From: Pavel Skripkin <paskripkin@gmail.com>
To: David Kahurani <k.kahurani@gmail.com>,
davem@davemloft.net, jgg@ziepe.ca, kuba@kernel.org,
linux-kernel@vger.kernel.org, linux-usb@vger.kernel.org,
netdev@vger.kernel.org, phil@philpotter.co.uk,
syzkaller-bugs@googlegroups.com,
syzbot+d3dbdf31fbe9d8f5f311@syzkaller.appspotmail.com,
arnd@arndb.de
Subject: Re: [syzbot] KMSAN: uninit-value in ax88179_led_setting
Date: Sat, 26 Mar 2022 15:43:47 +0300 [thread overview]
Message-ID: <59034997-46f4-697d-3620-7897db7fb97d@gmail.com> (raw)
In-Reply-To: <CAAZOf24Gux0bfS-QGgjcd93NpcpxeA5xU5n2k+EhhyphJo-Mmg@mail.gmail.com>
Hi David,
On 3/26/22 14:47, David Kahurani wrote:
>>
>> Signed-off-by: David Kahurani <k.kahurani@gmail.com>
>> Reported-by: syzbot+d3dbdf31fbe9d8f5f311@syzkaller.appspotmail.com
>> ---
>> drivers/net/usb/ax88179_178a.c | 181 +++++++++++++++++++++++++++------
>> 1 file changed, 152 insertions(+), 29 deletions(-)
>>
>> diff --git a/drivers/net/usb/ax88179_178a.c b/drivers/net/usb/ax88179_178a.c
>> index a31098981..932e21a65 100644
>> --- a/drivers/net/usb/ax88179_178a.c
>> +++ b/drivers/net/usb/ax88179_178a.c
>> @@ -224,9 +224,12 @@ static int __ax88179_write_cmd(struct usbnet *dev, u8 cmd, u16 value, u16 index,
>> ret = fn(dev, cmd, USB_DIR_OUT | USB_TYPE_VENDOR | USB_RECIP_DEVICE,
>> value, index, data, size);
>>
You've changed __ax88179_write_cmd(), but not __ax88179_read_cmd(). I've
missed it. Changing __ax88179_write_cmd() does not help with uninit
value bugs
Also I believe, __ax88179_read_cmd() should have __must_check annotation
too, since problem came from it in the first place (I mean after added
sane error handling inside it)
Next thing is ax88179_read_cmd_nopm() still prone to uninit value bugs,
since it touches uninitialized `buf` in case of __ax88179_read_cmd()
error...
I remembered why I gave up on fixing this driver... I hope, you have
more free time and motivation :)
With regards,
Pavel Skripkin
next prev parent reply other threads:[~2022-03-26 12:43 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CAAZOf27PHWxdZifZpQYfTHb3h=qk22jRc6-A2LvBkLTR6xNOKg@mail.gmail.com>
2022-03-26 11:47 ` [syzbot] KMSAN: uninit-value in ax88179_led_setting David Kahurani
2022-03-26 12:10 ` Pavel Skripkin
2022-03-26 12:43 ` Pavel Skripkin [this message]
2022-03-26 18:26 ` David Kahurani
2022-02-15 10:42 syzbot
2022-04-07 2:41 ` syzbot
2022-04-07 2:41 ` syzbot
2022-04-09 8:27 ` David Kahurani
2022-04-09 8:40 ` syzbot
2022-04-09 8:40 ` syzbot
2022-04-15 1:54 ` David Kahurani
2022-04-15 1:54 ` David Kahurani
2022-04-15 3:53 ` syzbot
2022-04-15 3:53 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=59034997-46f4-697d-3620-7897db7fb97d@gmail.com \
--to=paskripkin@gmail.com \
--cc=arnd@arndb.de \
--cc=davem@davemloft.net \
--cc=jgg@ziepe.ca \
--cc=k.kahurani@gmail.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=phil@philpotter.co.uk \
--cc=syzbot+d3dbdf31fbe9d8f5f311@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.