Search Linux Wireless

Re: 5.10.58 UBSAN from brcmf_sdio_dpc+0xa50/0x128c [brcmfmac]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 8/16/2021 1:42 AM, Ryutaroh Matsumoto wrote:

Dear Maintainers of the drivers/net/wireless/broadcom/brcm80211/brcmfmac driver,

I found the following UBSAN error in kernel 5.10.58 compiled with CLang 12.0.1
with integrated assembler (make LLVM=1 LLVM_IAS=1).
It always happens when iwd starts an access point, where /etc/iwd/main.conf
looks as follows:
[General]
UseDefaultInterface=true
DisableANQP=false

I do not observe the following error if
* kernel is compiled with gcc 10, or
* kernel version is 5.13.9 or 5.14rc5.

The reported UBSAN error is only seen with 5.10 series compiled with CLang 12.
UBSAN looks as follows. The hardware is Raspberry Pi 4B with 8GB RAM.

Aug 16 08:11:21 raspi4b-router systemd[1]: systemd-rfkill.service: Succeeded.
Aug 16 08:11:21 raspi4b-router kernel: IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
Aug 16 08:11:21 raspi4b-router systemd[1]: iwd_start_ap@Yamashita_guest.service: Succeeded.
Aug 16 08:11:21 raspi4b-router systemd[1]: Finished iwd starting Yamashita_guest access point.
Aug 16 08:11:21 raspi4b-router kernel: ================================================================================
Aug 16 08:11:21 raspi4b-router kernel: UBSAN: object-size-mismatch in ./include/linux/skbuff.h:2016:28
Line 2016 in skbuff.h is inline function __skb_queue_before() and as far as I can tell brcmfmac is not using that direct or indirect. Maybe I am reading the line info incorrectly? 


Aug 16 08:11:21 raspi4b-router kernel: member access within address 000000002d0b610c with insufficient space
Aug 16 08:11:21 raspi4b-router kernel: for an object of type 'struct sk_buff'
Aug 16 08:11:21 raspi4b-router kernel: CPU: 1 PID: 295 Comm: kworker/u8:3 Tainted: G         C        5.10.58-clang12a #1
Aug 16 08:11:21 raspi4b-router kernel: Hardware name: Raspberry Pi 4 Model B Rev 1.4 (DT)
Aug 16 08:11:21 raspi4b-router kernel: Workqueue: brcmf_wq/mmc0:0001:1 brcmf_sdio_dataworker [brcmfmac]
Aug 16 08:11:21 raspi4b-router kernel: Call trace:
Aug 16 08:11:21 raspi4b-router kernel:  dump_backtrace+0x0/0x1e4
Aug 16 08:11:21 raspi4b-router kernel:  show_stack+0x18/0x24
Aug 16 08:11:21 raspi4b-router kernel:  dump_stack+0xac/0x104
Aug 16 08:11:21 raspi4b-router kernel:  ubsan_type_mismatch_common+0x198/0x298
Aug 16 08:11:21 raspi4b-router kernel:  __ubsan_handle_type_mismatch_v1+0x40/0x50
Aug 16 08:11:21 raspi4b-router kernel:  brcmf_sdio_dpc+0xa50/0x128c [brcmfmac]
Would you be able to provide information as to what line brcmf_sdio_dpc+0xa50 refers to. 

Regards,
Arend
[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Wireless Regulations]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux