syzbot

 sign-in | mailing list | source | docs
🐞 Open [128]
🐞 Fixed [70]
🐞 Invalid [219]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Out of 219 bugs, 179 were automatically obsoleted (27 due to revoked reproducers), 40 were invalidated by users.
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported
KASAN: use-after-free Write in tipc_mon_reinit_self 24 1 107d 107d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (7) -1 2 29d 29d
SYZFAIL: open(/proc/self/ns/net) failed -1 1 120d 120d
BUG: soft lockup in sock_write_iter 1 1 126d 126d
KASAN: use-after-free Read in br_multicast_port_group_expired (2) 19 1 143d 143d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (6) -1 8 147d 219d
KASAN: stack-out-of-bounds Read in __xfrm_dst_hash 17 1 155d 155d
KASAN: use-after-free Read in exact_lock 19 53 133d 143d
kernel BUG in vlan_get_protocol_dgram -1 C done 6 186d 301d
KASAN: use-after-free Read in fast_dput 19 14 177d 367d
SYZFAIL: iptable checkpoint: socket(SOCK_STREAM, IPPROTO_TCP) failed -1 4 178d 266d
SYZFAIL: ebtable: socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) -1 81 162d 350d
KASAN: use-after-free Read in lock_get_status 19 4 214d 231d
BUG: corrupted list in tipc_nametbl_translate 8 2 217d 239d
general protection fault in cleanup_bearer 19 C 14034 198d 201d
KASAN: out-of-bounds Read in __show_regs 17 1 220d 220d
BUG: soft lockup in br_multicast_group_expired (2) 1 1 223d 223d
BUG: Bad page map (3) -1 3 224d 370d
KASAN: use-after-free Write in virtio_transport_recv_pkt 24 C inconclusive 1 277d 469d
KASAN: use-after-free Read in bdev_try_to_free_page 19 1 229d 229d
KASAN: use-after-free Read in binder_release_work 19 C 154 212d 246d
BUG: soft lockup in mntput 1 1 248d 248d
SYZFAIL: handshake read failed -1 1 267d 267d
KASAN: use-after-free Write in l2tp_session_delete 24 2 268d 292d
kernel BUG in vlan_get_tci -1 2 272d 301d
SYZFAIL: netlink_send_ext: short netlink write -1 4 278d 367d
SYZFAIL: posix_spawn failed -1 9928 241d 378d
SYZFAIL: mmap of output file failed -1 20 266d 367d
SYZFAIL: child failed -1 syz error error 1 290d 1299d
KASAN: use-after-free Read in ext4_convert_inline_data_nolock 19 syz error 1 309d 442d
KASAN: use-after-free Read in __ext4_check_dir_entry 19 C error 2 314d 432d
BUG: corrupted list in p9_fd_cancelled (4) 8 4 295d 404d
BUG: unable to handle kernel paging request in __raw_callee_save___kvm_vcpu_is_preempted 8 1 303d 303d
SYZFAIL: mkdir(syz-tmp) failed -1 299 265d 377d
SYZFAIL: bad allocate request -1 148 265d 376d
KASAN: use-after-free Read in wg_queue_enqueue_per_peer_tx 19 2 306d 310d
SYZFAIL: ShmemBuilder: too large output offset -1 51 266d 374d
general protection fault in steam_send_report 2 1 307d 307d
SYZFAIL: can't reallocate -1 1 310d 310d
SYZFAIL: SIGSEGV -1 841 272d 386d
KASAN: use-after-free Write in __tlb_remove_page_size 24 1 314d 314d
SYZFAIL: SIGFPE -1 2 315d 360d
general protection fault in free_swap_cache 2 1 325d 325d
KASAN: stack-out-of-bounds Read in __show_regs 17 1 326d 326d
BUG: soft lockup in br_multicast_port_group_expired 1 1 327d 327d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5) -1 30 296d 415d
KASAN: use-after-free Read in br_multicast_port_group_expired 19 1 330d 330d
BUG: soft lockup in net_rx_action 1 2 330d 342d
BUG: soft lockup in __run_timers 1 2 330d 399d
BUG: soft lockup in sys_sendmmsg 1 2 332d 332d
KASAN: use-after-free Read in usb_udc_uevent (3) 19 1 332d 332d
BUG: soft lockup in __netif_receive_skb_core 1 1 334d 334d
KASAN: use-after-free Read in unaccount_page_cache_page (2) 19 1 337d 337d
KASAN: use-after-free Read in worker_thread 19 1 339d 339d
BUG: soft lockup in wg_expired_send_persistent_keepalive 1 1 343d 343d
BUG: soft lockup in br_multicast_group_expired 1 1 343d 343d
BUG: soft lockup in ip_list_rcv 1 1 344d 344d
BUG: soft lockup in run_rebalance_domains 1 1 345d 345d
BUG: soft lockup in ipv6_rcv 1 3 349d 366d
KASAN: null-ptr-deref Write in __kernfs_remove 12 1 352d 352d
BUG: soft lockup in vfork 1 1 354d 354d
BUG: soft lockup in sys_exit_group 1 1 360d 360d
SYZFAIL: bad thread state in completion -1 syz error error 5 949d 1290d
KASAN: use-after-free Read in dev_get_by_index_rcu 19 1 369d 369d
BUG: soft lockup in sys_clone 1 1 373d 373d
BUG: soft lockup in sys_recvmsg 1 4 374d 453d
SYZFAIL: control pipe read failed -1 1 377d 377d
SYZFAIL: too many calls in output -1 2 382d 382d
BUG: soft lockup in sys_bpf 1 2 387d 391d
BUG: unable to handle kernel paging request in swake_up_locked 8 C inconclusive 1 405d 437d
KASAN: use-after-free Read in macsec_get_iflink 19 syz error 2 410d 537d
KASAN: use-after-free Read in wg_packet_send_staged_packets 19 1 436d 436d
go runtime error 2 22 438d 716d
SYZFAIL: tun read failed -1 syz error error 123 364d 1362d
SYZFAIL: proc resp pipe read failed -1 73 371d 387d
general protection fault in fq_codel_enqueue (2) 2 2 451d 452d
panic: runtime error: floating point error [recovered] 2 1 458d 458d
android13-5.10-lts build error -1 44 421d 441d
KASAN: use-after-free Read in f2fs_write_end_io 19 1 465d 465d
syzkaller: failed to copy syzkaller: file bin/linux_arm64/syz-fuzzer does not exist -1 2 387d 387d
BUG: unable to handle kernel paging request in fuse_dev_do_write (3) 8 1 479d 479d
KASAN: use-after-free Read in unaccount_page_cache_page 19 150 451d 979d
general protection fault in mnt_want_write (2) 2 1 517d 517d
BUG: corrupted list in p9_fd_cancelled (3) 8 C done unreliable 38 535d 620d
KASAN: stack-out-of-bounds Read in update_stack_state 17 1 530d 530d
panic: replaceArg: group fields don't match: NUM/NUM 2 13 494d 495d
general protection fault in skb_segment 2 C done 1 570d 584d
KASAN: use-after-free Read in key_task_permission 19 1 568d 568d
android13-5.10-lts test error: lost connection to test machine -1 1 574d 574d
BUG: unable to handle kernel paging request in fuse_dev_do_write (2) 8 1 599d 599d
KASAN: null-ptr-deref Write in backing_data_changed 12 C done 3 624d 696d
general protection fault in __writeback_single_inode 2 1 641d 641d
BUG: Bad page map (2) -1 1 644d 644d
KASAN: use-after-free Read in locked_inode_to_wb_and_lock_list 19 2 648d 678d
general protection fault in tipc_conn_close (3) 2 1 670d 670d
kernel BUG in __block_commit_write -1 1 672d 672d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) -1 20 681d 883d
corrupted report (2) -1 6 682d 760d
BUG: soft lockup in wg_packet_tx_worker 1 5 692d 741d
BUG: soft lockup in neigh_timer_handler 1 2 692d 701d
BUG: soft lockup in wg_packet_handshake_send_worker 1 6 700d 740d
BUG: soft lockup in sys_sendto 1 2 700d 737d
kernel panic: EXT4-fs (device loop2): panic forced after error 2 1 704d 704d
BUG: soft lockup in tc_modify_qdisc 1 C done done 314 687d 741d
BUG: soft lockup in addrconf_rs_timer 1 2 717d 735d
fatal error: fault -1 1 723d 723d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return 4 syz error error 2 725d 1206d
fatal error: Connection to IP closed by remote host. -1 3 740d 863d
BUG: stack guard page was hit in corrupted (23) -1 syz error error 1 765d 765d
KASAN: use-after-free Read in usb_udc_uevent (2) 19 1 762d 762d
kernel BUG in ext4_expand_extra_isize_ea -1 C done done 5 775d 789d
BUG: unable to handle kernel paging request in fuse_dev_do_write 8 18 735d 800d
KASAN: global-out-of-bounds Read in f2fs_release_page 19 2 773d 805d
SYZFAIL: clock_gettime failed -1 syz error error 5 780d 1306d
KASAN: use-after-free Read in f2fs_remove_dirty_inode 19 C error error 4 794d 851d
general protection fault in do_swap_page 2 246 764d 1201d
kernel panic: EXT4-fs (device loop3): panic forced after error 2 1 818d 818d
general protection fault in kernfs_name_hash (6) 2 C error error 22 848d 1014d
kernel panic: EXT4-fs (device loop4): panic forced after error 2 1 821d 821d
android12-5.10-lts build error (2) -1 220 804d 905d
VFS: Busy inodes after unmount (use-after-free) 2 C done inconclusive 1 872d 872d
general protection fault in filp_close 2 1 845d 845d
BUG: unable to handle kernel paging request in z_erofs_decompress_pcluster erofs 8 C error error 3 890d 987d
BUG: Bad page map -1 1 862d 862d
KASAN: use-after-free Read in hci_cmd_timeout 19 1 869d 869d
syzkaller: make host failed: failed to run ["make" "host" "ci"]: exit status 2 -1 2 873d 873d
kernel panic: corrupted stack end in sys_sendmmsg 2 syz error error 14 887d 913d
KASAN: use-after-free Read in fuse_copy_one 19 C error inconclusive 1 974d 974d
kernel BUG in jbd2_journal_get_create_access -1 syz error error 1 981d 981d
KASAN: stack-out-of-bounds Read in xfrm_state_find (2) 17 syz error error 1 928d 928d
BUG: scheduling while atomic in f2fs_register_inmem_page 5 C error inconclusive 1 853d 853d
KASAN: use-after-free Read in usb_udc_uevent 19 2 887d 910d
general protection fault in f2fs_release_page f2fs 19 3 903d 945d
general protection fault in tipc_conn_close (2) 2 6 944d 1030d
KASAN: use-after-free Read in xpad_presence_work 19 1 989d 989d
kernel panic: EXT4-fs (device loop0): panic forced after error ext4 2 C 1 935d 935d
divide error in netem_enqueue (2) 2 1 1036d 1036d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields (2) 17 1 1054d 1054d
panic: runtime error: floating point error 2 1 1059d 1059d
KASAN: use-after-free Read in __cgroup_bpf_attach (3) 19 1 1073d 1073d
KASAN: use-after-free Read in __tcf_qdisc_find 19 1 1074d 1074d
KASAN: invalid-free in selinux_tun_dev_free_security 22 14 1067d 1077d
general protection fault in fq_codel_enqueue 2 1 1085d 1085d
BUG: corrupted list in pwq_dec_nr_in_flight (2) 8 1 1088d 1088d
general protection fault in tcp_sk_exit (2) 2 1 1096d 1096d
KASAN: use-after-free Read in css_free_rwork_fn (2) 19 2 1100d 1184d
android12-5.10-lts-superproject build error -1 24 1108d 1134d
panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[ 2 23 1021d 1022d
general protection fault in ext4_xattr_set_entry 2 C error 2 1028d 1042d
kernel BUG in ext4_es_cache_extent -1 C error 1 1053d 1053d
BUG: unable to handle kernel paging request in reuseport_select_sock 8 1 1127d 1127d
BUG: stack guard page was hit in corrupted (22) -1 syz done done 1 1164d 1164d
kernel panic: corrupted stack end in sys_futex 2 syz error error 1 1191d 1191d
KASAN: use-after-free Read in f2fs_available_free_memory 19 syz error error 7 1250d 1350d
BUG: unable to handle kernel NULL pointer dereference in ipv6_rcv 10 syz 1 1193d 1193d
divide error in netem_enqueue 2 2 1143d 1154d
general protection fault in tipc_conn_close 2 1 1159d 1159d
BUG: stack guard page was hit in file_open (11) -1 4 1161d 1164d
BUG: stack guard page was hit in sys_mkdir (5) -1 1 1163d 1163d
BUG: stack guard page was hit in sys_creat (10) -1 1 1164d 1164d
kernel BUG in collapse_huge_page -1 1 1170d 1170d
general protection fault in __device_attach 2 1 1173d 1173d
kernel BUG in blk_mq_dispatch_rq_list -1 C error 16 1092d 1291d
KASAN: use-after-free Read in __cgroup_bpf_attach (2) 19 1 1181d 1181d
KASAN: use-after-free Read in vcs_write 19 1 1182d 1182d
SYZFAIL: failed to mkdtemp -1 15 1183d 1350d
BUG: corrupted list in pwq_dec_nr_in_flight 8 1 1183d 1183d
corrupted report -1 289 1161d 1310d
BUG: corrupted list in p9_fd_cancelled (2) 8 3 1192d 1228d
general protection fault in tcp_sk_exit 2 1 1195d 1195d
SYZFAIL: tun: ioctl(TUNSETIFF) failed -1 7 1195d 1354d
kernel panic: corrupted stack end in file_open 2 1 1198d 1198d
general protection fault in icmpv6_sk_exit 2 1 1204d 1204d
general protection fault in mnt_want_write 2 1 1210d 1210d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) -1 3 1122d 1122d
general protection fault in del_gendisk (3) 2 C done 1 1152d 1152d
KASAN: use-after-free Read in io_uring_cancel_task_requests 19 1 1237d 1237d
KASAN: slab-out-of-bounds Read in fuse_inode_eq 17 5 1237d 1245d
KASAN: use-after-free Write in dir_mkdir 24 1 1244d 1244d
KASAN: null-ptr-deref Write in incfs_fresh_pending_reads_exist 12 1 1251d 1251d
general protection fault in kernfs_name_hash 2 C done 2 1186d 1186d
kernel BUG in notify_change (2) -1 C error 2 1179d 1179d
general protection fault in del_gendisk (2) 2 C error 2 1176d 1177d
SYZFAIL: sandbox fork failed -1 3 1259d 1342d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields 17 1 1298d 1298d
SYZFAIL: bad thread state in schedule -1 1 1278d 1278d
KASAN: stack-out-of-bounds Read in iov_iter_revert 17 C error 10 1207d 1360d
SYZFAIL: invalid syscall number -1 2 1297d 1319d
kernel BUG in ext4_free_blocks -1 3 1311d 1344d
general protection fault in io_prep_async_work 2 1 1281d 1281d
KASAN: use-after-free Read in io_kill_linked_timeout 19 C error 14 1229d 1277d
KASAN: use-after-free Read in __fdget_raw 19 C error error 1 1272d 1272d
KASAN: invalid-free in io_dismantle_req 22 C error 7 1239d 1234d
general protection fault in del_gendisk 2 C error 1 1239d 1346d
BUG: corrupted list in p9_fd_cancelled 8 1 1319d 1319d
KASAN: use-after-free Read in task_work_run 19 2 1353d 1352d
KASAN: use-after-free Write in chroot_fs_refs 24 2 1350d 1352d
BUG: stack guard page was hit in sys_fsetxattr -1 1 1263d 1263d
BUG: stack guard page was hit in sys_lsetxattr -1 C error inconclusive 2 1269d 1269d
BUG: stack guard page was hit in sys_setxattr -1 C error 6 1266d 1289d
BUG: stack guard page was hit in corrupted -1 C error 3 1254d 1289d
BUG: stack guard page was hit in sys_unlink -1 2 1289d 1289d
BUG: stack guard page was hit in sys_creat -1 C error done 7 1236d 1301d
BUG: stack guard page was hit in sys_lchown -1 C error 4 1257d 1306d
BUG: stack guard page was hit in sys_chdir -1 5 1235d 1307d
KASAN: use-after-free Read in css_free_rwork_fn 19 1 1326d 1326d
KASAN: use-after-free Read in rcu_cblist_dequeue 19 1 1358d 1352d
BUG: workqueue lockup -1 C error 25 1263d 1361d
KASAN: use-after-free Read in __cgroup_bpf_attach 19 2 1332d 1334d
KASAN: use-after-free Read in dev_uevent 19 1 1337d 1337d
general protection fault in bdev_read_page 2 1 1338d 1338d
SYZFAIL: out of opened kcov threads -1 47 1314d 1315d
SYZFAIL: tun: can't open /dev/net/tun -1 1 1347d 1347d
KASAN: use-after-free Read in compute_effective_progs 19 1 1343d 1343d
KASAN: stack-out-of-bounds Read in xfrm_state_find 17 1 1347d 1347d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) -1 1 1269d 1269d
android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit -1 69 1323d 1350d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 -1 1 1342d 1342d
android12-5.10-lts build error -1 1 1364d 1364d