On Sat, Sep 09, 2023 at 10:36:53AM -0400, Alan Stern wrote:
> On Sat, Sep 09, 2023 at 06:28:12AM +0000, Yuran Pereira wrote:
> > Hello Alan,
> >
> > Thank you for elucidating that.
> >
> > So, this bug is present on the mainline tree which is where syzkaller
> > found it. My patch was also based on the mainline tree.
> >
> > I just ran the same reproducer against a kernel compiled from the usb
> > tree, and, as you suggested, the test you mentioned does in fact,
> > prevent the bug from occurring.
> >
> > Please forgive my ignorance; I am a new contributor to the community.
> > But in this situation how should I proceed? Is there even a need to
> > submit a patch, or will the code currently present in the usb tree
> > eventually be reflected in the mainline?
>
> The first step is to find the difference between the mainline and USB
> trees that is responsible for this change in behavior. A quick check of
> the Git logs shows that the change was caused by commit d21fdd07cea4
> ("driver core: Return proper error code when dev_set_name() fails"),
> written by Andy Shevchenko. As a result of this commit, the code in
> device_add() now says:
>
> if (dev_name(dev))
> error = 0;
> /* subsystems can specify simple device enumeration */
> else if (dev->bus && dev->bus->dev_name)
> error = dev_set_name(dev, "%s%u", dev->bus->dev_name, dev->id);
> if (error)
> goto name_error;
>
> This obviously omits a final "else" clause; it should say:
>
> if (dev_name(dev))
> error = 0;
> /* subsystems can specify simple device enumeration */
> else if (dev->bus && dev->bus->dev_name)
> error = dev_set_name(dev, "%s%u", dev->bus->dev_name, dev->id);
> + else
> + error = -EINVAL;
> if (error)
> goto name_error;
And:
https://lore.kernel.org/r/20230828145824.3895288-1-andriy.shevchenko@xxxxxxxxxxxxxxx
is the fix for this which will show up in time for 6.6-final.
thanks,
greg k-h
