Re: .17rc5 cfq slab corruption.
From: Dave Jones
Date: Sat May 27 2006 - 09:42:35 EST
On Sat, May 27, 2006 at 09:07:24AM +0200, Jens Axboe wrote:
> On Fri, May 26 2006, Andrew Morton wrote:
> > Dave Jones <davej@xxxxxxxxxx> wrote:
> > >
> > > Was playing with googles new picasa toy, which hammered the disks
> > > hunting out every image file it could find, when this popped out:
> > >
> > > Slab corruption: (Not tainted) start=ffff810012b998c8, len=168
> > > Redzone: 0x5a2cf071/0x5a2cf071.
> > > Last user: [<ffffffff8032c319>](cfq_free_io_context+0x2f/0x74)
> > > 090: 10 bd 28 1b 00 81 ff ff 6b 6b 6b 6b 6b 6b 6b 6b
> > > Prev obj: start=ffff810012b99808, len=168
> > > Redzone: 0x5a2cf071/0x5a2cf071.
> > > Last user: [<ffffffff8032c319>](cfq_free_io_context+0x2f/0x74)
> > > 000: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
> > > 010: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
> > > Next obj: start=ffff810012b99988, len=168
> > > Redzone: 0x5a2cf071/0x5a2cf071.
> > > Last user: [<ffffffff8032c319>](cfq_free_io_context+0x2f/0x74)
> > > 000: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
> > > 010: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
>
> Pretty baffling... cfq has been hammered pretty thoroughly over the
> last months and _nothing_ has shown up except some performance anomalies
> that are now fixed. Since daves case (at least) seems to be
> use-after-free, I'll see if I can reproduce with some contrived case.
> I'm asuming that picasa forks and exits a lot with submitted io in
> between than may not have finished at exit.
The second time I hit it, was actually during boot up.
Dave
--
http://www.codemonkey.org.uk
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/