On Fri, 7 Mar 2003, Andrew Morton wrote:
> > [root@dev16-002 root]# Slab corruption: start=db0bbc44, expend=db0bbc83, problemat=db0bbc48
> > Data: ....71 F0 2C .........................................................
> > Next: 71 F0 2C .71 F0 2C .........................
> > slab error in check_poison_obj(): cache `size-64': object was modified after freeing
> > Call Trace:
> > [<c0142319>] check_poison_obj+0x119/0x130
> > [<c0143c92>] kmalloc+0xd2/0x180
> > [<c0166188>] pipe_new+0x28/0xd0
> > [<c0166263>] get_pipe_inode+0x23/0xb0
> > [<c0166322>] do_pipe+0x32/0x1e0
> > [<c01704ac>] dput+0x1c/0x2b0
> > [<c016661e>] getname+0x5e/0xa0
> > [<c012f9b0>] sigprocmask+0xe0/0x150
> > [<c012fb9a>] sys_rt_sigprocmask+0x17a/0x190
> > [<c0111ed3>] sys_pipe+0x13/0x60
> > [<c010ad9b>] syscall_call+0x7/0xb
>
> I don't see any clues there.
>
> This is a bad, bad bug. How are you triggering it?
Very hard to trigger, currently it's happening whilst the system appears
to be idle so i'm trying to track down what processes there are when the
trigger happens.
> Manfred, would it be possible to add builtin_return_address(0) into each
> object, so we can find out who did the initial kmalloc (or kfree, even)?
>
> It'll probably require CONFIG_FRAME_POINTER.
Zwane
-- function.linuxpower.ca - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Mar 07 2003 - 22:00:36 EST