syzbot

 sign-in | mailing list | source | docs
🐞 Open [128]
🐞 Fixed [69]
🐞 Invalid [274]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Out of 274 bugs, 229 were automatically obsoleted (41 due to revoked reproducers), 45 were invalidated by users.
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported
BUG: soft lockup in bpf_prog_release 1 1 90d 90d
syzkaller: make host failed: failed to run ["make" "host" "ci" "agent"]: exit status 2 -1 2 23d 23d
BUG: soft lockup in sys_recvmsg (2) 1 C error 2 133d 312d
KASAN: use-after-free Read in hci_uart_write_work 19 2 122d 136d
KASAN: use-after-free Read in f2fs_release_page 19 2 125d 134d
BUG: soft lockup in rcu_core_si 1 1 128d 128d
KASAN: null-ptr-deref Write in incfs_kill_sb 12 1 137d 137d
SYZFAIL: failed to recv rpc -1 syz 1264 60d 602d
general protection fault in ip6_create_rt_rcu (2) 2 1 150d 150d
general protection fault in inherit_task_group 2 C 48 162d 744d
KASAN: use-after-free Read in seq_printf 19 15 158d 266d
KASAN: use-after-free Read in steam_send_report 19 3 159d 171d
BUG: soft lockup in sys_openat 1 1 161d 161d
KASAN: use-after-free Write in __ip6_del_rt 22 syz 11 163d 313d
KASAN: use-after-free Read in fib_flush 19 7 166d 266d
BUG: soft lockup in sys_clone (2) 1 1 175d 175d
BUG: soft lockup in sys_bind 1 1 181d 181d
SYZFAIL: mount(tmpfs) failed -1 1 182d 182d
general protection fault in nexthop_get_nhc_lookup 2 syz 20 153d 235d
general protection fault in find_match 2 50 151d 331d
KASAN: use-after-free Read in f2fs_inode_dirtied 19 C done 3 203d 253d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (9) -1 2 104d 104d
SYZFAIL: SIGSEGV (2) -1 3 195d 289d
kernel BUG in ext4_create_inline_data -1 C done 2 211d 272d
KASAN: slab-out-of-bounds Read in mon_bin_event 17 C done 60 188d 243d
BUG: scheduling while atomic in futex_wait_queue_me 5 1 213d 213d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (8) -1 2 135d 135d
KASAN: slab-out-of-bounds Write in try_module_get 21 11 230d 302d
BUG: soft lockup in sock_read_iter 1 2 232d 245d
KASAN: use-after-free Write in u32_destroy_key 22 1 236d 236d
general protection fault in lo_ioctl 2 1 249d 249d
KASAN: use-after-free Read in ext4_xattr_inode_dec_ref_all 19 C done 3 311d 339d
KASAN: use-after-free Read in tw_timer_handler 19 syz 10 230d 264d
SYZFAIL: SIGFPE (2) -1 8 262d 439d
KASAN: use-after-free Read in exact_lock (2) 19 172 230d 309d
KASAN: use-after-free Read in tcp_net_metrics_exit_batch 19 613 230d 269d
KASAN: use-after-free Read in inet_twsk_purge 19 74 233d 268d
general protection fault in tipc_conn_close (4) 2 2 276d 342d
general protection fault in __rt6_nh_dev_match 2 2 281d 292d
KASAN: slab-out-of-bounds Read in dentry_revalidate 17 2 286d 364d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return (2) 4 C error 2 300d 492d
general protection fault in ip6_create_rt_rcu 2 1 292d 292d
SYZFAIL: netlink_send_ext: short netlink write (2) -1 2 294d 359d
KASAN: use-after-free Write in l2tp_session_delete (2) 22 3 295d 395d
BUG: soft lockup in cleanup_net 1 1 297d 297d
BUG: soft lockup in input_repeat_key 1 C error 3 351d 859d
general protection fault in __loop_clr_fd 2 1 299d 299d
KASAN: use-after-free Read in fast_dput (2) 19 1 300d 300d
KASAN: use-after-free Write in ext4_insert_dentry 22 C done 25 314d 533d
kernel BUG in ext4_ind_map_blocks -1 2 305d 324d
BUG: soft lockup in addrconf_rs_timer (2) 1 C 265 286d 617d
kernel BUG in blk_mq_dispatch_rq_list (4) fat -1 C error 16 972d 1224d
BUG: unable to handle kernel paging request in __gnet_stats_copy_basic 8 1 308d 308d
general protection fault in current_umask 2 C unreliable 5 320d 530d
KASAN: use-after-free Write in skb_release_data 22 1 312d 312d
KASAN: use-after-free Write in tipc_mon_reinit_self 22 1 335d 335d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (7) -1 2 257d 257d
SYZFAIL: open(/proc/self/ns/net) failed -1 1 348d 348d
BUG: soft lockup in sock_write_iter 1 1 354d 354d
KASAN: use-after-free Read in br_multicast_port_group_expired (2) 19 1 371d 371d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (6) -1 8 375d 447d
KASAN: stack-out-of-bounds Read in __xfrm_dst_hash 17 1 383d 383d
KASAN: use-after-free Read in exact_lock 19 53 361d 371d
kernel BUG in vlan_get_protocol_dgram -1 C done 6 413d 528d
KASAN: use-after-free Read in fast_dput 19 14 405d 595d
SYZFAIL: iptable checkpoint: socket(SOCK_STREAM, IPPROTO_TCP) failed -1 4 406d 494d
SYZFAIL: ebtable: socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) -1 81 390d 578d
KASAN: use-after-free Read in lock_get_status 19 4 442d 459d
BUG: corrupted list in tipc_nametbl_translate 8 2 445d 467d
general protection fault in cleanup_bearer 19 C 14034 426d 429d
KASAN: out-of-bounds Read in __show_regs 17 1 448d 448d
BUG: soft lockup in br_multicast_group_expired (2) 1 1 451d 451d
BUG: Bad page map (3) -1 3 452d 598d
KASAN: use-after-free Write in virtio_transport_recv_pkt 22 C inconclusive 1 505d 697d
KASAN: use-after-free Read in bdev_try_to_free_page 19 1 457d 457d
KASAN: use-after-free Read in binder_release_work 19 C 154 440d 474d
BUG: soft lockup in mntput 1 1 476d 476d
SYZFAIL: handshake read failed -1 1 495d 495d
KASAN: use-after-free Write in l2tp_session_delete 22 2 496d 520d
kernel BUG in vlan_get_tci -1 2 500d 529d
SYZFAIL: netlink_send_ext: short netlink write -1 4 506d 595d
SYZFAIL: posix_spawn failed -1 9928 469d 606d
SYZFAIL: mmap of output file failed -1 20 494d 595d
SYZFAIL: child failed -1 syz error error 1 518d 1527d
KASAN: use-after-free Read in ext4_convert_inline_data_nolock 19 syz error 1 537d 670d
KASAN: use-after-free Read in __ext4_check_dir_entry 19 C error 2 542d 660d
BUG: corrupted list in p9_fd_cancelled (4) 8 4 523d 632d
BUG: unable to handle kernel paging request in __raw_callee_save___kvm_vcpu_is_preempted 8 1 531d 531d
SYZFAIL: mkdir(syz-tmp) failed -1 299 493d 605d
SYZFAIL: bad allocate request -1 148 493d 603d
KASAN: use-after-free Read in wg_queue_enqueue_per_peer_tx 19 2 534d 538d
SYZFAIL: ShmemBuilder: too large output offset -1 51 494d 602d
general protection fault in steam_send_report 2 1 535d 535d
SYZFAIL: can't reallocate -1 1 538d 538d
SYZFAIL: SIGSEGV -1 841 500d 614d
KASAN: use-after-free Write in __tlb_remove_page_size 22 1 541d 541d
SYZFAIL: SIGFPE -1 2 543d 588d
general protection fault in free_swap_cache 2 1 553d 553d
KASAN: stack-out-of-bounds Read in __show_regs 17 1 554d 554d
BUG: soft lockup in br_multicast_port_group_expired 1 1 555d 555d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5) -1 30 524d 643d
KASAN: use-after-free Read in br_multicast_port_group_expired 19 1 558d 558d
BUG: soft lockup in net_rx_action 1 2 558d 570d
BUG: soft lockup in __run_timers 1 2 558d 627d
BUG: soft lockup in sys_sendmmsg 1 2 560d 560d
KASAN: use-after-free Read in usb_udc_uevent (3) 19 1 560d 560d
BUG: soft lockup in __netif_receive_skb_core 1 1 562d 562d
KASAN: use-after-free Read in unaccount_page_cache_page (2) 19 1 565d 565d
KASAN: use-after-free Read in worker_thread 19 1 567d 567d
BUG: soft lockup in wg_expired_send_persistent_keepalive 1 1 570d 570d
BUG: soft lockup in br_multicast_group_expired 1 1 571d 571d
BUG: soft lockup in ip_list_rcv 1 1 572d 572d
BUG: soft lockup in run_rebalance_domains 1 1 573d 573d
BUG: soft lockup in ipv6_rcv 1 3 577d 594d
KASAN: null-ptr-deref Write in __kernfs_remove 12 1 580d 580d
BUG: soft lockup in vfork 1 1 582d 582d
BUG: soft lockup in sys_exit_group 1 1 588d 588d
SYZFAIL: bad thread state in completion -1 syz error error 5 1176d 1518d
KASAN: use-after-free Read in dev_get_by_index_rcu 19 1 597d 597d
BUG: soft lockup in sys_clone 1 1 601d 601d
BUG: soft lockup in sys_recvmsg 1 4 602d 681d
SYZFAIL: control pipe read failed -1 1 605d 605d
SYZFAIL: too many calls in output -1 2 610d 610d
BUG: soft lockup in sys_bpf 1 2 615d 619d
BUG: unable to handle kernel paging request in swake_up_locked 8 C inconclusive 1 633d 665d
KASAN: use-after-free Read in macsec_get_iflink 19 syz error 2 638d 765d
KASAN: use-after-free Read in wg_packet_send_staged_packets 19 1 664d 664d
go runtime error 2 22 666d 944d
SYZFAIL: tun read failed -1 syz error error 123 592d 1590d
SYZFAIL: proc resp pipe read failed -1 73 599d 615d
general protection fault in fq_codel_enqueue (2) 2 2 679d 680d
panic: runtime error: floating point error [recovered] 2 1 686d 686d
android13-5.10-lts build error -1 44 649d 669d
KASAN: use-after-free Read in f2fs_write_end_io 19 1 693d 693d
syzkaller: failed to copy syzkaller: file bin/linux_arm64/syz-fuzzer does not exist -1 2 615d 615d
BUG: unable to handle kernel paging request in fuse_dev_do_write (3) 8 1 707d 707d
KASAN: use-after-free Read in unaccount_page_cache_page 19 150 679d 1207d
general protection fault in mnt_want_write (2) 2 1 745d 745d
BUG: corrupted list in p9_fd_cancelled (3) 8 C done unreliable 38 763d 848d
KASAN: stack-out-of-bounds Read in update_stack_state 17 1 758d 758d
panic: replaceArg: group fields don't match: NUM/NUM 2 13 722d 723d
general protection fault in skb_segment 2 C done 1 798d 812d
KASAN: use-after-free Read in key_task_permission 19 1 796d 796d
android13-5.10-lts test error: lost connection to test machine -1 1 802d 802d
BUG: unable to handle kernel paging request in fuse_dev_do_write (2) 8 1 827d 827d
KASAN: null-ptr-deref Write in backing_data_changed 12 C done 3 852d 924d
general protection fault in __writeback_single_inode 2 1 869d 869d
BUG: Bad page map (2) -1 1 871d 871d
KASAN: use-after-free Read in locked_inode_to_wb_and_lock_list 19 2 875d 906d
general protection fault in tipc_conn_close (3) 2 1 898d 898d
kernel BUG in __block_commit_write -1 1 900d 900d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) -1 20 909d 1111d
corrupted report (2) -1 6 910d 988d
BUG: soft lockup in wg_packet_tx_worker 1 5 920d 969d
BUG: soft lockup in neigh_timer_handler 1 2 920d 929d
BUG: soft lockup in wg_packet_handshake_send_worker 1 6 927d 968d
BUG: soft lockup in sys_sendto 1 2 928d 965d
kernel panic: EXT4-fs (device loop2): panic forced after error 2 1 932d 932d
BUG: soft lockup in tc_modify_qdisc 1 C done done 314 915d 969d
BUG: soft lockup in addrconf_rs_timer 1 2 945d 963d
fatal error: fault -1 1 951d 951d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return 4 syz error error 2 953d 1434d
fatal error: Connection to IP closed by remote host. -1 3 968d 1091d
BUG: stack guard page was hit in corrupted (23) -1 syz error error 1 993d 993d
KASAN: use-after-free Read in usb_udc_uevent (2) 19 1 990d 990d
kernel BUG in ext4_expand_extra_isize_ea -1 C done done 5 1003d 1017d
BUG: unable to handle kernel paging request in fuse_dev_do_write 8 18 963d 1028d
KASAN: global-out-of-bounds Read in f2fs_release_page 19 2 1001d 1033d
SYZFAIL: clock_gettime failed -1 syz error error 5 1008d 1534d
KASAN: use-after-free Read in f2fs_remove_dirty_inode 19 C error error 4 1022d 1079d
general protection fault in do_swap_page 2 246 992d 1429d
kernel panic: EXT4-fs (device loop3): panic forced after error 2 1 1046d 1046d
general protection fault in kernfs_name_hash (6) 2 C error error 22 1076d 1242d
kernel panic: EXT4-fs (device loop4): panic forced after error 2 1 1049d 1049d
android12-5.10-lts build error (2) -1 220 1032d 1133d
VFS: Busy inodes after unmount (use-after-free) 2 C done inconclusive 1 1100d 1100d
general protection fault in filp_close 2 1 1073d 1073d
BUG: unable to handle kernel paging request in z_erofs_decompress_pcluster erofs 8 C error error 3 1117d 1215d
BUG: Bad page map -1 1 1090d 1090d
KASAN: use-after-free Read in hci_cmd_timeout 19 1 1097d 1097d
syzkaller: make host failed: failed to run ["make" "host" "ci"]: exit status 2 -1 2 1101d 1101d
kernel panic: corrupted stack end in sys_sendmmsg 2 syz error error 14 1115d 1141d
KASAN: use-after-free Read in fuse_copy_one 19 C error inconclusive 1 1202d 1202d
kernel BUG in jbd2_journal_get_create_access -1 syz error error 1 1209d 1209d
KASAN: stack-out-of-bounds Read in xfrm_state_find (2) 17 syz error error 1 1156d 1156d
BUG: scheduling while atomic in f2fs_register_inmem_page 5 C error inconclusive 1 1081d 1081d
KASAN: use-after-free Read in usb_udc_uevent 19 2 1115d 1138d
general protection fault in f2fs_release_page f2fs 19 3 1131d 1173d
general protection fault in tipc_conn_close (2) 2 6 1172d 1258d
KASAN: use-after-free Read in xpad_presence_work 19 1 1217d 1217d
kernel panic: EXT4-fs (device loop0): panic forced after error ext4 2 C 1 1163d 1163d
divide error in netem_enqueue (2) 2 1 1263d 1263d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields (2) 17 1 1282d 1282d
panic: runtime error: floating point error 2 1 1287d 1287d
KASAN: use-after-free Read in __cgroup_bpf_attach (3) 19 1 1301d 1301d
KASAN: use-after-free Read in __tcf_qdisc_find 19 1 1302d 1302d
KASAN: invalid-free in selinux_tun_dev_free_security 24 14 1295d 1305d
general protection fault in fq_codel_enqueue 2 1 1313d 1313d
BUG: corrupted list in pwq_dec_nr_in_flight (2) 8 1 1316d 1316d
general protection fault in tcp_sk_exit (2) 2 1 1324d 1324d
KASAN: use-after-free Read in css_free_rwork_fn (2) 19 2 1328d 1412d
android12-5.10-lts-superproject build error -1 24 1336d 1362d
panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[ 2 23 1249d 1250d
general protection fault in ext4_xattr_set_entry 2 C error 2 1256d 1270d
kernel BUG in ext4_es_cache_extent -1 C error 1 1281d 1281d
BUG: unable to handle kernel paging request in reuseport_select_sock 8 1 1355d 1355d
BUG: stack guard page was hit in corrupted (22) -1 syz done done 1 1392d 1392d
kernel panic: corrupted stack end in sys_futex 2 syz error error 1 1419d 1419d
KASAN: use-after-free Read in f2fs_available_free_memory 19 syz error error 7 1478d 1578d
BUG: unable to handle kernel NULL pointer dereference in ipv6_rcv 10 syz 1 1421d 1421d
divide error in netem_enqueue 2 2 1371d 1382d
general protection fault in tipc_conn_close 2 1 1387d 1387d
BUG: stack guard page was hit in file_open (11) -1 4 1389d 1392d
BUG: stack guard page was hit in sys_mkdir (5) -1 1 1391d 1391d
BUG: stack guard page was hit in sys_creat (10) -1 1 1392d 1392d
kernel BUG in collapse_huge_page -1 1 1398d 1398d
general protection fault in __device_attach 2 1 1401d 1401d
kernel BUG in blk_mq_dispatch_rq_list -1 C error 16 1320d 1519d
KASAN: use-after-free Read in __cgroup_bpf_attach (2) 19 1 1409d 1409d
KASAN: use-after-free Read in vcs_write 19 1 1410d 1410d
SYZFAIL: failed to mkdtemp -1 15 1410d 1578d
BUG: corrupted list in pwq_dec_nr_in_flight 8 1 1411d 1411d
corrupted report -1 289 1389d 1538d
BUG: corrupted list in p9_fd_cancelled (2) 8 3 1420d 1456d
general protection fault in tcp_sk_exit 2 1 1423d 1423d
SYZFAIL: tun: ioctl(TUNSETIFF) failed -1 7 1423d 1582d
kernel panic: corrupted stack end in file_open 2 1 1426d 1426d
general protection fault in icmpv6_sk_exit 2 1 1432d 1432d
general protection fault in mnt_want_write 2 1 1438d 1438d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) -1 3 1350d 1350d
general protection fault in del_gendisk (3) 2 C done 1 1380d 1380d
KASAN: use-after-free Read in io_uring_cancel_task_requests 19 1 1465d 1465d
KASAN: slab-out-of-bounds Read in fuse_inode_eq 17 5 1465d 1473d
KASAN: use-after-free Write in dir_mkdir 22 1 1472d 1472d
KASAN: null-ptr-deref Write in incfs_fresh_pending_reads_exist 12 1 1479d 1479d
general protection fault in kernfs_name_hash 2 C done 2 1413d 1413d
kernel BUG in notify_change (2) -1 C error 2 1407d 1407d
general protection fault in del_gendisk (2) 2 C error 2 1404d 1405d
SYZFAIL: sandbox fork failed -1 3 1487d 1570d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields 17 1 1526d 1526d
SYZFAIL: bad thread state in schedule -1 1 1506d 1506d
KASAN: stack-out-of-bounds Read in iov_iter_revert 17 C error 10 1435d 1588d
SYZFAIL: invalid syscall number -1 2 1525d 1547d
kernel BUG in ext4_free_blocks -1 3 1539d 1572d
general protection fault in io_prep_async_work 2 1 1509d 1509d
KASAN: use-after-free Read in io_kill_linked_timeout 19 C error 14 1457d 1505d
KASAN: use-after-free Read in __fdget_raw 19 C error error 1 1500d 1500d
KASAN: invalid-free in io_dismantle_req 24 C error 7 1467d 1461d
general protection fault in del_gendisk 2 C error 1 1467d 1574d
BUG: corrupted list in p9_fd_cancelled 8 1 1547d 1547d
KASAN: use-after-free Read in task_work_run 19 2 1581d 1580d
KASAN: use-after-free Write in chroot_fs_refs 22 2 1578d 1580d
BUG: stack guard page was hit in sys_fsetxattr -1 1 1491d 1491d
BUG: stack guard page was hit in sys_lsetxattr -1 C error inconclusive 2 1497d 1497d
BUG: stack guard page was hit in sys_setxattr -1 C error 6 1494d 1517d
BUG: stack guard page was hit in corrupted -1 C error 3 1482d 1517d
BUG: stack guard page was hit in sys_unlink -1 2 1517d 1517d
BUG: stack guard page was hit in sys_creat -1 C error done 7 1464d 1529d
BUG: stack guard page was hit in sys_lchown -1 C error 4 1485d 1534d
BUG: stack guard page was hit in sys_chdir -1 5 1463d 1535d
KASAN: use-after-free Read in css_free_rwork_fn 19 1 1554d 1554d
KASAN: use-after-free Read in rcu_cblist_dequeue 19 1 1586d 1580d
BUG: workqueue lockup -1 C error 25 1491d 1589d
KASAN: use-after-free Read in __cgroup_bpf_attach 19 2 1560d 1562d
KASAN: use-after-free Read in dev_uevent 19 1 1564d 1564d
general protection fault in bdev_read_page 2 1 1566d 1566d
SYZFAIL: out of opened kcov threads -1 47 1542d 1542d
SYZFAIL: tun: can't open /dev/net/tun -1 1 1575d 1575d
KASAN: use-after-free Read in compute_effective_progs 19 1 1571d 1571d
KASAN: stack-out-of-bounds Read in xfrm_state_find 17 1 1575d 1575d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) -1 1 1497d 1497d
android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit -1 69 1551d 1578d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 -1 1 1570d 1570d
android12-5.10-lts build error -1 1 1592d 1592d