apport information ** Attachment added: "ProcInterrupts.txt" https://bugs.launchpad.net/bugs/2091077/+attachment/5842299/+files/ProcInterrupts.txt
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2091077 Title: UBSAN: array-index-out-of-bounds in module mt76 Status in linux package in Ubuntu: Fix Released Status in linux-oem-6.11 package in Ubuntu: Invalid Status in linux-oem-6.8 package in Ubuntu: Invalid Status in linux source package in Noble: In Progress Status in linux-oem-6.11 source package in Noble: In Progress Status in linux-oem-6.8 source package in Noble: In Progress Status in linux source package in Oracular: In Progress Status in linux-oem-6.11 source package in Oracular: Invalid Status in linux-oem-6.8 source package in Oracular: Invalid Status in linux source package in Plucky: Fix Released Status in linux-oem-6.11 source package in Plucky: Invalid Status in linux-oem-6.8 source package in Plucky: Invalid Bug description: This is a follow-up for bug 2081785. [ 33.399506] UBSAN: array-index-out-of-bounds in /home/kernel/COD/linux/drivers/net/wireless/mediatek/mt76/mac80211.c:1532:34 [ 33.399517] index 3 is out of range for type 'mt76_phy *[3]' [ 33.399523] CPU: 0 UID: 0 PID: 1153 Comm: NetworkManager Not tainted 6.11.0-061100rc7-generic #202409082235 [ 33.399528] Hardware name: HP HP ZBook Ultra 14 inch G1a Mobile Workstation PC/8D01, BIOS X89 Ver. 89.17.22 09/11/2024 [ 33.399532] Call Trace: [ 33.399537] <TASK> [ 33.399546] show_stack+0x49/0x60 [ 33.399556] dump_stack_lvl+0x5f/0x90 [ 33.399573] dump_stack+0x10/0x18 [ 33.399576] ubsan_epilogue+0x9/0x40 [ 33.399581] __ubsan_handle_out_of_bounds.cold+0x44/0x49 [ 33.399584] mt76_wcid_cleanup+0x269/0x280 [mt76] [ 33.399603] ? mt76_connac_mcu_uni_add_dev+0x15a/0x200 [mt76_connac_lib] [ 33.399620] mt792x_mac_link_bss_remove+0x136/0x190 [mt792x_lib] [ 33.399627] mt792x_remove_interface+0x7f/0xd0 [mt792x_lib] [ 33.399633] drv_remove_interface+0xf1/0x1b0 [mac80211] [ 33.399686] ieee80211_do_stop+0x5c0/0x990 [mac80211] [ 33.399727] ? synchronize_rcu_expedited+0x1f4/0x220 [ 33.399733] ieee80211_stop+0x5c/0x1c0 [mac80211] [ 33.399765] __dev_close_many+0xae/0x140 [ 33.399768] __dev_change_flags+0xe6/0x230 [ 33.399773] dev_change_flags+0x27/0x80 [ 33.399775] do_setlink+0x39e/0xd90 [ 33.399780] ? genl_family_rcv_msg_doit+0x11c/0x160 [ 33.399785] ? __nla_validate_parse+0x49/0x1b0 [ 33.399790] ? inode_sub_bytes+0x72/0x90 [ 33.399797] __rtnl_newlink+0x5c8/0x760 [ 33.399802] rtnl_newlink+0x77/0xa0 [ 33.399805] rtnetlink_rcv_msg+0x160/0x460 [ 33.399808] ? __legitimize_path+0x30/0x80 [ 33.399812] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 33.399815] netlink_rcv_skb+0x52/0x100 [ 33.399818] rtnetlink_rcv+0x15/0x30 [ 33.399820] netlink_unicast+0x245/0x390 [ 33.399823] netlink_sendmsg+0x214/0x460 [ 33.399826] ____sys_sendmsg+0x3b1/0x3f0 [ 33.399830] ___sys_sendmsg+0x9a/0xf0 [ 33.399834] __sys_sendmsg+0xe5/0x120 [ 33.399839] __x64_sys_sendmsg+0x1d/0x30 [ 33.399842] x64_sys_call+0x7da/0x22b0 [ 33.399848] do_syscall_64+0x7e/0x170 [ 33.399851] ? syscall_exit_to_user_mode+0x4e/0x250 [ 33.399855] ? do_syscall_64+0x8a/0x170 [ 33.399858] ? syscall_exit_to_user_mode+0x4e/0x250 [ 33.399860] ? do_syscall_64+0x8a/0x170 [ 33.399863] ? do_epoll_wait+0xa8/0x100 [ 33.399867] ? __x64_sys_epoll_wait+0x6d/0x110 [ 33.399870] ? __task_pid_nr_ns+0x6c/0xc0 [ 33.399875] ? syscall_exit_to_user_mode+0x4e/0x250 [ 33.399878] ? do_syscall_64+0x8a/0x170 [ 33.399879] ? irqentry_exit+0x43/0x50 [ 33.399882] ? sysvec_apic_timer_interrupt+0x57/0xc0 [ 33.399885] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 33.399889] RIP: 0033:0x7317e512c03b [ 33.399894] Code: 48 89 e5 48 83 ec 20 89 55 ec 48 89 75 f0 89 7d f8 e8 19 c5 f6 ff 8b 55 ec 48 8b 75 f0 41 89 c0 8b 7d f8 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 2d 44 89 c7 48 89 45 f8 e8 71 c5 f6 ff 48 8b [ 33.399897] RSP: 002b:00007ffd8d677b20 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 33.399902] RAX: ffffffffffffffda RBX: 000055c29094d8e0 RCX: 00007317e512c03b [ 33.399904] RDX: 0000000000000000 RSI: 00007ffd8d677b60 RDI: 000000000000000d [ 33.399906] RBP: 00007ffd8d677b40 R08: 0000000000000000 R09: 0000000000000000 [ 33.399907] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000001c [ 33.399908] R13: 000055c29094d8e0 R14: 0000000000000001 R15: 0000000000000000 [ 33.399910] </TASK> [ 33.399912] ---[ end trace ]--- Proposed fix commit 862bf7cbd772c2bad570ef0c5b5556a1330656dd ("wifi: mt76: mt7915: fix oops on non-dbdc mt7986") from v6.12-rc1. The origin of this warning, commit 0335c034e7265 ("wifi: mt76: fix race condition related to checking tx queue fill status"), traces back to v6.7-rc1. --- ProblemType: Bug ApportVersion: 2.28.1-0ubuntu3.1 Architecture: amd64 AudioDevicesInUse: USER PID ACCESS COMMAND /dev/snd/seq: ubuntu 1592 F.... pipewire /dev/snd/controlC0: ubuntu 1596 F.... wireplumber /dev/snd/controlC1: ubuntu 1596 F.... wireplumber CasperMD5CheckMismatches: ./casper/initrd ./casper/vmlinuz ./casper/minimal.standard.live.hotfix.manifest ./casper/minimal.standard.live.hotfix.size ./casper/minimal.standard.live.size ./casper/minimal.manifest ./casper/minimal.standard.manifest ./casper/minimal.standard.size ./casper/minimal.hotfix.size ./casper/minimal.standard.live.hotfix.squashfs ./casper/minimal.standard.hotfix.squashfs ./casper/minimal.standard.hotfix.size ./casper/minimal.hotfix.squashfs ./casper/minimal.standard.live.manifest ./casper/minimal.size ./boot/grub/grub.cfg CasperMD5CheckResult: fail DistributionChannelDescriptor: # This is the distribution channel descriptor for Ubuntu 24.04 for Dell # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor canonical-oem-somerville-noble-oem-24.04b-proposed-20241129-133 DistroRelease: Ubuntu 24.04 InstallationDate: Installed on 2024-11-29 (6 days ago) InstallationMedia: Ubuntu OEM 24.04.1 LTS "Noble Numbat" - Release amd64 (20241128) MachineType: Dell Inc. Dell Pro Tower / QCT1255 Package: linux-oem-6.11 ProcFB: ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-6.11.0-1009-oem root=UUID=8f2729d9-0d24-4dc1-99fe-5bbd79b79f8f ro quiet splash vt.handoff=7 ProcVersionSignature: Ubuntu 6.11.0-1009.9-oem 6.11.0 RelatedPackageVersions: linux-restricted-modules-6.11.0-1009-oem N/A linux-backports-modules-6.11.0-1009-oem N/A linux-firmware 20240318.git3b128b60-0ubuntu2.5 Tags: noble Uname: Linux 6.11.0-1009-oem x86_64 UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: N/A _MarkForUpload: True dmi.bios.date: 11/23/2024 dmi.bios.release: 0.3 dmi.bios.vendor: Dell Inc. dmi.bios.version: 00.03.00 dmi.board.vendor: Dell Inc. dmi.chassis.type: 3 dmi.chassis.vendor: Dell Inc. dmi.ec.firmware.release: 99.96 dmi.modalias: dmi:bvnDellInc.:bvr00.03.00:bd11/23/2024:br0.3:efr99.96:svnDellInc.:pnDellProTower/QCT1255:pvr:rvnDellInc.:rn:rvr:cvnDellInc.:ct3:cvr:sku0D56: dmi.product.family: Dell Pro Desktop dmi.product.name: Dell Pro Tower / QCT1255 dmi.product.sku: 0D56 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2091077/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
