syzbot

 sign-in | mailing list | source | docs
🐞 Open [99]
🐞 Fixed [70]
🐞 Invalid [197]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Out of 197 bugs, 158 were automatically obsoleted (23 due to revoked reproducers), 39 were invalidated by users.
Title Repro Cause bisect Fix bisect Count Last Reported
SYZFAIL: handshake read failed 1 92d 92d
KASAN: use-after-free Write in l2tp_session_delete 2 92d 116d
kernel BUG in vlan_get_tci 2 96d 125d
SYZFAIL: netlink_send_ext: short netlink write 4 102d 191d
SYZFAIL: posix_spawn failed 9928 65d 202d
SYZFAIL: mmap of output file failed 20 90d 191d
SYZFAIL: child failed syz error error 1 114d 1123d
KASAN: use-after-free Read in ext4_convert_inline_data_nolock syz error 1 133d 266d
KASAN: use-after-free Read in __ext4_check_dir_entry C error 2 138d 256d
BUG: corrupted list in p9_fd_cancelled (4) 4 119d 229d
BUG: unable to handle kernel paging request in __raw_callee_save___kvm_vcpu_is_preempted 1 128d 128d
SYZFAIL: mkdir(syz-tmp) failed 299 89d 201d
SYZFAIL: bad allocate request 148 90d 200d
KASAN: use-after-free Read in wg_queue_enqueue_per_peer_tx 2 130d 134d
SYZFAIL: ShmemBuilder: too large output offset 51 90d 198d
general protection fault in steam_send_report 1 131d 131d
SYZFAIL: can't reallocate 1 135d 135d
SYZFAIL: SIGSEGV 841 96d 210d
KASAN: use-after-free Write in __tlb_remove_page_size 1 138d 138d
SYZFAIL: SIGFPE 2 139d 184d
general protection fault in free_swap_cache 1 149d 149d
KASAN: stack-out-of-bounds Read in __show_regs 1 150d 150d
BUG: soft lockup in br_multicast_port_group_expired 1 151d 151d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5) 30 120d 239d
KASAN: use-after-free Read in br_multicast_port_group_expired 1 154d 154d
BUG: soft lockup in net_rx_action 2 154d 166d
BUG: soft lockup in __run_timers 2 155d 223d
BUG: soft lockup in sys_sendmmsg 2 156d 156d
KASAN: use-after-free Read in usb_udc_uevent (3) 1 157d 157d
BUG: soft lockup in __netif_receive_skb_core 1 158d 158d
KASAN: use-after-free Read in unaccount_page_cache_page (2) 1 161d 161d
KASAN: use-after-free Read in worker_thread 1 163d 163d
BUG: soft lockup in wg_expired_send_persistent_keepalive 1 167d 167d
BUG: soft lockup in br_multicast_group_expired 1 168d 168d
BUG: soft lockup in ip_list_rcv 1 168d 168d
BUG: soft lockup in run_rebalance_domains 1 169d 169d
BUG: soft lockup in ipv6_rcv 3 173d 190d
KASAN: null-ptr-deref Write in __kernfs_remove 1 176d 176d
BUG: soft lockup in vfork 1 178d 178d
BUG: soft lockup in sys_exit_group 1 184d 184d
SYZFAIL: bad thread state in completion syz error error 5 773d 1115d
KASAN: use-after-free Read in dev_get_by_index_rcu 1 194d 194d
BUG: soft lockup in sys_clone 1 197d 197d
BUG: soft lockup in sys_recvmsg 4 198d 277d
SYZFAIL: control pipe read failed 1 201d 201d
SYZFAIL: too many calls in output 2 206d 206d
BUG: soft lockup in sys_bpf 2 211d 216d
BUG: unable to handle kernel paging request in swake_up_locked C inconclusive 1 230d 261d
KASAN: use-after-free Read in macsec_get_iflink syz error 2 235d 361d
KASAN: use-after-free Read in wg_packet_send_staged_packets 1 260d 260d
go runtime error 22 262d 541d
SYZFAIL: tun read failed syz error error 123 188d 1186d
SYZFAIL: proc resp pipe read failed 73 195d 211d
general protection fault in fq_codel_enqueue (2) 2 275d 277d
panic: runtime error: floating point error [recovered] 1 282d 282d
android13-5.10-lts build error 44 246d 265d
KASAN: use-after-free Read in f2fs_write_end_io 1 290d 290d
syzkaller: failed to copy syzkaller: file bin/linux_arm64/syz-fuzzer does not exist 2 211d 211d
BUG: unable to handle kernel paging request in fuse_dev_do_write (3) 1 303d 303d
KASAN: use-after-free Read in unaccount_page_cache_page 150 275d 804d
general protection fault in mnt_want_write (2) 1 341d 341d
BUG: corrupted list in p9_fd_cancelled (3) C done unreliable 38 359d 444d
KASAN: stack-out-of-bounds Read in update_stack_state 1 355d 355d
panic: replaceArg: group fields don't match: NUM/NUM 13 319d 319d
general protection fault in skb_segment C done 1 394d 408d
KASAN: use-after-free Read in key_task_permission 1 393d 393d
android13-5.10-lts test error: lost connection to test machine 1 398d 398d
BUG: unable to handle kernel paging request in fuse_dev_do_write (2) 1 424d 424d
KASAN: null-ptr-deref Write in backing_data_changed C done 3 448d 521d
general protection fault in __writeback_single_inode 1 466d 466d
BUG: Bad page map (2) 1 468d 468d
KASAN: use-after-free Read in locked_inode_to_wb_and_lock_list 2 472d 502d
general protection fault in tipc_conn_close (3) 1 495d 495d
kernel BUG in __block_commit_write 1 496d 496d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) 20 505d 707d
corrupted report (2) 6 506d 584d
BUG: soft lockup in wg_packet_tx_worker 5 516d 565d
BUG: soft lockup in neigh_timer_handler 2 517d 525d
BUG: soft lockup in wg_packet_handshake_send_worker 6 524d 564d
BUG: soft lockup in sys_sendto 2 524d 561d
kernel panic: EXT4-fs (device loop2): panic forced after error 1 528d 528d
BUG: soft lockup in tc_modify_qdisc C done done 314 512d 565d
BUG: soft lockup in addrconf_rs_timer 2 541d 559d
fatal error: fault 1 548d 548d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return syz error error 2 549d 1030d
fatal error: Connection to IP closed by remote host. 3 564d 688d
BUG: stack guard page was hit in corrupted (23) syz error error 1 589d 589d
KASAN: use-after-free Read in usb_udc_uevent (2) 1 586d 586d
kernel BUG in ext4_expand_extra_isize_ea C done done 5 599d 613d
BUG: unable to handle kernel paging request in fuse_dev_do_write 18 559d 625d
KASAN: global-out-of-bounds Read in f2fs_release_page 2 597d 629d
SYZFAIL: clock_gettime failed syz error error 5 605d 1130d
KASAN: use-after-free Read in f2fs_remove_dirty_inode C error error 4 619d 675d
general protection fault in do_swap_page 246 589d 1026d
kernel panic: EXT4-fs (device loop3): panic forced after error 1 642d 642d
general protection fault in kernfs_name_hash (6) C error error 22 672d 838d
kernel panic: EXT4-fs (device loop4): panic forced after error 1 646d 646d
android12-5.10-lts build error (2) 220 628d 729d
VFS: Busy inodes after unmount (use-after-free) C done inconclusive 1 696d 696d
general protection fault in filp_close 1 669d 669d
BUG: unable to handle kernel paging request in z_erofs_decompress_pcluster erofs C error error 3 714d 812d
BUG: Bad page map 1 686d 686d
KASAN: use-after-free Read in hci_cmd_timeout 1 693d 693d
syzkaller: make host failed: failed to run ["make" "host" "ci"]: exit status 2 2 697d 697d
kernel panic: corrupted stack end in sys_sendmmsg syz error error 14 711d 737d
KASAN: use-after-free Read in fuse_copy_one C error inconclusive 1 799d 799d
kernel BUG in jbd2_journal_get_create_access syz error error 1 806d 806d
KASAN: stack-out-of-bounds Read in xfrm_state_find (2) syz error error 1 752d 752d
BUG: scheduling while atomic in f2fs_register_inmem_page C error inconclusive 1 678d 678d
KASAN: use-after-free Read in usb_udc_uevent 2 711d 735d
general protection fault in f2fs_release_page f2fs 3 727d 769d
general protection fault in tipc_conn_close (2) 6 768d 855d
KASAN: use-after-free Read in xpad_presence_work 1 813d 813d
kernel panic: EXT4-fs (device loop0): panic forced after error ext4 C 1 759d 759d
divide error in netem_enqueue (2) 1 860d 860d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields (2) 1 878d 878d
panic: runtime error: floating point error 1 883d 883d
KASAN: use-after-free Read in __cgroup_bpf_attach (3) 1 897d 897d
KASAN: use-after-free Read in __tcf_qdisc_find 1 898d 898d
KASAN: invalid-free in selinux_tun_dev_free_security 14 892d 901d
general protection fault in fq_codel_enqueue 1 909d 909d
BUG: corrupted list in pwq_dec_nr_in_flight (2) 1 912d 912d
general protection fault in tcp_sk_exit (2) 1 920d 920d
KASAN: use-after-free Read in css_free_rwork_fn (2) 2 924d 1009d
android12-5.10-lts-superproject build error 24 932d 958d
panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[ 23 845d 847d
general protection fault in ext4_xattr_set_entry C error 2 852d 866d
kernel BUG in ext4_es_cache_extent C error 1 877d 877d
BUG: unable to handle kernel paging request in reuseport_select_sock 1 951d 951d
BUG: stack guard page was hit in corrupted (22) syz done done 1 988d 988d
kernel panic: corrupted stack end in sys_futex syz error error 1 1015d 1015d
KASAN: use-after-free Read in f2fs_available_free_memory syz error error 7 1075d 1174d
BUG: unable to handle kernel NULL pointer dereference in ipv6_rcv syz 1 1018d 1018d
divide error in netem_enqueue 2 967d 978d
general protection fault in tipc_conn_close 1 983d 983d
BUG: stack guard page was hit in file_open (11) 4 986d 988d
BUG: stack guard page was hit in sys_mkdir (5) 1 987d 987d
BUG: stack guard page was hit in sys_creat (10) 1 988d 988d
kernel BUG in collapse_huge_page 1 995d 995d
general protection fault in __device_attach 1 997d 997d
kernel BUG in blk_mq_dispatch_rq_list C error 16 916d 1116d
KASAN: use-after-free Read in __cgroup_bpf_attach (2) 1 1005d 1005d
KASAN: use-after-free Read in vcs_write 1 1006d 1006d
SYZFAIL: failed to mkdtemp 15 1007d 1174d
BUG: corrupted list in pwq_dec_nr_in_flight 1 1007d 1007d
corrupted report 289 986d 1135d
BUG: corrupted list in p9_fd_cancelled (2) 3 1016d 1052d
general protection fault in tcp_sk_exit 1 1019d 1019d
SYZFAIL: tun: ioctl(TUNSETIFF) failed 7 1019d 1178d
kernel panic: corrupted stack end in file_open 1 1022d 1022d
general protection fault in icmpv6_sk_exit 1 1028d 1028d
general protection fault in mnt_want_write 1 1034d 1034d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) 3 946d 946d
general protection fault in del_gendisk (3) C done 1 976d 976d
KASAN: use-after-free Read in io_uring_cancel_task_requests 1 1061d 1061d
KASAN: slab-out-of-bounds Read in fuse_inode_eq 5 1062d 1069d
KASAN: use-after-free Write in dir_mkdir 1 1068d 1068d
KASAN: null-ptr-deref Write in incfs_fresh_pending_reads_exist 1 1075d 1075d
general protection fault in kernfs_name_hash C done 2 1010d 1010d
kernel BUG in notify_change (2) C error 2 1003d 1003d
general protection fault in del_gendisk (2) C error 2 1000d 1001d
SYZFAIL: sandbox fork failed 3 1083d 1166d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields 1 1122d 1122d
SYZFAIL: bad thread state in schedule 1 1102d 1102d
KASAN: stack-out-of-bounds Read in iov_iter_revert C error 10 1031d 1184d
SYZFAIL: invalid syscall number 2 1121d 1143d
kernel BUG in ext4_free_blocks 3 1135d 1168d
general protection fault in io_prep_async_work 1 1105d 1105d
KASAN: use-after-free Read in io_kill_linked_timeout C error 14 1053d 1101d
KASAN: use-after-free Read in __fdget_raw C error error 1 1096d 1096d
KASAN: invalid-free in io_dismantle_req C error 7 1064d 1058d
general protection fault in del_gendisk C error 1 1063d 1170d
BUG: corrupted list in p9_fd_cancelled 1 1143d 1143d
KASAN: use-after-free Read in task_work_run 2 1177d 1176d
KASAN: use-after-free Write in chroot_fs_refs 2 1175d 1176d
BUG: stack guard page was hit in sys_fsetxattr 1 1087d 1087d
BUG: stack guard page was hit in sys_lsetxattr C error inconclusive 2 1093d 1093d
BUG: stack guard page was hit in sys_setxattr C error 6 1090d 1113d
BUG: stack guard page was hit in corrupted C error 3 1078d 1113d
BUG: stack guard page was hit in sys_unlink 2 1113d 1113d
BUG: stack guard page was hit in sys_creat C error done 7 1060d 1125d
BUG: stack guard page was hit in sys_lchown C error 4 1081d 1130d
BUG: stack guard page was hit in sys_chdir 5 1059d 1131d
KASAN: use-after-free Read in css_free_rwork_fn 1 1150d 1150d
KASAN: use-after-free Read in rcu_cblist_dequeue 1 1182d 1176d
BUG: workqueue lockup C error 25 1087d 1185d
KASAN: use-after-free Read in __cgroup_bpf_attach 2 1156d 1158d
KASAN: use-after-free Read in dev_uevent 1 1161d 1161d
general protection fault in bdev_read_page 1 1162d 1162d
SYZFAIL: out of opened kcov threads 47 1138d 1139d
SYZFAIL: tun: can't open /dev/net/tun 1 1172d 1172d
KASAN: use-after-free Read in compute_effective_progs 1 1167d 1167d
KASAN: stack-out-of-bounds Read in xfrm_state_find 1 1171d 1171d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) 1 1093d 1093d
android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit 69 1148d 1174d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 1 1166d 1166d
android12-5.10-lts build error 1 1188d 1188d