2007-09-19 12:39:29

by Alexey Dobriyan

Subject: 2.6.23-rc6-mm1: BUG kmalloc-16: Object padding overwritten (sysfs?)

Occured right after "sudo reboot" invocation (I think)
with some crash proggies running (which -mm survives)

BUG kmalloc-16: Object padding overwritten
-----------------------------------------------------------------------------

INFO: 0xffff8101000d7998-0xffff8101000d7998. First byte 0x63 instead of 0x5a
INFO: Allocated in sysfs_new_dirent+0x100/0x120 age=16985537 cpu=1 pid=3426
INFO: Freed in kobject_uevent_env+0x123/0x430 age=16985537 cpu=1 pid=3426
INFO: Slab 0xffff810004802f08 used=21 fp=0xffff8101000d78f0 flags=0x80000000000000c3
INFO: Object 0xffff8101000d7948 @offset=2376 fp=0xffff8101000d79a0

Bytes b4 0xffff8101000d7938: ef 23 ff 00 01 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ?#?.....ZZZZZZZZ
Object 0xffff8101000d7948: 73 75 62 73 79 73 74 65 6d 00 6b 6b 6b 6b 6b a5 subsystem.kkkkk?
Redzone 0xffff8101000d7958: cc cc cc cc cc cc cc cc ????????
Padding 0xffff8101000d7998: 63 5a 5a 5a 5a 5a 5a 5a cZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff802cd93f>] release_sysfs_dirent+0x7f/0xb0
[<ffffffff80282c34>] check_object+0x234/0x270
[<ffffffff802838c8>] __slab_free+0x268/0x370
[<ffffffff802cd93f>] release_sysfs_dirent+0x7f/0xb0
[<ffffffff802841b1>] kfree+0xb1/0x150
[<ffffffff802cd93f>] release_sysfs_dirent+0x7f/0xb0
[<ffffffff802cdb98>] sysfs_addrm_finish+0x228/0x260
[<ffffffff802cc1d1>] sysfs_hash_and_remove+0x51/0x80
[<ffffffff803361a3>] device_del+0x53/0x300
[<ffffffff80336459>] device_unregister+0x9/0x20
[<ffffffff80326064>] con_close+0x64/0x80
[<ffffffff80318157>] release_dev+0x1c7/0x750
[<ffffffff802740e8>] remove_vma+0x58/0x70
[<ffffffff80282c34>] check_object+0x234/0x270
[<ffffffff80282408>] init_object+0x88/0xa0
[<ffffffff8028275b>] check_bytes_and_report+0x4b/0x100
[<ffffffff803186f1>] tty_release+0x11/0x20
[<ffffffff8028974a>] __fput+0x5a/0x150
[<ffffffff80286798>] filp_close+0x48/0x80
[<ffffffff80230b09>] put_files_struct+0xe9/0x120
[<ffffffff80232039>] do_exit+0x1c9/0x960
[<ffffffff80239529>] __dequeue_signal+0x19/0x1d0
[<ffffffff80409ae0>] _spin_unlock_irqrestore+0x40/0x80
[<ffffffff802327ff>] do_group_exit+0x2f/0x90
[<ffffffff8023b327>] get_signal_to_deliver+0x2e7/0x4a0
[<ffffffff8020b139>] do_notify_resume+0xb9/0x7f0
[<ffffffff80225db7>] __wake_up_common+0x47/0x70
[<ffffffff80409b05>] _spin_unlock_irqrestore+0x65/0x80
[<ffffffff802508d1>] trace_hardirqs_on+0xd1/0x180
[<ffffffff80409ae0>] _spin_unlock_irqrestore+0x40/0x80
[<ffffffff80409cee>] unlock_kernel+0x2e/0x40
[<ffffffff803187bf>] tty_read+0xbf/0x100
[<ffffffff80408fba>] trace_hardirqs_on_thunk+0x35/0x37
[<ffffffff802508d1>] trace_hardirqs_on+0xd1/0x180
[<ffffffff8020bd4b>] sysret_signal+0x21/0x31
[<ffffffff8020bff7>] ptregscall_common+0x67/0xb0

FIX kmalloc-16: Restoring 0xffff8101000d7998-0xffff8101000d7998=0x5a


#
# Automatically generated make config: don't edit
# Linux kernel version: 2.6.23-rc6-mm1
# Tue Sep 18 14:50:11 2007
#
CONFIG_X86_64=y
CONFIG_64BIT=y
CONFIG_X86=y
CONFIG_GENERIC_TIME=y
CONFIG_GENERIC_CLOCKEVENTS=y
CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y
CONFIG_NONIRQ_WAKEUP=y
CONFIG_GENERIC_TIME_VSYSCALL=y
CONFIG_GENERIC_CMOS_UPDATE=y
CONFIG_ZONE_DMA32=y
CONFIG_LOCKDEP_SUPPORT=y
CONFIG_STACKTRACE_SUPPORT=y
CONFIG_SEMAPHORE_SLEEPERS=y
CONFIG_MMU=y
CONFIG_ZONE_DMA=y
CONFIG_QUICKLIST=y
CONFIG_NR_QUICK=2
CONFIG_RWSEM_GENERIC_SPINLOCK=y
CONFIG_GENERIC_HWEIGHT=y
CONFIG_GENERIC_CALIBRATE_DELAY=y
CONFIG_X86_CMPXCHG=y
CONFIG_EARLY_PRINTK=y
CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENERIC_IOMAP=y
CONFIG_ARCH_MAY_HAVE_PC_FDC=y
CONFIG_ARCH_POPULATES_NODE_MAP=y
CONFIG_DMI=y
CONFIG_AUDIT_ARCH=y
CONFIG_GENERIC_BUG=y
# CONFIG_ARCH_HAS_ILOG2_U32 is not set
# CONFIG_ARCH_HAS_ILOG2_U64 is not set
CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"

#
# General setup
#
CONFIG_EXPERIMENTAL=y
CONFIG_LOCK_KERNEL=y
CONFIG_INIT_ENV_ARG_LIMIT=32
CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_SWAP=y
CONFIG_SYSVIPC=y
CONFIG_SYSVIPC_SYSCTL=y
# CONFIG_POSIX_MQUEUE is not set
# CONFIG_BSD_PROCESS_ACCT is not set
# CONFIG_TASKSTATS is not set
# CONFIG_USER_NS is not set
# CONFIG_AUDIT is not set
CONFIG_IKCONFIG=y
CONFIG_IKCONFIG_PROC=y
CONFIG_LOG_BUF_SHIFT=15
# CONFIG_CONTAINERS is not set
CONFIG_SYSFS_DEPRECATED=y
# CONFIG_RELAY is not set
# CONFIG_BLK_DEV_INITRD is not set
# CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
CONFIG_SYSCTL=y
CONFIG_EMBEDDED=y
# CONFIG_UID16 is not set
# CONFIG_SYSCTL_SYSCALL is not set
CONFIG_KALLSYMS=y
CONFIG_KALLSYMS_ALL=y
# CONFIG_KALLSYMS_EXTRA_PASS is not set
CONFIG_HOTPLUG=y
CONFIG_PRINTK=y
CONFIG_BUG=y
CONFIG_ELF_CORE=y
CONFIG_BASE_FULL=y
CONFIG_FUTEX=y
# CONFIG_EPOLL is not set
# CONFIG_SIGNALFD is not set
# CONFIG_EVENTFD is not set
CONFIG_SHMEM=y
# CONFIG_VM_EVENT_COUNTERS is not set
CONFIG_SLUB_DEBUG=y
# CONFIG_SLAB is not set
CONFIG_SLUB=y
# CONFIG_SLOB is not set
# CONFIG_PROC_PAGE_MONITOR is not set
# CONFIG_PROC_KPAGEMAP is not set
CONFIG_RT_MUTEXES=y
# CONFIG_TINY_SHMEM is not set
CONFIG_BASE_SMALL=0
CONFIG_MODULES=y
CONFIG_MODULE_UNLOAD=y
# CONFIG_MODULE_FORCE_UNLOAD is not set
# CONFIG_MODVERSIONS is not set
# CONFIG_MODULE_SRCVERSION_ALL is not set
CONFIG_KMOD=y
CONFIG_STOP_MACHINE=y
CONFIG_BLOCK=y
# CONFIG_BLK_DEV_IO_TRACE is not set
# CONFIG_BLK_DEV_BSG is not set

#
# IO Schedulers
#
CONFIG_IOSCHED_NOOP=y
# CONFIG_IOSCHED_AS is not set
# CONFIG_IOSCHED_DEADLINE is not set
CONFIG_IOSCHED_CFQ=y
# CONFIG_DEFAULT_AS is not set
# CONFIG_DEFAULT_DEADLINE is not set
CONFIG_DEFAULT_CFQ=y
# CONFIG_DEFAULT_NOOP is not set
CONFIG_DEFAULT_IOSCHED="cfq"

#
# Processor type and features
#
CONFIG_TICK_ONESHOT=y
CONFIG_NO_HZ=y
CONFIG_HIGH_RES_TIMERS=y
CONFIG_GENERIC_CLOCKEVENTS_BUILD=y
CONFIG_X86_PC=y
# CONFIG_X86_VSMP is not set
CONFIG_MK8=y
# CONFIG_MPSC is not set
# CONFIG_MCORE2 is not set
# CONFIG_GENERIC_CPU is not set
CONFIG_X86_L1_CACHE_BYTES=64
CONFIG_X86_L1_CACHE_SHIFT=6
CONFIG_X86_INTERNODE_CACHE_BYTES=64
CONFIG_X86_TSC=y
CONFIG_X86_GOOD_APIC=y
# CONFIG_MICROCODE is not set
# CONFIG_X86_MSR is not set
# CONFIG_X86_CPUID is not set
CONFIG_X86_IO_APIC=y
CONFIG_X86_LOCAL_APIC=y
CONFIG_MTRR=y
CONFIG_SMP=y
# CONFIG_SCHED_SMT is not set
# CONFIG_SCHED_MC is not set
# CONFIG_PREEMPT_NONE is not set
# CONFIG_PREEMPT_VOLUNTARY is not set
CONFIG_PREEMPT=y
CONFIG_PREEMPT_BKL=y
# CONFIG_NUMA is not set
CONFIG_ARCH_SPARSEMEM_ENABLE=y
CONFIG_ARCH_FLATMEM_ENABLE=y
CONFIG_SELECT_MEMORY_MODEL=y
CONFIG_FLATMEM_MANUAL=y
# CONFIG_DISCONTIGMEM_MANUAL is not set
# CONFIG_SPARSEMEM_MANUAL is not set
CONFIG_FLATMEM=y
CONFIG_FLAT_NODE_MEM_MAP=y
# CONFIG_SPARSEMEM_STATIC is not set
CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y
CONFIG_SPLIT_PTLOCK_CPUS=4
CONFIG_RESOURCES_64BIT=y
CONFIG_ZONE_DMA_FLAG=1
CONFIG_BOUNCE=y
CONFIG_VIRT_TO_BUS=y
CONFIG_NR_CPUS=2
CONFIG_PHYSICAL_ALIGN=0x200000
# CONFIG_HOTPLUG_CPU is not set
CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y
CONFIG_HPET_TIMER=y
CONFIG_IOMMU=y
# CONFIG_CALGARY_IOMMU is not set
CONFIG_SWIOTLB=y
# CONFIG_X86_MCE is not set
# CONFIG_KEXEC is not set
# CONFIG_CRASH_DUMP is not set
# CONFIG_RELOCATABLE is not set
CONFIG_PHYSICAL_START=0x200000
# CONFIG_SECCOMP is not set
# CONFIG_CC_STACKPROTECTOR is not set
# CONFIG_HZ_100 is not set
# CONFIG_HZ_250 is not set
# CONFIG_HZ_300 is not set
CONFIG_HZ_1000=y
CONFIG_HZ=1000
CONFIG_K8_NB=y
CONFIG_GENERIC_HARDIRQS=y
CONFIG_GENERIC_IRQ_PROBE=y
CONFIG_ISA_DMA_API=y
CONFIG_GENERIC_PENDING_IRQ=y

#
# Power management options
#
# CONFIG_PM is not set
CONFIG_SUSPEND_SMP_POSSIBLE=y
CONFIG_HIBERNATION_SMP_POSSIBLE=y

#
# CPU Frequency scaling
#
# CONFIG_CPU_FREQ is not set

#
# CPU idle PM support
#
# CONFIG_CPU_IDLE is not set

#
# Bus options (PCI etc.)
#
CONFIG_PCI=y
CONFIG_PCI_DIRECT=y
# CONFIG_PCI_DOMAINS is not set
# CONFIG_PCIEPORTBUS is not set
CONFIG_ARCH_SUPPORTS_MSI=y
# CONFIG_PCI_MSI is not set
# CONFIG_PCI_DEBUG is not set
# CONFIG_HT_IRQ is not set
# CONFIG_PCCARD is not set
# CONFIG_HOTPLUG_PCI is not set

#
# Executable file formats / Emulations
#
CONFIG_BINFMT_ELF=y
# CONFIG_BINFMT_MISC is not set
CONFIG_IA32_EMULATION=y
# CONFIG_IA32_AOUT is not set
CONFIG_COMPAT=y
CONFIG_COMPAT_FOR_U64_ALIGNMENT=y
CONFIG_SYSVIPC_COMPAT=y

#
# Networking
#
CONFIG_NET=y

#
# Networking options
#
CONFIG_PACKET=y
CONFIG_PACKET_MMAP=y
CONFIG_UNIX=y
# CONFIG_NET_KEY is not set
CONFIG_INET=y
# CONFIG_IP_MULTICAST is not set
# CONFIG_IP_ADVANCED_ROUTER is not set
CONFIG_IP_FIB_HASH=y
# CONFIG_IP_PNP is not set
# CONFIG_NET_IPIP is not set
# CONFIG_NET_IPGRE is not set
# CONFIG_ARPD is not set
# CONFIG_SYN_COOKIES is not set
# CONFIG_INET_AH is not set
# CONFIG_INET_ESP is not set
# CONFIG_INET_IPCOMP is not set
# CONFIG_INET_XFRM_TUNNEL is not set
# CONFIG_INET_TUNNEL is not set
# CONFIG_INET_XFRM_MODE_TRANSPORT is not set
# CONFIG_INET_XFRM_MODE_TUNNEL is not set
# CONFIG_INET_XFRM_MODE_BEET is not set
# CONFIG_INET_LRO is not set
# CONFIG_INET_DIAG is not set
# CONFIG_TCP_CONG_ADVANCED is not set
CONFIG_TCP_CONG_CUBIC=y
CONFIG_DEFAULT_TCP_CONG="cubic"
# CONFIG_TCP_MD5SIG is not set
# CONFIG_IPV6 is not set
# CONFIG_INET6_XFRM_TUNNEL is not set
# CONFIG_INET6_TUNNEL is not set
# CONFIG_NETWORK_SECMARK is not set
# CONFIG_NETFILTER is not set
# CONFIG_IP_DCCP is not set
# CONFIG_IP_SCTP is not set
# CONFIG_TIPC is not set
# CONFIG_ATM is not set
# CONFIG_BRIDGE is not set
# CONFIG_VLAN_8021Q is not set
# CONFIG_DECNET is not set
# CONFIG_LLC2 is not set
# CONFIG_IPX is not set
# CONFIG_ATALK is not set
# CONFIG_X25 is not set
# CONFIG_LAPB is not set
# CONFIG_ECONET is not set
# CONFIG_WAN_ROUTER is not set

#
# QoS and/or fair queueing
#
# CONFIG_NET_SCHED is not set

#
# Network testing
#
# CONFIG_NET_PKTGEN is not set
# CONFIG_HAMRADIO is not set
# CONFIG_IRDA is not set
# CONFIG_BT is not set
# CONFIG_AF_RXRPC is not set

#
# Wireless
#
# CONFIG_CFG80211 is not set
# CONFIG_WIRELESS_EXT is not set
# CONFIG_MAC80211 is not set
# CONFIG_IEEE80211 is not set
# CONFIG_RFKILL is not set
# CONFIG_NET_9P is not set

#
# Device Drivers
#

#
# Generic Driver Options
#
CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug"
CONFIG_STANDALONE=y
CONFIG_PREVENT_FIRMWARE_BUILD=y
CONFIG_FW_LOADER=m
# CONFIG_DEBUG_DRIVER is not set
# CONFIG_DEBUG_DEVRES is not set
# CONFIG_SYS_HYPERVISOR is not set
# CONFIG_CONNECTOR is not set
# CONFIG_MTD is not set
# CONFIG_PARPORT is not set
CONFIG_BLK_DEV=y
# CONFIG_BLK_DEV_FD is not set
# CONFIG_BLK_CPQ_DA is not set
# CONFIG_BLK_CPQ_CISS_DA is not set
# CONFIG_BLK_DEV_DAC960 is not set
# CONFIG_BLK_DEV_UMEM is not set
# CONFIG_BLK_DEV_COW_COMMON is not set
CONFIG_BLK_DEV_LOOP=y
# CONFIG_BLK_DEV_CRYPTOLOOP is not set
# CONFIG_BLK_DEV_NBD is not set
# CONFIG_BLK_DEV_SX8 is not set
# CONFIG_BLK_DEV_RAM is not set
# CONFIG_CDROM_PKTCDVD is not set
# CONFIG_ATA_OVER_ETH is not set
# CONFIG_MISC_DEVICES is not set
# CONFIG_IDE is not set

#
# SCSI device support
#
# CONFIG_RAID_ATTRS is not set
CONFIG_SCSI=y
CONFIG_SCSI_DMA=y
# CONFIG_SCSI_TGT is not set
CONFIG_SCSI_NETLINK=y
# CONFIG_SCSI_PROC_FS is not set

#
# SCSI support type (disk, tape, CD-ROM)
#
CONFIG_BLK_DEV_SD=y
# CONFIG_CHR_DEV_ST is not set
# CONFIG_CHR_DEV_OSST is not set
# CONFIG_BLK_DEV_SR is not set
# CONFIG_CHR_DEV_SG is not set
# CONFIG_CHR_DEV_SCH is not set

#
# Some SCSI devices (e.g. CD jukebox) support multiple LUNs
#
# CONFIG_SCSI_MULTI_LUN is not set
# CONFIG_SCSI_CONSTANTS is not set
# CONFIG_SCSI_LOGGING is not set
# CONFIG_SCSI_SCAN_ASYNC is not set
CONFIG_SCSI_WAIT_SCAN=m

#
# SCSI Transports
#
CONFIG_SCSI_SPI_ATTRS=y
CONFIG_SCSI_FC_ATTRS=m
CONFIG_SCSI_ISCSI_ATTRS=m
CONFIG_SCSI_SAS_ATTRS=m
CONFIG_SCSI_SAS_LIBSAS=m
# CONFIG_SCSI_SAS_ATA is not set
# CONFIG_SCSI_SAS_LIBSAS_DEBUG is not set
# CONFIG_SCSI_SRP_ATTRS is not set
CONFIG_SCSI_LOWLEVEL=y
# CONFIG_ISCSI_TCP is not set
# CONFIG_BLK_DEV_3W_XXXX_RAID is not set
# CONFIG_SCSI_3W_9XXX is not set
# CONFIG_SCSI_ACARD is not set
# CONFIG_SCSI_AACRAID is not set
# CONFIG_SCSI_AIC7XXX is not set
# CONFIG_SCSI_AIC7XXX_OLD is not set
CONFIG_SCSI_AIC79XX=y
CONFIG_AIC79XX_CMDS_PER_DEVICE=32
CONFIG_AIC79XX_RESET_DELAY_MS=5000
# CONFIG_AIC79XX_DEBUG_ENABLE is not set
CONFIG_AIC79XX_DEBUG_MASK=0
# CONFIG_AIC79XX_REG_PRETTY_PRINT is not set
# CONFIG_SCSI_AIC94XX is not set
# CONFIG_SCSI_ARCMSR is not set
# CONFIG_MEGARAID_NEWGEN is not set
# CONFIG_MEGARAID_LEGACY is not set
# CONFIG_MEGARAID_SAS is not set
# CONFIG_SCSI_HPTIOP is not set
# CONFIG_SCSI_BUSLOGIC is not set
# CONFIG_SCSI_DMX3191D is not set
# CONFIG_SCSI_EATA is not set
# CONFIG_SCSI_FUTURE_DOMAIN is not set
# CONFIG_SCSI_GDTH is not set
# CONFIG_SCSI_IPS is not set
# CONFIG_SCSI_INITIO is not set
# CONFIG_SCSI_INIA100 is not set
# CONFIG_SCSI_STEX is not set
# CONFIG_SCSI_SYM53C8XX_2 is not set
# CONFIG_SCSI_IPR is not set
# CONFIG_SCSI_QLOGIC_1280 is not set
# CONFIG_SCSI_QLA_FC is not set
# CONFIG_SCSI_QLA_ISCSI is not set
# CONFIG_SCSI_LPFC is not set
# CONFIG_SCSI_DC395x is not set
# CONFIG_SCSI_DC390T is not set
# CONFIG_SCSI_DEBUG is not set
# CONFIG_SCSI_SRP is not set
CONFIG_ATA=y
# CONFIG_ATA_NONSTANDARD is not set
# CONFIG_SATA_AHCI is not set
# CONFIG_SATA_SVW is not set
# CONFIG_ATA_PIIX is not set
# CONFIG_SATA_MV is not set
# CONFIG_SATA_NV is not set
# CONFIG_PDC_ADMA is not set
# CONFIG_SATA_QSTOR is not set
# CONFIG_SATA_PROMISE is not set
# CONFIG_SATA_SX4 is not set
CONFIG_SATA_SIL=y
# CONFIG_SATA_SIL24 is not set
# CONFIG_SATA_SIS is not set
# CONFIG_SATA_ULI is not set
# CONFIG_SATA_VIA is not set
# CONFIG_SATA_VITESSE is not set
# CONFIG_SATA_INIC162X is not set
# CONFIG_PATA_ALI is not set
# CONFIG_PATA_AMD is not set
# CONFIG_PATA_ARTOP is not set
# CONFIG_PATA_ATIIXP is not set
# CONFIG_PATA_CMD640_PCI is not set
# CONFIG_PATA_CMD64X is not set
# CONFIG_PATA_CS5520 is not set
# CONFIG_PATA_CS5530 is not set
# CONFIG_PATA_CYPRESS is not set
# CONFIG_PATA_EFAR is not set
# CONFIG_ATA_GENERIC is not set
# CONFIG_PATA_HPT366 is not set
# CONFIG_PATA_HPT37X is not set
# CONFIG_PATA_HPT3X2N is not set
# CONFIG_PATA_HPT3X3 is not set
# CONFIG_PATA_IT821X is not set
# CONFIG_PATA_IT8213 is not set
# CONFIG_PATA_JMICRON is not set
# CONFIG_PATA_TRIFLEX is not set
# CONFIG_PATA_MARVELL is not set
# CONFIG_PATA_MPIIX is not set
# CONFIG_PATA_OLDPIIX is not set
# CONFIG_PATA_NETCELL is not set
# CONFIG_PATA_NS87410 is not set
# CONFIG_PATA_OPTI is not set
# CONFIG_PATA_OPTIDMA is not set
# CONFIG_PATA_PDC_OLD is not set
# CONFIG_PATA_RADISYS is not set
# CONFIG_PATA_RZ1000 is not set
# CONFIG_PATA_SC1200 is not set
# CONFIG_PATA_SERVERWORKS is not set
# CONFIG_PATA_PDC2027X is not set
# CONFIG_PATA_SIL680 is not set
# CONFIG_PATA_SIS is not set
# CONFIG_PATA_VIA is not set
# CONFIG_PATA_WINBOND is not set
# CONFIG_PATA_PLATFORM is not set
# CONFIG_MD is not set
# CONFIG_FUSION is not set

#
# IEEE 1394 (FireWire) support
#
# CONFIG_FIREWIRE is not set
# CONFIG_IEEE1394 is not set
# CONFIG_I2O is not set
# CONFIG_MACINTOSH_DRIVERS is not set
CONFIG_NETDEVICES=y
# CONFIG_NETDEVICES_MULTIQUEUE is not set
# CONFIG_DUMMY is not set
# CONFIG_BONDING is not set
# CONFIG_MACVLAN is not set
# CONFIG_EQUALIZER is not set
# CONFIG_TUN is not set
# CONFIG_VETH is not set
# CONFIG_IP1000 is not set
# CONFIG_ARCNET is not set
# CONFIG_NET_ETHERNET is not set
CONFIG_NETDEV_1000=y
# CONFIG_ACENIC is not set
# CONFIG_DL2K is not set
# CONFIG_E1000 is not set
# CONFIG_E1000E is not set
# CONFIG_NS83820 is not set
# CONFIG_HAMACHI is not set
# CONFIG_YELLOWFIN is not set
# CONFIG_R8169 is not set
# CONFIG_SIS190 is not set
# CONFIG_SKGE is not set
# CONFIG_SKY2 is not set
# CONFIG_SK98LIN is not set
# CONFIG_VIA_VELOCITY is not set
CONFIG_TIGON3=y
# CONFIG_BNX2 is not set
# CONFIG_QLA3XXX is not set
# CONFIG_ATL1 is not set
# CONFIG_NETDEV_10000 is not set
# CONFIG_TR is not set

#
# Wireless LAN
#
# CONFIG_WLAN_PRE80211 is not set
# CONFIG_WLAN_80211 is not set
# CONFIG_WAN is not set
# CONFIG_FDDI is not set
# CONFIG_HIPPI is not set
# CONFIG_PPP is not set
# CONFIG_SLIP is not set
# CONFIG_NET_FC is not set
# CONFIG_SHAPER is not set
CONFIG_NETCONSOLE=y
# CONFIG_NETCONSOLE_DYNAMIC is not set
CONFIG_NETPOLL=y
# CONFIG_NETPOLL_TRAP is not set
CONFIG_NET_POLL_CONTROLLER=y
# CONFIG_ISDN is not set
# CONFIG_PHONE is not set

#
# Input device support
#
CONFIG_INPUT=y
# CONFIG_INPUT_FF_MEMLESS is not set
# CONFIG_INPUT_POLLDEV is not set

#
# Userland interfaces
#
# CONFIG_INPUT_MOUSEDEV is not set
# CONFIG_INPUT_JOYDEV is not set
# CONFIG_INPUT_TSDEV is not set
CONFIG_INPUT_EVDEV=y
# CONFIG_INPUT_EVBUG is not set

#
# Input Device Drivers
#
CONFIG_INPUT_KEYBOARD=y
CONFIG_KEYBOARD_ATKBD=y
# CONFIG_KEYBOARD_SUNKBD is not set
# CONFIG_KEYBOARD_LKKBD is not set
# CONFIG_KEYBOARD_XTKBD is not set
# CONFIG_KEYBOARD_NEWTON is not set
# CONFIG_KEYBOARD_STOWAWAY is not set
# CONFIG_INPUT_MOUSE is not set
# CONFIG_INPUT_JOYSTICK is not set
# CONFIG_INPUT_TABLET is not set
# CONFIG_INPUT_TOUCHSCREEN is not set
# CONFIG_INPUT_MISC is not set

#
# Hardware I/O ports
#
CONFIG_SERIO=y
CONFIG_SERIO_I8042=y
CONFIG_SERIO_SERPORT=m
# CONFIG_SERIO_CT82C710 is not set
# CONFIG_SERIO_PCIPS2 is not set
CONFIG_SERIO_LIBPS2=y
# CONFIG_SERIO_RAW is not set
# CONFIG_GAMEPORT is not set

#
# Character devices
#
CONFIG_VT=y
CONFIG_VT_UNICODE=y
CONFIG_VT_CONSOLE=y
CONFIG_HW_CONSOLE=y
# CONFIG_VT_HW_CONSOLE_BINDING is not set
# CONFIG_SERIAL_NONSTANDARD is not set
# CONFIG_NOZOMI is not set

#
# Serial drivers
#
CONFIG_SERIAL_8250=y
CONFIG_SERIAL_8250_CONSOLE=y
CONFIG_FIX_EARLYCON_MEM=y
CONFIG_SERIAL_8250_PCI=y
CONFIG_SERIAL_8250_NR_UARTS=4
CONFIG_SERIAL_8250_RUNTIME_UARTS=4
CONFIG_SERIAL_8250_EXTENDED=y
CONFIG_SERIAL_8250_MANY_PORTS=y
CONFIG_SERIAL_8250_SHARE_IRQ=y
# CONFIG_SERIAL_8250_DETECT_IRQ is not set
CONFIG_SERIAL_8250_RSA=y

#
# Non-8250 serial port support
#
CONFIG_SERIAL_CORE=y
CONFIG_SERIAL_CORE_CONSOLE=y
# CONFIG_SERIAL_JSM is not set
CONFIG_UNIX98_PTYS=y
# CONFIG_LEGACY_PTYS is not set
# CONFIG_IPMI_HANDLER is not set
# CONFIG_HW_RANDOM is not set
CONFIG_NVRAM=m
CONFIG_RTC=m
CONFIG_GEN_RTC=m
CONFIG_GEN_RTC_X=y
# CONFIG_R3964 is not set
# CONFIG_APPLICOM is not set
CONFIG_AGP=y
CONFIG_AGP_AMD64=y
# CONFIG_AGP_INTEL is not set
# CONFIG_AGP_SIS is not set
# CONFIG_AGP_VIA is not set
# CONFIG_DRM is not set
# CONFIG_MWAVE is not set
# CONFIG_PC8736x_GPIO is not set
# CONFIG_RAW_DRIVER is not set
# CONFIG_HANGCHECK_TIMER is not set
# CONFIG_TCG_TPM is not set
# CONFIG_TELCLOCK is not set
CONFIG_DEVPORT=y
# CONFIG_I2C is not set

#
# SPI support
#
# CONFIG_SPI is not set
# CONFIG_SPI_MASTER is not set
# CONFIG_W1 is not set
# CONFIG_POWER_SUPPLY is not set
# CONFIG_HWMON is not set
# CONFIG_WATCHDOG is not set

#
# Sonics Silicon Backplane
#
CONFIG_SSB_POSSIBLE=y
# CONFIG_SSB is not set

#
# Multifunction device drivers
#
# CONFIG_MFD_SM501 is not set

#
# Multimedia devices
#
# CONFIG_VIDEO_DEV is not set
# CONFIG_DVB_CORE is not set
# CONFIG_DAB is not set

#
# Graphics support
#
# CONFIG_BACKLIGHT_LCD_SUPPORT is not set

#
# Display device support
#
# CONFIG_DISPLAY_SUPPORT is not set
# CONFIG_VGASTATE is not set
# CONFIG_VIDEO_OUTPUT_CONTROL is not set
# CONFIG_FB is not set

#
# Console display driver support
#
CONFIG_VGA_CONSOLE=y
# CONFIG_VGACON_SOFT_SCROLLBACK is not set
# CONFIG_VIDEO_SELECT is not set
CONFIG_DUMMY_CONSOLE=y

#
# Sound
#
# CONFIG_SOUND is not set
CONFIG_HID_SUPPORT=y
# CONFIG_HID is not set
CONFIG_USB_SUPPORT=y
CONFIG_USB_ARCH_HAS_HCD=y
CONFIG_USB_ARCH_HAS_OHCI=y
CONFIG_USB_ARCH_HAS_EHCI=y
# CONFIG_USB is not set

#
# NOTE: USB_STORAGE enables SCSI, and 'SCSI disk support'
#

#
# USB Gadget Support
#
# CONFIG_USB_GADGET is not set
# CONFIG_MMC is not set
# CONFIG_NEW_LEDS is not set
# CONFIG_INFINIBAND is not set
# CONFIG_EDAC is not set
# CONFIG_RTC_CLASS is not set
# CONFIG_DMADEVICES is not set
# CONFIG_VIRTUALIZATION is not set

#
# Userspace I/O
#
# CONFIG_UIO is not set

#
# Firmware Drivers
#
# CONFIG_EDD is not set
# CONFIG_DELL_RBU is not set
# CONFIG_DCDBAS is not set
# CONFIG_DMIID is not set

#
# File systems
#
CONFIG_EXT2_FS=m
# CONFIG_EXT2_FS_XATTR is not set
# CONFIG_EXT2_FS_XIP is not set
CONFIG_EXT3_FS=y
# CONFIG_EXT3_FS_XATTR is not set
# CONFIG_EXT4DEV_FS is not set
CONFIG_JBD=y
# CONFIG_JBD_DEBUG is not set
# CONFIG_REISER4_FS is not set
# CONFIG_REISERFS_FS is not set
# CONFIG_JFS_FS is not set
# CONFIG_FS_POSIX_ACL is not set
# CONFIG_XFS_FS is not set
# CONFIG_GFS2_FS is not set
# CONFIG_OCFS2_FS is not set
# CONFIG_MINIX_FS is not set
# CONFIG_ROMFS_FS is not set
# CONFIG_INOTIFY is not set
# CONFIG_QUOTA is not set
# CONFIG_DNOTIFY is not set
# CONFIG_AUTOFS_FS is not set
# CONFIG_AUTOFS4_FS is not set
# CONFIG_FUSE_FS is not set

#
# CD-ROM/DVD Filesystems
#
CONFIG_ISO9660_FS=m
CONFIG_JOLIET=y
CONFIG_ZISOFS=y
# CONFIG_UDF_FS is not set

#
# DOS/FAT/NT Filesystems
#
# CONFIG_MSDOS_FS is not set
# CONFIG_VFAT_FS is not set
# CONFIG_NTFS_FS is not set

#
# Pseudo filesystems
#
CONFIG_PROC_FS=y
# CONFIG_PROC_KCORE is not set
CONFIG_PROC_SYSCTL=y
CONFIG_SYSFS=y
CONFIG_TMPFS=y
# CONFIG_TMPFS_POSIX_ACL is not set
# CONFIG_HUGETLBFS is not set
# CONFIG_HUGETLB_PAGE is not set
# CONFIG_CONFIGFS_FS is not set

#
# Layered filesystems
#
# CONFIG_UNION_FS is not set

#
# Miscellaneous filesystems
#
# CONFIG_ADFS_FS is not set
# CONFIG_AFFS_FS is not set
# CONFIG_HFS_FS is not set
# CONFIG_HFSPLUS_FS is not set
# CONFIG_BEFS_FS is not set
# CONFIG_BFS_FS is not set
# CONFIG_EFS_FS is not set
# CONFIG_CRAMFS is not set
# CONFIG_VXFS_FS is not set
# CONFIG_HPFS_FS is not set
# CONFIG_QNX4FS_FS is not set
# CONFIG_SYSV_FS is not set
# CONFIG_UFS_FS is not set

#
# Network File Systems
#
# CONFIG_NFS_FS is not set
# CONFIG_NFSD is not set
# CONFIG_SMB_FS is not set
# CONFIG_CIFS is not set
# CONFIG_NCP_FS is not set
# CONFIG_CODA_FS is not set
# CONFIG_AFS_FS is not set

#
# Partition Types
#
# CONFIG_PARTITION_ADVANCED is not set
CONFIG_MSDOS_PARTITION=y

#
# Native Language Support
#
CONFIG_NLS=m
CONFIG_NLS_DEFAULT="iso8859-1"
CONFIG_NLS_CODEPAGE_437=m
# CONFIG_NLS_CODEPAGE_737 is not set
# CONFIG_NLS_CODEPAGE_775 is not set
# CONFIG_NLS_CODEPAGE_850 is not set
# CONFIG_NLS_CODEPAGE_852 is not set
# CONFIG_NLS_CODEPAGE_855 is not set
# CONFIG_NLS_CODEPAGE_857 is not set
# CONFIG_NLS_CODEPAGE_860 is not set
# CONFIG_NLS_CODEPAGE_861 is not set
# CONFIG_NLS_CODEPAGE_862 is not set
# CONFIG_NLS_CODEPAGE_863 is not set
# CONFIG_NLS_CODEPAGE_864 is not set
# CONFIG_NLS_CODEPAGE_865 is not set
# CONFIG_NLS_CODEPAGE_866 is not set
# CONFIG_NLS_CODEPAGE_869 is not set
# CONFIG_NLS_CODEPAGE_936 is not set
# CONFIG_NLS_CODEPAGE_950 is not set
# CONFIG_NLS_CODEPAGE_932 is not set
# CONFIG_NLS_CODEPAGE_949 is not set
# CONFIG_NLS_CODEPAGE_874 is not set
# CONFIG_NLS_ISO8859_8 is not set
# CONFIG_NLS_CODEPAGE_1250 is not set
# CONFIG_NLS_CODEPAGE_1251 is not set
# CONFIG_NLS_ASCII is not set
CONFIG_NLS_ISO8859_1=m
# CONFIG_NLS_ISO8859_2 is not set
# CONFIG_NLS_ISO8859_3 is not set
# CONFIG_NLS_ISO8859_4 is not set
# CONFIG_NLS_ISO8859_5 is not set
# CONFIG_NLS_ISO8859_6 is not set
# CONFIG_NLS_ISO8859_7 is not set
# CONFIG_NLS_ISO8859_9 is not set
# CONFIG_NLS_ISO8859_13 is not set
# CONFIG_NLS_ISO8859_14 is not set
# CONFIG_NLS_ISO8859_15 is not set
# CONFIG_NLS_KOI8_R is not set
# CONFIG_NLS_KOI8_U is not set
CONFIG_NLS_UTF8=m

#
# Distributed Lock Manager
#
# CONFIG_DLM is not set

#
# Instrumentation Support
#
# CONFIG_PROFILING is not set
# CONFIG_KPROBES is not set

#
# Kernel hacking
#
CONFIG_TRACE_IRQFLAGS_SUPPORT=y
# CONFIG_PRINTK_TIME is not set
# CONFIG_ENABLE_MUST_CHECK is not set
CONFIG_MAGIC_SYSRQ=y
# CONFIG_UNUSED_SYMBOLS is not set
# CONFIG_PAGE_OWNER is not set
# CONFIG_DEBUG_FS is not set
# CONFIG_HEADERS_CHECK is not set
CONFIG_DEBUG_KERNEL=y
# CONFIG_DEBUG_SHIRQ is not set
# CONFIG_DETECT_SOFTLOCKUP is not set
# CONFIG_SCHED_DEBUG is not set
# CONFIG_SCHEDSTATS is not set
# CONFIG_TIMER_STATS is not set
CONFIG_SLUB_DEBUG_ON=y
CONFIG_DEBUG_PREEMPT=y
CONFIG_DEBUG_RT_MUTEXES=y
CONFIG_DEBUG_PI_LIST=y
# CONFIG_RT_MUTEX_TESTER is not set
CONFIG_DEBUG_SPINLOCK=y
CONFIG_DEBUG_MUTEXES=y
CONFIG_DEBUG_LOCK_ALLOC=y
CONFIG_PROVE_LOCKING=y
CONFIG_LOCKDEP=y
# CONFIG_LOCK_STAT is not set
# CONFIG_DEBUG_LOCKDEP is not set
CONFIG_TRACE_IRQFLAGS=y
CONFIG_DEBUG_SPINLOCK_SLEEP=y
# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set
CONFIG_STACKTRACE=y
# CONFIG_DEBUG_KOBJECT is not set
CONFIG_DEBUG_BUGVERBOSE=y
# CONFIG_DEBUG_INFO is not set
CONFIG_DEBUG_VM=y
CONFIG_DEBUG_LIST=y
# CONFIG_FRAME_POINTER is not set
# CONFIG_UNWIND_INFO is not set
# CONFIG_PROFILE_LIKELY is not set
# CONFIG_FORCED_INLINING is not set
# CONFIG_BOOT_PRINTK_DELAY is not set
# CONFIG_DEBUG_SYNCHRO_TEST is not set
# CONFIG_RCU_TORTURE_TEST is not set
# CONFIG_FAULT_INJECTION is not set
# CONFIG_WANT_EXTRA_DEBUG_INFORMATION is not set
# CONFIG_KGDB is not set
# CONFIG_KGDB_ATTACH_WAIT is not set
CONFIG_DEBUG_RODATA=y
# CONFIG_IOMMU_DEBUG is not set
# CONFIG_DEBUG_STACKOVERFLOW is not set
# CONFIG_DEBUG_STACK_USAGE is not set

#
# Security options
#
# CONFIG_KEYS is not set
# CONFIG_SECURITY is not set
# CONFIG_SECURITY_FILE_CAPABILITIES is not set
# CONFIG_CRYPTO is not set

#
# Library routines
#
# CONFIG_CRC_CCITT is not set
# CONFIG_CRC16 is not set
# CONFIG_CRC_ITU_T is not set
# CONFIG_CRC32 is not set
# CONFIG_CRC7 is not set
# CONFIG_LIBCRC32C is not set
CONFIG_ZLIB_INFLATE=m
CONFIG_PLIST=y
CONFIG_HAS_IOMEM=y
CONFIG_HAS_IOPORT=y
CONFIG_HAS_DMA=y

2007-09-19 12:59:40

by Alexey Dobriyan

Subject: Re: 2.6.23-rc6-mm1: BUG kmalloc-16: Object padding overwritten (sysfs?)

On Wed, Sep 19, 2007 at 04:39:07PM +0400, Alexey Dobriyan wrote:
> Occured right after "sudo reboot" invocation (I think)
> with some crash proggies running (which -mm survives)
>
> BUG kmalloc-16: Object padding overwritten
> -----------------------------------------------------------------------------
>
> INFO: 0xffff8101000d7998-0xffff8101000d7998. First byte 0x63 instead of 0x5a
> INFO: Allocated in sysfs_new_dirent+0x100/0x120 age=16985537 cpu=1 pid=3426
> INFO: Freed in kobject_uevent_env+0x123/0x430 age=16985537 cpu=1 pid=3426
> INFO: Slab 0xffff810004802f08 used=21 fp=0xffff8101000d78f0 flags=0x80000000000000c3
> INFO: Object 0xffff8101000d7948 @offset=2376 fp=0xffff8101000d79a0
>
> Bytes b4 0xffff8101000d7938: ef 23 ff 00 01 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ?#?.....ZZZZZZZZ
> Object 0xffff8101000d7948: 73 75 62 73 79 73 74 65 6d 00 6b 6b 6b 6b 6b a5 subsystem.kkkkk?
> Redzone 0xffff8101000d7958: cc cc cc cc cc cc cc cc ????????
> Padding 0xffff8101000d7998: 63 5a 5a 5a 5a 5a 5a 5a cZZZZZZZ

Steps to reproduce:

find /sys/slab | xargs cat

now it's

=============================================================================
BUG bio: Padding overwritten. 0x000000000000003a-0x00000000fffffffe
-----------------------------------------------------------------------------

INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002

Call Trace:
[<ffffffff80282169>] slab_err+0x99/0xc0
[<ffffffff8025070f>] mark_held_locks+0x3f/0x80
[<ffffffff80266565>] get_page_from_freelist+0x325/0x540
[<ffffffff8025172c>] __lock_acquire+0x8ac/0x10f0
[<ffffffff80219d9e>] flat_send_IPI_allbutself+0x4e/0x80
[<ffffffff80216fec>] __smp_call_function_mask+0x9c/0xf0
[<ffffffff802822d3>] slab_pad_check+0xe3/0x120
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80282f8e>] __free_slab+0x9e/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
5a5a
<4>
<3>Bytes b4 0xffff810102148230: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148240: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148250: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148260: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148270: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148280: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148290: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021482a0: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff8101021482a8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff8101021482e8: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
----------------------------------------------------------------------------
<4>
<3>INFO: 0xffff810102148d28-0xffff810102148d2f. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148cc0 @offset=3264 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff810102148cb0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148cc0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148cd0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148ce0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148cf0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148d00: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148d10: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148d20: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff810102148d28: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff810102148d68: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff810102148d78: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff810102148d28-0xffff810102148d2f=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810102148de8-0xffff810102148def. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148d80 @offset=3456 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff810102148d70: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148d80: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148d90: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148da0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148db0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148dc0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148dd0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148de0: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ ZZZZZ
Padding 0xffff8101021485e8: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff8101021485f8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff8101021485a8-0xffff8101021485af=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810102148668-0xffff81010214866f. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148600 @offset=1536 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff8101021485f0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148600: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148610: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148620: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148630: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148640: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148650: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148660: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff810102148668: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff8101021486a8: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff8101021486b8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff810102148668-0xffff81010214866f=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810102148728-0xffff81010214872f. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff8101021486c0 @offset=1728 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff8101021486b0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021486c0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021486d0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021486e0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021486f0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148700: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148710: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148720: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff810102148728: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff810102148768: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff810102148778: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff810102148728-0xffff81010214872f=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff8101021487e8-0xffff8101021487ef. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148780 @offset=1920 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff810102148770: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148780: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148790: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021487a0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021487b0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021487c0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021487d0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021487e0: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff8101021487e8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff810102148828: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff810102148838: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff8101021487e8-0xffff8101021487ef=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff8101021488a8-0xffff8101021488af. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148840 @offset=2112 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff810102148830: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148840: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148850: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148860: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148870: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148880: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148890: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021488a0: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff8101021488a8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff8101021488e8: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff8101021488f8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff8101021488a8-0xffff8101021488af=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810102148968-0xffff81010214896f. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148900 @offset=2304 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff8101021488f0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148900: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148910: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148920: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148930: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148940: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148950: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148960: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff810102148968: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff8101021489a8: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff8101021489b8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff810102148968-0xffff81010214896f=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810102148a28-0xffff810102148a2f. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff8101021489c0 @offset=2496 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff8101021489b0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021489c0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021489d0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021489e0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff8101021489f0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148a00: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148a10: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148a20: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff810102148a28: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff810102148a68: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff810102148a78: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff810102148a28-0xffff810102148a2f=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810102148ae8-0xffff810102148aef. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148a80 @offset=2688 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff810102148a70: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148a80: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148a90: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148aa0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148ab0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148ac0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148ad0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148ae0: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff810102148ae8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff810102148b28: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff810102148b38: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff810102148ae8-0xffff810102148aef=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810102148ba8-0xffff810102148baf. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148b40 @offset=2880 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff810102148b30: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148b40: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148b50: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148b60: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148b70: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148b80: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148b90: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148ba0: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff810102148ba8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff810102148be8: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff810102148bf8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff810102148ba8-0xffff810102148baf=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810102148c68-0xffff810102148c6f. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148c00 @offset=3072 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff810102148bf0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148c00: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148c10: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148c20: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148c30: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148c40: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148c50: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148c60: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff810102148c68: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff810102148ca8: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff810102148cb8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff810102148c68-0xffff810102148c6f=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810102148d28-0xffff810102148d2f. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148cc0 @offset=3264 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff810102148cb0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148cc0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148cd0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148ce0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148cf0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148d00: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148d10: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148d20: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff810102148d28: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff810102148d68: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff810102148d78: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff810102148d28-0xffff810102148d2f=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810102148de8-0xffff810102148def. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148d80 @offset=3456 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff810102148d70: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148d80: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148d90: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148da0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148db0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148dc0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148dd0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148de0: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff810102148de8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff810102148e28: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff810102148e38: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff810102148de8-0xffff810102148def=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810102148ea8-0xffff810102148eaf. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148e40 @offset=3648 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff810102148e30: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148e40: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148e50: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148e60: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148e70: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148e80: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148e90: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148ea0: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff810102148ea8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff810102148ee8: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff810102148ef8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff810102148ea8-0xffff810102148eaf=0xbb

=============================================================================
BUG bio: Redzone overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810102148f68-0xffff810102148f6f. First byte 0x5a instead of 0xbb
INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
INFO: Object 0xffff810102148f00 @offset=3840 fp=0x5a5a5a5a5a5a5a5a

Bytes b4 0xffff810102148ef0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148f00: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148f10: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148f20: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148f30: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148f40: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148f50: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Object 0xffff810102148f60: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Redzone 0xffff810102148f68: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Padding 0xffff810102148fa8: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
Padding 0xffff810102148fb8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282a66>] check_object+0x66/0x270
[<ffffffff80282fe5>] __free_slab+0xf5/0x140
[<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
[<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
[<ffffffff80284a52>] list_locations+0xb2/0x380
[<ffffffff80266818>] __alloc_pages+0x58/0x360
[<ffffffff80284d68>] alloc_calls_show+0x18/0x20
[<ffffffff802819b0>] slab_attr_show+0x20/0x30
[<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
[<ffffffff80288e0a>] vfs_read+0xaa/0xe0
[<ffffffff80289283>] sys_read+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX bio: Restoring 0xffff810102148f68-0xffff810102148f6f=0xbb

2007-09-19 19:41:24

by Andrew Morton

Subject: Re: 2.6.23-rc6-mm1: BUG kmalloc-16: Object padding overwritten (sysfs?)

On Wed, 19 Sep 2007 16:59:18 +0400 Alexey Dobriyan <[email protected]> wrote:

> On Wed, Sep 19, 2007 at 04:39:07PM +0400, Alexey Dobriyan wrote:
> > Occured right after "sudo reboot" invocation (I think)
> > with some crash proggies running (which -mm survives)
> >
> > BUG kmalloc-16: Object padding overwritten
> > -----------------------------------------------------------------------------
> >
> > INFO: 0xffff8101000d7998-0xffff8101000d7998. First byte 0x63 instead of 0x5a
> > INFO: Allocated in sysfs_new_dirent+0x100/0x120 age=16985537 cpu=1 pid=3426
> > INFO: Freed in kobject_uevent_env+0x123/0x430 age=16985537 cpu=1 pid=3426
> > INFO: Slab 0xffff810004802f08 used=21 fp=0xffff8101000d78f0 flags=0x80000000000000c3
> > INFO: Object 0xffff8101000d7948 @offset=2376 fp=0xffff8101000d79a0
> >
> > Bytes b4 0xffff8101000d7938: ef 23 ff 00 01 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ?#?.....ZZZZZZZZ
> > Object 0xffff8101000d7948: 73 75 62 73 79 73 74 65 6d 00 6b 6b 6b 6b 6b a5 subsystem.kkkkk?
> > Redzone 0xffff8101000d7958: cc cc cc cc cc cc cc cc ????????
> > Padding 0xffff8101000d7998: 63 5a 5a 5a 5a 5a 5a 5a cZZZZZZZ
>
> Steps to reproduce:
>
> find /sys/slab | xargs cat
>
> now it's
>
> =============================================================================
> BUG bio: Padding overwritten. 0x000000000000003a-0x00000000fffffffe
> -----------------------------------------------------------------------------
>
> INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
>
> Call Trace:
> [<ffffffff80282169>] slab_err+0x99/0xc0
> [<ffffffff8025070f>] mark_held_locks+0x3f/0x80
> [<ffffffff80266565>] get_page_from_freelist+0x325/0x540
> [<ffffffff8025172c>] __lock_acquire+0x8ac/0x10f0
> [<ffffffff80219d9e>] flat_send_IPI_allbutself+0x4e/0x80
> [<ffffffff80216fec>] __smp_call_function_mask+0x9c/0xf0
> [<ffffffff802822d3>] slab_pad_check+0xe3/0x120
> [<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
> [<ffffffff80282f8e>] __free_slab+0x9e/0x140
> [<ffffffff80284d70>] flush_cpu_slab+0x0/0xc0
> [<ffffffff80233d1b>] on_each_cpu+0x4b/0x90
> [<ffffffff80284a52>] list_locations+0xb2/0x380
> [<ffffffff80266818>] __alloc_pages+0x58/0x360
> [<ffffffff80284d68>] alloc_calls_show+0x18/0x20
> [<ffffffff802819b0>] slab_attr_show+0x20/0x30
> [<ffffffff802ccaee>] sysfs_read_file+0x9e/0x150
> 5a5a
> <4>
> <3>Bytes b4 0xffff810102148230: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
> Object 0xffff810102148240: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
> Object 0xffff810102148250: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
> Object 0xffff810102148260: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
> Object 0xffff810102148270: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
> Object 0xffff810102148280: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
> Object 0xffff810102148290: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
> Object 0xffff8101021482a0: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
> Redzone 0xffff8101021482a8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
> Padding 0xffff8101021482e8: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ
> ----------------------------------------------------------------------------
> <4>
> <3>INFO: 0xffff810102148d28-0xffff810102148d2f. First byte 0x5a instead of 0xbb
> INFO: Allocated in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
> INFO: Freed in 0x5a5a5a5a5a5a5a5a age=11936128522577653999 cpu=1515870810 pid=1515870810
> INFO: Slab 0xffff8100048747c0 used=4294967295 fp=0xffff8101021489c0 flags=0x8000000000000002
> INFO: Object 0xffff810102148cc0 @offset=3264 fp=0x5a5a5a5a5a5a5a5a


So do you beleive the bug lies in the /sys/slab implementation?

2007-09-19 20:59:41

by Christoph Lameter

Subject: Re: 2.6.23-rc6-mm1: BUG kmalloc-16: Object padding overwritten (sysfs?)

On Wed, 19 Sep 2007, Andrew Morton wrote:

> > find /sys/slab | xargs cat

Hmmm... This works fine here. Doing the cat may trigger slab validation
and show objects corruptions that were heretofore unnoticed.

Could you see if running

slabinfo -v

gives the same results?

> So do you beleive the bug lies in the /sys/slab implementation?

I would think that this is evidence of memory corruption occurring. The
issues were detected while SLUB attempted to flush per cpu queues.

2007-09-19 21:36:21

by Christoph Lameter

Subject: Re: 2.6.23-rc6-mm1: BUG kmalloc-16: Object padding overwritten (sysfs?)

On Wed, 19 Sep 2007, Christoph Lameter wrote:

> Hmmm... This works fine here. Doing the cat may trigger slab validation
> and show objects corruptions that were heretofore unnoticed.

Not exactly true since reading a file cannot trigger slab validation. The
catting of all files will touch the following:

clameter@schroedinger:/sys/slab/kmalloc-64$ ls -l
total 0
-r--r--r-- 1 root root 4096 Sep 19 14:28 aliases
-r--r--r-- 1 root root 4096 Sep 19 14:28 align
-r--r--r-- 1 root root 4096 Sep 19 14:28 alloc_calls
-r--r--r-- 1 root root 4096 Sep 19 14:28 cache_dma
-r--r--r-- 1 root root 4096 Sep 19 14:28 cpu_slabs
-r--r--r-- 1 root root 4096 Sep 19 14:28 ctor
-r--r--r-- 1 root root 4096 Sep 19 14:28 destroy_by_rcu
-r--r--r-- 1 root root 4096 Sep 19 14:28 free_calls
-r--r--r-- 1 root root 4096 Sep 19 14:28 hwcache_align
-r--r--r-- 1 root root 4096 Sep 19 14:28 object_size
-r--r--r-- 1 root root 4096 Sep 19 14:28 objects
-r--r--r-- 1 root root 4096 Sep 19 14:28 objs_per_slab
-r--r--r-- 1 root root 4096 Sep 19 14:28 order
-r--r--r-- 1 root root 4096 Sep 19 14:28 partial
-rw-r--r-- 1 root root 4096 Sep 19 14:28 poison
-rw-r--r-- 1 root root 4096 Sep 19 14:28 reclaim_account
-rw-r--r-- 1 root root 4096 Sep 19 14:28 red_zone
-rw-r--r-- 1 root root 4096 Sep 19 14:28 sanity_checks
-rw-r--r-- 1 root root 4096 Sep 19 14:28 shrink
-r--r--r-- 1 root root 4096 Sep 19 14:28 slab_size
-r--r--r-- 1 root root 4096 Sep 19 14:28 slabs
-rw-r--r-- 1 root root 4096 Sep 19 14:28 store_user
-rw-r--r-- 1 root root 4096 Sep 19 14:28 trace
-rw-r--r-- 1 root root 0 Sep 19 14:28 validate

catting

alloc_calls

and
free_calls

will perform a global scan over all objects to determine the callers.
Before we do that we have to flush the per cpu slabs. The trace shows that
one of the errors was detected in there and the other one probably later.

So I would think that this is an actual memory corruption issue on your
system and the /sys/slab stuff works fine. slabinfo -v will perform a more
details scan to help you located the problem.

2007-09-20 07:54:31

by Alexey Dobriyan

Subject: Re: 2.6.23-rc6-mm1: BUG kmalloc-16: Object padding overwritten (sysfs?)

On Wed, Sep 19, 2007 at 02:36:04PM -0700, Christoph Lameter wrote:
> catting
>
> alloc_calls
>
> and
> free_calls
>
> will perform a global scan over all objects to determine the callers.
> Before we do that we have to flush the per cpu slabs. The trace shows that
> one of the errors was detected in there and the other one probably later.
>
> So I would think that this is an actual memory corruption issue on your
> system and the /sys/slab stuff works fine. slabinfo -v will perform a more
> details scan to help you located the problem.

OK, I do clean boot, ssh to box, then sudo slabinfo -v.


=============================================================================
BUG kmalloc-16: Object padding overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810100fd8998-0xffff810100fd8999. First byte 0xa7 instead of 0x5a
INFO: Allocated in sysfs_new_dirent+0x100/0x120 age=11055 cpu=0 pid=3474
INFO: Freed in kobject_uevent_env+0x123/0x430 age=11055 cpu=0 pid=3474
INFO: Slab 0xffff810004837740 used=28 fp=0xffff810100fd89a0 flags=0x8000000000000083
INFO: Object 0xffff810100fd8948 @offset=2376 fp=0xffff810100fd89a0

Bytes b4 0xffff810100fd8938: f1 f9 fb ff 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ????....ZZZZZZZZ
Object 0xffff810100fd8948: 73 75 62 73 79 73 74 65 6d 00 6b 6b 6b 6b 6b a5 subsystem.kkkkk?
Redzone 0xffff810100fd8958: cc cc cc cc cc cc cc cc ????????
Padding 0xffff810100fd8998: a7 5e 5a 5a 5a 5a 5a 5a ?^ZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282c34>] check_object+0x234/0x270
[<ffffffff80282e51>] validate_slab_slab+0x1e1/0x280
[<ffffffff8028591e>] validate_store+0xde/0x1c0
[<ffffffff802819e7>] slab_attr_store+0x27/0x30
[<ffffffff802cc9da>] sysfs_write_file+0xca/0x140
[<ffffffff80288d2d>] vfs_write+0xad/0xe0
[<ffffffff80289313>] sys_write+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX kmalloc-16: Restoring 0xffff810100fd8998-0xffff810100fd8999=0x5a

=============================================================================
BUG kmalloc-16: Object padding overwritten
-----------------------------------------------------------------------------

INFO: 0xffff810101b45310-0xffff810101b45311. First byte 0xd3 instead of 0x5a
INFO: Allocated in kobject_get_path+0x57/0xc0 age=18405 cpu=1 pid=2006
INFO: Freed in kobject_uevent_env+0x123/0x430 age=18405 cpu=1 pid=2006
INFO: Slab 0xffff81000485f718 used=8 fp=0xffff810101b45318 flags=0x8000000000000083
INFO: Object 0xffff810101b452c0 @offset=704 fp=0xffff810101b45370

Bytes b4 0xffff810101b452b0: db f9 fb ff 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ????....ZZZZZZZZ
Object 0xffff810101b452c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 kkkkkkkkkkkkkkk?
Redzone 0xffff810101b452d0: bb bb bb bb bb bb bb bb ????????
Padding 0xffff810101b45310: d3 5e 5a 5a 5a 5a 5a 5a ?^ZZZZZZ

Call Trace:
[<ffffffff802827c8>] check_bytes_and_report+0xb8/0x100
[<ffffffff80282c34>] check_object+0x234/0x270
[<ffffffff80282dcf>] validate_slab_slab+0x15f/0x280
[<ffffffff8028591e>] validate_store+0xde/0x1c0
[<ffffffff802819e7>] slab_attr_store+0x27/0x30
[<ffffffff802cc9da>] sysfs_write_file+0xca/0x140
[<ffffffff80288d2d>] vfs_write+0xad/0xe0
[<ffffffff80289313>] sys_write+0x53/0x90
[<ffffffff8020bcae>] system_call+0x7e/0x83

FIX kmalloc-16: Restoring 0xffff810101b45310-0xffff810101b45311=0x5a

2007-09-20 10:33:22

by Alexey Dobriyan

Subject: Re: 2.6.23-rc6-mm1: BUG kmalloc-16: Object padding overwritten (sysfs?)

On Thu, Sep 20, 2007 at 11:53:53AM +0400, Alexey Dobriyan wrote:
> On Wed, Sep 19, 2007 at 02:36:04PM -0700, Christoph Lameter wrote:
> > So I would think that this is an actual memory corruption issue on your
> > system and the /sys/slab stuff works fine. slabinfo -v will perform a more
> > details scan to help you located the problem.
>
> OK, I do clean boot, ssh to box, then sudo slabinfo -v.
>
>
> =============================================================================
> BUG kmalloc-16: Object padding overwritten
> -----------------------------------------------------------------------------

The winner is slub-avoid-touching-page-struct-when-freeing-to-per-cpu-slab.patch
Blind bisecting pointed to it and reverting the patch from full -mm makes
the problem go away

From: Christoph Lameter <[email protected]>

Set c->node to -1 if we allocate from a debug slab instead for SlabDebug
which requires access the page struct cacheline.

Signed-off-by: Christoph Lameter <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
---

mm/slub.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

diff -puN mm/slub.c~slub-avoid-touching-page-struct-when-freeing-to-per-cpu-slab mm/slub.c
--- a/mm/slub.c~slub-avoid-touching-page-struct-when-freeing-to-per-cpu-slab
+++ a/mm/slub.c
@@ -1537,6 +1537,7 @@ debug:

c->page->inuse++;
c->page->freelist = object[c->offset];
+ c->node = -1;
slab_unlock(c->page);
return object;
}
@@ -1560,8 +1561,7 @@ static void __always_inline *slab_alloc(

local_irq_save(flags);
c = get_cpu_slab(s, smp_processor_id());
- if (unlikely(!c->page || !c->freelist ||
- !node_match(c, node)))
+ if (unlikely(!c->freelist || !node_match(c, node)))

object = __slab_alloc(s, gfpflags, node, addr, c);

@@ -1670,7 +1670,7 @@ static void __always_inline slab_free(st
local_irq_save(flags);
debug_check_no_locks_freed(object, s->objsize);
c = get_cpu_slab(s, smp_processor_id());
- if (likely(page == c->page && !SlabDebug(page))) {
+ if (likely(page == c->page && c->node >= 0)) {
object[c->offset] = c->freelist;
c->freelist = object;
} else
_

2007-09-20 17:25:57

by Christoph Lameter

Subject: Re: 2.6.23-rc6-mm1: BUG kmalloc-16: Object padding overwritten (sysfs?)

On Thu, 20 Sep 2007, Alexey Dobriyan wrote:

> OK, I do clean boot, ssh to box, then sudo slabinfo -v.
>
>
> =============================================================================
> BUG kmalloc-16: Object padding overwritten
> -----------------------------------------------------------------------------
>
> INFO: 0xffff810100fd8998-0xffff810100fd8999. First byte 0xa7 instead of 0x5a
> INFO: Allocated in sysfs_new_dirent+0x100/0x120 age=11055 cpu=0 pid=3474
> INFO: Freed in kobject_uevent_env+0x123/0x430 age=11055 cpu=0 pid=3474
> INFO: Slab 0xffff810004837740 used=28 fp=0xffff810100fd89a0 flags=0x8000000000000083
> INFO: Object 0xffff810100fd8948 @offset=2376 fp=0xffff810100fd89a0

Hmmm.. A corrupted sysfs object at an offset of one word from the end of
the object that could never have been caught by SLAB since it does not
check more than 4 bytes. Does the value 0x5ea7 tell us anything? Maybe a
counter was incremented a couple of times from the initial value of 0x5a5a
that was put there by SLUB?

> INFO: 0xffff810101b45310-0xffff810101b45311. First byte 0xd3 instead of 0x5a
> INFO: Allocated in kobject_get_path+0x57/0xc0 age=18405 cpu=1 pid=2006
> INFO: Freed in kobject_uevent_env+0x123/0x430 age=18405 cpu=1 pid=2006
> INFO: Slab 0xffff81000485f718 used=8 fp=0xffff810101b45318 flags=0x8000000000000083
> INFO: Object 0xffff810101b452c0 @offset=704 fp=0xffff810101b45370
>
> Bytes b4 0xffff810101b452b0: db f9 fb ff 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ????....ZZZZZZZZ
> Object 0xffff810101b452c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 kkkkkkkkkkkkkkk?
> Redzone 0xffff810101b452d0: bb bb bb bb bb bb bb bb ????????
> Padding 0xffff810101b45310: d3 5e 5a 5a 5a 5a 5a 5a ?^ZZZZZZ

Ditto.... but here we have a freed object in the above case the object is
still in use. Done by different processes at different times.

Eric: Anything that comes to mind in sysfs?

2007-09-20 17:36:33

by Christoph Lameter

Subject: Re: 2.6.23-rc6-mm1: BUG kmalloc-16: Object padding overwritten (sysfs?)

On Thu, 20 Sep 2007, Alexey Dobriyan wrote:

> The winner is slub-avoid-touching-page-struct-when-freeing-to-per-cpu-slab.patch
> Blind bisecting pointed to it and reverting the patch from full -mm makes
> the problem go away

Hmmm.. This means likely that the c->node is used somewhere for
indexing.... Ahhh... If we count objects for sysfs output then c->node may
be used to index into the statistics array. The offset from the poison
also makes sense now since we increment values there.

Does this patch fix the issue?



SLUB: Fix slab object counting.

We can only use the node value of the per cpu structure for counting if it
is positive. A negative value indicates that the slab is not valid.

Signed-off-by: Christoph Lameter <[email protected]>

---
mm/slub.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)

Index: linux-2.6.23-rc6-mm1/mm/slub.c
===================================================================
--- linux-2.6.23-rc6-mm1.orig/mm/slub.c 2007-09-20 10:31:04.000000000 -0700
+++ linux-2.6.23-rc6-mm1/mm/slub.c 2007-09-20 10:32:19.000000000 -0700
@@ -3412,12 +3412,16 @@ static unsigned long slab_objects(struct

for_each_possible_cpu(cpu) {
struct page *page;
+ int node;
struct kmem_cache_cpu *c = get_cpu_slab(s, cpu);

if (!c)
continue;

page = c->page;
+ node = c->node;
+ if (node < 0)
+ continue;
if (page) {
if (flags & SO_CPU) {
int x = 0;
@@ -3427,9 +3431,9 @@ static unsigned long slab_objects(struct
else
x = 1;
total += x;
- nodes[c->node] += x;
+ nodes[node] += x;
}
- per_cpu[c->node]++;
+ per_cpu[node]++;
}
}

2007-09-20 17:37:17

by Christoph Lameter

Subject: Re: 2.6.23-rc6-mm1: BUG kmalloc-16: Object padding overwritten (sysfs?)

On Thu, 20 Sep 2007, Christoph Lameter wrote:

> Eric: Anything that comes to mind in sysfs?

Arg. Forget it. Its likely SLUB mm related.

2007-09-20 18:56:17

by Eric W. Biederman

Subject: Re: 2.6.23-rc6-mm1: BUG kmalloc-16: Object padding overwritten (sysfs?)

Christoph Lameter <[email protected]> writes:

> On Thu, 20 Sep 2007, Christoph Lameter wrote:
>
>> Eric: Anything that comes to mind in sysfs?
>
> Arg. Forget it. Its likely SLUB mm related.

Ok.

Eric

2007-09-21 07:17:07

by Alexey Dobriyan

Subject: Re: 2.6.23-rc6-mm1: BUG kmalloc-16: Object padding overwritten (sysfs?)

On Thu, Sep 20, 2007 at 10:36:13AM -0700, Christoph Lameter wrote:
> On Thu, 20 Sep 2007, Alexey Dobriyan wrote:
> > The winner is slub-avoid-touching-page-struct-when-freeing-to-per-cpu-slab.patch
> > Blind bisecting pointed to it and reverting the patch from full -mm makes
> > the problem go away
>
> Hmmm.. This means likely that the c->node is used somewhere for
> indexing.... Ahhh... If we count objects for sysfs output then c->node may
> be used to index into the statistics array. The offset from the poison
> also makes sense now since we increment values there.
>
> Does this patch fix the issue?

Yes, it does.

> SLUB: Fix slab object counting.
>
> We can only use the node value of the per cpu structure for counting if it
> is positive. A negative value indicates that the slab is not valid.
>
> Signed-off-by: Christoph Lameter <[email protected]>
>
> ---
> mm/slub.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> Index: linux-2.6.23-rc6-mm1/mm/slub.c
> ===================================================================
> --- linux-2.6.23-rc6-mm1.orig/mm/slub.c 2007-09-20 10:31:04.000000000 -0700
> +++ linux-2.6.23-rc6-mm1/mm/slub.c 2007-09-20 10:32:19.000000000 -0700
> @@ -3412,12 +3412,16 @@ static unsigned long slab_objects(struct
>
> for_each_possible_cpu(cpu) {
> struct page *page;
> + int node;
> struct kmem_cache_cpu *c = get_cpu_slab(s, cpu);
>
> if (!c)
> continue;
>
> page = c->page;
> + node = c->node;
> + if (node < 0)
> + continue;
> if (page) {
> if (flags & SO_CPU) {
> int x = 0;
> @@ -3427,9 +3431,9 @@ static unsigned long slab_objects(struct
> else
> x = 1;
> total += x;
> - nodes[c->node] += x;
> + nodes[node] += x;
> }
> - per_cpu[c->node]++;
> + per_cpu[node]++;
> }
> }
>