Ubuntu
linux-aws package

[Ubuntu 22.04.4/linux-image-6.5.0-1014-aws] Kernel outputs "UBSAN: array-index-out-of-bounds in /build/linux-aws-6.5-4tw9h1/linux-aws-6.5-6.5.0/drivers/net/xen-netfront.c:349:9 " multiple times, especially during boot

Bug #2058480 reported by Akira Tanaka
18
This bug affects 3 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Confirmed
Undecided
Marcelo Cerri
linux-aws (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

A newly launched Ubuntu 22.04.4 EC2 instance outputs "UBSAN: array-index-out-of-bounds in /build/linux-aws-6.5-4tw9h1/linux-aws-6.5-6.5.0/drivers/net/xen-netfront.c:349:9" multiple times, especially during boot.

Reproducing step:
- Launch an Ubuntu 22.04.4 EC2 instance with the instance type t2.*.

Additional Info:
- Please use t2 instance to make sure to use xen-netfront as a network device.
- This messages similar to https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2058477, which is related to netvsc.c

Revision history for this message
Akira Tanaka (popo1897) wrote :
Brett Grandbois (brettgrand)
Changed in linux (Ubuntu):
assignee: nobody → Marcelo Cerri (mhcerri)
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Chris Mounce (christophermounce) wrote :

I am also affected by this. I have an Ubuntu webserver (t2.micro, 22.04.4 LTS (jammy)) that suddenly started having these show up in the kernel journalctl logs, multiple times at boot time.

Just to be sure I had the latest everything, I ran `apt update`, `apt upgrade`, and rebooted; the UBSAN error still shows up in the logs. `uname -r` says I'm running 6.5.0-1016-aws.

The webserver still functions as far as I can tell, but it's definitely a regression. I created this EC2 instance with 22.04 a couple of months ago, and it suddenly started happening.

Revision history for this message
Chris Mounce (christophermounce) wrote :

`dmesg` output just after boot, capturing some of the UBSANs (first one happens 2 seconds in). I see a few different Call Traces in there.

Revision history for this message
Chris Mounce (christophermounce) wrote (last edit ):

This may have already been fixed upstream in December 2023: this commit to xen-project/xen looks extremely relevant, because it purports to fix an UBSAN issue with the exact same error text as this issue ("UBSAN: index 1 is out of range for type 'xen_netif_rx_sring_entry [1]'"):

https://github.com/xen-project/xen/commit/93d913c6e66e01597681d0a456c1523279218524

I am way out of my depth here, but as I understand it, these xen files get vendored into the Linux codebase:

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=125c0a646a257fd58de223f2c3e1fe8a99085644

...and from there, they get copied into the git repos for both Ubuntu's `linux` and `linux-aws` packages. Here's one of the affected files in the Jammy LTS repos, and it definitely hasn't been patched because it was last updated in 2021:

- linux: https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/log/include/xen/interface/io/ring.h
- linux-aws: https://git.launchpad.net/~canonical-kernel/ubuntu/+source/linux-aws/+git/jammy/log/include/xen/interface/io/ring.h

That bugfix is also missing from the Mantic repos -- though I haven't personally verified that it's causing issues for Mantic as well.

Revision history for this message
Juerg Haefliger (juergh) wrote :

It's a benign new warning due to stricter compile options. Needs source code modifications but the warning is harmless (but annoying).

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux-aws (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.