lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 3 Feb 2024 08:07:56 -0800
From: Guenter Roeck <linux@...ck-us.net>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
 Daniel Díaz <daniel.diaz@...aro.org>
Cc: stable@...r.kernel.org, patches@...ts.linux.dev,
 linux-kernel@...r.kernel.org, torvalds@...ux-foundation.org,
 akpm@...ux-foundation.org, shuah@...nel.org, patches@...nelci.org,
 lkft-triage@...ts.linaro.org, pavel@...x.de, jonathanh@...dia.com,
 f.fainelli@...il.com, sudipm.mukherjee@...il.com, srw@...dewatkins.net,
 rwarsow@....de, conor@...nel.org, allen.lkml@...il.com,
 mathias.nyman@...ux.intel.com
Subject: Re: [PATCH 6.1 000/219] 6.1.77-rc1 review

On 2/3/24 07:42, Greg Kroah-Hartman wrote:
> On Sat, Feb 03, 2024 at 12:23:33AM -0600, Daniel Díaz wrote:
>> Hello!
>>
>> On 02/02/24 10:02 p. m., Greg Kroah-Hartman wrote:
>>> This is the start of the stable review cycle for the 6.1.77 release.
>>> There are 219 patches in this series, all will be posted as a response
>>> to this one.  If anyone has any issues with these being applied, please
>>> let me know.
>>>
>>> Responses should be made by Mon, 05 Feb 2024 03:51:47 +0000.
>>> Anything received after that time might be too late.
>>>
>>> The whole patch series can be found in one patch at:
>>> 	https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.77-rc1.gz
>>> or in the git tree and branch at:
>>> 	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y
>>> and the diffstat can be found below.
>>>
>>> thanks,
>>>
>>> greg k-h
>>
>> We're seeing lots of build problems and warnings with Clang 17 and Clang nightly:
>>
>> -----8<-----
>>    /builds/linux/drivers/usb/host/xhci.c:1684:37: error: variable 'slot_id' is uninitialized when used here [-Werror,-Wuninitialized]
>>     1684 |                         ret = xhci_check_maxpacket(xhci, slot_id,
>>          |                                                          ^~~~~~~
>>    /builds/linux/drivers/usb/host/xhci.c:1652:22: note: initialize the variable 'slot_id' to silence this warning
>>     1652 |         unsigned int slot_id, ep_index;
>>          |                             ^
>>          |                              = 0
>>    1 error generated.
>>    make[5]: *** [/builds/linux/scripts/Makefile.build:250: drivers/usb/host/xhci.o] Error 1
>> ----->8-----
>>
>> Bisection points to:
>>
>>    commit 37ef029fe9a5639f12250f75f5d1594c6a11e181
>>    Author: Mathias Nyman <mathias.nyman@...ux.intel.com>
>>    Date:   Fri Dec 1 17:06:47 2023 +0200
>>
>>        xhci: fix possible null pointer deref during xhci urb enqueue
>>        [ Upstream commit e2e2aacf042f52854c92775b7800ba668e0bdfe4 ]
>>
>> Reverting the patch makes the build pass.
> 
> Thanks, will drop.  Odd that gcc doesn't catch this as well :(
> 

I have never been able to track down the reason, but gcc on many if not
most architectures doesn't catch problems like this. I often see a warning
pointing to a real problem on, say, parisc builds but not elsewhere, even
though the compiler version is the same.

The above problem is seen because commit e34900f46cd6 ("xhci: Reconfigure
endpoint 0 max packet size only during endpoint reset") removed the call
to xhci_check_maxpacket(), but that commit is not in stable releases.

Guenter


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ