[linus:master] [platform/x86] e527a61272: UBSAN:array-index-out-of-bounds_in_drivers/firmware/dmi_scan.c

kernel test robot <oliver.sang@xxxxxxxxx> · Tue, 9 Jul 2024 15:40:04 +0800

Hello,

kernel test robot noticed "UBSAN:array-index-out-of-bounds_in_drivers/firmware/dmi_scan.c" on:

commit: e527a6127223b644e0a27b44f4b16e16eb6c7f0a ("platform/x86: toshiba_acpi: Fix quickstart quirk handling")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master

[test failed on linus/master      1dd28064d4164a4dc9096fd1a7990d2de15f2bb6]
[test failed on linux-next/master 0b58e108042b0ed28a71cd7edf5175999955b233]

in testcase: rcutorture
version: 
with following parameters:

	runtime: 300s
	test: default
	torture_type: tasks

compiler: gcc-13
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)

+----------------------------------------------------------------+------------+------------+
|                                                                | 7add1ee346 | e527a61272 |
+----------------------------------------------------------------+------------+------------+
| UBSAN:array-index-out-of-bounds_in_drivers/firmware/dmi_scan.c | 0          | 12         |
+----------------------------------------------------------------+------------+------------+

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-lkp/202407091536.8b116b3d-lkp@xxxxxxxxx

[   29.706379][    T1] ------------[ cut here ]------------
[   29.707252][    T1] UBSAN: array-index-out-of-bounds in drivers/firmware/dmi_scan.c:859:23
[   29.708541][    T1] index 116 is out of range for type 'char *[23]'
[   29.709456][    T1] CPU: 0 PID: 1 Comm: swapper Not tainted 6.10.0-rc1-00022-ge527a6127223 #1 ab67a70a695d4c6254fd8ecc241ff23c9c365cc4
[   29.711170][    T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   29.711230][    T1] Call Trace:
[   29.711230][    T1]  <TASK>
[ 29.711230][ T1] dump_stack_lvl (lib/dump_stack.c:117 (discriminator 1)) 
[ 29.711230][ T1] dump_stack (lib/dump_stack.c:124) 
[ 29.711230][ T1] ubsan_epilogue (lib/ubsan.c:232) 
[ 29.711230][ T1] __ubsan_handle_out_of_bounds (lib/ubsan.c:429) 
[ 29.711230][ T1] dmi_matches (drivers/firmware/dmi_scan.c:859) 
[ 29.711230][ T1] dmi_first_match (drivers/firmware/dmi_scan.c:936 (discriminator 1)) 
[ 29.711230][ T1] toshiba_acpi_init (drivers/platform/x86/toshiba_acpi.c:3615 drivers/platform/x86/toshiba_acpi.c:3629) 
[ 29.711230][ T1] ? toshiba_wmi_init (drivers/platform/x86/toshiba_acpi.c:3626) 
[ 29.711230][ T1] do_one_initcall (init/main.c:1267) 
[ 29.711230][ T1] ? trace_event_raw_event_initcall_level (init/main.c:1258) 
[ 29.711230][ T1] ? do_initcalls (include/linux/slab.h:664 include/linux/slab.h:778 init/main.c:1338) 
[ 29.711230][ T1] do_initcalls (init/main.c:1328 (discriminator 1) init/main.c:1345 (discriminator 1)) 
[ 29.711230][ T1] kernel_init_freeable (init/main.c:1580) 
[ 29.711230][ T1] ? rest_init (init/main.c:1459) 
[ 29.711230][ T1] kernel_init (init/main.c:1469) 
[ 29.711230][ T1] ? __switch_to (arch/x86/kernel/process_64.c:713) 
[ 29.711230][ T1] ret_from_fork (arch/x86/kernel/process.c:153) 
[ 29.711230][ T1] ? rest_init (init/main.c:1459) 
[ 29.711230][ T1] ret_from_fork_asm (arch/x86/entry/entry_64.S:257) 
[   29.711230][    T1]  </TASK>
[   29.726986][    T1] ---[ end trace ]---

The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240709/202407091536.8b116b3d-lkp@xxxxxxxxx

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki