Enable -proposed on LOX14-PV-SKU6 and installed 6.1.0-1018.18, the error is gone.
** Attachment added: "dmesg.txt" https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2027773/+attachment/5688775/+files/dmesg.txt ** Tags removed: verification-needed-jammy ** Tags added: verification-done-jammy -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-oem-6.0 in Ubuntu. https://bugs.launchpad.net/bugs/2027773 Title: UBSAN: shift-out-of-bounds in amd_sfh Status in HWE Next: New Status in OEM Priority Project: New Status in linux package in Ubuntu: Fix Released Status in linux-oem-6.0 package in Ubuntu: Invalid Status in linux-oem-6.1 package in Ubuntu: Invalid Status in linux source package in Jammy: Invalid Status in linux-oem-6.0 source package in Jammy: Won't Fix Status in linux-oem-6.1 source package in Jammy: Fix Committed Status in linux source package in Lunar: In Progress Status in linux-oem-6.0 source package in Lunar: Invalid Status in linux-oem-6.1 source package in Lunar: Invalid Status in linux source package in Mantic: Fix Released Status in linux-oem-6.0 source package in Mantic: Invalid Status in linux-oem-6.1 source package in Mantic: Invalid Bug description: [SRU Justification] [Impact] UBSAN: shift-out-of-bounds in drivers/hid/amd-sfh-hid/sfh1_1/amd_sfh_desc.c:149:50 [ 7.928631] shift exponent 103 is too large for 64-bit type 'long unsigned int' [ 9.877309] Workqueue: events amd_sfh_work_buffer \[amd_sfh] [ 9.877327] Call Trace: [ 9.877331] \<TASK> [ 9.877335] dump_stack_lvl+0x49/0x63 [ 9.877346] dump_stack+0x10/0x16 [ 9.877348] ubsan_epilogue+0x9/0x36 [ 9.877357] __ubsan_handle_shift_out_of_bounds.cold+0x61/0xef [ 9.877363] ? _raw_spin_lock+0x17/0x50 [ 9.877369] ? raw_spin_rq_lock_nested+0x2e/0xa0 [ 9.877378] ? psi_group_change+0x1e2/0x4a0 [ 9.877385] float_to_int.cold+0x18/0xc8 \[amd_sfh] [ 9.877394] ? get_feature_rep+0xb0/0xb0 \[amd_sfh] [ 9.877402] get_input_rep+0x219/0x2f0 \[amd_sfh] [ 9.877409] ? up+0x37/0x70 [ 9.877414] ? hid_input_report+0x104/0x170 \[hid] [ 9.877428] amd_sfh_work_buffer+0x94/0x150 \[amd_sfh] [ 9.877436] process_one_work+0x21f/0x3f0 [ 9.877443] worker_thread+0x50/0x3e0 [ 9.877446] ? process_one_work+0x3f0/0x3f0 [ 9.877449] kthread+0xfd/0x130 [ 9.877452] ? kthread_complete_and_exit+0x20/0x20 [ 9.877454] ret_from_fork+0x22/0x30 [ 9.877463] \</TASK> [Fix] Fixes in: * commit c1685a862a4b ("HID: amd_sfh: Rename the float32 variable") * commit 878543661764 ("HID: amd_sfh: Fix for shift-out-of-bounds") [Test Case] The affected platform should no longer has such error dumped in kernel dmesg at boot. [Where problems could occur] This renamed a variable and corrected the way shift offset is calculated. No known side effect. [Other Info] The affects kernel >= v6.0 and < v6.5, so Unstable/Mantis/Lunar/OEM-6.1 are nominated for fix. ========== original bug report ========== UBSAN: shift-out-of-bounds in drivers/hid/amd-sfh-hid/sfh1_1/amd_sfh_desc.c:149:50 [ 7.928631] shift exponent 103 is too large for 64-bit type 'long unsigned int' [ 9.877309] Workqueue: events amd_sfh_work_buffer [amd_sfh] [ 9.877327] Call Trace: [ 9.877331] <TASK> [ 9.877335] dump_stack_lvl+0x49/0x63 [ 9.877346] dump_stack+0x10/0x16 [ 9.877348] ubsan_epilogue+0x9/0x36 [ 9.877357] __ubsan_handle_shift_out_of_bounds.cold+0x61/0xef [ 9.877363] ? _raw_spin_lock+0x17/0x50 [ 9.877369] ? raw_spin_rq_lock_nested+0x2e/0xa0 [ 9.877378] ? psi_group_change+0x1e2/0x4a0 [ 9.877385] float_to_int.cold+0x18/0xc8 [amd_sfh] [ 9.877394] ? get_feature_rep+0xb0/0xb0 [amd_sfh] [ 9.877402] get_input_rep+0x219/0x2f0 [amd_sfh] [ 9.877409] ? up+0x37/0x70 [ 9.877414] ? hid_input_report+0x104/0x170 [hid] [ 9.877428] amd_sfh_work_buffer+0x94/0x150 [amd_sfh] [ 9.877436] process_one_work+0x21f/0x3f0 [ 9.877443] worker_thread+0x50/0x3e0 [ 9.877446] ? process_one_work+0x3f0/0x3f0 [ 9.877449] kthread+0xfd/0x130 [ 9.877452] ? kthread_complete_and_exit+0x20/0x20 [ 9.877454] ret_from_fork+0x22/0x30 [ 9.877463] </TASK> Fixes in: https://github.com/torvalds/linux/commit/c1685a862a4bea863537f06abaa37a123aef493c https://github.com/torvalds/linux/commit/87854366176403438d01f368b09de3ec2234e0f5 This affects kernel >= v6.0. To manage notifications about this bug go to: https://bugs.launchpad.net/hwe-next/+bug/2027773/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
