| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20110321164238.GA5303@elte.hu>
Date: Mon, 21 Mar 2011 17:42:38 +0100
From: Ingo Molnar <mingo@...e.hu>
To: Eric Dumazet <eric.dumazet@...il.com>
Cc: David Miller <davem@...emloft.net>, torvalds@...ux-foundation.org,
akpm@...ux-foundation.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org,
Peter Zijlstra <a.p.zijlstra@...llo.nl>,
Thomas Gleixner <tglx@...utronix.de>,
Arnd Bergmann <arnd@...db.de>,
Pekka Enberg <penberg@...helsinki.fi>
Subject: [slab poison overwritten] Re: [GIT] Networking
I'm getting this memory corruption warning:
BUG kmalloc-1024: Poison overwritten
Note, it's not fully proven that it's caused by networking - but in a previous
bootup (unfortunately the logs are not available) i got this warning straight
after netfilter initialized.
As far as i can remember it came shortly after these messages:
calling tunnel4_init+0x0/0x63 @ 1
initcall tunnel4_init+0x0/0x63 returned 0 after 2 usecs
calling ipv4_netfilter_init+0x0/0x10 @ 1
initcall ipv4_netfilter_init+0x0/0x10 returned 0 after 2 usecs
calling ip_tables_init+0x0/0x8d @ 1
ip_tables: (C) 2000-2006 Netfilter Core Team
Full message is below - the backtrace there is a benign tty alloc.
Thanks,
Ingo
-------------->
EXT3-fs (sda1): mounted filesystem with ordered data mode
VFS: Mounted root (ext3 filesystem) readonly on device 8:1.
async_waiting @ 1
async_continuing @ 1 after 1 usec
Freeing unused kernel memory: 420k freed
Not activating Mandatory Access Control now since /sbin/tomoyo-init doesn't exist.
=============================================================================
BUG kmalloc-1024: Poison overwritten
-----------------------------------------------------------------------------
INFO: 0xbd4e1c04-0xbd4e1c0f. First byte 0x0 instead of 0x6b
INFO: Allocated in ops_init.constprop.5+0x4a/0xe0 age=1537 cpu=0 pid=1
INFO: Freed in ops_free+0x2a/0x30 age=1233 cpu=1 pid=1
INFO: Slab 0xbf817c00 objects=15 used=6 fp=0xbd4e1920 flags=0x3d0040c1
INFO: Object 0xbd4e1920 @offset=6432 fp=0xbd4e1d50
Bytes b4 0xbd4e1910: 4a 00 00 00 c3 84 fb ff 5a 5a 5a 5a 5a 5a 5a 5a J...�.��ZZZZZZZZ
Object 0xbd4e1920: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1930: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1940: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1950: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1960: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1970: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1980: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1990: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e19a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e19b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e19c0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e19d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e19e0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e19f0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1a00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1a10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1a20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1a30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1a40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1a50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1a60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1a70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1a80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1a90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1aa0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1ab0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1ac0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1ad0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1ae0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1af0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1b00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1b10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1b20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1b30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1b40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1b50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1b60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1b70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1b80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1b90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1ba0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1bb0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1bc0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1bd0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1be0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1bf0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1c00: 6b 6b 6b 6b 00 5c 26 05 80 71 54 bd 80 14 c1 81 kkkk.\&..qT�..�.
Object 0xbd4e1c10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1c20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1c30: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1c40: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1c50: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1c60: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1c70: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1c80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1c90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1ca0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1cb0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1cc0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1cd0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1ce0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1cf0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1d00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk
Object 0xbd4e1d10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 kkkkkkkkkkkkkkk�
Redzone 0xbd4e1d20: bb bb bb bb ����
Padding 0xbd4e1d48: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
Pid: 86, comm: init Not tainted 2.6.38-tip-08705-g112440a-dirty #109442
Call Trace:
[<8109919b>] print_trailer+0xab/0x110
[<8109932c>] check_bytes_and_report+0xdc/0x120
[<8109a04b>] check_object+0x1db/0x230
[<81098dbb>] ? check_valid_pointer+0x2b/0x60
[<818bb338>] alloc_debug_processing+0x74/0xf2
[<818bb878>] __slab_alloc.constprop.18+0x1a3/0x1fd
[<8137c57e>] ? alloc_tty_struct+0x1e/0x20
[<8137c57e>] ? alloc_tty_struct+0x1e/0x20
[<8109ac11>] kmem_cache_alloc+0x81/0x90
[<8137c57e>] alloc_tty_struct+0x1e/0x20
[<8137de6b>] tty_init_dev+0xcb/0x160
[<810307d2>] ? console_device+0x42/0x50
[<8137ee14>] tty_open+0x304/0x4d0
[<810a64d8>] chrdev_open+0x68/0x130
[<810a1422>] __dentry_open+0xe2/0x230
[<810a2446>] nameidata_to_filp+0x66/0x80
[<810a6470>] ? chrdev_open+0x0/0x130
[<810ae145>] do_last+0x315/0x7d0
[<810ae698>] path_openat+0x98/0x340
[<810ae999>] do_filp_open+0x59/0x80
[<810b9bd4>] ? alloc_fd+0x34/0xe0
[<810ab934>] ? getname_flags+0xa4/0xe0
[<810a2861>] do_sys_open+0xe1/0x1b0
[<810a2959>] sys_open+0x29/0x40
[<818c8b57>] sysenter_do_call+0x12/0x26
FIX kmalloc-1024: Restoring 0xbd4e1c04-0xbd4e1c0f=0x6b
FIX kmalloc-1024: Marking all objects used
sd 0:0:0:0: rpm_resume flags 0x4
sd 0:0:0:0: rpm_resume returns 1
sd 0:0:0:0: rpm_resume flags 0x4
Ingo
View attachment "config" of type "text/plain" (65694 bytes)
Powered by blists - more mailing lists