syzbot

 sign-in | mailing list | source | docs
🐞 Open [1488]
Subsystems
🐞 Fixed [6543]
🐞 Invalid [16723]
Missing Backports [202]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: kernel-infoleak in i2cdev_ioctl_smbus

Status: upstream: reported C repro on 2025/05/02 18:58
Subsystems: i2c
[Documentation on labels]
Reported-by: syzbot+08b819a87faa6def6dfb@syzkaller.appspotmail.com
First crash: 128d, last: 6h51m
Discussions (4)
Title Replies (including bot) Last reply
[PATCH v2] media: dvb-usb: az6027: fix return value of az6027_i2c_xfer() 1 (1) 2025/05/06 00:09
[PATCH] media: dvb-usb: az6027: fix return value of az6027_i2c_xfer() 1 (1) 2025/05/05 22:40
[PATCH] media: dvb-usb: az6027: fix return value of az6027_i2c_xfer() 1 (1) 2025/05/05 21:20
[syzbot] [i2c?] KMSAN: kernel-infoleak in i2cdev_ioctl_smbus 0 (2) 2025/05/05 01:42
Last patch testing requests (2)
Created Duration User Patch Repo Result
2025/06/09 20:51 30m retest repro upstream report log
2025/05/05 01:42 1h06m praveen.balakrishnan@magd.ox.ac.uk patch upstream OK log

Sample crash report:
=====================================================
BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]
BUG: KMSAN: kernel-infoleak in _inline_copy_to_user include/linux/uaccess.h:196 [inline]
BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120 lib/usercopy.c:26
 instrument_copy_to_user include/linux/instrumented.h:114 [inline]
 _inline_copy_to_user include/linux/uaccess.h:196 [inline]
 _copy_to_user+0xcc/0x120 lib/usercopy.c:26
 copy_to_user include/linux/uaccess.h:225 [inline]
 i2cdev_ioctl_smbus+0x586/0x660 drivers/i2c/i2c-dev.c:394
 i2cdev_ioctl+0xa14/0xf40 drivers/i2c/i2c-dev.c:478
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:598 [inline]
 __se_sys_ioctl+0x23c/0x400 fs/ioctl.c:584
 __x64_sys_ioctl+0x97/0xe0 fs/ioctl.c:584
 x64_sys_call+0x1cbc/0x3e20 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 i2c_smbus_xfer_emulated drivers/i2c/i2c-core-smbus.c:496 [inline]
 __i2c_smbus_xfer+0x254d/0x2f60 drivers/i2c/i2c-core-smbus.c:608
 i2c_smbus_xfer+0x31d/0x4d0 drivers/i2c/i2c-core-smbus.c:546
 i2cdev_ioctl_smbus+0x4a1/0x660 drivers/i2c/i2c-dev.c:389
 i2cdev_ioctl+0xa14/0xf40 drivers/i2c/i2c-dev.c:478
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:598 [inline]
 __se_sys_ioctl+0x23c/0x400 fs/ioctl.c:584
 __x64_sys_ioctl+0x97/0xe0 fs/ioctl.c:584
 x64_sys_call+0x1cbc/0x3e20 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Local variable msgbuf1.i created at:
 i2c_smbus_xfer_emulated drivers/i2c/i2c-core-smbus.c:335 [inline]
 __i2c_smbus_xfer+0x86a/0x2f60 drivers/i2c/i2c-core-smbus.c:608
 i2c_smbus_xfer+0x31d/0x4d0 drivers/i2c/i2c-core-smbus.c:546

Bytes 0-1 of 2 are uninitialized
Memory access of size 2 starts at ffff88804a043d06
Data copied to user address 0000200000000040

CPU: 1 UID: 0 PID: 6219 Comm: syz.0.109 Not tainted syzkaller #0 PREEMPT(none) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
=====================================================

Crashes (490):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/08/19 10:45 upstream be48bcf004f9 523f460e .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/02 08:57 upstream 02ddfb981de8 51b137cd .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/03 23:11 upstream ec299e4dc21e 96a211bc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/03 09:01 upstream e6b9dce0aeeb 96a211bc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/03 05:06 upstream e6b9dce0aeeb 091ba174 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/03 03:39 upstream e6b9dce0aeeb 091ba174 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/03 00:35 upstream e6b9dce0aeeb 091ba174 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/02 13:26 upstream b320789d6883 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/02 09:42 upstream b320789d6883 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/02 04:04 upstream b320789d6883 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/02 00:26 upstream b320789d6883 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/31 23:25 upstream 5c3b3264e585 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/31 20:56 upstream 5c3b3264e585 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/31 14:39 upstream c8bc81a52d5a 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/31 08:17 upstream c8bc81a52d5a 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/31 00:46 upstream 11e7861d680c 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/30 12:21 upstream fb679c832b64 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/30 09:29 upstream fb679c832b64 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/28 11:49 upstream 07d9df80082b 443c11c7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/27 20:29 upstream 39f90c196721 e12e5ba4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/27 14:27 upstream fab1beda7597 e12e5ba4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/27 05:20 upstream fab1beda7597 e12e5ba4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/26 21:37 upstream fab1beda7597 e12e5ba4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/26 16:54 upstream fab1beda7597 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/26 07:53 upstream fab1beda7597 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/25 19:26 upstream b6add54ba618 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/25 18:25 upstream b6add54ba618 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/25 12:38 upstream 69fd6b99b8f8 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/25 10:04 upstream 69fd6b99b8f8 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/24 16:59 upstream 69fd6b99b8f8 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/24 09:52 upstream 8d245acc1e88 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/24 07:23 upstream 8d245acc1e88 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/23 07:44 upstream 6debb6904172 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/22 03:45 upstream 3957a5720157 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/22 02:56 upstream 3957a5720157 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/21 16:20 upstream 32b7144f806e 0b9605c8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/21 02:00 upstream 41cd3fd15263 0b9605c8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/02 20:51 upstream b320789d6883 091ba174 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/02 20:49 upstream b320789d6883 091ba174 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/01 19:54 upstream b320789d6883 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/09/01 01:27 upstream 5c3b3264e585 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/30 18:48 upstream 11e7861d680c 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/27 00:59 upstream fab1beda7597 e12e5ba4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/25 01:54 upstream c330cb607721 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/23 20:49 upstream 8d245acc1e88 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/23 09:36 upstream 6debb6904172 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/21 18:57 upstream 32b7144f806e 0b9605c8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/21 03:45 upstream 41cd3fd15263 0b9605c8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/20 18:40 upstream b19a97d57c15 bd178e57 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/08/20 16:39 upstream b19a97d57c15 bd178e57 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
* Struck through repros no longer work on HEAD.