UBSAN: array-index-out-of-bounds in drivers/gpu/drm/amd/amdgpu/../display/dc/bios/bios_parser2.c:519:4 (kernel 6.3-rc3)
With USBAN (default options) enabled kernel dmesg still shows two array-index-out-of-bounds in kernel dmesg.
Originally reported on kernel bugzilla #214853 and now re-tested on kernel 6.3-rc3 with a PowerColor Fighter Radeon RX 6700 XT 12GB.
[...]
[ 18.456600] ================================================================================
[ 18.456764] UBSAN: array-index-out-of-bounds in drivers/gpu/drm/amd/amdgpu/../display/dc/bios/bios_parser2.c:519:4
[ 18.456935] index 11 is out of range for type 'struct atom_gpio_pin_assignment[8]'
[ 18.457105] CPU: 2 PID: 539 Comm: (udev-worker) Not tainted 6.3.0-rc3-Zen3 #2
[ 18.457285] Hardware name: To Be Filled By O.E.M. B450M Steel Legend/B450M Steel Legend, BIOS P4.60 10/20/2022
[ 18.457482] Call Trace:
[ 18.457639] <TASK>
[ 18.457810] dump_stack_lvl+0xe5/0x140
[ 18.457975] ubsan_epilogue+0x5/0x30
[ 18.458142] __ubsan_handle_out_of_bounds+0xa8/0xb0
[ 18.458315] get_gpio_i2c_info+0x59d/0x670 [amdgpu]
[ 18.458699] bios_parser_get_i2c_info+0x1cd/0x360 [amdgpu]
[ 18.459072] ? bios_parser_get_src_obj+0x8c0/0x8c0 [amdgpu]
[ 18.459448] link_create_ddc_service+0x27e/0x6d0 [amdgpu]
[ 18.459814] link_create+0xf86/0x2cb0 [amdgpu]
[ 18.460181] create_links+0x25b/0xd50 [amdgpu]
[ 18.460563] dc_create+0x8d2/0xdf0 [amdgpu]
[ 18.460947] dm_hw_init+0x903/0x6810 [amdgpu]
[ 18.461326] ? __irq_work_queue_local+0x76/0xc0
[ 18.461493] ? dev_vprintk_emit+0x209/0x2b0
[ 18.461658] ? dev_printk_emit+0x72/0x90
[ 18.461828] ? mutex_unlock+0x5a/0xa0
[ 18.462001] amdgpu_device_ip_hw_init_phase2+0x154/0x410 [amdgpu]
[ 18.462377] amdgpu_device_ip_init+0xcc7/0x11c0 [amdgpu]
[ 18.462749] amdgpu_device_init+0x45a9/0x6a30 [amdgpu]
[ 18.463117] amdgpu_driver_load_kms+0x25/0x390 [amdgpu]
[ 18.463947] amdgpu_pci_probe+0x27f/0x770 [amdgpu]
[ 18.464783] pci_device_probe+0x16b/0x2d0
[ 18.465413] really_probe+0x24a/0x5d0
[ 18.466046] __driver_probe_device+0x147/0x240
[ 18.466682] driver_probe_device+0x44/0xd0
[ 18.467352] __driver_attach+0x162/0x210
[ 18.467990] ? driver_attach+0x40/0x40
[ 18.468611] bus_for_each_dev+0xd2/0x110
[ 18.469231] bus_add_driver+0x20e/0x410
[ 18.469858] driver_register+0x16d/0x2b0
[ 18.470491] do_one_initcall+0x13f/0x3f0
[ 18.471117] ? 0xffffffffc39a0000
[ 18.471738] ? migrate_folio_undo_src+0x1fa/0x280
[ 18.472355] ? __asan_register_globals+0x57/0x80
[ 18.472965] do_init_module+0x1ae/0x460
[ 18.473580] __se_sys_finit_module+0x118/0x150
[ 18.474180] do_syscall_64+0x6a/0xa0
[ 18.474789] ? syscall_exit_to_user_mode+0x23/0xb0
[ 18.475383] ? do_syscall_64+0x76/0xa0
[ 18.475970] ? exit_to_user_mode_prepare+0x6d/0x70
[ 18.476563] ? syscall_exit_to_user_mode+0x23/0xb0
[ 18.477161] ? do_syscall_64+0x76/0xa0
[ 18.477762] ? syscall_exit_to_user_mode+0x23/0xb0
[ 18.478345] ? do_syscall_64+0x76/0xa0
[ 18.478952] ? syscall_exit_to_user_mode+0x23/0xb0
[ 18.479549] ? do_syscall_64+0x76/0xa0
[ 18.480137] ? do_syscall_64+0x76/0xa0
[ 18.480728] ? do_syscall_64+0x76/0xa0
[ 18.481305] entry_SYSCALL_64_after_hwframe+0x4b/0xb5
[ 18.481880] RIP: 0033:0x7fa3e3929739
[ 18.482455] Code: 08 89 e8 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 97 c6 0c 00 f7 d8 64 89 01 48
[ 18.483070] RSP: 002b:00007ffee39ee878 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[ 18.483695] RAX: ffffffffffffffda RBX: 0000555cf5171b10 RCX: 00007fa3e3929739
[ 18.484358] RDX: 0000000000000000 RSI: 00007fa3e3d29a77 RDI: 0000000000000018
[ 18.484978] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffffffffffeb0
[ 18.485595] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000020000
[ 18.486206] R13: 0000555cf51cb370 R14: 00007fa3e3d29a77 R15: 0000000000000000
[ 18.486809] </TASK>
[ 18.487429] ================================================================================
[ 18.488056] ================================================================================
[ 18.488653] UBSAN: array-index-out-of-bounds in drivers/gpu/drm/amd/amdgpu/../display/dc/bios/bios_parser2.c:522:4
[ 18.489255] index 11 is out of range for type 'struct atom_gpio_pin_assignment[8]'
[ 18.489850] CPU: 2 PID: 539 Comm: (udev-worker) Not tainted 6.3.0-rc3-Zen3 #2
[ 18.490453] Hardware name: To Be Filled By O.E.M. B450M Steel Legend/B450M Steel Legend, BIOS P4.60 10/20/2022
[ 18.491072] Call Trace:
[ 18.491657] <TASK>
[ 18.492240] dump_stack_lvl+0xe5/0x140
[ 18.492827] ubsan_epilogue+0x5/0x30
[ 18.493410] __ubsan_handle_out_of_bounds+0xa8/0xb0
[ 18.494010] get_gpio_i2c_info+0x60d/0x670 [amdgpu]
[ 18.494828] bios_parser_get_i2c_info+0x1cd/0x360 [amdgpu]
[ 18.495636] ? bios_parser_get_src_obj+0x8c0/0x8c0 [amdgpu]
[ 18.496437] link_create_ddc_service+0x27e/0x6d0 [amdgpu]
[ 18.497243] link_create+0xf86/0x2cb0 [amdgpu]
[ 18.498066] create_links+0x25b/0xd50 [amdgpu]
[ 18.498866] dc_create+0x8d2/0xdf0 [amdgpu]
[ 18.499671] dm_hw_init+0x903/0x6810 [amdgpu]
[ 18.500473] ? __irq_work_queue_local+0x76/0xc0
[ 18.501060] ? dev_vprintk_emit+0x209/0x2b0
[ 18.501644] ? dev_printk_emit+0x72/0x90
[ 18.502231] ? mutex_unlock+0x5a/0xa0
[ 18.502822] amdgpu_device_ip_hw_init_phase2+0x154/0x410 [amdgpu]
[ 18.503605] amdgpu_device_ip_init+0xcc7/0x11c0 [amdgpu]
[ 18.504395] amdgpu_device_init+0x45a9/0x6a30 [amdgpu]
[ 18.505184] amdgpu_driver_load_kms+0x25/0x390 [amdgpu]
[ 18.505967] amdgpu_pci_probe+0x27f/0x770 [amdgpu]
[ 18.506751] pci_device_probe+0x16b/0x2d0
[ 18.507336] really_probe+0x24a/0x5d0
[ 18.507914] __driver_probe_device+0x147/0x240
[ 18.508500] driver_probe_device+0x44/0xd0
[ 18.509079] __driver_attach+0x162/0x210
[ 18.509653] ? driver_attach+0x40/0x40
[ 18.510247] bus_for_each_dev+0xd2/0x110
[ 18.510833] bus_add_driver+0x20e/0x410
[ 18.511420] driver_register+0x16d/0x2b0
[ 18.512174] do_one_initcall+0x13f/0x3f0
[ 18.512754] ? 0xffffffffc39a0000
[ 18.513347] ? migrate_folio_undo_src+0x1fa/0x280
[ 18.513937] ? __asan_register_globals+0x57/0x80
[ 18.514516] do_init_module+0x1ae/0x460
[ 18.515096] __se_sys_finit_module+0x118/0x150
[ 18.515677] do_syscall_64+0x6a/0xa0
[ 18.516263] ? syscall_exit_to_user_mode+0x23/0xb0
[ 18.516840] ? do_syscall_64+0x76/0xa0
[ 18.517427] ? exit_to_user_mode_prepare+0x6d/0x70
[ 18.518009] ? syscall_exit_to_user_mode+0x23/0xb0
[ 18.518583] ? do_syscall_64+0x76/0xa0
[ 18.519161] ? syscall_exit_to_user_mode+0x23/0xb0
[ 18.519744] ? do_syscall_64+0x76/0xa0
[ 18.520326] ? syscall_exit_to_user_mode+0x23/0xb0
[ 18.520918] ? do_syscall_64+0x76/0xa0
[ 18.521501] ? do_syscall_64+0x76/0xa0
[ 18.522081] ? do_syscall_64+0x76/0xa0
[ 18.522658] entry_SYSCALL_64_after_hwframe+0x4b/0xb5
[ 18.523242] RIP: 0033:0x7fa3e3929739
[ 18.523867] Code: 08 89 e8 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 97 c6 0c 00 f7 d8 64 89 01 48
[ 18.524485] RSP: 002b:00007ffee39ee878 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[ 18.525095] RAX: ffffffffffffffda RBX: 0000555cf5171b10 RCX: 00007fa3e3929739
[ 18.525690] RDX: 0000000000000000 RSI: 00007fa3e3d29a77 RDI: 0000000000000018
[ 18.526290] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffffffffffeb0
[ 18.526880] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000020000
[ 18.527469] R13: 0000555cf51cb370 R14: 00007fa3e3d29a77 R15: 0000000000000000
[ 18.528057] </TASK>
[ 18.528653] ================================================================================
[ 18.529722] [drm] Display Core initialized with v3.2.223!
[ 18.530309] [drm] DP-HDMI FRL PCON supported
[ 18.532331] [drm] DMUB hardware initialized: version=0x02020017
[ 18.561215] snd_hda_intel 0000:08:00.1: bound 0000:08:00.0 (ops amdgpu_dm_audio_component_bind_ops [amdgpu])
[ 18.603277] [drm] kiq ring mec 2 pipe 1 q 0
[ 18.609966] [drm] VCN decode and encode initialized successfully(under DPG Mode).
[ 18.610934] [drm] JPEG decode initialized successfully.Some data about the system:
# inxi -bZ
System:
Kernel: 6.3.0-rc3-Zen3 arch: x86_64 bits: 64
Console: pty pts/0 Distro: Gentoo Base System release 2.13
Machine:
Type: Desktop Mobo: ASRock model: B450M Steel Legend
serial: M80-D1005301508 UEFI: American Megatrends v: P4.60 date: 10/20/2022
CPU:
Info: 16-core AMD Ryzen 9 5950X [MT MCP] speed (MHz): avg: 3175
min/max: 2200/3400
Graphics:
Device-1: AMD Navi 22 [Radeon RX 6700/6700 XT/6750 XT / 6800M]
driver: amdgpu v: kernel
Device-2: AMD RV710 [Radeon HD 4350/4550] driver: radeon v: kernel
Display: x11 server: X.Org v: 21.1.1 driver: X: loaded: amdgpu
unloaded: fbdev,modesetting,radeon gpu: amdgpu,radeon
resolution: 2560x1600~60Hz
OpenGL: renderer: llvmpipe (LLVM 15.0.7 256 bits) v: 4.5 Mesa 22.3.7
Network:
Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet
driver: r8169
# lspci
00:00.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Root Complex
00:00.2 IOMMU: Advanced Micro Devices, Inc. [AMD] Starship/Matisse IOMMU
00:01.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:01.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge
00:01.3 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge
00:02.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:03.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:03.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge
00:04.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:05.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:07.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:07.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B]
00:08.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:08.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B]
00:14.0 SMBus: Advanced Micro Devices, Inc. [AMD] FCH SMBus Controller (rev 61)
00:14.3 ISA bridge: Advanced Micro Devices, Inc. [AMD] FCH LPC Bridge (rev 51)
00:18.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer Data Fabric: Device 18h; Function 0
00:18.1 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer Data Fabric: Device 18h; Function 1
00:18.2 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer Data Fabric: Device 18h; Function 2
00:18.3 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer Data Fabric: Device 18h; Function 3
00:18.4 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer Data Fabric: Device 18h; Function 4
00:18.5 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer Data Fabric: Device 18h; Function 5
00:18.6 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer Data Fabric: Device 18h; Function 6
00:18.7 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer Data Fabric: Device 18h; Function 7
01:00.0 Non-Volatile memory controller: Kingston Technology Company, Inc. A2000 NVMe SSD (rev 03)
02:00.0 USB controller: Advanced Micro Devices, Inc. [AMD] 400 Series Chipset USB 3.1 xHCI Compliant Host Controller (rev 01)
02:00.1 SATA controller: Advanced Micro Devices, Inc. [AMD] 400 Series Chipset SATA Controller (rev 01)
02:00.2 PCI bridge: Advanced Micro Devices, Inc. [AMD] 400 Series Chipset PCIe Bridge (rev 01)
03:00.0 PCI bridge: Advanced Micro Devices, Inc. [AMD] 400 Series Chipset PCIe Port (rev 01)
03:01.0 PCI bridge: Advanced Micro Devices, Inc. [AMD] 400 Series Chipset PCIe Port (rev 01)
03:04.0 PCI bridge: Advanced Micro Devices, Inc. [AMD] 400 Series Chipset PCIe Port (rev 01)
05:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 15)
06:00.0 PCI bridge: Advanced Micro Devices, Inc. [AMD/ATI] Navi 10 XL Upstream Port of PCI Express Switch (rev c5)
07:00.0 PCI bridge: Advanced Micro Devices, Inc. [AMD/ATI] Navi 10 XL Downstream Port of PCI Express Switch
08:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Navi 22 [Radeon RX 6700/6700 XT/6750 XT / 6800M] (rev c5)
08:00.1 Audio device: Advanced Micro Devices, Inc. [AMD/ATI] Navi 21/23 HDMI/DP Audio Controller
09:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] RV710 [Radeon HD 4350/4550]
09:00.1 Audio device: Advanced Micro Devices, Inc. [AMD/ATI] RV710/730 HDMI Audio [Radeon HD 4000 series]
0a:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Function
0b:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Reserved SPP
0b:00.1 Encryption controller: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Cryptographic Coprocessor PSPCPP
0b:00.3 USB controller: Advanced Micro Devices, Inc. [AMD] Matisse USB 3.0 Host Controller
0b:00.4 Audio device: Advanced Micro Devices, Inc. [AMD] Starship/Matisse HD Audio ControllerKernel .config and dmesg attached. config_63-rc3_zen3 dmesg_63-rc3_zen3.txt