syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1324]
Subsystems
🐞 Fixed [7186]
🐞 Invalid [18984]
Missing Backports [221]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

KMSAN: uninit-value in tomoyo_path_chown (3)

Status: upstream: reported on 2026/06/17 08:41
Subsystems: tomoyo
Labels: prio:high
[Documentation on labels]
Reported-by: syzbot+eaae8fa60ce81f1e4eeb@syzkaller.appspotmail.com
First crash: 11d, last: 11d
✨ AI Jobs (1)
ID Workflow Result Correct Bug Created Started Finished Revision Error
abea5dd9-2a6e-4669-a927-d87ef7833666 assessment-security DenialOfService: ❌ Exploitable: ❌ FilesystemTrigger: ❌ NetworkTrigger: ❌ PeripheralTrigger: ❌ RemoteTrigger: ❌ Unprivileged: ✅ UserNamespace: ✅ VMGuestTrigger: ❌ VMHostTrigger: ❌ KMSAN: uninit-value in tomoyo_path_chown (3) 2026/06/15 00:08 2026/06/15 00:08 2026/06/15 00:48 4f06757f683a802254a4c8edbfe67ff801904c5e 

			
				
	

	
	



			

		

	

	
	

		

			
			
			Discussions (2)
		

		

			
			
			



	
	

		Title
		Replies (including bot)
		Last reply
	

	
	
	
		

			[syzbot] Monthly tomoyo report (Jun 2026)
			0 (1)
			2026/06/20 12:32
		

	
		

			[syzbot] [tomoyo?] KMSAN: uninit-value in tomoyo_path_chown (3)
			0 (1)
			2026/06/17 08:41
		

	
	




			
			
		

	

	
	

		

			
			
			Similar bugs (1)
		

		

			




	
	

		
			Kernel
		
		Title
		
			Rank
			
🛈

		
		Repro
		Cause bisect
		Fix bisect
		Count
		Last
		Reported
		
		
		
			Patched
		
		
			Status
		
		
	

	
	
	
		

			upstream
			
				KMSAN: uninit-value in tomoyo_path_chown
					fs
			
			7
			C
			
			
			13763
			1373d
			
				
					1374d
				
			
			
			
			
				22/29
			
			
				
					
						fixed on 2023/02/24 13:50
					
				
			
			
		

	
	





			
			
			
			
		

	

	

	
	
Sample crash report:

	
=====================================================
BUG: KMSAN: uninit-value in tomoyo_path_chown+0x128/0x270 security/tomoyo/tomoyo.c:380
 tomoyo_path_chown+0x128/0x270 security/tomoyo/tomoyo.c:380
 security_path_chown+0x1c0/0x710 security/security.c:1598
 chown_common+0x69f/0xcb0 fs/open.c:771
 do_fchownat+0x20f/0x490 fs/open.c:804
 __do_sys_chown fs/open.c:824 [inline]
 __se_sys_chown fs/open.c:822 [inline]
 __x64_sys_chown+0x9d/0x110 fs/open.c:822
 x64_sys_call+0x30cc/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:93
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x15d/0x3c0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Local variable newattrs created at:
 chown_common+0xbc/0xcb0 fs/open.c:746
 do_fchownat+0x20f/0x490 fs/open.c:804

CPU: 1 UID: 0 PID: 4943 Comm: udevd Not tainted syzkaller #0 PREEMPT(lazy) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
=====================================================



	

	



	Crashes (1):
		
		

			Time
			Kernel
			Commit
			Syzkaller
			Config
			Log
			Report
			Syz repro
			C repro
			VM info
			Assets (help?)
			Manager
			Title
		

		
		
		
		

			2026/06/13 08:31
			upstream
			2b414a95b8f7
			1d2f3589
			.config
			console log
			report
			
			
			
			
				[disk image]
			
				[vmlinux]
			
				[kernel image]
			
			ci-upstream-kmsan-gce-root
			KMSAN: uninit-value in tomoyo_path_chown
		

		
		


* Struck through repros no longer work on HEAD.