syzbot

 sign-in | mailing list | source | docs
🐞 Open [123]
🐞 Fixed [69]
🐞 Invalid [252]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Out of 252 bugs, 210 were automatically obsoleted (36 due to revoked reproducers), 42 were invalidated by users.
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported
SYZFAIL: SIGSEGV (2) -1 3 91d 184d
kernel BUG in ext4_create_inline_data -1 C done 2 106d 167d
KASAN: slab-out-of-bounds Read in mon_bin_event 17 C done 60 83d 138d
BUG: scheduling while atomic in futex_wait_queue_me 5 1 108d 108d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (8) -1 2 30d 30d
KASAN: slab-out-of-bounds Write in try_module_get 23 11 125d 197d
BUG: soft lockup in sock_read_iter 1 2 127d 140d
KASAN: use-after-free Write in u32_destroy_key 24 1 131d 131d
general protection fault in lo_ioctl 2 1 144d 144d
KASAN: use-after-free Read in ext4_xattr_inode_dec_ref_all 19 C done 3 206d 234d
KASAN: use-after-free Read in tw_timer_handler 19 syz 10 125d 159d
SYZFAIL: SIGFPE (2) -1 8 158d 334d
KASAN: use-after-free Read in exact_lock (2) 19 172 125d 204d
KASAN: use-after-free Read in tcp_net_metrics_exit_batch 19 613 125d 164d
KASAN: use-after-free Read in inet_twsk_purge 19 74 128d 163d
general protection fault in tipc_conn_close (4) 2 2 171d 237d
general protection fault in __rt6_nh_dev_match 2 2 176d 188d
KASAN: slab-out-of-bounds Read in dentry_revalidate 17 2 181d 259d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return (2) 4 C error 2 195d 387d
general protection fault in ip6_create_rt_rcu 2 1 188d 188d
SYZFAIL: netlink_send_ext: short netlink write (2) -1 2 189d 254d
KASAN: use-after-free Write in l2tp_session_delete (2) 24 3 190d 291d
BUG: soft lockup in cleanup_net 1 1 192d 192d
BUG: soft lockup in input_repeat_key 1 C error 3 246d 754d
general protection fault in __loop_clr_fd 2 1 194d 194d
KASAN: use-after-free Read in fast_dput (2) 19 1 195d 195d
KASAN: use-after-free Write in ext4_insert_dentry 24 C done 25 209d 428d
kernel BUG in ext4_ind_map_blocks -1 2 201d 219d
BUG: soft lockup in addrconf_rs_timer (2) 1 C 265 181d 512d
kernel BUG in blk_mq_dispatch_rq_list (4) fat -1 C error 16 867d 1120d
BUG: unable to handle kernel paging request in __gnet_stats_copy_basic 8 1 203d 203d
general protection fault in current_umask 2 C unreliable 5 215d 425d
KASAN: use-after-free Write in skb_release_data 24 1 207d 207d
KASAN: use-after-free Write in tipc_mon_reinit_self 24 1 231d 231d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (7) -1 2 152d 152d
SYZFAIL: open(/proc/self/ns/net) failed -1 1 243d 243d
BUG: soft lockup in sock_write_iter 1 1 249d 249d
KASAN: use-after-free Read in br_multicast_port_group_expired (2) 19 1 266d 266d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (6) -1 8 270d 342d
KASAN: stack-out-of-bounds Read in __xfrm_dst_hash 17 1 278d 278d
KASAN: use-after-free Read in exact_lock 19 53 256d 266d
kernel BUG in vlan_get_protocol_dgram -1 C done 6 309d 424d
KASAN: use-after-free Read in fast_dput 19 14 300d 490d
SYZFAIL: iptable checkpoint: socket(SOCK_STREAM, IPPROTO_TCP) failed -1 4 301d 389d
SYZFAIL: ebtable: socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) -1 81 285d 473d
KASAN: use-after-free Read in lock_get_status 19 4 337d 354d
BUG: corrupted list in tipc_nametbl_translate 8 2 340d 362d
general protection fault in cleanup_bearer 19 C 14034 321d 324d
KASAN: out-of-bounds Read in __show_regs 17 1 343d 343d
BUG: soft lockup in br_multicast_group_expired (2) 1 1 346d 346d
BUG: Bad page map (3) -1 3 347d 493d
KASAN: use-after-free Write in virtio_transport_recv_pkt 24 C inconclusive 1 400d 592d
KASAN: use-after-free Read in bdev_try_to_free_page 19 1 353d 353d
KASAN: use-after-free Read in binder_release_work 19 C 154 335d 369d
BUG: soft lockup in mntput 1 1 371d 371d
SYZFAIL: handshake read failed -1 1 390d 390d
KASAN: use-after-free Write in l2tp_session_delete 24 2 391d 415d
kernel BUG in vlan_get_tci -1 2 395d 424d
SYZFAIL: netlink_send_ext: short netlink write -1 4 401d 490d
SYZFAIL: posix_spawn failed -1 9928 364d 501d
SYZFAIL: mmap of output file failed -1 20 389d 490d
SYZFAIL: child failed -1 syz error error 1 413d 1422d
KASAN: use-after-free Read in ext4_convert_inline_data_nolock 19 syz error 1 432d 565d
KASAN: use-after-free Read in __ext4_check_dir_entry 19 C error 2 437d 555d
BUG: corrupted list in p9_fd_cancelled (4) 8 4 418d 527d
BUG: unable to handle kernel paging request in __raw_callee_save___kvm_vcpu_is_preempted 8 1 427d 427d
SYZFAIL: mkdir(syz-tmp) failed -1 299 388d 500d
SYZFAIL: bad allocate request -1 148 388d 499d
KASAN: use-after-free Read in wg_queue_enqueue_per_peer_tx 19 2 429d 433d
SYZFAIL: ShmemBuilder: too large output offset -1 51 389d 497d
general protection fault in steam_send_report 2 1 430d 430d
SYZFAIL: can't reallocate -1 1 433d 433d
SYZFAIL: SIGSEGV -1 841 395d 509d
KASAN: use-after-free Write in __tlb_remove_page_size 24 1 437d 437d
SYZFAIL: SIGFPE -1 2 438d 483d
general protection fault in free_swap_cache 2 1 448d 448d
KASAN: stack-out-of-bounds Read in __show_regs 17 1 449d 449d
BUG: soft lockup in br_multicast_port_group_expired 1 1 450d 450d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5) -1 30 419d 538d
KASAN: use-after-free Read in br_multicast_port_group_expired 19 1 453d 453d
BUG: soft lockup in net_rx_action 1 2 453d 465d
BUG: soft lockup in __run_timers 1 2 454d 522d
BUG: soft lockup in sys_sendmmsg 1 2 455d 455d
KASAN: use-after-free Read in usb_udc_uevent (3) 19 1 456d 456d
BUG: soft lockup in __netif_receive_skb_core 1 1 457d 457d
KASAN: use-after-free Read in unaccount_page_cache_page (2) 19 1 460d 460d
KASAN: use-after-free Read in worker_thread 19 1 462d 462d
BUG: soft lockup in wg_expired_send_persistent_keepalive 1 1 466d 466d
BUG: soft lockup in br_multicast_group_expired 1 1 467d 467d
BUG: soft lockup in ip_list_rcv 1 1 467d 467d
BUG: soft lockup in run_rebalance_domains 1 1 468d 468d
BUG: soft lockup in ipv6_rcv 1 3 472d 489d
KASAN: null-ptr-deref Write in __kernfs_remove 12 1 475d 475d
BUG: soft lockup in vfork 1 1 477d 477d
BUG: soft lockup in sys_exit_group 1 1 483d 483d
SYZFAIL: bad thread state in completion -1 syz error error 5 1072d 1413d
KASAN: use-after-free Read in dev_get_by_index_rcu 19 1 493d 493d
BUG: soft lockup in sys_clone 1 1 496d 496d
BUG: soft lockup in sys_recvmsg 1 4 497d 576d
SYZFAIL: control pipe read failed -1 1 500d 500d
SYZFAIL: too many calls in output -1 2 505d 505d
BUG: soft lockup in sys_bpf 1 2 510d 514d
BUG: unable to handle kernel paging request in swake_up_locked 8 C inconclusive 1 528d 560d
KASAN: use-after-free Read in macsec_get_iflink 19 syz error 2 533d 660d
KASAN: use-after-free Read in wg_packet_send_staged_packets 19 1 559d 559d
go runtime error 2 22 561d 840d
SYZFAIL: tun read failed -1 syz error error 123 487d 1485d
SYZFAIL: proc resp pipe read failed -1 73 494d 510d
general protection fault in fq_codel_enqueue (2) 2 2 574d 576d
panic: runtime error: floating point error [recovered] 2 1 581d 581d
android13-5.10-lts build error -1 44 544d 564d
KASAN: use-after-free Read in f2fs_write_end_io 19 1 589d 589d
syzkaller: failed to copy syzkaller: file bin/linux_arm64/syz-fuzzer does not exist -1 2 510d 510d
BUG: unable to handle kernel paging request in fuse_dev_do_write (3) 8 1 602d 602d
KASAN: use-after-free Read in unaccount_page_cache_page 19 150 574d 1103d
general protection fault in mnt_want_write (2) 2 1 640d 640d
BUG: corrupted list in p9_fd_cancelled (3) 8 C done unreliable 38 658d 743d
KASAN: stack-out-of-bounds Read in update_stack_state 17 1 654d 654d
panic: replaceArg: group fields don't match: NUM/NUM 2 13 618d 618d
general protection fault in skb_segment 2 C done 1 693d 707d
KASAN: use-after-free Read in key_task_permission 19 1 691d 691d
android13-5.10-lts test error: lost connection to test machine -1 1 697d 697d
BUG: unable to handle kernel paging request in fuse_dev_do_write (2) 8 1 722d 722d
KASAN: null-ptr-deref Write in backing_data_changed 12 C done 3 747d 819d
general protection fault in __writeback_single_inode 2 1 765d 765d
BUG: Bad page map (2) -1 1 767d 767d
KASAN: use-after-free Read in locked_inode_to_wb_and_lock_list 19 2 771d 801d
general protection fault in tipc_conn_close (3) 2 1 793d 793d
kernel BUG in __block_commit_write -1 1 795d 795d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) -1 20 804d 1006d
corrupted report (2) -1 6 805d 883d
BUG: soft lockup in wg_packet_tx_worker 1 5 815d 864d
BUG: soft lockup in neigh_timer_handler 1 2 815d 824d
BUG: soft lockup in wg_packet_handshake_send_worker 1 6 823d 863d
BUG: soft lockup in sys_sendto 1 2 823d 860d
kernel panic: EXT4-fs (device loop2): panic forced after error 2 1 827d 827d
BUG: soft lockup in tc_modify_qdisc 1 C done done 314 810d 864d
BUG: soft lockup in addrconf_rs_timer 1 2 840d 858d
fatal error: fault -1 1 846d 846d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return 4 syz error error 2 848d 1329d
fatal error: Connection to IP closed by remote host. -1 3 863d 986d
BUG: stack guard page was hit in corrupted (23) -1 syz error error 1 888d 888d
KASAN: use-after-free Read in usb_udc_uevent (2) 19 1 885d 885d
kernel BUG in ext4_expand_extra_isize_ea -1 C done done 5 898d 912d
BUG: unable to handle kernel paging request in fuse_dev_do_write 8 18 858d 923d
KASAN: global-out-of-bounds Read in f2fs_release_page 19 2 896d 928d
SYZFAIL: clock_gettime failed -1 syz error error 5 903d 1429d
KASAN: use-after-free Read in f2fs_remove_dirty_inode 19 C error error 4 917d 974d
general protection fault in do_swap_page 2 246 887d 1325d
kernel panic: EXT4-fs (device loop3): panic forced after error 2 1 941d 941d
general protection fault in kernfs_name_hash (6) 2 C error error 22 971d 1137d
kernel panic: EXT4-fs (device loop4): panic forced after error 2 1 944d 944d
android12-5.10-lts build error (2) -1 220 927d 1028d
VFS: Busy inodes after unmount (use-after-free) 2 C done inconclusive 1 995d 995d
general protection fault in filp_close 2 1 968d 968d
BUG: unable to handle kernel paging request in z_erofs_decompress_pcluster erofs 8 C error error 3 1013d 1111d
BUG: Bad page map -1 1 985d 985d
KASAN: use-after-free Read in hci_cmd_timeout 19 1 992d 992d
syzkaller: make host failed: failed to run ["make" "host" "ci"]: exit status 2 -1 2 996d 996d
kernel panic: corrupted stack end in sys_sendmmsg 2 syz error error 14 1010d 1036d
KASAN: use-after-free Read in fuse_copy_one 19 C error inconclusive 1 1097d 1097d
kernel BUG in jbd2_journal_get_create_access -1 syz error error 1 1105d 1105d
KASAN: stack-out-of-bounds Read in xfrm_state_find (2) 17 syz error error 1 1051d 1051d
BUG: scheduling while atomic in f2fs_register_inmem_page 5 C error inconclusive 1 977d 977d
KASAN: use-after-free Read in usb_udc_uevent 19 2 1010d 1033d
general protection fault in f2fs_release_page f2fs 19 3 1026d 1068d
general protection fault in tipc_conn_close (2) 2 6 1067d 1153d
KASAN: use-after-free Read in xpad_presence_work 19 1 1112d 1112d
kernel panic: EXT4-fs (device loop0): panic forced after error ext4 2 C 1 1058d 1058d
divide error in netem_enqueue (2) 2 1 1159d 1159d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields (2) 17 1 1177d 1177d
panic: runtime error: floating point error 2 1 1182d 1182d
KASAN: use-after-free Read in __cgroup_bpf_attach (3) 19 1 1196d 1196d
KASAN: use-after-free Read in __tcf_qdisc_find 19 1 1197d 1197d
KASAN: invalid-free in selinux_tun_dev_free_security 22 14 1191d 1200d
general protection fault in fq_codel_enqueue 2 1 1208d 1208d
BUG: corrupted list in pwq_dec_nr_in_flight (2) 8 1 1211d 1211d
general protection fault in tcp_sk_exit (2) 2 1 1219d 1219d
KASAN: use-after-free Read in css_free_rwork_fn (2) 19 2 1223d 1308d
android12-5.10-lts-superproject build error -1 24 1231d 1257d
panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[ 2 23 1144d 1146d
general protection fault in ext4_xattr_set_entry 2 C error 2 1151d 1165d
kernel BUG in ext4_es_cache_extent -1 C error 1 1176d 1176d
BUG: unable to handle kernel paging request in reuseport_select_sock 8 1 1250d 1250d
BUG: stack guard page was hit in corrupted (22) -1 syz done done 1 1287d 1287d
kernel panic: corrupted stack end in sys_futex 2 syz error error 1 1314d 1314d
KASAN: use-after-free Read in f2fs_available_free_memory 19 syz error error 7 1374d 1473d
BUG: unable to handle kernel NULL pointer dereference in ipv6_rcv 10 syz 1 1316d 1316d
divide error in netem_enqueue 2 2 1266d 1277d
general protection fault in tipc_conn_close 2 1 1282d 1282d
BUG: stack guard page was hit in file_open (11) -1 4 1284d 1287d
BUG: stack guard page was hit in sys_mkdir (5) -1 1 1286d 1286d
BUG: stack guard page was hit in sys_creat (10) -1 1 1287d 1287d
kernel BUG in collapse_huge_page -1 1 1294d 1294d
general protection fault in __device_attach 2 1 1296d 1296d
kernel BUG in blk_mq_dispatch_rq_list -1 C error 16 1215d 1415d
KASAN: use-after-free Read in __cgroup_bpf_attach (2) 19 1 1304d 1304d
KASAN: use-after-free Read in vcs_write 19 1 1305d 1305d
SYZFAIL: failed to mkdtemp -1 15 1306d 1473d
BUG: corrupted list in pwq_dec_nr_in_flight 8 1 1306d 1306d
corrupted report -1 289 1284d 1434d
BUG: corrupted list in p9_fd_cancelled (2) 8 3 1315d 1351d
general protection fault in tcp_sk_exit 2 1 1318d 1318d
SYZFAIL: tun: ioctl(TUNSETIFF) failed -1 7 1318d 1477d
kernel panic: corrupted stack end in file_open 2 1 1321d 1321d
general protection fault in icmpv6_sk_exit 2 1 1327d 1327d
general protection fault in mnt_want_write 2 1 1333d 1333d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) -1 3 1245d 1245d
general protection fault in del_gendisk (3) 2 C done 1 1275d 1275d
KASAN: use-after-free Read in io_uring_cancel_task_requests 19 1 1360d 1360d
KASAN: slab-out-of-bounds Read in fuse_inode_eq 17 5 1361d 1368d
KASAN: use-after-free Write in dir_mkdir 24 1 1367d 1367d
KASAN: null-ptr-deref Write in incfs_fresh_pending_reads_exist 12 1 1374d 1374d
general protection fault in kernfs_name_hash 2 C done 2 1309d 1309d
kernel BUG in notify_change (2) -1 C error 2 1302d 1302d
general protection fault in del_gendisk (2) 2 C error 2 1299d 1300d
SYZFAIL: sandbox fork failed -1 3 1382d 1465d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields 17 1 1421d 1421d
SYZFAIL: bad thread state in schedule -1 1 1401d 1401d
KASAN: stack-out-of-bounds Read in iov_iter_revert 17 C error 10 1330d 1483d
SYZFAIL: invalid syscall number -1 2 1420d 1442d
kernel BUG in ext4_free_blocks -1 3 1434d 1467d
general protection fault in io_prep_async_work 2 1 1404d 1404d
KASAN: use-after-free Read in io_kill_linked_timeout 19 C error 14 1352d 1400d
KASAN: use-after-free Read in __fdget_raw 19 C error error 1 1395d 1395d
KASAN: invalid-free in io_dismantle_req 22 C error 7 1362d 1357d
general protection fault in del_gendisk 2 C error 1 1362d 1469d
BUG: corrupted list in p9_fd_cancelled 8 1 1442d 1442d
KASAN: use-after-free Read in task_work_run 19 2 1476d 1475d
KASAN: use-after-free Write in chroot_fs_refs 24 2 1474d 1475d
BUG: stack guard page was hit in sys_fsetxattr -1 1 1386d 1386d
BUG: stack guard page was hit in sys_lsetxattr -1 C error inconclusive 2 1392d 1392d
BUG: stack guard page was hit in sys_setxattr -1 C error 6 1389d 1412d
BUG: stack guard page was hit in corrupted -1 C error 3 1377d 1412d
BUG: stack guard page was hit in sys_unlink -1 2 1412d 1412d
BUG: stack guard page was hit in sys_creat -1 C error done 7 1359d 1424d
BUG: stack guard page was hit in sys_lchown -1 C error 4 1380d 1429d
BUG: stack guard page was hit in sys_chdir -1 5 1358d 1430d
KASAN: use-after-free Read in css_free_rwork_fn 19 1 1449d 1449d
KASAN: use-after-free Read in rcu_cblist_dequeue 19 1 1481d 1475d
BUG: workqueue lockup -1 C error 25 1386d 1484d
KASAN: use-after-free Read in __cgroup_bpf_attach 19 2 1455d 1457d
KASAN: use-after-free Read in dev_uevent 19 1 1460d 1460d
general protection fault in bdev_read_page 2 1 1461d 1461d
SYZFAIL: out of opened kcov threads -1 47 1437d 1438d
SYZFAIL: tun: can't open /dev/net/tun -1 1 1470d 1470d
KASAN: use-after-free Read in compute_effective_progs 19 1 1466d 1466d
KASAN: stack-out-of-bounds Read in xfrm_state_find 17 1 1470d 1470d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) -1 1 1392d 1392d
android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit -1 69 1446d 1473d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 -1 1 1465d 1465d
android12-5.10-lts build error -1 1 1487d 1487d