This one is the bug in pte_chain_alloc(). It _should_ look like
this:
struct pte_chain *pte_chain_alloc(int gfp_flags)
{
int cpu;
struct pte_chain *ret;
struct pte_chain **pte_chainp;
cpu = get_cpu();
pte_chainp = &per_cpu(local_pte_chain, cpu);
if (*pte_chainp) {
ret = *pte_chainp;
*pte_chainp = NULL;
put_cpu();
} else {
put_cpu();
ret = kmem_cache_alloc(pte_chain_cache, gfp_flags);
}
return ret;
}
> kernel BUG at mm/slab.c:1671!
> invalid operand: 0000
> CPU: 0
> EIP: 0060:[<c012d2eb>] Not tainted
> EFLAGS: 00010a02
> EIP is at kmalloc+0xbb/0x114
> eax: c3ff9518 ebx: cffff440 ecx: 00000000 edx: cfff3bc3
> esi: cfff3b40 edi: cfff3b40 ebp: c360f1f4 esp: c6367e70
> ds: 007b es: 007b ss: 0068
> Process find (pid: 1563, threadinfo=c6366000 task=c3e326e0)
> Stack: c1546364 cc3a28f4 cc3a295c c01517ec 00000070 000001d0 00000000 cc3a28f4
> cc3a295c c360f1f4 00000066 c01492fc c360f1f4 c6367f14 00000000 c6367f54
> cfff7324 c6367f14 c01495a0 c360f1f4 c6367f14 00000004 c6367f0c 00000000
> Call Trace:
> [<c01517ec>] d_alloc+0x48/0x194
> [<c01492fc>] real_lookup+0x38/0xc0
This means that someone altered a dentry after freeing it. Could
be a problem in the new dcache_rcu code, or it could be a random
memory scribble. hmm.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/