From: Cong Wang <xiyou.wangcong@gmail.com>
To: Jakub Kicinski <kuba@kernel.org>
Cc: Linux Kernel Network Developers <netdev@vger.kernel.org>,
syzbot+3f3837e61a48d32b495f@syzkaller.appspotmail.com,
Robin van der Gracht <robin@protonic.nl>,
Oleksij Rempel <linux@rempel-privat.de>,
Pengutronix Kernel Team <kernel@pengutronix.de>,
Oliver Hartkopp <socketcan@hartkopp.net>,
Marc Kleine-Budde <mkl@pengutronix.de>
Subject: Re: [Patch net] can: initialize skbcnt in j1939_tp_tx_dat_new()
Date: Thu, 8 Oct 2020 13:02:44 -0700 [thread overview]
Message-ID: <CAM_iQpUBzszbhg0jr9aXZFwTOM0XXRo4rFoFEXPoLRoUw_4doQ@mail.gmail.com> (raw)
In-Reply-To: <20201008103410.4fea97a5@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
On Thu, Oct 8, 2020 at 10:34 AM Jakub Kicinski <kuba@kernel.org> wrote:
>
> On Wed, 7 Oct 2020 23:18:21 -0700 Cong Wang wrote:
> > This fixes an uninit-value warning:
> > BUG: KMSAN: uninit-value in can_receive+0x26b/0x630 net/can/af_can.c:650
> >
> > Reported-and-tested-by: syzbot+3f3837e61a48d32b495f@syzkaller.appspotmail.com
> > Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol")
> > Cc: Robin van der Gracht <robin@protonic.nl>
> > Cc: Oleksij Rempel <linux@rempel-privat.de>
> > Cc: Pengutronix Kernel Team <kernel@pengutronix.de>
> > Cc: Oliver Hartkopp <socketcan@hartkopp.net>
> > Cc: Marc Kleine-Budde <mkl@pengutronix.de>
> > Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
> > ---
> > net/can/j1939/transport.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/net/can/j1939/transport.c b/net/can/j1939/transport.c
> > index 0cec4152f979..88cf1062e1e9 100644
> > --- a/net/can/j1939/transport.c
> > +++ b/net/can/j1939/transport.c
> > @@ -580,6 +580,7 @@ sk_buff *j1939_tp_tx_dat_new(struct j1939_priv *priv,
> > skb->dev = priv->ndev;
> > can_skb_reserve(skb);
> > can_skb_prv(skb)->ifindex = priv->ndev->ifindex;
> > + can_skb_prv(skb)->skbcnt = 0;
> > /* reserve CAN header */
> > skb_reserve(skb, offsetof(struct can_frame, data));
>
> Thanks! Looks like there is another can_skb_reserve(skb) on line 1489,
> is that one fine?
I don't know, I only attempt to address the syzbot report. To me,
it at least does not harm to fix that one too. I am fine either way.
Thanks.
next prev parent reply other threads:[~2020-10-08 20:02 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-08 6:18 [Patch net] can: initialize skbcnt in j1939_tp_tx_dat_new() Cong Wang
2020-10-08 17:34 ` Jakub Kicinski
2020-10-08 20:02 ` Cong Wang [this message]
2020-10-08 21:47 ` Marc Kleine-Budde
2020-10-08 22:26 ` Jakub Kicinski
2020-10-09 6:15 ` Marc Kleine-Budde
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAM_iQpUBzszbhg0jr9aXZFwTOM0XXRo4rFoFEXPoLRoUw_4doQ@mail.gmail.com \
--to=xiyou.wangcong@gmail.com \
--cc=kernel@pengutronix.de \
--cc=kuba@kernel.org \
--cc=linux@rempel-privat.de \
--cc=mkl@pengutronix.de \
--cc=netdev@vger.kernel.org \
--cc=robin@protonic.nl \
--cc=socketcan@hartkopp.net \
--cc=syzbot+3f3837e61a48d32b495f@syzkaller.appspotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).