syzbot

 sign-in | mailing list | source | docs
🐞 Open [1508]
Subsystems
🐞 Fixed [6628]
🐞 Invalid [16985]
Missing Backports [211]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf

Status: upstream: reported on 2025/10/06 17:06
Subsystems: scsi
[Documentation on labels]
Reported-by: syzbot+f627b4ca9d1c5894ae1d@syzkaller.appspotmail.com
First crash: 2d14h, last: 1h22m
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [scsi?] upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf 0 (1) 2025/10/06 17:06

Sample crash report:
scsi 0:0:1:0: Direct-Access     Google   PersistentDisk   1    PQ: 0 ANSI: 6
=====================================================
BUG: KMSAN: use-after-free in scsi_vpd_inquiry drivers/scsi/scsi.c:323 [inline]
BUG: KMSAN: use-after-free in scsi_get_vpd_buf+0x4cc/0x720 drivers/scsi/scsi.c:455
 scsi_vpd_inquiry drivers/scsi/scsi.c:323 [inline]
 scsi_get_vpd_buf+0x4cc/0x720 drivers/scsi/scsi.c:455
 scsi_update_vpd_page drivers/scsi/scsi.c:479 [inline]
 scsi_attach_vpd+0x380/0xe70 drivers/scsi/scsi.c:520
 scsi_add_lun drivers/scsi/scsi_scan.c:1110 [inline]
 scsi_probe_and_add_lun+0x6933/0x7f20 drivers/scsi/scsi_scan.c:1288
 __scsi_scan_target+0x2fb/0x2050 drivers/scsi/scsi_scan.c:1776
 scsi_scan_channel drivers/scsi/scsi_scan.c:1864 [inline]
 scsi_scan_host_selected+0x68f/0x9a0 drivers/scsi/scsi_scan.c:1893
 do_scsi_scan_host drivers/scsi/scsi_scan.c:2032 [inline]
 do_scan_async+0x1ad/0xdc0 drivers/scsi/scsi_scan.c:2042
 async_run_entry_fn+0x90/0x570 kernel/async.c:129
 process_one_work kernel/workqueue.c:3263 [inline]
 process_scheduled_works+0xb91/0x1d80 kernel/workqueue.c:3346
 worker_thread+0xedf/0x1590 kernel/workqueue.c:3427
 kthread+0xd59/0xf00 kernel/kthread.c:463
 ret_from_fork+0x230/0x380 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Uninit was created at:
 slab_free_hook mm/slub.c:2440 [inline]
 slab_free mm/slub.c:6566 [inline]
 kfree+0x254/0x1460 mm/slub.c:6773
 security_task_free+0x96/0x190 security/security.c:3250
 __put_task_struct+0x18a/0x710 kernel/fork.c:743
 __put_task_struct_rcu_cb+0x25/0xa0 kernel/fork.c:756
 rcu_do_batch kernel/rcu/tree.c:2605 [inline]
 rcu_core+0xa65/0x2240 kernel/rcu/tree.c:2861
 rcu_core_si+0x12/0x20 kernel/rcu/tree.c:2878
 handle_softirqs+0x169/0x6e0 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 invoke_softirq kernel/softirq.c:496 [inline]
 __irq_exit_rcu+0x66/0x180 kernel/softirq.c:723
 irq_exit_rcu+0x12/0x20 kernel/softirq.c:739
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1052 [inline]
 sysvec_apic_timer_interrupt+0x84/0x90 arch/x86/kernel/apic/apic.c:1052
 asm_sysvec_apic_timer_interrupt+0x1f/0x30 arch/x86/include/asm/idtentry.h:702

CPU: 1 UID: 0 PID: 14 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(none) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
Workqueue: async async_run_entry_fn
=====================================================

Crashes (18):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/10/06 23:14 upstream c746c3b51698 91305dbe .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/06 12:06 upstream fd94619c4336 91305dbe .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/06 05:50 upstream fd94619c4336 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/05 21:30 upstream 7a405dbb0f03 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/05 19:37 upstream 6a74422b9710 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/05 02:27 upstream 6093a688a07d 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/05 00:08 upstream b4e5bb555594 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/04 22:12 upstream d104e3d17f7b 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/04 19:04 upstream c4c8bcab1882 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/04 11:37 upstream cbf33b8e0b36 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/06 22:10 upstream c746c3b51698 91305dbe .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/06 11:26 upstream fd94619c4336 91305dbe .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/06 05:10 upstream fd94619c4336 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/05 20:49 upstream 7a405dbb0f03 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/05 18:30 upstream 6a74422b9710 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/05 03:13 upstream 6093a688a07d 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/04 21:15 upstream d104e3d17f7b 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
2025/10/04 10:06 upstream cbf33b8e0b36 49379ee0 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root upstream test error: KMSAN: use-after-free in scsi_get_vpd_buf
* Struck through repros no longer work on HEAD.