Re: [PATCH] media: vidtv: fix uninitialized args.buf_sz passed by value

Next message: Andy Shevchenko: "Re: [PATCH 1/7] iio: frequency: adrf6780: use dev_err_probe in probe path"
Previous message: George Moussalem: "Re: [PATCH v10 4/6] arm64: dts: qcom: ipq5018: add nodes to bring up q6"
In reply to: Ding Yihan: "Re: [PATCH] media: vidtv: fix uninitialized args.buf_sz passed by value"
Next in thread: Abd-Alrhman Masalkhi: "Re: [PATCH] media: vidtv: fix uninitialized args.buf_sz passed by value"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Thomas Weißschuh

Date: Fri Feb 20 2026 - 08:57:27 EST

Hi Yihan Ding,

On Fri, Feb 20, 2026 at 09:39:45PM +0800, Ding Yihan wrote:
> While looking into this exact same syzbot report, I noticed that
> `vidtv_ts_pcr_write_into()` in the same file also suffers from the
> exact same pass-by-value anti-pattern (passing `struct pcr_write_args` by value).

Good catch.

> Since `pcr_write_args` also contains implicit padding, it remains a potential trigger
> for identical KMSAN uninit-value warnings during fuzzing in the future.

The fact that the report is about implicit padding is valuable information.
It should be part of the commit message.

> Also, regarding Thomas's concern about modifying shared data: passing the struct
> as a `const pointer` (e.g., `const struct null_packet_write_args *`)
> would perfectly guarantee that the state remains read-only.

Agreed.

> Thomas, would it be worth submitting a separate patch now to fix
> `vidtv_ts_pcr_write_into()` to prevent future KMSAN errors? Or would you
> prefer this to be addressed together in Abd-Alrhman's v2?

Doing it together sounds better. This is not urgent anyways in my opinion.
But on the other hand I am just a random guy whose commit got wrongly blamed
in the original Fixes tag and I don't know anything about this subsystem.

Thomas