syzbot

 sign-in | mailing list | source | docs
🐞 Open [1572]
Subsystems
🐞 Fixed [6355]
🐞 Invalid [16202]
Missing Backports [194]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: kernel-infoleak in i2cdev_ioctl_smbus

Status: upstream: reported C repro on 2025/05/02 18:58
Subsystems: i2c
[Documentation on labels]
Reported-by: syzbot+08b819a87faa6def6dfb@syzkaller.appspotmail.com
First crash: 67d, last: 14h32m
Discussions (4)
Title Replies (including bot) Last reply
[PATCH v2] media: dvb-usb: az6027: fix return value of az6027_i2c_xfer() 1 (1) 2025/05/06 00:09
[PATCH] media: dvb-usb: az6027: fix return value of az6027_i2c_xfer() 1 (1) 2025/05/05 22:40
[PATCH] media: dvb-usb: az6027: fix return value of az6027_i2c_xfer() 1 (1) 2025/05/05 21:20
[syzbot] [i2c?] KMSAN: kernel-infoleak in i2cdev_ioctl_smbus 0 (2) 2025/05/05 01:42
Last patch testing requests (2)
Created Duration User Patch Repo Result
2025/06/09 20:51 30m retest repro upstream report log
2025/05/05 01:42 1h06m praveen.balakrishnan@magd.ox.ac.uk patch upstream OK log

Sample crash report:
=====================================================
BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]
BUG: KMSAN: kernel-infoleak in _inline_copy_to_user include/linux/uaccess.h:196 [inline]
BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120 lib/usercopy.c:26
 instrument_copy_to_user include/linux/instrumented.h:114 [inline]
 _inline_copy_to_user include/linux/uaccess.h:196 [inline]
 _copy_to_user+0xcc/0x120 lib/usercopy.c:26
 copy_to_user include/linux/uaccess.h:225 [inline]
 i2cdev_ioctl_smbus+0x586/0x660 drivers/i2c/i2c-dev.c:394
 i2cdev_ioctl+0xa14/0xf40 drivers/i2c/i2c-dev.c:478
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:906 [inline]
 __se_sys_ioctl+0x239/0x400 fs/ioctl.c:892
 __x64_sys_ioctl+0x97/0xe0 fs/ioctl.c:892
 x64_sys_call+0x1ebe/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0x1b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 i2c_smbus_xfer_emulated drivers/i2c/i2c-core-smbus.c:495 [inline]
 __i2c_smbus_xfer+0x254d/0x2f60 drivers/i2c/i2c-core-smbus.c:607
 i2c_smbus_xfer+0x31d/0x4d0 drivers/i2c/i2c-core-smbus.c:545
 i2cdev_ioctl_smbus+0x4a1/0x660 drivers/i2c/i2c-dev.c:389
 i2cdev_ioctl+0xa14/0xf40 drivers/i2c/i2c-dev.c:478
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:906 [inline]
 __se_sys_ioctl+0x239/0x400 fs/ioctl.c:892
 __x64_sys_ioctl+0x97/0xe0 fs/ioctl.c:892
 x64_sys_call+0x1ebe/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0x1b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Local variable msgbuf1.i created at:
 i2c_smbus_xfer_emulated drivers/i2c/i2c-core-smbus.c:334 [inline]
 __i2c_smbus_xfer+0x86a/0x2f60 drivers/i2c/i2c-core-smbus.c:607
 i2c_smbus_xfer+0x31d/0x4d0 drivers/i2c/i2c-core-smbus.c:545

Bytes 0-1 of 2 are uninitialized
Memory access of size 2 starts at ffff88812e8b7d06
Data copied to user address 0000200000000080

CPU: 1 UID: 0 PID: 5885 Comm: syz-executor221 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(undef) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
=====================================================

Crashes (226):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/05/02 08:57 upstream 02ddfb981de8 51b137cd .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/07/04 19:27 upstream 4c06e63b9203 d869b261 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/07/04 17:08 upstream 4c06e63b9203 76ad128c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/07/04 10:07 upstream 17bbde2e1716 76ad128c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/07/03 19:38 upstream 17bbde2e1716 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/07/03 09:37 upstream b4911fb0b060 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/07/01 20:32 upstream 66701750d556 ffe4b334 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/28 21:21 upstream aaf724ed6926 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/28 13:08 upstream 35e261cd95dd fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/28 06:54 upstream 35e261cd95dd fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/27 01:02 upstream e34a79b96ab9 803ce19b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/23 20:23 upstream 86731a2a651e 1a7fb460 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/23 20:23 upstream 86731a2a651e 1a7fb460 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/23 02:59 upstream b67ec639010f d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/22 05:12 upstream 3f75bfff44be d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/17 13:32 upstream 9afe652958c3 417d98fa .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/11 23:31 upstream 488ef3560196 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/10 22:44 upstream f09079bd04a9 5d7e17ca .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/26 19:16 upstream 0ff41df1cb26 874a1386 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/26 15:22 upstream 0ff41df1cb26 2d4582d0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/26 04:11 upstream 0f8c0258bf04 2d4582d0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/23 15:28 upstream 94305e83eccb f8cc0c83 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/27 12:02 upstream 67a993863163 803ce19b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/27 03:40 upstream e34a79b96ab9 803ce19b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/26 18:47 upstream ee88bddf7f2f 26d77996 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/23 17:36 upstream 86731a2a651e d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/23 10:26 upstream b67ec639010f d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/23 07:00 upstream b67ec639010f d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/23 05:49 upstream b67ec639010f d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/22 10:08 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/19 11:42 upstream fb4d33ab452e ed3e87f7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/19 06:35 upstream fb4d33ab452e ed3e87f7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/19 00:47 upstream 52da431bf03b ca631f70 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/18 08:40 upstream 52da431bf03b e77fae15 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/18 02:59 upstream 52da431bf03b 417d98fa .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/17 17:32 upstream 9afe652958c3 417d98fa .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/26 20:45 upstream 0ff41df1cb26 874a1386 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/26 09:24 upstream 0f8c0258bf04 2d4582d0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/25 13:28 upstream d0c22de9995b ed351ea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/24 20:53 upstream b1427432d3b6 ed351ea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/24 07:13 upstream 4856ebd99715 ed351ea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/24 00:40 upstream eccf6f2f6ab9 f8cc0c83 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/23 21:01 upstream eccf6f2f6ab9 f8cc0c83 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/23 16:52 upstream 94305e83eccb f8cc0c83 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/23 07:01 upstream 94305e83eccb fa44301a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/23 06:50 upstream 94305e83eccb fa44301a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
* Struck through repros no longer work on HEAD.