UBSAN: shift-out-of-bounds in include/soc/fsl/qman.h:70:9
Alexander Stein
alexander.stein at ew.tq-group.com
Tue Jun 10 07:34:36 PDT 2025
Hi,
I'm running a Freescale LS1043A based platform and with enabled UBSAN the
QMAN driver raises the following trace:
> UBSAN: shift-out-of-bounds in include/soc/fsl/qman.h:70:9
> shift exponent -1024 is negative
> CPU: 1 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.16.0-rc1-next-20250610+
> #3065 PREEMPT 79669a76f0881c2711711352971d97872fae206d Hardware name:
> TQ-Systems GmbH LS1043A TQMLS1043A SoM on MBLS10xxA board (DT)>
> Call trace:
> show_stack+0x28/0x78 (C)
> dump_stack_lvl+0x68/0x8c
> dump_stack+0x14/0x1c
> ubsan_epilogue+0xc/0x3c
> __ubsan_handle_shift_out_of_bounds+0xa0/0x1a0
> qman_resource_init+0x178/0x1a0
> fsl_qman_probe+0x260/0x480
> platform_probe+0x64/0x100
> really_probe+0xc8/0x3b8
> __driver_probe_device+0x84/0x16c
> driver_probe_device+0x40/0x160
> __driver_attach+0xd0/0x240
> bus_for_each_dev+0x7c/0xd8
> driver_attach+0x28/0x40
> bus_add_driver+0x108/0x244
> driver_register+0x64/0x120
> __platform_driver_register+0x28/0x38
> fsl_qman_driver_init+0x18/0x20
> do_one_initcall+0x6c/0x39c
> kernel_init_freeable+0x32c/0x394
> kernel_init+0x30/0x160
> ret_from_fork+0x10/0x20
AFAICT this happens in qman_resource_init() when QM_SDQCR_CHANNELS_POOL_CONV()
is used for channel 0-256. HW IP is revision 3.2, so qm_channel_pool1 is
set to 0x401.
I don't know why this works or this never raised an issue before.
Any ideas or suggestions?
Best regards,
Alexander
--
TQ-Systems GmbH | Mühlstraße 2, Gut Delling | 82229 Seefeld, Germany
Amtsgericht München, HRB 105018
Geschäftsführer: Detlef Schneider, Rüdiger Stahl, Stefan Schneider
http://www.tq-group.com/
More information about the linux-arm-kernel
mailing list