mstflint-dkms module bug causes UBSAN errors in dmesg
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mstflint (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
dann frazier | ||
Mantic |
Fix Released
|
Undecided
|
dann frazier |
Bug Description
[Impact]
A bug in the kernel module source can cause error messages to show up in the kernel when an application closes the device when UBSAN is active. This is likely to cause unnecessary user worry:
From an NVIDIA DGX 1 system:
$ sudo mstflint -d 84:00.0 q
$ dmesg
[ 304.400217] =======
[ 304.400267] UBSAN: shift-out-of-bounds in /var/lib/
[ 304.400283] shift exponent 4294967295 is too large for 32-bit type 'int'
[ 304.400295] CPU: 65 PID: 25268 Comm: mstflint Tainted: G OE 5.15.0-102-generic #112-Ubuntu
[ 304.400298] Hardware name: NVIDIA DGX-1 with V100-32/DGX-1 with V100-32, BIOS S2W_3A13 01/03/2023
[ 304.400299] Call Trace:
[ 304.400301] <TASK>
[ 304.400303] show_stack+
[ 304.400309] dump_stack_
[ 304.400315] dump_stack+
[ 304.400318] ubsan_epilogue+
[ 304.400320] __ubsan_
[ 304.400324] ? do_sigaction+
[ 304.400329] mst_release.
[ 304.400332] __fput+0x9f/0x280
[ 304.400338] ____fput+0xe/0x20
[ 304.400340] task_work_
[ 304.400345] exit_to_
[ 304.400352] exit_to_
[ 304.400354] syscall_
[ 304.400372] ? __x64_sys_
[ 304.400375] do_syscall_
[ 304.400380] ? do_syscall_
[ 304.400383] ? do_syscall_
[ 304.400385] entry_SYSCALL_
[ 304.400389] RIP: 0033:0x7f0347edaf67
[ 304.400391] Code: ff e8 0d 16 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 73 ba f7 ff
[ 304.400393] RSP: 002b:00007ffebc
[ 304.400396] RAX: 0000000000000000 RBX: 000055aa91e5fe10 RCX: 00007f0347edaf67
[ 304.400398] RDX: 0000000000000000 RSI: 000055aa913737a1 RDI: 0000000000000003
[ 304.400399] RBP: 000055aa91e5fe10 R08: 000055aa91e60cc0 R09: 000055aa91e61160
[ 304.400400] R10: 000055aa91e615b0 R11: 0000000000000246 R12: 000055aa91e60820
[ 304.400401] R13: 000055aa91e2b650 R14: 000055aa91e4b3f0 R15: 000055aa9136ac47
[ 304.400403] </TASK>
[ 304.400404] =======
[Test Case]
Load the mstflint_access module
open then close a /dev/*_mstconf file
Look for any errors in dmesg
[What Could Go Wrong]
A severe bug in the fix could cause the problem to escalate to an oops or panic.
Changed in mstflint (Ubuntu): | |
status: | New → Fix Released |
Changed in mstflint (Ubuntu Mantic): | |
status: | New → In Progress |
Changed in mstflint (Ubuntu Jammy): | |
status: | New → In Progress |
assignee: | nobody → dann frazier (dannf) |
Changed in mstflint (Ubuntu Mantic): | |
assignee: | nobody → dann frazier (dannf) |
description: | updated |
description: | updated |
Hello dann, or anyone else affected,
Accepted mstflint into mantic-proposed. The package will build now and be available at https:/ /launchpad. net/ubuntu/ +source/ mstflint/ 4.21.0+ 1-1ubuntu0. 1 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https:/ /wiki.ubuntu. com/Testing/ EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification- needed- mantic to verification- done-mantic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed- mantic. In either case, without details of your testing we will not be able to proceed.
Further information regarding the verification process can be found at https:/ /wiki.ubuntu. com/QATeam/ PerformingSRUVe rification . Thank you in advance for helping!
N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.