syzbot

 sign-in | mailing list | source | docs
🐞 Open [101]
🐞 Fixed [70]
🐞 Invalid [204]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Out of 204 bugs, 165 were automatically obsoleted (25 due to revoked reproducers), 39 were invalidated by users.
Title Repro Cause bisect Fix bisect Count Last Reported
KASAN: out-of-bounds Read in __show_regs 1 90d 90d
BUG: soft lockup in br_multicast_group_expired (2) 1 93d 93d
BUG: Bad page map (3) 3 94d 240d
KASAN: use-after-free Write in virtio_transport_recv_pkt C inconclusive 1 147d 339d
KASAN: use-after-free Read in bdev_try_to_free_page 1 99d 99d
KASAN: use-after-free Read in binder_release_work C 154 82d 116d
BUG: soft lockup in mntput 1 118d 118d
SYZFAIL: handshake read failed 1 137d 137d
KASAN: use-after-free Write in l2tp_session_delete 2 138d 162d
kernel BUG in vlan_get_tci 2 142d 171d
SYZFAIL: netlink_send_ext: short netlink write 4 148d 237d
SYZFAIL: posix_spawn failed 9928 111d 248d
SYZFAIL: mmap of output file failed 20 136d 237d
SYZFAIL: child failed syz error error 1 160d 1169d
KASAN: use-after-free Read in ext4_convert_inline_data_nolock syz error 1 179d 312d
KASAN: use-after-free Read in __ext4_check_dir_entry C error 2 184d 302d
BUG: corrupted list in p9_fd_cancelled (4) 4 165d 274d
BUG: unable to handle kernel paging request in __raw_callee_save___kvm_vcpu_is_preempted 1 173d 173d
SYZFAIL: mkdir(syz-tmp) failed 299 135d 247d
SYZFAIL: bad allocate request 148 135d 245d
KASAN: use-after-free Read in wg_queue_enqueue_per_peer_tx 2 176d 180d
SYZFAIL: ShmemBuilder: too large output offset 51 136d 244d
general protection fault in steam_send_report 1 177d 177d
SYZFAIL: can't reallocate 1 180d 180d
SYZFAIL: SIGSEGV 841 142d 256d
KASAN: use-after-free Write in __tlb_remove_page_size 1 183d 183d
SYZFAIL: SIGFPE 2 185d 230d
general protection fault in free_swap_cache 1 195d 195d
KASAN: stack-out-of-bounds Read in __show_regs 1 196d 196d
BUG: soft lockup in br_multicast_port_group_expired 1 197d 197d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5) 30 166d 285d
KASAN: use-after-free Read in br_multicast_port_group_expired 1 200d 200d
BUG: soft lockup in net_rx_action 2 200d 212d
BUG: soft lockup in __run_timers 2 200d 269d
BUG: soft lockup in sys_sendmmsg 2 202d 202d
KASAN: use-after-free Read in usb_udc_uevent (3) 1 202d 202d
BUG: soft lockup in __netif_receive_skb_core 1 204d 204d
KASAN: use-after-free Read in unaccount_page_cache_page (2) 1 207d 207d
KASAN: use-after-free Read in worker_thread 1 209d 209d
BUG: soft lockup in wg_expired_send_persistent_keepalive 1 213d 213d
BUG: soft lockup in br_multicast_group_expired 1 213d 213d
BUG: soft lockup in ip_list_rcv 1 214d 214d
BUG: soft lockup in run_rebalance_domains 1 215d 215d
BUG: soft lockup in ipv6_rcv 3 219d 236d
KASAN: null-ptr-deref Write in __kernfs_remove 1 222d 222d
BUG: soft lockup in vfork 1 224d 224d
BUG: soft lockup in sys_exit_group 1 230d 230d
SYZFAIL: bad thread state in completion syz error error 5 818d 1160d
KASAN: use-after-free Read in dev_get_by_index_rcu 1 239d 239d
BUG: soft lockup in sys_clone 1 243d 243d
BUG: soft lockup in sys_recvmsg 4 244d 323d
SYZFAIL: control pipe read failed 1 247d 247d
SYZFAIL: too many calls in output 2 252d 252d
BUG: soft lockup in sys_bpf 2 257d 261d
BUG: unable to handle kernel paging request in swake_up_locked C inconclusive 1 275d 307d
KASAN: use-after-free Read in macsec_get_iflink syz error 2 280d 407d
KASAN: use-after-free Read in wg_packet_send_staged_packets 1 306d 306d
go runtime error 22 308d 586d
SYZFAIL: tun read failed syz error error 123 234d 1232d
SYZFAIL: proc resp pipe read failed 73 241d 257d
general protection fault in fq_codel_enqueue (2) 2 321d 322d
panic: runtime error: floating point error [recovered] 1 328d 328d
android13-5.10-lts build error 44 291d 311d
KASAN: use-after-free Read in f2fs_write_end_io 1 335d 335d
syzkaller: failed to copy syzkaller: file bin/linux_arm64/syz-fuzzer does not exist 2 257d 257d
BUG: unable to handle kernel paging request in fuse_dev_do_write (3) 1 349d 349d
KASAN: use-after-free Read in unaccount_page_cache_page 150 321d 849d
general protection fault in mnt_want_write (2) 1 387d 387d
BUG: corrupted list in p9_fd_cancelled (3) C done unreliable 38 405d 490d
KASAN: stack-out-of-bounds Read in update_stack_state 1 400d 400d
panic: replaceArg: group fields don't match: NUM/NUM 13 364d 365d
general protection fault in skb_segment C done 1 440d 454d
KASAN: use-after-free Read in key_task_permission 1 438d 438d
android13-5.10-lts test error: lost connection to test machine 1 444d 444d
BUG: unable to handle kernel paging request in fuse_dev_do_write (2) 1 469d 469d
KASAN: null-ptr-deref Write in backing_data_changed C done 3 494d 566d
general protection fault in __writeback_single_inode 1 511d 511d
BUG: Bad page map (2) 1 514d 514d
KASAN: use-after-free Read in locked_inode_to_wb_and_lock_list 2 518d 548d
general protection fault in tipc_conn_close (3) 1 540d 540d
kernel BUG in __block_commit_write 1 542d 542d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) 20 551d 753d
corrupted report (2) 6 552d 630d
BUG: soft lockup in wg_packet_tx_worker 5 562d 611d
BUG: soft lockup in neigh_timer_handler 2 562d 571d
BUG: soft lockup in wg_packet_handshake_send_worker 6 570d 610d
BUG: soft lockup in sys_sendto 2 570d 607d
kernel panic: EXT4-fs (device loop2): panic forced after error 1 574d 574d
BUG: soft lockup in tc_modify_qdisc C done done 314 557d 611d
BUG: soft lockup in addrconf_rs_timer 2 587d 605d
fatal error: fault 1 593d 593d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return syz error error 2 595d 1076d
fatal error: Connection to IP closed by remote host. 3 610d 733d
BUG: stack guard page was hit in corrupted (23) syz error error 1 635d 635d
KASAN: use-after-free Read in usb_udc_uevent (2) 1 632d 632d
kernel BUG in ext4_expand_extra_isize_ea C done done 5 645d 659d
BUG: unable to handle kernel paging request in fuse_dev_do_write 18 605d 670d
KASAN: global-out-of-bounds Read in f2fs_release_page 2 643d 675d
SYZFAIL: clock_gettime failed syz error error 5 650d 1176d
KASAN: use-after-free Read in f2fs_remove_dirty_inode C error error 4 664d 721d
general protection fault in do_swap_page 246 634d 1071d
kernel panic: EXT4-fs (device loop3): panic forced after error 1 688d 688d
general protection fault in kernfs_name_hash (6) C error error 22 718d 884d
kernel panic: EXT4-fs (device loop4): panic forced after error 1 691d 691d
android12-5.10-lts build error (2) 220 674d 775d
VFS: Busy inodes after unmount (use-after-free) C done inconclusive 1 742d 742d
general protection fault in filp_close 1 715d 715d
BUG: unable to handle kernel paging request in z_erofs_decompress_pcluster erofs C error error 3 760d 857d
BUG: Bad page map 1 732d 732d
KASAN: use-after-free Read in hci_cmd_timeout 1 739d 739d
syzkaller: make host failed: failed to run ["make" "host" "ci"]: exit status 2 2 743d 743d
kernel panic: corrupted stack end in sys_sendmmsg syz error error 14 757d 783d
KASAN: use-after-free Read in fuse_copy_one C error inconclusive 1 844d 844d
kernel BUG in jbd2_journal_get_create_access syz error error 1 851d 851d
KASAN: stack-out-of-bounds Read in xfrm_state_find (2) syz error error 1 798d 798d
BUG: scheduling while atomic in f2fs_register_inmem_page C error inconclusive 1 723d 723d
KASAN: use-after-free Read in usb_udc_uevent 2 757d 780d
general protection fault in f2fs_release_page f2fs 3 773d 815d
general protection fault in tipc_conn_close (2) 6 814d 900d
KASAN: use-after-free Read in xpad_presence_work 1 859d 859d
kernel panic: EXT4-fs (device loop0): panic forced after error ext4 C 1 805d 805d
divide error in netem_enqueue (2) 1 906d 906d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields (2) 1 924d 924d
panic: runtime error: floating point error 1 929d 929d
KASAN: use-after-free Read in __cgroup_bpf_attach (3) 1 943d 943d
KASAN: use-after-free Read in __tcf_qdisc_find 1 944d 944d
KASAN: invalid-free in selinux_tun_dev_free_security 14 937d 947d
general protection fault in fq_codel_enqueue 1 955d 955d
BUG: corrupted list in pwq_dec_nr_in_flight (2) 1 958d 958d
general protection fault in tcp_sk_exit (2) 1 966d 966d
KASAN: use-after-free Read in css_free_rwork_fn (2) 2 970d 1054d
android12-5.10-lts-superproject build error 24 978d 1004d
panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[ 23 891d 892d
general protection fault in ext4_xattr_set_entry C error 2 898d 912d
kernel BUG in ext4_es_cache_extent C error 1 923d 923d
BUG: unable to handle kernel paging request in reuseport_select_sock 1 997d 997d
BUG: stack guard page was hit in corrupted (22) syz done done 1 1034d 1034d
kernel panic: corrupted stack end in sys_futex syz error error 1 1061d 1061d
KASAN: use-after-free Read in f2fs_available_free_memory syz error error 7 1120d 1220d
BUG: unable to handle kernel NULL pointer dereference in ipv6_rcv syz 1 1063d 1063d
divide error in netem_enqueue 2 1013d 1024d
general protection fault in tipc_conn_close 1 1029d 1029d
BUG: stack guard page was hit in file_open (11) 4 1031d 1034d
BUG: stack guard page was hit in sys_mkdir (5) 1 1033d 1033d
BUG: stack guard page was hit in sys_creat (10) 1 1034d 1034d
kernel BUG in collapse_huge_page 1 1040d 1040d
general protection fault in __device_attach 1 1043d 1043d
kernel BUG in blk_mq_dispatch_rq_list C error 16 962d 1161d
KASAN: use-after-free Read in __cgroup_bpf_attach (2) 1 1051d 1051d
KASAN: use-after-free Read in vcs_write 1 1052d 1052d
SYZFAIL: failed to mkdtemp 15 1053d 1220d
BUG: corrupted list in pwq_dec_nr_in_flight 1 1053d 1053d
corrupted report 289 1031d 1180d
BUG: corrupted list in p9_fd_cancelled (2) 3 1062d 1098d
general protection fault in tcp_sk_exit 1 1065d 1065d
SYZFAIL: tun: ioctl(TUNSETIFF) failed 7 1065d 1224d
kernel panic: corrupted stack end in file_open 1 1068d 1068d
general protection fault in icmpv6_sk_exit 1 1074d 1074d
general protection fault in mnt_want_write 1 1080d 1080d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) 3 992d 992d
general protection fault in del_gendisk (3) C done 1 1022d 1022d
KASAN: use-after-free Read in io_uring_cancel_task_requests 1 1107d 1107d
KASAN: slab-out-of-bounds Read in fuse_inode_eq 5 1107d 1115d
KASAN: use-after-free Write in dir_mkdir 1 1114d 1114d
KASAN: null-ptr-deref Write in incfs_fresh_pending_reads_exist 1 1121d 1121d
general protection fault in kernfs_name_hash C done 2 1056d 1056d
kernel BUG in notify_change (2) C error 2 1049d 1049d
general protection fault in del_gendisk (2) C error 2 1046d 1047d
SYZFAIL: sandbox fork failed 3 1129d 1212d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields 1 1168d 1168d
SYZFAIL: bad thread state in schedule 1 1148d 1148d
KASAN: stack-out-of-bounds Read in iov_iter_revert C error 10 1077d 1230d
SYZFAIL: invalid syscall number 2 1167d 1189d
kernel BUG in ext4_free_blocks 3 1181d 1214d
general protection fault in io_prep_async_work 1 1151d 1151d
KASAN: use-after-free Read in io_kill_linked_timeout C error 14 1099d 1147d
KASAN: use-after-free Read in __fdget_raw C error error 1 1142d 1142d
KASAN: invalid-free in io_dismantle_req C error 7 1109d 1104d
general protection fault in del_gendisk C error 1 1109d 1216d
BUG: corrupted list in p9_fd_cancelled 1 1189d 1189d
KASAN: use-after-free Read in task_work_run 2 1223d 1222d
KASAN: use-after-free Write in chroot_fs_refs 2 1220d 1222d
BUG: stack guard page was hit in sys_fsetxattr 1 1133d 1133d
BUG: stack guard page was hit in sys_lsetxattr C error inconclusive 2 1139d 1139d
BUG: stack guard page was hit in sys_setxattr C error 6 1136d 1159d
BUG: stack guard page was hit in corrupted C error 3 1124d 1159d
BUG: stack guard page was hit in sys_unlink 2 1159d 1159d
BUG: stack guard page was hit in sys_creat C error done 7 1106d 1171d
BUG: stack guard page was hit in sys_lchown C error 4 1127d 1176d
BUG: stack guard page was hit in sys_chdir 5 1105d 1177d
KASAN: use-after-free Read in css_free_rwork_fn 1 1196d 1196d
KASAN: use-after-free Read in rcu_cblist_dequeue 1 1228d 1222d
BUG: workqueue lockup C error 25 1133d 1231d
KASAN: use-after-free Read in __cgroup_bpf_attach 2 1202d 1204d
KASAN: use-after-free Read in dev_uevent 1 1206d 1206d
general protection fault in bdev_read_page 1 1208d 1208d
SYZFAIL: out of opened kcov threads 47 1184d 1185d
SYZFAIL: tun: can't open /dev/net/tun 1 1217d 1217d
KASAN: use-after-free Read in compute_effective_progs 1 1213d 1213d
KASAN: stack-out-of-bounds Read in xfrm_state_find 1 1217d 1217d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) 1 1139d 1139d
android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit 69 1193d 1220d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 1 1212d 1212d
android12-5.10-lts build error 1 1234d 1234d