Bug is still here. 5.15.0-91-generic Nov 16 21:15:29 mon-host kernel: [ 101.739280] ================================================================================ Nov 16 21:15:29 mon-host kernel: [ 101.785597] UBSAN: array-index-out-of-bounds in /build/linux-90ta4T/linux-5.15.0/drivers/edac/i5000_edac.c:956:20 Nov 16 21:15:29 mon-host kernel: [ 101.786940] IPMI message handler: version 39.2 Nov 16 21:15:29 mon-host kernel: [ 101.836146] index 4 is out of range for type 'u16 [4]' Nov 16 21:15:29 mon-host kernel: [ 101.836152] CPU: 0 PID: 447 Comm: systemd-udevd Not tainted 5.15.0-91-generic #101-Ubuntu Nov 16 21:15:29 mon-host kernel: [ 101.836156] Hardware name: Dell Inc. PowerEdge 1950/0D8635, BIOS 2.7.0 10/30/2010 Nov 16 21:15:29 mon-host kernel: [ 101.836158] Call Trace: Nov 16 21:15:29 mon-host kernel: [ 101.836162] <TASK> Nov 16 21:15:29 mon-host kernel: [ 101.836166] show_stack+0x52/0x5c Nov 16 21:15:29 mon-host kernel: [ 101.836175] dump_stack_lvl+0x4a/0x63 Nov 16 21:15:29 mon-host kernel: [ 101.836182] dump_stack+0x10/0x16 Nov 16 21:15:29 mon-host kernel: [ 101.836184] ubsan_epilogue+0x9/0x36 Nov 16 21:15:29 mon-host kernel: [ 101.836187] __ubsan_handle_out_of_bounds.cold+0x44/0x49 Nov 16 21:15:29 mon-host kernel: [ 101.836190] ? i5000_get_mc_regs.isra.0+0x14c/0x1c0 [i5000_edac] Nov 16 21:15:29 mon-host kernel: [ 101.836197] i5000_probe1+0x506/0x5c0 [i5000_edac] Nov 16 21:15:29 mon-host kernel: [ 101.836201] ? pci_bus_read_config_byte+0x40/0x70 Nov 16 21:15:29 mon-host kernel: [ 101.862944] ? do_pci_enable_device+0x54/0x110 Nov 16 21:15:29 mon-host kernel: [ 101.862948] i5000_init_one+0x26/0x30 [i5000_edac] Nov 16 21:15:29 mon-host kernel: [ 101.862952] local_pci_probe+0x4b/0x90 Nov 16 21:15:29 mon-host kernel: [ 101.862956] pci_device_probe+0x119/0x1f0 Nov 16 21:15:29 mon-host kernel: [ 101.862960] really_probe+0x222/0x420 Nov 16 21:15:29 mon-host kernel: [ 101.862964] __driver_probe_device+0xe8/0x140 Nov 16 21:15:29 mon-host kernel: [ 101.862966] driver_probe_device+0x23/0xc0 Nov 16 21:15:29 mon-host kernel: [ 101.862969] __driver_attach+0xf7/0x1f0 Nov 16 21:15:29 mon-host kernel: [ 101.862971] ? __device_attach_driver+0x140/0x140 Nov 16 21:15:29 mon-host kernel: [ 101.862974] bus_for_each_dev+0x7f/0xd0 Nov 16 21:15:29 mon-host kernel: [ 101.862978] driver_attach+0x1e/0x30 Nov 16 21:15:29 mon-host kernel: [ 101.862980] bus_add_driver+0x148/0x220 Nov 16 21:15:29 mon-host kernel: [ 101.862982] ? vunmap_range_noflush+0x3d5/0x470 Nov 16 21:15:29 mon-host kernel: [ 101.862987] driver_register+0x95/0x100 Nov 16 21:15:29 mon-host kernel: [ 101.862990] ? 0xffffffffc03d8000 Nov 16 21:15:29 mon-host kernel: [ 101.862993] __pci_register_driver+0x68/0x70 Nov 16 21:15:29 mon-host kernel: [ 101.862996] i5000_init+0x36/0x1000 [i5000_edac] Nov 16 21:15:29 mon-host kernel: [ 101.863000] do_one_initcall+0x49/0x1e0 Nov 16 21:15:29 mon-host kernel: [ 101.863005] ? kmem_cache_alloc_trace+0x19e/0x2e0 Nov 16 21:15:29 mon-host kernel: [ 101.863011] do_init_module+0x52/0x260 Nov 16 21:15:29 mon-host kernel: [ 101.863016] load_module+0xb2b/0xbc0 Nov 16 21:15:29 mon-host kernel: [ 101.863019] __do_sys_finit_module+0xbf/0x120 Nov 16 21:15:29 mon-host kernel: [ 101.863023] __x64_sys_finit_module+0x18/0x20 Nov 16 21:15:29 mon-host kernel: [ 101.863025] do_syscall_64+0x5c/0xc0 Nov 16 21:15:29 mon-host kernel: [ 101.863031] ? exit_to_user_mode_prepare+0x37/0xb0 Nov 16 21:15:29 mon-host kernel: [ 101.863038] ? syscall_exit_to_user_mode+0x35/0x50 Nov 16 21:15:29 mon-host kernel: [ 101.863043] ? __x64_sys_newfstatat+0x1c/0x30 Nov 16 21:15:29 mon-host kernel: [ 101.863047] ? do_syscall_64+0x69/0xc0 Nov 16 21:15:29 mon-host kernel: [ 101.863049] ? do_syscall_64+0x69/0xc0 Nov 16 21:15:29 mon-host kernel: [ 101.863051] ? exc_page_fault+0x89/0x170 Nov 16 21:15:29 mon-host kernel: [ 101.863054] entry_SYSCALL_64_after_hwframe+0x62/0xcc Nov 16 21:15:29 mon-host kernel: [ 101.863060] RIP: 0033:0x7f5b964c9a7d Nov 16 21:15:29 mon-host kernel: [ 101.863064] Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 83 a3 0f 00 f7 d8 64 89 01 48 Nov 16 21:15:29 mon-host kernel: [ 101.863068] RSP: 002b:00007ffe8a418818 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 Nov 16 21:15:29 mon-host kernel: [ 101.863073] RAX: ffffffffffffffda RBX: 000055fe999a5a00 RCX: 00007f5b964c9a7d Nov 16 21:15:29 mon-host kernel: [ 101.863075] RDX: 0000000000000000 RSI: 00007f5b96660441 RDI: 000000000000000f Nov 16 21:15:29 mon-host kernel: [ 101.863077] RBP: 0000000000020000 R08: 0000000000000000 R09: 00007ffe8a418950 Nov 16 21:15:29 mon-host kernel: [ 101.863079] R10: 000000000000000f R11: 0000000000000246 R12: 00007f5b96660441 Nov 16 21:15:29 mon-host kernel: [ 101.863080] R13: 000055fe99981d40 R14: 000055fe9994eb50 R15: 000055fe99985200 Nov 16 21:15:29 mon-host kernel: [ 101.863083] </TASK> Nov 16 21:15:29 mon-host kernel: [ 101.863092] ================================================================================
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2008157 Title: [SRU][Ubuntu 22.04.1]: Observed "Array Index out of bounds" Call Trace multiple times on Ubuntu 22.04.1 OS during boot Status in linux package in Ubuntu: In Progress Status in linux source package in Jammy: Fix Released Status in linux source package in Kinetic: Fix Committed Bug description: SRU Justification: [Impact] When booted into Ubuntu 22.04.1 OS after installation, observed "Array Index out of bounds" Call Trace multiple times in dmesg. Call Trace is as follow: [ 6.125704] UBSAN: array-index-out-of-bounds in /build/linux-JjvoxS/linux-5.15.0/drivers/scsi/megaraid/megaraid_sas_fp.c:103:32 [ 6.125705] index 1 is out of range for type 'MR_LD_SPAN_MAP [1]' [ 6.125707] CPU: 0 PID: 18 Comm: kworker/0:1 Not tainted 5.15.0-53-generic #59-Ubuntu [ 6.125709] Hardware name: Dell Inc. , BIOS 11/08/2022 [ 6.125710] Workqueue: events work_for_cpu_fn [ 6.125716] Call Trace: [ 6.125718] <TASK> [ 6.125720] show_stack+0x52/0x5c [ 6.125725] dump_stack_lvl+0x4a/0x63 [ 6.125731] dump_stack+0x10/0x16 [ 6.125732] ubsan_epilogue+0x9/0x49 [ 6.125734] __ubsan_handle_out_of_bounds.cold+0x44/0x49 [ 6.125736] ? MR_PopulateDrvRaidMap+0x194/0x580 [megaraid_sas] [ 6.125747] mr_update_load_balance_params+0xb9/0xc0 [megaraid_sas] [ 6.125753] MR_ValidateMapInfo+0x8d/0x290 [megaraid_sas] [ 6.125757] megasas_init_adapter_fusion+0x3ce/0x420 [megaraid_sas] [ 6.125762] ? megasas_setup_reply_map+0x49/0xac [megaraid_sas] [ 6.125768] megasas_init_fw.cold+0x87c/0x10c8 [megaraid_sas] [ 6.125774] megasas_probe_one+0x15c/0x4e0 [megaraid_sas] [ 6.125779] local_pci_probe+0x48/0x90 [ 6.125783] work_for_cpu_fn+0x17/0x30 [ 6.125785] process_one_work+0x228/0x3d0 [ 6.125786] worker_thread+0x223/0x420 [ 6.125787] ? process_one_work+0x3d0/0x3d0 [ 6.125788] kthread+0x127/0x150 [ 6.125790] ? set_kthread_struct+0x50/0x50 [ 6.125791] ret_from_fork+0x1f/0x30 [ 6.125796] </TASK> [ 6.125796] ================================================================================ Steps to reproduce: 1. Connect PERC H355 controller to the system 2. Create RAID1 using drives connected to PERC Controller 3. Install Ubuntu 22.04.1 on VD 4. Boot into OS after installation 5. Multiple Call Traces of "array-index-out-of-bounds" are seen Expected Behavior: OS should boot without this Call Trace [Fix] [PATCH v3 0/6] Replace one-element arrays with flexible-array members https://lore.kernel.org/linux-hardening/cover.1660592640.git.gustavo...@kernel.org/ 48658213 scsi: megaraid_sas: Use struct_size() in code related to struct MR_PD_CFG_SEQ_NUM_SYNC 41e83026 scsi: megaraid_sas: Use struct_size() in code related to struct MR_FW_RAID_MAP ee92366a scsi: megaraid_sas: Replace one-element array with flexible- array member in MR_PD_CFG_SEQ_NUM_SYNC eeb3bab7 scsi: megaraid_sas: Replace one-element array with flexible- array member in MR_DRV_RAID_MAP 204a29a1 scsi: megaraid_sas: Replace one-element array with flexible- array member in MR_FW_RAID_MAP_DYNAMIC ac23b92b scsi: megaraid_sas: Replace one-element array with flexible- array member in MR_FW_RAID_MAP [Test Plan] 1. Connect PERC H355 controller to the system 2. Create RAID1 using drives connected to PERC Controller 3. Install Ubuntu 22.04.1 on VD 4. Boot into OS after installation OS should boot without the Call Trace listed in the Impact field [Where problems could occur] [Other Info] https://code.launchpad.net/~mreed8855/ubuntu/+source/linux/+git/jammy/+ref/array_bounds_lp_2008157 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2008157/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
