From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755603Ab0FFWEo (ORCPT ); Sun, 6 Jun 2010 18:04:44 -0400 Received: from mail-pv0-f174.google.com ([74.125.83.174]:53900 "EHLO mail-pv0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754561Ab0FFWEn (ORCPT ); Sun, 6 Jun 2010 18:04:43 -0400 DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=Yu55rlIdZebhDcQ0FI6YaLawZy1+WdTI/Jj4oCTaT88RhzCivzyjoSbVjvI9B9gJYO pqEsnpr9RfdVdnpYp2//3rJNvXaeCu+LT6ZvHDRzHbY4k+7cvdVQWprqED+U89SnO0BJ CCvpVZh3j0ybLRX0XG2U2CLX3BN88Uhh0VFCU= Message-ID: <4C0C1B90.6080407@gmail.com> Date: Sun, 06 Jun 2010 15:05:04 -0700 From: "Justin P. Mattock" User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.4pre) Gecko/20091114 Lightning/1.0pre Thunderbird/3.0b4 MIME-Version: 1.0 To: Jiri Slaby CC: frankpzh@gmail.com, Greg KH , =?ISO-8859-1?Q?Ortwin_?= =?ISO-8859-1?Q?Gl=FCck?= , linux-kernel@vger.kernel.org, jirislaby@gmail.com Subject: Re: BUG kmalloc-4096: Poison overwritten (2.6.35-rc2) References: <4C0C0DD8.5030106@gmail.com> <1275860015-6643-1-git-send-email-jslaby@suse.cz> In-Reply-To: <1275860015-6643-1-git-send-email-jslaby@suse.cz> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 06/06/2010 02:33 PM, Jiri Slaby wrote: > On 06/06/2010 11:06 PM, Justin P. Mattock wrote: >> On 06/05/2010 11:27 PM, Jiri Slaby wrote: >>> On 06/06/2010 08:12 AM, Justin P. Mattock wrote: >>>> ============================================================================= >>>> >>>> >>>> [ 0.002046] BUG kmalloc-4096: Poison overwritten >>>> [ 0.002051] >>>> ----------------------------------------------------------------------------- >>>> >>>> >>>> [ 0.002052] >>>> [ 0.002063] INFO: 0xffff88003ec09e00-0xffff88003ec09e9f. First byte >>>> 0x20 instead of 0x6b >>>> [ 0.002073] INFO: Slab 0xffffea0000dba1c0 objects=7 used=1 >>>> fp=0xffff88003ec09048 flags=0x40000000000040c3 >>>> [ 0.002082] INFO: Object 0xffff88003ec09048 @offset=4168 >>>> fp=0xffff88003ec0a090 >>>> [ 0.002083] >>>> [ 0.002093] Bytes b4 0xffff88003ec09038: 00 00 00 00 00 00 00 00 5a >>>> 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ >>>> [ 0.002114] Object 0xffff88003ec09048: 6b 6b 6b 6b 6b 6b 6b 6b 6b >>>> 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk >>> ... >>>> 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk >>>> [ 0.002999] Object 0xffff88003ec09df8: 6b 6b 6b 6b 6b 6b 6b 6b 20 >>>> 07 20 07 20 07 20 07 kkkkkkkk........ >>>> [ 0.002999] Object 0xffff88003ec09e08: 20 07 20 07 20 07 20 07 20 >>>> 07 20 07 20 07 20 07 ................ >>>> [ 0.002999] Object 0xffff88003ec09e18: 20 07 20 07 20 07 20 07 20 >>>> 07 20 07 20 07 20 07 ................ >>>> [ 0.002999] Object 0xffff88003ec09e28: 20 07 20 07 20 07 20 07 20 >>>> 07 20 07 20 07 20 07 ................ >>>> [ 0.002999] Object 0xffff88003ec09e38: 20 07 20 07 20 07 20 07 20 >>>> 07 20 07 20 07 20 07 ................ >>>> [ 0.002999] Object 0xffff88003ec09e48: 20 07 20 07 20 07 20 07 20 >>>> 07 20 07 20 07 20 07 ................ >>>> [ 0.002999] Object 0xffff88003ec09e58: 20 07 20 07 20 07 20 07 20 >>>> 07 20 07 20 07 20 07 ................ >>>> [ 0.002999] Object 0xffff88003ec09e68: 20 07 20 07 20 07 20 07 20 >>>> 07 20 07 20 07 20 07 ................ >>>> [ 0.002999] Object 0xffff88003ec09e78: 20 07 20 07 20 07 20 07 20 >>>> 07 20 07 20 07 20 07 ................ >>>> [ 0.002999] Object 0xffff88003ec09e88: 20 07 20 07 20 07 20 07 20 >>>> 07 20 07 20 07 20 07 ................ >>>> [ 0.002999] Object 0xffff88003ec09e98: 20 07 20 07 20 07 20 07 6b >>>> 6b 6b 6b 6b 6b 6b 6b ........kkkkkkkk >>>> [ 0.002999] Object 0xffff88003ec09ea8: 6b 6b 6b 6b 6b 6b 6b 6b 6b >>> >>> Just guessing, grey spaces which should go to video ram? >>> >> >> >> o.k. I bisected this down to this commit: >> 962400e8fd29 >> reverting gets dmesg to not >> have a Poison overwritten.. > > This definitely makes sense. > >> as for the screen blankness I think this >> did cause it..keep in mind the blankness(black) >> is not everytime(every so often) >> here's some images of it: >> http://www.flickr.com/photos/44066293@N08/4676350524/ >> http://www.flickr.com/photos/44066293@N08/4676350016/ > > Yes, as I guessed, the "grey spaces" were written to some random space > instead of video ram where they should overwrite (clear) the characters > which you see on the pictures. > > Does the patch below help? > > --- > drivers/char/vt.c | 4 ++-- > 1 files changed, 2 insertions(+), 2 deletions(-) > > diff --git a/drivers/char/vt.c b/drivers/char/vt.c > index 1296c42..e123958 100644 > --- a/drivers/char/vt.c > +++ b/drivers/char/vt.c > @@ -304,8 +304,8 @@ static void scrup(struct vc_data *vc, unsigned int t, unsigned int b, int nr) > d = (unsigned short *)(vc->vc_origin + vc->vc_size_row * t); > s = (unsigned short *)(vc->vc_origin + vc->vc_size_row * (t + nr)); > scr_memmovew(d, s, (b - t - nr) * vc->vc_size_row); > - scr_memsetw(d + (b - t - nr) * vc->vc_size_row, vc->vc_video_erase_char, > - vc->vc_size_row * nr); > + scr_memsetw((void *)d + (b - t - nr) * vc->vc_size_row, > + vc->vc_video_erase_char, vc->vc_size_row * nr); > } > > static void scrdown(struct vc_data *vc, unsigned int t, unsigned int b, int nr) o.k. applied the above patch, and yes I dont see the Poison overwritten in dmesg, as well as the messages in the pics that I uploaded.. so I can say that the above fixes the issue (will monitor the system the remainder of the day to see if anything happens..) Reported-and-Bisected-By: Justin P. Mattock cheers, Justin P. Mattock