ l corcik_thiec
|
|
|
|
1 |
1037d |
1037d
|
|
panic: acpquainriic:n g bl o ck a b le s l e e p l o c k w i t h s p in l o c k o r c ri t i ca l s
|
|
|
|
1 |
1037d |
1037d
|
|
panic: acquiring blpocankaicb:l e s l e keerp lnoecl k w i t h s p i nl oc k o r cr i t ic a l s e c ti o n
|
|
|
|
1 |
1037d |
1037d
|
|
panic: apcaqnuiic:ri nkg ebrloncekla b l e sl ee p l o c k w i t h s p i n l oc k o r cr i ti c a l
|
|
|
|
1 |
1037d |
1037d
|
|
panic: acquiring blockable sleep lock with spinlock or criticapl saneictci:o nk ehrenled (lk deriangenlo_lsotickc)
|
|
|
|
1 |
1037d |
1037d
|
|
panic: acquiring blocpkaanbilec: k er snleele p lo c k w i th s p i nl o c k or c r i ti ca l s ec t
|
|
|
|
1 |
1037d |
1037d
|
|
kernel: protection fault trap, code=NUM (3)
|
|
|
|
1 |
1037d |
1037d
|
|
panic: acquirpinagni c :b l koecrknaebll ed silageneop slotickc a ss e r t i o n " ! _ k e r n el _ l o ckwi_t
|
|
|
|
1 |
1037d |
1037d
|
|
panic: acquiring bplaoncikca:b l e sl e e p l okcek rwnielt h s p i n dloicak gonro scrtiitci c a l s e cati
|
|
|
|
1 |
1037d |
1037d
|
|
panic: acquiring blockabplaen i sc:le e p l kocek rn e l d ia g no s t i wci t ha s s e r t i o n "s!_pkienlro
|
|
|
|
1 |
1037d |
1037d
|
|
panic: acquiringp abnlioc:c k ab l e sl e e p lo c k w it h s p i n l oc k o rk er n e l d i agn o s
|
|
|
|
1 |
1037d |
1037d
|
|
panic: acpqauniicr:in g bl kocerknaeblle d ia g no s t i cs alseseeprt i lonoc k w it"h!_ k seprninell_olckoc
|
|
|
|
1 |
1037d |
1037d
|
|
panic: acquirinpgan bilco:c kkaeblrne esll e ep lo ck wi t h s p in l oc k o r c r i ti c a l s ec t
|
|
|
|
1 |
1037d |
1037d
|
|
panic: acquiring blockablep a ni c : k er ne l d ia gn o s t i c as s e r stleieopn l oc k w i t h s
|
|
|
|
1 |
1037d |
1037d
|
|
panic: acquiring bl o c kpaablniec s:le e p l o c k wi t h s p i n l o c k o r c ri t i c a l s e c t i
|
|
|
|
1 |
1037d |
1037d
|
|
panic: apcqauniircin:g b lkeorcknaelbldei saglenoepst ilc o c k w i th sp i n l o c k a s s oerrt ciorint i"c!
|
|
|
|
1 |
1037d |
1037d
|
|
kernel: protection fSeaBIOS (version NUM.NUM.NUM-google)
|
syz |
|
|
1 |
1042d |
1042d
|
|
panic: vop_generic_bado
|
|
|
|
1 |
1047d |
1047d
|
|
panic: bad dir (2)
|
|
|
|
44 |
1104d |
1116d
|
|
pool: free list modified: pdppl (2)
|
|
|
|
1 |
1140d |
1140d
|
|
panic: client_loop: send disconnect: Broken pipe
|
|
|
|
1 |
1064d |
1064d
|
|
assert "next != NULL && next->start <= entry->end" failed in uvm_fault.c (2)
|
syz |
|
|
2 |
1135d |
1135d
|
|
witness: reversal: lock order data missing (2)
|
C |
|
|
173 |
1199d |
1349d
|
|
openbsd build error (16)
|
|
|
|
1 |
1070d |
1070d
|
|
multicore boot error: witness: reversal: vmmaplk inode
|
|
|
|
60 |
1071d |
1072d
|
|
uvm_fault: pmap_page_remove (3)
|
|
|
|
1 |
1076d |
1076d
|
|
multicore boot error: kernel: protection fault trap, code=NUM
|
|
|
|
57 |
1075d |
1076d
|
|
panic: acquiring blockable sleep lock with spinlock or critical section held (rwlock) kmmaplk (2)
|
|
|
|
2 |
1171d |
1231d
|
|
panic: vopclient_loop: send disconnect: Broken pipe
|
|
|
|
1 |
1090d |
1090d
|
|
panic: vop_generipac_nibac:do kpe
|
|
|
|
1 |
1090d |
1090d
|
|
panic: vop
|
|
|
|
1 |
1097d |
1097d
|
|
SYZFAIL: tun: can't open device (3)
|
|
|
|
86 |
1103d |
1103d
|
|
SYZFAIL: tun_id out of range (2)
|
|
|
|
182 |
1103d |
1103d
|
|
panic: trap type NUM, code=NUM, pc=ADDR
|
|
|
|
1 |
1114d |
1114d
|
|
kernel: protection fault trap, code=NUM (2)
|
C |
|
|
16 |
1119d |
1142d
|
|
panic:
|
|
|
|
1 |
1118d |
1118d
|
|
SYZFAIL: dup2(NUM, kInPipeFd) failed
|
syz |
|
|
4 |
1124d |
1142d
|
|
SYZFAIL: tun_id out of range
|
|
|
|
109 |
1126d |
1126d
|
|
panic: vop_generic_badop
|
|
|
|
1 |
1206d |
1206d
|
|
multicore build error (14)
|
|
|
|
58 |
1129d |
1131d
|
|
kernel: double fault trap, code=NUM
|
|
|
|
1 |
1129d |
1129d
|
|
SYZFAIL: ioctl remote attach failed (2)
|
|
|
|
6 |
1129d |
1149d
|
|
uvm_fault: hardclock
|
|
|
|
1 |
1231d |
1231d
|
|
SYZFAIL: open of /dev/kcov failed
|
|
|
|
3 |
1145d |
1145d
|
|
SYZFAIL: ioctl remote attach failed
|
|
|
|
3 |
1247d |
1300d
|
|
kernel: page fault trap, code=0 (4)
|
|
|
|
2 |
1248d |
1277d
|
|
SYZFAIL: tun: can't open device (2)
|
|
|
|
1 |
1277d |
1277d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (20)
|
|
|
|
24 |
1203d |
1223d
|
|
openbsd test error: timed out (3)
|
|
|
|
72 |
1209d |
1213d
|
|
multicore test error: timed out (3)
|
|
|
|
150 |
1209d |
1213d
|
|
kernel: protection fault trap, code=NUM
|
|
|
|
1 |
1222d |
1222d
|
|
uvm_fault: x86_ipi_db (6)
|
|
|
|
1 |
1244d |
1244d
|
|
panic: wakeup: p_stat iSeaBIOS (version NUM.NUM.NUM-google)
|
|
|
|
1 |
1245d |
1245d
|
|
uvm_fault: x86_ipi_db (5)
|
|
|
|
1 |
1249d |
1249d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (19)
|
|
|
|
3 |
1258d |
1258d
|
|
uvm_fault: x86_ipi_db (4)
|
|
|
|
1 |
1263d |
1263d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (18)
|
|
|
|
6 |
1281d |
1282d
|
|
panic: acquiring blockable sleep lock with spinlock or critical section held (rwlock) kmmaplk
|
|
|
|
11 |
1380d |
1543d
|
|
multicore build error (12)
|
|
|
|
1 |
1421d |
1421d
|
|
uvm_fault: x86_ipi_db (3)
|
|
|
|
4 |
1428d |
1445d
|
|
panic: runtime error: invalid memory address or nil pointer dereference (6)
|
|
|
|
276 |
1352d |
1352d
|
|
openbsd test error: lost connection to test machine (2)
|
|
|
|
3 |
1366d |
1366d
|
|
multicore test error: lost connection to test machine (2)
|
|
|
|
6 |
1366d |
1366d
|
|
openbsd test error: lost connection to test machine
|
|
|
|
15 |
1366d |
1366d
|
|
multicore test error: lost connection to test machine
|
|
|
|
36 |
1366d |
1366d
|
|
corrupted report (4)
|
|
|
|
21 |
1462d |
1631d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (17)
|
|
|
|
3 |
1412d |
1412d
|
|
panic: runtime error: invalid memory address or nil pointer dereference (5)
|
|
|
|
10821 |
1405d |
1405d
|
|
panic: runtime error: invalid memory address or nil pointer dereference (4)
|
|
|
|
2753 |
1405d |
1406d
|
|
SYZFAIL: clone failed
|
syz |
|
|
1 |
1426d |
1426d
|
|
multicore build error (11)
|
|
|
|
2 |
1428d |
1428d
|
|
multicore build error (10)
|
|
|
|
2 |
1460d |
1533d
|
|
openbsd build error (13)
|
|
|
|
1 |
1538d |
1538d
|
|
uvm_fault: x86_ipi_db (2)
|
|
|
|
1 |
1478d |
1478d
|
|
uvm_fault: x86_ipi_db
|
|
|
|
1 |
1481d |
1481d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (16)
|
|
|
|
21 |
1484d |
1488d
|
|
assert "(key.from) > 0 && (key.from) <= w_max_used_index && (key.from) < witness_count" failed in subr_witness.c
|
|
|
|
1 |
1584d |
1584d
|
|
uvm_fault: strlen
|
|
|
|
1 |
1588d |
1588d
|
|
panic: ffs_alloccg: map corrupted
|
|
|
|
1 |
1589d |
1589d
|
|
uvm_fault: fdcopy
|
|
|
|
1 |
1594d |
1594d
|
|
panic (2)
|
syz |
|
|
8 |
1508d |
1518d
|
|
uvm_fault: in6_pcbhashlookup
|
|
|
|
1 |
1602d |
1602d
|
|
panic
|
|
|
|
1 |
1520d |
1520d
|
|
syzkaller: make host failed: failed to run ["gmake" "host" "ci"]: exit status 2 (3)
|
|
|
|
9 |
1612d |
1616d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (15)
|
|
|
|
6 |
1539d |
1548d
|
|
assert "ifp != NULL" failed in if_ether.c (3)
|
|
|
|
2 |
1623d |
1628d
|
|
uvm_fault: pmap_page_remove (2)
|
|
|
|
5 |
1628d |
1804d
|
|
uvm_fault: nd6_dad_duplicated
|
|
|
|
1 |
1628d |
1628d
|
|
soreceive 1
|
|
|
|
58 |
1633d |
1790d
|
|
pool: free list modified: pvpl
|
|
|
|
17 |
1634d |
1889d
|
|
panic: runtime error: invalid memory address or nil pointer dereference (3)
|
|
|
|
28 |
1636d |
1902d
|
|
panic: m_copym0: m == NULL and not COPYALL
|
|
|
|
306 |
1632d |
1896d
|
|
panic: m_copym0: short mbuf chain
|
|
|
|
214 |
1636d |
1895d
|
|
witness: reversal: vmmaplk inode (2)
|
C |
|
|
46771 |
1547d |
1861d
|
|
witness: reversal: inode netlock
|
C |
|
|
6 |
1548d |
1548d
|
|
witness: reversal: netlock inode
|
C |
|
|
11 |
1548d |
1548d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 2 (3)
|
|
|
|
3 |
1549d |
1549d
|
|
uvm_fault: tun_dev_read (2)
|
|
|
|
71 |
1641d |
1888d
|
|
uvm_fault: rtrequest
|
|
|
|
1 |
1641d |
1641d
|
|
openbsd build error (12)
|
|
|
|
1 |
1553d |
1553d
|
|
multicore build error (9)
|
|
|
|
1 |
1553d |
1553d
|
|
uvm_fault: ml_dequeue
|
|
|
|
2 |
1642d |
1684d
|
|
assert "dupe == NULL" failed in uvm_page.c (2)
|
|
|
|
1 |
1643d |
1643d
|
|
panic: pr_find_pagehead: mbufpl: incorrect page (2)
|
|
|
|
20 |
1647d |
1914d
|
|
uvm_fault: memcpy (3)
|
|
|
|
26 |
1647d |
1705d
|
|
uvm_fault: sbdrop
|
|
|
|
44 |
1654d |
1874d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (14)
|
|
|
|
6 |
1566d |
1567d
|
|
assert "pg->wire_count == 1" failed in vfs_biomem.c (2)
|
|
|
|
9 |
1657d |
1725d
|
|
panic: in6_cksum: out of data, len 64
|
|
|
|
1 |
1658d |
1658d
|
|
uvm_fault: _bpf_mtap (2)
|
|
|
|
8 |
1661d |
1676d
|
|
panic: unhandled af (3)
|
syz |
|
|
7 |
1658d |
1667d
|
|
uvm_fault: ml_enlist (2)
|
|
|
|
1 |
1662d |
1662d
|
|
uvm_fault: ml_purge (2)
|
|
|
|
8 |
1667d |
1886d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (13)
|
|
|
|
39 |
1586d |
1665d
|
|
panic: pr_find_pagehead: mbufpl: page header missing (3)
|
|
|
|
2 |
1671d |
1704d
|
|
uvm_fault: m_free (2)
|
|
|
|
429 |
1641d |
1891d
|
|
uvm_fault: pool_cache_get
|
|
|
|
518 |
1642d |
1920d
|
|
pool: free list modified: anonpl
|
|
|
|
8 |
1675d |
1897d
|
|
panic: amap_lookup: offset out of range
|
|
|
|
2 |
1678d |
1724d
|
|
uvm_fault: 0x1:uvm_fault(ADDR, 0x1, 0, 1) -> e kernel: page fault trap, code=0Stopped at db_read_bytes
|
|
|
|
1 |
1589d |
1589d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 2 (2)
|
|
|
|
45 |
1590d |
1592d
|
|
panic: free: size too small 10 <= 4096 / 2 (ADDR) type devbuf
|
|
|
|
2 |
1681d |
1686d
|
|
pool: free list modified: vcpupl
|
|
|
|
1 |
1682d |
1682d
|
|
uvm_fault: bpf_mtap
|
|
|
|
10 |
1682d |
1909d
|
|
pool: free list modified: filepl
|
|
|
|
1 |
1688d |
1688d
|
|
pool: free list modified: shmpl (3)
|
|
|
|
1 |
1693d |
1693d
|
|
uvm_fault: uvmfault_anonget
|
|
|
|
1 |
1696d |
1696d
|
|
uvm_fault: unveil_find_cover
|
|
|
|
1 |
1697d |
1697d
|
|
assert "mhead->m_flags & M_PKTHDR" failed in switchctl.c (2)
|
|
|
|
1 |
1698d |
1698d
|
|
malloc: free list modified: free
|
|
|
|
12 |
1699d |
1921d
|
|
uvm_fault: nd6_ns_output
|
|
|
|
1 |
1707d |
1707d
|
|
uvm_fault: x86_send_ipi (2)
|
|
|
|
2 |
1708d |
1720d
|
|
panic.go:LINE +0x72 (7)
|
syz |
|
|
3 |
1627d |
1629d
|
|
assert "ifp != NULL" failed in rtsock.c (2)
|
|
|
|
26 |
1686d |
1689d
|
|
panic: vref used where vget required (2)
|
|
|
|
2 |
1718d |
1721d
|
|
panic: amap_lookups: offset out of range (2)
|
|
|
|
1 |
1719d |
1719d
|
|
pool: free list modified: pffrnode
|
|
|
|
7 |
1719d |
1857d
|
|
uvm_fault: uvm_map_clean
|
|
|
|
1 |
1720d |
1720d
|
|
panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (8)
|
|
|
|
10 |
1673d |
1744d
|
|
uvm_fault: igmp_leavegroup
|
|
|
|
1 |
1723d |
1723d
|
|
syzkaller: make target failed: failed to run ["gmake" "target"]: exit status 2
|
|
|
|
3 |
1634d |
1634d
|
|
panic(ADDR) at panic+0x164
|
|
|
|
1 |
1636d |
1636d
|
|
openbsd boot error: can't ssh into the instance (3)
|
|
|
|
18 |
1637d |
1637d
|
|
multicore boot error: can't ssh into the instance (3)
|
|
|
|
15 |
1637d |
1637d
|
|
kernel: privileged instruction fault trap, code=0 (2)
|
|
|
|
1 |
1728d |
1728d
|
|
assert "!_kernel_lock_held()" failed in kern_fork.c (2)
|
|
|
|
1 |
1728d |
1728d
|
|
uvm_fault(ADDR, 0xa, 0, 1) -> e (2)
|
|
|
|
1 |
1642d |
1642d
|
|
assert "!ISSET(rt->rt_flags, RTF_LOCAL)" failed in nd6.c (2)
|
|
|
|
1 |
1731d |
1731d
|
|
no output from test machine (4)
|
syz |
|
|
14713 |
1645d |
1652d
|
|
panic: amap_wipeout: corrupt amap
|
|
|
|
6 |
1737d |
1825d
|
|
uvm_fault(ADDR, 0x7b8, 0, 1) -> e
|
|
|
|
1 |
1654d |
1654d
|
|
uvm_fault(ADDR, 0x3, 0, 1) -> e (2)
|
|
|
|
1 |
1658d |
1658d
|
|
syzkaller: make host failed: failed to run ["gmake" "host" "ci"]: exit status 2 (2)
|
|
|
|
21 |
1660d |
1662d
|
|
uvm_fault(ADDR, 0xa, 0, 1) -> e
|
|
|
|
1 |
1661d |
1661d
|
|
pool: free list modified: tcpqe
|
|
|
|
4 |
1752d |
1868d
|
|
uvm_fault(ADDR, 0x3, 0, 1) -> e
|
|
|
|
1 |
1663d |
1663d
|
|
no output from test machine (2)
|
C |
|
|
89865 |
1667d |
1720d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (12)
|
|
|
|
9 |
1675d |
1678d
|
|
assert "sb->sb_cc == 0" failed in uipc_socket2.c
|
|
|
|
2 |
1757d |
1801d
|
|
pool: free list modified: vmsppl
|
|
|
|
1 |
1668d |
1668d
|
|
uvm_fault(ADDR, 0xbef, 0, 1) -> e (2)
|
|
|
|
1 |
1669d |
1669d
|
|
uvm_fault(ADDR, 0x10b, 0, 1) -> e (2)
|
|
|
|
1 |
1675d |
1675d
|
|
uvm_fault(ADDR, 0xbef, 0, 1) -> e
|
|
|
|
1 |
1676d |
1676d
|
|
pool: free list modified: vnodes
|
|
|
|
1 |
1771d |
1771d
|
|
uvm_fault(ADDR, 0x10b, 0, 1) -> e
|
|
|
|
1 |
1689d |
1689d
|
|
kernel: page fault trap, code=0 (3)
|
|
|
|
1 |
1690d |
1690d
|
|
panic: bad group arg size 29, should be <= 32 for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:LINEx328, dir:LINEx0}, Inn
|
|
|
|
1 |
1693d |
1693d
|
|
assert "ps->ps_uvncount == 0" failed in kern_unveil.c (2)
|
|
|
|
1 |
1789d |
1789d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (11)
|
|
|
|
6 |
1700d |
1722d
|
|
pool: free list modified: uvmvnodes
|
|
|
|
1 |
1791d |
1791d
|
|
pool: free list modified: sockpl
|
|
|
|
2 |
1792d |
1803d
|
|
uvm_fault(ADDR, ADDR, 0, 1) -> e
|
|
|
|
1 |
1703d |
1703d
|
|
panic: bad group arg size 29, should be <= 32 for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:LINEx2c0, dir:LINEx0}, Inn
|
|
|
|
1 |
1707d |
1707d
|
|
uvm_fault: memcpy (2)
|
syz |
|
|
2168 |
1712d |
1960d
|
|
uvm_fault: vio_start
|
|
|
|
1 |
1802d |
1802d
|
|
uvm_fault: syscall
|
|
|
|
1 |
1805d |
1805d
|
|
panic: broken type ref
|
|
|
|
1 |
1719d |
1719d
|
|
pool: free list modified: mtagpl
|
|
|
|
1 |
1806d |
1806d
|
|
assert "dupe == NULL" failed in uvm_page.c
|
|
|
|
4 |
1807d |
1920d
|
|
pool: free list modified: art_table
|
|
|
|
1 |
1809d |
1809d
|
|
assert "ifp != NULL" failed in if_ether.c (2)
|
|
|
|
1 |
1817d |
1817d
|
|
syzkaller: make host failed: failed to run ["gmake" "host" "ci"]: exit status 2
|
|
|
|
3 |
1727d |
1727d
|
|
kqueue: knote !ACTIVE
|
|
|
|
2 |
1820d |
1823d
|
|
uvm_fault: in4_cksum
|
|
|
|
1 |
1824d |
1824d
|
|
panic: bad arg kind: <nil> (11)
|
|
|
|
1 |
1740d |
1740d
|
|
kernel: privileged instruction fault trap, code=0
|
|
|
|
1 |
1832d |
1832d
|
|
uvm_fault: ml_enlist
|
|
|
|
1 |
1832d |
1832d
|
|
uvm_fault: tun_init
|
|
|
|
1 |
1833d |
1833d
|
|
uvm_fault returns 14, GPA=ADDR
|
C |
|
|
2 |
1746d |
1746d
|
|
panic: lock (kernel_lock) mbufpl not locked
|
|
|
|
1 |
1836d |
1836d
|
|
panic: bad group arg size 0, should be <= 24 for &prog.GroupArg{ArgCommon:prog.ArgCommon{typ:(*prog.StructType)(ADDR)},
|
|
|
|
1 |
1748d |
1748d
|
|
panic.go:LINE +0x72 (5)
|
|
|
|
1 |
1751d |
1751d
|
|
assert "pg->wire_count == 0" failed in uvm_page.c
|
|
|
|
1 |
1846d |
1846d
|
|
panic: bad arg kind: <nil> (10)
|
|
|
|
1 |
1761d |
1761d
|
|
panic: bad arg kind: <nil> (9)
|
|
|
|
1 |
1764d |
1764d
|
|
pool: free list modified: art_heap4
|
|
|
|
2 |
1859d |
1884d
|
|
uvm_fault: _bus_dmamap_load_mbuf
|
|
|
|
1 |
1863d |
1863d
|
|
uvm_fault: m_copym
|
|
|
|
1 |
1864d |
1864d
|
|
panic: bad arg kind: <nil> (8)
|
|
|
|
1 |
1776d |
1776d
|
|
panic: pr_find_pagehead: mbufpl: page header missing (2)
|
|
|
|
1 |
1867d |
1867d
|
|
pool: cpu free list modified: mcl2k
|
|
|
|
1 |
1867d |
1867d
|
|
panic: bad arg kind: <nil> (7)
|
|
|
|
1 |
1780d |
1780d
|
|
pool: free list modified: shmpl (2)
|
|
|
|
1 |
1874d |
1874d
|
|
panic: bad arg kind: <nil> (6)
|
|
|
|
1 |
1785d |
1785d
|
|
panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (7)
|
|
|
|
1 |
1786d |
1786d
|
|
assert "mhead->m_flags & M_PKTHDR" failed in switchctl.c
|
|
|
|
1 |
1877d |
1877d
|
|
pool: double put: mbufpl (2)
|
|
|
|
2 |
1878d |
1910d
|
|
panic: attempt to access user address ADDR in supervisor mode
|
|
|
|
7 |
1883d |
1932d
|
|
kernel: double fault trap, code=0 (2)
|
syz |
|
|
2 |
1909d |
1909d
|
|
uvm_fault: rtable_satoplen (3)
|
syz |
|
|
237 |
1917d |
1960d
|
|
panic: amap_lookups: offset out of range
|
|
|
|
1 |
1887d |
1887d
|
|
panic: bad arg kind: <nil> (5)
|
|
|
|
1 |
1799d |
1799d
|
|
uvm_fault: witness_checkorder (2)
|
|
|
|
1 |
1890d |
1890d
|
|
panic: bad arg kind: &prog.IntType{IntTypeCommon:prog.IntTypeCommon{TypeCommon:prog.TypeCommon{TypeName:"int32", FldName
|
|
|
|
1 |
1802d |
1802d
|
|
panic: bad arg kind (2)
|
|
|
|
2 |
1892d |
1894d
|
|
assert "pg->wire_count == 1" failed in vfs_biomem.c
|
|
|
|
66 |
1893d |
2218d
|
|
assert "ifp != NULL" failed in rtsock.c
|
|
|
|
2 |
1893d |
1895d
|
|
panic.go:LINE +0x72 (4)
|
|
|
|
1 |
1804d |
1804d
|
|
uvm_fault: x86_send_ipi
|
|
|
|
1 |
1897d |
1897d
|
|
uvm_fault: VOP_ISLOCKED
|
|
|
|
1 |
1897d |
1897d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (10)
|
|
|
|
3 |
1808d |
1808d
|
|
panic: bad arg kind: <nil> (4)
|
|
|
|
1 |
1810d |
1810d
|
|
panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (6)
|
|
|
|
1 |
1810d |
1810d
|
|
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST, va = ADDR, pa = ADDR (2)
|
|
|
|
1 |
1902d |
1902d
|
|
uvm_fault: m_zero
|
|
|
|
1 |
1903d |
1903d
|
|
panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (5)
|
|
|
|
1 |
1817d |
1817d
|
|
panic: free: non-malloced addr ADDR type in_multi
|
|
|
|
4 |
1908d |
1930d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (9)
|
|
|
|
3 |
1819d |
1819d
|
|
uvm_fault: pfi_kif_update
|
|
|
|
6 |
1910d |
2037d
|
|
uvm_fault: fifo_write
|
|
|
|
1 |
1910d |
1910d
|
|
panic.go:LINE +0x72 (3)
|
|
|
|
1 |
1822d |
1822d
|
|
panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (4)
|
|
|
|
2 |
1824d |
1824d
|
|
panic: receive 1: so ADDR, so_type 3, sb_cc 176
|
|
|
|
1 |
1913d |
1913d
|
|
panic: ffs_valloc: dup alloc
|
|
|
|
2 |
1913d |
1916d
|
|
uvm_fault: 0ddb{1}> ddb{1}> set $lines = 0ddb{1}> set $maxwidth = 0ddb{1}> show panickernel page faultattempt to e
|
|
|
|
1 |
1826d |
1826d
|
|
assert "!_kernel_lock_held()" failed in kern_fork.c
|
|
|
|
15 |
1917d |
2178d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (8)
|
|
|
|
3 |
1830d |
1830d
|
|
panic: WAaRcNqIuNirGi:n g SPbLl NoOcT kLaObWlEReE Ds lOeNe pSY SloCcAkL Lwi 2 t15h7 s79p3i4n4l5o0c kEX IorT 0c rai
|
|
|
|
1 |
1831d |
1831d
|
|
uvm_fault
|
|
|
|
10 |
1923d |
1938d
|
|
panic: free: size too small 24 <= 256 / 2 (ADDR) type in_multi
|
|
|
|
1 |
1929d |
1929d
|
|
panic: bad arg kind: <nil> (3)
|
|
|
|
1 |
1840d |
1840d
|
|
assert "cifp != NULL" failed in route.c
|
|
|
|
89 |
1903d |
1957d
|
|
assert "rt->rt_ifa->ifa_ifp != NULL" failed in route.c
|
|
|
|
830 |
1902d |
1943d
|
|
uvm_fault: in6_purgeaddr
|
|
|
|
1423 |
1902d |
1943d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (7)
|
|
|
|
3 |
1843d |
1843d
|
|
assert "ifp != NULL" failed in if_ether.c
|
|
|
|
208 |
1904d |
1958d
|
|
assert "ifa == rt->rt_ifa" failed in nd6.c (2)
|
|
|
|
262 |
1904d |
1941d
|
|
uvm_fault: tun_clone_destroy
|
|
|
|
1 |
1935d |
1935d
|
|
panic: bad arg kind: <nil> (2)
|
|
|
|
1 |
1851d |
1851d
|
|
panic: bad arg kind: <nil>
|
|
|
|
1 |
1855d |
1855d
|
|
panic.go:LINE +0x72 (2)
|
|
|
|
1 |
1857d |
1857d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (6)
|
|
|
|
3 |
1859d |
1859d
|
|
uvm_fault: pmap_page_remove
|
|
|
|
7 |
1951d |
2208d
|
|
openbsd build error (7)
|
|
|
|
1 |
1863d |
1863d
|
|
multicore boot error: can't ssh into the instance (2)
|
|
|
|
96 |
1879d |
1880d
|
|
openbsd boot error: can't ssh into the instance (2)
|
|
|
|
48 |
1879d |
1880d
|
|
panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (3)
|
|
|
|
1 |
1879d |
1879d
|
|
panic: vref used where vget required
|
|
|
|
1 |
1968d |
1968d
|
|
panic: pfi_dynaddr_update
|
|
|
|
2 |
1985d |
2065d
|
|
uvm_fault: pool_do_put
|
|
|
|
1 |
1903d |
1903d
|
|
panic: runtime error: invalid memory address or nil pointer dereference (2)
|
|
|
|
1 |
1904d |
1904d
|
|
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST, va = ADDR, pa = ADDR
|
|
|
|
1 |
1907d |
1907d
|
|
pool: free list modified: pdppl
|
|
|
|
1 |
1908d |
1908d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5)
|
|
|
|
3 |
1907d |
1907d
|
|
panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (2)
|
|
|
|
1 |
1908d |
1908d
|
|
panic.go:LINE +0x72
|
|
|
|
1 |
1909d |
1909d
|
|
witness: reversal: inode fdlock
|
C |
|
|
523 |
1976d |
2189d
|
|
panic: runtime error: invalid memory address or nil pointer dereference
|
|
|
|
1 |
1913d |
1913d
|
|
panic: fifo_badop called
|
C |
|
|
8841 |
1915d |
2249d
|
|
panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR
|
|
|
|
1 |
1929d |
1929d
|
|
panic: ffs_blkfree: bad size
|
|
|
|
2 |
2029d |
2034d
|
|
kernel: double fault trap, code=0
|
|
|
|
1 |
2077d |
2077d
|
|
assert "la != NULL" failed in if_ether.c
|
|
|
|
3 |
2062d |
2064d
|
|
uvm_fault: ml_purge
|
|
|
|
6 |
2061d |
2067d
|
|
panic: in_cksum: out of data, len 63
|
|
|
|
1 |
2047d |
2047d
|
|
uvm_fault: pfi_ifhead_RB_REMOVE
|
|
|
|
1 |
2068d |
2068d
|
|
panic: uvm_fault_unwire_locked: address not in map (2)
|
|
|
|
7 |
2058d |
2185d
|
|
panicConnection to ssh-serialport.googleapis.com closed by remote host.
|
|
|
|
1 |
1917d |
1917d
|
|
uvm_fault: vfs_lookup
|
|
|
|
1 |
2102d |
2102d
|
|
panic: Data modified on freelist: word 4 of object ADDR size 0x84 previous type free (ADDR != ADDR)
|
|
|
|
1 |
1928d |
1928d
|
|
panic: Data modified on freelist: word 5 of object ADDR size 0xa0 previous type devbuf (0xd != ADDR)
|
|
|
|
1 |
1929d |
1929d
|
|
panic: Data modified on freelist: word 5 of object ADDR size 0xc0 previous type devbuf (0xd != ADDR)
|
|
|
|
1 |
1935d |
1935d
|
|
panic: Data modified on freelist: word 5 of object ADDR size 0x100 previous type devbuf (0xd != ADDR)
|
syz |
|
|
7 |
1928d |
1958d
|
|
panic: attempt WtAoR eNIxNeGc:u tSeP uL seNOrT a LddOrWEesRsE D 0Ox0N iSYn SCsAuLpLe rv3i 4s orEX ImTo d0 e9
|
|
|
|
1 |
1928d |
1928d
|
|
panic: bad arg kind
|
|
|
|
1 |
1940d |
1940d
|
|
uvm_fault: ADDR: movl $ADDR,0(%rdi)ddb> ddb> set $lines = 0ddb> set $maxwidth = 0ddb> show panickernel page
|
|
|
|
1 |
1944d |
1944d
|
|
uvm_fault: ADDR: jmp ADDR
|
|
|
|
1 |
1945d |
1945d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4)
|
|
|
|
9 |
1952d |
1953d
|
|
uvm_fault: pmap_enter
|
syz |
|
|
3 |
2193d |
2199d
|
|
panic: malloc: allocation tooWA RlNaIrNGge: ,SPL NOT LOWERED ON SYSCALL 3 4 EXIT 0 9
|
|
|
|
1 |
1972d |
1972d
|
|
multicore test error: timed out
|
|
|
|
43 |
2090d |
2128d
|
|
panic: amap_add: slot in use
|
|
|
|
2 |
2181d |
2186d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3)
|
|
|
|
12 |
2010d |
2010d
|
|
panic: vput: v_writecount != 0
|
C |
|
|
2 |
2012d |
2012d
|
|
uvm_fault: _bpf_mtap
|
|
|
|
31 |
2223d |
2245d
|
|
panic: pool_cache_item_magic_check: mcl2k cpu free list modified: item addr ADDR+24 ADDR!=ADDR
|
|
|
|
1 |
2226d |
2226d
|
|
panic: rw_enter: vmmaplk locking against myself
|
|
|
|
3 |
2237d |
2239d
|
|
uvm_fault: tun_dev_read
|
|
|
|
2 |
2237d |
2238d
|
|
openbsd test error: timed out
|
|
|
|
19 |
2096d |
2156d
|
|
panic: bpf_mcopy
|
|
|
|
1 |
2241d |
2241d
|
|
multicore build error (4)
|
|
|
|
2 |
2085d |
2085d
|
|
openbsd build error (6)
|
|
|
|
1 |
2085d |
2085d
|
|
pool: double put: mcl2k
|
|
|
|
4 |
2243d |
2245d
|
|
pool: double put: mcl64k
|
|
|
|
1 |
2244d |
2244d
|
|
panic: missing alias
|
|
|
|
1 |
2248d |
2248d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2)
|
|
|
|
3 |
2078d |
2078d
|
|
panic: bad dir
|
C |
|
|
1390 |
2084d |
2085d
|
|
multicore build error (2)
|
|
|
|
10 |
2110d |
2110d
|
|
openbsd build error (4)
|
|
|
|
5 |
2110d |
2110d
|
|
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 2
|
|
|
|
12 |
2119d |
2119d
|
|
multicore build error
|
|
|
|
26 |
2120d |
2121d
|
|
openbsd build error (3)
|
|
|
|
13 |
2120d |
2121d
|
|
multicore boot error: can't ssh into the instance
|
|
|
|
6 |
2120d |
2120d
|
|
openbsd boot error: can't ssh into the instance
|
|
|
|
3 |
2120d |
2120d
|
|
panic: ffs_read: type 0
|
|
|
|
1 |
2257d |
2257d
|
|
panic: serialport: VM disconnected.
|
|
|
|
1 |
2128d |
2128d
|
|
panic: kserialport: VM disconnected.
|
|
|
|
1 |
2128d |
2128d
|
|
panic: kernel diagnostic serialport: VM disconnected.
|
|
|
|
1 |
2129d |
2129d
|
|
panic: kernel diserialport: VM disconnected.
|
|
|
|
1 |
2207d |
2207d
|
|
openbsd build error
|
|
|
|
1 |
2173d |
2173d
|
|
lost connection to test machine
|
C |
|
|
276 |
2221d |
2295d
|
|
https://github.com/openbsd/src.git boot error: uvm_fault: memcmp
|
|
|
|
6 |
2226d |
2226d
|
|
https://github.com/openbsd/src.git test error
|
|
|
|
16 |
2234d |
2255d
|
|
multicore boot error: uvm_fault: smbios_find
|
|
|
|
12 |
2226d |
2226d
|
|
kernel: kernel relinking fa
|
|
|
|
1 |
2315d |
2295d
|
|
https://github.com/openbsd/src.git boot error
|
|
|
|
479 |
2249d |
2295d
|
|
panic: sandbox escaping file name "../file0"
|
|
|
|
111 |
2249d |
2250d
|
|
multicore test error (2)
|
|
|
|
3 |
2236d |
2236d
|
|
multicore test error
|
|
|
|
3 |
2236d |
2236d
|
|
panic: sandbox escaping file name "../file0/file0", Files are map[./file0:true ../file0:true]
|
|
|
|
1 |
2249d |
2249d
|
|
panic: sandbox escaping file name "../file0", Files are map[../file0:true]
|
|
|
|
11 |
2249d |
2249d
|
|
panic: sandbox escaping file name "../file0", Files are map[./file0:true ../file0:true]
|
|
|
|
1 |
2249d |
2249d
|
|
panic: sandbox escaping file name "../file0/file0"
|
|
|
|
2 |
2249d |
2249d
|