Ubuntu
linux package

UBSAN: array-index-out-of-bounds in /build/linux-IPoq5q/linux-6.5.0/drivers/gpu/drm/radeon/radeon_atombios.c:2620:43

Bug #2037762 reported by Gannet
60
This bug affects 10 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

After upgrading to Mantic with linux 6.5 an error appears in dmesg:

[ 10.281317] ================================================================================
[ 10.281323] fbcon: Taking over console
[ 10.281327] UBSAN: array-index-out-of-bounds in /build/linux-IPoq5q/linux-6.5.0/drivers/gpu/drm/radeon/radeon_atombios.c:2620:43
[ 10.281334] index 1 is out of range for type 'UCHAR [1]'
[ 10.281338] CPU: 2 PID: 321 Comm: (udev-worker) Not tainted 6.5.0-5-generic #5-Ubuntu
[ 10.281341] Hardware name: System manufacturer System Product Name/P5Q3, BIOS 1102 06/11/2010
[ 10.281342] Call Trace:
[ 10.281345] <TASK>
[ 10.281349] dump_stack_lvl+0x48/0x70
[ 10.281359] dump_stack+0x10/0x20
[ 10.281362] __ubsan_handle_out_of_bounds+0xc6/0x110
[ 10.281366] radeon_atombios_parse_power_table_4_5+0x3c9/0x3f0 [radeon]
[ 10.281506] radeon_atombios_get_power_modes+0x205/0x210 [radeon]
[ 10.281596] radeon_pm_init_dpm+0x8e/0x2f0 [radeon]
[ 10.281709] radeon_pm_init+0xd0/0x100 [radeon]
[ 10.281821] rv770_init+0x1fa/0x3d0 [radeon]
[ 10.281933] radeon_device_init+0x540/0xa90 [radeon]
[ 10.282021] radeon_driver_load_kms+0xcc/0x2f0 [radeon]
[ 10.282111] drm_dev_register+0x10e/0x240 [drm]
[ 10.282194] radeon_pci_probe+0xec/0x180 [radeon]
[ 10.282280] local_pci_probe+0x47/0xb0
[ 10.282285] pci_call_probe+0x55/0x190
[ 10.282289] pci_device_probe+0x84/0x120
[ 10.282293] really_probe+0x1c7/0x410
[ 10.282297] __driver_probe_device+0x8c/0x180
[ 10.282300] driver_probe_device+0x24/0xd0
[ 10.282303] __driver_attach+0x10b/0x210
[ 10.282306] ? __pfx___driver_attach+0x10/0x10
[ 10.282309] bus_for_each_dev+0x8d/0xf0
[ 10.282316] driver_attach+0x1e/0x30
[ 10.282319] bus_add_driver+0x127/0x240
[ 10.282327] driver_register+0x5e/0x130
[ 10.282330] ? __pfx_radeon_module_init+0x10/0x10 [radeon]
[ 10.282416] __pci_register_driver+0x62/0x70
[ 10.282419] radeon_module_init+0x4c/0xff0 [radeon]
[ 10.282504] do_one_initcall+0x5e/0x340
[ 10.282510] do_init_module+0x68/0x260
[ 10.282514] load_module+0xba1/0xcf0
[ 10.282518] ? vfree+0xff/0x2d0
[ 10.282522] init_module_from_file+0x96/0x100
[ 10.282526] ? init_module_from_file+0x96/0x100
[ 10.282530] idempotent_init_module+0x11c/0x2b0
[ 10.282534] __x64_sys_finit_module+0x64/0xd0
[ 10.282537] do_syscall_64+0x5c/0x90
[ 10.282542] ? syscall_exit_to_user_mode+0x37/0x60
[ 10.282545] ? do_syscall_64+0x68/0x90
[ 10.282549] ? do_syscall_64+0x68/0x90
[ 10.282552] ? do_syscall_64+0x68/0x90
[ 10.282555] ? do_syscall_64+0x68/0x90
[ 10.282558] ? sysvec_call_function+0x4b/0xd0
[ 10.282567] entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 10.282574] RIP: 0033:0x7f94cb925c5d
[ 10.282591] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8b 71 13 00 f7 d8 64 89 01 48
[ 10.282594] RSP: 002b:00007ffcffbfa7b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[ 10.282597] RAX: ffffffffffffffda RBX: 000055b39a100500 RCX: 00007f94cb925c5d
[ 10.282599] RDX: 0000000000000004 RSI: 00007f94cbb3c44a RDI: 0000000000000017
[ 10.282601] RBP: 00007f94cbb3c44a R08: 0000000000000040 R09: fffffffffffffde0
[ 10.282602] R10: fffffffffffffe18 R11: 0000000000000246 R12: 0000000000020000
[ 10.282604] R13: 000055b39a103ba0 R14: 0000000000000000 R15: 000055b39a0fe210
[ 10.282607] </TASK>
[ 10.282611] ================================================================================

ProblemType: Bug
DistroRelease: Ubuntu 23.10
Package: linux-image-6.5.0-5-generic 6.5.0-5.5
ProcVersionSignature: Ubuntu 6.5.0-5.5-generic 6.5.0
Uname: Linux 6.5.0-5-generic x86_64
ApportVersion: 2.27.0-0ubuntu3
Architecture: amd64
AudioDevicesInUse:
 USER PID ACCESS COMMAND
 /dev/snd/controlC0: eugene 1346 F.... wireplumber
 /dev/snd/controlC1: eugene 1346 F.... wireplumber
 /dev/snd/seq: eugene 1345 F.... pipewire
CRDA: N/A
CasperMD5CheckResult: unknown
CurrentDesktop: KDE
Date: Sat Sep 30 00:12:30 2023
HibernationDevice: RESUME=UUID=7e115b53-56a4-444f-bd93-6ad4f15c4a61
InstallationDate: Installed on 2019-04-13 (1630 days ago)
InstallationMedia: Kubuntu 19.04 "Disco Dingo" - Alpha amd64 (20190326.1)
IwConfig:
 lo no wireless extensions.

 enp2s0 no wireless extensions.

 virbr0 no wireless extensions.
MachineType: {report['dmi.sys.vendor']} {report['dmi.product.name']}
ProcEnviron:
 LANG=uk_UA.UTF-8
 LANGUAGE=
 PATH=(custom, no user)
 SHELL=/bin/bash
 XDG_RUNTIME_DIR=<set>
ProcFB: 0 radeondrmfb
ProcKernelCmdLine: BOOT_IMAGE=/@/boot/vmlinuz-6.5.0-5-generic root=UUID=d87288b4-dbdd-4448-8088-4ebb6ed6cf33 ro rootflags=subvol=@ quiet splash vt.handoff=7
PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No PulseAudio daemon running, or not running as session daemon.
RelatedPackageVersions:
 linux-restricted-modules-6.5.0-5-generic N/A
 linux-backports-modules-6.5.0-5-generic N/A
 linux-firmware 20230919.git3672ccab-0ubuntu2
RfKill:

SourcePackage: linux
UpgradeStatus: Upgraded to mantic on 2023-09-27 (2 days ago)
dmi.bios.date: 06/11/2010
dmi.bios.release: 11.2
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 1102
dmi.board.asset.tag: To Be Filled By O.E.M.
dmi.board.name: P5Q3
dmi.board.vendor: ASUSTeK Computer INC.
dmi.board.version: Rev 1.xx
dmi.chassis.asset.tag: Asset-1234567890
dmi.chassis.type: 3
dmi.chassis.vendor: Chassis Manufacture
dmi.chassis.version: Chassis Version
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr1102:bd06/11/2010:br11.2:svnSystemmanufacturer:pnSystemProductName:pvrSystemVersion:rvnASUSTeKComputerINC.:rnP5Q3:rvrRev1.xx:cvnChassisManufacture:ct3:cvrChassisVersion:skuToBeFilledByO.E.M.:
dmi.product.family: To Be Filled By O.E.M.
dmi.product.name: System Product Name
dmi.product.sku: To Be Filled By O.E.M.
dmi.product.version: System Version
dmi.sys.vendor: System manufacturer

See original description
Revision history for this message
Gannet (ken20001) wrote :
description: updated
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote : Status changed to Confirmed

This change was made by a bot.

Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Juerg Haefliger (juergh) wrote :

Most likely a result of this:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d47c6956ab3

tags: added: kernel-flexible-array
Revision history for this message
Gannet (ken20001) wrote :

$ uname -a
Linux p5q3 6.6.1-060601-generic #202311151749 SMP PREEMPT_DYNAMIC Thu Nov 16 03:15:36 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

The same.

Patrik Lundquist (patrik-lundquist)
tags: added: noble
Revision history for this message
lorn10 (kle) wrote :
Download full text (4.4 KiB)

Hi all

I can confirm this problem on Kubuntu 22.04 LTS for an old Acer Aspire 6930G Laptop and kernel 6.5.0-18-generic. In dmesg I get:

[ 4.400118] resource: resource sanity check: requesting [mem 0x00000000000c0000-0x00000000000dffff], which spans more than PCI Bus 0000:00 [mem 0x000d4000-0x000dffff window]
[ 4.400124] caller pci_map_rom+0x6c/0x1d0 mapping multiple BARs
[ 4.400212] ATOM BIOS: Acer_MXM_B80602_M92XT_DDR2
[ 4.400253] radeon 0000:01:00.0: VRAM: 512M 0x0000000000000000 - 0x000000001FFFFFFF (512M used)
[ 4.400258] radeon 0000:01:00.0: GTT: 1024M 0x0000000020000000 - 0x000000005FFFFFFF
[ 4.400265] [drm] Detected VRAM RAM=512M, BAR=256M
[ 4.400267] [drm] RAM width 64bits DDR
[ 4.400499] [drm] radeon: 512M of VRAM memory ready
[ 4.400503] [drm] radeon: 1024M of GTT memory ready.
[ 4.400525] [drm] Loading RV710 Microcode
[ 4.401039] ================================================================================
[ 4.401047] fbcon: Taking over console
[ 4.401055] UBSAN: array-index-out-of-bounds in /build/linux-hwe-6.5-ZV1Qen/linux-hwe-6.5-6.5.0/drivers/gpu/drm/radeon/radeon_atombios.c:2620:43
[ 4.401064] index 1 is out of range for type 'UCHAR [1]'
[ 4.401069] CPU: 0 PID: 117 Comm: systemd-udevd Not tainted 6.5.0-18-generic #18~22.04.1-Ubuntu
[ 4.401073] Hardware name: Acer Aspire 6930G /Makalu , BIOS v0.3238 07/28/2009
[ 4.401076] Call Trace:
[ 4.401079] <TASK>
[ 4.401083] dump_stack_lvl+0x48/0x70
[ 4.401093] dump_stack+0x10/0x20
[ 4.401096] __ubsan_handle_out_of_bounds+0xc6/0x110
[ 4.401103] radeon_atombios_parse_power_table_4_5+0x3c6/0x3e0 [radeon]
[ 4.401289] radeon_atombios_get_power_modes+0x205/0x210 [radeon]
[ 4.401404] radeon_pm_init_dpm+0x8e/0x2f0 [radeon]
[ 4.401550] radeon_pm_init+0xdf/0x120 [radeon]
[ 4.401695] rv770_init+0x1fa/0x3d0 [radeon]
[ 4.401839] radeon_device_init+0x57e/0xaf0 [radeon]
[ 4.401952] radeon_driver_load_kms+0xcc/0x300 [radeon]
[ 4.402066] drm_dev_register+0x10e/0x240 [drm]
[ 4.402187] radeon_pci_probe+0xec/0x180 [radeon]
[ 4.402298] local_pci_probe+0x47/0xb0
[ 4.402304] pci_call_probe+0x55/0x190
[ 4.402308] pci_device_probe+0x84/0x120
[ 4.402313] really_probe+0x1cc/0x430
[ 4.402318] __driver_probe_device+0x8c/0x190
[ 4.402322] driver_probe_device+0x24/0xd0
[ 4.402325] __driver_attach+0x10b/0x210
[ 4.402329] ? __pfx___driver_attach+0x10/0x10
[ 4.402332] bus_for_each_dev+0x8d/0xf0
[ 4.402338] driver_attach+0x1e/0x30
[ 4.402341] bus_add_driver+0x127/0x240
[ 4.402346] driver_register+0x5e/0x130
[ 4.402350] ? __pfx_radeon_module_init+0x10/0x10 [radeon]
[ 4.402461] __pci_register_driver+0x62/0x70
[ 4.402465] radeon_module_init+0x4c/0xff0 [radeon]
[ 4.402575] do_one_initcall+0x5e/0x340
[ 4.402582] do_init_module+0x68/0x260
[ 4.402587] load_module+0xb85/0xcd0
[ 4.402593] ? security_kernel_post_read_file+0x75/0x90
[ 4.402598] init_module_from_file+0x96/0x100
[ 4.402603] ? init_module_from_file+0x96/0x100
[ 4.402609] idempotent_init_module+0x11c/0x2b0
[ 4.402615] __x64_sys_finit_module+0x64/0xd0
[ 4.40...

Read more...

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.