On Fri, 22 Feb 2019, Qian Cai wrote: > [23424.121182] BUG aio_kiocb (Tainted: G B W L ): Poison overwritten > [23424.121322] Object 00000000e207f30b: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b > 6b 6b 6b kkkkkkkkkkkkkkkk > [23424.121326] Object 00000000a7a45634: 6b 6b 6b 6b 6b 6b 6b 6b ff ff ff ff 6b > 6b 6b 6b kkkkkkkk....kkkk Looks like a decrement of a counter after free. You can find the field by calculating the offset from the beginning of the object and then use the struct definition to find that.
