Re: [PATCH] usb: core: urb: change a dev_WARN() to dev_err() for syzbot

From: Johan Hovold
Date: Fri Jan 31 2020 - 08:30:05 EST

Next message: Bartlomiej Zolnierkiewicz: "Re: [PATCH 3/3] ARM: exynos_defconfig: Enable Energy Model framework"
Previous message: Felipe Balbi: "Re: [PATCH v3 10/19] usb: dwc3: Add support for role-switch-default-mode binding"
In reply to: Dan Carpenter: "[PATCH] usb: core: urb: change a dev_WARN() to dev_err() for syzbot"
Next in thread: Dan Carpenter: "Re: [PATCH] usb: core: urb: change a dev_WARN() to dev_err() for syzbot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jan 31, 2020 at 08:06:52AM +0300, Dan Carpenter wrote:
> We changed this from dev_err() to dev_WARN() in commit 0cb54a3e47cb
> ("USB: debugging code shouldn't alter control flow").
>
> The difference between dev_WARN() and dev_err() is that dev_WARN()
> prints a stack trace and if you have panic on OOPS enabled then it leads
> to a panic. The dev_err() function just prints the error message.
>
> Back in the day we didn't have usb emulators fuzz testing the kernel
> so dev_WARN() didn't cause a problem for anyone, but these days the
> dev_WARN() interferes with syzbot so let's change this to a dev_err().

The commit you refer to did more than just change dev_err() to
dev_WARN(); it also stopped returning an error in case a driver
submitted an URB for an endpoint of the wrong type. At that point in
time all this was dependent on CONFIG_USB_DEBUG however.

> Reported-by: syzbot+1bc2c2afd44f820a669f@xxxxxxxxxxxxxxxxxxxxxxxxx
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> ---
>
> drivers/usb/core/urb.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/usb/core/urb.c b/drivers/usb/core/urb.c
> index da923ec17612..0980c1d2253d 100644
> --- a/drivers/usb/core/urb.c
> +++ b/drivers/usb/core/urb.c
> @@ -475,7 +475,7 @@ int usb_submit_urb(struct urb *urb, gfp_t mem_flags)
>
> /* Check that the pipe's type matches the endpoint's type */
> if (usb_urb_ep_type_check(urb))
> - dev_WARN(&dev->dev, "BOGUS urb xfer, pipe %x != type %x\n",
> + dev_err(&dev->dev, "BOGUS urb xfer, pipe %x != type %x\n",
> usb_pipetype(urb->pipe), pipetypes[xfertype]);
>
> /* Check against a simple/standard policy */

It seems this change would just be papering over these driver bugs. The
dev_WARN() is there in the first place to allow us to catch them.

Even if it takes some work, it should be doable to track down and add
the missing sanity checks to the drivers that lack them. Some have
already been fixed, and I have some more pending patches to fix or add
helpers to simplify fixing the remaining ones.

Johan

Next message: Bartlomiej Zolnierkiewicz: "Re: [PATCH 3/3] ARM: exynos_defconfig: Enable Energy Model framework"
Previous message: Felipe Balbi: "Re: [PATCH v3 10/19] usb: dwc3: Add support for role-switch-default-mode binding"
In reply to: Dan Carpenter: "[PATCH] usb: core: urb: change a dev_WARN() to dev_err() for syzbot"
Next in thread: Dan Carpenter: "Re: [PATCH] usb: core: urb: change a dev_WARN() to dev_err() for syzbot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]