sd 0:0:1:0: [sg_rq_end_io] Sense Key : Illegal Request [current] sd 0:0:1:0: [sg_rq_end_io] Add. Sense: Invalid command operation code ================================================================== BUG: KMSAN: uninit-value in vsnprintf+0x24eb/0x3450 lib/vsprintf.c:2267 CPU: 0 PID: 4613 Comm: syz-executor6 Not tainted 4.18.0-rc5+ #29 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x185/0x1e0 lib/dump_stack.c:113 kmsan_report+0x195/0x2c0 mm/kmsan/kmsan.c:982 __msan_warning+0x7d/0xe0 mm/kmsan/kmsan_instr.c:645 vsnprintf+0x24eb/0x3450 lib/vsprintf.c:2267 vscnprintf lib/vsprintf.c:2370 [inline] scnprintf+0x241/0x310 lib/vsprintf.c:2424 sdev_format_header drivers/scsi/scsi_logging.c:84 [inline] scsi_log_print_sense_hdr+0x3fa/0x1990 drivers/scsi/scsi_logging.c:374 scsi_log_print_sense+0x1b7/0x970 drivers/scsi/scsi_logging.c:396 __scsi_print_sense+0xb8/0xd0 drivers/scsi/scsi_logging.c:416 sg_rq_end_io+0x583/0x1540 drivers/scsi/sg.c:1374 __blk_mq_end_request+0x370/0x4d0 block/blk-mq.c:531 scsi_end_request+0x37f/0xb20 drivers/scsi/scsi_lib.c:703 scsi_io_completion+0x143d/0x2bb0 drivers/scsi/scsi_lib.c:909 scsi_finish_command+0x5f2/0x610 drivers/scsi/scsi.c:248 scsi_softirq_done+0x4f1/0x520 drivers/scsi/scsi_lib.c:1691 __blk_mq_complete_request block/blk-mq.c:583 [inline] blk_mq_complete_request+0x528/0x7c0 block/blk-mq.c:620 scsi_mq_done+0x26c/0x2a0 drivers/scsi/scsi_lib.c:2002 virtscsi_complete_cmd+0x94d/0xb50 drivers/scsi/virtio_scsi.c:207 virtscsi_vq_done+0x1a6/0x320 drivers/scsi/virtio_scsi.c:223 virtscsi_req_done+0xf3/0x130 drivers/scsi/virtio_scsi.c:238 vring_interrupt+0x162/0x1d0 drivers/virtio/virtio_ring.c:960 __handle_irq_event_percpu+0x402/0xe40 kernel/irq/handle.c:149 handle_irq_event_percpu kernel/irq/handle.c:189 [inline] handle_irq_event+0x19a/0x3f0 kernel/irq/handle.c:206 handle_edge_irq+0x5e7/0x1230 kernel/irq/chip.c:791 generic_handle_irq_desc include/linux/irqdesc.h:154 [inline] handle_irq+0x36e/0x660 arch/x86/kernel/irq_64.c:77 do_IRQ+0x8e/0x1c0 arch/x86/kernel/irq.c:252 common_interrupt+0xf/0xf arch/x86/entry/entry_64.S:646 RIP: 0010:native_restore_fl arch/x86/include/asm/irqflags.h:37 [inline] RIP: 0010:arch_local_irq_restore arch/x86/include/asm/irqflags.h:78 [inline] RIP: 0010:rcu_do_batch kernel/rcu/tree.c:2598 [inline] RIP: 0010:invoke_rcu_callbacks kernel/rcu/tree.c:2818 [inline] RIP: 0010:__rcu_process_callbacks kernel/rcu/tree.c:2785 [inline] RIP: 0010:rcu_process_callbacks+0x1889/0x1b30 kernel/rcu/tree.c:2802 Code: 48 83 bd 30 ff ff ff 00 4c 8b b5 58 ff ff ff 0f 85 71 ec ff ff 48 8b 85 50 ff ff ff 48 89 85 08 ff ff ff ff b5 08 ff ff ff 9d <49> c7 45 00 00 00 00 00 41 c6 85 20 03 00 00 00 48 8b bd 78 ff ff RSP: 0018:ffff88021fc0fdc0 EFLAGS: 00000286 ORIG_RAX: ffffffffffffffda RAX: 0000000000000286 RBX: 0000000000000000 RCX: ffffffffffffff00 RDX: ffff88021f1d38f8 RSI: aaaaaaaaaaaab000 RDI: ffffea000cbec5c0 RBP: ffff88021fc0fec8 R08: ffffffff7fffffff R09: ffff88021f07ce80 R10: 0000000000000000 R11: ffffffff81d035f0 R12: 0000000000000000 R13: ffff88021fc3aff0 R14: ffffffff8b087858 R15: 0000000000000000 __do_softirq+0x55f/0x934 kernel/softirq.c:288 invoke_softirq kernel/softirq.c:369 [inline] irq_exit+0x22a/0x270 kernel/softirq.c:410 exiting_irq+0xe/0x10 arch/x86/include/asm/apic.h:527 smp_apic_timer_interrupt+0x64/0x90 arch/x86/kernel/apic/apic.c:1055 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:868 RIP: 0010:lowmem_page_address include/linux/mm.h:1147 [inline] RIP: 0010:msan_get_shadow_origin_ptr+0x202/0x300 mm/kmsan/kmsan_instr.c:314 Code: c8 48 c1 e8 05 48 be 00 b0 aa aa aa aa aa aa 48 0f af c6 4c 01 e8 48 01 d0 74 6d 41 81 e7 fc 0f 00 00 48 03 4f 48 48 c1 e9 05 <48> 0f af ce 48 01 d1 49 89 c6 4c 01 f9 48 89 cb 75 4c 0f 0b eb fe RSP: 0018:ffff88013a24f570 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13 RAX: ffff8801fcc618f8 RBX: ffffffff8ba11000 RCX: 00000000005f5923 RDX: ffff880000000000 RSI: aaaaaaaaaaaab000 RDI: ffffea000043a460 RBP: ffff88013a24f5c8 R08: 0000000000480020 R09: 0000000000000002 R10: 0000000000000000 R11: ffffffff83bd90f0 R12: 0000000000000004 R13: 00000000000008f8 R14: ffffffff8ba10000 R15: 00000000000008f8 __msan_metadata_ptr_for_load_4+0x10/0x20 mm/kmsan/kmsan_instr.c:349 slab_pre_alloc_hook mm/slab.h:416 [inline] slab_alloc_node mm/slub.c:2646 [inline] __kmalloc_node+0x1a3/0x1240 mm/slub.c:3823 kmalloc_node include/linux/slab.h:555 [inline] kzalloc_node include/linux/slab.h:718 [inline] __get_vm_area_node+0x289/0x810 mm/vmalloc.c:1390 __vmalloc_node_range+0x332/0x1170 mm/vmalloc.c:1749 __vmalloc_node mm/vmalloc.c:1799 [inline] __vmalloc_node_flags mm/vmalloc.c:1813 [inline] vzalloc+0xd8/0xf0 mm/vmalloc.c:1852 alloc_counters+0x99/0x920 net/ipv6/netfilter/ip6_tables.c:819 copy_entries_to_user net/ipv6/netfilter/ip6_tables.c:841 [inline] get_entries net/ipv6/netfilter/ip6_tables.c:1044 [inline] do_ip6t_get_ctl+0x87c/0x11f0 net/ipv6/netfilter/ip6_tables.c:1712 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline] nf_getsockopt+0x481/0x4e0 net/netfilter/nf_sockopt.c:122 ipv6_getsockopt+0x268/0x4a0 net/ipv6/ipv6_sockglue.c:1370 tcp_getsockopt+0x1c6/0x1f0 net/ipv4/tcp.c:3545 sock_common_getsockopt+0x13f/0x180 net/core/sock.c:2999 __sys_getsockopt+0x48c/0x550 net/socket.c:1948 __do_sys_getsockopt net/socket.c:1959 [inline] __se_sys_getsockopt net/socket.c:1956 [inline] __x64_sys_getsockopt+0x15d/0x1c0 net/socket.c:1956 do_syscall_64+0x15b/0x230 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x63/0xe7 RIP: 0033:0x4585aa Code: b8 34 01 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 1d 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fa 8e fb ff c3 66 0f 1f 84 00 00 00 00 00 RSP: 002b:0000000000a3e328 EFLAGS: 00000212 ORIG_RAX: 0000000000000037 RAX: ffffffffffffffda RBX: 0000000000a3e350 RCX: 00000000004585aa RDX: 0000000000000041 RSI: 0000000000000029 RDI: 0000000000000013 RBP: 0000000000705d60 R08: 0000000000a3e34c R09: 0000000000004000 R10: 0000000000a3e450 R11: 0000000000000212 R12: 0000000000000013 R13: 0000000000000000 R14: 0000000000000029 R15: 0000000000704fe0 Local variable description: ----args@scnprintf Variable was created at: scnprintf+0xf6/0x310 lib/vsprintf.c:2419 sdev_format_header drivers/scsi/scsi_logging.c:84 [inline] scsi_log_print_sense_hdr+0x3fa/0x1990 drivers/scsi/scsi_logging.c:374 ==================================================================