syzbot

 sign-in | mailing list | source | docs
🐞 Open [43]
🐞 Fixed [374]
🐞 Invalid [477]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Out of 68 bugs, 1 were automatically obsoleted (1 due to revoked reproducers), 67 were invalidated by users.
Applied filters: WithRepro (drop)
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported
panic: in6_pcblookup_hash_locked: invalid foreign address 2 syz 62 1153d 1202d
panic: prot 0x3 is not subset of max_prot NUM 2 C 2 1010d 1010d
SYZFAIL: child failed -1 syz 286 1496d 1915d
SYZFAIL: command failed -1 syz 34 1489d 1914d
panic: _mtx_lock_sleep: recursed on non-recursive mutex process lock @ /syzkaller/managers/main/kernel/sys/kern/kern_for 2 C 2 1380d 1380d
Fatal trap NUM: page fault while in kernel mode (4) -1 C 7 1189d 1514d
panic: About to free ctl:ADDR so:ADDR and its in 1 2 C 20 1566d 2009d
panic: ASan: Invalid access, NUM-byte read in kvprintf 2 C 5 1662d 1681d
panic: rack_output:NUM: r.start:ADDR < SND.UNA:ADDR; tp:ADDR, rack:ADDR, rsm:ADDR 2 C 270 1439d 1836d
panic: ASan: Invalid access, NUM-byte read at ADDR, UMAUseAfterFree(fd) (3) 2 C 58 1438d 1491d
panic: pmap_kasan_enter_alloc_4k: no memory to grow shadow map (2) 2 C 602 1666d 1715d
panic: out of swap space 2 C 15036 1587d 1830d
panic: ASan: Invalid access, NUM-byte read at ADDR, UseAfterScope(f8) 2 syz 7 1562d 1643d
panic: Queues are not empty when handling SHUTDOWN-ACK 2 syz 142 1595d 2165d
SYZFAIL: output overflow (2) -1 syz 14 1601d 1771d
panic: hpts_sane_input_insert: hpts:ADDR inp:ADDR incorrect CPU 2 C 186 1620d 1777d
SYZFAIL: tun: can't open device -1 syz 159 1722d 1914d
panic: m_copydata, offset > size of mbuf chain 2 syz 11 1716d 1720d
panic: hpts_sane_input_remove: hpts:ADDR inp:ADDR incorrect CPU 2 syz 5 1727d 1772d
panic: ASan: Invalid access, 2-byte read in sctp_common_input_processing 2 syz 8 1726d 1774d
panic: mtx_lock() of destroyed mutex at sys/netinet/sctp_pcb.c:LINE 2 syz 24 1785d 2211d
Fatal trap 9: general protection fault in __mtx_lock_sleep -1 syz 295 1779d 2453d
Fatal trap 9: general protection fault in sctp_timer_stop -1 syz 232 1780d 2094d
panic: ASan: Invalid access, 8-byte read in __mtx_lock_sleep 2 syz 23 1683d 1765d
panic: ASan: Invalid access, 8-byte read in sctp_lower_sosend 2 syz 49 1649d 1757d
panic: ASan: Invalid access, 1-byte write in sctp_lower_sosend 2 syz 332 1671d 1775d
Fatal trap 12: page fault in __mtx_lock_sleep -1 syz 151 1781d 2429d
panic: Warning: Last msg marked incomplete, yet nothing left? 2 C 34 1576d 1829d
panic: ASan: Invalid access, NUM-byte read in __mtx_lock_flags 2 C 188 1650d 1716d
panic: ASan: Invalid access, 8-byte write in sctp_timer_stop 2 C 269 1650d 1775d
Fatal trap 9: general protection fault in sctp_lower_sosend (2) -1 C 446 1779d 2100d
panic: ASan: Invalid access, NUM-byte read in sctp_ss_default_select 2 C 1 1719d 1719d
panic: ASan: Invalid access, NUM-byte read in smp_masked_invlpg_range 2 C 1 1669d 1669d
panic: rsm:ADDR nrsm:ADDR rack:ADDR -- rsm->m is NULL? 2 C 25 1835d 1840d
panic: ASan: Invalid access, 4-byte read in in6_sin6_2_sin 2 C 8 1758d 1776d
panic: Most recently used by tcp_fsb 2 C 149 1840d 1840d
panic: rack_output: IP version incorrect: 0 2 C 31 1840d 1840d
panic: Most recently used by xform 2 C 115 1840d 1840d
Fatal trap 12: page fault in in6_unlink_ifa (2) -1 syz 20 1786d 2174d
panic: interrupts enabled 2 C 191 1814d 1815d
SYZFAIL: output overflow -1 syz 38 1836d 1914d
SYZFAIL: tun: read failed -1 syz 1040 1833d 1915d
panic: sbflush_internal: ccc 0 mb 0 mbcnt 256 2 C 23 2529d 2620d
panic: pfi_dynaddr_setup: non-NULL dyn 2 C 35 1970d 2211d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/i386/kernel/sys/kern/uipc_ktls.c:LINE 2 C 6 1965d 2166d
panic: sleepq_add: td ADDR to sleep on wchan ADDR with sleeping prohibited 2 C 6804 2041d 2080d
panic: pfi_kif_unref: ADDR has zero refs 2 C 2 2047d 2047d
panic: thread with borrowed priority returning to userland 2 syz 8 2170d 2203d
panic: tp:ADDR rc_sacked:LINE > out:LINE 2 C 185 2196d 2207d
panic: m_copydata, length > size of mbuf chain 2 C 93 2207d 2228d
panic: sbsndptr_noadv: sb_mb is NULL 2 C 686 2207d 2228d
panic: mtx_lock() of destroyed mutex at sys/kern/sys_socket.c:LINE 2 syz 43 2256d 2568d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/i386/kernel/sys/kern/sys_socket.c:LINE 2 syz 3 2291d 2306d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/main/kernel/sys/netinet/in_pcb.c:LINE 2 C 9 2310d 2311d
panic: _mtx_lock_sleep: recursed on non-recursive mutex rtentry @ /syzkaller/managers/main/kernel/sys/net/route.c:LINE 2 C 4 2356d 2544d
panic: mutex pcbinfohash not owned at /syzkaller/managers/i386/kernel/sys/netinet6/in6_pcb.c:LINE 2 syz 6 2385d 2386d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/main/kernel/sys/netinet6/in6_ifattach.c:LINE 2 syz 4 2407d 2408d
panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/i386/kernel/sys/netinet6/in6_ifattach.c:LINE (2) 2 syz 1 2408d 2408d
Fatal trap 12: page fault in thread_lock_validate -1 syz 1 2422d 2422d
panic: inp_leave_group: imf_sources not empty (2) 2 C 70 2527d 2561d
panic: non-kernel pmap pmap ADDR cpu 0 pcid 0 2 syz 1 2537d 2537d
panic: _mtx_lock_sleep: recursed on non-recursive mutex rtentry @ /syzkaller/managers/i386/kernel/sys/net/route.c:LINE 2 syz 1 2544d 2544d
panic: sbflush_internal: ccc 0 mb 0 mbcnt 512 2 syz 5 2543d 2602d
panic: mtx_lock() of spin mutex (null) @ /syzkaller/managers/main/kernel/sys/kern/sys_socket.c:LINE 2 syz 5 2557d 2568d
panic: Memory modified after free ADDR(256) val=0 @ ADDR 2 syz 6 2561d 2567d
panic: m_uiotombuf: progress != total 2 syz 2 2620d 2620d
panic: Bad tailq NEXT(ADDR->tqh_last) != NULL (2) 2 C 2194 2005d 2226d
panic: vm_page_free_prep: freeing wired page ADDR 2 C 2 2561d 2561d