When nci_rx_work() receives a zero-length payload packet, it should not
discard the packet and exit the loop. Instead, it should continue
processing subsequent packets.

Fixes: d24b03535e5e ("nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet")
Signed-off-by: Ryosuke Yasuoka <ryasuoka@redhat.com>
---
v3
- Remove inappropriate Reported-by tag

v2
- Fix commit msg to be clearer to say
- Remove inappropriate Closes tag

 net/nfc/nci/core.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
index 7a9897fbf4f4..f456a5911e7d 100644
--- a/net/nfc/nci/core.c
+++ b/net/nfc/nci/core.c
@@ -1531,8 +1531,7 @@ static void nci_rx_work(struct work_struct *work)
 
 		if (!nci_valid_size(skb)) {
 			kfree_skb(skb);
-			kcov_remote_stop();
-			break;
+			continue;
 		}
 
 		/* Process frame */
-- 
2.44.0

On 21/05/2024 17:34, Ryosuke Yasuoka wrote:
> When nci_rx_work() receives a zero-length payload packet, it should not
> discard the packet and exit the loop. Instead, it should continue
> processing subsequent packets.
> 
> Fixes: d24b03535e5e ("nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet")
> Signed-off-by: Ryosuke Yasuoka <ryasuoka@redhat.com>
> ---
> v3

Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>

Best regards,
Krzysztof

On Wed, May 22, 2024 at 12:34:42AM +0900, Ryosuke Yasuoka wrote:
> When nci_rx_work() receives a zero-length payload packet, it should not
> discard the packet and exit the loop. Instead, it should continue
> processing subsequent packets.
> 
> Fixes: d24b03535e5e ("nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet")
> Signed-off-by: Ryosuke Yasuoka <ryasuoka@redhat.com>
> ---
> v3
> - Remove inappropriate Reported-by tag
> 
> v2
> - Fix commit msg to be clearer to say
> - Remove inappropriate Closes tag

Reviewed-by: Simon Horman <horms@kernel.org>