AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-12-14 17:26:42 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
ca8f245f28
linux_dsm_epyc7002/drivers/media
History
Vito Caputo ca8f245f28 media: cxusb: detect cxusb_ctrl_msg error in query 
Don't use uninitialized ircode[] in cxusb_rc_query() when
cxusb_ctrl_msg() fails to populate its contents.

syzbot reported:

dvb-usb: bulk message failed: -22 (1/-30591)
=====================================================
BUG: KMSAN: uninit-value in ir_lookup_by_scancode drivers/media/rc/rc-main.c:494 [inline]
BUG: KMSAN: uninit-value in rc_g_keycode_from_table drivers/media/rc/rc-main.c:582 [inline]
BUG: KMSAN: uninit-value in rc_keydown+0x1a6/0x6f0 drivers/media/rc/rc-main.c:816
CPU: 1 PID: 11436 Comm: kworker/1:2 Not tainted 5.3.0-rc7+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events dvb_usb_read_remote_control
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x191/0x1f0 lib/dump_stack.c:113
 kmsan_report+0x13a/0x2b0 mm/kmsan/kmsan_report.c:108
 __msan_warning+0x73/0xe0 mm/kmsan/kmsan_instr.c:250
 bsearch+0x1dd/0x250 lib/bsearch.c:41
 ir_lookup_by_scancode drivers/media/rc/rc-main.c:494 [inline]
 rc_g_keycode_from_table drivers/media/rc/rc-main.c:582 [inline]
 rc_keydown+0x1a6/0x6f0 drivers/media/rc/rc-main.c:816
 cxusb_rc_query+0x2e1/0x360 drivers/media/usb/dvb-usb/cxusb.c:548
 dvb_usb_read_remote_control+0xf9/0x290 drivers/media/usb/dvb-usb/dvb-usb-remote.c:261
 process_one_work+0x1572/0x1ef0 kernel/workqueue.c:2269
 worker_thread+0x111b/0x2460 kernel/workqueue.c:2415
 kthread+0x4b5/0x4f0 kernel/kthread.c:256
 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:355

Uninit was stored to memory at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:150 [inline]
 kmsan_internal_chain_origin+0xd2/0x170 mm/kmsan/kmsan.c:314
 __msan_chain_origin+0x6b/0xe0 mm/kmsan/kmsan_instr.c:184
 rc_g_keycode_from_table drivers/media/rc/rc-main.c:583 [inline]
 rc_keydown+0x2c4/0x6f0 drivers/media/rc/rc-main.c:816
 cxusb_rc_query+0x2e1/0x360 drivers/media/usb/dvb-usb/cxusb.c:548
 dvb_usb_read_remote_control+0xf9/0x290 drivers/media/usb/dvb-usb/dvb-usb-remote.c:261
 process_one_work+0x1572/0x1ef0 kernel/workqueue.c:2269
 worker_thread+0x111b/0x2460 kernel/workqueue.c:2415
 kthread+0x4b5/0x4f0 kernel/kthread.c:256
 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:355

Local variable description: ----ircode@cxusb_rc_query
Variable was created at:
 cxusb_rc_query+0x4d/0x360 drivers/media/usb/dvb-usb/cxusb.c:543
 dvb_usb_read_remote_control+0xf9/0x290 drivers/media/usb/dvb-usb/dvb-usb-remote.c:261

Signed-off-by: Vito Caputo <vcaputo@pengaru.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: Sean Young <sean@mess.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>
2019-10-16 11:49:27 -03:00
..
cec media: cec: expose the new connector info API 2019-10-01 17:19:41 -03:00
common media: v4l2-tpg: add support for new pixelformats 2019-07-30 12:16:45 -04:00
dvb-core media: dvb-core: fix a memory leak bug 2019-08-21 18:39:54 -03:00
dvb-frontends media: dvb-frontends: Use DIV_ROUND_CLOSEST directly to make it readable 2019-10-16 11:47:14 -03:00
firewire media: firewire: Make structure fdtv_ca constant 2019-08-21 18:39:55 -03:00
i2c media: imx214: Add new control with V4L2_CID_UNIT_CELL_SIZE 2019-10-10 11:38:50 -03:00
mc media: mc-device.c: fix memleak in media_device_register_entity 2019-10-01 12:26:35 -03:00
mmc treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
pci media: cx18: make array mapping static, makes object smaller 2019-10-10 07:21:28 -03:00
platform media: ti-vpe: vpe: don't rely on colorspace member for conversion 2019-10-10 13:54:22 -03:00
radio media: don't do a 31 bit shift on a signed int 2019-08-26 14:11:10 -03:00
rc media: rc: add keymap for Tronsmart Vega S95/S96 remote 2019-10-16 11:48:28 -03:00
spi media: Clarify how menus are hidden by SUBDRV_AUTOSELECT 2019-08-19 12:00:29 -03:00
tuners media: tuners/qm1d1c0042: Use DIV_ROUND_CLOSEST directly to make it readable 2019-10-16 11:47:59 -03:00
usb media: cxusb: detect cxusb_ctrl_msg error in query 2019-10-16 11:49:27 -03:00
v4l2-core media: v4l2-common: add RGB565 and RGB55 to v4l2_format_info 2019-10-10 13:53:41 -03:00
Kconfig media: Clarify how menus are hidden by SUBDRV_AUTOSELECT 2019-08-19 12:00:29 -03:00
Makefile media: move drivers/media/media-* to drivers/media/mc/mc-* 2019-05-28 12:15:46 -04:00