syzbot

 sign-in | mailing list | source | docs
🐞 Open [92] 🐞 Fixed [21] 🐞 Invalid [235] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

Out of 235 bugs, 208 were automatically obsoleted (77 due to revoked reproducers), 27 were invalidated by users.
Title Repro Cause bisect Fix bisect Count Last Reported
KASAN: null-ptr-deref Write in mark_buffer_dirty_inode fat 1 127d 127d
BUG: corrupted list in p9_fd_cancel 1 133d 133d
BUG: unable to handle kernel paging request in expire_timers (2) 6 138d 389d
KASAN: use-after-free Read in lo_ioctl 1 145d 145d
BUG: scheduling while atomic in f2fs_register_inmem_page 1 62d 62d
KASAN: use-after-free Read in usb_udc_uevent (3) 2 151d 189d
KASAN: use-after-free Read in loop_control_ioctl 1 156d 156d
kernel panic: panic_on_warn set C 52 825d 924d
BUG: Dentry still in use [unmount of msdos loop0] C 36 590d 885d
BUG: Dentry still in use [unmount of vfat loop0] C 47 591d 905d
BUG: Dentry still in use [unmount of ext4 loop0] C 132 589d 906d
KASAN: use-after-free Read in free_netdev C 427 289d 1189d
BUG: Dentry still in use [unmount of devpts devpts] C 11 603d 900d
BUG: Dentry still in use [unmount of sysfs sysfs] C 12 592d 872d
KASAN: use-after-free Read in skb_dequeue syz 1 662d 662d
general protection fault in legacy_get_tree C 9 620d 971d
kernel BUG in bd_finish_claiming syz 2 638d 638d
divide error in get_scan_count C 6 559d 586d
BUG: Dentry still in use [unmount of incremental-fs incremental-fs] C 13 591d 861d
KASAN: use-after-free Read in exact_lock 1 168d 168d
KASAN: slab-out-of-bounds Write in netif_napi_del C 11 291d 356d
KASAN: use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio C 6 787d 849d
general protection fault in chrdev_open C 1 366d 366d
KASAN: use-after-free Read in ip_check_mc_rcu C 5 621d 829d
BUG: unable to handle kernel paging request in dquot_add_inodes C 3 570d 911d
BUG: scheduling while atomic: syz-executor/ADDR C 56 596d 726d
BUG: Dentry still in use [unmount of overlay overlay] C 20 597d 896d
general protection fault in pending_reads_dispatch_ioctl C 10 501d 847d
KASAN: slab-out-of-bounds Write in legacy_parse_param C 2 524d 524d
SYZFAIL: both collide and fault injection are enabled syz 15 49d 665d
BUG: Dentry still in use [unmount of 9p 9p] C 11 594d 859d
BUG: Dentry still in use [unmount of ext2 loop0] C 1 818d 818d
BUG: Dentry still in use [unmount of ramfs ramfs] C 476 490d 812d
KASAN: use-after-free Read in filp_close C 3 674d 879d
kernel BUG in vhost_get_vq_desc C 4 436d 476d
general protection fault in mon_bin_flush C 2 264d 266d
BUG: Dentry still in use [unmount of erofs loop0] C 3 660d 864d
BUG: Dentry still in use [unmount of binder binder] C 10 592d 881d
BUG: Dentry still in use [unmount of tmpfs tmpfs] C 10 687d 858d
general protection fault in __fsnotify_parent syz 3 630d 727d
BUG: Dentry still in use [unmount of fuse fuse] C 5 592d 880d
KASAN: stack-out-of-bounds Read in unwind_next_frame C 49 708d 1211d
KASAN: invalid-free in packet_set_ring C 1 544d 544d
general protection fault in hci_uart_tty_ioctl C 2 329d 329d
KASAN: use-after-free Write in ext4_write_inline_data_end C 6 763d 806d
kernel BUG in pfkey_send_acquire C 278 208d 873d
divide error in genelink_tx_fixup C 65 516d 599d
BUG: Dentry still in use [unmount of f2fs loop0] C 1 830d 830d
BUG: unable to handle kernel paging request in __schedule C 12 834d 990d
BUG: unable to handle kernel paging request in bpf_trace_run2 C 4 835d 989d
BUG: unable to handle kernel paging request in bpf_trace_run7 C 3 841d 877d
KASAN: invalid-free in create_cache C 159 854d 923d
general protection fault in free_percpu C 2 879d 879d
BUG: unable to handle kernel paging request in dqput C 14 894d 989d
general protection fault in dqput C 2 894d 915d
KASAN: use-after-free Write in betop_probe C 1 906d 906d
KASAN: use-after-free Read in tipc_mcast_xmit C 23 962d 982d
KASAN: slab-out-of-bounds Read in f2fs_build_segment_manager C 5 968d 987d
general protection fault in ieee80211_key_free C 11 968d 978d
KASAN: use-after-free Read in io_cancel_async_work C 25 968d 1022d
general protection fault in ieee80211_assign_vif_chanctx C 3 970d 976d
BUG: corrupted list in io_poll_wake C 7 970d 1013d
KASAN: stack-out-of-bounds Read in iov_iter_revert C 37 974d 1024d
KASAN: invalid-free in ieee80211_ibss_leave C 1 975d 975d
general protection fault in dma_buf_release C 99 979d 1064d
KASAN: use-after-free Read in io_sq_wq_submit_work C 3 980d 1012d
KASAN: use-after-free Read in tipc_named_reinit syz 8 984d 1219d
BUG: unable to handle kernel paging request in dquot_add_space C 1 989d 989d
BUG: unable to handle kernel paging request in bpf_trace_run4 C 2 990d 990d
general protection fault in tty_release C 11 1002d 1014d
general protection fault in sock_close syz 13 1003d 1015d
kernel BUG at ./include/linux/fs.h:LINE! syz 1 1003d 1003d
KASAN: use-after-free Write in eventfd_release syz 1 1005d 1005d
kernel BUG at fs/inode.c:LINE! C 5 1007d 1016d
KASAN: use-after-free Write in ex_handler_refcount syz 4 1012d 1014d
general protection fault in uhid_char_release C 27 1013d 1190d
kernel panic: Attempted to kill init! C 1 1013d 1013d
KASAN: use-after-free Write in pipe_release syz 1 1014d 1014d
KASAN: use-after-free Read in dput syz 1 1014d 1014d
KASAN: use-after-free Read in __fsnotify_parent syz 1 1015d 1015d
general protection fault in create_empty_buffers (3) 1 184d 184d
general protection fault in kernel_accept 1 223d 223d
KASAN: user-memory-access Write in profile_hits (2) 1 242d 242d
BUG: Bad page map 1 288d 288d
KASAN: use-after-free Write in __mod_timer (3) 2 291d 347d
KASAN: use-after-free Write in mod_delayed_work_on 1 314d 314d
KASAN: use-after-free Write in kjournald2 1 351d 351d
panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[ 7 253d 254d
kernel BUG in jbd2_journal_get_create_access (2) 1 397d 397d
general protection fault in sock_from_file C 6 1025d 1029d
BUG: unable to handle kernel paging request in do_sys_open C 12 1091d 1150d
KASAN: use-after-free Write in input_ff_create C 1 1121d 1121d
KASAN: slab-out-of-bounds Read in hiddev_ioctl_usage C 2 1139d 1157d
KASAN: slab-out-of-bounds Write in betop_probe C 1 1140d 1140d
BUG: Bad page state C 9 1166d 1197d
android12-5.4 build error (2) 2 407d 407d
KASAN: use-after-free Write in addrconf_ifdown 1 410d 410d
BUG: soft lockup in process_srcu 1 413d 413d
SYZFAIL: bad thread state in completion 1 418d 418d
SYZFAIL: tun: ioctl(TUNSETIFF) failed (2) 3 430d 448d
KASAN: use-after-free Read in usb_udc_uevent (2) 2 433d 449d
KASAN: null-ptr-deref Write in d_delete 3 468d 469d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (8) 2 354d 354d
kernel BUG in ext4_ext_insert_extent 1 500d 500d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (7) 3 500d 610d
general protection fault in fire_user_return_notifiers 1 514d 514d
KASAN: user-memory-access Write in profile_hits 1 517d 517d
KASAN: use-after-free Read in f2fs_available_free_memory 7 520d 703d
general protection fault in klist_iter_exit 1 533d 533d
kernel BUG in jbd2_journal_get_create_access 1 540d 540d
SYZFAIL: too much cover 1 551d 551d
SYZFAIL: open of /sys/kernel/debug/kcov failed 6 552d 654d
SYZFAIL: cover mmap failed 3 552d 553d
KASAN: use-after-free Write in chroot_fs_refs 1 557d 557d
SYZFAIL: copyin: bad argument size 4 557d 578d
SYZFAIL: input command overflows input 1 561d 561d
SYZFAIL: out of opened kcov threads 32 545d 546d
BUG: soft lockup in smp_call_function 1 580d 580d
KASAN: use-after-free Read in dev_uevent (2) 2 585d 591d
BUG: Dentry still in use [unmount of msdos loop4] 9 590d 868d
BUG: Dentry still in use [unmount of vfat loop2] 5 593d 714d
BUG: Dentry still in use [unmount of ext4 loop3] 14 593d 906d
panic: failed to create a resource ifindex with ioctl$sock_SIOCGIFCONF, ioctl$sock_SIOCGIFCONF 2 595d 606d
general protection fault in __device_attach 8 595d 852d
BUG: corrupted list in firmware_fallback_sysfs 70 597d 1145d
BUG: Dentry still in use [unmount of ext4 loop2] 14 614d 858d
KASAN: use-after-free Write in __mod_timer (2) 1 615d 615d
general protection fault in rcu_sync_func 2 616d 645d
BUG: Dentry still in use [unmount of vfat loop1] (2) 2 616d 665d
BUG: Dentry still in use [unmount of vfat loop4] (2) 1 617d 617d
KASAN: use-after-free Write in paging64_update_accessed_dirty_bits (2) 1 618d 618d
BUG: Dentry still in use [unmount of ext4 loop4] 15 619d 887d
KASAN: use-after-free Read in hci_uart_flush 1 619d 619d
BUG: Dentry still in use [unmount of ext4 loop5] 14 621d 903d
BUG: Dentry still in use [unmount of vfat loop5] 8 621d 905d
BUG: Dentry still in use [unmount of msdos loop3] (2) 1 622d 622d
BUG: Dentry still in use [unmount of ext4 loop1] 9 628d 900d
BUG: Dentry still in use [unmount of erofs loop2] 1 630d 630d
KASAN: out-of-bounds Read in unwind_next_frame 16 632d 1138d
BUG: unable to handle kernel paging request in srcu_invoke_callbacks 1 659d 659d
BUG: Dentry still in use [unmount of erofs loop1] 2 661d 661d
BUG: Dentry still in use [unmount of msdos loop5] 7 669d 845d
SYZFAIL: sandbox fork failed 4 671d 818d
KASAN: slab-out-of-bounds Write in __internal_add_timer (2) 4 671d 846d
SYZFAIL: tun: ioctl(TUNSETIFF) failed 1 570d 570d
BUG: Dentry still in use [unmount of msdos loop2] (2) 1 696d 696d
BUG: Dentry still in use [unmount of vfat loop3] 6 702d 871d
KASAN: slab-out-of-bounds Write in __run_timers 4 711d 901d
BUG: corrupted list in p9_fd_cancelled 3 712d 920d
BUG: unable to handle kernel paging request in corrupted C 1 1153d 1153d
general protection fault in corrupted C 1 1187d 1187d
BUG: unable to handle kernel paging request in kfree C 4 1200d 1203d
KASAN: use-after-free Read in hrtimer_start_range_ns 1 743d 743d
KASAN: use-after-free Read in dev_uevent 4 743d 807d
BUG: Dentry still in use [unmount of vfat loop4] 3 745d 897d
android12-5.4 boot error: can't ssh into the instance 2 748d 748d
general protection fault in kernfs_find_ns 1 749d 749d
general protection fault in create_empty_buffers (2) 1 761d 761d
KASAN: use-after-free Write in paging64_update_accessed_dirty_bits 1 766d 766d
BUG: Dentry still in use [unmount of msdos loop3] 2 776d 816d
SYZFAIL: netlink_send_ext: short netlink read 1 777d 777d
general protection fault in bdevname 1 781d 781d
BUG: Dentry still in use [unmount of vfat loop1] 4 791d 903d
BUG: unable to handle kernel paging request in expire_timers 3 791d 883d
BUG: Dentry still in use [unmount of msdos loop1] 2 798d 804d
general protection fault in expire_timers 1 798d 798d
BUG: Dentry still in use [unmount of msdos loop2] 7 817d 885d
BUG: Dentry still in use [unmount of ext2 loop2] 1 818d 818d
SYZFAIL: result overflows kMaxCommands 1 829d 829d
BUG: Dentry still in use [unmount of f2fs loop4] 1 830d 830d
panic: failed to create a resource ifindex with ioctl$sock_SIOCGIFCONF 1 831d 831d
KASAN: use-after-free Write in __mod_timer 1 831d 831d
android12-5.4 build error 19 854d 961d
BUG: Dentry still in use [unmount of erofs loop5] 1 864d 864d
BUG: unable to handle kernel NULL pointer dereference in call_timer_fn 5 871d 1047d
KASAN: use-after-free Read in usb_udc_uevent 1 876d 876d
panic: runtime error: invalid memory address or nil pointer dereference 233 760d 760d
BUG: soft lockup in __perf_sw_event 2 893d 905d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (6) 1 790d 790d
kernel BUG at block/bio.c:LINE! 1 912d 912d
BUG: unable to handle kernel paging request in syscall_trace_enter 3 913d 1002d
android12-5.4 boot error: kernel panic: VFS: Unable to mount root fs on unknown-block(0,0) 300 924d 960d
KASAN: use-after-free Read in chrdev_open 1 963d 963d
general protection fault in create_empty_buffers 1 967d 967d
divide error in mac80211_hwsim_bss_info_changed 2 969d 977d
KASAN: slab-out-of-bounds Write in f2fs_build_segment_manager 4 973d 981d
syzkaller: failed to copy syzkaller: file bin/netbsd_amd64/syz-executor does not exist 1 861d 861d
KASAN: slab-out-of-bounds Write in __internal_add_timer 4 984d 1058d
BUG: soft lockup in __run_hrtimer 2 985d 989d
BUG: unable to handle kernel paging request in bpf_trace_run6 1 1002d 1002d
KASAN: slab-out-of-bounds Read in firmware_fallback_sysfs 6 1007d 1117d
general protection fault in fib_check_nexthop 2 1012d 1028d
kernel BUG at arch/x86/kernel/traps.c:LINE! 1 1020d 1020d
general protection fault in io_sq_wq_submit_work 1 1023d 1023d
KASAN: use-after-free Read in ext4_xattr_set_entry 6 1036d 1217d
KASAN: slab-out-of-bounds Write in tun_free_netdev 2 1037d 1052d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5) 2 946d 989d
KASAN: use-after-free Write in skb_release_data 2 1044d 1075d
kernel BUG at ./include/linux/swapops.h:LINE! 1 1070d 1070d
general protection fault in perf_tp_event 7 1076d 1243d
KASAN: use-after-free Read in smsc95xx_mdio_read 4 1085d 1092d
KASAN: use-after-free Read in _vm_unmap_aliases 1 1098d 1098d
KASAN: slab-out-of-bounds Read in tipc_nl_name_table_dump 1 1107d 1107d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) 20 1002d 1114d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 2 2 1107d 1108d
KASAN: use-after-free Read in dentry_free 1 1128d 1128d
BUG: unable to handle kernel paging request in netif_receive_generic_xdp 1 1137d 1137d
syzkaller: make target failed: failed to run ["make" "target"]: exit status 2 (2) 5 1025d 1028d
BUG: corrupted list in prepare_to_wait_event 4 1141d 1190d
android-5.4 boot error: can't ssh into the instance (3) 12 1024d 1025d
android-5.4 boot error: can't ssh into the instance (2) 3 1025d 1025d
KASAN: use-after-free Write in copyin 4 1154d 1197d
android-5.4 test error: timed out 3 1157d 1157d
KASAN: use-after-free Read in __schedule 3 1166d 1193d
KASAN: use-after-free Read in dev_get_by_index_rcu 1 1175d 1175d
general protection fault in prepare_to_wait_event 1 1176d 1176d
KASAN: use-after-free Write in locks_delete_block 2 1176d 1241d
general protection fault in uhid_char_write 2 1187d 1187d
KASAN: stack-out-of-bounds Read in update_stack_state 2 1213d 1221d
KASAN: out-of-bounds Read in update_stack_state 1 1214d 1214d
KASAN: slab-out-of-bounds Read in tipc_named_reinit 1 1219d 1219d
KASAN: use-after-free Read in flock_lock_inode 1 1228d 1228d
kernel BUG at net/ipv6/esp6.c:LINE! 1 1229d 1229d
KASAN: use-after-free Read in tun_chr_write_iter 1 1234d 1234d
syzkaller: make target failed: failed to run ["make" "target"]: exit status 2 2 1115d 1115d
KASAN: use-after-free Read in do_xdp_generic 198 1207d 1237d
syzkaller: make host failed: failed to run ["make" "host" "ci"]: exit status 2 1 1134d 1134d
android-5.4 test error: BUG: mismatching fuzzer/executor system call descriptions: ADDR vs ADDR 9 1159d 1161d
android-5.4 boot error: can't ssh into the instance 6 1171d 1171d
kernel panic: audit: out of memory in audit_log_start 3 1200d 1203d
kernel panic: audit: rate limit exceeded C 1 1203d 1203d
kernel panic: audit: backlog limit exceeded C 3 1201d 1203d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) 2 1215d 1215d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) 1 1227d 1227d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 1 1237d 1237d