RE: Bluetooth: btusb: Add date->evt_skb is NULL check

RE: Bluetooth: btusb: Add date->evt_skb is NULL check

[bluez.test.bot]

[-- Attachment #1: Type: text/plain, Size: 2186 bytes --]

This is automated email and please do not reply to this email!

Dear submitter,

Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=792019

---Test result---

Test Summary:
CheckPatch                    PASS      0.64 seconds
GitLint                       FAIL      0.55 seconds
SubjectPrefix                 PASS      0.10 seconds
BuildKernel                   PASS      39.90 seconds
CheckAllWarning               PASS      44.21 seconds
CheckSparse                   PASS      51.25 seconds
CheckSmatch                   PASS      139.93 seconds
BuildKernel32                 PASS      40.30 seconds
TestRunnerSetup               PASS      606.11 seconds
TestRunner_l2cap-tester       PASS      35.75 seconds
TestRunner_iso-tester         PASS      65.02 seconds
TestRunner_bnep-tester        PASS      12.83 seconds
TestRunner_mgmt-tester        PASS      258.76 seconds
TestRunner_rfcomm-tester      PASS      18.90 seconds
TestRunner_sco-tester         PASS      22.14 seconds
TestRunner_ioctl-tester       PASS      21.42 seconds
TestRunner_mesh-tester        PASS      15.61 seconds
TestRunner_smp-tester         PASS      16.67 seconds
TestRunner_userchan-tester    PASS      12.93 seconds
IncrementalBuild              PASS      36.96 seconds

Details
##############################
Test: GitLint - FAIL
Desc: Run gitlint
Output:
Bluetooth: btusb: Add date->evt_skb is NULL check

WARNING: I3 - ignore-body-lines: gitlint will be switching from using Python regex 'match' (match beginning) to 'search' (match anywhere) semantics. Please review your ignore-body-lines.regex option accordingly. To remove this warning, set general.regex-style-search=True. More details: https://jorisroovers.github.io/gitlint/configuration/#regex-style-search
19: B1 Line exceeds max length (91>80): "[ 6104.969697] FS:  00007f5a1cab9d40(0000) GS:ffff8ad578200000(0000) knlGS:0000000000000000"
36: B1 Line exceeds max length (85>80): "[ 6104.969778] RSP: 002b:00007ffeefe39010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001"


---
Regards,
Linux Bluetooth

[PATCH] Bluetooth: btusb: Add date->evt_skb is NULL check

[wangyouwan]

From: youwan Wang <wangyouwan@126.com>

fix crash because of null pointers

[ 6104.969662] BUG: kernel NULL pointer dereference, address: 00000000000000c8
[ 6104.969667] #PF: supervisor read access in kernel mode
[ 6104.969668] #PF: error_code(0x0000) - not-present page
[ 6104.969670] PGD 0 P4D 0
[ 6104.969673] Oops: 0000 [#1] SMP NOPTI
[ 6104.969684] RIP: 0010:btusb_mtk_hci_wmt_sync+0x144/0x220 [btusb]
[ 6104.969688] RSP: 0018:ffffb8d681533d48 EFLAGS: 00010246
[ 6104.969689] RAX: 0000000000000000 RBX: ffff8ad560bb2000 RCX: 0000000000000006
[ 6104.969691] RDX: 0000000000000000 RSI: ffffb8d681533d08 RDI: 0000000000000000
[ 6104.969692] RBP: ffffb8d681533d70 R08: 0000000000000001 R09: 0000000000000001
[ 6104.969694] R10: 0000000000000001 R11: 00000000fa83b2da R12: ffff8ad461d1d7c0
[ 6104.969695] R13: 0000000000000000 R14: ffff8ad459618c18 R15: ffffb8d681533d90
[ 6104.969697] FS:  00007f5a1cab9d40(0000) GS:ffff8ad578200000(0000) knlGS:00000
[ 6104.969699] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 6104.969700] CR2: 00000000000000c8 CR3: 000000018620c001 CR4: 0000000000760ef0
[ 6104.969701] PKRU: 55555554
[ 6104.969702] Call Trace:
[ 6104.969708]  btusb_mtk_shutdown+0x44/0x80 [btusb]
[ 6104.969732]  hci_dev_do_close+0x470/0x5c0 [bluetooth]
[ 6104.969748]  hci_rfkill_set_block+0x56/0xa0 [bluetooth]
[ 6104.969753]  rfkill_set_block+0x92/0x160
[ 6104.969755]  rfkill_fop_write+0x136/0x1e0
[ 6104.969759]  __vfs_write+0x18/0x40
[ 6104.969761]  vfs_write+0xdf/0x1c0
[ 6104.969763]  ksys_write+0xb1/0xe0
[ 6104.969765]  __x64_sys_write+0x1a/0x20
[ 6104.969769]  do_syscall_64+0x51/0x180
[ 6104.969771]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 6104.969773] RIP: 0033:0x7f5a21f18fef
[ 6104.9] RSP: 002b:00007ffeefe39010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 6104.969780] RAX: ffffffffffffffda RBX: 000055c10a7560a0 RCX: 00007f5a21f18fef
[ 6104.969781] RDX: 0000000000000008 RSI: 00007ffeefe39060 RDI: 0000000000000012
[ 6104.969782] RBP: 00007ffeefe39060 R08: 0000000000000000 R09: 0000000000000017
[ 6104.969784] R10: 00007ffeefe38d97 R11: 0000000000000293 R12: 0000000000000002
[ 6104.969785] R13: 00007ffeefe39220 R14: 00007ffeefe391a0 R15: 000055c10a72acf0

Signed-off-by: youwan Wang <wangyouwan@126.com>
---
 drivers/bluetooth/btusb.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c
index 3fdad35e5e1d..d793dcd06687 100644
--- a/drivers/bluetooth/btusb.c
+++ b/drivers/bluetooth/btusb.c
@@ -2824,6 +2824,9 @@ static int btusb_mtk_hci_wmt_sync(struct hci_dev *hdev,
 		goto err_free_wc;
 	}
 
+	if (data->evt_skb == NULL)
+		goto err_free_wc;
+
 	/* Parse and handle the return WMT event */
 	wmt_evt = (struct btmtk_hci_wmt_evt *)data->evt_skb->data;
 	if (wmt_evt->whdr.op != hdr->op) {
-- 
2.25.1

RE: Bluetooth: btusb: Add date->evt_skb is NULL check

[bluez.test.bot]

[-- Attachment #1: Type: text/plain, Size: 1427 bytes --]

This is automated email and please do not reply to this email!

Dear submitter,

Thank you for submitting the patches to the linux bluetooth mailing list.
This is a CI test results with your patch series:
PW Link:https://patchwork.kernel.org/project/bluetooth/list/?series=792044

---Test result---

Test Summary:
CheckPatch                    PASS      0.61 seconds
GitLint                       PASS      0.28 seconds
SubjectPrefix                 PASS      0.08 seconds
BuildKernel                   PASS      35.48 seconds
CheckAllWarning               PASS      38.26 seconds
CheckSparse                   PASS      44.26 seconds
CheckSmatch                   PASS      117.11 seconds
BuildKernel32                 PASS      34.25 seconds
TestRunnerSetup               PASS      525.24 seconds
TestRunner_l2cap-tester       PASS      31.43 seconds
TestRunner_iso-tester         PASS      55.62 seconds
TestRunner_bnep-tester        PASS      10.71 seconds
TestRunner_mgmt-tester        PASS      223.06 seconds
TestRunner_rfcomm-tester      PASS      16.46 seconds
TestRunner_sco-tester         PASS      19.86 seconds
TestRunner_ioctl-tester       PASS      18.50 seconds
TestRunner_mesh-tester        PASS      15.09 seconds
TestRunner_smp-tester         PASS      15.11 seconds
TestRunner_userchan-tester    PASS      11.38 seconds
IncrementalBuild              PASS      32.91 seconds



---
Regards,
Linux Bluetooth

Re: [PATCH] Bluetooth: btusb: Add date->evt_skb is NULL check

[patchwork-bot+bluetooth]

Hello:

This patch was applied to bluetooth/bluetooth-next.git (master)
by Luiz Augusto von Dentz <luiz.von.dentz@intel.com>:

On Wed, 11 Oct 2023 13:14:47 +0800 you wrote:
> From: youwan Wang <wangyouwan@126.com>
> 
> fix crash because of null pointers
> 
> [ 6104.969662] BUG: kernel NULL pointer dereference, address: 00000000000000c8
> [ 6104.969667] #PF: supervisor read access in kernel mode
> [ 6104.969668] #PF: error_code(0x0000) - not-present page
> [ 6104.969670] PGD 0 P4D 0
> [ 6104.969673] Oops: 0000 [#1] SMP NOPTI
> [ 6104.969684] RIP: 0010:btusb_mtk_hci_wmt_sync+0x144/0x220 [btusb]
> [ 6104.969688] RSP: 0018:ffffb8d681533d48 EFLAGS: 00010246
> [ 6104.969689] RAX: 0000000000000000 RBX: ffff8ad560bb2000 RCX: 0000000000000006
> [ 6104.969691] RDX: 0000000000000000 RSI: ffffb8d681533d08 RDI: 0000000000000000
> [ 6104.969692] RBP: ffffb8d681533d70 R08: 0000000000000001 R09: 0000000000000001
> [ 6104.969694] R10: 0000000000000001 R11: 00000000fa83b2da R12: ffff8ad461d1d7c0
> [ 6104.969695] R13: 0000000000000000 R14: ffff8ad459618c18 R15: ffffb8d681533d90
> [ 6104.969697] FS:  00007f5a1cab9d40(0000) GS:ffff8ad578200000(0000) knlGS:00000
> [ 6104.969699] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 6104.969700] CR2: 00000000000000c8 CR3: 000000018620c001 CR4: 0000000000760ef0
> [ 6104.969701] PKRU: 55555554
> [ 6104.969702] Call Trace:
> [ 6104.969708]  btusb_mtk_shutdown+0x44/0x80 [btusb]
> [ 6104.969732]  hci_dev_do_close+0x470/0x5c0 [bluetooth]
> [ 6104.969748]  hci_rfkill_set_block+0x56/0xa0 [bluetooth]
> [ 6104.969753]  rfkill_set_block+0x92/0x160
> [ 6104.969755]  rfkill_fop_write+0x136/0x1e0
> [ 6104.969759]  __vfs_write+0x18/0x40
> [ 6104.969761]  vfs_write+0xdf/0x1c0
> [ 6104.969763]  ksys_write+0xb1/0xe0
> [ 6104.969765]  __x64_sys_write+0x1a/0x20
> [ 6104.969769]  do_syscall_64+0x51/0x180
> [ 6104.969771]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
> [ 6104.969773] RIP: 0033:0x7f5a21f18fef
> [ 6104.9] RSP: 002b:00007ffeefe39010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
> [ 6104.969780] RAX: ffffffffffffffda RBX: 000055c10a7560a0 RCX: 00007f5a21f18fef
> [ 6104.969781] RDX: 0000000000000008 RSI: 00007ffeefe39060 RDI: 0000000000000012
> [ 6104.969782] RBP: 00007ffeefe39060 R08: 0000000000000000 R09: 0000000000000017
> [ 6104.969784] R10: 00007ffeefe38d97 R11: 0000000000000293 R12: 0000000000000002
> [ 6104.969785] R13: 00007ffeefe39220 R14: 00007ffeefe391a0 R15: 000055c10a72acf0
> 
> [...]

Here is the summary with links:
  - Bluetooth: btusb: Add date->evt_skb is NULL check
    https://git.kernel.org/bluetooth/bluetooth-next/c/79fd960e01d7

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html