leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0458e5428e
linux/drivers/staging
History
Wang Cheng 0458e5428e staging: rtl8712: fix uninit-value in r871xu_drv_init() 
When 'tmpU1b' returns from r8712_read8(padapter, EE_9346CR) is 0,
'mac[6]' will not be initialized.

BUG: KMSAN: uninit-value in r871xu_drv_init+0x2d54/0x3070 drivers/staging/rtl8712/usb_intf.c:541
 r871xu_drv_init+0x2d54/0x3070 drivers/staging/rtl8712/usb_intf.c:541
 usb_probe_interface+0xf19/0x1600 drivers/usb/core/driver.c:396
 really_probe+0x653/0x14b0 drivers/base/dd.c:596
 __driver_probe_device+0x3e9/0x530 drivers/base/dd.c:752
 driver_probe_device drivers/base/dd.c:782 [inline]
 __device_attach_driver+0x79f/0x1120 drivers/base/dd.c:899
 bus_for_each_drv+0x2d6/0x3f0 drivers/base/bus.c:427
 __device_attach+0x593/0x8e0 drivers/base/dd.c:970
 device_initial_probe+0x4a/0x60 drivers/base/dd.c:1017
 bus_probe_device+0x17b/0x3e0 drivers/base/bus.c:487
 device_add+0x1fff/0x26e0 drivers/base/core.c:3405
 usb_set_configuration+0x37e9/0x3ed0 drivers/usb/core/message.c:2170
 usb_generic_driver_probe+0x13c/0x300 drivers/usb/core/generic.c:238
 usb_probe_device+0x309/0x570 drivers/usb/core/driver.c:293
 really_probe+0x653/0x14b0 drivers/base/dd.c:596
 __driver_probe_device+0x3e9/0x530 drivers/base/dd.c:752
 driver_probe_device drivers/base/dd.c:782 [inline]
 __device_attach_driver+0x79f/0x1120 drivers/base/dd.c:899
 bus_for_each_drv+0x2d6/0x3f0 drivers/base/bus.c:427
 __device_attach+0x593/0x8e0 drivers/base/dd.c:970
 device_initial_probe+0x4a/0x60 drivers/base/dd.c:1017
 bus_probe_device+0x17b/0x3e0 drivers/base/bus.c:487
 device_add+0x1fff/0x26e0 drivers/base/core.c:3405
 usb_new_device+0x1b8e/0x2950 drivers/usb/core/hub.c:2566
 hub_port_connect drivers/usb/core/hub.c:5358 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5502 [inline]
 port_event drivers/usb/core/hub.c:5660 [inline]
 hub_event+0x58e3/0x89e0 drivers/usb/core/hub.c:5742
 process_one_work+0xdb6/0x1820 kernel/workqueue.c:2307
 worker_thread+0x10b3/0x21e0 kernel/workqueue.c:2454
 kthread+0x3c7/0x500 kernel/kthread.c:377
 ret_from_fork+0x1f/0x30

Local variable mac created at:
 r871xu_drv_init+0x1771/0x3070 drivers/staging/rtl8712/usb_intf.c:394
 usb_probe_interface+0xf19/0x1600 drivers/usb/core/driver.c:396

KMSAN: uninit-value in r871xu_drv_init
https://syzkaller.appspot.com/bug?id=3cd92b1d85428b128503bfa7a250294c9ae00bd8

Reported-by: <syzbot+6f5ecd144854c0d8580b@syzkaller.appspotmail.com>
Tested-by: <syzbot+6f5ecd144854c0d8580b@syzkaller.appspotmail.com>
Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Wang Cheng <wanngchenng@gmail.com>
Link: https://lore.kernel.org/r/14c3886173dfa4597f0704547c414cfdbcd11d16.1652618244.git.wanngchenng@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-05-19 17:44:25 +02:00
..
axis-fifo staging: axis-fifo: Use platform_get_irq() to get the interrupt 2021-12-30 11:54:56 +01:00
board
clocking-wizard
emxx_udc
fbtft Staging driver update for 5.18-rc1 2022-03-28 12:50:50 -07:00
fieldbus staging: fieldbus: Fix the error handling path in anybuss_host_common_probe() 2022-04-22 16:48:31 +02:00
fwserial
gdm724x Staging driver update for 5.18-rc1 2022-03-28 12:50:50 -07:00
greybus staging: greybus: correct typo in comment 2022-05-05 23:19:14 +02:00
iio staging: iio: ad2s1210: remove redundant assignment to variable negative 2022-04-20 18:45:35 +02:00
ks7010 staging: ks7010: remove null check after call container_of() 2022-05-19 17:42:41 +02:00
media media: atomisp: fix bad usage at error handling logic 2022-03-18 05:58:35 +01:00
most staging/most, dim2: convert dim2_tasklet to threaded irq 2022-04-12 15:53:50 +02:00
nvec Staging: nvec: Fix ending in '(' error 2022-02-08 10:46:01 +01:00
octeon Staging driver update for 5.16-rc1 2021-11-04 07:56:22 -07:00
octeon-usb
olpc_dcon
pi433 Staging driver update for 5.18-rc1 2022-03-28 12:50:50 -07:00
qlge staging: qlge: add blank line after function declaration 2022-04-20 18:40:04 +02:00
r8188eu staging: r8188eu: remove _drv_ defines from include/rtw_debug.h 2022-05-19 17:43:04 +02:00
rtl8192e staging: rtl8192e: remove null check after call container_of() 2022-05-19 17:42:43 +02:00
rtl8192u staging: rtl8192u: remove null check after call container_of() 2022-05-19 17:42:53 +02:00
rtl8712 staging: rtl8712: fix uninit-value in r871xu_drv_init() 2022-05-19 17:44:25 +02:00
rtl8723bs staging: rtl8723bs: Fix alignment to match open parenthesis 2022-05-19 17:41:18 +02:00
rts5208 staging: rts5208: Convert kmap() to kmap_local_page() 2022-04-04 07:33:47 +02:00
sm750fb staging: sm750fb: Call iounmap() to free mapped bus memory 2022-04-04 07:33:49 +02:00
vc04_services staging: vc04_services: remove unused macro 2022-05-19 17:42:56 +02:00
vme_user staging: vme: Move 'vme/devices/' to 'vme_user/' 2022-04-22 16:47:29 +02:00
vt6655 staging: vt6655: Replace VNSvOutPortB with iowrite8 2022-05-19 17:41:10 +02:00
vt6656 staging: vt6656: Fix multiple blank lines warning 2022-04-04 07:33:45 +02:00
wlan-ng staging/wlan-ng, prism2usb: replace completion_bh tasklet with work 2022-04-12 15:53:50 +02:00
Kconfig staging: vme: Move 'vme/devices/' to 'vme_user/' 2022-04-22 16:47:29 +02:00
Makefile staging: vme: Move 'vme/devices/' to 'vme_user/' 2022-04-22 16:47:29 +02:00