syzbot

 sign-in | mailing list | source | docs
🐞 Open [119]
🐞 Fixed [70]
🐞 Invalid [215]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Title Repro Cause bisect Fix bisect Count Last Reported Patched Closed Patch
kernel BUG in ext4_write_inline_data_end (2) C error 16 36d 1071d 2/2 never 91f90b571f1a ext4: fix race condition between ext4_write and ext4_convert_inline_data
BUG: corrupted list in insert_work C done done 9 1051d 1152d 2/2 never d007f49ab789 percpu_ref_init(): clean ->percpu_count_ref on failure
kernel BUG in blk_mq_dispatch_rq_list (4) fat C error 16 700d 952d 0/2 never block: set .bi_max_vecs as actual allocated vector number
BUG: corrupted list in process_one_work C error done 32 50d 1149d 2/2 never d007f49ab789 percpu_ref_init(): clean ->percpu_count_ref on failure
kernel BUG in tun_attach C error 31 1039d 1080d 2/2 never bec1be0a745a net: tun: unlink NAPI from device on destruction
KASAN: use-after-free Read in free_netdev C error 2 1048d 1080d 2/2 never bec1be0a745a net: tun: unlink NAPI from device on destruction
KASAN: slab-out-of-bounds Read in exfat_clear_bitmap C error 2 1142d 1142d 2/2 never 82f723b8a5ad exfat: check if cluster num is valid
KASAN: use-after-free Read in compute_effective_progs (2) C error 11 1029d 1156d 2/2 never 3527e3cbb84d bpf: Fix KASAN use-after-free Read in compute_effective_progs
kernel BUG in ext4_mb_find_by_goal C error done 31 706d 747d 2/2 655d 100c0ad6c045 ext4: allow ext4_get_group_info() to fail
general protection fault in chrdev_open C error 1 1091d 1090d 2/2 670d 56a7f57da5d0 9p: missing chunk of "fs/9p: Don't update file type when updating file attributes"
kernel BUG in end_page_writeback f2fs C error inconclusive 3 796d 846d 2/2 703d b2f423fda64f f2fs: fix to avoid use-after-free for cached IPU bio
kernel BUG in cdc_ncm_fill_tx_frame (2) C error 3 748d 755d 2/2 705d 42b78c8cc774 net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
kernel BUG in kvfree C done 1 757d 757d 2/2 720d 1a8822343e67 ext4: fix invalid free tracking in ext4_xattr_move_to_block()
KASAN: slab-out-of-bounds Read in ext4_group_desc_csum ext4 C error inconclusive 11 729d 830d 2/2 720d 0dde3141c527 ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
general protection fault in ext4_xattr_set_entry (5) C done 11 723d 725d 2/2 720d bb8592efcf8e ext4: fix use-after-free in ext4_xattr_set_entry
KASAN: slab-out-of-bounds Read in get_max_inline_xattr_value_size ext4 C error 4 799d 878d 2/2 726d 3967d330baf2 ext4: add inode table check in __ext4_get_inode_loc to aovid possible infinite loop
general protection fault in ext4_xattr_set_entry (4) C error 62 726d 755d 2/2 726d bb8592efcf8e ext4: fix use-after-free in ext4_xattr_set_entry
KASAN: use-after-free Read in ext4_ext_rm_leaf ext4 C error inconclusive 1 863d 863d 2/2 740d 3967d330baf2 ext4: add inode table check in __ext4_get_inode_loc to aovid possible infinite loop
KASAN: use-after-free Read in ext4_rename_dir_prepare (3) C error 4 764d 764d 2/2 756d dd887f83ea54 BACKPORT: ext4: fix use-after-free in ext4_rename_dir_prepare
general protection fault in ext4_xattr_set_entry (3) C error 9 757d 760d 2/2 756d bb8592efcf8e ext4: fix use-after-free in ext4_xattr_set_entry
kernel BUG in ext4_write_inline_data ext4 C error inconclusive 3 841d 939d 2/2 760d 5e92073713f8 UPSTREAM: ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
kernel BUG in __skb_gso_segment C error 1 900d 900d 2/2 760d 25dbd87379f8 net/af_packet: make sure to pull mac header
general protection fault in em_cmp_match C error 1 904d 904d 2/2 760d 5c544c7c6afa net_sched: reject TCF_EM_SIMPLE case for complex ematch module
general protection fault in fscrypt_limit_io_blocks C error 5 881d 945d 2/2 760d a41d63f20471 ext4: don't allow journal inode to have encrypt flag
kernel BUG in ext4_free_blocks (2) ext4 C error 25 762d 1064d 2/2 760d beda74302101 UPSTREAM: ext4: block range must be validated before use in ext4_mb_clear_bb() 7550aade9783 ext4: block range must be validated before use in ext4_mb_clear_bb()
general protection fault in ext4_xattr_set_entry (2) ext4 C error 423 761d 961d 2/2 761d bb8592efcf8e ext4: fix use-after-free in ext4_xattr_set_entry
KASAN: use-after-free Read in ext4_rename_dir_prepare (2) C error inconclusive 3 830d 830d 2/2 797d dd887f83ea54 BACKPORT: ext4: fix use-after-free in ext4_rename_dir_prepare
kernel BUG in add_grec (2) C error inconclusive 1039 922d 922d 2/2 829d 44affe7ede59 ipv6: ensure sane device mtu in tunnels
KASAN: use-after-free Read in ext4_rename_dir_prepare C error 2 892d 927d 2/2 867d dd887f83ea54 BACKPORT: ext4: fix use-after-free in ext4_rename_dir_prepare
kernel BUG in ext4_writepages C error 5 958d 1120d 2/2 929d fb98cb61efff ext4: avoid crash when inline data creation follows DIO write
KASAN: use-after-free Read in gc_data_segment C error 4 932d 956d 2/2 929d 4a8e8bf28070 f2fs: fix to do sanity check on summary info
KASAN: use-after-free Read in mon_bin_flush C error 2 988d 990d 2/2 957d 1b257f97fec4 usb: mon: make mmapped memory read only
kernel BUG in notify_change (3) C error 2 1015d 1015d 2/2 973d bcf6dddd9746 ANDROID: incfs: Add check for ATTR_KILL_SUID and ATTR_MODE in incfs_setattr
kernel BUG in ext4_ind_remove_space C error 55 1118d 1229d 2/2 1116d 22c450d39f89 ext4: limit length to bitmap_maxbytes - blocksize in punch_hole
kernel BUG in vhost_get_vq_desc C error done 19 1176d 1220d 2/2 1116d 698dc7d13c4e vhost/vsock: don't check owner in vhost_vsock_stop() while releasing
BUG: stack guard page was hit in sys_open (5) 4 1130d 1136d 2/2 1117d 3e45af8a72c0 ANDROID: incremental-fs: limit mount stack depth
BUG: stack guard page was hit in sys_lsetxattr (2) 2 1187d 1189d 2/2 1117d 3e45af8a72c0 ANDROID: incremental-fs: limit mount stack depth
general protection fault in incfs_kill_sb C done 380 1193d 1195d 2/2 1117d 3e45af8a72c0 ANDROID: incremental-fs: limit mount stack depth
BUG: stack guard page was hit in security_file_open 2 1135d 1188d 2/2 1117d 3e45af8a72c0 ANDROID: incremental-fs: limit mount stack depth
BUG: stack guard page was hit in sys_mkdirat syz error 3 1118d 1152d 2/2 1117d 3e45af8a72c0 ANDROID: incremental-fs: limit mount stack depth
BUG: stack guard page was hit in sys_chmod 1 1163d 1163d 2/2 1117d 3e45af8a72c0 ANDROID: incremental-fs: limit mount stack depth
BUG: stack guard page was hit in sys_chown 2 1147d 1182d 2/2 1117d 3e45af8a72c0 ANDROID: incremental-fs: limit mount stack depth
BUG: stack guard page was hit in sys_mknodat 1 1145d 1145d 2/2 1117d 3e45af8a72c0 ANDROID: incremental-fs: limit mount stack depth
BUG: stack guard page was hit in sys_chdir (4) 1 1159d 1159d 2/2 1117d 3e45af8a72c0 ANDROID: incremental-fs: limit mount stack depth
BUG: stack guard page was hit in sys_unlink (8) 1 1158d 1158d 2/2 1117d 3e45af8a72c0 ANDROID: incremental-fs: limit mount stack depth
BUG: stack guard page was hit in sys_listxattr 1 1157d 1157d 2/2 1117d 3e45af8a72c0 ANDROID: incremental-fs: limit mount stack depth
kernel BUG in mpage_prepare_extent_to_map C error 254 1140d 1308d 2/2 1138d 330d0e44fc5a ext4: don't BUG if someone dirty pages without asking ext4 first
KASAN: use-after-free Write in paging64_update_accessed_dirty_bits C error 16 1195d 1304d 2/2 1138d e90518d10c7d KVM: x86/mmu: do compare-and-exchange of gPTE via the user address
kernel BUG in add_grec C error 83 1162d 1236d 2/2 1161d ae8ec5eabb1a net: ipv6: fix skb_over_panic in __ip6_append_data
kernel BUG in iput C error 2 1170d 1170d 2/2 1161d 9eeaa2d7d58a exfat: avoid incorrectly releasing for root inode
KASAN: slab-out-of-bounds Read in packet_recvmsg C error 1 1178d 1178d 2/2 1166d 70b7b3c055fd net/packet: fix slab-out-of-bounds access in packet_recvmsg()
KASAN: use-after-free Write in null_skcipher_crypt 1 1227d 1227d 2/2 1166d 9248694dac20 esp: Fix possible buffer overflow in ESP transformation
BUG: stack guard page was hit in file_open C error 25 1185d 1263d 2/2 1185d 6f915dd2af92 ANDROID: incremental-fs: remove index and incomplete dir on umount
kernel BUG in notify_change C error 3 1201d 1260d 2/2 1185d 6f915dd2af92 ANDROID: incremental-fs: remove index and incomplete dir on umount
KASAN: invalid-free in bitmap_free C error done 1 1268d 1268d 2/2 1185d 7da349f07e45 net/packet: rx_owner_map depends on pg_vec
general protection fault in pending_reads_dispatch_ioctl C error 4 1217d 1249d 2/2 1193d 4b1862e4fc69 ANDROID: incremental-fs: fix GPF in pending_reads_dispatch_ioctl
KASAN: use-after-free Read in hardware_disable C error done 5 1223d 1227d 2/2 1193d 080dbe7e9b86 KVM: x86: Forcibly leave nested virt when SMM state is toggled
BUG: Dentry still in use in unmount C done 1184 1195d 1207d 2/2 1193d 6f915dd2af92 ANDROID: incremental-fs: remove index and incomplete dir on umount
general protection fault in reweight_entity C done 2 1205d 1263d 1/2 1195d 4c47eaa7c828 BACKPORT: sched/fair: Fix fault in reweight_entity
kernel BUG in kvm_mmu_notifier_invalidate_range_end C error done 167 1232d 1319d 1/2 1195d 2fc2c66b9ce4 ANDROID: percpu-rwsem: enable percpu_sem destruction in atomic context
general protection fault in tipc_crypto_key_distr 1 1304d 1304d 1/2 1215d a7d91625863d tipc: check for null after calling kmemdup
KASAN: slab-out-of-bounds Write in legacy_parse_param C error 1 1248d 1248d 1/2 1222d eadde287a62e vfs: fs_context: fix up param length parsing in legacy_parse_param
kernel BUG in cdc_ncm_fill_tx_frame C error 40 1254d 1320d 1/2 1251d 385ffd31ebdb net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
general protection fault in klist_iter_exit C error 5 1269d 1305d 1/2 1260d c602863ad28e nfc: fix segfault in nfc_genl_dump_devices_done
KASAN: null-ptr-deref Write in prepare_to_wait C error 2 1312d 1312d 1/2 1279d 748786564a35 Revert "io_uring: reinforce cancel on flush during exit"
general protection fault in scsi_queue_rq C error 3 1287d 1312d 1/2 1279d 06cc8187dbb6 scsi: core: Remove command size deduction from scsi_setup_scsi_cmnd()
BUG: Dentry still in use [unmount of ramfs ramfs] C error 3 1318d 1319d 1/2 1279d df4c5491ab63 ANDROID: Incremental fs: Fix dentry get/put imbalance on vfs_mkdir() failure
KASAN: use-after-free Write in ext4_stop_mmpd C done 3 1315d 1317d 1/2 1300d b663890d8544 ext4: fix possible UAF when remounting r/o a mmp-protected file system
divide error in genelink_tx_fixup C error 8 1311d 1316d 1/2 1300d 017718dfbb6f usbnet: fix error return code in usbnet_probe()
KASAN: invalid-free in io_commit_cqring C error 3 1307d 1317d 1/2 1306d 3f2c12ec8a3f io_uring: don't take uring_lock during iowq cancel