From: Christoph Lameter Subject: Re: 2.6.25-git2: BUG: unable to handle kernel paging request at ffffffffffffffff Date: Wed, 23 Apr 2008 12:05:01 -0700 (PDT) Message-ID: References: <480D1CF1.7010300@gmail.com> <480D208A.9050909@gmail.com> <200804220254.45251.rjw@sisk.pl> <480DB493.6080004@gmail.com> <20080422095315.GA28014@elte.hu> <480F857A.3090503@cs.helsinki.fi> Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: Linus Torvalds , Zdenek Kabelac , Ingo Molnar , Jiri Slaby , "Rafael J. Wysocki" , paulmck@linux.vnet.ibm.com, David Miller , Linux Kernel Mailing List , Andrew Morton , linux-ext4@vger.kernel.org, herbert@gondor.apana.org.au To: Pekka Enberg Return-path: Received: from netops-testserver-3-out.sgi.com ([192.48.171.28]:57886 "EHLO relay.sgi.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752205AbYDWTFD (ORCPT ); Wed, 23 Apr 2008 15:05:03 -0400 In-Reply-To: <480F857A.3090503@cs.helsinki.fi> Sender: linux-ext4-owner@vger.kernel.org List-ID: On Wed, 23 Apr 2008, Pekka Enberg wrote: > fault = check_bytes(start + length, POISON_INUSE, remainder); fault == NULL if the check was successful. Otherwise it contains the first address that does not match our expectations. > if (!fault) > return 1; > while (end > fault && end[-1] == POISON_INUSE) > end--; > > slab_err(s, page, "Padding overwritten. 0x%p-0x%p", fault, end - 1); > > So how come we're printing out 'fault' as zero and 'end' at 4 GB? Christoph? We should have returned from the function and not printed this message. If we somehow skipped the test for !fault then end could have wrapped around which gets us to 4GB.