Ubuntu
linux package

Bug #1958770
Comment #63

Comment 63 for bug 1958770

Revision history for this message

ltkarrde (ltkarrde) wrote on 2022-09-22:

#63

Still present in 5.15.0-50-generic

9/21/22 7:54 AM kernel ================================================================================
9/21/22 7:54 AM kernel UBSAN: array-index-out-of-bounds in /build/linux-lU2d47/linux-5.15.0/drivers/net/ethernet/aquantia/atlantic/aq_nic.c:1262:48
9/21/22 7:54 AM kernel index 8 is out of range for type 'aq_vec_s *[8]'
9/21/22 7:54 AM kernel CPU: 4 PID: 1930 Comm: daemon-init Tainted: G O 5.15.0-50-generic #56-Ubuntu
9/21/22 7:54 AM kernel Hardware name: To Be Filled By O.E.M. X570 Creator/X570 Creator, BIOS P3.72 05/17/2022
9/21/22 7:54 AM kernel Call Trace:
9/21/22 7:54 AM kernel <TASK>
9/21/22 7:54 AM kernel show_stack+0x52/0x5c
9/21/22 7:54 AM kernel dump_stack_lvl+0x4a/0x63
9/21/22 7:54 AM kernel dump_stack+0x10/0x16
9/21/22 7:54 AM kernel ubsan_epilogue+0x9/0x49
9/21/22 7:54 AM kernel __ubsan_handle_out_of_bounds.cold+0x44/0x49
9/21/22 7:54 AM kernel ? dev_get_port_parent_id+0x18/0x160
9/21/22 7:54 AM kernel ? aq_vec_stop+0x72/0x80 [atlantic]
9/21/22 7:54 AM kernel aq_nic_stop+0x10a/0x110 [atlantic]
9/21/22 7:54 AM kernel aq_ndev_set_features+0x143/0x1a0 [atlantic]
9/21/22 7:54 AM kernel __netdev_update_features+0x184/0x820
9/21/22 7:54 AM kernel dev_disable_lro+0x34/0x150
9/21/22 7:54 AM kernel devinet_sysctl_forward+0x1fb/0x230
9/21/22 7:54 AM kernel proc_sys_call_handler+0x16a/0x2f0
9/21/22 7:54 AM kernel proc_sys_write+0x13/0x20
9/21/22 7:54 AM kernel new_sync_write+0x114/0x1a0
9/21/22 7:54 AM kernel vfs_write+0x1d5/0x270
9/21/22 7:54 AM kernel ksys_write+0x67/0xf0
9/21/22 7:54 AM kernel __x64_sys_write+0x19/0x20
9/21/22 7:54 AM kernel do_syscall_64+0x5c/0xc0
9/21/22 7:54 AM kernel ? exit_to_user_mode_prepare+0x37/0xb0
9/21/22 7:54 AM kernel ? syscall_exit_to_user_mode+0x27/0x50
9/21/22 7:54 AM kernel ? do_syscall_64+0x69/0xc0
9/21/22 7:54 AM kernel ? exit_to_user_mode_loop+0x10d/0x160
9/21/22 7:54 AM kernel entry_SYSCALL_64_after_hwframe+0x61/0xcb
9/21/22 7:54 AM kernel RIP: 0033:0x7fed8a694a6f
9/21/22 7:54 AM kernel Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 19 c0 f7 ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 5c c0 f7 ff 48
9/21/22 7:54 AM kernel RSP: 002b:00007fed4e7fb810 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
9/21/22 7:54 AM kernel RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fed8a694a6f
9/21/22 7:54 AM kernel RDX: 0000000000000002 RSI: 00007fed8b01c5e5 RDI: 0000000000000013
9/21/22 7:54 AM kernel RBP: 00007fed8b01c5e5 R08: 0000000000000000 R09: 0000000000000001
9/21/22 7:54 AM kernel R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000013
9/21/22 7:54 AM kernel R13: 0000000000000013 R14: 0000000000000000 R15: 00007fed38024ab0
9/21/22 7:54 AM kernel </TASK>
9/21/22 7:54 AM kernel ================================================================================

Still present in 5.15.0-50-generic

9/21/22 7:54 AM	kernel	================================================================================
9/21/22 7:54 AM	kernel	UBSAN: array-index-out-of-bounds in /build/linux-lU2d47/linux-5.15.0/drivers/net/ethernet/aquantia/atlantic/aq_nic.c:1262:48
9/21/22 7:54 AM	kernel	index 8 is out of range for type 'aq_vec_s *[8]'
9/21/22 7:54 AM	kernel	CPU: 4 PID: 1930 Comm: daemon-init Tainted: G           O      5.15.0-50-generic #56-Ubuntu
9/21/22 7:54 AM	kernel	Hardware name: To Be Filled By O.E.M. X570 Creator/X570 Creator, BIOS P3.72 05/17/2022
9/21/22 7:54 AM	kernel	Call Trace:
9/21/22 7:54 AM	kernel	 <TASK>
9/21/22 7:54 AM	kernel	 show_stack+0x52/0x5c
9/21/22 7:54 AM	kernel	 dump_stack_lvl+0x4a/0x63
9/21/22 7:54 AM	kernel	 dump_stack+0x10/0x16
9/21/22 7:54 AM	kernel	 ubsan_epilogue+0x9/0x49
9/21/22 7:54 AM	kernel	 __ubsan_handle_out_of_bounds.cold+0x44/0x49
9/21/22 7:54 AM	kernel	 ? dev_get_port_parent_id+0x18/0x160
9/21/22 7:54 AM	kernel	 ? aq_vec_stop+0x72/0x80 [atlantic]
9/21/22 7:54 AM	kernel	 aq_nic_stop+0x10a/0x110 [atlantic]
9/21/22 7:54 AM	kernel	 aq_ndev_set_features+0x143/0x1a0 [atlantic]
9/21/22 7:54 AM	kernel	 __netdev_update_features+0x184/0x820
9/21/22 7:54 AM	kernel	 dev_disable_lro+0x34/0x150
9/21/22 7:54 AM	kernel	 devinet_sysctl_forward+0x1fb/0x230
9/21/22 7:54 AM	kernel	 proc_sys_call_handler+0x16a/0x2f0
9/21/22 7:54 AM	kernel	 proc_sys_write+0x13/0x20
9/21/22 7:54 AM	kernel	 new_sync_write+0x114/0x1a0
9/21/22 7:54 AM	kernel	 vfs_write+0x1d5/0x270
9/21/22 7:54 AM	kernel	 ksys_write+0x67/0xf0
9/21/22 7:54 AM	kernel	 __x64_sys_write+0x19/0x20
9/21/22 7:54 AM	kernel	 do_syscall_64+0x5c/0xc0
9/21/22 7:54 AM	kernel	 ? exit_to_user_mode_prepare+0x37/0xb0
9/21/22 7:54 AM	kernel	 ? syscall_exit_to_user_mode+0x27/0x50
9/21/22 7:54 AM	kernel	 ? do_syscall_64+0x69/0xc0
9/21/22 7:54 AM	kernel	 ? exit_to_user_mode_loop+0x10d/0x160
9/21/22 7:54 AM	kernel	 entry_SYSCALL_64_after_hwframe+0x61/0xcb
9/21/22 7:54 AM	kernel	RIP: 0033:0x7fed8a694a6f
9/21/22 7:54 AM	kernel	Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 19 c0 f7 ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 5c c0 f7 ff 48
9/21/22 7:54 AM	kernel	RSP: 002b:00007fed4e7fb810 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
9/21/22 7:54 AM	kernel	RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fed8a694a6f
9/21/22 7:54 AM	kernel	RDX: 0000000000000002 RSI: 00007fed8b01c5e5 RDI: 0000000000000013
9/21/22 7:54 AM	kernel	RBP: 00007fed8b01c5e5 R08: 0000000000000000 R09: 0000000000000001
9/21/22 7:54 AM	kernel	R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000013
9/21/22 7:54 AM	kernel	R13: 0000000000000013 R14: 0000000000000000 R15: 00007fed38024ab0
9/21/22 7:54 AM	kernel	 </TASK>
9/21/22 7:54 AM	kernel	================================================================================

Ubuntulinux package

Comment 63 for bug 1958770

Ubuntu
linux package