Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp24416pxb;
        Tue, 12 Apr 2022 15:45:13 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzd3Vo6N19fEiCUQg4ZsLnQLriEMzfh1jzqBzVGkYIe4e1hYbdNuC/3a0ScznPxvRKOUV5c
X-Received: by 2002:a17:90b:4a0f:b0:1cb:a7a9:3d5b with SMTP id kk15-20020a17090b4a0f00b001cba7a93d5bmr7590285pjb.158.1649803512932;
        Tue, 12 Apr 2022 15:45:12 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1649803512; cv=none;
        d=google.com; s=arc-20160816;
        b=OYy1OpRqh3tPhzdKhy/D3fqPn9Bqrgdi7FUQ/i0Ki9BD6pS9gM0NnwlROCO+BUz8qU
         TupgXlb6v1COUrvf1KIs4RroaIb8N866O1TWh7eN18y6nMTxZhd1YUh/lMYDtu5b8Vbg
         z6INuRn32zk4hvtjHGVbtcV6nSGNibC1g3tWO1D5ZTOpzwCSmVFLB/0lgm8RRucbtpig
         C3TRHNwgEp8JwXc/VHcLbaY/O45yGyYDToUXDQ2wjeNlIJ01Q7fo3FjOXhtqMW+rGh2z
         7z5QGwPvfaOf4kJefOXkoBTUM0PahBl4zQr1F8MH78MNY33j56APHVHH8iIRHnBZ3OXH
         SIKw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=D61e5PhtFJPcIJdrPl1gSUgNp3pemKHhA66zJEsV9FM=;
        b=rS1n+/8FCO7d6qIV0MvWs1O3Y8s7PN2fGR6afbx9w+7a/EORoOXMfgloEo58XNoeSi
         KAQJ2TvE1FefGtXWWqp2OSsO2BPt0A44pSo2l3umcMKyDHSK/tC+0TQwd4P3IAP1k2Ic
         3wOUXxxiwR9MkHZrqDKnBfr89aNBgu5HZgetLeiU9GLliYAuX+UvKaRRv0lHk54RdlVt
         v7HOxTdgWsqebU2V2m5rxrw2KEwIaZiYXxXtanvUjZ8OV5FSiTrs3zmngpqSR79dooXG
         OwsV07+L19o/oFkIM+Y9gSVFc0xc+Fxi2jfXfaqKfWqlTsK8ALoXxfWNc6n5Qkpp53ow
         Hk+Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20210112 header.b=A4Jk68wM;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18])
        by mx.google.com with ESMTPS id pv12-20020a17090b3c8c00b001cbb0d0badbsi4489855pjb.111.2022.04.12.15.45.12
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 12 Apr 2022 15:45:12 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20210112 header.b=A4Jk68wM;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by lindbergh.monkeyblade.net (Postfix) with ESMTP id 3B5A91B48DC;
	Tue, 12 Apr 2022 14:26:11 -0700 (PDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345729AbiDKKtV (ORCPT <rfc822;2014014876lha@gmail.com>
        + 99 others); Mon, 11 Apr 2022 06:49:21 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43688 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231561AbiDKKtS (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 11 Apr 2022 06:49:18 -0400
Received: from mail-pl1-x632.google.com (mail-pl1-x632.google.com [IPv6:2607:f8b0:4864:20::632])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 11D7A43ECC
        for <linux-kernel@vger.kernel.org>; Mon, 11 Apr 2022 03:47:05 -0700 (PDT)
Received: by mail-pl1-x632.google.com with SMTP id n18so13495747plg.5
        for <linux-kernel@vger.kernel.org>; Mon, 11 Apr 2022 03:47:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=D61e5PhtFJPcIJdrPl1gSUgNp3pemKHhA66zJEsV9FM=;
        b=A4Jk68wM4X0r58C8JBY86tyj7B6qU/KA0BUvsUrgdYgeFSQPF/0L6mUWUGtpL9BWoh
         QT53llRS+5kFsvzwsiKgwEeik+Gr7+6FILNA889tzzx782qbFHbldXEfpy+2w4FUV9b7
         wF7XLqNylZxxCrW2P+3TGcYkQr+ybttO/B3tlzpFA/sDnth1BB1TjRMDVOe1rF91M/4t
         e4PgtHKnbCbzLxY8uTPe0XKjEmI2yj2g6l+qPmaw0n45MFHQqgVDXqQKzw+Nj6H0onZV
         q8vynE1L6tPyHigNfK6p3VrWNI/aF0ppwdv0m01vwSAbe4IROB/M3B3y2VZ2oGDy2Y39
         fdGg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=D61e5PhtFJPcIJdrPl1gSUgNp3pemKHhA66zJEsV9FM=;
        b=167DMPAGXrRWuP898w43yJ2gWL2wrjQpnlMtSySFPYuQ2o/UsGxSqPr3reUcor5/W4
         9YCk6TAfVCaeZA4hTMZkLklhk82sypllTRHZylsJyJPQI+vAX7vDV+9Dzn/+v6UmBOMy
         Wuu8xRPA4BgVZbDZ1wv3LcG+/lA/M07BYurXuWDh1pweOT9nr2y6UuBQ7Cf2aXvVKuIH
         FxU4SXABjkr/8s5DrsjFVrY7NLq9kmYXMjnNfsTVHa0M/NzAzlf6CNtuNUGxaB+FmnXo
         se7EBItzM89g6uAzp3x/zc4wIuHaCmRedpwVrzEAeCUb6o3A3hYHLu8edrl+Cg1Wh11Z
         RDig==
X-Gm-Message-State: AOAM5329uVXxOYBME3qwZIa4HFJHnLGpOQ9OTEDUR4s1z7LkFku99YHL
        GuYvUHcpgzLskjMH1hHgZSc9CBmg58wfP/jWKg==
X-Received: by 2002:a17:90b:1803:b0:1c7:24c4:ab52 with SMTP id
 lw3-20020a17090b180300b001c724c4ab52mr35530871pjb.240.1649674024416; Mon, 11
 Apr 2022 03:47:04 -0700 (PDT)
MIME-Version: 1.0
References: <20220410114814.3920474-1-zheyuma97@gmail.com> <f9e0d516-d3a7-c0bf-f673-2a4c3dd9184d@kernel.org>
In-Reply-To: <f9e0d516-d3a7-c0bf-f673-2a4c3dd9184d@kernel.org>
From:   Zheyu Ma <zheyuma97@gmail.com>
Date:   Mon, 11 Apr 2022 18:46:53 +0800
Message-ID: <CAMhUBjkhJ2GvuNVH_9b9mm0d8NwS9Jmf51i8RHdfLLpsR=V5HQ@mail.gmail.com>
Subject: Re: [PATCH] tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
To:     Jiri Slaby <jirislaby@kernel.org>
Cc:     Greg KH <gregkh@linuxfoundation.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RDNS_NONE,
	SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Apr 11, 2022 at 6:13 PM Jiri Slaby <jirislaby@kernel.org> wrote:
>
> On 10. 04. 22, 13:48, Zheyu Ma wrote:
> > When the driver fails at alloc_hdlcdev(), and then we remove the driver
> > module, we will get the following splat:
> >
> > [   25.065966] general protection fault, probably for non-canonical address 0xdffffc0000000182: 0000 [#1] PREEMPT SMP KASAN PTI
> > [   25.066914] KASAN: null-ptr-deref in range [0x0000000000000c10-0x0000000000000c17]
> > [   25.069262] RIP: 0010:detach_hdlc_protocol+0x2a/0x3e0
> > [   25.077709] Call Trace:
> > [   25.077924]  <TASK>
> > [   25.078108]  unregister_hdlc_device+0x16/0x30
> > [   25.078481]  slgt_cleanup+0x157/0x9f0 [synclink_gt]
> >
> > Fix this by checking whether the 'info->netdev' is a null pointer first.
>
> Hi,
>
> LGTM
>
> Reviewed-by: Jiri Slaby <jirislaby@kernel.org>
>
> Out of curiosity, do you use the driver, or you only do some static
> analysis?

In fact, neither. I test the driver via fuzzing in a simulated environment.

Zheyu Ma