syzbot

 sign-in | mailing list | source | docs
🐞 Open [135]
🐞 Fixed [69]
🐞 Invalid [292]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

Out of 292 bugs, 247 were automatically obsoleted (43 due to revoked reproducers), 45 were invalidated by users.
Extra filters: [With Repro]
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported
KASAN: use-after-free Read in path_put 19 8 95d 100d
kernel BUG in ext4_ext_map_blocks -1 1 97d 97d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (10) -1 16 75d 115d
BUG: unable to handle kernel paging request in sk_filter_trim_cap 8 2 124d 141d
KASAN: use-after-free Read in hci_uart_write_work (2) 19 1 127d 127d
BUG: soft lockup in addrconf_rs_timer (3) 1 1 128d 128d
BUG: soft lockup in sys_clone (3) 1 1 130d 130d
BUG: soft lockup in sys_exit_group (2) 1 1 133d 133d
KASAN: use-after-free Read in ipt_do_table 19 4 144d 193d
SYZFAIL: SIGILL -1 9 147d 483d
KASAN: use-after-free Read in seq_printf (2) 19 1 149d 149d
SYZFAIL: event already set -1 syz error error 35 151d 1639d
BUG: soft lockup in sys_bpf (2) 1 1 151d 151d
KASAN: wild-memory-access Read in page_add_file_rmap 17 1 153d 153d
KASAN: use-after-free Write in l2tp_session_delete (3) 22 5 154d 270d
KASAN: wild-memory-access Read in page_remove_rmap 17 syz error 3 155d 191d
BUG: soft lockup in sys_clone3 1 1 155d 155d
KASAN: use-after-free Read in fast_dput (3) 19 27 147d 290d
BUG: soft lockup in bpf_prog_release 1 1 193d 193d
syzkaller: make host failed: failed to run ["make" "host" "ci" "agent"]: exit status 2 -1 2 126d 126d
BUG: soft lockup in sys_recvmsg (2) 1 C error 2 235d 415d
KASAN: use-after-free Read in hci_uart_write_work 19 2 225d 238d
KASAN: use-after-free Read in f2fs_release_page 19 2 227d 236d
BUG: soft lockup in rcu_core_si 1 1 230d 230d
KASAN: null-ptr-deref Write in incfs_kill_sb 12 1 239d 239d
SYZFAIL: failed to recv rpc -1 syz 1264 163d 705d
general protection fault in ip6_create_rt_rcu (2) 2 1 253d 253d
general protection fault in inherit_task_group 2 C 48 265d 846d
KASAN: use-after-free Read in seq_printf 19 15 261d 368d
KASAN: use-after-free Read in steam_send_report 19 3 262d 274d
BUG: soft lockup in sys_openat 1 1 263d 263d
KASAN: use-after-free Write in __ip6_del_rt 22 syz 11 266d 415d
KASAN: use-after-free Read in fib_flush 19 7 268d 369d
BUG: soft lockup in sys_clone (2) 1 1 278d 278d
BUG: soft lockup in sys_bind 1 1 283d 283d
SYZFAIL: mount(tmpfs) failed -1 1 285d 285d
general protection fault in nexthop_get_nhc_lookup 2 syz 20 256d 337d
general protection fault in find_match 2 50 254d 433d
KASAN: use-after-free Read in f2fs_inode_dirtied 19 C done 3 306d 356d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (9) -1 2 207d 207d
SYZFAIL: SIGSEGV (2) -1 3 298d 392d
kernel BUG in ext4_create_inline_data -1 C done 2 314d 375d
KASAN: slab-out-of-bounds Read in mon_bin_event 17 C done 60 291d 345d
BUG: scheduling while atomic in futex_wait_queue_me 5 1 316d 316d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (8) -1 2 238d 238d
KASAN: slab-out-of-bounds Write in try_module_get 21 11 333d 404d
BUG: soft lockup in sock_read_iter 1 2 335d 348d
KASAN: use-after-free Write in u32_destroy_key 22 1 339d 339d
general protection fault in lo_ioctl 2 1 351d 351d
KASAN: use-after-free Read in ext4_xattr_inode_dec_ref_all 19 C done 3 414d 442d
KASAN: use-after-free Read in tw_timer_handler 19 syz 10 333d 366d
SYZFAIL: SIGFPE (2) -1 8 365d 542d
KASAN: use-after-free Read in exact_lock (2) 19 172 333d 412d
KASAN: use-after-free Read in tcp_net_metrics_exit_batch 19 613 333d 371d
KASAN: use-after-free Read in inet_twsk_purge 19 74 336d 370d
general protection fault in tipc_conn_close (4) 2 2 378d 445d
general protection fault in __rt6_nh_dev_match 2 2 383d 395d
KASAN: slab-out-of-bounds Read in dentry_revalidate 17 2 389d 467d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return (2) 4 C error 2 403d 594d
general protection fault in ip6_create_rt_rcu 2 1 395d 395d
SYZFAIL: netlink_send_ext: short netlink write (2) -1 2 397d 462d
KASAN: use-after-free Write in l2tp_session_delete (2) 22 3 398d 498d
BUG: soft lockup in cleanup_net 1 1 400d 400d
BUG: soft lockup in input_repeat_key 1 C error 3 453d 962d
general protection fault in __loop_clr_fd 2 1 402d 402d
KASAN: use-after-free Read in fast_dput (2) 19 1 403d 403d
KASAN: use-after-free Write in ext4_insert_dentry 22 C done 25 416d 636d
kernel BUG in ext4_ind_map_blocks -1 2 408d 426d
BUG: soft lockup in addrconf_rs_timer (2) 1 C 265 388d 719d
kernel BUG in blk_mq_dispatch_rq_list (4) fat -1 C error 16 1075d 1327d
BUG: unable to handle kernel paging request in __gnet_stats_copy_basic 8 1 411d 411d
general protection fault in current_umask 2 C unreliable 5 422d 633d
KASAN: use-after-free Write in skb_release_data 22 1 414d 414d
KASAN: use-after-free Write in tipc_mon_reinit_self 22 1 438d 438d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (7) -1 2 360d 360d
SYZFAIL: open(/proc/self/ns/net) failed -1 1 450d 450d
BUG: soft lockup in sock_write_iter 1 1 457d 457d
KASAN: use-after-free Read in br_multicast_port_group_expired (2) 19 1 474d 474d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (6) -1 8 478d 549d
KASAN: stack-out-of-bounds Read in __xfrm_dst_hash 17 1 486d 486d
KASAN: use-after-free Read in exact_lock 19 53 464d 474d
kernel BUG in vlan_get_protocol_dgram -1 C done 6 516d 631d
KASAN: use-after-free Read in fast_dput 19 14 508d 697d
SYZFAIL: iptable checkpoint: socket(SOCK_STREAM, IPPROTO_TCP) failed -1 4 509d 596d
SYZFAIL: ebtable: socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) -1 81 493d 681d
KASAN: use-after-free Read in lock_get_status 19 4 545d 561d
BUG: corrupted list in tipc_nametbl_translate 8 2 547d 570d
general protection fault in cleanup_bearer 19 C 14034 529d 532d
KASAN: out-of-bounds Read in __show_regs 17 1 550d 550d
BUG: soft lockup in br_multicast_group_expired (2) 1 1 553d 553d
BUG: Bad page map (3) -1 3 555d 700d
KASAN: use-after-free Write in virtio_transport_recv_pkt 22 C inconclusive 1 607d 799d
KASAN: use-after-free Read in bdev_try_to_free_page 19 1 560d 560d
KASAN: use-after-free Read in binder_release_work 19 C 154 542d 577d
BUG: soft lockup in mntput 1 1 579d 579d
SYZFAIL: handshake read failed -1 1 598d 598d
KASAN: use-after-free Write in l2tp_session_delete 22 2 598d 622d
kernel BUG in vlan_get_tci -1 2 603d 631d
SYZFAIL: netlink_send_ext: short netlink write -1 4 609d 698d
SYZFAIL: posix_spawn failed -1 9928 572d 708d
SYZFAIL: mmap of output file failed -1 20 596d 697d
SYZFAIL: child failed -1 syz error error 1 621d 1629d
KASAN: use-after-free Read in ext4_convert_inline_data_nolock 19 syz error 1 640d 773d
KASAN: use-after-free Read in __ext4_check_dir_entry 19 C error 2 645d 763d
BUG: corrupted list in p9_fd_cancelled (4) 8 4 625d 735d
BUG: unable to handle kernel paging request in __raw_callee_save___kvm_vcpu_is_preempted 8 1 634d 634d
SYZFAIL: mkdir(syz-tmp) failed -1 299 595d 708d
SYZFAIL: bad allocate request -1 148 596d 706d
KASAN: use-after-free Read in wg_queue_enqueue_per_peer_tx 19 2 636d 641d
SYZFAIL: ShmemBuilder: too large output offset -1 51 596d 704d
general protection fault in steam_send_report 2 1 637d 637d
SYZFAIL: can't reallocate -1 1 641d 641d
SYZFAIL: SIGSEGV -1 841 603d 716d
KASAN: use-after-free Write in __tlb_remove_page_size 22 1 644d 644d
SYZFAIL: SIGFPE -1 2 646d 691d
general protection fault in free_swap_cache 2 1 655d 655d
KASAN: stack-out-of-bounds Read in __show_regs 17 1 656d 656d
BUG: soft lockup in br_multicast_port_group_expired 1 1 657d 657d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (5) -1 30 627d 746d
KASAN: use-after-free Read in br_multicast_port_group_expired 19 1 660d 660d
BUG: soft lockup in net_rx_action 1 2 660d 672d
BUG: soft lockup in __run_timers 1 2 661d 730d
BUG: soft lockup in sys_sendmmsg 1 2 662d 662d
KASAN: use-after-free Read in usb_udc_uevent (3) 19 1 663d 663d
BUG: soft lockup in __netif_receive_skb_core 1 1 665d 665d
KASAN: use-after-free Read in unaccount_page_cache_page (2) 19 1 667d 667d
KASAN: use-after-free Read in worker_thread 19 1 669d 669d
BUG: soft lockup in wg_expired_send_persistent_keepalive 1 1 673d 673d
BUG: soft lockup in br_multicast_group_expired 1 1 674d 674d
BUG: soft lockup in ip_list_rcv 1 1 674d 674d
BUG: soft lockup in run_rebalance_domains 1 1 675d 675d
BUG: soft lockup in ipv6_rcv 1 3 680d 696d
KASAN: null-ptr-deref Write in __kernfs_remove 12 1 683d 683d
BUG: soft lockup in vfork 1 1 684d 684d
BUG: soft lockup in sys_exit_group 1 1 691d 691d
SYZFAIL: bad thread state in completion -1 syz error error 5 1279d 1621d
KASAN: use-after-free Read in dev_get_by_index_rcu 19 1 700d 700d
BUG: soft lockup in sys_clone 1 1 704d 704d
BUG: soft lockup in sys_recvmsg 1 4 705d 783d
SYZFAIL: control pipe read failed -1 1 707d 707d
SYZFAIL: too many calls in output -1 2 712d 713d
BUG: soft lockup in sys_bpf 1 2 718d 722d
BUG: unable to handle kernel paging request in swake_up_locked 8 C inconclusive 1 736d 767d
KASAN: use-after-free Read in macsec_get_iflink 19 syz error 2 741d 867d
KASAN: use-after-free Read in wg_packet_send_staged_packets 19 1 766d 766d
go runtime error 2 22 768d 1047d
SYZFAIL: tun read failed -1 syz error error 123 694d 1693d
SYZFAIL: proc resp pipe read failed -1 73 702d 717d
general protection fault in fq_codel_enqueue (2) 2 2 781d 783d
panic: runtime error: floating point error [recovered] 2 1 789d 789d
android13-5.10-lts build error -1 44 752d 772d
KASAN: use-after-free Read in f2fs_write_end_io 19 1 796d 796d
syzkaller: failed to copy syzkaller: file bin/linux_arm64/syz-fuzzer does not exist -1 2 718d 718d
BUG: unable to handle kernel paging request in fuse_dev_do_write (3) 8 1 810d 810d
KASAN: use-after-free Read in unaccount_page_cache_page 19 150 781d 1310d
general protection fault in mnt_want_write (2) 2 1 848d 848d
BUG: corrupted list in p9_fd_cancelled (3) 8 C done unreliable 38 865d 950d
KASAN: stack-out-of-bounds Read in update_stack_state 17 1 861d 861d
panic: replaceArg: group fields don't match: NUM/NUM 2 13 825d 825d
general protection fault in skb_segment 2 C done 1 900d 914d
KASAN: use-after-free Read in key_task_permission 19 1 899d 899d
android13-5.10-lts test error: lost connection to test machine -1 1 905d 905d
BUG: unable to handle kernel paging request in fuse_dev_do_write (2) 8 1 930d 930d
KASAN: null-ptr-deref Write in backing_data_changed 12 C done 3 955d 1027d
general protection fault in __writeback_single_inode 2 1 972d 972d
BUG: Bad page map (2) -1 1 974d 974d
KASAN: use-after-free Read in locked_inode_to_wb_and_lock_list 19 2 978d 1009d
general protection fault in tipc_conn_close (3) 2 1 1001d 1001d
kernel BUG in __block_commit_write -1 1 1003d 1003d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (4) -1 20 1012d 1214d
corrupted report (2) -1 6 1013d 1090d
BUG: soft lockup in wg_packet_tx_worker 1 5 1022d 1072d
BUG: soft lockup in neigh_timer_handler 1 2 1023d 1031d
BUG: soft lockup in wg_packet_handshake_send_worker 1 6 1030d 1070d
BUG: soft lockup in sys_sendto 1 2 1031d 1067d
kernel panic: EXT4-fs (device loop2): panic forced after error 2 1 1034d 1034d
BUG: soft lockup in tc_modify_qdisc 1 C done done 314 1018d 1071d
BUG: soft lockup in addrconf_rs_timer 1 2 1047d 1065d
fatal error: fault -1 1 1054d 1054d
BUG: using smp_processor_id() in preemptible code in usbnet_skb_return 4 syz error error 2 1056d 1536d
fatal error: Connection to IP closed by remote host. -1 3 1071d 1194d
BUG: stack guard page was hit in corrupted (23) -1 syz error error 1 1095d 1095d
KASAN: use-after-free Read in usb_udc_uevent (2) 19 1 1092d 1092d
kernel BUG in ext4_expand_extra_isize_ea -1 C done done 5 1105d 1119d
BUG: unable to handle kernel paging request in fuse_dev_do_write 8 18 1066d 1131d
KASAN: global-out-of-bounds Read in f2fs_release_page 19 2 1104d 1136d
SYZFAIL: clock_gettime failed -1 syz error error 5 1111d 1636d
KASAN: use-after-free Read in f2fs_remove_dirty_inode 19 C error error 4 1125d 1181d
general protection fault in do_swap_page 2 246 1095d 1532d
kernel panic: EXT4-fs (device loop3): panic forced after error 2 1 1148d 1148d
general protection fault in kernfs_name_hash (6) 2 C error error 22 1179d 1344d
kernel panic: EXT4-fs (device loop4): panic forced after error 2 1 1152d 1152d
android12-5.10-lts build error (2) -1 220 1135d 1236d
VFS: Busy inodes after unmount (use-after-free) 2 C done inconclusive 1 1202d 1202d
general protection fault in filp_close 2 1 1175d 1175d
BUG: unable to handle kernel paging request in z_erofs_decompress_pcluster erofs 8 C error error 3 1220d 1318d
BUG: Bad page map -1 1 1193d 1193d
KASAN: use-after-free Read in hci_cmd_timeout 19 1 1199d 1199d
syzkaller: make host failed: failed to run ["make" "host" "ci"]: exit status 2 -1 2 1203d 1203d
kernel panic: corrupted stack end in sys_sendmmsg 2 syz error error 14 1218d 1243d
KASAN: use-after-free Read in fuse_copy_one 19 C error inconclusive 1 1305d 1305d
kernel BUG in jbd2_journal_get_create_access -1 syz error error 1 1312d 1312d
KASAN: stack-out-of-bounds Read in xfrm_state_find (2) 17 syz error error 1 1258d 1258d
BUG: scheduling while atomic in f2fs_register_inmem_page 5 C error inconclusive 1 1184d 1184d
KASAN: use-after-free Read in usb_udc_uevent 19 2 1217d 1241d
general protection fault in f2fs_release_page f2fs 19 3 1233d 1275d
general protection fault in tipc_conn_close (2) 2 6 1275d 1361d
KASAN: use-after-free Read in xpad_presence_work 19 1 1320d 1320d
kernel panic: EXT4-fs (device loop0): panic forced after error ext4 2 C 1 1265d 1265d
divide error in netem_enqueue (2) 2 1 1366d 1366d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields (2) 17 1 1385d 1385d
panic: runtime error: floating point error 2 1 1389d 1389d
KASAN: use-after-free Read in __cgroup_bpf_attach (3) 19 1 1404d 1404d
KASAN: use-after-free Read in __tcf_qdisc_find 19 1 1405d 1405d
KASAN: invalid-free in selinux_tun_dev_free_security 24 14 1398d 1408d
general protection fault in fq_codel_enqueue 2 1 1415d 1415d
BUG: corrupted list in pwq_dec_nr_in_flight (2) 8 1 1418d 1418d
general protection fault in tcp_sk_exit (2) 2 1 1426d 1426d
KASAN: use-after-free Read in css_free_rwork_fn (2) 19 2 1430d 1515d
android12-5.10-lts-superproject build error -1 24 1438d 1465d
panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[ 2 23 1352d 1353d
general protection fault in ext4_xattr_set_entry 2 C error 2 1358d 1373d
kernel BUG in ext4_es_cache_extent -1 C error 1 1384d 1384d
BUG: unable to handle kernel paging request in reuseport_select_sock 8 1 1458d 1458d
BUG: stack guard page was hit in corrupted (22) -1 syz done done 1 1494d 1494d
kernel panic: corrupted stack end in sys_futex 2 syz error error 1 1522d 1522d
KASAN: use-after-free Read in f2fs_available_free_memory 19 syz error error 7 1581d 1681d
BUG: unable to handle kernel NULL pointer dereference in ipv6_rcv 10 syz 1 1524d 1524d
divide error in netem_enqueue 2 2 1474d 1485d
general protection fault in tipc_conn_close 2 1 1490d 1490d
BUG: stack guard page was hit in file_open (11) -1 4 1492d 1494d
BUG: stack guard page was hit in sys_mkdir (5) -1 1 1494d 1494d
BUG: stack guard page was hit in sys_creat (10) -1 1 1494d 1494d
kernel BUG in collapse_huge_page -1 1 1501d 1501d
general protection fault in __device_attach 2 1 1503d 1503d
kernel BUG in blk_mq_dispatch_rq_list -1 C error 16 1422d 1622d
KASAN: use-after-free Read in __cgroup_bpf_attach (2) 19 1 1511d 1511d
KASAN: use-after-free Read in vcs_write 19 1 1512d 1512d
SYZFAIL: failed to mkdtemp -1 15 1513d 1681d
BUG: corrupted list in pwq_dec_nr_in_flight 8 1 1513d 1513d
corrupted report -1 289 1492d 1641d
BUG: corrupted list in p9_fd_cancelled (2) 8 3 1523d 1558d
general protection fault in tcp_sk_exit 2 1 1526d 1526d
SYZFAIL: tun: ioctl(TUNSETIFF) failed -1 7 1526d 1684d
kernel panic: corrupted stack end in file_open 2 1 1528d 1528d
general protection fault in icmpv6_sk_exit 2 1 1534d 1534d
general protection fault in mnt_want_write 2 1 1541d 1541d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (3) -1 3 1453d 1453d
general protection fault in del_gendisk (3) 2 C done 1 1482d 1482d
KASAN: use-after-free Read in io_uring_cancel_task_requests 19 1 1568d 1568d
KASAN: slab-out-of-bounds Read in fuse_inode_eq 17 5 1568d 1576d
KASAN: use-after-free Write in dir_mkdir 22 1 1575d 1575d
KASAN: null-ptr-deref Write in incfs_fresh_pending_reads_exist 12 1 1581d 1581d
general protection fault in kernfs_name_hash 2 C done 2 1516d 1516d
kernel BUG in notify_change (2) -1 C error 2 1510d 1510d
general protection fault in del_gendisk (2) 2 C error 2 1506d 1507d
SYZFAIL: sandbox fork failed -1 3 1589d 1673d
KASAN: vmalloc-out-of-bounds Read in init_srcu_struct_fields 17 1 1628d 1628d
SYZFAIL: bad thread state in schedule -1 1 1608d 1608d
KASAN: stack-out-of-bounds Read in iov_iter_revert 17 C error 10 1538d 1690d
SYZFAIL: invalid syscall number -1 2 1628d 1649d
kernel BUG in ext4_free_blocks -1 3 1642d 1674d
general protection fault in io_prep_async_work 2 1 1611d 1611d
KASAN: use-after-free Read in io_kill_linked_timeout 19 C error 14 1560d 1607d
KASAN: use-after-free Read in __fdget_raw 19 C error error 1 1603d 1603d
KASAN: invalid-free in io_dismantle_req 24 C error 7 1570d 1564d
general protection fault in del_gendisk 2 C error 1 1570d 1676d
BUG: corrupted list in p9_fd_cancelled 8 1 1650d 1650d
KASAN: use-after-free Read in task_work_run 19 2 1684d 1683d
KASAN: use-after-free Write in chroot_fs_refs 22 2 1681d 1683d
BUG: stack guard page was hit in sys_fsetxattr -1 1 1594d 1594d
BUG: stack guard page was hit in sys_lsetxattr -1 C error inconclusive 2 1600d 1600d
BUG: stack guard page was hit in sys_setxattr -1 C error 6 1597d 1619d
BUG: stack guard page was hit in corrupted -1 C error 3 1584d 1620d
BUG: stack guard page was hit in sys_unlink -1 2 1619d 1620d
BUG: stack guard page was hit in sys_creat -1 C error done 7 1567d 1631d
BUG: stack guard page was hit in sys_lchown -1 C error 4 1587d 1636d
BUG: stack guard page was hit in sys_chdir -1 5 1565d 1637d
KASAN: use-after-free Read in css_free_rwork_fn 19 1 1656d 1656d
KASAN: use-after-free Read in rcu_cblist_dequeue 19 1 1689d 1683d
BUG: workqueue lockup -1 C error 25 1593d 1692d
KASAN: use-after-free Read in __cgroup_bpf_attach 19 2 1662d 1665d
KASAN: use-after-free Read in dev_uevent 19 1 1667d 1667d
general protection fault in bdev_read_page 2 1 1668d 1668d
SYZFAIL: out of opened kcov threads -1 47 1644d 1645d
SYZFAIL: tun: can't open /dev/net/tun -1 1 1678d 1678d
KASAN: use-after-free Read in compute_effective_progs 19 1 1674d 1674d
KASAN: stack-out-of-bounds Read in xfrm_state_find 17 1 1678d 1678d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 (2) -1 1 1599d 1599d
android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit -1 69 1654d 1680d
syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1 -1 1 1673d 1673d
android12-5.10-lts build error -1 1 1695d 1695d