Hello, I'm seeing this kasan report after booting with linus v4.4-rc1-290-g3ad5d7e. BUG: KASAN: slab-out-of-bounds in memcpy+0x1d/0x40 at addr ffff880169e21fd0 Read of size 64 by task kworker/1:0/14 ============================================================================= BUG kmalloc-8192 (Not tainted): kasan: bad access detected ----------------------------------------------------------------------------- Disabling lock debugging due to kernel taint INFO: Allocated in register_framebuffer+0x466/0x550 age=30792 cpu=1 pid=1 ___slab_alloc+0x53b/0x560 __slab_alloc+0x3e/0x70 kmem_cache_alloc_trace+0x20f/0x290 register_framebuffer+0x466/0x550 drm_fb_helper_initial_config+0x5a1/0x800 nouveau_fbcon_init+0x148/0x180 nouveau_drm_load+0x583/0xf30 drm_dev_register+0xb9/0xd0 drm_get_pci_dev+0x176/0x370 nouveau_drm_probe+0x2f2/0x3c0 local_pci_probe+0x75/0xd0 pci_device_probe+0x19f/0x1f0 driver_probe_device+0x208/0x6c0 __driver_attach+0xb8/0xc0 bus_for_each_dev+0xe6/0x150 driver_attach+0x26/0x30 INFO: Slab 0xffffea0005a78800 objects=3 used=3 fp=0x (null) flags=0x200000000004080 INFO: Object 0xffff880169e20000 @offset=0 fp=0x (null) Object ffff880169e20000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Object ffff880169e20010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ ... Object ffff880169e20fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ................ Object ffff880169e20fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Object ffff880169e20fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ................ Object ffff880169e20ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ CPU: 1 PID: 14 Comm: kworker/1:0 Tainted: G B 4.4.0-rc1+ #1 Hardware name: Dell Inc. OptiPlex 990/0D6H9T, BIOS A06 07/25/2011 Workqueue: events_power_efficient fb_flashcursor ffffea0005a78800 ffff8801740ef7f0 ffffffff818a802e ffff880174c04e00 ffff8801740ef820 ffffffff813030e4 ffff880174c04e00 ffffea0005a78800 ffff880169e20000 ffff880169e21fd0 ffff8801740ef848 ffffffff813063ef Call Trace: [<ffffffff818a802e>] dump_stack+0x4b/0x6d [<ffffffff813030e4>] print_trailer+0xf4/0x150 [<ffffffff813063ef>] object_err+0x2f/0x40 [<ffffffff8130ae7d>] kasan_report_error+0x20d/0x510 [<ffffffff810acfd7>] ? native_sched_clock+0x67/0x140 [<ffffffff8130b1b4>] kasan_report+0x34/0x40 [<ffffffff8130ac3d>] ? memcpy+0x1d/0x40 [<ffffffff8130a9da>] __asan_loadN+0x12a/0x180 [<ffffffff8130ac3d>] memcpy+0x1d/0x40 [<ffffffff82015b25>] OUT_RINGp+0x75/0x90 [<ffffffff82011572>] nvc0_fbcon_imageblit+0x462/0x6c0 [<ffffffff8200bd2d>] nouveau_fbcon_imageblit+0xfd/0x110 [<ffffffff81956a16>] soft_cursor+0x2f6/0x400 [<ffffffff81955e64>] bit_cursor+0xb14/0xb60 [<ffffffff81955350>] ? update_attr.isra.0+0xc0/0xc0 [<ffffffff8194b203>] ? fb_flashcursor+0x33/0x1b0 [<ffffffff8195987f>] ? fb_get_color_depth+0x7f/0xb0 [<ffffffff8194b0d6>] ? get_color+0xd6/0x1d0 [<ffffffff81955350>] ? update_attr.isra.0+0xc0/0xc0 [<ffffffff8194b36f>] fb_flashcursor+0x19f/0x1b0 [<ffffffff8114328e>] process_one_work+0x3fe/0xae0 [<ffffffff811431be>] ? process_one_work+0x32e/0xae0 [<ffffffff81142e90>] ? try_to_grab_pending+0x200/0x200 [<ffffffff811bfc75>] ? debug_lockdep_rcu_enabled+0x35/0x40 [<ffffffff811439fa>] worker_thread+0x8a/0x7f0 [<ffffffff81143970>] ? process_one_work+0xae0/0xae0 [<ffffffff8114e085>] kthread+0x185/0x1b0 [<ffffffff8114df00>] ? __kthread_parkme+0xe0/0xe0 [<ffffffff819a916f>] ? acpi_ps_parse_loop+0x41c/0xab8 [<ffffffff8118e136>] ? trace_hardirqs_on_caller+0x186/0x280 [<ffffffff81905d88>] ? ddebug_add_module+0x38/0x130 [<ffffffff8114df00>] ? __kthread_parkme+0xe0/0xe0 [<ffffffff82f3523f>] ret_from_fork+0x3f/0x70 [<ffffffff8114df00>] ? __kthread_parkme+0xe0/0xe0 Memory state around the buggy address: ffff880169e21f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff880169e21f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff880169e22000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff880169e22080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff880169e22100: fc fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00 ================================================================== Some nouveau messages from the boot, if this helps: nouveau 0000:01:00.0: NVIDIA GF119 (0d90a0a1) nouveau 0000:01:00.0: bios: version 75.19.55.00.02 nouveau 0000:01:00.0: fb: 1024 MiB DDR3 [TTM] Zone kernel: Available graphics memory: 2590256 kiB [TTM] Zone dma32: Available graphics memory: 2097152 kiB [TTM] Initializing pool allocator [TTM] Initializing DMA pool allocator nouveau 0000:01:00.0: DRM: VRAM: 1024 MiB nouveau 0000:01:00.0: DRM: GART: 1048576 MiB nouveau 0000:01:00.0: DRM: TMDS table version 2.0 nouveau 0000:01:00.0: DRM: DCB version 4.0 nouveau 0000:01:00.0: DRM: DCB outp 00: 02000300 00000000 nouveau 0000:01:00.0: DRM: DCB outp 01: 01000302 00020030 nouveau 0000:01:00.0: DRM: DCB outp 02: 02011362 00020010 nouveau 0000:01:00.0: DRM: DCB outp 03: 04022310 00000000 nouveau 0000:01:00.0: DRM: DCB conn 00: 00001030 nouveau 0000:01:00.0: DRM: DCB conn 01: 00002161 nouveau 0000:01:00.0: DRM: DCB conn 02: 00000200 [drm] Supports vblank timestamp caching Rev 2 (21.10.2013). [drm] Driver supports precise vblank timestamp query. nouveau 0000:01:00.0: DRM: MM: using COPY0 for buffer copies nouveau 0000:01:00.0: No connectors reported connected with modes [drm] Cannot find any crtc or sizes - going 1024x768 nouveau 0000:01:00.0: DRM: allocated 1024x768 fb: 0x60000, bo ffff880169d36e40 fbcon: nouveaufb (fb0) is primary device Console: switching to colour frame buffer device 128x48 nouveau 0000:01:00.0: fb0: nouveaufb frame buffer device [drm] Initialized nouveau 1.3.1 20120801 for 0000:01:00.0 on minor 0 _______________________________________________ dri-devel mailing list dri-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/dri-devel