[Bug 220428] New: UBSAN array-index-out-of-bounds warning in radeon_atombios.c on kernel 6.15.9 with AMD Radeon HD 6250

bugzilla-daemon at kernel.org bugzilla-daemon at kernel.org
Sat Aug 9 04:45:01 UTC 2025 

https://bugzilla.kernel.org/show_bug.cgi?id=220428

            Bug ID: 220428
           Summary: UBSAN array-index-out-of-bounds warning in
                    radeon_atombios.c on kernel 6.15.9 with AMD Radeon HD
                    6250
           Product: Drivers
           Version: 2.5
    Kernel Version: 6.15.9
          Hardware: AMD
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P3
         Component: Video(DRI - non Intel)
          Assignee: drivers_video-dri at kernel-bugs.osdl.org
          Reporter: dutra.astro at gmail.com
        Regression: No

[   17.138975] ------------[ cut here ]------------
[   17.138980] UBSAN: array-index-out-of-bounds in
drivers/gpu/drm/radeon/radeon_atombios.c:2720:34
[   17.138991] index 16 is out of range for type 'UCHAR [*]'
[   17.139004] CPU: 1 UID: 0 PID: 544 Comm: (udev-worker) Not tainted
6.15.9-201.fc42.x86_64 #1 PREEMPT(lazy) 
[   17.139016] Hardware name: Acer Aspire 5250/JE50-BZ, BIOS V1.08 09/26/2012
[   17.139022] Call Trace:
[   17.139031]  <TASK>
[   17.139041]  dump_stack_lvl+0x5d/0x80
[   17.139060]  ubsan_epilogue+0x5/0x2b
[   17.139070]  __ubsan_handle_out_of_bounds.cold+0x54/0x59
[   17.139086]  radeon_atombios_parse_power_table_6+0x3bc/0x3e0 [radeon]
[   17.139581]  radeon_atombios_get_power_modes+0x220/0x240 [radeon]
[   17.139977]  radeon_pm_init_dpm+0x77/0x240 [radeon]
[   17.140428]  evergreen_init+0x154/0x2b0 [radeon]
[   17.140885]  radeon_device_init+0x484/0xa60 [radeon]
[   17.141275]  ? pci_find_capability+0x79/0xb0
[   17.141288]  radeon_driver_load_kms+0xa6/0x230 [radeon]
[   17.141681]  radeon_pci_probe+0xef/0x1b0 [radeon]
[   17.142069]  local_pci_probe+0x42/0x90
[   17.142081]  pci_call_probe+0x5b/0x190
[   17.142090]  ? kernfs_create_link+0x61/0xb0
[   17.142106]  pci_device_probe+0x95/0x140
[   17.142117]  really_probe+0xde/0x340
[   17.142128]  ? pm_runtime_barrier+0x55/0x90
[   17.142141]  __driver_probe_device+0x78/0x140
[   17.142152]  driver_probe_device+0x1f/0xa0
[   17.142164]  ? __pfx___driver_attach+0x10/0x10
[   17.142173]  __driver_attach+0xcb/0x1e0
[   17.142185]  bus_for_each_dev+0x85/0xd0
[   17.142197]  bus_add_driver+0x12f/0x210
[   17.142209]  ? __pfx_radeon_module_init+0x10/0x10 [radeon]
[   17.142604]  driver_register+0x75/0xe0
[   17.142613]  ? radeon_register_atpx_handler+0xe/0x30 [radeon]
[   17.143030]  do_one_initcall+0x5b/0x300
[   17.143052]  do_init_module+0x84/0x260
[   17.143064]  init_module_from_file+0x8a/0xe0
[   17.143081]  idempotent_init_module+0x114/0x310
[   17.143095]  __x64_sys_finit_module+0x67/0xc0
[   17.143107]  do_syscall_64+0x7b/0x160
[   17.143119]  ? syscall_exit_to_user_mode+0x10/0x210
[   17.143141]  ? vfs_read+0x160/0x390
[   17.143150]  ? vfs_read+0x160/0x390
[   17.143163]  ? ksys_read+0x73/0xe0
[   17.143172]  ? syscall_exit_to_user_mode+0x10/0x210
[   17.143182]  ? do_syscall_64+0x87/0x160
[   17.143195]  ? syscall_exit_to_user_mode+0x10/0x210
[   17.143206]  ? do_syscall_64+0x87/0x160
[   17.143214]  ? exc_page_fault+0x7e/0x1a0
[   17.143224]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   17.143235] RIP: 0033:0x7f924c636a4d
[   17.143255] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89
f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01
f0 ff ff 73 01 c3 48 8b 0d 83 53 0f 00 f7 d8 64 89 01 48
[   17.143263] RSP: 002b:00007ffcb7ab1498 EFLAGS: 00000246 ORIG_RAX:
0000000000000139
[   17.143274] RAX: ffffffffffffffda RBX: 00005643357c7350 RCX:
00007f924c636a4d
[   17.143280] RDX: 0000000000000004 RSI: 00007f924b0ec965 RDI:
000000000000002b
[   17.143285] RBP: 00007ffcb7ab1550 R08: 0000000000000000 R09:
00007ffcb7ab1500
[   17.143290] R10: 0000000000000000 R11: 0000000000000246 R12:
0000000000020000
[   17.143294] R13: 00005643357ca790 R14: 00007f924b0ec965 R15:
0000000000000000
[   17.143306]  </TASK>
[   17.143470] ---[ end trace ]---


Since this is a Kernel video driver problem, I am reporting here and not
elsewhere.

This MAY be related to https://bugzilla.kernel.org/show_bug.cgi?id=218435

-- 
You may reply to this email to add a comment.

You are receiving this mail because:
You are watching the assignee of the bug.

More information about the dri-devel mailing list