syzbot

 sign-in | mailing list | source | docs
🐞 Open [107]
🐞 Fixed [70]
🐞 Invalid [208]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Out of 208 bugs, 169 were automatically obsoleted (26 due to revoked reproducers), 39 were invalidated by users.
Title Repro Cause bisect Fix bisect Count Last Reported
SYZFAIL: ebtable: socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) 81 64d 252d
KASAN: use-after-free Read in lock_get_status 4 116d 133d
BUG: corrupted list in tipc_nametbl_translate 2 119d 141d
general protection fault in cleanup_bearer C 14034 100d 103d
KASAN: out-of-bounds Read in __show_regs 1 122d 122d
BUG: soft lockup in br_multicast_group_expired (2) 1 125d 125d
BUG: Bad page map (3) 3 126d 272d
KASAN: use-after-free Write in virtio_transport_recv_pkt C inconclusive 1 179d 371d
KASAN: use-after-free Read in bdev_try_to_free_page 1 131d 131d
KASAN: use-after-free Read in binder_release_work C 154 114d 148d
BUG: soft lockup in mntput 1 150d 150d
SYZFAIL: handshake read failed 1 169d 169d
KASAN: use-after-free Write in l2tp_session_delete 2 170d 194d
kernel BUG in vlan_get_tci 2 174d 203d
SYZFAIL: netlink_send_ext: short netlink write 4 180d 269d
SYZFAIL: posix_spawn failed 9928 143d 280d
SYZFAIL: mmap of output file failed 20 168d 269d
SYZFAIL: child failed syz error error 1 192d 1201d
KASAN: use-after-free Read in ext4_convert_inline_data_nolock syz error 1 211d 344d
KASAN: use-after-free Read in __ext4_check_dir_entry C error 2 216d 334d
BUG: corrupted list in p9_fd_cancelled (4) 4 197d 306d
BUG: unable to handle kernel paging request in __raw_callee_save___kvm_vcpu_is_preempted 1 205d 205d
SYZFAIL: mkdir(syz-tmp) failed 299 167d 279d
SYZFAIL: bad allocate request 148 167d 277d
KASAN: use-after-free Read in wg_queue_enqueue_per_peer_tx 2 208d 212d
SYZFAIL: ShmemBuilder: too large output offset 51 168d 276d
general protection fault in steam_send_report 1 209d 209d
SYZFAIL: can't reallocate 1 212d 212d
SYZFAIL: SIGSEGV 841 174d 288d
KASAN: use-after-free Write in __tlb_remove_page_size 1 215d 215d
SYZFAIL: SIGFPE 2 217d 262d
general protection fault in free_swap_cache 1 227d 227d
KASAN: stack-out-of-bounds Read in __show_regs 1 228d 228d
BUG: soft lockup in br_multicast_port_group_expired 1 229d 229d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5) 30 198d 317d
KASAN: use-after-free Read in br_multicast_port_group_expired 1 232d 232d
BUG: soft lockup in net_rx_action 2 232d 244d
BUG: soft lockup in __run_timers 2 232d 301d
BUG: soft lockup in sys_sendmmsg 2 234d 234d
KASAN: use-after-free Read in usb_udc_uevent (3) 1 234d 234d
BUG: soft lockup in __netif_receive_skb_core 1 236d 236d
KASAN: use-after-free Read in unaccount_page_cache_page (2) 1 239d 239d
KASAN: use-after-free Read in worker_thread 1 241d 241d
BUG: soft lockup in wg_expired_send_persistent_keepalive 1 245d 245d
BUG: soft lockup in br_multicast_group_expired 1 245d 245d
BUG: soft lockup in ip_list_rcv 1 246d 246d
BUG: soft lockup in run_rebalance_domains 1 247d 247d
BUG: soft lockup in ipv6_rcv 3 251d 268d
KASAN: null-ptr-deref Write in __kernfs_remove 1 254d 254d
BUG: soft lockup in vfork 1 256d 256d
BUG: soft lockup in sys_exit_group 1 262d 262d
SYZFAIL: bad thread state in completion syz error error 5 850d 1192d
KASAN: use-after-free Read in dev_get_by_index_rcu 1 271d 271d
BUG: soft lockup in sys_clone 1 275d 275d
BUG: soft lockup in sys_recvmsg 4 276d 355d
SYZFAIL: control pipe read failed 1 279d 279d
SYZFAIL: too many calls in output 2 284d 284d
BUG: soft lockup in sys_bpf 2 289d 293d
BUG: unable to handle kernel paging request in swake_up_locked C inconclusive 1 307d 339d
KASAN: use-after-free Read in macsec_get_iflink syz error 2 312d 439d
KASAN: use-after-free Read in wg_packet_send_staged_packets 1 338d 338d
go runtime error 22 340d 618d
SYZFAIL: tun read failed syz error error 123 266d 1264d
SYZFAIL: proc resp pipe read failed 73 273d 289d
general protection fault in fq_codel_enqueue (2) 2 353d 354d
panic: runtime error: floating point error [recovered] 1 360d 360d
android13-5.10-lts build error 44 323d 343d
KASAN: use-after-free Read in f2fs_write_end_io 1 367d 367d
syzkaller: failed to copy syzkaller: file bin/linux_arm64/syz-fuzzer does not exist 2 289d 289d
BUG: unable to handle kernel paging request in fuse_dev_do_write (3) 1 381d 381d
KASAN: use-after-free Read in unaccount_page_cache_page 150 353d 881d
general protection fault in mnt_want_write (2) 1 419d 419d
BUG: corrupted list in p9_fd_cancelled (3) C done unreliable 38 437d 522d
KASAN: stack-out-of-bounds Read in update_stack_state 1 432d 432d
panic: replaceArg: group fields don't match: NUM/NUM 13 396d 397d
general protection fault in skb_segment C done 1 472d 486d
KASAN: use-after-free Read in key_task_permission 1 470d 470d
android13-5.10-lts test error: lost connection to test machine 1 476d 476d
BUG: unable to handle kernel paging request in fuse_dev_do_write (2) 1 501d 501d
KASAN: null-ptr-deref Write in backing_data_changed C done 3 526d 598d
general protection fault in __writeback_single_inode 1 543d 543d
BUG: Bad page map (2) 1 545d 545d
KASAN: use-after-free Read in locked_inode_to_wb_and_lock_list 2 550d 580d
general protection fault in tipc_conn_close (3) 1 572d 572d
kernel BUG in __block_commit_write 1 574d 574d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) 20 583d 785d
corrupted report (2) 6 584d 662d
BUG: soft lockup in wg_packet_tx_worker 5 594d 643d
BUG: soft lockup in neigh_timer_handler 2 594d 603d
BUG: soft lockup in wg_packet_handshake_send_worker 6 601d 642d
BUG: soft lockup in sys_sendto 2 602d 639d
kernel panic: EXT4-fs (device loop2): panic forced after error 1 606d 606d
BUG: soft lockup in tc_modify_qdisc C done done 314 589d 643d
BUG: soft lockup in addrconf_rs_timer 2 619d 637d
fatal error: fault 1 625d 625d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return syz error error 2 627d 1108d
fatal error: Connection to IP closed by remote host. 3 642d 765d
BUG: stack guard page was hit in corrupted (23) syz error error 1 667d 667d
KASAN: use-after-free Read in usb_udc_uevent (2) 1 664d 664d
kernel BUG in ext4_expand_extra_isize_ea C done done 5 677d 691d
BUG: unable to handle kernel paging request in fuse_dev_do_write 18 637d 702d
KASAN: global-out-of-bounds Read in f2fs_release_page 2 675d 707d
SYZFAIL: clock_gettime failed syz error error 5 682d 1208d
KASAN: use-after-free Read in f2fs_remove_dirty_inode C error error 4 696d 753d
general protection fault in do_swap_page 246 666d 1103d
kernel panic: EXT4-fs (device loop3): panic forced after error 1 720d 720d
general protection fault in kernfs_name_hash (6) C error error 22 750d 916d
kernel panic: EXT4-fs (device loop4): panic forced after error 1 723d 723d
android12-5.10-lts build error (2) 220 706d 807d
VFS: Busy inodes after unmount (use-after-free) C done inconclusive 1 774d 774d
general protection fault in filp_close 1 747d 747d
BUG: unable to handle kernel paging request in z_erofs_decompress_pcluster erofs C error error 3 791d 889d
BUG: Bad page map 1 764d 764d
KASAN: use-after-free Read in hci_cmd_timeout 1 771d 771d
syzkaller: make host failed: failed to run ["make" "host" "ci"]: exit status 2 2 775d 775d
kernel panic: corrupted stack end in sys_sendmmsg syz error error 14 789d 815d
KASAN: use-after-free Read in fuse_copy_one C error inconclusive 1 876d 876d
kernel BUG in jbd2_journal_get_create_access syz error error 1 883d 883d
KASAN: stack-out-of-bounds Read in xfrm_state_find (2) syz error error 1 830d 830d
BUG: scheduling while atomic in f2fs_register_inmem_page C error inconclusive 1 755d 755d
KASAN: use-after-free Read in usb_udc_uevent 2 789d 812d
general protection fault in f2fs_release_page f2fs 3 805d 847d
general protection fault in tipc_conn_close (2) 6 846d 932d
KASAN: use-after-free Read in xpad_presence_work 1 891d 891d
kernel panic: EXT4-fs (device loop0): panic forced after error ext4 C 1 837d 837d
divide error in netem_enqueue (2) 1 938d 938d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields (2) 1 956d 956d
panic: runtime error: floating point error 1 961d 961d
KASAN: use-after-free Read in __cgroup_bpf_attach (3) 1 975d 975d
KASAN: use-after-free Read in __tcf_qdisc_find 1 976d 976d
KASAN: invalid-free in selinux_tun_dev_free_security 14 969d 979d
general protection fault in fq_codel_enqueue 1 987d 987d
BUG: corrupted list in pwq_dec_nr_in_flight (2) 1 990d 990d
general protection fault in tcp_sk_exit (2) 1 998d 998d
KASAN: use-after-free Read in css_free_rwork_fn (2) 2 1002d 1086d
android12-5.10-lts-superproject build error 24 1010d 1036d
panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[ 23 923d 924d
general protection fault in ext4_xattr_set_entry C error 2 930d 944d
kernel BUG in ext4_es_cache_extent C error 1 955d 955d
BUG: unable to handle kernel paging request in reuseport_select_sock 1 1029d 1029d
BUG: stack guard page was hit in corrupted (22) syz done done 1 1066d 1066d
kernel panic: corrupted stack end in sys_futex syz error error 1 1093d 1093d
KASAN: use-after-free Read in f2fs_available_free_memory syz error error 7 1152d 1252d
BUG: unable to handle kernel NULL pointer dereference in ipv6_rcv syz 1 1095d 1095d
divide error in netem_enqueue 2 1045d 1056d
general protection fault in tipc_conn_close 1 1061d 1061d
BUG: stack guard page was hit in file_open (11) 4 1063d 1066d
BUG: stack guard page was hit in sys_mkdir (5) 1 1065d 1065d
BUG: stack guard page was hit in sys_creat (10) 1 1066d 1066d
kernel BUG in collapse_huge_page 1 1072d 1072d
general protection fault in __device_attach 1 1075d 1075d
kernel BUG in blk_mq_dispatch_rq_list C error 16 994d 1193d
KASAN: use-after-free Read in __cgroup_bpf_attach (2) 1 1083d 1083d
KASAN: use-after-free Read in vcs_write 1 1084d 1084d
SYZFAIL: failed to mkdtemp 15 1084d 1252d
BUG: corrupted list in pwq_dec_nr_in_flight 1 1085d 1085d
corrupted report 289 1063d 1212d
BUG: corrupted list in p9_fd_cancelled (2) 3 1094d 1130d
general protection fault in tcp_sk_exit 1 1097d 1097d
SYZFAIL: tun: ioctl(TUNSETIFF) failed 7 1097d 1256d
kernel panic: corrupted stack end in file_open 1 1100d 1100d
general protection fault in icmpv6_sk_exit 1 1106d 1106d
general protection fault in mnt_want_write 1 1112d 1112d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) 3 1024d 1024d
general protection fault in del_gendisk (3) C done 1 1054d 1054d
KASAN: use-after-free Read in io_uring_cancel_task_requests 1 1139d 1139d
KASAN: slab-out-of-bounds Read in fuse_inode_eq 5 1139d 1147d
KASAN: use-after-free Write in dir_mkdir 1 1146d 1146d
KASAN: null-ptr-deref Write in incfs_fresh_pending_reads_exist 1 1153d 1153d
general protection fault in kernfs_name_hash C done 2 1087d 1087d
kernel BUG in notify_change (2) C error 2 1081d 1081d
general protection fault in del_gendisk (2) C error 2 1078d 1079d
SYZFAIL: sandbox fork failed 3 1161d 1244d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields 1 1200d 1200d
SYZFAIL: bad thread state in schedule 1 1180d 1180d
KASAN: stack-out-of-bounds Read in iov_iter_revert C error 10 1109d 1262d
SYZFAIL: invalid syscall number 2 1199d 1221d
kernel BUG in ext4_free_blocks 3 1213d 1246d
general protection fault in io_prep_async_work 1 1183d 1183d
KASAN: use-after-free Read in io_kill_linked_timeout C error 14 1131d 1179d
KASAN: use-after-free Read in __fdget_raw C error error 1 1174d 1174d
KASAN: invalid-free in io_dismantle_req C error 7 1141d 1136d
general protection fault in del_gendisk C error 1 1141d 1248d
BUG: corrupted list in p9_fd_cancelled 1 1221d 1221d
KASAN: use-after-free Read in task_work_run 2 1255d 1254d
KASAN: use-after-free Write in chroot_fs_refs 2 1252d 1254d
BUG: stack guard page was hit in sys_fsetxattr 1 1165d 1165d
BUG: stack guard page was hit in sys_lsetxattr C error inconclusive 2 1171d 1171d
BUG: stack guard page was hit in sys_setxattr C error 6 1168d 1191d
BUG: stack guard page was hit in corrupted C error 3 1156d 1191d
BUG: stack guard page was hit in sys_unlink 2 1191d 1191d
BUG: stack guard page was hit in sys_creat C error done 7 1138d 1203d
BUG: stack guard page was hit in sys_lchown C error 4 1159d 1208d
BUG: stack guard page was hit in sys_chdir 5 1137d 1209d
KASAN: use-after-free Read in css_free_rwork_fn 1 1228d 1228d
KASAN: use-after-free Read in rcu_cblist_dequeue 1 1260d 1254d
BUG: workqueue lockup C error 25 1165d 1263d
KASAN: use-after-free Read in __cgroup_bpf_attach 2 1234d 1236d
KASAN: use-after-free Read in dev_uevent 1 1238d 1238d
general protection fault in bdev_read_page 1 1240d 1240d
SYZFAIL: out of opened kcov threads 47 1216d 1217d
SYZFAIL: tun: can't open /dev/net/tun 1 1249d 1249d
KASAN: use-after-free Read in compute_effective_progs 1 1245d 1245d
KASAN: stack-out-of-bounds Read in xfrm_state_find 1 1249d 1249d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) 1 1171d 1171d
android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit 69 1225d 1252d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 1 1244d 1244d
android12-5.10-lts build error 1 1266d 1266d