ACK/Cmnt: [SRU J][PULL REQUEST V2 0/6] Observed "Array Index out of bounds" Call Trace multiple times on Ubuntu 22.04.1 OS during boot
Michael Reed
michael.reed at canonical.com
Mon Feb 27 15:23:51 UTC 2023
Hi Stefan,
Thanks for the feedback, I appreciate it. I will try to adhere to that
advice next time.
Regards,
Michael
On Mon, Feb 27, 2023 at 3:34 AM Stefan Bader <stefan.bader at canonical.com>
wrote:
> On 25.02.23 01:26, Michael Reed wrote:
> > Hi Tim,
> >
> > Thank you for reviewing it. I am always learning here, so I wanted to
> > know what was weird about the submission so I can avoid that in future
> > submissions.
> >
> Hi Michael,
>
> I think what Tim meant is that you followed what I told you but a little
> too much. The form I proposed was for "Other Info" only. Assuming that
> is used by a human looking at things. The URL for the actual pull
> request should be what "git request-pull" emits. That is as I believe it
> was before where there is a repo URI part and the branch as a separate
> argument. These things, together with tha SHA1s pointing to start and
> end is fed into a git command to fetch the patches. While I would use
> the other info uri to look at things via a browser.
>
> -Stefan
>
> > Thanks,
> > Michael
> >
> > On Thu, Feb 23, 2023 at 12:37 PM Tim Gardner <tim.gardner at canonical.com
> > <mailto:tim.gardner at canonical.com>> wrote:
> >
> > On 2/23/23 9:57 AM, Michael Reed wrote:
> > > From: Michael Reed <Michael.Reed at canonical.com
> > <mailto:Michael.Reed at canonical.com>>
> > >
> > > SRU Justification:
> > >
> > > BugLink: https://bugs.launchpad.net/bugs/2008157
> > <https://bugs.launchpad.net/bugs/2008157>
> > >
> > > [Impact]
> > >
> > > When booted into Ubuntu 22.04.1 OS after installation, observed
> > "Array Index out of bounds" Call Trace multiple times in dmesg.
> > >
> > > Call Trace is as follow:
> > > [ 6.125704] UBSAN: array-index-out-of-bounds in
> >
> /build/linux-JjvoxS/linux-5.15.0/drivers/scsi/megaraid/megaraid_sas_fp.c:103:32
> > > [ 6.125705] index 1 is out of range for type 'MR_LD_SPAN_MAP [1]'
> > > [ 6.125707] CPU: 0 PID: 18 Comm: kworker/0:1 Not tainted
> > 5.15.0-53-generic #59-Ubuntu
> > > [ 6.125709] Hardware name: Dell Inc. , BIOS 11/08/2022
> > > [ 6.125710] Workqueue: events work_for_cpu_fn
> > > [ 6.125716] Call Trace:
> > > [ 6.125718] <TASK>
> > > [ 6.125720] show_stack+0x52/0x5c
> > > [ 6.125725] dump_stack_lvl+0x4a/0x63
> > > [ 6.125731] dump_stack+0x10/0x16
> > > [ 6.125732] ubsan_epilogue+0x9/0x49
> > > [ 6.125734] __ubsan_handle_out_of_bounds.cold+0x44/0x49
> > > [ 6.125736] ? MR_PopulateDrvRaidMap+0x194/0x580 [megaraid_sas]
> > > [ 6.125747] mr_update_load_balance_params+0xb9/0xc0 [megaraid_sas]
> > > [ 6.125753] MR_ValidateMapInfo+0x8d/0x290 [megaraid_sas]
> > > [ 6.125757] megasas_init_adapter_fusion+0x3ce/0x420 [megaraid_sas]
> > > [ 6.125762] ? megasas_setup_reply_map+0x49/0xac [megaraid_sas]
> > > [ 6.125768] megasas_init_fw.cold+0x87c/0x10c8 [megaraid_sas]
> > > [ 6.125774] megasas_probe_one+0x15c/0x4e0 [megaraid_sas]
> > > [ 6.125779] local_pci_probe+0x48/0x90
> > > [ 6.125783] work_for_cpu_fn+0x17/0x30
> > > [ 6.125785] process_one_work+0x228/0x3d0
> > > [ 6.125786] worker_thread+0x223/0x420
> > > [ 6.125787] ? process_one_work+0x3d0/0x3d0
> > > [ 6.125788] kthread+0x127/0x150
> > > [ 6.125790] ? set_kthread_struct+0x50/0x50
> > > [ 6.125791] ret_from_fork+0x1f/0x30
> > > [ 6.125796] </TASK>
> > > [ 6.125796]
> >
> ================================================================================
> > >
> > > Steps to reproduce:
> > > 1. Connect PERC H355 controller to the system
> > > 2. Create RAID1 using drives connected to PERC Controller
> > > 3. Install Ubuntu 22.04.1 on VD
> > > 4. Boot into OS after installation
> > > 5. Multiple Call Traces of "array-index-out-of-bounds" are seen
> > >
> > > Expected Behavior:
> > > OS should boot without this Call Trace
> > >
> > > [Fix]
> > >
> > > [PATCH v3 0/6] Replace one-element arrays with flexible-array
> members
> > >
> >
> https://lore.kernel.org/linux-hardening/cover.1660592640.git.gustavoars@kernel.org/
> <
> https://lore.kernel.org/linux-hardening/cover.1660592640.git.gustavoars@kernel.org/
> >
> > >
> > > 48658213 scsi: megaraid_sas: Use struct_size() in code related to
> > struct MR_PD_CFG_SEQ_NUM_SYNC
> > > 41e83026 scsi: megaraid_sas: Use struct_size() in code related to
> > struct MR_FW_RAID_MAP
> > > ee92366a scsi: megaraid_sas: Replace one-element array with
> > flexible-array member in MR_PD_CFG_SEQ_NUM_SYNC
> > > eeb3bab7 scsi: megaraid_sas: Replace one-element array with
> > flexible-array member in MR_DRV_RAID_MAP
> > > 204a29a1 scsi: megaraid_sas: Replace one-element array with
> > flexible-array member in MR_FW_RAID_MAP_DYNAMIC
> > > ac23b92b scsi: megaraid_sas: Replace one-element array with
> > flexible-array member in MR_FW_RAID_MAP
> > >
> > > [Test Plan]
> > >
> > > 1. Connect PERC H355 controller to the system
> > > 2. Create RAID1 using drives connected to PERC Controller
> > > 3. Install Ubuntu 22.04.1 on VD
> > > 4. Boot into OS after installation
> > > OS should boot without the Call Trace listed in the Impact field
> > >
> > > [Where problems could occur]
> > >
> > > [Other Info]
> > >
> >
> https://code.launchpad.net/~mreed8855/ubuntu/+source/linux/+git/jammy/+ref/array_bounds_lp_2008157
> <
> https://code.launchpad.net/~mreed8855/ubuntu/+source/linux/+git/jammy/+ref/array_bounds_lp_2008157
> >
> > >
> > > The following changes since commit
> > 7a9737edb25096642bcb448bd2e0c64b7f717aa4:
> > >
> > > UBUNTU: Ubuntu-5.15.0-59.65 (2023-01-06 08:11:23 -0800)
> > >
> > > are available in the Git repository at:
> > >
> > >
> >
> https://code.launchpad.net/~mreed8855/ubuntu/+source/linux/+git/jammy/+ref/array_bounds_lp_2008157
> <
> https://code.launchpad.net/~mreed8855/ubuntu/+source/linux/+git/jammy/+ref/array_bounds_lp_2008157
> >
> > >
> > > for you to fetch changes up to
> > aeee88c7297067665bdf76adb58565ec0a1eee68:
> > >
> > > scsi: megaraid_sas: Use struct_size() in code related to
> > struct MR_PD_CFG_SEQ_NUM_SYNC (2023-02-22 21:15:30 -0600)
> > >
> > > ----------------------------------------------------------------
> > > Gustavo A. R. Silva (6):
> > > scsi: megaraid_sas: Replace one-element array with
> > flexible-array member in MR_FW_RAID_MAP
> > > scsi: megaraid_sas: Replace one-element array with
> > flexible-array member in MR_FW_RAID_MAP_DYNAMIC
> > > scsi: megaraid_sas: Replace one-element array with
> > flexible-array member in MR_DRV_RAID_MAP
> > > scsi: megaraid_sas: Replace one-element array with
> > flexible-array member in MR_PD_CFG_SEQ_NUM_SYNC
> > > scsi: megaraid_sas: Use struct_size() in code related to
> > struct MR_FW_RAID_MAP
> > > scsi: megaraid_sas: Use struct_size() in code related to
> > struct MR_PD_CFG_SEQ_NUM_SYNC
> > >
> > > drivers/scsi/megaraid/megaraid_sas_base.c | 20
> > ++++++++++----------
> > > drivers/scsi/megaraid/megaraid_sas_fp.c | 6 +++---
> > > drivers/scsi/megaraid/megaraid_sas_fusion.c | 2 +-
> > > drivers/scsi/megaraid/megaraid_sas_fusion.h | 12 ++++++------
> > > 4 files changed, 20 insertions(+), 20 deletions(-)
> > >
> > Acked-by: Tim Gardner <tim.gardner at canonical.com
> > <mailto:tim.gardner at canonical.com>>
> >
> > Your pull request URL is a little weird, but I figured it out.
> >
> > --
> > -----------
> > Tim Gardner
> > Canonical, Inc
> >
> >
>
> --
> - Stefan
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230227/b360f9fc/attachment-0001.html>
More information about the kernel-team
mailing list