syzbot

 sign-in | mailing list | source | docs
🐞 Open [118]
🐞 Fixed [69]
🐞 Invalid [237]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Out of 237 bugs, 196 were automatically obsoleted (32 due to revoked reproducers), 41 were invalidated by users.
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported
general protection fault in tipc_conn_close (4) 2 2 90d 156d
general protection fault in __rt6_nh_dev_match 2 2 95d 107d
KASAN: slab-out-of-bounds Read in dentry_revalidate 17 2 100d 178d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return (2) 4 C error 2 114d 306d
general protection fault in ip6_create_rt_rcu 2 1 107d 107d
SYZFAIL: netlink_send_ext: short netlink write (2) -1 2 108d 173d
KASAN: use-after-free Write in l2tp_session_delete (2) 24 3 109d 210d
BUG: soft lockup in cleanup_net 1 1 111d 111d
BUG: soft lockup in input_repeat_key 1 C error 3 165d 673d
general protection fault in __loop_clr_fd 2 1 113d 113d
KASAN: use-after-free Read in fast_dput (2) 19 1 114d 114d
KASAN: use-after-free Write in ext4_insert_dentry 24 C done 25 128d 347d
kernel BUG in ext4_ind_map_blocks -1 2 119d 138d
BUG: soft lockup in addrconf_rs_timer (2) 1 C 265 100d 431d
kernel BUG in blk_mq_dispatch_rq_list (4) fat -1 C error 16 786d 1038d
BUG: unable to handle kernel paging request in __gnet_stats_copy_basic 8 1 122d 122d
general protection fault in current_umask 2 C unreliable 5 134d 344d
KASAN: use-after-free Write in skb_release_data 24 1 126d 126d
KASAN: use-after-free Write in tipc_mon_reinit_self 24 1 150d 150d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (7) -1 2 71d 71d
SYZFAIL: open(/proc/self/ns/net) failed -1 1 162d 162d
BUG: soft lockup in sock_write_iter 1 1 168d 168d
KASAN: use-after-free Read in br_multicast_port_group_expired (2) 19 1 185d 185d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (6) -1 8 189d 261d
KASAN: stack-out-of-bounds Read in __xfrm_dst_hash 17 1 197d 197d
KASAN: use-after-free Read in exact_lock 19 53 175d 185d
kernel BUG in vlan_get_protocol_dgram -1 C done 6 228d 343d
KASAN: use-after-free Read in fast_dput 19 14 219d 409d
SYZFAIL: iptable checkpoint: socket(SOCK_STREAM, IPPROTO_TCP) failed -1 4 220d 308d
SYZFAIL: ebtable: socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) -1 81 204d 392d
KASAN: use-after-free Read in lock_get_status 19 4 256d 273d
BUG: corrupted list in tipc_nametbl_translate 8 2 259d 281d
general protection fault in cleanup_bearer 19 C 14034 240d 243d
KASAN: out-of-bounds Read in __show_regs 17 1 262d 262d
BUG: soft lockup in br_multicast_group_expired (2) 1 1 265d 265d
BUG: Bad page map (3) -1 3 266d 412d
KASAN: use-after-free Write in virtio_transport_recv_pkt 24 C inconclusive 1 319d 511d
KASAN: use-after-free Read in bdev_try_to_free_page 19 1 271d 271d
KASAN: use-after-free Read in binder_release_work 19 C 154 254d 288d
BUG: soft lockup in mntput 1 1 290d 290d
SYZFAIL: handshake read failed -1 1 309d 309d
KASAN: use-after-free Write in l2tp_session_delete 24 2 310d 334d
kernel BUG in vlan_get_tci -1 2 314d 343d
SYZFAIL: netlink_send_ext: short netlink write -1 4 320d 409d
SYZFAIL: posix_spawn failed -1 9928 283d 420d
SYZFAIL: mmap of output file failed -1 20 308d 409d
SYZFAIL: child failed -1 syz error error 1 332d 1341d
KASAN: use-after-free Read in ext4_convert_inline_data_nolock 19 syz error 1 351d 484d
KASAN: use-after-free Read in __ext4_check_dir_entry 19 C error 2 356d 474d
BUG: corrupted list in p9_fd_cancelled (4) 8 4 337d 446d
BUG: unable to handle kernel paging request in __raw_callee_save___kvm_vcpu_is_preempted 8 1 346d 346d
SYZFAIL: mkdir(syz-tmp) failed -1 299 307d 419d
SYZFAIL: bad allocate request -1 148 307d 418d
KASAN: use-after-free Read in wg_queue_enqueue_per_peer_tx 19 2 348d 352d
SYZFAIL: ShmemBuilder: too large output offset -1 51 308d 416d
general protection fault in steam_send_report 2 1 349d 349d
SYZFAIL: can't reallocate -1 1 352d 352d
SYZFAIL: SIGSEGV -1 841 314d 428d
KASAN: use-after-free Write in __tlb_remove_page_size 24 1 356d 356d
SYZFAIL: SIGFPE -1 2 357d 402d
general protection fault in free_swap_cache 2 1 367d 367d
KASAN: stack-out-of-bounds Read in __show_regs 17 1 368d 368d
BUG: soft lockup in br_multicast_port_group_expired 1 1 369d 369d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5) -1 30 338d 457d
KASAN: use-after-free Read in br_multicast_port_group_expired 19 1 372d 372d
BUG: soft lockup in net_rx_action 1 2 372d 384d
BUG: soft lockup in __run_timers 1 2 372d 441d
BUG: soft lockup in sys_sendmmsg 1 2 374d 374d
KASAN: use-after-free Read in usb_udc_uevent (3) 19 1 375d 375d
BUG: soft lockup in __netif_receive_skb_core 1 1 376d 376d
KASAN: use-after-free Read in unaccount_page_cache_page (2) 19 1 379d 379d
KASAN: use-after-free Read in worker_thread 19 1 381d 381d
BUG: soft lockup in wg_expired_send_persistent_keepalive 1 1 385d 385d
BUG: soft lockup in br_multicast_group_expired 1 1 385d 385d
BUG: soft lockup in ip_list_rcv 1 1 386d 386d
BUG: soft lockup in run_rebalance_domains 1 1 387d 387d
BUG: soft lockup in ipv6_rcv 1 3 391d 408d
KASAN: null-ptr-deref Write in __kernfs_remove 12 1 394d 394d
BUG: soft lockup in vfork 1 1 396d 396d
BUG: soft lockup in sys_exit_group 1 1 402d 402d
SYZFAIL: bad thread state in completion -1 syz error error 5 991d 1332d
KASAN: use-after-free Read in dev_get_by_index_rcu 19 1 411d 411d
BUG: soft lockup in sys_clone 1 1 415d 415d
BUG: soft lockup in sys_recvmsg 1 4 416d 495d
SYZFAIL: control pipe read failed -1 1 419d 419d
SYZFAIL: too many calls in output -1 2 424d 424d
BUG: soft lockup in sys_bpf 1 2 429d 433d
BUG: unable to handle kernel paging request in swake_up_locked 8 C inconclusive 1 447d 479d
KASAN: use-after-free Read in macsec_get_iflink 19 syz error 2 452d 579d
KASAN: use-after-free Read in wg_packet_send_staged_packets 19 1 478d 478d
go runtime error 2 22 480d 759d
SYZFAIL: tun read failed -1 syz error error 123 406d 1404d
SYZFAIL: proc resp pipe read failed -1 73 413d 429d
general protection fault in fq_codel_enqueue (2) 2 2 493d 494d
panic: runtime error: floating point error [recovered] 2 1 500d 500d
android13-5.10-lts build error -1 44 463d 483d
KASAN: use-after-free Read in f2fs_write_end_io 19 1 507d 507d
syzkaller: failed to copy syzkaller: file bin/linux_arm64/syz-fuzzer does not exist -1 2 429d 429d
BUG: unable to handle kernel paging request in fuse_dev_do_write (3) 8 1 521d 521d
KASAN: use-after-free Read in unaccount_page_cache_page 19 150 493d 1021d
general protection fault in mnt_want_write (2) 2 1 559d 559d
BUG: corrupted list in p9_fd_cancelled (3) 8 C done unreliable 38 577d 662d
KASAN: stack-out-of-bounds Read in update_stack_state 17 1 572d 572d
panic: replaceArg: group fields don't match: NUM/NUM 2 13 536d 537d
general protection fault in skb_segment 2 C done 1 612d 626d
KASAN: use-after-free Read in key_task_permission 19 1 610d 610d
android13-5.10-lts test error: lost connection to test machine -1 1 616d 616d
BUG: unable to handle kernel paging request in fuse_dev_do_write (2) 8 1 641d 641d
KASAN: null-ptr-deref Write in backing_data_changed 12 C done 3 666d 738d
general protection fault in __writeback_single_inode 2 1 684d 684d
BUG: Bad page map (2) -1 1 686d 686d
KASAN: use-after-free Read in locked_inode_to_wb_and_lock_list 19 2 690d 720d
general protection fault in tipc_conn_close (3) 2 1 712d 712d
kernel BUG in __block_commit_write -1 1 714d 714d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) -1 20 723d 925d
corrupted report (2) -1 6 724d 802d
BUG: soft lockup in wg_packet_tx_worker 1 5 734d 783d
BUG: soft lockup in neigh_timer_handler 1 2 734d 743d
BUG: soft lockup in wg_packet_handshake_send_worker 1 6 742d 782d
BUG: soft lockup in sys_sendto 1 2 742d 779d
kernel panic: EXT4-fs (device loop2): panic forced after error 2 1 746d 746d
BUG: soft lockup in tc_modify_qdisc 1 C done done 314 729d 783d
BUG: soft lockup in addrconf_rs_timer 1 2 759d 777d
fatal error: fault -1 1 765d 765d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return 4 syz error error 2 767d 1248d
fatal error: Connection to IP closed by remote host. -1 3 782d 905d
BUG: stack guard page was hit in corrupted (23) -1 syz error error 1 807d 807d
KASAN: use-after-free Read in usb_udc_uevent (2) 19 1 804d 804d
kernel BUG in ext4_expand_extra_isize_ea -1 C done done 5 817d 831d
BUG: unable to handle kernel paging request in fuse_dev_do_write 8 18 777d 842d
KASAN: global-out-of-bounds Read in f2fs_release_page 19 2 815d 847d
SYZFAIL: clock_gettime failed -1 syz error error 5 822d 1348d
KASAN: use-after-free Read in f2fs_remove_dirty_inode 19 C error error 4 836d 893d
general protection fault in do_swap_page 2 246 806d 1243d
kernel panic: EXT4-fs (device loop3): panic forced after error 2 1 860d 860d
general protection fault in kernfs_name_hash (6) 2 C error error 22 890d 1056d
kernel panic: EXT4-fs (device loop4): panic forced after error 2 1 863d 863d
android12-5.10-lts build error (2) -1 220 846d 947d
VFS: Busy inodes after unmount (use-after-free) 2 C done inconclusive 1 914d 914d
general protection fault in filp_close 2 1 887d 887d
BUG: unable to handle kernel paging request in z_erofs_decompress_pcluster erofs 8 C error error 3 932d 1030d
BUG: Bad page map -1 1 904d 904d
KASAN: use-after-free Read in hci_cmd_timeout 19 1 911d 911d
syzkaller: make host failed: failed to run ["make" "host" "ci"]: exit status 2 -1 2 915d 915d
kernel panic: corrupted stack end in sys_sendmmsg 2 syz error error 14 929d 955d
KASAN: use-after-free Read in fuse_copy_one 19 C error inconclusive 1 1016d 1016d
kernel BUG in jbd2_journal_get_create_access -1 syz error error 1 1024d 1024d
KASAN: stack-out-of-bounds Read in xfrm_state_find (2) 17 syz error error 1 970d 970d
BUG: scheduling while atomic in f2fs_register_inmem_page 5 C error inconclusive 1 895d 895d
KASAN: use-after-free Read in usb_udc_uevent 19 2 929d 952d
general protection fault in f2fs_release_page f2fs 19 3 945d 987d
general protection fault in tipc_conn_close (2) 2 6 986d 1072d
KASAN: use-after-free Read in xpad_presence_work 19 1 1031d 1031d
kernel panic: EXT4-fs (device loop0): panic forced after error ext4 2 C 1 977d 977d
divide error in netem_enqueue (2) 2 1 1078d 1078d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields (2) 17 1 1096d 1096d
panic: runtime error: floating point error 2 1 1101d 1101d
KASAN: use-after-free Read in __cgroup_bpf_attach (3) 19 1 1115d 1115d
KASAN: use-after-free Read in __tcf_qdisc_find 19 1 1116d 1116d
KASAN: invalid-free in selinux_tun_dev_free_security 22 14 1109d 1119d
general protection fault in fq_codel_enqueue 2 1 1127d 1127d
BUG: corrupted list in pwq_dec_nr_in_flight (2) 8 1 1130d 1130d
general protection fault in tcp_sk_exit (2) 2 1 1138d 1138d
KASAN: use-after-free Read in css_free_rwork_fn (2) 19 2 1142d 1227d
android12-5.10-lts-superproject build error -1 24 1150d 1176d
panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[ 2 23 1063d 1065d
general protection fault in ext4_xattr_set_entry 2 C error 2 1070d 1084d
kernel BUG in ext4_es_cache_extent -1 C error 1 1095d 1095d
BUG: unable to handle kernel paging request in reuseport_select_sock 8 1 1169d 1169d
BUG: stack guard page was hit in corrupted (22) -1 syz done done 1 1206d 1206d
kernel panic: corrupted stack end in sys_futex 2 syz error error 1 1233d 1233d
KASAN: use-after-free Read in f2fs_available_free_memory 19 syz error error 7 1292d 1392d
BUG: unable to handle kernel NULL pointer dereference in ipv6_rcv 10 syz 1 1235d 1235d
divide error in netem_enqueue 2 2 1185d 1196d
general protection fault in tipc_conn_close 2 1 1201d 1201d
BUG: stack guard page was hit in file_open (11) -1 4 1203d 1206d
BUG: stack guard page was hit in sys_mkdir (5) -1 1 1205d 1205d
BUG: stack guard page was hit in sys_creat (10) -1 1 1206d 1206d
kernel BUG in collapse_huge_page -1 1 1212d 1212d
general protection fault in __device_attach 2 1 1215d 1215d
kernel BUG in blk_mq_dispatch_rq_list -1 C error 16 1134d 1333d
KASAN: use-after-free Read in __cgroup_bpf_attach (2) 19 1 1223d 1223d
KASAN: use-after-free Read in vcs_write 19 1 1224d 1224d
SYZFAIL: failed to mkdtemp -1 15 1225d 1392d
BUG: corrupted list in pwq_dec_nr_in_flight 8 1 1225d 1225d
corrupted report -1 289 1203d 1352d
BUG: corrupted list in p9_fd_cancelled (2) 8 3 1234d 1270d
general protection fault in tcp_sk_exit 2 1 1237d 1237d
SYZFAIL: tun: ioctl(TUNSETIFF) failed -1 7 1237d 1396d
kernel panic: corrupted stack end in file_open 2 1 1240d 1240d
general protection fault in icmpv6_sk_exit 2 1 1246d 1246d
general protection fault in mnt_want_write 2 1 1252d 1252d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) -1 3 1164d 1164d
general protection fault in del_gendisk (3) 2 C done 1 1194d 1194d
KASAN: use-after-free Read in io_uring_cancel_task_requests 19 1 1279d 1279d
KASAN: slab-out-of-bounds Read in fuse_inode_eq 17 5 1280d 1287d
KASAN: use-after-free Write in dir_mkdir 24 1 1286d 1286d
KASAN: null-ptr-deref Write in incfs_fresh_pending_reads_exist 12 1 1293d 1293d
general protection fault in kernfs_name_hash 2 C done 2 1228d 1228d
kernel BUG in notify_change (2) -1 C error 2 1221d 1221d
general protection fault in del_gendisk (2) 2 C error 2 1218d 1219d
SYZFAIL: sandbox fork failed -1 3 1301d 1384d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields 17 1 1340d 1340d
SYZFAIL: bad thread state in schedule -1 1 1320d 1320d
KASAN: stack-out-of-bounds Read in iov_iter_revert 17 C error 10 1249d 1402d
SYZFAIL: invalid syscall number -1 2 1339d 1361d
kernel BUG in ext4_free_blocks -1 3 1353d 1386d
general protection fault in io_prep_async_work 2 1 1323d 1323d
KASAN: use-after-free Read in io_kill_linked_timeout 19 C error 14 1271d 1319d
KASAN: use-after-free Read in __fdget_raw 19 C error error 1 1314d 1314d
KASAN: invalid-free in io_dismantle_req 22 C error 7 1281d 1276d
general protection fault in del_gendisk 2 C error 1 1281d 1388d
BUG: corrupted list in p9_fd_cancelled 8 1 1361d 1361d
KASAN: use-after-free Read in task_work_run 19 2 1395d 1394d
KASAN: use-after-free Write in chroot_fs_refs 24 2 1392d 1394d
BUG: stack guard page was hit in sys_fsetxattr -1 1 1305d 1305d
BUG: stack guard page was hit in sys_lsetxattr -1 C error inconclusive 2 1311d 1311d
BUG: stack guard page was hit in sys_setxattr -1 C error 6 1308d 1331d
BUG: stack guard page was hit in corrupted -1 C error 3 1296d 1331d
BUG: stack guard page was hit in sys_unlink -1 2 1331d 1331d
BUG: stack guard page was hit in sys_creat -1 C error done 7 1278d 1343d
BUG: stack guard page was hit in sys_lchown -1 C error 4 1299d 1348d
BUG: stack guard page was hit in sys_chdir -1 5 1277d 1349d
KASAN: use-after-free Read in css_free_rwork_fn 19 1 1368d 1368d
KASAN: use-after-free Read in rcu_cblist_dequeue 19 1 1400d 1394d
BUG: workqueue lockup -1 C error 25 1305d 1403d
KASAN: use-after-free Read in __cgroup_bpf_attach 19 2 1374d 1376d
KASAN: use-after-free Read in dev_uevent 19 1 1379d 1379d
general protection fault in bdev_read_page 2 1 1380d 1380d
SYZFAIL: out of opened kcov threads -1 47 1356d 1357d
SYZFAIL: tun: can't open /dev/net/tun -1 1 1389d 1389d
KASAN: use-after-free Read in compute_effective_progs 19 1 1385d 1385d
KASAN: stack-out-of-bounds Read in xfrm_state_find 17 1 1389d 1389d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) -1 1 1311d 1311d
android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit -1 69 1365d 1392d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 -1 1 1384d 1384d
android12-5.10-lts build error -1 1 1406d 1406d