Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp3208552yba;
        Sat, 18 May 2019 11:33:54 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxXhrN7OqJuzRL3Iao/eDBcTKJBsRMMenJ+3/X4u9dMudsKp2LUz8I5nbQHDQl6uca13n8K
X-Received: by 2002:a17:902:7592:: with SMTP id j18mr5183991pll.213.1558204434003;
        Sat, 18 May 2019 11:33:54 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1558204433; cv=none;
        d=google.com; s=arc-20160816;
        b=JGfaN82paC17UsBPRiMv12qgfAAWyehCT+x9+j5fXGi04cKjW2CWeirFoOC/R18Skm
         rja7uru3jWGTZAOHqiqyhWYmnfiJQFrOLU8Fn6r/Iv1zNI7HMHIYb3nm9Z0ZGaBs48ho
         ro+t5aL7s5WtcZYCYl0juWHmxSLIIMjzHgftqJGw8A8bsWG88QUxh9HK5Q5weIgDjcLn
         g1hagwqIBgR1JJMV/sfM6Nqvr1ai1+CFVZVy4cb70KjnctqjPZBJDSipKAjZnrWh8oK+
         qoFogcd9hWjarDM/4URHaN/s//K31AlbgGKuUBqUjFx6zgWHxaT5i4J3xoLWJgb7Wfwz
         4Ong==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:to:from:subject:message-id:in-reply-to
         :date:mime-version;
        bh=5UxPqyqpEqIg/qruEb6a7Im9QP9xMl5nRiEBDpgwPDQ=;
        b=UQPfqzj3o3CHs5NC+wNC8NEYFCVNSv+2KtgXhjz3jcjAtCjeqeaBaO1dv1XZP4KNN2
         QSEYtBr1ddDv+jm33Q8QN2HbCJaKjPgASF2FKZvmgVgpaW8UivgPMAApQaQ3wrpI9V/K
         sZYbpr1bCGFCawP/5JBmLPZSFDJYkdCRA8SVP2FQQJ/wEB6cm6petuEPdr8IptPqUtdw
         duHdZAKYQY13HNU/1k5YoloLWzfLP6wk2Iu05WYI87NpKXb7aIjIvePna5ef86PKnCIM
         eEFbTxjP0u2CyqUR9hFDmAbsDqU6N75oaVO7KfMuclLADw0FizGSA0XFuyDg4Myb93p6
         YYZg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-wireless-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com
Return-Path: <linux-wireless-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 31si9680530plc.80.2019.05.18.11.33.27;
        Sat, 18 May 2019 11:33:53 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-wireless-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-wireless-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729584AbfERSbB (ORCPT <rfc822;andy.lavr@gmail.com> + 99 others);
        Sat, 18 May 2019 14:31:01 -0400
Received: from mail-io1-f70.google.com ([209.85.166.70]:54795 "EHLO
        mail-io1-f70.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728037AbfERSbB (ORCPT
        <rfc822;linux-wireless@vger.kernel.org>);
        Sat, 18 May 2019 14:31:01 -0400
Received: by mail-io1-f70.google.com with SMTP id t7so8144404iof.21
        for <linux-wireless@vger.kernel.org>; Sat, 18 May 2019 11:31:01 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:date:in-reply-to:message-id:subject
         :from:to;
        bh=5UxPqyqpEqIg/qruEb6a7Im9QP9xMl5nRiEBDpgwPDQ=;
        b=PV7HVGF5IYG95tpTPT9SQFboruoQ21pCwIHFhL8kstB6HFdS+cGDqjvJ7xuVoYvGSn
         JnHjw2RYIW0BM1PGezQPTJC7zGdASgX3SbZTVXaes2wuYb6mS7wl0bPrli5SZY+8Wap4
         HfPnkCsohdymdZURCUDsGzT26Kr3DDQiJOCC357AuHD4Wrk5RFY4nWjBPBVUHCJB6qk9
         xd8G4pxBaI6jp3CuxX2w09VTkdu58wtL7rksivRwa+q60q7s+dHl/Adm2RsQzQq3eFqw
         6kXtawvloqJUu/a5sFXIQvFZvotwyQE0Jh64tT/0BfvjZe6Sk2zg1Ime1FAum9ZLBaN+
         ic8w==
X-Gm-Message-State: APjAAAWp+WetgbNsbXSxfN/cg09Ca27jwwGh2RFtHSZOIR2aajwfEec2
        5AdSQM0BVTWedMuHXNpElqLeql0+77S6s2Tmmn3O9oP6s+Od
MIME-Version: 1.0
X-Received: by 2002:a6b:4e17:: with SMTP id c23mr9854089iob.178.1558204260940;
 Sat, 18 May 2019 11:31:00 -0700 (PDT)
Date:   Sat, 18 May 2019 11:31:00 -0700
In-Reply-To: <Pine.LNX.4.44L0.1905181346380.10594-100000@netrider.rowland.org>
X-Google-Appengine-App-Id: s~syzkaller
X-Google-Appengine-App-Id-Alias: syzkaller
Message-ID: <00000000000076047305892db3f2@google.com>
Subject: Re: KASAN: use-after-free Read in p54u_load_firmware_cb
From:   syzbot <syzbot+200d4bb11b23d929335f@syzkaller.appspotmail.com>
To:     andreyknvl@google.com, chunkeey@gmail.com, chunkeey@googlemail.com,
        davem@davemloft.net, kvalo@codeaurora.org,
        linux-kernel@vger.kernel.org, linux-usb@vger.kernel.org,
        linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
        oneukum@suse.com, stern@rowland.harvard.edu,
        syzkaller-bugs@googlegroups.com
Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes
Sender: linux-wireless-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-wireless.vger.kernel.org>
X-Mailing-List: linux-wireless@vger.kernel.org

Hello,

syzbot has tested the proposed patch and the reproducer did not trigger  
crash:

Reported-and-tested-by:  
syzbot+200d4bb11b23d929335f@syzkaller.appspotmail.com

Tested on:

commit:         43151d6c usb-fuzzer: main usb gadget fuzzer driver
git tree:       https://github.com/google/kasan.git usb-fuzzer
kernel config:  https://syzkaller.appspot.com/x/.config?x=4183eeef650d1234
compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
patch:          https://syzkaller.appspot.com/x/patch.diff?x=17e42018a00000

Note: testing is done by a robot and is best-effort only.