Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp2285783pxa; Mon, 17 Aug 2020 06:08:09 -0700 (PDT) X-Google-Smtp-Source: ABdhPJznsfnLOpggIvrWKLKDOaT75KSf81YdqxuD2+XGqMqMwAnfWXIh4RDPx60EiLYu1sj+7moM X-Received: by 2002:a17:906:e24f:: with SMTP id gq15mr14882900ejb.46.1597669688799; Mon, 17 Aug 2020 06:08:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1597669688; cv=none; d=google.com; s=arc-20160816; b=vpWiWatfqd+smNr979sSMWI+FhvVWbwGskEWVnT4PNLWPbZr95q8RPuBp/RiAHpzfg 8I7mB11jV8uuLp419xnw9b5sXVK1Q3UQBGk0r9HuI0ME6ZUmqZ2wnRBLyGWjspWXjpdK mq00PpRcdajorkB9iNCehM0bckdko8pOwpWPRthWaiiVetr8gTL2s3aI4oENNxW6p6/h oqQP6syNsbZjiJq41BJwVgtvp0cMvk+CSuIQgm9imJSTUFFudVL+0Q80TKSfPEgcYGx7 saMhuivx0UgHHjrBum0YHjOxaf9KrKtjJ6ktO9OcGwxmQUMgXSGVnmc1vAZRC3MwqLbO TcpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=o6YxgKfFgkx8xDeEmjAnQHIvU5EJsYk/59EtntkDd+w=; b=vRO7n9CXAsaOv87YPJuZ7je7HochE4+K+1I6d+bWaNbfXpQzCiXysCg6xJBzUQHRFt VplKULs8xRG41Fg4zORvYyTSy0/d4YgfeOrQavBoModJAMZH93/VhltQfNEMlljx6PDU A/CP6WPD7dIWqWeYkdbp6tVhC5BJFsXbkThp/bE+uGqMcZo6f2hIVxP7orCBebh9owcP BmurlmmCsfjFZGxApuyVJulrXojoRMWd9zzao0rAruZxFGWZWL05xtA6YwuzyOTUfHqq aodVkyORBrWcoxq7WiJALTFHYI7juxk8jrKrqOlt8hXvwsmbSFEu61xaytNpPL8nFxxM mfrg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bz27si11167745ejc.415.2020.08.17.06.07.44; Mon, 17 Aug 2020 06:08:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728555AbgHQNHI (ORCPT + 99 others); Mon, 17 Aug 2020 09:07:08 -0400 Received: from www262.sakura.ne.jp ([202.181.97.72]:57353 "EHLO www262.sakura.ne.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728530AbgHQNGp (ORCPT ); Mon, 17 Aug 2020 09:06:45 -0400 Received: from fsav404.sakura.ne.jp (fsav404.sakura.ne.jp [133.242.250.103]) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 07HD6GQK065030; Mon, 17 Aug 2020 22:06:16 +0900 (JST) (envelope-from penguin-kernel@i-love.sakura.ne.jp) Received: from www262.sakura.ne.jp (202.181.97.72) by fsav404.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav404.sakura.ne.jp); Mon, 17 Aug 2020 22:06:16 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav404.sakura.ne.jp) Received: from [192.168.1.9] (M106072142033.v4.enabler.ne.jp [106.72.142.33]) (authenticated bits=0) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 07HD6A2e065007 (version=TLSv1.2 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 17 Aug 2020 22:06:16 +0900 (JST) (envelope-from penguin-kernel@i-love.sakura.ne.jp) Subject: Re: [PATCH] mwifiex: don't call del_timer_sync() on uninitialized timer To: Ganapathi Bhat Cc: Brian Norris , amit karwar , andreyknvl@google.com, "David S. Miller" , Dmitry Vyukov , Xinming Hu , Kalle Valo , Linux Kernel , Linux USB Mailing List , linux-wireless , netdev@vger.kernel.org, Nishant Sarmukadam , syzbot+dc4127f950da51639216@syzkaller.appspotmail.com, syzkaller-bugs@googlegroups.com, syzbot References: <1595900652-3842-1-git-send-email-penguin-kernel@I-love.SAKURA.ne.jp> From: Tetsuo Handa Message-ID: <45dd8b7c-584d-40dc-342a-6d894e0e68c8@i-love.sakura.ne.jp> Date: Mon, 17 Aug 2020 22:06:07 +0900 User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-wireless-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org Ganapathi, how do you want to fix this bug? On 2020/07/29 3:45, Brian Norris wrote: >> syzbot is reporting that del_timer_sync() is called from >> mwifiex_usb_cleanup_tx_aggr() from mwifiex_unregister_dev() without >> checking timer_setup() from mwifiex_usb_tx_init() was called [1]. >> Since mwifiex_usb_prepare_tx_aggr_skb() is calling del_timer() if >> is_hold_timer_set == true, use the same condition for del_timer_sync(). >> >> [1] https://syzkaller.appspot.com/bug?id=fdeef9cf7348be8b8ab5b847f2ed993aba8ea7b6 >> >> Reported-by: syzbot >> Cc: Ganapathi Bhat >> Signed-off-by: Tetsuo Handa >> --- >> A patch from Ganapathi Bhat ( https://patchwork.kernel.org/patch/10990275/ ) is stalling >> at https://lore.kernel.org/linux-usb/MN2PR18MB2637D7C742BC235FE38367F0A09C0@MN2PR18MB2637.namprd18.prod.outlook.com/ . >> syzbot by now got this report for 10000 times. Do we want to go with this simple patch? > > Sorry, that stall is partly my fault, and partly Ganapathi's. It > doesn't help that it took him 4 months to reply to my questions, so I > completely lost even the tiny bit of context I had managed to build up > in my head at initial review time... and so it's still buried in the > dark corners of my inbox. (I think I'll go archive that now, because > it really deserves a better sell than it had initially, if Ganapathi > really wants to land it.)