syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1324]
Subsystems
🐞 Fixed [7186]
🐞 Invalid [18980]
Missing Backports [221]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

Applied filters: Label=prio:high (drop)
Extra filters: [With Repro]
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Closed Patch
UBSAN: shift-out-of-bounds in xfrm_selector_match (3) net prio:high -1 1 10d 9d11h 3/29 never xfrm: validate selector family and prefixlen during match
WARNING: lock held when returning to user space in lock_vma_under_rcu prio:high mm 4 1 102d 98d 2/29 never userfaultfd: fix lock leak in mfill_get_vma()
WARNING in folio_add_new_anon_rmap prio:high mm -1 C error 14 102d 101d 2/29 never userfaultfd-introduce-struct-mfill_state-fix
KASAN: slab-out-of-bounds Read in usbtmc_interrupt prio:high usb 17 C 5 37d 312d 27/29 never 52f2ad3f7e5e usb: usbtmc: check URB actual_length for interrupt-IN notifications
KASAN: slab-use-after-free Read in ipvlan_hard_header (4) prio:high net actionable 19 2 51d 12d 26/29 never f4c3d89fc986 tipc: fix UAF in tipc_l2_send_msg()
WARNING: refcount bug in __inet_csk_reqsk_queue_drop prio:high net 13 9 27d 25d 27/29 never e10902df2448 tcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req().
KASAN: slab-out-of-bounds Read in cache_seq_start_rcu prio:high net nfs 17 C 67 28d 64d 27/29 never ea25e3c7915b sunrpc: prevent out-of-bounds read in __cache_seq_start()
KASAN: use-after-free Read in jfs_lazycommit prio:high jfs 19 C error 4133 13h14m 1362d 0/29 never From 7e1a0b91e9efa8bec40fc5397ba6c4e683d72df0 Mon Sep 17 00:00:00 2001
KMSAN: kernel-infoleak in move_addr_to_user (7) prio:high hams wpan 9 C 46 53d 640d 3/29 never ieee802154: fix kernel-infoleak in dgram_recvmsg()
INFO: task hung in __writeback_inodes_sb_nr (6) prio:high jfs 1 C done 4174 1d06h 1103d 1/29 never PM: hibernate: Fix block device handling in test_resume mode
UBSAN: shift-out-of-bounds in squashfs_xz_comp_opts prio:high squashfs -1 C error 4 88d 127d 2/29 never Squashfs: check xz dictionary size isn't zero
general protection fault in arp_create (4) prio:high net 2 2 40d 38d 27/29 never f80d3d98d2ff batman-adv: bla: avoid NULL-ptr deref for claim via dropped interface
KMSAN: uninit-value in bch2_alloc_sectors_start_trans (2) prio:high fs 7 syz 875 268d 434d 2/29 never bcachefs: Add missing ei_last_dirtied update
WARNING in bch2_fs_journal_start prio:high fs -1 C done 14 368d 389d 2/29 never bcachefs: Don't allow mounting with crazy numbers of dirty journal entries
WARNING in closure_put_after_sub prio:high fs -1 2 318d 342d 2/29 never bcachefs: Ensure we don't return with closure on waitlist
KASAN: slab-use-after-free Write in bch2_get_next_dev prio:high fs 22 C 1331 247d 341d 2/29 never bcachefs: Fix UAF by journal write path
KASAN: slab-use-after-free Write in bch2_do_discards prio:high fs 22 syz 137 267d 337d 2/29 never bcachefs: Fix UAF by journal write path
KASAN: slab-out-of-bounds Read in __bch2_alloc_to_v4 prio:high fs 17 20 355d 352d 2/29 never bcachefs: Fix __bch2_alloc_to_v4 copy
kernel BUG in __journal_res_get (3) prio:high fs -1 C inconclusive 175 247d 371d 2/29 never bcachefs: Fix __bch2_fs_read_write() error path
kernel panic: in transaction restart: transaction_restart_relock, last restarted by prio:high fs 2 5 328d 328d 2/29 never bcachefs: Fix incorrect transaction handling
KMSAN: uninit-value in bch2_check_subvols prio:high fs 7 C 53 268d 358d 2/29 never bcachefs: Fix missing compat code in check_subvol()
KASAN: slab-out-of-bounds Write in bch2_dirent_init_name prio:high fs 21 C error 1496 247d 372d 2/29 never bcachefs: Fix padding zeroout when creating casefolded dirents
INFO: task hung in invalidate_inode_pages2_range (3) prio:high fs 1 C done 57 15d 481d 2/29 never bcachefs: Fix readahead involved deadlock
INFO: task hung in bch2_readahead prio:high fs 1 C done 375 284d 765d 2/29 never bcachefs: Fix readahead involved deadlock
INFO: task hung in bch2_page_fault prio:high ext4 exfat ntfs3 1 syz done 42 308d 557d 2/29 never bcachefs: Fix readahead involved deadlock
INFO: task hung in bchfs_fpunch (2) prio:high fs mm 1 C done 2 321d 365d 2/29 never bcachefs: Fix readahead involved deadlock
INFO: task hung in pipe_release (6) prio:high kernfs 1 syz done 20 17d 482d 2/29 never bcachefs: Fix readahead involved deadlock
KMSAN: uninit-value in __bch2_alloc_v4_to_text prio:high fs 7 C 3 367d 372d 2/29 never bcachefs: Fix refs to undefined fields in __bch2_alloc_v4_to_text()
kernel BUG in bch2_fill_extent (2) prio:high fs -1 10 262d 344d 2/29 never bcachefs: Fix unhandled key type in fiemap_fill_extent
UBSAN: array-index-out-of-bounds in bch2_accounting_validate prio:high fs 15 C done 23 257d 324d 2/29 never bcachefs: Ignore accounting key type larger than BCH_DISK_ACCOUNTING_TYPE_NR
INFO: task hung in __closure_sync prio:high fs 1 C done 8591 254d 782d 2/29 never bcachefs: Increase BCH_MIN_NR_NBUCKETS
INFO: task hung in bch2_copygc_stop prio:high kernel 1 C done 31386 255d 754d 2/29 never bcachefs: Increase BCH_MIN_NR_NBUCKETS
INFO: task hung in __bch2_fs_stop prio:high fs 1 C done 1589 263d 739d 2/29 never bcachefs: Increase BCH_MIN_NR_NBUCKETS
kernel BUG in bch2_btree_repair_topology_recurse prio:high fs -1 C done 7 268d 328d 2/29 never bcachefs: btree_check_root_boundaries()
kernel BUG in bch2_printbuf_exit prio:high fs -1 C error 29 338d 342d 2/29 never bcachefs: convert str_hash.c to CLASS
WARNING in bch2_verify_accounting_clean prio:high fs -1 29 251d 501d 2/29 never bcachefs: do_bch2_trans_commit_to_journal_replay handles accounting
KASAN: use-after-free Read in check_extent_overbig prio:high fs 19 C done done 18 283d 566d 2/29 never bcachefs: fix check_extent_overbig() call
WARNING in bch2_prt_printf prio:high fs -1 C done error 103 270d 774d 2/29 never bcachefs: journal_entry_btree_keys_to_text() is more careful
KASAN: slab-use-after-free Read in current_time fs prio:high 19 C 2 27d 23d 24/29 never b93c55b4932d bpf: fix UAF by restoring RCU-delayed inode freeing in bpffs
WARNING: ODEBUG bug in smpboot_thread_fn prio:high kernel -1 5 51d 51d 27/29 never 4df78ff02629 bridge: mcast: Fix a possible use-after-free when removing a bridge port
KASAN: slab-use-after-free Read in close_fs_devices prio:high btrfs 19 22 359d 363d 2/29 never btrfs: fix a use-after-free race if btrfs_open_devices() failed
INFO: task hung in btrfs_invalidate_folio (4) prio:high btrfs 1 C error 7 29d 29d 18/29 never 532085d00eb5 btrfs: fix deadlock cloning inline extent when using flushoncommit
KASAN: slab-use-after-free Read in replace_file_extents actionable prio:high btrfs 19 1 36d 22d 18/29 never ae2eb64bfd97 btrfs: fix use-after-free after relocation failure with concurrent COW
kernel BUG in replace_file_extents prio:high btrfs -1 54 17d 67d 18/29 never a6908f88c9da btrfs: validate data reloc tree file extent item members
WARNING in update_curr_idle kernel prio:high -1 188 1d01h 12d 0/29 never c095741713d1 sched/fair: Fix newidle vs core-sched
WARNING in stub_timer (2) kernel prio:high -1 1 13d 9d12h 17/29 never b81dde13cc16 debugobjects: Plug race against a concurrent OOM disable
KASAN: slab-use-after-free Read in dma_buf_fd actionable prio:high dri media 19 21 37d 105d 27/29 never ead6680f354f dma-buf: fix UAF in dma_buf_fd() tracepoint
WARNING in dma_resv_add_fence prio:high dri media -1 C 7 43d 47d 0/29 never 9af1b6e175c8 drm/virtio: use uninterruptible resv lock for plane updates
KASAN: slab-use-after-free Read in z_erofs_decompress_kickoff prio:high erofs 19 2 30d 52d 27/29 never 1aee05e814d2 erofs: fix use-after-free on sbi->sync_decompress
KASAN: slab-use-after-free Read in reverse_path_check_proc prio:high fs 19 C 113 16d 33d 26/29 never a1e9718b406b eventpoll: restore EP_UNACTIVE_PTR sentinel for ctx->tfile_check_list
possible deadlock in lock_two_nondirectories (2) overlayfs ext4 prio:high 4 C error 14 1d07h 19d 24/29 never c143957520c6 ext4: validate donor file superblock early in EXT4_IOC_MOVE_EXT
kernel BUG in f2fs_do_truncate_blocks (2) prio:high f2fs -1 1 54d 50d 19/29 never 8712353ed80f f2fs: fix to do sanity check on f2fs_get_node_folio_ra()
INFO: trying to register non-static key in f2fs_exist_written_data prio:high f2fs -1 C error 152 37d 46d 2/29 never f2fs: initialize ino_entry_info before checkpoint load
KASAN: null-ptr-deref Read in io_sqe_buffer_register prio:high io-uring 11 C done 54 289d 293d 2/29 never fixup: mm/gup: remove record_subpages()
KASAN: wild-memory-access Read in md5_update prio:high crypto 17 C done 8 290d 291d 2/29 never fixup: mm/gup: remove record_subpages()
KMSAN: uninit-value in __fl_lookup (3) prio:high net 7 7 7d02h 26d 3/29 never flow_dissector: check device type before reading ETH_ADDRS
KMSAN: uninit-value in ni_seek_data_or_hole prio:high ntfs3 7 C 6 32d 29d 2/29 never 57ac2831c8e0 fs/ntfs3: prevent potential lcn remains uninitialized
possible deadlock in keyring_clear (3) prio:high keyrings lsm 4 C 79 12d 260d 2/29 never fscrypt: Replace mk_users keyring with simple list
BUG: sleeping function called from invalid context in lockref_get_not_dead prio:high gfs2 5 C error 13 52d 70d 2/29 never gfs2: fix quota init duplicate scan
KASAN: slab-use-after-free Write in gfs2_qd_dealloc (3) prio:high gfs2 22 C error 146 134d 392d 2/29 never gfs2: fix use-after-free in gfs2_qd_dealloc
KASAN: slab-out-of-bounds Read in hfsplus_bnode_read prio:high hfs 21 C error error 521 330d 1306d 26/29 never 966cb76fb285 hfs/hfsplus: fix u32 overflow in check_and_correct_requested_length
KMSAN: uninit-value in hfsplus_bnode_find prio:high hfs 7 C 24 7d15h 70d 26/29 never d67aadee19ff hfs/hfsplus: zero-initialize buffer in hfs_bnode_read 3f95e2661574 hfsplus: Add a sanity check for btree node size
general protection fault in __hfsplus_setxattr prio:high hfs 2 C error 153 18d 70d 26/29 never 7a41fd2b32e5 hfsplus: Remove the duplicate attr inode dirty marking action
kernel BUG in __get_vm_area_node prio:high bridge -1 2 49d 46d 27/29 never 04aa71da5f35 mm/vmalloc: do not trigger BUG() on BH disabled context
memory leak in path_openat (3) prio:high io-uring 3 C 1 11d 11d 2/29 never io_uring/nop: fix file reference leak with IOSQE_FIXED_FILE
KASAN: slab-use-after-free Read in ip6gre_tunnel_xmit prio:high net 19 C error error 33 173d 582d 0/29 never ip6_gre: use skb_vlan_inet_prepare() instead of pskb_inet_may_pull()
KASAN: slab-use-after-free Read in fib_rules_lookup net prio:high 19 37 6d15h 8d06h 26/29 never d954a67a7dfa ipv4: fib_rule: Move fib4_rules_exit() to ->exit(). 46762cefe7f4 net: serialize netif_running() check in enqueue_to_backlog()
WARNING in ip_rt_bug (3) prio:high net -1 C error 54 25d 36d 27/29 never 7eb72c1e3984 ipv4: icmp: reject broadcast/multicast routes
KASAN: slab-use-after-free Read in ipv6_chk_acast_addr prio:high net 19 1 34d 26d 27/29 never f723ccaff2fb ipv6: anycast: insert aca into global hash under idev->lock
KASAN: slab-use-after-free Write in __ipv6_dev_ac_dec prio:high net 22 1 48d 48d 27/29 never f723ccaff2fb ipv6: anycast: insert aca into global hash under idev->lock
KASAN: slab-use-after-free Read in sit_tunnel_xmit net prio:high 19 1 18d 17d 26/29 never f0e42f0c4337 ipv6: sit: reload inner IPv6 header after GSO offloads
general protection fault in jbd2_journal_dirty_metadata (2) prio:high ext4 2 C error 28 9d18h 50d 24/29 never 8fc197cf366b jbd2: check for aborted handle in jbd2_journal_dirty_metadata()
WARNING: suspicious RCU usage in kernfs_put prio:high kernfs 4 1 79d 75d 26/29 never 0fdde3f2aead kernfs: fix suspicious RCU usage in kernfs_put()
KASAN: slab-use-after-free Read in shrink_dcache_tree fs prio:high actionable 19 2 6d01h 7d03h 19/29 never 89038cc87d80 locking/rt: Fix the incorrect RCU protection in rt_spin_unlock()
general protection fault in remove_waiter prio:high kernel 2 syz 6 45d 57d 27/29 never 40a25d59e85b locking/rtmutex: Skip remove_waiter() when waiter is not enqueued
WARNING: ODEBUG bug in i2c_device_remove (2) prio:high i2c usb -1 C 3 51d 64d 24/29 never 680daf40a82d media: rtl2832: fix use-after-free in rtl2832_remove()
general protection fault in vidtv_psi_ts_psi_write_into prio:high media 8 78 5d23h 163d 24/29 never 7d8bf3d8f910 media: vidtv: fix NULL pointer dereference in vidtv_mux_push_si
KASAN: slab-use-after-free Read in do_sync_mmap_readahead prio:high mm 19 C done 3 367d 371d 2/29 never mm-filemap-allow-arch-to-request-folio-size-for-exec-memory-fix
WARNING in page_counter_uncharge (2) prio:high cgroups mm -1 C error 10 8d07h 88d 23/29 never 15807d0ddde3 mm/hugetlb: fix hugetlb cgroup rsvd charge/uncharge mismatch
kernel BUG in swap_cgroup_record (2) prio:high cgroups mm -1 C error 227 162d 166d 2/29 never mm/swap_cgroup: fix kernel BUG in swap_cgroup_record
WARNING in folio_lruvec_lock prio:high mm cgroups -1 1 374d 370d 2/29 never mm/vma: correctly invoke late KSM check after mmap hook
KASAN: wild-memory-access Read in lookup_swap_cgroup_id (2) cgroups mm prio:high 17 4 75d 138d 23/29 never 63b02a9409cb mm: swap_cgroup: fix NULL deref in lookup_swap_cgroup_id on swapless host
KMSAN: uninit-value in mptcp_established_options prio:high mptcp 7 syz 3191 19d 54d 27/29 never 5e939544f9d2 mptcp: fix uninit-value in mptcp_established_options
BUG: corrupted list in dev_deactivate_many (2) prio:high net 8 syz 8 14d 16d 26/29 never 8eed5519e496 net: watchdog: fix refcount tracking races net: watchdog: fix refcount tracking races
KMSAN: uninit-value in nci_dev_up (3) prio:high net nfc 7 1 41d 37d 2/29 never nfc: nci: fix use of uninitialized memory in CORE_INIT_RSP parsing
general protection fault in ocfs2_assure_trans_credits (2) prio:high ocfs2 2 12 12d 22d 22/29 never f9ab30c96b0f ocfs2: fix NULL h_transaction deref in ocfs2_assure_trans_credits
UBSAN: array-index-out-of-bounds in ocfs2_grow_tree (2) prio:high ocfs2 15 1 66d 62d 22/29 never 452a8467be81 ocfs2: fix UBSAN array-index-out-of-bounds in ocfs2_sum_rightmost_rec
UBSAN: array-index-out-of-bounds in ocfs2_dx_dir_lookup_rec prio:high ocfs2 15 1 37d 33d 22/29 never 6371a07148ee ocfs2: fix buffer head management in ocfs2_read_blocks()
possible deadlock in ocfs2_acquire_dquot prio:high ocfs2 4 C 71841 190d 632d 2/29 never ocfs2: fix circular locking dependency in ocfs2_acquire_dquot
possible deadlock in ocfs2_evict_inode prio:high ocfs2 4 C error 2694 9d01h 674d 22/29 never ff6f26c58421 ocfs2: fix circular locking dependency in ocfs2_dio_end_io_write
WARNING in __ocfs2_decrease_refcount prio:high ocfs2 -1 12 8d03h 37d 22/29 never 1ec3cca2d8b6 ocfs2: fix out-of-bounds write in ocfs2_remove_refcount_extent
KMSAN: uninit-value in _find_next_bit prio:high ocfs2 7 C 30 71d 459d 22/29 never 93c8c6ea90be ocfs2: use kzalloc for quota recovery bitmap allocation
general protection fault in ovl_iterate prio:high overlayfs 8 C 20 18d 183d 27/29 never 1711b6ed6953 ovl: keep err zero after successful ovl_cache_get()
inconsistent lock state in __sk_receive_skb prio:high net 4 C error 147 21d 110d 27/29 never dbc81608e3a6 phonet/pep: disable BH around forwarded sk_receive_skb()
possible deadlock in __sk_receive_skb prio:high net 4 C error 80 33d 36d 27/29 never dbc81608e3a6 phonet/pep: disable BH around forwarded sk_receive_skb()
possible deadlock in rhashtable_free_and_destroy prio:high mm 4 8 43d 64d 26/29 never 060d4e94b8d4 rhashtable: give each instance its own lockdep class
KMSAN: kernel-infoleak in irqentry_exit kernel prio:high 9 17526 now 24d 27/29 never 6d99479799c6 rseq: Fix using an uninitialized stack variable in rseq_exit_user_update()
WARNING in drm_prime_destroy_file_private (3) dri prio:high -1 C error 183 39d 43d 29/29 23d dc366607c41c drm: Replace old pointer to new idr
BUG: sleeping function called from invalid context in ip_vs_conn_new lvs prio:high 5 C 2034 48d 72d 29/29 23d d493d9de1c21 ipvs: fix the spin_lock usage for RT build
WARNING: bad unlock balance in do_wp_page mm prio:high 4 8 44d 59d 29/29 27d mm: memcontrol: fix rcu unbalance in get_non_dying_memcg_end()
KCSAN: data-race in bond_3ad_get_active_agg_info / bond_3ad_state_machine_handler (3) net prio:high 6 1 57d 57d 29/29 33d c4f050ce06c5 bonding: 3ad: implement proper RCU rules for port->aggregator
KASAN: slab-use-after-free Write in rsi_91x_deinit actionable wireless prio:high 22 1 71d 65d 29/29 33d db57a1aa54ff wifi: rsi: fix kthread lifetime race between self-exit and external-stop
WARNING in vma_mark_detached prio:high mm -1 C error 8 42d 64d 29/29 33d 619eab23e1ce mm/vma: do not try to unmap a VMA if mmap_prepare() invoked from mmap()
INFO: task hung in lbs_remove_card usb libertas prio:high 1 C 14933 35d 314d 29/29 33d 4a142520d166 wifi: libertas: notify firmware load wait on disconnect
general protection fault in task_work_cancel lsm prio:high 2 syz error 15 90d 109d 29/29 33d 929553bbb4cd landlock: Fully release unused TSYNC work entries
general protection fault in task_work_cancel_match prio:high kernel 2 10 95d 124d 29/29 33d 929553bbb4cd landlock: Fully release unused TSYNC work entries
BUG: stack guard page was hit in addrconf_rs_timer prio:high net -1 1 102d 102d 29/29 34d b7405dcf7385 bonding: prevent potential infinite loop in bond_header_parse()
KMSAN: uninit-value in fuse_dentry_revalidate (2) fuse prio:high 7 C 261 70d 129d 29/29 34d 5a6baf204610 fuse: fix uninit-value in fuse_dentry_revalidate()
WARNING in attr_data_get_block_locked prio:high ntfs3 -1 C 12 49d 121d 29/29 34d d7ea8495fd30 fs/ntfs3: fix missing run load for vcn0 in attr_data_get_block_locked()
WARNING in filename_mkdirat gfs2 prio:high -1 C 84 44d 127d 29/29 34d 2ff7cf7e0640 gfs2: Call unlock_new_inode before d_instantiate
KASAN: use-after-free Write in ocfs2_write_end_nolock actionable ocfs2 prio:high 22 26 45d 83d 29/29 34d 7bc5da4842be ocfs2: fix out-of-bounds write in ocfs2_write_end_inline
KASAN: stack-out-of-bounds Read in l2cap_send_cmd bluetooth prio:high 17 C 174 90d 102d 29/29 34d 9d87cb22195b Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap_ecred_conn_req
inconsistent lock state in igrab xfs prio:high 4 C error 521 50d 130d 29/29 34d f621324dfb3d iomap: fix lockdep complaint when reads fail
BUG: sleeping function called from invalid context in usb_tx_block usb libertas prio:high 5 C 780 65d 120d 29/29 34d 7c5c2b661bdb wifi: libertas: don't kill URBs in interrupt context
memory leak in run_add_entry (2) prio:high ntfs3 3 C 1 81d 95d 29/29 34d 87ac077d6ea8 ntfs3: fix memory leak in indx_create_allocate()
KMSAN: uninit-value in ntfs_iomap_begin ntfs3 prio:high 7 C 191 71d 122d 29/29 34d e98266e823a1 fs/ntfs3: prevent uninitialized lcn caused by zero len
KMSAN: uninit-value in bpf_prog_test_run_skb bpf prio:high 7 C 4 94d 175d 29/29 34d 12bec2bd4b76 bpf: reject short IPv4/IPv6 inputs in bpf_prog_test_run_skb
general protection fault in f2fs_in_warm_node_list prio:high f2fs 2 C error 11247 63d 126d 29/29 34d 2d9c4a4ed4ee f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io()
KASAN: slab-use-after-free Read in rds_conn_path_drop rds prio:high 19 1 111d 111d 29/29 34d ebf71dd4aff4 net/rds: Restrict use of RDS/IB to the initial network namespace
INFO: task hung in btrfs_invalidate_folio (3) prio:high btrfs 1 C error 9 84d 97d 29/29 34d b48c980b6a7e btrfs: fix deadlock between reflink and transaction commit when using flushoncommit
general protection fault in rwsem_mark_wake mm prio:high 2 C error 9235 96d 99d 29/29 34d 68bcd8b6e0b1 locking/rwsem: Fix logic error in rwsem_del_waiter()
possible deadlock in ocfs2_extend_dir ocfs2 prio:high 4 1 115d 111d 29/29 34d b02da26a992d ocfs2: fix possible deadlock between unlink and dio_end_io_write