slab error in verify_redzone_free(): cache `radix_tree_node':memory outside object was overwritten
From: Soeren Sonnenburg
Date: Wed Nov 14 2012 - 16:01:33 EST
Hi there!
I am on a core i7 system bl67 intel board and it all keeps oopsing on
me. On 3.2.33 I get on 3.6.6 I get rcu errors (though rcu stress test
didn't show anything) or traces that include cpuidle / apic.
Does anyone have an idea what that could be? The system is just running
a plain console and some disk i/o is going on all the time.
Thanks,
Soeren
slab error in verify_redzone_free(): cache `radix_tree_node': memory outside object was overwritten
Pid: 0, comm: swapper/3 Not tainted 3.2.33 #1
Call Trace:
<IRQ> [<ffffffff8112554b>] ? __slab_error.isra.53+0x1b/0x30
[<ffffffff811257de>] ? cache_free_debugcheck+0x27e/0x280
[<ffffffff810df2a4>] ? __rcu_process_callbacks+0x174/0x390
[<ffffffff81125ecb>] ? kmem_cache_free+0x5b/0x1e0
[<ffffffff810df2a4>] ? __rcu_process_callbacks+0x174/0x390
[<ffffffff81094a15>] ? __do_softirq+0x95/0x120
[<ffffffff81058118>] ? lapic_next_event+0x18/0x20
[<ffffffff810b873f>] ? clockevents_program_event+0x6f/0x110
[<ffffffff8169ba6c>] ? call_softirq+0x1c/0x30
[<ffffffff8103e725>] ? do_softirq+0x65/0xa0
[<ffffffff81094dbe>] ? irq_exit+0x8e/0xb0
[<ffffffff810587d8>] ? smp_apic_timer_interrupt+0x68/0xa0
[<ffffffff8169aede>] ? apic_timer_interrupt+0x6e/0x80
<EOI> [<ffffffff813c2aed>] ? intel_idle+0xed/0x160
[<ffffffff813c2acb>] ? intel_idle+0xcb/0x160
[<ffffffff815a473b>] ? cpuidle_idle_call+0x8b/0x100
[<ffffffff8103b18a>] ? cpu_idle+0x6a/0xf0
ffff8801ba9366d8: redzone 1:0xd84156c5635688c0, redzone 2:0xf14156c5635688c0.
slab error in verify_redzone_free(): cache `radix_tree_node': memory outside object was overwritten
Pid: 16, comm: ksoftirqd/3 Not tainted 3.2.33 #1
Call Trace:
[<ffffffff8112554b>] ? __slab_error.isra.53+0x1b/0x30
[<ffffffff811257de>] ? cache_free_debugcheck+0x27e/0x280
[<ffffffff810df2a4>] ? __rcu_process_callbacks+0x174/0x390
[<ffffffff81125ecb>] ? kmem_cache_free+0x5b/0x1e0
[<ffffffff810df2a4>] ? __rcu_process_callbacks+0x174/0x390
[<ffffffff81094a15>] ? __do_softirq+0x95/0x120
[<ffffffff81094baa>] ? run_ksoftirqd+0x10a/0x230
[<ffffffff81094aa0>] ? __do_softirq+0x120/0x120
[<ffffffff81094aa0>] ? __do_softirq+0x120/0x120
[<ffffffff810aa16e>] ? kthread+0x7e/0x90
[<ffffffff8169b974>] ? kernel_thread_helper+0x4/0x10
[<ffffffff810aa0f0>] ? kthread_worker_fn+0x180/0x180
[<ffffffff8169b970>] ? gs_change+0x13/0x13
ffff8801ba936248: redzone 1:0xd84156c5635688c0, redzone 2:0x964156c5635688c0.
slab error in verify_redzone_free(): cache `radix_tree_node': memory outside object was overwritten
Pid: 0, comm: swapper/3 Not tainted 3.2.33 #1
Call Trace:
<IRQ> [<ffffffff8112554b>] ? __slab_error.isra.53+0x1b/0x30
[<ffffffff811257de>] ? cache_free_debugcheck+0x27e/0x280
[<ffffffff810df2a4>] ? __rcu_process_callbacks+0x174/0x390
[<ffffffff81125ecb>] ? kmem_cache_free+0x5b/0x1e0
[<ffffffff810df2a4>] ? __rcu_process_callbacks+0x174/0x390
[<ffffffff81094a15>] ? __do_softirq+0x95/0x120
[<ffffffff81058118>] ? lapic_next_event+0x18/0x20
[<ffffffff810b873f>] ? clockevents_program_event+0x6f/0x110
[<ffffffff8169ba6c>] ? call_softirq+0x1c/0x30
[<ffffffff8103e725>] ? do_softirq+0x65/0xa0
[<ffffffff81094dbe>] ? irq_exit+0x8e/0xb0
[<ffffffff810587d8>] ? smp_apic_timer_interrupt+0x68/0xa0
[<ffffffff8169aede>] ? apic_timer_interrupt+0x6e/0x80
<EOI> [<ffffffff813c2aed>] ? intel_idle+0xed/0x160
[<ffffffff813c2acb>] ? intel_idle+0xcb/0x160
[<ffffffff815a473b>] ? cpuidle_idle_call+0x8b/0x100
[<ffffffff8103b18a>] ? cpu_idle+0x6a/0xf0
ffff8801ba9366d8: redzone 1:0xd84156c5635688c0, redzone 2:0xf04156c5635688c0.
slab error in verify_redzone_free(): cache `radix_tree_node': memory outside object was overwritten
Pid: 0, comm: swapper/3 Not tainted 3.2.33 #1
Call Trace:
<IRQ> [<ffffffff8112554b>] ? __slab_error.isra.53+0x1b/0x30
[<ffffffff811257de>] ? cache_free_debugcheck+0x27e/0x280
[<ffffffff810df2a4>] ? __rcu_process_callbacks+0x174/0x390
[<ffffffff81125ecb>] ? kmem_cache_free+0x5b/0x1e0
[<ffffffff810df2a4>] ? __rcu_process_callbacks+0x174/0x390
[<ffffffff81094a15>] ? __do_softirq+0x95/0x120
[<ffffffff81058118>] ? lapic_next_event+0x18/0x20
[<ffffffff810b873f>] ? clockevents_program_event+0x6f/0x110
[<ffffffff8169ba6c>] ? call_softirq+0x1c/0x30
[<ffffffff8103e725>] ? do_softirq+0x65/0xa0
[<ffffffff81094dbe>] ? irq_exit+0x8e/0xb0
[<ffffffff810587d8>] ? smp_apic_timer_interrupt+0x68/0xa0
[<ffffffff8169aede>] ? apic_timer_interrupt+0x6e/0x80
<EOI> [<ffffffff813c2aed>] ? intel_idle+0xed/0x160
[<ffffffff813c2acb>] ? intel_idle+0xcb/0x160
[<ffffffff815a473b>] ? cpuidle_idle_call+0x8b/0x100
[<ffffffff8103b18a>] ? cpu_idle+0x6a/0xf0
ffff8801ba936248: redzone 1:0xd84156c5635688c0, redzone 2:0x964156c5635688c0.
Slab corruption: radix_tree_node start=ffff8801ba936b70, len=560
Redzone: 0x9f911029d74e35b/0x9f911029d74e35b.
Last user: [<ffffffff810df2a4>](__rcu_process_callbacks+0x174/0x390)
090: 6b 6b 6b 6b 6b 6b 6b 00 6b 6b 6b 6b 6b 6b 6b 00 kkkkkkk.kkkkkkk.
0a0: 6b 6b 6b 6b 6b 6b 6b 00 6b 6b 6b 6b 6b 6b 6b 00 kkkkkkk.kkkkkkk.
0b0: 6b 6b 6b 6b 6b 6b 6b 00 6b 6b 6b 6b 6b 6b 6b 00 kkkkkkk.kkkkkkk.
0c0: 6b 6b 6b 6b 6b 6b 6b 00 6b 6b 6b 6b 6b 6b 6b 00 kkkkkkk.kkkkkkk.
Prev obj: start=ffff8801ba936928, len=560
Redzone: 0xfd4156c5635688c0/0xd84156c5635688c0.
Last user: [<ffffffff813775d6>](radix_tree_preload+0x66/0xf0)
000: 01 00 00 00 00 00 00 3c 00 00 00 00 00 00 00 b8 .......<........
010: 00 00 00 00 00 00 00 19 00 00 00 00 00 00 00 00 ................
Next obj: start=ffff8801ba936db8, len=560
Redzone: 0xd84156c5635688c0/0xd84156c5635688c0.
Last user: [<ffffffff813775d6>](radix_tree_preload+0x66/0xf0)
000: 01 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 ....@...........
010: 00 00 00 00 00 00 00 00 08 96 1a 0c 00 ea ff ff ................
--
For the one fact about the future of which we can be certain is that it
will be utterly fantastic. -- Arthur C. Clarke, 1962
Attachment:
signature.asc
Description: This is a digitally signed message part