| Message ID | 20250604042556.3731059-1-yu.c.chen@intel.com |
|---|---|
| State | New |
| Headers | show |
| Series | [RESEND] scsi: megaraid_sas: Fix invalid Node index | expand |
On Wed, 04 Jun 2025 12:25:56 +0800, Chen Yu wrote: > On a system with DRAM interleave enabled, out-of-bound access > is detected: > > megaraid_sas 0000:3f:00.0: requested/available msix 128/128 poll_queue 0 > ------------[ cut here ]------------ > UBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28 > index -1 is out of range for type 'cpumask *[1024]' > dump_stack_lvl+0x5d/0x80 > ubsan_epilogue+0x5/0x2b > __ubsan_handle_out_of_bounds.cold+0x46/0x4b > megasas_alloc_irq_vectors+0x149/0x190 [megaraid_sas] > megasas_probe_one.cold+0xa4d/0x189c [megaraid_sas] > local_pci_probe+0x42/0x90 > pci_device_probe+0xdc/0x290 > really_probe+0xdb/0x340 > __driver_probe_device+0x78/0x110 > driver_probe_device+0x1f/0xa0 > __driver_attach+0xba/0x1c0 > bus_for_each_dev+0x8b/0xe0 > bus_add_driver+0x142/0x220 > driver_register+0x72/0xd0 > megasas_init+0xdf/0xff0 [megaraid_sas] > do_one_initcall+0x57/0x310 > do_init_module+0x90/0x250 > init_module_from_file+0x85/0xc0 > idempotent_init_module+0x114/0x310 > __x64_sys_finit_module+0x65/0xc0 > do_syscall_64+0x82/0x170 > entry_SYSCALL_64_after_hwframe+0x76/0x7e > > [...] Applied to 6.16/scsi-fixes, thanks! [1/1] scsi: megaraid_sas: Fix invalid Node index https://git.kernel.org/mkp/scsi/c/9b71a94b0bc7
diff --git a/drivers/scsi/megaraid/megaraid_sas_base.c b/drivers/scsi/megaraid/megaraid_sas_base.c index 5e33d411fa3d..6d4de06082d1 100644 --- a/drivers/scsi/megaraid/megaraid_sas_base.c +++ b/drivers/scsi/megaraid/megaraid_sas_base.c @@ -5910,7 +5910,11 @@ megasas_set_high_iops_queue_affinity_and_hint(struct megasas_instance *instance) const struct cpumask *mask; if (instance->perf_mode == MR_BALANCED_PERF_MODE) { - mask = cpumask_of_node(dev_to_node(&instance->pdev->dev)); + int nid = dev_to_node(&instance->pdev->dev); + + if (nid == NUMA_NO_NODE) + nid = 0; + mask = cpumask_of_node(nid); for (i = 0; i < instance->low_latency_index_start; i++) { irq = pci_irq_vector(instance->pdev, i);
On a system with DRAM interleave enabled, out-of-bound access is detected: megaraid_sas 0000:3f:00.0: requested/available msix 128/128 poll_queue 0 ------------[ cut here ]------------ UBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28 index -1 is out of range for type 'cpumask *[1024]' dump_stack_lvl+0x5d/0x80 ubsan_epilogue+0x5/0x2b __ubsan_handle_out_of_bounds.cold+0x46/0x4b megasas_alloc_irq_vectors+0x149/0x190 [megaraid_sas] megasas_probe_one.cold+0xa4d/0x189c [megaraid_sas] local_pci_probe+0x42/0x90 pci_device_probe+0xdc/0x290 really_probe+0xdb/0x340 __driver_probe_device+0x78/0x110 driver_probe_device+0x1f/0xa0 __driver_attach+0xba/0x1c0 bus_for_each_dev+0x8b/0xe0 bus_add_driver+0x142/0x220 driver_register+0x72/0xd0 megasas_init+0xdf/0xff0 [megaraid_sas] do_one_initcall+0x57/0x310 do_init_module+0x90/0x250 init_module_from_file+0x85/0xc0 idempotent_init_module+0x114/0x310 __x64_sys_finit_module+0x65/0xc0 do_syscall_64+0x82/0x170 entry_SYSCALL_64_after_hwframe+0x76/0x7e Fix it accordingly. Signed-off-by: Chen Yu <yu.c.chen@intel.com> --- drivers/scsi/megaraid/megaraid_sas_base.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)