From nobody Fri Mar 21 08:56:01 2025
X-Original-To: current@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZJxBD65k4z5qtPs
	for <current@mlmmj.nyi.freebsd.org>; Fri, 21 Mar 2025 08:56:04 +0000 (UTC)
	(envelope-from glebius@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4ZJxBD5NQXz3Kwx;
	Fri, 21 Mar 2025 08:56:04 +0000 (UTC)
	(envelope-from glebius@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1742547364;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=wJxClWI1hv1wazIyOkvALbFpEuon2NH0RtTvs8v4uMg=;
	b=Rbr5esp9AsXO6Zfmdhs7WWr2UeJJ/qt126oeu3jnZ43FKkQRp3PaI+yJkMkLW8rT1URJcW
	Ci6p9+E7MCEALfIEMYYRLukRCvVzjGgUxBIqbXuk0ncvP0tAPK1hp9D+FRdhp0kiappvvc
	FJIvuCgTYN1La9Z98u/tfhUULL2ou+3vMwPS263lMZ4fv+whVuUvZgPWEAI6xf8/yuyLH5
	8JHVLvNSmJVdgho9WYNuQAbbPuhFQvhKuy3kpAclEQ3w1ZabCeMvzylxbnSN7If8HLbUz3
	LxuaTixdT7APh51Ge5WnHoZG96NLrb4EDAsdwv4kpTa9EPYsPVcoHt8H5Be62Q==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1742547364; a=rsa-sha256; cv=none;
	b=ngj2bvlwxamPNSXm0aPuaO4oBrEU/RV0EuQmvbh2emQ6lt7pyd9NJ1WLvR5XYxuzsFN+3F
	Ia5+ahXz38WlxiAU1FR7iUHwX27NXLVsS1+tWj7WGwqz6JKnZlwUDkq22BRM5ZawLNGuQ/
	s+Z26SRNOvyUUv+zRAmSdoCmb9kxK7SbHqZInUyPCwt++++WzHFRcS+tfXYcBjse91IHKo
	4e31S+PujvVRtOe7zhqjmvvHOpbMFp2S3hRi/ku+p/kaEljMNN5fmh6TY/ZEcVAAN0yW6e
	w4hIGpaZbBKYDqKzSmNE7E8JfVERvgslVQrE7aEhTsBzJnPwO2/8QTPWGWb5Ww==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1742547364;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=wJxClWI1hv1wazIyOkvALbFpEuon2NH0RtTvs8v4uMg=;
	b=GPeZrpsz+El+kf9rjllyvMihSTJK6/h2TuU+uAB8G5XFuGMc8TWtyL46lNoM4w63ho/S0T
	INOgZY22jp3YGMFiYNvLQUf/PbxsJQ4mGLO629rEGL1f8hSPDqJ6Ydz+RVVU5TTwUlirnq
	D88wI/tpVoTGzfopHZBDhiAgyNcMnUv64P57R8Bl1rmfQPzwI4tx8z/YVQisjWYZmHRllu
	HwgkW74I2VMASMUg11YWnCwll91CC/qF7DgLI4avBdiD9GEoh3r7+T80Um9oDZNhbWt+9X
	LTfFErbZlXMaNN1UGnPCVpiyi/UO1MJ2HuQAsuL4p/ca7DrL3XhW9w7lSYLJ4w==
Received: from cell.glebi.us (glebi.us [162.251.186.162])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: glebius)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4ZJxBC6z0SzQf7;
	Fri, 21 Mar 2025 08:56:03 +0000 (UTC)
	(envelope-from glebius@freebsd.org)
Date: Fri, 21 Mar 2025 01:56:01 -0700
From: Gleb Smirnoff <glebius@freebsd.org>
To: "Bjoern A. Zeeb" <bz@freebsd.org>
Cc: David Wolfskill <david@catwhisker.org>, current@freebsd.org,
	markj@freebsd.org, kib@freebsd.org, jhb@freebsd.org
Subject: Re: Possible video driver issue after main-n275966-d2a55e6a9348 ->
 main-n275975-5963423232e8
Message-ID: <Z90poZ960b6jCXqn@cell.glebi.us>
References: <Z9WJsC4FcyHQkME-@albert.catwhisker.org>
 <Z9jRXIe5cNnlRfhU@albert.catwhisker.org>
 <01qqq28n-p1s3-n82q-9n1s-7o900ro5n62q@SerrOFQ.bet>
 <Z9l7vF_gt57AyzDC@albert.catwhisker.org>
 <Z9mN10KGg_pQXbly@albert.catwhisker.org>
 <Z9oBNVH7l8QKHSC3@cell.glebi.us>
 <rp062q43-939r-3o94-7s04-06s8669nsq1s@serrofq.bet>
List-Id: Discussions about the use of FreeBSD-current <freebsd-current.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-current
List-Help: <mailto:freebsd-current+help@freebsd.org>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Subscribe: <mailto:freebsd-current+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-current+unsubscribe@freebsd.org>
Sender: owner-freebsd-current@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <rp062q43-939r-3o94-7s04-06s8669nsq1s@serrofq.bet>

On Thu, Mar 20, 2025 at 07:52:19PM +0000, Bjoern A. Zeeb wrote:
B> He's hitting a ... somewhere in i915kms.ko (here's the two instances I
B> have):
B> REDZONE: Buffer underflow detected. 16 bytes corrupted before 0xfffffe089bc65000 (262148 bytes allocated).
B> REDZONE: Buffer underflow detected. 16 bytes corrupted before 0xfffffe08a7e70000 (262148 bytes allocated).

I looked a bit into the problem and it actually seems very trivial to me.
Please re-check my observations.

A contigmalloc(9) allocation doesn't get redzone protection, see kern_malloc.c.
But free(9) always does contigmalloc check.  This makes deprecation of
contigfree(9) incompatible with redzone(9). And looks like
19df0c5abcb9d4e951e610b6de98d4d8a00bd5f9 is our first bump into this sad fact.

Added reviewers of d1bdc2821fcd416ab9b238580386eb605a6128d0 to Cc.

-- 
Gleb Smirnoff