syzbot

 sign-in | mailing list | source | docs
🐞 Open [57] 🐞 Fixed [70] 🐞 Invalid [123] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

Out of 123 bugs, 87 were automatically obsoleted (14 due to revoked reproducers), 36 were invalidated by users.
Title Repro Cause bisect Fix bisect Count Last Reported
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) 20 98d 300d
corrupted report (2) 6 99d 176d
BUG: soft lockup in wg_packet_tx_worker 5 108d 158d
BUG: soft lockup in neigh_timer_handler 2 109d 117d
BUG: soft lockup in wg_packet_handshake_send_worker 6 116d 156d
BUG: soft lockup in sys_sendto 2 117d 153d
kernel panic: EXT4-fs (device loop2): panic forced after error 1 120d 120d
BUG: soft lockup in tc_modify_qdisc C done done 314 104d 157d
BUG: soft lockup in addrconf_rs_timer 2 133d 151d
fatal error: fault 1 140d 140d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return syz error error 2 142d 622d
fatal error: Connection to IP closed by remote host. 3 157d 280d
BUG: stack guard page was hit in corrupted (23) syz error error 1 181d 181d
KASAN: use-after-free Read in usb_udc_uevent (2) 1 178d 178d
kernel BUG in ext4_expand_extra_isize_ea C done done 5 191d 205d
BUG: unable to handle kernel paging request in fuse_dev_do_write 18 152d 217d
KASAN: global-out-of-bounds Read in f2fs_release_page 2 190d 222d
SYZFAIL: clock_gettime failed syz error error 5 197d 722d
KASAN: use-after-free Read in f2fs_remove_dirty_inode C error error 4 211d 267d
general protection fault in do_swap_page 246 181d 618d
kernel panic: EXT4-fs (device loop3): panic forced after error 1 234d 234d
general protection fault in kernfs_name_hash (6) C error error 22 265d 430d
kernel panic: EXT4-fs (device loop4): panic forced after error 1 238d 238d
android12-5.10-lts build error (2) 220 221d 322d
VFS: Busy inodes after unmount (use-after-free) C done inconclusive 1 288d 288d
general protection fault in filp_close 1 261d 261d
BUG: unable to handle kernel paging request in z_erofs_decompress_pcluster erofs C error error 3 306d 404d
BUG: Bad page map 1 279d 279d
KASAN: use-after-free Read in hci_cmd_timeout 1 285d 285d
syzkaller: make host failed: failed to run ["make" "host" "ci"]: exit status 2 2 289d 289d
kernel panic: corrupted stack end in sys_sendmmsg syz error error 14 304d 329d
KASAN: use-after-free Read in fuse_copy_one C error inconclusive 1 391d 391d
kernel BUG in jbd2_journal_get_create_access syz error error 1 398d 398d
KASAN: stack-out-of-bounds Read in xfrm_state_find (2) syz error error 1 344d 344d
BUG: scheduling while atomic in f2fs_register_inmem_page C error inconclusive 1 270d 270d
KASAN: use-after-free Read in usb_udc_uevent 2 303d 327d
general protection fault in f2fs_release_page f2fs 3 320d 361d
general protection fault in tipc_conn_close (2) 6 361d 447d
KASAN: use-after-free Read in xpad_presence_work 1 406d 406d
kernel panic: EXT4-fs (device loop0): panic forced after error ext4 C 1 351d 351d
divide error in netem_enqueue (2) 1 452d 452d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields (2) 1 471d 471d
panic: runtime error: floating point error 1 475d 475d
KASAN: use-after-free Read in __cgroup_bpf_attach (3) 1 490d 490d
KASAN: use-after-free Read in __tcf_qdisc_find 1 491d 491d
KASAN: invalid-free in selinux_tun_dev_free_security 14 484d 494d
general protection fault in fq_codel_enqueue 1 501d 501d
BUG: corrupted list in pwq_dec_nr_in_flight (2) 1 504d 504d
general protection fault in tcp_sk_exit (2) 1 512d 512d
KASAN: use-after-free Read in css_free_rwork_fn (2) 2 516d 601d
android12-5.10-lts-superproject build error 24 524d 551d
panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[ 23 438d 439d
general protection fault in ext4_xattr_set_entry C error 2 444d 459d
kernel BUG in ext4_es_cache_extent C error 1 470d 470d
BUG: unable to handle kernel paging request in reuseport_select_sock 1 544d 544d
BUG: stack guard page was hit in corrupted (22) syz done done 1 580d 580d
kernel panic: corrupted stack end in sys_futex syz error error 1 608d 608d
KASAN: use-after-free Read in f2fs_available_free_memory syz error error 7 667d 767d
BUG: unable to handle kernel NULL pointer dereference in ipv6_rcv syz 1 610d 610d
divide error in netem_enqueue 2 560d 571d
general protection fault in tipc_conn_close 1 576d 576d
BUG: stack guard page was hit in file_open (11) 4 578d 580d
BUG: stack guard page was hit in sys_mkdir (5) 1 580d 580d
BUG: stack guard page was hit in sys_creat (10) 1 580d 580d
kernel BUG in collapse_huge_page 1 587d 587d
general protection fault in __device_attach 1 589d 589d
kernel BUG in blk_mq_dispatch_rq_list C error 16 508d 708d
KASAN: use-after-free Read in __cgroup_bpf_attach (2) 1 597d 597d
KASAN: use-after-free Read in vcs_write 1 598d 598d
SYZFAIL: failed to mkdtemp 15 599d 767d
BUG: corrupted list in pwq_dec_nr_in_flight 1 599d 599d
corrupted report 289 578d 727d
BUG: corrupted list in p9_fd_cancelled (2) 3 609d 644d
general protection fault in tcp_sk_exit 1 612d 612d
SYZFAIL: tun: ioctl(TUNSETIFF) failed 7 612d 770d
kernel panic: corrupted stack end in file_open 1 614d 614d
general protection fault in icmpv6_sk_exit 1 620d 620d
general protection fault in mnt_want_write 1 627d 627d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) 3 539d 539d
general protection fault in del_gendisk (3) C done 1 568d 568d
KASAN: use-after-free Read in io_uring_cancel_task_requests 1 654d 654d
KASAN: slab-out-of-bounds Read in fuse_inode_eq 5 654d 662d
KASAN: use-after-free Write in dir_mkdir 1 661d 661d
KASAN: null-ptr-deref Write in incfs_fresh_pending_reads_exist 1 667d 667d
general protection fault in kernfs_name_hash C done 2 602d 602d
kernel BUG in notify_change (2) C error 2 596d 596d
general protection fault in del_gendisk (2) C error 2 592d 593d
SYZFAIL: sandbox fork failed 3 675d 759d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields 1 714d 714d
SYZFAIL: bad thread state in schedule 1 694d 694d
KASAN: stack-out-of-bounds Read in iov_iter_revert C error 10 624d 776d
SYZFAIL: invalid syscall number 2 714d 735d
kernel BUG in ext4_free_blocks 3 728d 760d
general protection fault in io_prep_async_work 1 697d 697d
KASAN: use-after-free Read in io_kill_linked_timeout C error 14 646d 694d
KASAN: use-after-free Read in __fdget_raw C error error 1 689d 689d
KASAN: invalid-free in io_dismantle_req C error 7 656d 650d
general protection fault in del_gendisk C error 1 656d 762d
BUG: corrupted list in p9_fd_cancelled 1 736d 736d
KASAN: use-after-free Read in task_work_run 2 770d 769d
KASAN: use-after-free Write in chroot_fs_refs 2 767d 769d
BUG: stack guard page was hit in sys_fsetxattr 1 680d 680d
BUG: stack guard page was hit in sys_lsetxattr C error inconclusive 2 686d 686d
BUG: stack guard page was hit in sys_setxattr C error 6 683d 705d
BUG: stack guard page was hit in corrupted C error 3 670d 706d
BUG: stack guard page was hit in sys_unlink 2 705d 706d
BUG: stack guard page was hit in sys_creat C error done 7 653d 717d
BUG: stack guard page was hit in sys_lchown C error 4 673d 722d
BUG: stack guard page was hit in sys_chdir 5 651d 723d
KASAN: use-after-free Read in css_free_rwork_fn 1 742d 742d
KASAN: use-after-free Read in rcu_cblist_dequeue 1 775d 769d
BUG: workqueue lockup C error 25 679d 778d
KASAN: use-after-free Read in __cgroup_bpf_attach 2 748d 751d
KASAN: use-after-free Read in dev_uevent 1 753d 753d
general protection fault in bdev_read_page 1 754d 754d
SYZFAIL: out of opened kcov threads 47 730d 731d
SYZFAIL: tun: can't open /dev/net/tun 1 764d 764d
KASAN: use-after-free Read in compute_effective_progs 1 760d 760d
KASAN: stack-out-of-bounds Read in xfrm_state_find 1 764d 764d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) 1 685d 685d
android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit 69 740d 766d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 1 759d 759d
android12-5.10-lts build error 1 781d 781d