Re: [syzbot] [kernel?] KASAN: slab-use-after-free Write in binder_add_device
From: syzbot
Date: Mon Mar 24 2025 - 21:00:02 EST
> On Mon, Mar 24, 2025 at 05:49:53PM -0700, syzbot wrote:
>> > On Sun, Mar 16, 2025 at 03:51:27PM -0700, syzbot wrote:
>> >> Hello,
>> >>
>> >> syzbot found the following issue on:
>> >>
>> >> HEAD commit: b7f94fcf5546 Merge tag 'sched_ext-for-6.14-rc6-fixes' of g..
>> >> git tree: upstream
>> >> console output: https://syzkaller.appspot.com/x/log.txt?x=134f303f980000
>> >> kernel config: https://syzkaller.appspot.com/x/.config?x=cdc24cb631dc9bc4
>> >> dashboard link: https://syzkaller.appspot.com/bug?extid=810b8555076779a07399
>> >> compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
>> >
>> > #syz test
>>
>> This crash does not have a reproducer. I cannot test it.
>
> This is likely another version of this report:
> https://syzkaller.appspot.com/bug?extid=353d7b75658a95aa955a
> where access to the binder_devices list is unprotected.
>
> #syz dup: slab-use-after-free Write in binderfs_evict_inode
can't find the dup bug