<html>
<head>
<base href="https://bugs.freedesktop.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - [CI][DRMTIP]igt@kms_cursor_legacy@2x-long-flip-vs-cursor-legacy - dmesg-fail - BUG kmalloc-512 (Tainted:*): Poison overwritten"
href="https://bugs.freedesktop.org/show_bug.cgi?id=109458">109458</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>[CI][DRMTIP]igt@kms_cursor_legacy@2x-long-flip-vs-cursor-legacy - dmesg-fail - BUG kmalloc-512 (Tainted:*): Poison overwritten
</td>
</tr>
<tr>
<th>Product</th>
<td>DRI
</td>
</tr>
<tr>
<th>Version</th>
<td>XOrg git
</td>
</tr>
<tr>
<th>Hardware</th>
<td>Other
</td>
</tr>
<tr>
<th>OS</th>
<td>All
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>medium
</td>
</tr>
<tr>
<th>Component</th>
<td>DRM/Intel
</td>
</tr>
<tr>
<th>Assignee</th>
<td>intel-gfx-bugs@lists.freedesktop.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>lakshminarayana.vudum@intel.com
</td>
</tr>
<tr>
<th>QA Contact</th>
<td>intel-gfx-bugs@lists.freedesktop.org
</td>
</tr>
<tr>
<th>CC</th>
<td>intel-gfx-bugs@lists.freedesktop.org
</td>
</tr></table>
<p>
<div>
<pre>=============================================================================
<3> [456.905647] BUG kmalloc-512 (Tainted: G U ): Poison
overwritten
<3> [456.905648]
-----------------------------------------------------------------------------
<4> [456.905649] Disabling lock debugging due to kernel taint
<3> [456.905652] INFO: 0x00000000a1117304-0x00000000a1117304. First byte 0x6c
instead of 0x6b
<3> [456.905699] INFO: Allocated in intel_plane_duplicate_state+0x1b/0x50
[i915] age=29 cpu=2 pid=1434
<3> [456.905702] __kmalloc_track_caller+0x29c/0x2e0
<3> [456.905705] kmemdup+0x17/0x40
<3> [456.905742] intel_plane_duplicate_state+0x1b/0x50 [i915]
<3> [456.905780] intel_legacy_cursor_update+0x18e/0x5a0 [i915]
<3> [456.905783] drm_mode_cursor_universal+0x128/0x240
<3> [456.905785] drm_mode_cursor_common+0x1a3/0x220
<3> [456.905786] drm_mode_cursor_ioctl+0x48/0x70
<3> [456.905789] drm_ioctl_kernel+0x81/0xf0
<3> [456.905790] drm_ioctl+0x2f3/0x3b0
<3> [456.905793] do_vfs_ioctl+0xa0/0x6e0
<3> [456.905794] ksys_ioctl+0x35/0x60
<3> [456.905796] __x64_sys_ioctl+0x11/0x20
<3> [456.905798] do_syscall_64+0x55/0x190
<3> [456.905800] entry_SYSCALL_64_after_hwframe+0x49/0xbe
<3> [456.905838] INFO: Freed in intel_legacy_cursor_update+0x37a/0x5a0 [i915]
age=29 cpu=2 pid=1434
<3> [456.905840] drm_mode_cursor_universal+0x128/0x240
<3> [456.905841] drm_mode_cursor_common+0x1a3/0x220
<3> [456.905843] drm_mode_cursor_ioctl+0x48/0x70
<3> [456.905844] drm_ioctl_kernel+0x81/0xf0
<3> [456.905846] drm_ioctl+0x2f3/0x3b0
<3> [456.905847] do_vfs_ioctl+0xa0/0x6e0
<3> [456.905849] ksys_ioctl+0x35/0x60
<3> [456.905850] __x64_sys_ioctl+0x11/0x20
<3> [456.905851] do_syscall_64+0x55/0x190
<3> [456.905853] entry_SYSCALL_64_after_hwframe+0x49/0xbe
<3> [456.905855] INFO: Slab 0x000000001bfc12ef objects=19 used=19 fp=0x
(null) flags=0x8000000000010200
<3> [456.905856] INFO: Object 0x00000000e4361e8a @offset=2552 fp=0x
(null)
<3> [456.905858] Redzone 00000000d66e229a: bb bb bb bb bb bb bb bb
........
<3> [456.905859] Object 00000000e4361e8a: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905860] Object 00000000b36e0549: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905860] Object 0000000070f032b6: 6b 6b 6b 6b 6b 6b 6b 6b 6c 6b 6b 6b
6b 6b 6b 6b kkkkkkkklkkkkkkk
<3> [456.905861] Object 000000001b589927: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905862] Object 000000000bd11f66: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905863] Object 00000000db18076e: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905864] Object 000000006e441b7f: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905865] Object 000000004b05ee07: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905866] Object 000000009c4f157d: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905866] Object 00000000350ee686: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905867] Object 000000008971c950: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905868] Object 000000001535ac44: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905869] Object 00000000bb3cb77b: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905870] Object 0000000033f3a953: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905871] Object 0000000070ca431d: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905872] Object 0000000046866e00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905872] Object 00000000d3de8c26: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905873] Object 00000000a1810836: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905874] Object 000000008ca27ca7: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905875] Object 000000006999175c: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905876] Object 00000000ca56d2f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905877] Object 000000004a0e2bd2: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905878] Object 000000000788e354: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905879] Object 00000000bcb029b8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905879] Object 00000000d11d694d: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905880] Object 00000000516598f2: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905881] Object 00000000801f5872: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905882] Object 00000000bd8c3b45: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905883] Object 0000000014529b79: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905884] Object 00000000de26dd98: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905885] Object 00000000670d32ad: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b 6b kkkkkkkkkkkkkkkk
<3> [456.905885] Object 00000000cfcf9bbd: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b 6b a5 kkkkkkkkkkkkkkk.
<3> [456.905886] Redzone 0000000098e13d6f: bb bb bb bb bb bb bb bb
........
<3> [456.905887] Padding 0000000063abe87a: 5a 5a 5a 5a 5a 5a 5a 5a
ZZZZZZZZ
<4> [456.905890] CPU: 1 PID: 1433 Comm: kms_cursor_lega Tainted: G BU
5.0.0-rc1-gc51dc608699b-drmtip_191+ #1
<4> [456.905891] Hardware name: Intel Corporation Ice Lake Client
Platform/IceLake U DDR4 SODIMM PD RVP TLC, BIOS
ICLSFWR1.R00.2402.AD3.1810170014 10/17/2018
<4> [456.905891] Call Trace:
<4> [456.905895] dump_stack+0x67/0x9b
<4> [456.905898] check_bytes_and_report+0xbd/0x100
<4> [456.905901] check_object+0x22a/0x270
<4> [456.905938] ? intel_plane_duplicate_state+0x1b/0x50 [i915]
<4> [456.905941] alloc_debug_processing+0x17a/0x190
<4> [456.905943] ___slab_alloc.constprop.34+0x355/0x380
<4> [456.905977] ? intel_plane_duplicate_state+0x1b/0x50 [i915]
<4> [456.905981] ? __lock_is_held+0x6b/0xb0
<4> [456.906015] ? intel_plane_duplicate_state+0x1b/0x50 [i915]
<4> [456.906017] ? __slab_alloc.isra.27.constprop.33+0x3d/0x70
<4> [456.906019] __slab_alloc.isra.27.constprop.33+0x3d/0x70
<4> [456.906051] ? intel_plane_duplicate_state+0x1b/0x50 [i915]
<4> [456.906053] __kmalloc_track_caller+0x29c/0x2e0
<4> [456.906056] kmemdup+0x17/0x40
<4> [456.906088] intel_plane_duplicate_state+0x1b/0x50 [i915]
<4> [456.906090] drm_atomic_get_plane_state+0x8e/0x160
<4> [456.906093] restore_fbdev_mode_atomic+0xaa/0x1f0
<4> [456.906098] drm_fb_helper_restore_fbdev_mode_unlocked+0x42/0x90
<4> [456.906100] drm_fb_helper_set_par+0x24/0x50
<4> [456.906134] intel_fbdev_set_par+0x11/0x40 [i915]
<4> [456.906137] fbcon_init+0x439/0x610
<4> [456.906140] visual_init+0xc9/0x120
<4> [456.906142] do_bind_con_driver+0x1f2/0x410
<4> [456.906146] store_bind+0x133/0x1a0
<4> [456.906149] kernfs_fop_write+0x104/0x190
<4> [456.906152] __vfs_write+0x31/0x190
<4> [456.906155] ? rcu_read_lock_sched_held+0x6f/0x80
<4> [456.906156] ? rcu_sync_lockdep_assert+0x29/0x50
<4> [456.906158] ? __sb_start_write+0x152/0x1f0
<4> [456.906159] ? __sb_start_write+0x163/0x1f0
<4> [456.906162] vfs_write+0xbd/0x1b0
<4> [456.906164] ksys_write+0x50/0xc0
<4> [456.906167] do_syscall_64+0x55/0x190
<4> [456.906169] entry_SYSCALL_64_after_hwframe+0x49/0xbe
<4> [456.906171] RIP: 0033:0x7f7b54d82281
<4> [456.906173] Code: c3 0f 1f 84 00 00 00 00 00 48 8b 05 59 8d 20 00 c3 0f 1f
84 00 00 00 00 00 8b 05 8a d1 20 00 85 c0 75 16 b8 01 00 00 00 0f 05 <48> 3d 00
f0 ff ff 77 57 f3 c3 0f 1f 44 00 00 41 54 55 49 89 d4 53
<4> [456.906174] RSP: 002b:00007ffef874d0e8 EFLAGS: 00000246 ORIG_RAX:
0000000000000001
<4> [456.906176] RAX: ffffffffffffffda RBX: 0000000000000001 RCX:
00007f7b54d82281
<4> [456.906176] RDX: 0000000000000002 RSI: 00007f7b551fe181 RDI:
0000000000000007
<4> [456.906177] RBP: 00007ffef874e130 R08: 00005606d712cc83 R09:
0000000000000006
<4> [456.906178] R10: 0000000000000000 R11: 0000000000000246 R12:
00007f7b54d6b718
<4> [456.906179] R13: 0000000000000003 R14: 00007f7b54d70628 R15:
00007f7b54d6cd80
<3> [456.906184] FIX kmalloc-512: Restoring
0x00000000a1117304-0x00000000a1117304=0x6b</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the QA Contact for the bug.</li>
<li>You are the assignee for the bug.</li>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>