Re: ipc,sem: sysv semaphore scalability

From: Sasha Levin
Date: Tue Apr 02 2013 - 12:10:41 EST

Next message: Nicolas Pitre: "Re: [PATCH v4 2/2] arm: prefer PSCI for SMP bringup"
Previous message: Joerg Roedel: "Re: [PATCH 1/3] iommu/amd: Add logic to decode AMD IOMMU event flag"
In reply to: Stanislav Kinsbursky: "Re: ipc,sem: sysv semaphore scalability"
Next in thread: Linus Torvalds: "Re: ipc,sem: sysv semaphore scalability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 03/29/2013 03:36 PM, Peter Hurley wrote:
> On Fri, 2013-03-29 at 12:26 -0700, Linus Torvalds wrote:
>> On Fri, Mar 29, 2013 at 12:06 PM, Dave Jones <davej@xxxxxxxxxx> wrote:
>>>
>>> Here's an oops I just hit..
>>>
>>> BUG: unable to handle kernel NULL pointer dereference at 000000000000000f
>>> IP: [<ffffffff812c24ca>] testmsg.isra.5+0x1a/0x60
>>
>> Btw, looking at the code leading up to this, what the f*ck is wrong
>> with the IPC stuff?
>>
>> It's using the generic list stuff for most of the lists, but then it
>> open-codes the accesses.
>>
>> So instead of using
>>
>> for_each_entry(walk_msg, &msq->q_messages, m_list) {
>> ..
>> }
>>
>> the ipc/msg.c code does all that by hand, with
>>
>> tmp = msq->q_messages.next;
>> while (tmp != &msq->q_messages) {
>> struct msg_msg *walk_msg;
>>
>> walk_msg = list_entry(tmp, struct msg_msg, m_list);
>> ...
>> tmp = tmp->next;
>> }
>>
>> Ugh. The code is near unreadable. And then it has magic memory
>> barriers etc, implying that it doesn't lock the data structures, but
>> no comments about them. See expunge_all() and pipelined_send().
>>
>> The code seems entirely random, and it's badly set up (annoyance of
>> the day: crazy helper functions in ipc/msgutil.c to make sure that (a)
>> you have to spend more effort looking for them, and (b) they won't get
>> inlined).
>>
>> Clearly nobody has cared for the crazy IPC message code in a long time.
>
> Exactly that's what my patch series does; clean this mess up.
>
> This is what I wrote to Andrew a couple of days ago.
>
> On Tue, 2013-03-26 at 22:33 -0400, Peter Hurley wrote:
> I just figured out how the queue is being corrupted and why my series
>> fixes it.
>>
>>
>> With MSG_COPY set, the queue scan can exit with the local variable
> 'msg'
>> pointing to a real msg if the msg_counter never reaches the
> copy_number.
>>
>> The remaining execution looks like this:
>>
>> if (!IS_ERR(msg)) {
>> ....
>> if (msgflg & MSG_COPY)
>> goto out_unlock;
>> ....
>>
>> out_unlock:
>> msg_unlock(msq);
>> break;
>> }
>> }
>> if (IS_ERR(msg))
>> ....
>>
>> bufsz = msg_handler();
>> free_msg(msg); <<---- msg never unlinked
>>
>>
>> Since the msg should not have been found (because it failed the match
>> criteria), the if (!IS_ERR(msg)) clause should never have executed.
>>
>> That's why my refactor fixes resolve this; because msg is not
>> inadvertently treated as a found msg.
>>
>> But let's be honest; the real bug here is the poor structure of this
>> function that even made this possible. The deepest nesting executes a
>> goto to a label in the middle of an if clause. Yuck! No wonder this
>> thing's fragile.
>>
>> So my recommendation still stands. The series that fixes this has been
>> getting tested in linux-next for a month. Fixing this some other way
> is
>> just asking for more trouble.
>>
>> But why not just revert MSG_COPY altogether for 3.9?

If you guys are already looking at this, the conversions between size_t,
long and int in the do_msgrcv/load_msg/alloc_msg code are a mess. You could
trigger anything from:

[ 33.046572] BUG: unable to handle kernel paging request at ffff88003c2c7000
[ 33.047721] IP: [<ffffffff83dbcb34>] bad_from_user+0x4/0x6
[ 33.048528] PGD 7232067 PUD 7233067 PMD 3ffff067 PTE 800000003c2c7060
[ 33.049506] Oops: 0002 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 33.050029] Modules linked in:
[ 33.050029] CPU 0
[ 33.050029] Pid: 6885, comm: a.out Tainted: G W 3.9.0-rc4-next-20130328-sasha-00017-g1463000 #321
[ 33.050029] RIP: 0010:[<ffffffff83dbcb34>] [<ffffffff83dbcb34>] bad_from_user+0x4/0x6
[ 33.050029] RSP: 0018:ffff88003462be40 EFLAGS: 00010246
[ 33.050029] RAX: 0000000000000000 RBX: 00000000fffffffb RCX: 00000000ff06ae2b
[ 33.050029] RDX: 00000000fffffffb RSI: 00007fffed36d2a0 RDI: ffff88003c2c7000
[ 33.050029] RBP: ffff88003462be88 R08: 0000000000000280 R09: 0000000000000000
[ 33.050029] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffffffb
[ 33.050029] R13: 00007fffed36d2a0 R14: 0000000000000000 R15: 0000000000000000
[ 33.050029] FS: 00007f6990044700(0000) GS:ffff88003dc00000(0000) knlGS:0000000000000000
[ 33.050029] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 33.050029] CR2: ffff88003c2c7000 CR3: 00000000347c8000 CR4: 00000000000406f0
[ 33.050029] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 33.050029] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 33.050029] Process a.out (pid: 6885, threadinfo ffff88003462a000, task ffff880034cb3000)
[ 33.050029] Stack:
[ 33.050029] ffffffff8192a6a9 ffff88003462be98 ffff88003b331e00 ffff88003ddd01e0
[ 33.050029] 0000000000000000 0000000000000000 0000000000000001 0000000000000000
[ 33.050029] 0000000000000000 ffff88003462bf68 ffffffff8192bb34 0000000000000000
[ 33.050029] Call Trace:
[ 33.050029] [<ffffffff8192a6a9>] ? load_msg+0x59/0x100
[ 33.050029] [<ffffffff8192bb34>] do_msgrcv+0x74/0x5b0
[ 33.050029] [<ffffffff81202c85>] ? user_exit+0xb5/0xe0
[ 33.050029] [<ffffffff8192a750>] ? load_msg+0x100/0x100
[ 33.050029] [<ffffffff8117cdcd>] ? trace_hardirqs_on+0xd/0x10
[ 33.050029] [<ffffffff81076ea0>] ? syscall_trace_enter+0x20/0x2e0
[ 33.050029] [<ffffffff8192c080>] SyS_msgrcv+0x10/0x20
[ 33.050029] [<ffffffff83db7e58>] tracesys+0xe1/0xe6
[ 33.050029] Code: e9 1f ee c3 fd b9 f2 ff ff ff e9 28 ee c3 fd b8 f2 ff ff ff e9 2f ee c3 fd ba f2 ff ff ff e9 bf f1 c3 fd 90
90 90 90 89 d1 31 c0 <f3> aa 89 d0 c3 01 ca e9 50 fa c4 fd c1 e1 06 01 ca eb 08 48 8d
[ 33.050029] RIP [<ffffffff83dbcb34>] bad_from_user+0x4/0x6
[ 33.050029] RSP <ffff88003462be40>
[ 33.050029] CR2: ffff88003c2c7000
[ 33.050029] ---[ end trace 9bba0da8a88b1faa ]---

To:

=============================================================================
[ 1393.475659] BUG kmalloc-4096 (Tainted: G W ): Padding overwritten. 0xffff88004e00f8f8-0xffff88004e00ffff
[ 1393.477469] -----------------------------------------------------------------------------
[ 1393.477469]
[ 1393.478980] Disabling lock debugging due to kernel taint
[ 1393.479730] INFO: Slab 0xffffea0001380200 objects=7 used=7 fp=0x (null) flags=0x1ffc0000004081
[ 1393.480030] Pid: 25258, comm: trinity-child54 Tainted: G B W 3.9.0-rc4-next-20130328-sasha-00017-g1463000 #321
[ 1393.480030] Call Trace:
[ 1393.480030] [<ffffffff8125a3ca>] slab_err+0xaa/0xd0
[ 1393.480030] [<ffffffff81179e5e>] ? put_lock_stats.isra.14+0xe/0x40
[ 1393.480030] [<ffffffff8125af14>] slab_pad_check+0x104/0x170
[ 1393.480030] [<ffffffff8125b045>] check_slab+0xc5/0xd0
[ 1393.480030] [<ffffffff83d67748>] free_debug_processing+0x52/0x204
[ 1393.480030] [<ffffffff83dafc5d>] ? _raw_spin_unlock_irqrestore+0x5d/0xb0
[ 1393.480030] [<ffffffff8192a583>] ? free_msg+0x33/0x40
[ 1393.480030] [<ffffffff8192a583>] ? free_msg+0x33/0x40
[ 1393.480030] [<ffffffff83d67931>] __slab_free+0x37/0x3f7
[ 1393.480030] [<ffffffff81a2268c>] ? __debug_check_no_obj_freed+0x16c/0x220
[ 1393.480030] [<ffffffff811c8ad7>] ? rcu_irq_exit+0x1c7/0x260
[ 1393.480030] [<ffffffff8125c07d>] ? kfree+0x20d/0x330
[ 1393.480030] [<ffffffff8192a583>] ? free_msg+0x33/0x40
[ 1393.480030] [<ffffffff8125c137>] kfree+0x2c7/0x330
[ 1393.480030] [<ffffffff8192a583>] free_msg+0x33/0x40
[ 1393.480030] [<ffffffff8192a739>] load_msg+0xe9/0x100
[ 1393.480030] [<ffffffff8192bb34>] do_msgrcv+0x74/0x5b0
[ 1393.480030] [<ffffffff81202c85>] ? user_exit+0xb5/0xe0
[ 1393.480030] [<ffffffff8192a750>] ? load_msg+0x100/0x100
[ 1393.480030] [<ffffffff8117cdcd>] ? trace_hardirqs_on+0xd/0x10
[ 1393.480030] [<ffffffff81076ea0>] ? syscall_trace_enter+0x20/0x2e0
[ 1393.480030] [<ffffffff8192c080>] SyS_msgrcv+0x10/0x20
[ 1393.480030] [<ffffffff83db7e58>] tracesys+0xe1/0xe6
[ 1393.480030] Padding ffff88004e00f8f8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.480030] Padding ffff88004e00f908: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.480030] Padding ffff88004e00f918: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.480030] Padding ffff88004e00f928: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f938: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f948: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f958: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f968: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f978: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f988: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f998: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f9a8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f9b8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f9c8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f9d8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f9e8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00f9f8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fa08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fa18: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fa28: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fa38: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fa48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fa58: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fa68: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fa78: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fa88: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fa98: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00faa8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fab8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fac8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fad8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fae8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00faf8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fb08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fb18: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fb28: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fb38: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fb48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fb58: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fb68: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fb78: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fb88: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fb98: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fba8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fbb8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fbc8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fbd8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fbe8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fbf8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fc08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fc18: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fc28: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fc38: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fc48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fc58: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fc68: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fc78: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fc88: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fc98: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fca8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fcb8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fcc8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fcd8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fce8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fcf8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fd08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fd18: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fd28: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fd38: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fd48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fd58: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fd68: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fd78: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fd88: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fd98: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fda8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fdb8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fdc8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fdd8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fde8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fdf8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fe08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fe18: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fe28: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fe38: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fe48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fe58: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fe68: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fe78: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fe88: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fe98: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fea8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00feb8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fec8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fed8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fee8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fef8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ff08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ff18: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ff28: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ff38: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ff48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ff58: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ff68: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ff78: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ff88: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ff98: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ffa8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ffb8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ffc8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ffd8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00ffe8: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.509882] Padding ffff88004e00fff8: 00 00 00 00 00 00 00 00 ........
[ 1393.509882] FIX kmalloc-4096: Restoring 0xffff88004e00f8f8-0xffff88004e00ffff=0x5a
[ 1393.509882]
[ 1393.689228] =============================================================================
[ 1393.690761] BUG kmalloc-4096 (Tainted: G B W ): Redzone overwritten
[ 1393.690761] -----------------------------------------------------------------------------
[ 1393.690761]
[ 1393.690761] INFO: 0xffff88004e00f7b0-0xffff88004e00f7b7. First byte 0x0 instead of 0xcc
[ 1393.690761] INFO: Slab 0xffffea0001380200 objects=7 used=6 fp=0xffff88004e008000 flags=0x1ffc0000004081
[ 1393.690761] INFO: Object 0xffff88004e00e7b0 @offset=26544 fp=0x (null)
[ 1393.690761]
[ 1393.690761] Bytes b4 ffff88004e00e7a0: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ
[ 1393.690761] Object ffff88004e00e7b0: 48 91 00 4e 00 88 ff ff 6b 6b 6b 6b 6b 6b 6b 6b H..N....kkkkkkkk
[ 1393.690761] Object ffff88004e00e7c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e7d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e7e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e7f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e800: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e810: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e820: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e830: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e840: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e850: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e860: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e870: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e880: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e890: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e8a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e8b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e8c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e8d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e8e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e8f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e900: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e910: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e920: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e930: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e940: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e950: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e960: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e970: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e980: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e990: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e9a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e9b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e9c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e9d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e9e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00e9f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ea00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ea10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ea20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ea30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ea40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ea50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ea60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ea70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ea80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ea90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eaa0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eab0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eac0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ead0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eae0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eaf0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eb00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eb10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eb20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eb30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eb40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eb50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eb60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eb70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eb80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eb90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eba0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ebb0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ebc0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ebd0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ebe0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ebf0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ec00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ec10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ec20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ec30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ec40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ec50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ec60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ec70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ec80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ec90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00eca0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ecb0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ecc0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ecd0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ece0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
[ 1393.690761] Object ffff88004e00ecf0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 00 kkkkkkkkkkk.....
[ 1393.690761] Object ffff88004e00ed00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ed10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ed20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ed30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ed40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ed50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ed60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ed70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ed80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ed90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00eda0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00edb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00edc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00edd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ede0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00edf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ee10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ee20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ee30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ee40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ee50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ee60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ee70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ee80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ee90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00eea0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00eeb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00eec0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00eed0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00eee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00eef0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ef10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ef20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ef30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ef40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ef50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ef60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ef70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00ef90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00efa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00efb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00efc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00efd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00efe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00eff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f0a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f0b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f0c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f0d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f0e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f0f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f1a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f1b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f1c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f1d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f1e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f1f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f210: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f220: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f230: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f240: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f250: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f260: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f270: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f290: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f2a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f2b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f2c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f2d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f2e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f2f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f310: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f320: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f330: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f340: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f350: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f360: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f370: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f390: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f3a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f3b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f3c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f3d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f3e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f3f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f410: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f420: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f430: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f440: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f450: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f460: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f470: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f490: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f4a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f4b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f4c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f4d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f4e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f4f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f510: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f520: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f540: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f550: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f560: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f570: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f590: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f5a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f5b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f5c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f5d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f5e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f5f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f610: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f620: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f630: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f640: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f650: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f660: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f670: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f690: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f6a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f6b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f6c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f6d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f6e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f6f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f710: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f720: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f730: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f740: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f750: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f760: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f770: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f790: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Object ffff88004e00f7a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[ 1393.690761] Redzone ffff88004e00f7b0: 00 00 00 00 00 00 00 00 ........
[ 1393.690761] Padding ffff88004e00f8f0: 00 00 00 00 00 00 00 00 ........
[ 1393.690761] Pid: 25258, comm: trinity-child54 Tainted: G B W 3.9.0-rc4-next-20130328-sasha-00017-g1463000 #321
[ 1393.690761] Call Trace:
[ 1393.690761] [<ffffffff81259268>] ? print_section+0x38/0x40
[ 1393.690761] [<ffffffff812593a1>] print_trailer+0x131/0x140
[ 1393.690761] [<ffffffff812597f4>] check_bytes_and_report+0xc4/0x120
[ 1393.690761] [<ffffffff8125a781>] check_object+0x51/0x240
[ 1393.690761] [<ffffffff83d677bd>] free_debug_processing+0xc7/0x204
[ 1393.690761] [<ffffffff8192a583>] ? free_msg+0x33/0x40
[ 1393.690761] [<ffffffff8192a583>] ? free_msg+0x33/0x40
[ 1393.690761] [<ffffffff83d67931>] __slab_free+0x37/0x3f7
[ 1393.690761] [<ffffffff81a2268c>] ? __debug_check_no_obj_freed+0x16c/0x220
[ 1393.690761] [<ffffffff811c8ad7>] ? rcu_irq_exit+0x1c7/0x260
[ 1393.690761] [<ffffffff8125c07d>] ? kfree+0x20d/0x330
[ 1393.690761] [<ffffffff8192a583>] ? free_msg+0x33/0x40
[ 1393.690761] [<ffffffff8125c137>] kfree+0x2c7/0x330
[ 1393.690761] [<ffffffff8192a583>] free_msg+0x33/0x40
[ 1393.690761] [<ffffffff8192a739>] load_msg+0xe9/0x100
[ 1393.690761] [<ffffffff8192bb34>] do_msgrcv+0x74/0x5b0
[ 1393.690761] [<ffffffff81202c85>] ? user_exit+0xb5/0xe0
[ 1393.690761] [<ffffffff8192a750>] ? load_msg+0x100/0x100
[ 1393.690761] [<ffffffff8117cdcd>] ? trace_hardirqs_on+0xd/0x10
[ 1393.690761] [<ffffffff81076ea0>] ? syscall_trace_enter+0x20/0x2e0
[ 1393.690761] [<ffffffff8192c080>] SyS_msgrcv+0x10/0x20
[ 1393.690761] [<ffffffff83db7e58>] tracesys+0xe1/0xe6
[ 1393.690761] FIX kmalloc-4096: Restoring 0xffff88004e00f7b0-0xffff88004e00f7b7=0xcc

By just playing with the 'msgsz' parameter with MSG_COPY set.

Thanks,
Sasha
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nicolas Pitre: "Re: [PATCH v4 2/2] arm: prefer PSCI for SMP bringup"
Previous message: Joerg Roedel: "Re: [PATCH 1/3] iommu/amd: Add logic to decode AMD IOMMU event flag"
In reply to: Stanislav Kinsbursky: "Re: ipc,sem: sysv semaphore scalability"
Next in thread: Linus Torvalds: "Re: ipc,sem: sysv semaphore scalability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]