Bug 1667

Summary: slab corruption in 'hpsb_packet'
Product: Drivers Reporter: Jason Duerstock (jason-kbz)
Component: IEEE1394Assignee: Ben Collins (bcollins)
Status: CLOSED CODE_FIX    
Severity: normal    
Priority: P2    
Hardware: i386   
OS: Linux   
Kernel Version: 2.6.0-0.test11.1.12 Subsystem:
Regression: --- Bisected commit-id:

Description Jason Duerstock 2003-12-10 13:09:40 UTC 
Distribution: RedHat fedora development
Hardware Environment: P3-500, 256 MB RAM, IDE and IEEE1394 controllers, 1
IEEE1394 hard disk
Software Environment: RedHat fedora development
Problem Description:
Slab corruption: start=c12b2758, expend=c12b27b7, problemat=c12b2788
Last user: [<d08db100>](free_hpsb_packet+0x1d/0x22 [ieee1394])
Data: ************************************************D5 D6 D6 D6 01 00 00 00
***************************************A5 
Next: 71 F0 2C .00 B1 8D D0 71 F0 2C .....................
slab error in check_poison_obj(): cache `hpsb_packet': object was modified after
freeing
Call Trace:
 [<c01321f9>] check_poison_obj+0x132/0x13a
 [<c0132235>] slab_destroy+0x34/0x156
 [<c013402e>] reap_timer_fnc+0x134/0x190
 [<c0133efa>] reap_timer_fnc+0x0/0x190
 [<c011fd8d>] run_timer_softirq+0x119/0x139
 [<c010b586>] handle_IRQ_event+0x27/0x4a
 [<c011c4f9>] do_softirq+0x45/0x87
 [<c010b820>] do_IRQ+0xdf/0xe9
 [<c0105000>] _stext+0x0/0x19
 [<c010a3d0>] common_interrupt+0x18/0x20
 [<c0105000>] _stext+0x0/0x19
 [<c01080cf>] default_idle+0x23/0x26
 [<c0108120>] cpu_idle+0x1f/0x34
 [<c031c5bb>] start_kernel+0x15e/0x162

Steps to reproduce:
boot kernel with ieee1394 drive attached
Comment 1 John Mock 2004-01-06 08:49:03 UTC 
I can reproduce this bug with 2.6.0-test10 on a Sony VAIO R505EL (detailed
information upon request).  It appears to be fixed in 2.6.1-rc1 (including
the problem with 'rmmod ohci1394), thank you very much!