[Kernel-packages] [Bug 1982878] [NEW] Aquantia GbE LAN Driver Index Out Of Bounds During Kernel Boot

Tue, 26 Jul 2022 12:11:04 -0700 

Public bug reported:

Consistent array-index-out-of-bounds in the aquantia atlantic driver on x570 
ASRock Creator
https://www.asrock.com/mb/AMD/X570%20Creator/index.asp

Doesn't actually seem to be impacting ability to utilize LAN much, if at
all.

Operating System: Kubuntu 22.04
KDE Plasma Version: 5.24.6
KDE Frameworks Version: 5.95.0
Qt Version: 5.15.3
Kernel Version: 5.15.0-43-lowlatency (64-bit)
Graphics Platform: X11
Processors: 32 × AMD Ryzen 9 3950X 16-Core Processor
Memory: 31.3 GiB of RAM
Graphics Processor: AMD Radeon RX 5700 XT

Output of cat /proc/version_signature :
Ubuntu 5.15.0-43.46-lowlatency 5.15.39

Kernel parameters and image line:

BOOT_IMAGE=/boot/vmlinuz-5.15.0-43-lowlatency
root=UUID=70b308c1-46f6-4565-b28c-cf81163fe918 ro splash
resume=UUID=382306cf-9584-4263-ad41-06ee99403a6a
pci=routeirq,pcie_bus_perf,ioapicreroute,realloc,assign-
busses,hpbussize=0x33,pcie_scan_all,big_root_window
amd_pstate.shared_mem=1 add_efi_memmap enable_mtrr_cleanup
acpi_backlight=native

From the journald error log:

7/26/22 7:33 AM kernel  
================================================================================
7/26/22 7:33 AM kernel  UBSAN: array-index-out-of-bounds in 
/build/linux-lowlatency-gn5Bpn/linux-lowlatency-5.15.0/drivers/net/ethernet/aquantia/atlantic/aq_nic.c:1262:48
7/26/22 7:33 AM kernel  index 8 is out of range for type 'aq_vec_s *[8]'
7/26/22 7:33 AM kernel  CPU: 2 PID: 2109 Comm: daemon-init Not tainted 
5.15.0-43-lowlatency #46-Ubuntu
7/26/22 7:33 AM kernel  Hardware name: To Be Filled By O.E.M. X570 Creator/X570 
Creator, BIOS P3.72 05/17/2022
7/26/22 7:33 AM kernel  Call Trace:
7/26/22 7:33 AM kernel   <TASK>
7/26/22 7:33 AM kernel   show_stack+0x52/0x58
7/26/22 7:33 AM kernel   dump_stack_lvl+0x4a/0x5f
7/26/22 7:33 AM kernel   dump_stack+0x10/0x12
7/26/22 7:33 AM kernel   ubsan_epilogue+0x9/0x45
7/26/22 7:33 AM kernel   __ubsan_handle_out_of_bounds.cold+0x44/0x49
7/26/22 7:33 AM kernel   ? netdev_set_tc_queue+0x78/0x90
7/26/22 7:33 AM kernel   ? aq_vec_stop+0x72/0x80 [atlantic]
7/26/22 7:33 AM kernel   aq_nic_stop+0x1b2/0x1c0 [atlantic]
7/26/22 7:33 AM kernel   aq_ndev_set_features+0x13f/0x1a0 [atlantic]
7/26/22 7:33 AM kernel   __netdev_update_features+0x184/0x810
7/26/22 7:33 AM kernel   dev_disable_lro+0x34/0x150
7/26/22 7:33 AM kernel   devinet_sysctl_forward+0x1f7/0x230
7/26/22 7:33 AM kernel   proc_sys_call_handler+0x161/0x2d0
7/26/22 7:33 AM kernel   proc_sys_write+0x13/0x20
7/26/22 7:33 AM kernel   new_sync_write+0x117/0x1a0
7/26/22 7:33 AM kernel   vfs_write+0x1f3/0x290
7/26/22 7:33 AM kernel   ksys_write+0x67/0xe0
7/26/22 7:33 AM kernel   __x64_sys_write+0x19/0x20
7/26/22 7:33 AM kernel   do_syscall_64+0x5c/0xc0
7/26/22 7:33 AM kernel   ? exit_to_user_mode_prepare+0x37/0xb0
7/26/22 7:33 AM kernel   ? syscall_exit_to_user_mode+0x27/0x50
7/26/22 7:33 AM kernel   ? do_syscall_64+0x69/0xc0
7/26/22 7:33 AM kernel   ? exit_to_user_mode_prepare+0x37/0xb0
7/26/22 7:33 AM kernel   ? syscall_exit_to_user_mode+0x27/0x50
7/26/22 7:33 AM kernel   ? do_syscall_64+0x69/0xc0
7/26/22 7:33 AM kernel   ? asm_exc_page_fault+0x8/0x30
7/26/22 7:33 AM kernel   entry_SYSCALL_64_after_hwframe+0x44/0xae
7/26/22 7:33 AM kernel  RIP: 0033:0x7f4be0057a6f
7/26/22 7:33 AM kernel  Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 19 c0 
f7 ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 
<48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 5c c0 f7 ff 48
7/26/22 7:33 AM kernel  RSP: 002b:00007f4b9bffe810 EFLAGS: 00000293 ORIG_RAX: 
0000000000000001
7/26/22 7:33 AM kernel  RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 
00007f4be0057a6f
7/26/22 7:33 AM kernel  RDX: 0000000000000002 RSI: 00007f4be09dd5e5 RDI: 
0000000000000013
7/26/22 7:33 AM kernel  RBP: 00007f4be09dd5e5 R08: 0000000000000000 R09: 
0000000000000001
7/26/22 7:33 AM kernel  R10: 0000000000000000 R11: 0000000000000293 R12: 
0000000000000013
7/26/22 7:33 AM kernel  R13: 0000000000000013 R14: 0000000000000000 R15: 
00007f4b90024b50
7/26/22 7:33 AM kernel   </TASK>
7/26/22 7:33 AM kernel  
================================================================================

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: New

** Attachment added: "lscpi-vnvn output"
   
https://bugs.launchpad.net/bugs/1982878/+attachment/5605405/+files/lspci-vnvn.log

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1982878

Title:
   Aquantia GbE LAN Driver Index Out Of Bounds During Kernel Boot

Status in linux package in Ubuntu:
  New

Bug description:
  Consistent array-index-out-of-bounds in the aquantia atlantic driver on x570 
ASRock Creator
  https://www.asrock.com/mb/AMD/X570%20Creator/index.asp

  Doesn't actually seem to be impacting ability to utilize LAN much, if
  at all.

  Operating System: Kubuntu 22.04
  KDE Plasma Version: 5.24.6
  KDE Frameworks Version: 5.95.0
  Qt Version: 5.15.3
  Kernel Version: 5.15.0-43-lowlatency (64-bit)
  Graphics Platform: X11
  Processors: 32 × AMD Ryzen 9 3950X 16-Core Processor
  Memory: 31.3 GiB of RAM
  Graphics Processor: AMD Radeon RX 5700 XT

  Output of cat /proc/version_signature :
  Ubuntu 5.15.0-43.46-lowlatency 5.15.39

  Kernel parameters and image line:

  BOOT_IMAGE=/boot/vmlinuz-5.15.0-43-lowlatency
  root=UUID=70b308c1-46f6-4565-b28c-cf81163fe918 ro splash
  resume=UUID=382306cf-9584-4263-ad41-06ee99403a6a
  pci=routeirq,pcie_bus_perf,ioapicreroute,realloc,assign-
  busses,hpbussize=0x33,pcie_scan_all,big_root_window
  amd_pstate.shared_mem=1 add_efi_memmap enable_mtrr_cleanup
  acpi_backlight=native

  From the journald error log:

  7/26/22 7:33 AM       kernel  
================================================================================
  7/26/22 7:33 AM       kernel  UBSAN: array-index-out-of-bounds in 
/build/linux-lowlatency-gn5Bpn/linux-lowlatency-5.15.0/drivers/net/ethernet/aquantia/atlantic/aq_nic.c:1262:48
  7/26/22 7:33 AM       kernel  index 8 is out of range for type 'aq_vec_s *[8]'
  7/26/22 7:33 AM       kernel  CPU: 2 PID: 2109 Comm: daemon-init Not tainted 
5.15.0-43-lowlatency #46-Ubuntu
  7/26/22 7:33 AM       kernel  Hardware name: To Be Filled By O.E.M. X570 
Creator/X570 Creator, BIOS P3.72 05/17/2022
  7/26/22 7:33 AM       kernel  Call Trace:
  7/26/22 7:33 AM       kernel   <TASK>
  7/26/22 7:33 AM       kernel   show_stack+0x52/0x58
  7/26/22 7:33 AM       kernel   dump_stack_lvl+0x4a/0x5f
  7/26/22 7:33 AM       kernel   dump_stack+0x10/0x12
  7/26/22 7:33 AM       kernel   ubsan_epilogue+0x9/0x45
  7/26/22 7:33 AM       kernel   __ubsan_handle_out_of_bounds.cold+0x44/0x49
  7/26/22 7:33 AM       kernel   ? netdev_set_tc_queue+0x78/0x90
  7/26/22 7:33 AM       kernel   ? aq_vec_stop+0x72/0x80 [atlantic]
  7/26/22 7:33 AM       kernel   aq_nic_stop+0x1b2/0x1c0 [atlantic]
  7/26/22 7:33 AM       kernel   aq_ndev_set_features+0x13f/0x1a0 [atlantic]
  7/26/22 7:33 AM       kernel   __netdev_update_features+0x184/0x810
  7/26/22 7:33 AM       kernel   dev_disable_lro+0x34/0x150
  7/26/22 7:33 AM       kernel   devinet_sysctl_forward+0x1f7/0x230
  7/26/22 7:33 AM       kernel   proc_sys_call_handler+0x161/0x2d0
  7/26/22 7:33 AM       kernel   proc_sys_write+0x13/0x20
  7/26/22 7:33 AM       kernel   new_sync_write+0x117/0x1a0
  7/26/22 7:33 AM       kernel   vfs_write+0x1f3/0x290
  7/26/22 7:33 AM       kernel   ksys_write+0x67/0xe0
  7/26/22 7:33 AM       kernel   __x64_sys_write+0x19/0x20
  7/26/22 7:33 AM       kernel   do_syscall_64+0x5c/0xc0
  7/26/22 7:33 AM       kernel   ? exit_to_user_mode_prepare+0x37/0xb0
  7/26/22 7:33 AM       kernel   ? syscall_exit_to_user_mode+0x27/0x50
  7/26/22 7:33 AM       kernel   ? do_syscall_64+0x69/0xc0
  7/26/22 7:33 AM       kernel   ? exit_to_user_mode_prepare+0x37/0xb0
  7/26/22 7:33 AM       kernel   ? syscall_exit_to_user_mode+0x27/0x50
  7/26/22 7:33 AM       kernel   ? do_syscall_64+0x69/0xc0
  7/26/22 7:33 AM       kernel   ? asm_exc_page_fault+0x8/0x30
  7/26/22 7:33 AM       kernel   entry_SYSCALL_64_after_hwframe+0x44/0xae
  7/26/22 7:33 AM       kernel  RIP: 0033:0x7f4be0057a6f
  7/26/22 7:33 AM       kernel  Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 
19 c0 f7 ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 
0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 5c c0 f7 ff 48
  7/26/22 7:33 AM       kernel  RSP: 002b:00007f4b9bffe810 EFLAGS: 00000293 
ORIG_RAX: 0000000000000001
  7/26/22 7:33 AM       kernel  RAX: ffffffffffffffda RBX: 0000000000000002 
RCX: 00007f4be0057a6f
  7/26/22 7:33 AM       kernel  RDX: 0000000000000002 RSI: 00007f4be09dd5e5 
RDI: 0000000000000013
  7/26/22 7:33 AM       kernel  RBP: 00007f4be09dd5e5 R08: 0000000000000000 
R09: 0000000000000001
  7/26/22 7:33 AM       kernel  R10: 0000000000000000 R11: 0000000000000293 
R12: 0000000000000013
  7/26/22 7:33 AM       kernel  R13: 0000000000000013 R14: 0000000000000000 
R15: 00007f4b90024b50
  7/26/22 7:33 AM       kernel   </TASK>
  7/26/22 7:33 AM       kernel  
================================================================================

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1982878/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to