Re: [syzbot] [kernel?] KASAN: slab-use-after-free Write in binder_add_device
From: Carlos Llamas
Date: Mon Mar 24 2025 - 21:03:55 EST
On Mon, Mar 24, 2025 at 05:59:47PM -0700, syzbot wrote:
> > On Mon, Mar 24, 2025 at 05:49:53PM -0700, syzbot wrote:
> >> > On Sun, Mar 16, 2025 at 03:51:27PM -0700, syzbot wrote:
> >> >> Hello,
> >> >>
> >> >> syzbot found the following issue on:
> >> >>
> >> >> HEAD commit: b7f94fcf5546 Merge tag 'sched_ext-for-6.14-rc6-fixes' of g..
> >> >> git tree: upstream
> >> >> console output: https://syzkaller.appspot.com/x/log.txt?x=134f303f980000
> >> >> kernel config: https://syzkaller.appspot.com/x/.config?x=cdc24cb631dc9bc4
> >> >> dashboard link: https://syzkaller.appspot.com/bug?extid=810b8555076779a07399
> >> >> compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
> >> >
> >> > #syz test
> >>
> >> This crash does not have a reproducer. I cannot test it.
> >
> > This is likely another version of this report:
> > https://syzkaller.appspot.com/bug?extid=353d7b75658a95aa955a
> > where access to the binder_devices list is unprotected.
> >
> > #syz dup: slab-use-after-free Write in binderfs_evict_inode
>
> can't find the dup bug
ok, how about:
#syz dup: upstream test error: KASAN: slab-use-after-free Write in binderfs_evict_inode