On Tue, Dec 01, 2020 at 10:59:06AM +0100, Greg KH wrote: > On Tue, Dec 01, 2020 at 05:47:02PM +0800, Hillf Danton wrote: > > On Tue, 01 Dec 2020 01:21:27 -0800 > > > syzbot found the following issue on: > > > > > > HEAD commit: c84e1efa Merge tag 'asm-generic-fixes-5.10-2' of git://git.. > > > git tree: upstream > > > console output: https://syzkaller.appspot.com/x/log.txt?x=14a98565500000 > > > kernel config: https://syzkaller.appspot.com/x/.config?x=7be70951fca93701 > > > dashboard link: https://syzkaller.appspot.com/bug?extid=dbec6695a6565a9c6bc0 > > > compiler: clang version 11.0.0 (https://github.com/llvm/llvm-project.git ca2dcbd030eadbf0aa9b660efe864ff08af6e18b) > > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17c607f1500000 > > > > > > IMPORTANT: if you fix the issue, please add the following tag to the commit: > > > Reported-by: syzbot+dbec6695a6565a9c6bc0@xxxxxxxxxxxxxxxxxxxxxxxxx > > > > > > usb 1-1: string descriptor 0 read error: -32 > > > ------------[ cut here ]------------ > > > URB 000000005c26bc1e submitted while active > > Clear urb before putting it in use. > > > > --- a/drivers/nfc/port100.c > > +++ b/drivers/nfc/port100.c > > @@ -1525,7 +1525,7 @@ static int port100_probe(struct usb_inte > > } > > > > dev->in_urb = usb_alloc_urb(0, GFP_KERNEL); > > - dev->out_urb = usb_alloc_urb(0, GFP_KERNEL); > > + dev->out_urb = usb_alloc_urb(0, GFP_KERNEL | __GFP_ZERO); > > > > if (!dev->in_urb || !dev->out_urb) { > > nfc_err(&interface->dev, "Could not allocate USB URBs\n"); > > How does this solve a warning in the USB core about a string descriptor > error? Greg, you misread the bug report. The problem wasn't the string descriptor read error; it was URB submitted while active. More to the point, adding __GFP_ZERO to the usb_alloc_urb call won't fix anything, because usb_alloc_urb calls usb_init_urb, which already does a memset. Alan Stern
