syzbot

 sign-in | mailing list | source | docs
🐞 Open [124]
🐞 Fixed [70]
🐞 Invalid [218]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Out of 218 bugs, 178 were automatically obsoleted (27 due to revoked reproducers), 40 were invalidated by users.
Title Repro Cause bisect Fix bisect Count Last Reported
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (7) 2 4d02h 4d02h
SYZFAIL: open(/proc/self/ns/net) failed 1 94d 94d
BUG: soft lockup in sock_write_iter 1 101d 101d
KASAN: use-after-free Read in br_multicast_port_group_expired (2) 1 118d 118d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (6) 8 122d 193d
KASAN: stack-out-of-bounds Read in __xfrm_dst_hash 1 130d 130d
KASAN: use-after-free Read in exact_lock 53 108d 118d
kernel BUG in vlan_get_protocol_dgram C done 6 160d 275d
KASAN: use-after-free Read in fast_dput 14 152d 341d
SYZFAIL: iptable checkpoint: socket(SOCK_STREAM, IPPROTO_TCP) failed 4 153d 240d
SYZFAIL: ebtable: socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) 81 137d 325d
KASAN: use-after-free Read in lock_get_status 4 189d 205d
BUG: corrupted list in tipc_nametbl_translate 2 191d 214d
general protection fault in cleanup_bearer C 14034 173d 176d
KASAN: out-of-bounds Read in __show_regs 1 194d 194d
BUG: soft lockup in br_multicast_group_expired (2) 1 197d 197d
BUG: Bad page map (3) 3 199d 344d
KASAN: use-after-free Write in virtio_transport_recv_pkt C inconclusive 1 251d 443d
KASAN: use-after-free Read in bdev_try_to_free_page 1 204d 204d
KASAN: use-after-free Read in binder_release_work C 154 186d 221d
BUG: soft lockup in mntput 1 223d 223d
SYZFAIL: handshake read failed 1 242d 242d
KASAN: use-after-free Write in l2tp_session_delete 2 242d 266d
kernel BUG in vlan_get_tci 2 247d 275d
SYZFAIL: netlink_send_ext: short netlink write 4 253d 342d
SYZFAIL: posix_spawn failed 9928 216d 352d
SYZFAIL: mmap of output file failed 20 240d 341d
SYZFAIL: child failed syz error error 1 265d 1273d
KASAN: use-after-free Read in ext4_convert_inline_data_nolock syz error 1 284d 417d
KASAN: use-after-free Read in __ext4_check_dir_entry C error 2 288d 407d
BUG: corrupted list in p9_fd_cancelled (4) 4 269d 379d
BUG: unable to handle kernel paging request in __raw_callee_save___kvm_vcpu_is_preempted 1 278d 278d
SYZFAIL: mkdir(syz-tmp) failed 299 239d 352d
SYZFAIL: bad allocate request 148 240d 350d
KASAN: use-after-free Read in wg_queue_enqueue_per_peer_tx 2 280d 285d
SYZFAIL: ShmemBuilder: too large output offset 51 240d 348d
general protection fault in steam_send_report 1 281d 281d
SYZFAIL: can't reallocate 1 285d 285d
SYZFAIL: SIGSEGV 841 246d 360d
KASAN: use-after-free Write in __tlb_remove_page_size 1 288d 288d
SYZFAIL: SIGFPE 2 290d 335d
general protection fault in free_swap_cache 1 299d 299d
KASAN: stack-out-of-bounds Read in __show_regs 1 300d 300d
BUG: soft lockup in br_multicast_port_group_expired 1 301d 301d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5) 30 271d 390d
KASAN: use-after-free Read in br_multicast_port_group_expired 1 304d 304d
BUG: soft lockup in net_rx_action 2 304d 316d
BUG: soft lockup in __run_timers 2 305d 374d
BUG: soft lockup in sys_sendmmsg 2 306d 306d
KASAN: use-after-free Read in usb_udc_uevent (3) 1 307d 307d
BUG: soft lockup in __netif_receive_skb_core 1 309d 309d
KASAN: use-after-free Read in unaccount_page_cache_page (2) 1 311d 311d
KASAN: use-after-free Read in worker_thread 1 313d 313d
BUG: soft lockup in wg_expired_send_persistent_keepalive 1 317d 317d
BUG: soft lockup in br_multicast_group_expired 1 318d 318d
BUG: soft lockup in ip_list_rcv 1 318d 318d
BUG: soft lockup in run_rebalance_domains 1 319d 319d
BUG: soft lockup in ipv6_rcv 3 324d 340d
KASAN: null-ptr-deref Write in __kernfs_remove 1 327d 327d
BUG: soft lockup in vfork 1 328d 328d
BUG: soft lockup in sys_exit_group 1 335d 335d
SYZFAIL: bad thread state in completion syz error error 5 923d 1265d
KASAN: use-after-free Read in dev_get_by_index_rcu 1 344d 344d
BUG: soft lockup in sys_clone 1 348d 348d
BUG: soft lockup in sys_recvmsg 4 349d 427d
SYZFAIL: control pipe read failed 1 351d 351d
SYZFAIL: too many calls in output 2 356d 357d
BUG: soft lockup in sys_bpf 2 362d 366d
BUG: unable to handle kernel paging request in swake_up_locked C inconclusive 1 380d 411d
KASAN: use-after-free Read in macsec_get_iflink syz error 2 385d 511d
KASAN: use-after-free Read in wg_packet_send_staged_packets 1 410d 410d
go runtime error 22 412d 691d
SYZFAIL: tun read failed syz error error 123 338d 1337d
SYZFAIL: proc resp pipe read failed 73 346d 361d
general protection fault in fq_codel_enqueue (2) 2 425d 427d
panic: runtime error: floating point error [recovered] 1 433d 433d
android13-5.10-lts build error 44 396d 416d
KASAN: use-after-free Read in f2fs_write_end_io 1 440d 440d
syzkaller: failed to copy syzkaller: file bin/linux_arm64/syz-fuzzer does not exist 2 362d 362d
BUG: unable to handle kernel paging request in fuse_dev_do_write (3) 1 454d 454d
KASAN: use-after-free Read in unaccount_page_cache_page 150 425d 954d
general protection fault in mnt_want_write (2) 1 492d 492d
BUG: corrupted list in p9_fd_cancelled (3) C done unreliable 38 509d 594d
KASAN: stack-out-of-bounds Read in update_stack_state 1 505d 505d
panic: replaceArg: group fields don't match: NUM/NUM 13 469d 469d
general protection fault in skb_segment C done 1 544d 558d
KASAN: use-after-free Read in key_task_permission 1 543d 543d
android13-5.10-lts test error: lost connection to test machine 1 549d 549d
BUG: unable to handle kernel paging request in fuse_dev_do_write (2) 1 574d 574d
KASAN: null-ptr-deref Write in backing_data_changed C done 3 599d 671d
general protection fault in __writeback_single_inode 1 616d 616d
BUG: Bad page map (2) 1 618d 618d
KASAN: use-after-free Read in locked_inode_to_wb_and_lock_list 2 622d 653d
general protection fault in tipc_conn_close (3) 1 645d 645d
kernel BUG in __block_commit_write 1 647d 647d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) 20 656d 858d
corrupted report (2) 6 657d 734d
BUG: soft lockup in wg_packet_tx_worker 5 666d 716d
BUG: soft lockup in neigh_timer_handler 2 667d 675d
BUG: soft lockup in wg_packet_handshake_send_worker 6 674d 714d
BUG: soft lockup in sys_sendto 2 675d 711d
kernel panic: EXT4-fs (device loop2): panic forced after error 1 678d 678d
BUG: soft lockup in tc_modify_qdisc C done done 314 662d 715d
BUG: soft lockup in addrconf_rs_timer 2 691d 709d
fatal error: fault 1 698d 698d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return syz error error 2 700d 1180d
fatal error: Connection to IP closed by remote host. 3 715d 838d
BUG: stack guard page was hit in corrupted (23) syz error error 1 739d 739d
KASAN: use-after-free Read in usb_udc_uevent (2) 1 736d 736d
kernel BUG in ext4_expand_extra_isize_ea C done done 5 749d 763d
BUG: unable to handle kernel paging request in fuse_dev_do_write 18 710d 775d
KASAN: global-out-of-bounds Read in f2fs_release_page 2 748d 780d
SYZFAIL: clock_gettime failed syz error error 5 755d 1280d
KASAN: use-after-free Read in f2fs_remove_dirty_inode C error error 4 769d 825d
general protection fault in do_swap_page 246 739d 1176d
kernel panic: EXT4-fs (device loop3): panic forced after error 1 792d 792d
general protection fault in kernfs_name_hash (6) C error error 22 823d 988d
kernel panic: EXT4-fs (device loop4): panic forced after error 1 796d 796d
android12-5.10-lts build error (2) 220 779d 879d
VFS: Busy inodes after unmount (use-after-free) C done inconclusive 1 846d 846d
general protection fault in filp_close 1 819d 819d
BUG: unable to handle kernel paging request in z_erofs_decompress_pcluster erofs C error error 3 864d 962d
BUG: Bad page map 1 836d 836d
KASAN: use-after-free Read in hci_cmd_timeout 1 843d 843d
syzkaller: make host failed: failed to run ["make" "host" "ci"]: exit status 2 2 847d 847d
kernel panic: corrupted stack end in sys_sendmmsg syz error error 14 862d 887d
KASAN: use-after-free Read in fuse_copy_one C error inconclusive 1 949d 949d
kernel BUG in jbd2_journal_get_create_access syz error error 1 956d 956d
KASAN: stack-out-of-bounds Read in xfrm_state_find (2) syz error error 1 902d 902d
BUG: scheduling while atomic in f2fs_register_inmem_page C error inconclusive 1 828d 828d
KASAN: use-after-free Read in usb_udc_uevent 2 861d 885d
general protection fault in f2fs_release_page f2fs 3 877d 919d
general protection fault in tipc_conn_close (2) 6 919d 1005d
KASAN: use-after-free Read in xpad_presence_work 1 964d 964d
kernel panic: EXT4-fs (device loop0): panic forced after error ext4 C 1 909d 909d
divide error in netem_enqueue (2) 1 1010d 1010d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields (2) 1 1029d 1029d
panic: runtime error: floating point error 1 1033d 1033d
KASAN: use-after-free Read in __cgroup_bpf_attach (3) 1 1048d 1048d
KASAN: use-after-free Read in __tcf_qdisc_find 1 1049d 1049d
KASAN: invalid-free in selinux_tun_dev_free_security 14 1042d 1052d
general protection fault in fq_codel_enqueue 1 1059d 1059d
BUG: corrupted list in pwq_dec_nr_in_flight (2) 1 1062d 1062d
general protection fault in tcp_sk_exit (2) 1 1070d 1070d
KASAN: use-after-free Read in css_free_rwork_fn (2) 2 1074d 1159d
android12-5.10-lts-superproject build error 24 1082d 1108d
panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[ 23 996d 997d
general protection fault in ext4_xattr_set_entry C error 2 1002d 1017d
kernel BUG in ext4_es_cache_extent C error 1 1028d 1028d
BUG: unable to handle kernel paging request in reuseport_select_sock 1 1102d 1102d
BUG: stack guard page was hit in corrupted (22) syz done done 1 1138d 1138d
kernel panic: corrupted stack end in sys_futex syz error error 1 1166d 1166d
KASAN: use-after-free Read in f2fs_available_free_memory syz error error 7 1225d 1325d
BUG: unable to handle kernel NULL pointer dereference in ipv6_rcv syz 1 1168d 1168d
divide error in netem_enqueue 2 1118d 1129d
general protection fault in tipc_conn_close 1 1134d 1134d
BUG: stack guard page was hit in file_open (11) 4 1136d 1138d
BUG: stack guard page was hit in sys_mkdir (5) 1 1138d 1138d
BUG: stack guard page was hit in sys_creat (10) 1 1138d 1138d
kernel BUG in collapse_huge_page 1 1145d 1145d
general protection fault in __device_attach 1 1147d 1147d
kernel BUG in blk_mq_dispatch_rq_list C error 16 1066d 1266d
KASAN: use-after-free Read in __cgroup_bpf_attach (2) 1 1155d 1155d
KASAN: use-after-free Read in vcs_write 1 1156d 1156d
SYZFAIL: failed to mkdtemp 15 1157d 1325d
BUG: corrupted list in pwq_dec_nr_in_flight 1 1157d 1157d
corrupted report 289 1136d 1285d
BUG: corrupted list in p9_fd_cancelled (2) 3 1167d 1202d
general protection fault in tcp_sk_exit 1 1170d 1170d
SYZFAIL: tun: ioctl(TUNSETIFF) failed 7 1170d 1328d
kernel panic: corrupted stack end in file_open 1 1172d 1172d
general protection fault in icmpv6_sk_exit 1 1178d 1178d
general protection fault in mnt_want_write 1 1185d 1185d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) 3 1097d 1097d
general protection fault in del_gendisk (3) C done 1 1126d 1126d
KASAN: use-after-free Read in io_uring_cancel_task_requests 1 1212d 1212d
KASAN: slab-out-of-bounds Read in fuse_inode_eq 5 1212d 1220d
KASAN: use-after-free Write in dir_mkdir 1 1219d 1219d
KASAN: null-ptr-deref Write in incfs_fresh_pending_reads_exist 1 1225d 1225d
general protection fault in kernfs_name_hash C done 2 1160d 1160d
kernel BUG in notify_change (2) C error 2 1154d 1154d
general protection fault in del_gendisk (2) C error 2 1150d 1151d
SYZFAIL: sandbox fork failed 3 1233d 1317d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields 1 1272d 1272d
SYZFAIL: bad thread state in schedule 1 1252d 1252d
KASAN: stack-out-of-bounds Read in iov_iter_revert C error 10 1182d 1334d
SYZFAIL: invalid syscall number 2 1272d 1293d
kernel BUG in ext4_free_blocks 3 1286d 1318d
general protection fault in io_prep_async_work 1 1255d 1255d
KASAN: use-after-free Read in io_kill_linked_timeout C error 14 1203d 1251d
KASAN: use-after-free Read in __fdget_raw C error error 1 1247d 1247d
KASAN: invalid-free in io_dismantle_req C error 7 1214d 1208d
general protection fault in del_gendisk C error 1 1214d 1320d
BUG: corrupted list in p9_fd_cancelled 1 1294d 1294d
KASAN: use-after-free Read in task_work_run 2 1327d 1327d
KASAN: use-after-free Write in chroot_fs_refs 2 1325d 1327d
BUG: stack guard page was hit in sys_fsetxattr 1 1238d 1238d
BUG: stack guard page was hit in sys_lsetxattr C error inconclusive 2 1244d 1244d
BUG: stack guard page was hit in sys_setxattr C error 6 1241d 1263d
BUG: stack guard page was hit in corrupted C error 3 1228d 1264d
BUG: stack guard page was hit in sys_unlink 2 1263d 1264d
BUG: stack guard page was hit in sys_creat C error done 7 1211d 1275d
BUG: stack guard page was hit in sys_lchown C error 4 1231d 1280d
BUG: stack guard page was hit in sys_chdir 5 1209d 1281d
KASAN: use-after-free Read in css_free_rwork_fn 1 1300d 1300d
KASAN: use-after-free Read in rcu_cblist_dequeue 1 1333d 1327d
BUG: workqueue lockup C error 25 1237d 1336d
KASAN: use-after-free Read in __cgroup_bpf_attach 2 1306d 1309d
KASAN: use-after-free Read in dev_uevent 1 1311d 1311d
general protection fault in bdev_read_page 1 1312d 1312d
SYZFAIL: out of opened kcov threads 47 1288d 1289d
SYZFAIL: tun: can't open /dev/net/tun 1 1322d 1322d
KASAN: use-after-free Read in compute_effective_progs 1 1318d 1318d
KASAN: stack-out-of-bounds Read in xfrm_state_find 1 1322d 1322d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) 1 1243d 1243d
android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit 69 1298d 1324d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 1 1316d 1316d
android12-5.10-lts build error 1 1339d 1339d