On Mon, 3 Nov 2025 13:02:06 +0200, Mathias Nyman wrote:
Hi Greg and Mathias,
I noticed that this bug still exists in current 6.6 and 6.12 releases, what would be the sensible course of action to fix it?
Not sure this qualifies for stable. Is this something that has really happened in real life?
The stable-kernel-rules.rst states it should "fix a real bug that bothers people"
If kcalloc_node() fails to allocate that array of pointers then something else is already badly messed up.
I don't know how the reported found it, but it can obviously happen when the driver is bound to a new xHCI controller under OOM conditions.
So maybe not very often, but xHCI hotplug is a thing in Thunderbolt and OOM happens sometimes too, so it's not exactly impossible either.
I thought it's usual to fix such bugs when they are known. Simulated allocation failure before/after:
[ +30,414603] xhci_hcd 0000:00:10.0: xHCI Host Controller [ +0,000012] xhci_hcd 0000:00:10.0: new USB bus registered, assigned bus number 2 [ +0,000159] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ +0,000004] #PF: supervisor read access in kernel mode [ +0,000002] #PF: error_code(0x0000) - not-present page [ +0,000002] PGD 0 P4D 0 [ +0,000003] Oops: 0000 [#1] PREEMPT SMP [ +0,000004] CPU: 1 PID: 4270 Comm: insmod Not tainted 6.6.113 #11 [ +0,000003] Hardware name: HP HP EliteDesk 705 G3 MT/8265, BIOS P06 Ver. 02.45 07/16/2024 [ +0,000003] RIP: 0010:xhci_add_interrupter+0x25/0x130 [xhci_hcd]
[ +0,042495] xhci_hcd 0000:00:10.0: xHCI Host Controller [ +0,000012] xhci_hcd 0000:00:10.0: new USB bus registered, assigned bus number 2 [ +0,007193] xhci_hcd 0000:00:10.0: can't setup: -12 [ +0,000010] xhci_hcd 0000:00:10.0: USB bus 2 deregistered [ +0,000080] xhci_hcd 0000:00:10.0: init 0000:00:10.0 fail, -12 [ +0,000004] xhci_hcd: probe of 0000:00:10.0 failed with error -12