Greeting, FYI, we noticed the following commit (built with gcc-11): commit: b548e9ae2ec691e59462f823bce4da759adc9b35 ("drm/edid: add HF-EEODB support to EDID read and allocation") git://people.freedesktop.org/~jani/drm edid-hfeeodb in testcase: ltp version: ltp-x86_64-14c1f76-1_20220415 with following parameters: disk: 1HDD fs: xfs test: syscalls-06 ucode: 0xec test-description: The LTP testsuite contains a collection of tools for testing the Linux kernel and related features. test-url: http://linux-test-project.github.io/ on test machine: 4 threads Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz with 32G memory caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace): If you fix the issue, kindly add following tag Reported-by: kernel test robot [ 32.974169][ T261] ================================================================== [ 32.986458][ T251] ata1.00: NCQ Send/Recv Log not supported [ 32.989581][ T261] BUG: KASAN: slab-out-of-bounds in _drm_do_get_edid+0x772/0x800 [drm] [ 32.995257][ T251] ata1.00: configured for UDMA/133 [ 33.003338][ T261] Read of size 1 at addr ffff8888517eab00 by task kworker/u8:5/261 [ 33.003343][ T261] [ 33.003345][ T261] CPU: 1 PID: 261 Comm: kworker/u8:5 Tainted: G I 5.18.0-rc2-00680-gb548e9ae2ec6 #1 [ 33.008619][ T35] scsi 0:0:0:0: Direct-Access ATA ST2000NM0033-9ZM SN06 PQ: 0 ANSI: 5 [ 33.016052][ T261] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.1.1 10/07/2015 [ 33.016055][ T261] Workqueue: events_unbound async_run_entry_fn [ 33.051672][ T261] Call Trace: [ 33.051676][ T261] [ 33.051678][ T261] ? _drm_do_get_edid+0x772/0x800 [drm] [ 33.063026][ T261] dump_stack_lvl+0x34/0x44 [ 33.067401][ T261] print_address_description+0x1f/0x200 Startin[ 33.073855][ T261] ? _drm_do_get_edid+0x772/0x800 [drm] [ 33.086777][ T261] ? _raw_spin_lock_irqsave+0x87/0x100 [ 33.097761][ T261] ? _drm_do_get_edid+0x772/0x800 [drm] [ 33.103255][ T261] _drm_do_get_edid+0x772/0x800 [drm] [ 33.108533][ T261] ? drm_edid_duplicate+0x80/0x80 [drm] [ 33.113979][ T261] ? drm_parse_cea_ext+0x1540/0x1540 [drm] Startin[ 33.119686][ T261] ? drm_edid_duplicate+0x80/0x80 [drm] SD Secure Shell [ 33.133356][ T261] ? drm_get_edid_switcheroo+0x180/0x180 [drm] [ 33.140758][ T261] ? __cond_resched+0x1c/0xc0 [ 33.146598][ T261] drm_edid_read_ddc+0xa3/0x100 [drm] [ 33.151875][ T261] ? drm_edid_read_custom+0x280/0x280 [drm] 1;39mPermit User[ 33.171911][ T261] intel_hdmi_detect+0x377/0x600 [i915] [ 33.178708][ T261] ? drm_modeset_lock+0xb9/0x300 [drm] [ 33.185417][ T261] drm_helper_probe_detect+0x17b/0x200 [drm_kms_helper] [ 33.192240][ T261] drm_helper_probe_single_connector_modes+0x1040/0x1a00 [drm_kms_helper] [ 33.200624][ T261] ? drm_connector_mode_valid+0x1c0/0x1c0 [drm_kms_helper] [ 33.207698][ T261] ? __mutex_lock_slowpath+0x40/0x40 1;39m/etc/rc.loc[ 33.229645][ T261] ? mutex_lock+0x9f/0x100 al Compatibility[ 33.235309][ T261] ? __mutex_lock_slowpath+0x40/0x40 [ 33.241843][ T261] ? intel_fbdev_unregister+0x100/0x100 [i915] [ 33.248463][ T261] __drm_fb_helper_initial_config_and_unlock+0xae/0x2c0 [drm_kms_helper] [ 33.256757][ T261] intel_fbdev_initial_config+0x3b/0x80 [i915] [ 33.262960][ T261] async_run_entry_fn+0x96/0x500 [ 33.267761][ T261] process_one_work+0x689/0x1040 [ 33.272558][ T261] worker_thread+0x5b3/0xf00 1;39mLSB: Load k[ 33.288691][ T261] ? process_one_work+0x1040/0x1040 ernel image with[ 33.295142][ T261] ? process_one_work+0x1040/0x1040 [ 33.301588][ T261] kthread+0x292/0x340 [ 33.306650][ T261] ? kthread_complete_and_exit+0x40/0x40 [ 33.312155][ T261] ret_from_fork+0x22/0x30 [ 33.316449][ T261] [ 33.316452][ T261] [ 33.316453][ T261] Allocated by task 0: [ 33.316455][ T261] (stack is not available) [ 33.316456][ T261] [ 33.331939][ T261] The buggy address belongs to the object at ffff8888517eaa00 [ 33.331939][ T261] which belongs to the cache kmalloc-256 of size 256 [ 33.331944][ T261] The buggy address is located 0 bytes to the right of [ 33.331944][ T261] 256-byte region [ffff8888517eaa00, ffff8888517eab00) [ 33.331947][ T261] [ 33.331947][ T261] The buggy address belongs to the physical page: [ 33.346664][ T8] scsi 1:0:0:0: Direct-Access ATA INTEL SSDSC2KG96 0110 PQ: 0 ANSI: 5 [ 33.359346][ T261] page:000000009802dbb5 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8517ea [ 33.359354][ T261] head:000000009802dbb5 order:1 compound_mapcount:0 compound_pincount:0 [ 33.359356][ T261] flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff) 1;39mGetty on tt[ 33.422643][ T261] page dumped because: kasan: bad access detected [ 33.430302][ T261] [ 33.432492][ T261] Memory state around the buggy address: [ 33.438758][ T261] ffff8888517eaa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.446689][ T261] ffff8888517eaa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.454615][ T261] >ffff8888517eab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.462538][ T261] ^ [ 33.475784][ T261] ffff8888517eac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0m] Reached targ[ 33.483706][ T261] ================================================================== [ 33.519370][ T261] fbcon: i915drmfb (fb0) is primary device [ 33.537414][ T261] Console: switching to colour frame buffer device 160x64 [ 33.569314][ T261] i915 0000:00:02.0: [drm] fb0: i915drmfb frame buffer device To reproduce: git clone https://github.com/intel/lkp-tests.git cd lkp-tests sudo bin/lkp install job.yaml # job file is attached in this email bin/lkp split-job --compatible job.yaml # generate the yaml file for lkp run sudo bin/lkp run generated-yaml-file # if come across any failure that blocks the test, # please remove ~/.lkp and /lkp dir to run from a clean state. -- 0-DAY CI Kernel Test Service https://01.org/lkp