syzbot

 sign-in | mailing list | source | docs
🐞 Open [1604]
Subsystems
🐞 Fixed [6300]
🐞 Invalid [16047]
Missing Backports [190]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: kernel-infoleak in i2cdev_ioctl_smbus

Status: upstream: reported C repro on 2025/05/02 18:58
Subsystems: i2c
[Documentation on labels]
Reported-by: syzbot+08b819a87faa6def6dfb@syzkaller.appspotmail.com
First crash: 50d, last: 6h13m
Discussions (4)
Title Replies (including bot) Last reply
[PATCH v2] media: dvb-usb: az6027: fix return value of az6027_i2c_xfer() 1 (1) 2025/05/06 00:09
[PATCH] media: dvb-usb: az6027: fix return value of az6027_i2c_xfer() 1 (1) 2025/05/05 22:40
[PATCH] media: dvb-usb: az6027: fix return value of az6027_i2c_xfer() 1 (1) 2025/05/05 21:20
[syzbot] [i2c?] KMSAN: kernel-infoleak in i2cdev_ioctl_smbus 0 (2) 2025/05/05 01:42
Last patch testing requests (2)
Created Duration User Patch Repo Result
2025/06/09 20:51 30m retest repro upstream report log
2025/05/05 01:42 1h06m praveen.balakrishnan@magd.ox.ac.uk patch upstream OK log

Sample crash report:
=====================================================
BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]
BUG: KMSAN: kernel-infoleak in _inline_copy_to_user include/linux/uaccess.h:196 [inline]
BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120 lib/usercopy.c:26
 instrument_copy_to_user include/linux/instrumented.h:114 [inline]
 _inline_copy_to_user include/linux/uaccess.h:196 [inline]
 _copy_to_user+0xcc/0x120 lib/usercopy.c:26
 copy_to_user include/linux/uaccess.h:225 [inline]
 i2cdev_ioctl_smbus+0x586/0x660 drivers/i2c/i2c-dev.c:394
 i2cdev_ioctl+0xa14/0xf40 drivers/i2c/i2c-dev.c:478
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:906 [inline]
 __se_sys_ioctl+0x239/0x400 fs/ioctl.c:892
 __x64_sys_ioctl+0x97/0xe0 fs/ioctl.c:892
 x64_sys_call+0x1ebe/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0x1b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 i2c_smbus_xfer_emulated drivers/i2c/i2c-core-smbus.c:495 [inline]
 __i2c_smbus_xfer+0x254d/0x2f60 drivers/i2c/i2c-core-smbus.c:607
 i2c_smbus_xfer+0x31d/0x4d0 drivers/i2c/i2c-core-smbus.c:545
 i2cdev_ioctl_smbus+0x4a1/0x660 drivers/i2c/i2c-dev.c:389
 i2cdev_ioctl+0xa14/0xf40 drivers/i2c/i2c-dev.c:478
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:906 [inline]
 __se_sys_ioctl+0x239/0x400 fs/ioctl.c:892
 __x64_sys_ioctl+0x97/0xe0 fs/ioctl.c:892
 x64_sys_call+0x1ebe/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0x1b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Local variable msgbuf1.i created at:
 i2c_smbus_xfer_emulated drivers/i2c/i2c-core-smbus.c:334 [inline]
 __i2c_smbus_xfer+0x86a/0x2f60 drivers/i2c/i2c-core-smbus.c:607
 i2c_smbus_xfer+0x31d/0x4d0 drivers/i2c/i2c-core-smbus.c:545

Bytes 0-1 of 2 are uninitialized
Memory access of size 2 starts at ffff88812e8b7d06
Data copied to user address 0000200000000080

CPU: 1 UID: 0 PID: 5885 Comm: syz-executor221 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(undef) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
=====================================================

Crashes (180):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/05/02 08:57 upstream 02ddfb981de8 51b137cd .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/17 13:32 upstream 9afe652958c3 417d98fa .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/11 23:31 upstream 488ef3560196 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/10 22:44 upstream f09079bd04a9 5d7e17ca .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/26 19:16 upstream 0ff41df1cb26 874a1386 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/26 15:22 upstream 0ff41df1cb26 2d4582d0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/26 04:11 upstream 0f8c0258bf04 2d4582d0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/23 15:28 upstream 94305e83eccb f8cc0c83 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/23 05:01 upstream 94305e83eccb fa44301a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/22 19:10 upstream 5cdb2c77c4c3 0919b50b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/21 18:23 upstream 4a95bc121ccd b47f9e02 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/20 20:47 upstream a5806cd506af 8f9cf946 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/20 18:19 upstream a5806cd506af 8f9cf946 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/20 13:08 upstream a5806cd506af 8f9cf946 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/19 03:19 upstream a5806cd506af f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/15 11:56 upstream 02ddfb981de8 d6b2ee52 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/15 03:34 upstream 02ddfb981de8 a4fa04ef .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/14 17:13 upstream 02ddfb981de8 a4fa04ef .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/13 19:04 upstream 02ddfb981de8 7344edeb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/12 13:29 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/12 11:58 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/12 07:13 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/11 20:37 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/11 18:12 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/11 13:59 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/11 12:04 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/11 10:14 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/11 04:23 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/11 01:41 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/18 08:40 upstream 52da431bf03b e77fae15 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/18 02:59 upstream 52da431bf03b 417d98fa .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/06/17 17:32 upstream 9afe652958c3 417d98fa .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/26 20:45 upstream 0ff41df1cb26 874a1386 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/26 09:24 upstream 0f8c0258bf04 2d4582d0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/25 13:28 upstream d0c22de9995b ed351ea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/24 20:53 upstream b1427432d3b6 ed351ea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/24 07:13 upstream 4856ebd99715 ed351ea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/24 00:40 upstream eccf6f2f6ab9 f8cc0c83 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/23 21:01 upstream eccf6f2f6ab9 f8cc0c83 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/23 16:52 upstream 94305e83eccb f8cc0c83 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/23 07:01 upstream 94305e83eccb fa44301a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/23 06:50 upstream 94305e83eccb fa44301a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/22 16:41 upstream d608703fcdd9 0919b50b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/22 07:41 upstream 4a95bc121ccd 0919b50b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/21 12:57 upstream 4a95bc121ccd b47f9e02 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/20 22:59 upstream b36ddb9210e6 8f9cf946 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/20 22:54 upstream b36ddb9210e6 8f9cf946 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/19 18:36 upstream a5806cd506af f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/19 06:37 upstream a5806cd506af f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/15 15:11 upstream 02ddfb981de8 d6b2ee52 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/13 20:55 upstream 02ddfb981de8 7344edeb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/13 00:01 upstream 02ddfb981de8 f6671af7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
2025/05/12 09:40 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in i2cdev_ioctl_smbus
* Struck through repros no longer work on HEAD.