| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 9 Nov 2013 19:18:07 +0100
From: Sander Eikelenboom <linux@...elenboom.it>
To: Christoph Lameter <cl@...ux.com>, Pekka Enberg <penberg@...nel.org>
CC: linux-kernel@...r.kernel.org
Subject: Re: kernel BUG at mm/slub.c:3338! RIP [<ffffffff8117912c>] kfree+0x20c/0x210
Hello Sander,
Tuesday, October 22, 2013, 5:29:05 PM, you wrote:
> Tuesday, October 22, 2013, 5:12:35 PM, you wrote:
>> On Sun, 20 Oct 2013, Sander Eikelenboom wrote:
>>> With i 3.12.0-rc6 kernel i encounterd this splat:
>> Likely some slab object got corrupted.
>> Please enable debugging by either specifying slub_debug on the kernel
>> command line or enabling CONFIG_SLUB_DEBUG_ON
> Well since it seems a "one timer" so i'm not very sure if and when i would encounter it again.
> It seems "slub_debug" on the commandline would do the same, so i will run my VM with that for some time, see if triggers again.
> --
> Sander
Something triggered another oops on this VM, although it looks a bit different.
This VM got quite some I/O and network load, it got a lot of large files transferred to Samba and the files are stored on a glusterfs volume (by tcp/ip).
[34856.970314] =============================================================================
[34856.970332] BUG kmalloc-2048 (Not tainted): Poison overwritten
[34856.970339] -----------------------------------------------------------------------------
[34856.970339]
[34856.970350] Disabling lock debugging due to kernel taint
[34856.970357] INFO: 0xffff88001b36099b-0xffff88001b36099b. First byte 0x6a instead of 0x6b
[34856.970371] INFO: Allocated in __alloc_skb+0x82/0x290 age=2 cpu=0 pid=2818
[34856.970381] __slab_alloc.isra.57+0x61e/0x6d6
[34856.970389] __kmalloc_node_track_caller+0xc9/0x1b0
[34856.970396] __kmalloc_reserve.isra.49+0x37/0xa0
[34856.970402] __alloc_skb+0x82/0x290
[34856.970408] sk_stream_alloc_skb+0x3f/0x120
[34856.970414] tcp_sendmsg+0x615/0xe20
[34856.970419] inet_sendmsg+0xa6/0x100
[34856.970426] sock_aio_write+0xc2/0xe0
[34856.970433] do_sync_readv_writev+0x4e/0x80
[34856.970439] do_readv_writev+0xe8/0x270
[34856.970444] vfs_writev+0x30/0x60
[34856.970449] SyS_writev+0x54/0xd0
[34856.970454] system_call_fastpath+0x16/0x1b
[34856.970461] INFO: Freed in skb_free_head+0x64/0x70 age=2 cpu=0 pid=0
[34856.970468] __slab_free+0x30/0x561
[34856.970474] kfree+0x1fd/0x210
[34856.970479] skb_free_head+0x64/0x70
[34856.970484] skb_release_data+0xf3/0x100
[34856.970492] skb_release_all+0x23/0x30
[34856.970497] __kfree_skb+0x11/0xa0
[34856.970503] tcp_ack+0x64a/0xf20
[34856.970509] tcp_rcv_established+0xe2/0x5c0
[34856.970515] tcp_v4_do_rcv+0x14e/0x4a0
[34856.970520] tcp_v4_rcv+0x8f2/0x9c0
[34856.970527] ip_local_deliver_finish+0xd8/0x1d0
[34856.970533] ip_local_deliver+0x34/0x90
[34856.970539] ip_rcv_finish+0x150/0x660
[34856.970544] ip_rcv+0x22b/0x370
[34856.970551] __netif_receive_skb_core+0x6e2/0x8b0
[34856.970557] __netif_receive_skb+0x1c/0x70
[34856.970563] INFO: Slab 0xffffea00006cd800 objects=13 used=13 fp=0x (null) flags=0x40000000004080
[34856.970572] INFO: Object 0xffff88001b360948 @offset=2376 fp=0xffff88001b3637b0
[34856.970572]
The rest is in the attached dmesg.
attached: dmesg-oops-3.12.0-20131104.txt
--
Sander
View attachment "dmesg-oops-3.12.0-20131104.txt" of type "text/plain" (47098 bytes)
Powered by blists - more mailing lists