syzbot

 sign-in | mailing list | source | docs
🐞 Open [120]
🐞 Fixed [69]
🐞 Invalid [267]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Out of 267 bugs, 223 were automatically obsoleted (40 due to revoked reproducers), 44 were invalidated by users.
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported
SYZFAIL: failed to recv rpc -1 syz 1264 12d 554d
general protection fault in ip6_create_rt_rcu (2) 2 1 102d 102d
general protection fault in inherit_task_group 2 C 48 114d 696d
KASAN: use-after-free Read in seq_printf 19 15 110d 218d
KASAN: use-after-free Read in steam_send_report 19 3 111d 123d
BUG: soft lockup in sys_openat 1 1 113d 113d
KASAN: use-after-free Write in __ip6_del_rt 24 syz 11 115d 265d
KASAN: use-after-free Read in fib_flush 19 7 118d 219d
BUG: soft lockup in sys_clone (2) 1 1 128d 128d
BUG: soft lockup in sys_bind 1 1 133d 133d
SYZFAIL: mount(tmpfs) failed -1 1 134d 134d
general protection fault in nexthop_get_nhc_lookup 2 syz 20 105d 187d
general protection fault in find_match 2 50 103d 283d
KASAN: use-after-free Read in f2fs_inode_dirtied 19 C done 3 155d 205d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (9) -1 2 56d 56d
SYZFAIL: SIGSEGV (2) -1 3 148d 241d
kernel BUG in ext4_create_inline_data -1 C done 2 163d 224d
KASAN: slab-out-of-bounds Read in mon_bin_event 17 C done 60 140d 195d
BUG: scheduling while atomic in futex_wait_queue_me 5 1 165d 165d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (8) -1 2 87d 87d
KASAN: slab-out-of-bounds Write in try_module_get 23 11 183d 254d
BUG: soft lockup in sock_read_iter 1 2 184d 197d
KASAN: use-after-free Write in u32_destroy_key 24 1 188d 188d
general protection fault in lo_ioctl 2 1 201d 201d
KASAN: use-after-free Read in ext4_xattr_inode_dec_ref_all 19 C done 3 263d 291d
KASAN: use-after-free Read in tw_timer_handler 19 syz 10 182d 216d
SYZFAIL: SIGFPE (2) -1 8 215d 391d
KASAN: use-after-free Read in exact_lock (2) 19 172 182d 261d
KASAN: use-after-free Read in tcp_net_metrics_exit_batch 19 613 182d 221d
KASAN: use-after-free Read in inet_twsk_purge 19 74 185d 220d
general protection fault in tipc_conn_close (4) 2 2 228d 294d
general protection fault in __rt6_nh_dev_match 2 2 233d 245d
KASAN: slab-out-of-bounds Read in dentry_revalidate 17 2 238d 316d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return (2) 4 C error 2 252d 444d
general protection fault in ip6_create_rt_rcu 2 1 245d 245d
SYZFAIL: netlink_send_ext: short netlink write (2) -1 2 246d 311d
KASAN: use-after-free Write in l2tp_session_delete (2) 24 3 247d 348d
BUG: soft lockup in cleanup_net 1 1 249d 249d
BUG: soft lockup in input_repeat_key 1 C error 3 303d 811d
general protection fault in __loop_clr_fd 2 1 251d 251d
KASAN: use-after-free Read in fast_dput (2) 19 1 252d 252d
KASAN: use-after-free Write in ext4_insert_dentry 24 C done 25 266d 485d
kernel BUG in ext4_ind_map_blocks -1 2 258d 276d
BUG: soft lockup in addrconf_rs_timer (2) 1 C 265 238d 569d
kernel BUG in blk_mq_dispatch_rq_list (4) fat -1 C error 16 924d 1177d
BUG: unable to handle kernel paging request in __gnet_stats_copy_basic 8 1 260d 260d
general protection fault in current_umask 2 C unreliable 5 272d 482d
KASAN: use-after-free Write in skb_release_data 24 1 264d 264d
KASAN: use-after-free Write in tipc_mon_reinit_self 24 1 288d 288d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (7) -1 2 209d 209d
SYZFAIL: open(/proc/self/ns/net) failed -1 1 300d 300d
BUG: soft lockup in sock_write_iter 1 1 306d 306d
KASAN: use-after-free Read in br_multicast_port_group_expired (2) 19 1 324d 324d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (6) -1 8 327d 399d
KASAN: stack-out-of-bounds Read in __xfrm_dst_hash 17 1 335d 335d
KASAN: use-after-free Read in exact_lock 19 53 313d 323d
kernel BUG in vlan_get_protocol_dgram -1 C done 6 366d 481d
KASAN: use-after-free Read in fast_dput 19 14 357d 547d
SYZFAIL: iptable checkpoint: socket(SOCK_STREAM, IPPROTO_TCP) failed -1 4 358d 446d
SYZFAIL: ebtable: socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) -1 81 342d 530d
KASAN: use-after-free Read in lock_get_status 19 4 394d 411d
BUG: corrupted list in tipc_nametbl_translate 8 2 397d 419d
general protection fault in cleanup_bearer 19 C 14034 378d 381d
KASAN: out-of-bounds Read in __show_regs 17 1 400d 400d
BUG: soft lockup in br_multicast_group_expired (2) 1 1 403d 403d
BUG: Bad page map (3) -1 3 404d 550d
KASAN: use-after-free Write in virtio_transport_recv_pkt 24 C inconclusive 1 457d 649d
KASAN: use-after-free Read in bdev_try_to_free_page 19 1 410d 410d
KASAN: use-after-free Read in binder_release_work 19 C 154 392d 426d
BUG: soft lockup in mntput 1 1 428d 428d
SYZFAIL: handshake read failed -1 1 447d 447d
KASAN: use-after-free Write in l2tp_session_delete 24 2 448d 472d
kernel BUG in vlan_get_tci -1 2 452d 481d
SYZFAIL: netlink_send_ext: short netlink write -1 4 458d 547d
SYZFAIL: posix_spawn failed -1 9928 421d 558d
SYZFAIL: mmap of output file failed -1 20 446d 547d
SYZFAIL: child failed -1 syz error error 1 470d 1479d
KASAN: use-after-free Read in ext4_convert_inline_data_nolock 19 syz error 1 489d 622d
KASAN: use-after-free Read in __ext4_check_dir_entry 19 C error 2 494d 612d
BUG: corrupted list in p9_fd_cancelled (4) 8 4 475d 585d
BUG: unable to handle kernel paging request in __raw_callee_save___kvm_vcpu_is_preempted 8 1 484d 484d
SYZFAIL: mkdir(syz-tmp) failed -1 299 445d 557d
SYZFAIL: bad allocate request -1 148 445d 556d
KASAN: use-after-free Read in wg_queue_enqueue_per_peer_tx 19 2 486d 490d
SYZFAIL: ShmemBuilder: too large output offset -1 51 446d 554d
general protection fault in steam_send_report 2 1 487d 487d
SYZFAIL: can't reallocate -1 1 490d 490d
SYZFAIL: SIGSEGV -1 841 452d 566d
KASAN: use-after-free Write in __tlb_remove_page_size 24 1 494d 494d
SYZFAIL: SIGFPE -1 2 495d 540d
general protection fault in free_swap_cache 2 1 505d 505d
KASAN: stack-out-of-bounds Read in __show_regs 17 1 506d 506d
BUG: soft lockup in br_multicast_port_group_expired 1 1 507d 507d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5) -1 30 476d 595d
KASAN: use-after-free Read in br_multicast_port_group_expired 19 1 510d 510d
BUG: soft lockup in net_rx_action 1 2 510d 522d
BUG: soft lockup in __run_timers 1 2 511d 579d
BUG: soft lockup in sys_sendmmsg 1 2 512d 512d
KASAN: use-after-free Read in usb_udc_uevent (3) 19 1 513d 513d
BUG: soft lockup in __netif_receive_skb_core 1 1 514d 514d
KASAN: use-after-free Read in unaccount_page_cache_page (2) 19 1 517d 517d
KASAN: use-after-free Read in worker_thread 19 1 519d 519d
BUG: soft lockup in wg_expired_send_persistent_keepalive 1 1 523d 523d
BUG: soft lockup in br_multicast_group_expired 1 1 524d 524d
BUG: soft lockup in ip_list_rcv 1 1 524d 524d
BUG: soft lockup in run_rebalance_domains 1 1 525d 525d
BUG: soft lockup in ipv6_rcv 1 3 529d 546d
KASAN: null-ptr-deref Write in __kernfs_remove 12 1 532d 532d
BUG: soft lockup in vfork 1 1 534d 534d
BUG: soft lockup in sys_exit_group 1 1 540d 540d
SYZFAIL: bad thread state in completion -1 syz error error 5 1129d 1470d
KASAN: use-after-free Read in dev_get_by_index_rcu 19 1 550d 550d
BUG: soft lockup in sys_clone 1 1 553d 553d
BUG: soft lockup in sys_recvmsg 1 4 554d 633d
SYZFAIL: control pipe read failed -1 1 557d 557d
SYZFAIL: too many calls in output -1 2 562d 562d
BUG: soft lockup in sys_bpf 1 2 567d 571d
BUG: unable to handle kernel paging request in swake_up_locked 8 C inconclusive 1 585d 617d
KASAN: use-after-free Read in macsec_get_iflink 19 syz error 2 590d 717d
KASAN: use-after-free Read in wg_packet_send_staged_packets 19 1 616d 616d
go runtime error 2 22 618d 897d
SYZFAIL: tun read failed -1 syz error error 123 544d 1542d
SYZFAIL: proc resp pipe read failed -1 73 551d 567d
general protection fault in fq_codel_enqueue (2) 2 2 631d 633d
panic: runtime error: floating point error [recovered] 2 1 638d 638d
android13-5.10-lts build error -1 44 601d 621d
KASAN: use-after-free Read in f2fs_write_end_io 19 1 646d 646d
syzkaller: failed to copy syzkaller: file bin/linux_arm64/syz-fuzzer does not exist -1 2 567d 567d
BUG: unable to handle kernel paging request in fuse_dev_do_write (3) 8 1 659d 659d
KASAN: use-after-free Read in unaccount_page_cache_page 19 150 631d 1160d
general protection fault in mnt_want_write (2) 2 1 697d 697d
BUG: corrupted list in p9_fd_cancelled (3) 8 C done unreliable 38 715d 800d
KASAN: stack-out-of-bounds Read in update_stack_state 17 1 711d 711d
panic: replaceArg: group fields don't match: NUM/NUM 2 13 675d 675d
general protection fault in skb_segment 2 C done 1 750d 764d
KASAN: use-after-free Read in key_task_permission 19 1 749d 749d
android13-5.10-lts test error: lost connection to test machine -1 1 754d 754d
BUG: unable to handle kernel paging request in fuse_dev_do_write (2) 8 1 779d 779d
KASAN: null-ptr-deref Write in backing_data_changed 12 C done 3 804d 876d
general protection fault in __writeback_single_inode 2 1 822d 822d
BUG: Bad page map (2) -1 1 824d 824d
KASAN: use-after-free Read in locked_inode_to_wb_and_lock_list 19 2 828d 858d
general protection fault in tipc_conn_close (3) 2 1 851d 851d
kernel BUG in __block_commit_write -1 1 852d 852d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) -1 20 861d 1063d
corrupted report (2) -1 6 862d 940d
BUG: soft lockup in wg_packet_tx_worker 1 5 872d 921d
BUG: soft lockup in neigh_timer_handler 1 2 873d 881d
BUG: soft lockup in wg_packet_handshake_send_worker 1 6 880d 920d
BUG: soft lockup in sys_sendto 1 2 880d 917d
kernel panic: EXT4-fs (device loop2): panic forced after error 2 1 884d 884d
BUG: soft lockup in tc_modify_qdisc 1 C done done 314 867d 921d
BUG: soft lockup in addrconf_rs_timer 1 2 897d 915d
fatal error: fault -1 1 903d 903d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return 4 syz error error 2 905d 1386d
fatal error: Connection to IP closed by remote host. -1 3 920d 1044d
BUG: stack guard page was hit in corrupted (23) -1 syz error error 1 945d 945d
KASAN: use-after-free Read in usb_udc_uevent (2) 19 1 942d 942d
kernel BUG in ext4_expand_extra_isize_ea -1 C done done 5 955d 969d
BUG: unable to handle kernel paging request in fuse_dev_do_write 8 18 915d 981d
KASAN: global-out-of-bounds Read in f2fs_release_page 19 2 953d 985d
SYZFAIL: clock_gettime failed -1 syz error error 5 960d 1486d
KASAN: use-after-free Read in f2fs_remove_dirty_inode 19 C error error 4 975d 1031d
general protection fault in do_swap_page 2 246 944d 1382d
kernel panic: EXT4-fs (device loop3): panic forced after error 2 1 998d 998d
general protection fault in kernfs_name_hash (6) 2 C error error 22 1028d 1194d
kernel panic: EXT4-fs (device loop4): panic forced after error 2 1 1001d 1001d
android12-5.10-lts build error (2) -1 220 984d 1085d
VFS: Busy inodes after unmount (use-after-free) 2 C done inconclusive 1 1052d 1052d
general protection fault in filp_close 2 1 1025d 1025d
BUG: unable to handle kernel paging request in z_erofs_decompress_pcluster erofs 8 C error error 3 1070d 1168d
BUG: Bad page map -1 1 1042d 1042d
KASAN: use-after-free Read in hci_cmd_timeout 19 1 1049d 1049d
syzkaller: make host failed: failed to run ["make" "host" "ci"]: exit status 2 -1 2 1053d 1053d
kernel panic: corrupted stack end in sys_sendmmsg 2 syz error error 14 1067d 1093d
KASAN: use-after-free Read in fuse_copy_one 19 C error inconclusive 1 1154d 1154d
kernel BUG in jbd2_journal_get_create_access -1 syz error error 1 1162d 1162d
KASAN: stack-out-of-bounds Read in xfrm_state_find (2) 17 syz error error 1 1108d 1108d
BUG: scheduling while atomic in f2fs_register_inmem_page 5 C error inconclusive 1 1034d 1034d
KASAN: use-after-free Read in usb_udc_uevent 19 2 1067d 1091d
general protection fault in f2fs_release_page f2fs 19 3 1083d 1125d
general protection fault in tipc_conn_close (2) 2 6 1124d 1210d
KASAN: use-after-free Read in xpad_presence_work 19 1 1169d 1169d
kernel panic: EXT4-fs (device loop0): panic forced after error ext4 2 C 1 1115d 1115d
divide error in netem_enqueue (2) 2 1 1216d 1216d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields (2) 17 1 1234d 1234d
panic: runtime error: floating point error 2 1 1239d 1239d
KASAN: use-after-free Read in __cgroup_bpf_attach (3) 19 1 1253d 1253d
KASAN: use-after-free Read in __tcf_qdisc_find 19 1 1254d 1254d
KASAN: invalid-free in selinux_tun_dev_free_security 22 14 1248d 1257d
general protection fault in fq_codel_enqueue 2 1 1265d 1265d
BUG: corrupted list in pwq_dec_nr_in_flight (2) 8 1 1268d 1268d
general protection fault in tcp_sk_exit (2) 2 1 1276d 1276d
KASAN: use-after-free Read in css_free_rwork_fn (2) 19 2 1280d 1365d
android12-5.10-lts-superproject build error -1 24 1288d 1314d
panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[ 2 23 1201d 1203d
general protection fault in ext4_xattr_set_entry 2 C error 2 1208d 1222d
kernel BUG in ext4_es_cache_extent -1 C error 1 1233d 1233d
BUG: unable to handle kernel paging request in reuseport_select_sock 8 1 1307d 1307d
BUG: stack guard page was hit in corrupted (22) -1 syz done done 1 1344d 1344d
kernel panic: corrupted stack end in sys_futex 2 syz error error 1 1371d 1371d
KASAN: use-after-free Read in f2fs_available_free_memory 19 syz error error 7 1431d 1530d
BUG: unable to handle kernel NULL pointer dereference in ipv6_rcv 10 syz 1 1374d 1374d
divide error in netem_enqueue 2 2 1323d 1334d
general protection fault in tipc_conn_close 2 1 1339d 1339d
BUG: stack guard page was hit in file_open (11) -1 4 1341d 1344d
BUG: stack guard page was hit in sys_mkdir (5) -1 1 1343d 1343d
BUG: stack guard page was hit in sys_creat (10) -1 1 1344d 1344d
kernel BUG in collapse_huge_page -1 1 1351d 1351d
general protection fault in __device_attach 2 1 1353d 1353d
kernel BUG in blk_mq_dispatch_rq_list -1 C error 16 1272d 1472d
KASAN: use-after-free Read in __cgroup_bpf_attach (2) 19 1 1361d 1361d
KASAN: use-after-free Read in vcs_write 19 1 1362d 1362d
SYZFAIL: failed to mkdtemp -1 15 1363d 1530d
BUG: corrupted list in pwq_dec_nr_in_flight 8 1 1363d 1363d
corrupted report -1 289 1341d 1491d
BUG: corrupted list in p9_fd_cancelled (2) 8 3 1372d 1408d
general protection fault in tcp_sk_exit 2 1 1375d 1375d
SYZFAIL: tun: ioctl(TUNSETIFF) failed -1 7 1375d 1534d
kernel panic: corrupted stack end in file_open 2 1 1378d 1378d
general protection fault in icmpv6_sk_exit 2 1 1384d 1384d
general protection fault in mnt_want_write 2 1 1390d 1390d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) -1 3 1302d 1302d
general protection fault in del_gendisk (3) 2 C done 1 1332d 1332d
KASAN: use-after-free Read in io_uring_cancel_task_requests 19 1 1417d 1417d
KASAN: slab-out-of-bounds Read in fuse_inode_eq 17 5 1418d 1425d
KASAN: use-after-free Write in dir_mkdir 24 1 1424d 1424d
KASAN: null-ptr-deref Write in incfs_fresh_pending_reads_exist 12 1 1431d 1431d
general protection fault in kernfs_name_hash 2 C done 2 1366d 1366d
kernel BUG in notify_change (2) -1 C error 2 1359d 1359d
general protection fault in del_gendisk (2) 2 C error 2 1356d 1357d
SYZFAIL: sandbox fork failed -1 3 1439d 1522d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields 17 1 1478d 1478d
SYZFAIL: bad thread state in schedule -1 1 1458d 1458d
KASAN: stack-out-of-bounds Read in iov_iter_revert 17 C error 10 1387d 1540d
SYZFAIL: invalid syscall number -1 2 1477d 1499d
kernel BUG in ext4_free_blocks -1 3 1491d 1524d
general protection fault in io_prep_async_work 2 1 1461d 1461d
KASAN: use-after-free Read in io_kill_linked_timeout 19 C error 14 1409d 1457d
KASAN: use-after-free Read in __fdget_raw 19 C error error 1 1452d 1452d
KASAN: invalid-free in io_dismantle_req 22 C error 7 1419d 1414d
general protection fault in del_gendisk 2 C error 1 1419d 1526d
BUG: corrupted list in p9_fd_cancelled 8 1 1499d 1499d
KASAN: use-after-free Read in task_work_run 19 2 1533d 1532d
KASAN: use-after-free Write in chroot_fs_refs 24 2 1531d 1532d
BUG: stack guard page was hit in sys_fsetxattr -1 1 1443d 1443d
BUG: stack guard page was hit in sys_lsetxattr -1 C error inconclusive 2 1449d 1449d
BUG: stack guard page was hit in sys_setxattr -1 C error 6 1446d 1469d
BUG: stack guard page was hit in corrupted -1 C error 3 1434d 1469d
BUG: stack guard page was hit in sys_unlink -1 2 1469d 1469d
BUG: stack guard page was hit in sys_creat -1 C error done 7 1416d 1481d
BUG: stack guard page was hit in sys_lchown -1 C error 4 1437d 1486d
BUG: stack guard page was hit in sys_chdir -1 5 1415d 1487d
KASAN: use-after-free Read in css_free_rwork_fn 19 1 1506d 1506d
KASAN: use-after-free Read in rcu_cblist_dequeue 19 1 1538d 1532d
BUG: workqueue lockup -1 C error 25 1443d 1541d
KASAN: use-after-free Read in __cgroup_bpf_attach 19 2 1512d 1514d
KASAN: use-after-free Read in dev_uevent 19 1 1517d 1517d
general protection fault in bdev_read_page 2 1 1518d 1518d
SYZFAIL: out of opened kcov threads -1 47 1494d 1495d
SYZFAIL: tun: can't open /dev/net/tun -1 1 1527d 1527d
KASAN: use-after-free Read in compute_effective_progs 19 1 1523d 1523d
KASAN: stack-out-of-bounds Read in xfrm_state_find 17 1 1527d 1527d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) -1 1 1449d 1449d
android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit -1 69 1503d 1530d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 -1 1 1522d 1522d
android12-5.10-lts build error -1 1 1544d 1544d