kaller.appspot.com/bug?id=9d2a7ca8c7f2e4b682c97578dfa3f236258300b3
Signed-off-by: Anmol Karn
---
Changes in v5:
- Free `dev` in rose_rx_call_request() and add NULL check for `dev`
before freeing it.
(Suggested-by: Jakub Kicinski )
Changes in v4:
- Free `dev`(on dev_hold()), when neigh-&g
On Sat, Nov 14, 2020 at 11:18:38AM -0800, Jakub Kicinski wrote:
> On Wed, 11 Nov 2020 22:29:54 +0530 Anmol Karn wrote:
> > rose_send_frame() dereferences `neigh->dev` when called from
> > rose_transmit_clear_request(), and the first occurrence of the
> > `neigh` is in
78dfa3f236258300b3
Signed-off-by: Anmol Karn
---
Changes in v4:
- Free `dev`(on dev_hold()), when neigh->dev is NULL. (Suggested-by:
Jakub Kicinski )
Changes in v3:
- Corrected checkpatch warnings and errors (Suggested-by: Saeed
Mahameed )
- Added "Fixes:&q
Hello Sir,
On Tue, Nov 10, 2020 at 09:58:15AM -0800, Jakub Kicinski wrote:
> On Sun, 8 Nov 2020 00:48:35 +0530 Anmol Karn wrote:
> > + dev = rose_dev_get(dest);
>
> this calls dev_hold internally, you never release that reference in
> case ..
78dfa3f236258300b3
Signed-off-by: Anmol Karn
---
Changes in v3:
- Corrected checkpatch warnings and errors (Suggested-by: Saeed
Mahameed )
- Added "Fixes:" tag (Suggested-by: Saeed Mahameed )
Changes in v2:
- Added NULL check in rose_loopback_timer() (
Hello,
Sorry for this wrong subject(It should be v3 instead of v2),
please ignore this patch.
I will send a new one with the corrected subject.
Thanks,
Anmol
On Sun, Nov 8, 2020 at 12:27 AM Anmol Karn wrote:
>
> rose_send_frame() dereferences `neigh->dev` when ca
78dfa3f236258300b3
Signed-off-by: Anmol Karn
---
Changes in v3:
- Corrected checkpatch warnings and errors (Suggested-by: Saeed
Mahameed )
- Added "Fixes:" tag (Suggested-by: Saeed Mahameed )
Changes in v2:
- Added NULL check in rose_loopback_timer() (
Hello Sir,
On Fri, Nov 06, 2020 at 01:04:27PM -0800, Saeed Mahameed wrote:
> On Thu, 2020-11-05 at 21:26 +0530, Anmol Karn wrote:
> > rose_send_frame() dereferences `neigh->dev` when called from
> > rose_transmit_clear_request(), and the first occurance of the
checking for `rose_loopback_neigh->dev` in
rose_loopback_timer().
Reported-and-tested-by: syzbot+a1c743815982d9496...@syzkaller.appspotmail.com
Link:
https://syzkaller.appspot.com/bug?id=9d2a7ca8c7f2e4b682c97578dfa3f236258300b3
Signed-off-by: Anmol Karn
---
net/rose/rose_loopback.c | 2 +-
1 file chang
On Sun, Nov 01, 2020 at 12:02:58PM +0100, Greg KH wrote:
> On Fri, Oct 30, 2020 at 04:24:13PM +0530, Anmol Karn wrote:
> > On Thu, Oct 15, 2020 at 05:50:51PM +0200, Greg KH wrote:
> > > On Thu, Oct 15, 2020 at 07:40:12PM +0530, Anmol Karn wrote:
> > > > On Thu, Oc
On Thu, Oct 15, 2020 at 05:50:51PM +0200, Greg KH wrote:
> On Thu, Oct 15, 2020 at 07:40:12PM +0530, Anmol Karn wrote:
> > On Thu, Oct 15, 2020 at 07:12:25AM +0200, Greg KH wrote:
> > > On Thu, Oct 15, 2020 at 05:47:12AM +0530, Anmol Karn wrote:
> > > > In rose_send_
On Thu, Oct 15, 2020 at 05:50:51PM +0200, Greg KH wrote:
> On Thu, Oct 15, 2020 at 07:40:12PM +0530, Anmol Karn wrote:
> > On Thu, Oct 15, 2020 at 07:12:25AM +0200, Greg KH wrote:
> > > On Thu, Oct 15, 2020 at 05:47:12AM +0530, Anmol Karn wrote:
> > > > In rose_send_
On Thu, Oct 15, 2020 at 07:12:25AM +0200, Greg KH wrote:
> On Thu, Oct 15, 2020 at 05:47:12AM +0530, Anmol Karn wrote:
> > In rose_send_frame(), when comparing two ax.25 addresses, it assigns
> > rose_call to
> > either global ROSE callsign or default port, but
ported-by: syzbot+a1c743815982d9496...@syzkaller.appspotmail.com
Link:
https://syzkaller.appspot.com/bug?id=9d2a7ca8c7f2e4b682c97578dfa3f236258300b3
Signed-off-by: Anmol Karn
---
I am bit sceptical about the error return code, please suggest if anything else
is
appropriate in place of '-ENODEV'.
ne
Hello sir,
On Sun, Oct 11, 2020 at 10:24 PM Jakub Kicinski wrote:
>
> On Sun, 11 Oct 2020 02:39:29 +0530 Anmol Karn wrote:
> > Flag ``ETHTOOL_A_STRSET_COUNTS_ONLY`` tells the kernel to only return the
> > string
> > counts of the sets, but, when req_info->counts_on
0
Signed-off-by: Anmol Karn
---
When I tried to reduce the index of tb[] by 1, the crash reproducer was not
working anymore,
hence it's probably reading from tb[ETHTOOL_A_STRSET_STRINGSETS], but this
won't give the
strset 'count' and hence is not a plausible fix. B
ectly.
Reported-and-tested-by: syzbot+9765367bb86a19d38...@syzkaller.appspotmail.com
Link: https://syzkaller.appspot.com/bug?extid=9765367bb86a19d38732
Signed-off-by: Anmol Karn
---
fs/jffs2/super.c | 4
1 file changed, 4 insertions(+)
diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
index 05d7
On Thu, Oct 1, 2020 at 2:58 PM Jan Kara wrote:
>
> On Thu 01-10-20 14:35:47, Anmol Karn wrote:
> > d_really_is_negative() checks for the dentry->d_inode whether it's NULL
> > or not, but in open_xa_root(), when it checks 'privroot->d_inode', it
> >
pspotmail.com
Link: https://syzkaller.appspot.com/bug?extid=9b33c9b118d77ff59b6f
Signed-off-by: Anmol Karn
---
fs/reiserfs/xattr.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c
index 28b241cd6987..a75480d0ee7e 100644
--- a/fs/reiserfs
On Thu, Oct 01, 2020 at 09:06:42AM +0200, Marcel Holtmann wrote:
> Hi Anmol,
>
> > AMP_MGR is getting derefernced in hci_phy_link_complete_evt(), when called
> > from hci_event_packet() and there is a possibility, that hcon->amp_mgr may
> > not be found when access
spotmail.com
Link: https://syzkaller.appspot.com/bug?extid=0bef568258653cff272f
Signed-off-by: Anmol Karn
---
Change in v3:
- changed return o; to return; (Reported-by: kernel test robot
)
net/bluetooth/hci_event.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/net/bluetooth/hci_event.c b/
spotmail.com
Link: https://syzkaller.appspot.com/bug?extid=0bef568258653cff272f
Signed-off-by: Anmol Karn
---
Cahnge in v2:
- Replaced IS_ERR_OR_NULL check with NULL check only (Suggested by: Dan
Carpenter )
- Added "Fixes:" tag (Suggested by: Dan Carpenter )
net/bluetooth/hci_e
mailing lists and developers
> (which will probably be different from the ones receiving this current
> thread).
>
My bad sir, will send it to the appropriate list.
Thanks
Anmol
On Mon, Sep 14, 2020 at 08:26:55PM +0100, Matthew Wilcox wrote:
> On Tue, Sep 15, 2020 at 12:17:55AM +0530, Anmol Karn wrote:
> > On Mon, Sep 14, 2020 at 12:08:03PM +0100, Matthew Wilcox wrote:
> > > On Mon, Sep 14, 2020 at 12:47:24PM +0530, Anmol Karn wrote:
> >
On Mon, Sep 14, 2020 at 12:08:03PM +0100, Matthew Wilcox wrote:
> On Mon, Sep 14, 2020 at 12:47:24PM +0530, Anmol Karn wrote:
> > idr_get_next() gives WARN_ON_ONCE() when it gets (id > INT_MAX) true
> > and this happens when syzbot does fuzzing, and that warning is
> > ex
ere hcon->amp_mgr is
> dereferenced. For example, amp_read_loc_assoc_final_data() seems to
> have a similar bug.
>
Sure sir will look into it.
> regards,
> dan carpenter
>
Thanks,
Anmol
lldir[64]: remove WARN_ON_ONCE() for bad
directory entries")
Reported-and-tested-by: syzbot+f7204dcf3df4bb4ce...@syzkaller.appspotmail.com
Link: https://syzkaller.appspot.com/bug?extid=f7204dcf3df4bb4ce42c
Signed-off-by: Anmol Karn
---
lib/idr.c | 2 +-
1 file changed, 1 insertion(+), 1 dele
On Thu, Sep 10, 2020 at 01:49:18PM +0300, Dan Carpenter wrote:
> On Thu, Sep 10, 2020 at 10:04:24AM +0530, Anmol Karn wrote:
> > Prevent hci_phy_link_complete_evt() from dereferencing 'hcon->amp_mgr'
> > as NULL. Fix it by adding pointer check for it.
> >
>
On Thu, Sep 10, 2020 at 01:49:18PM +0300, Dan Carpenter wrote:
> On Thu, Sep 10, 2020 at 10:04:24AM +0530, Anmol Karn wrote:
> > Prevent hci_phy_link_complete_evt() from dereferencing 'hcon->amp_mgr'
> > as NULL. Fix it by adding pointer check for it.
> >
>
On Wed, Sep 09, 2020 at 10:06:59PM -0700, Eric Biggers wrote:
> On Thu, Sep 10, 2020 at 10:04:24AM +0530, Anmol Karn wrote:
> > Prevent hci_phy_link_complete_evt() from dereferencing 'hcon->amp_mgr'
> > as NULL. Fix it by adding pointer check for it.
> >
>
Prevent hci_phy_link_complete_evt() from dereferencing 'hcon->amp_mgr'
as NULL. Fix it by adding pointer check for it.
Reported-and-tested-by: syzbot+0bef568258653cff2...@syzkaller.appspotmail.com
Link: https://syzkaller.appspot.com/bug?extid=0bef568258653cff272f
Signed-off-b
On Sun, Aug 30, 2020 at 07:30:10PM +0200, Greg KH wrote:
> On Sun, Aug 30, 2020 at 05:56:23PM +0530, Anmol Karn wrote:
> > On Sun, Aug 30, 2020 at 11:19:17AM +0200, Greg KH wrote:
> > > On Sat, Aug 29, 2020 at 10:27:12PM +0530, Anmol Karn wrote:
> > >
On Sun, Aug 30, 2020 at 11:19:17AM +0200, Greg KH wrote:
> On Sat, Aug 29, 2020 at 10:27:12PM +0530, Anmol Karn wrote:
> > Fix null pointer deref in hci_phy_link_complete_evt, there was no
> > checking there for the hcon->amp_mgr->l2cap_conn->hconn, and also
>
This patch corrected some mistakes from previous patch.
Reported-by: syzbot+0bef568258653cff2...@syzkaller.appspotmail.com
Link:
https://syzkaller.appspot.com/bug?id=0d93140da5a82305a66a136af99b088b75177b99
Signed-off-by: Anmol Karn
---
net/bluetooth/hci_core.c | 5 -
net/bluetooth/hci_event.c
Reported-by: syzbot+0bef568258653cff2...@syzkaller.appspotmail.com
Link:
https://syzkaller.appspot.com/bug?id=0d93140da5a82305a66a136af99b088b75177b99
Signed-off-by: Anmol Karn
---
net/bluetooth/hci_core.c | 4
net/bluetooth/hci_event.c | 4
2 files changed, 8 insertions(+)
diff --git a/n
From: Anmol
Fixed a issue related to struct file_operations which should normally be const.
Signed-off-by: Anmol
---
drivers/staging/android/ashmem.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/android/ashmem.c b/drivers/staging/android/ashmem.c
index
From: Anmol Sarma
Return inode creation time and stx_attributes flags
Signed-off-by: Anmol Sarma
---
fs/jfs/file.c | 24
fs/jfs/jfs_inode.h | 2 ++
fs/jfs/namei.c | 1 +
fs/jfs/symlink.c | 2 ++
4 files changed, 29 insertions(+)
diff --git a/fs/jfs
Update tcp.txt to fix mandatory congestion control ops and default
CCA selection. Also, fix comment in tcp.h for undo_cwnd.
Signed-off-by: Anmol Sarma
---
Documentation/networking/tcp.txt | 31 +--
include/net/tcp.h| 2 +-
2 files changed, 14
Fix sparse warnings for undeclared symbols not marked static like:
148:6: warning: symbol 'enqueue_mgmt' was not declared. Should it be static?
166:16: warning: symbol 'dequeue_mgmt' was not declared. Should it be static?
Signed-off-by: Anmol Sarma
---
...
Fixes the following sparse warning:
27:5: warning: symbol 'rtl8180_rates' was not declared. Should it be static?
Signed-off-by: Anmol Sarma
---
drivers/staging/rtl8187se/r8180_wx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/rtl8187se/r81
Fix sparse warnings for undeclared symbols not marked static like:
390:6: warning: symbol 'buffer_free' was not declared. Should it be static?
1031:5: warning: symbol 'ComputeTxTime' was not declared. Should it be static?
Signed-off-by: Anmol Sarma
---
drivers/staging/rt
Fix sparse warnings for undeclared symbols not marked static.
Anmol Sarma (3):
Staging: rtl8187se: r8180_core.c: mark symbols as static
Staging: rtl8187se: r8180_wx.c: make 'rtl8180_rates' static
Staging: rtl8187se: ieee80211: ieee80211_softmac.c: mark symbols as
static
...
Changed all user visible multi-line strings to single line.
Removed 'binder:' prefix on stings.
Signed-off-by: Anmol Sarma
---
drivers/staging/android/binder.c | 376 --
1 file changed, 153 insertions(+), 223 deletions(-)
diff --git a/drive
Changed all user visible multi-line strings to single line.
Removed 'binder:' prefix on stings.
Signed-off-by: Anmol Sarma
---
drivers/staging/android/binder.c | 370 --
1 file changed, 150 insertions(+), 220 deletions(-)
diff --git a/drive
Changed all user visible multi-line strings to single line.
Removed 'binder:' prefix on stings.
Signed-off-by: Anmol Sarma
---
drivers/staging/android/binder.c | 483 +-
1 file changed, 165 insertions(+), 318 deletions(-)
diff --git a/drive
Changed all user visible multi-line strings to single line.
Removed 'binder:' prefix on stings.
Signed-off-by: Anmol Sarma
---
drivers/staging/android/binder.c | 358 +++---
1 file changed, 143 insertions(+), 215 deletions(-)
diff --git a/drive
>From abe5f2d4a7424c446f5e41cf57b4783eb9a04ab9 Mon Sep 17 00:00:00 2001
From: Anmol Sarma
Date: Wed, 24 Oct 2012 12:57:35 +0530
Subject: [PATCH] Staging: android: binder: Strings cleanup
Changed all user visible multi-line strings to single line.
Removed 'binder:' prefix on stings
>From 949ecac6fcd58ffa6d02f6761058dbcfb1c2ba42 Mon Sep 17 00:00:00 2001
From: Anmol Sarma
Date: Tue, 23 Oct 2012 13:47:14 +0530
Subject: [PATCH] Staging: android: binder: Strings cleanup
Changed all user visible multi-line stings to single line.
Removed 'binder:' prefix on strings
Changed all user visible multi-line stings to single line.
Removed 'binder:' prefix on strings.
Signed-off-by: Anmol Sarma
---
drivers/staging/android/binder.c | 311 --
1 file changed, 127 insertions(+), 184 deletions(-)
diff --git a/drive
Changed all user visible multi-line stings to single line.
Signed-off-by: Anmol Sarma
---
drivers/staging/android/binder.c | 264 ++
1 file changed, 99 insertions(+), 165 deletions(-)
diff --git a/drivers/staging/android/binder.c b/drivers/staging/android
50 matches
Mail list logo
