kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #95070
[Bug 1393355] Re: Issue with msgrcv in a 32-bit application and -ve argument
This bug was fixed in the package linux - 3.13.0-41.70
---------------
linux (3.13.0-41.70) trusty; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1396112
[ Chris J Arges ]
* [Config] CONFIG_SCOM_DEBUGFS=y for powerpc/powerpc64-smp
ppc64el/generic
- LP: #1395855
[ Upstream Kernel Changes ]
* Revert "KVM: x86: Handle errors when RIP is set during far jumps"
- LP: #1393477
* Revert "net/macb: add pinctrl consumer support"
- LP: #1393477
* Revert "iwlwifi: mvm: treat EAPOLs like mgmt frames wrt rate"
- LP: #1393477
* Revert "ipmi: simplify locking"
- LP: #1383921
* ACPI / blacklist: add Win8 OSI quirks for some Dell laptop models
- LP: #1339456
* ACPI / battery: Accelerate battery resume callback
- LP: #838543
* tools: cpu-hotplug fix unexpected operator error
* netlink: reset network header before passing to taps
- LP: #1393477
* rtnetlink: fix VF info size
- LP: #1393477
* myri10ge: check for DMA mapping errors
- LP: #1393477
* tcp: don't use timestamp from repaired skb-s to calculate RTT (v2)
- LP: #1393477
* sit: Fix ipip6_tunnel_lookup device matching criteria
- LP: #1393477
* tcp: fix tcp_release_cb() to dispatch via address family for
mtu_reduced()
- LP: #1393477
* tcp: fix ssthresh and undo for consecutive short FRTO episodes
- LP: #1393477
* packet: handle too big packets for PACKET_V3
- LP: #1393477
* openvswitch: fix panic with multiple vlan headers
- LP: #1393477
* vxlan: fix incorrect initializer in union vxlan_addr
- LP: #1393477
* l2tp: fix race while getting PMTU on PPP pseudo-wire
- LP: #1393477
* bonding: fix div by zero while enslaving and transmitting
- LP: #1393477
* bridge: Check if vlan filtering is enabled only once.
- LP: #1393477
* bridge: Fix br_should_learn to check vlan_enabled
- LP: #1393477
* net: allow macvlans to move to net namespace
- LP: #1393477
* tg3: Work around HW/FW limitations with vlan encapsulated frames
- LP: #1393477
* tg3: Allow for recieve of full-size 8021AD frames
- LP: #1393477
* xfrm: Generate blackhole routes only from route lookup functions
- LP: #1393477
* xfrm: Generate queueing routes only from route lookup functions
- LP: #1393477
* macvtap: Fix race between device delete and open.
- LP: #1393477
* gro: fix aggregation for skb using frag_list
- LP: #1393477
* hyperv: Fix a bug in netvsc_start_xmit()
- LP: #1393477
* ip6_gre: fix flowi6_proto value in xmit path
- LP: #1393477
* team: avoid race condition in scheduling delayed work
- LP: #1393477
* sctp: handle association restarts when the socket is closed.
- LP: #1393477
* tcp: fixing TLP's FIN recovery
- LP: #1393477
* sparc64: Do not disable interrupts in nmi_cpu_busy()
- LP: #1393477
* sparc64: Fix pcr_ops initialization and usage bugs.
- LP: #1393477
* sparc32: dma_alloc_coherent must honour gfp flags
- LP: #1393477
* sparc64: sun4v TLB error power off events
- LP: #1393477
* sparc64: Fix corrupted thread fault code.
- LP: #1393477
* sparc64: find_node adjustment
- LP: #1393477
* sparc64: Move request_irq() from ldc_bind() to ldc_alloc()
- LP: #1393477
* sparc: Let memset return the address argument
- LP: #1393477
* sparc64: Fix reversed start/end in flush_tlb_kernel_range()
- LP: #1393477
* sparc64: Fix lockdep warnings on reboot on Ultra-5
- LP: #1393477
* sparc64: Fix FPU register corruption with AES crypto offload.
- LP: #1393477
* sparc64: Do not define thread fpregs save area as zero-length array.
- LP: #1393477
* sparc64: Fix hibernation code refrence to PAGE_OFFSET.
- LP: #1393477
* sparc64: correctly recognise M6 and M7 cpu type
- LP: #1393477
* sparc64: support M6 and M7 for building CPU distribution map
- LP: #1393477
* sparc64: cpu hardware caps support for sparc M6 and M7
- LP: #1393477
* sparc64: T5 PMU
- LP: #1393477
* sparc64: Switch to 4-level page tables.
- LP: #1393477
* sparc64: Define VA hole at run time, rather than at compile time.
- LP: #1393477
* sparc64: Adjust KTSB assembler to support larger physical addresses.
- LP: #1393477
* sparc64: Fix physical memory management regressions with large
max_phys_bits.
- LP: #1393477
* sparc64: Use kernel page tables for vmemmap.
- LP: #1393477
* sparc64: Increase MAX_PHYS_ADDRESS_BITS to 53.
- LP: #1393477
* sparc64: Adjust vmalloc region size based upon available virtual
address bits.
- LP: #1393477
* sparc64: sparse irq
- LP: #1393477
* sparc64: Kill unnecessary tables and increase MAX_BANKS.
- LP: #1393477
* sparc64: Increase size of boot string to 1024 bytes
- LP: #1393477
* sparc64: Fix register corruption in top-most kernel stack frame during
boot.
- LP: #1393477
* sparc64: Implement __get_user_pages_fast().
- LP: #1393477
* ext4: check EA value offset when loading
- LP: #1393477
* jbd2: free bh when descriptor block checksum fails
- LP: #1393477
* ext4: don't check quota format when there are no quota files
- LP: #1393477
* target: Fix queue full status NULL pointer for SCF_TRANSPORT_TASK_SENSE
- LP: #1393477
* vfs: fix data corruption when blocksize < pagesize for mmaped data
- LP: #1393477
* ext4: fix mmap data corruption when blocksize < pagesize
- LP: #1393477
* ext4: grab missed write_count for EXT4_IOC_SWAP_BOOT
- LP: #1393477
* qla_target: don't delete changed nacls
- LP: #1393477
* target: Fix APTPL metadata handling for dynamic MappedLUNs
- LP: #1393477
* iser-target: Disable TX completion interrupt coalescing
- LP: #1393477
* ext4: don't orphan or truncate the boot loader inode
- LP: #1393477
* ext4: add ext4_iget_normal() which is to be used for dir tree lookups
- LP: #1393477
* ext4: fix reservation overflow in ext4_da_write_begin
- LP: #1393477
* ext4: Replace open coded mdata csum feature to helper function
- LP: #1393477
* ext4: move error report out of atomic context in
ext4_init_block_bitmap()
- LP: #1393477
* ARC: [nsimosci] Allow "headless" models to boot
- LP: #1393477
* ARC: Update order of registers in KGDB to match GDB 7.5
- LP: #1393477
* ext4: check s_chksum_driver when looking for bg csum presence
- LP: #1393477
* drm/radeon: fix speaker allocation setup
- LP: #1393477
* drm/radeon: use gart memory for DMA ring tests
- LP: #1393477
* compiler: define OPTIMIZER_HIDE_VAR() macro
- LP: #1393477
* random: add and use memzero_explicit() for clearing data
- LP: #1393477
* ALSA: pcm: use the same dma mmap codepath both for arm and arm64
- LP: #1393477
* ALSA: ALC283 codec - Avoid pop noise on headphones during
suspend/resume
- LP: #1393477
* ALSA: usb-audio: Add support for Steinberg UR22 USB interface
- LP: #1393477
* ALSA: hda - hdmi: Fix missing ELD change event on plug/unplug
- LP: #1393477
* arm64: compat: fix compat types affecting struct compat_elf_prpsinfo
- LP: #1393477
* freezer: Do not freeze tasks killed by OOM killer
- LP: #1393477
* OOM, PM: OOM killed task shouldn't escape PM suspend
- LP: #1393477
* qxl: don't create too large primary surface
- LP: #1393477
* MIPS: tlbex: Properly fix HUGE TLB Refill exception handler
- LP: #1393477
* drm/cirrus: bind also to qemu-xen-traditional
- LP: #1393477
* cpufreq: intel_pstate: Fix setting max_perf_pct in performance policy
- LP: #1393477
* cpufreq: expose scaling_cur_freq sysfs file for set_policy() drivers
- LP: #1393477
* cpufreq: intel_pstate: Reflect current no_turbo state correctly
- LP: #1393477
* intel_pstate: Don't lose sysfs settings during cpu offline
- LP: #1393477
* intel_pstate: Fix BYT frequency reporting
- LP: #1393477
* intel_pstate: Correct BYT VID values.
- LP: #1393477
* MIPS: ftrace: Fix a microMIPS build problem
- LP: #1393477
* kvm: x86: don't kill guest on unknown exit reason
- LP: #1393477
* kvm: fix excessive pages un-pinning in kvm_iommu_map error path.
- LP: #1393477
* KVM: x86: use new CS.RPL as CPL during task switch
- LP: #1393477
* KVM: x86: Handle errors when RIP is set during far jumps
- LP: #1393477
* KVM: x86: Fix far-jump to non-canonical check
- LP: #1393477
* staging:iio:ad5933: Fix NULL pointer deref when enabling buffer
- LP: #1393477
* staging:iio:ad5933: Drop "raw" from channel names
- LP: #1393477
* iio: st_sensors: Fix buffer copy
- LP: #1393477
* iio: mxs-lradc: Propagate the real error code on platform_get_irq()
failure
- LP: #1393477
* iio: adc: mxs-lradc: Disable the clock on probe failure
- LP: #1393477
* spi: pl022: Fix incorrect dma_unmap_sg
- LP: #1393477
* mac80211: fix typo in starting baserate for rts_cts_rate_idx
- LP: #1393477
* usb: dwc3: gadget: fix set_halt() bug with pending transfers
- LP: #1393477
* usb: gadget: function: acm: make f_acm pass USB20CV Chapter9
- LP: #1393477
* ext3: Don't check quota format when there are no quota files
- LP: #1393477
* quota: Properly return errors from dquot_writeback_dquots()
- LP: #1393477
* USB: serial: cp210x: add Silicon Labs 358x VID and PID
- LP: #1393477
* usb: serial: ftdi_sio: add Awinda Station and Dongle products
- LP: #1393477
* usb: option: add support for Telit LE910
- LP: #1393477
* USB: option: add Haier CE81B CDMA modem
- LP: #1393477
* x86, apic: Handle a bad TSC more gracefully
- LP: #1393477
* i3200_edac: Report CE events properly
- LP: #1393477
* i82860_edac: Report CE events properly
- LP: #1393477
* cpc925_edac: Report UE events properly
- LP: #1393477
* e7xxx_edac: Report CE events properly
- LP: #1393477
* scsi: Fix error handling in SCSI_IOCTL_SEND_COMMAND
- LP: #1393477
* usb: serial: ftdi_sio: add "bricked" FTDI device PID
- LP: #1393477
* usb: musb: cppi41: restart hrtimer only if not yet done
- LP: #1393477
* usb: gadget: udc: core: fix kernel oops with soft-connect
- LP: #1393477
* nfsd4: fix crash on unknown operation number
- LP: #1393477
* iwlwifi: configure the LTR
- LP: #1393477
* mac80211: add vif to flush call
- LP: #1393477
* iwlwifi: dvm: drop non VO frames when flushing
- LP: #1393477
* usb: dwc3: gadget: Properly initialize LINK TRB
- LP: #1393477
* Input: i8042 - quirks for Fujitsu Lifebook A544 and Lifebook AH544
- LP: #1393477
* posix-timers: Fix stack info leak in timer_create()
- LP: #1393477
* futex: Fix a race condition between REQUEUE_PI and task death
- LP: #1393477
* PM / Sleep: fix recovery during resuming from hibernation
- LP: #1393477
* ALSA: pcm: Zero-clear reserved fields of PCM status ioctl in compat
mode
- LP: #1393477
* ima: check xattr value length and type in the ima_inode_setxattr()
- LP: #1393477
* evm: check xattr value length and type in evm_inode_setxattr()
- LP: #1393477
* drm/radeon/dpm: disable ulv support on SI
- LP: #1393477
* drm/radeon: dpm fixes for asrock systems
- LP: #1393477
* drm/radeon: remove invalid pci id
- LP: #1393477
* x86, pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE
- LP: #1393477
* cgroup/kmemleak: add kmemleak_free() for cgroup deallocations.
- LP: #1393477
* mm: free compound page with correct order
- LP: #1393477
* mm, thp: fix collapsing of hugepages on madvise
- LP: #1393477
* lib/bitmap.c: fix undefined shift in __bitmap_shift_{left|right}()
- LP: #1393477
* ext4: fix overflow when updating superblock backups after resize
- LP: #1393477
* ext4: fix oops when loading block bitmap failed
- LP: #1393477
* ext4: enable journal checksum when metadata checksum feature enabled
- LP: #1393477
* ext4: bail out from make_indexed_dir() on first error
- LP: #1393477
* PCI: Rename sysfs 'enabled' file back to 'enable'
- LP: #1393477
* wireless: rt2x00: add new rt2800usb device
- LP: #1393477
* fs: allow open(dir, O_TMPFILE|..., 0) with mode 0
- LP: #1393477
* tracing/syscalls: Ignore numbers outside NR_syscalls' range
- LP: #1393477
* x86_64, entry: Fix out of bounds read on sysenter
- LP: #1393477
* ACPI / EC: Add support to disallow QR_EC to be issued when SCI_EVT
isn't set
- LP: #1393477
* ACPI / EC: Fix regression due to conflicting firmware behavior between
Samsung and Acer.
- LP: #1393477
* net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks
- LP: #1393477
* net: sctp: fix panic on duplicate ASCONF chunks
- LP: #1393477
* net: sctp: fix remote memory pressure from excessive queueing
- LP: #1393477
* Linux 3.13.11.11
- LP: #1393477
* MAINTAINERS: Update APM X-Gene section
- LP: #1381084
* Documentation: dts: Update section header for APM X-Gene
- LP: #1381084
* dtb: Add 10GbE node to APM X-Gene SoC device tree
- LP: #1381084
* drivers: net: xgene: Preparing for adding 10GbE support
- LP: #1381084
* drivers: net: xgene: Add 10GbE support
- LP: #1381084
* drivers: net: xgene: Add 10GbE ethtool support
- LP: #1381084
* dtb: Add SGMII based 1GbE node to APM X-Gene SoC device tree
- LP: #1381216
* drivers: net: xgene: Preparing for adding SGMII based 1GbE
- LP: #1381216
* drivers: net: xgene: Add SGMII based 1GbE support
- LP: #1381216
* drivers: net: xgene: Add SGMII based 1GbE ethtool support
- LP: #1381216
* drivers: net: xgene: Rewrite buggy loop in xgene_enet_ecc_init()
- LP: #1381216
* dtb: xgene: fix: Backward compatibility with older firmware
- LP: #1381084, #1381216
* drivers: net: xgene: Backward compatibility with older firmware
- LP: #1381084, #1381216
* drivers: net: xgene: fix: Use separate resources
- LP: #1381216
* HID: Add the transport-driver functions to the HIDP driver.
- LP: #1393764
* ipc: fix compat msgrcv with negative msgtyp
- LP: #1393355
-- Luis Henriques <luis.henriques@xxxxxxxxxxxxx> Tue, 25 Nov 2014 12:07:01 +0000
** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1393355
Title:
Issue with msgrcv in a 32-bit application and -ve argument
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Trusty:
Fix Released
Status in linux source package in Utopic:
Fix Released
Status in linux source package in Vivid:
Fix Released
Bug description:
== Comment: #0 - R. Wilson <wilsonrs@xxxxxxxxxx> - 2014-11-13 08:11:01 ==
---Problem Description---
system call msgrcv() from 32-bit application shows error: msgrcv: No message of desired type
The following upstream commit resolves the issue.
commit e7ca2552369c1dfe0216c626baf82c3d83ec36bb
Author: Mateusz Guzik <mguzik@xxxxxxxxxx>
Date: Mon Jan 27 17:07:11 2014 -0800
ipc: fix compat msgrcv with negative msgtyp
Compat function takes msgtyp argument as u32 and passes it down to
do_msgrcv which results in casting to long, thus the sign is lost and we
get a big positive number instead.
Cast the argument to signed type before passing it down.
We now hit the problem on Ubuntu 14_04 and need to know if a similar
patch is forthcoming.
---uname output---
Linux ctg-a-il-u1 3.13.0-39-generic #66-Ubuntu SMP Tue Oct 28 13:30:27 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
Machine Type = VMware guest
---Debugger---
A debugger is not configured
---Steps to Reproduce---
Compile test applications using gcc -m32 -o <name> <name.c>
Run test application testmsgs to send a message to a queue
Run test application testmsgr that *should* retriieve message sent by testmsgs
Observe that testmsgr does not retrieve message
Repeat test, compilling with -m64 instead - applications work as expected
Stack trace output:
no
Oops output:
no
Userspace tool common name: custom application designed to replicate problem
The userspace tool has the following bit modes: 32-bit
System Dump Info:
The system is not configured to capture a system dump.
== Comment: #2 - R. Wilson <wilsonrs@xxxxxxxxxx> - 2014-11-13 08:15:25 ==
Back trace for testmsgr:
(gdb) bt
#0 0xf777c430 in __kernel_vsyscall ()
#1 0xf76a4660 in msgrcv () from /lib32/libc.so.6
#2 0x08048573 in main ()
(gdb)
The msgrcv *should* have returned immediately as the message was
placed on the queue by testmsgs
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1393355/+subscriptions