Hello, I am experiencing the following crash: ------------[ cut here ]------------ kernel BUG at mm/slub.c:3950! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM Modules linked in: CPU: 1 PID: 1 Comm: swapper/0 Not tainted 5.1.0-rc1-00080-g37b8cb064293-dirty #4252 Hardware name: Amlogic Meson platform PC is at kfree+0x250/0x274 LR is at meson_nfc_exec_op+0x3b0/0x408 ... my goal is to add support for the 32-bit Amlogic Meson SoCs (ARM Cortex-A5 / Cortex-A9 cores) in the meson-nand driver. I have traced this crash to the kfree() in meson_nfc_read_buf(). my observation is as follows: - meson_nfc_read_buf() is called 7 times without any crash, the kzalloc() call returns 0xe9e6c600 (virtual address) / 0x29e6c600 (physical address) - the eight time meson_nfc_read_buf() is called kzalloc() call returns 0xee39a38b (virtual address) / 0x2e39a38b (physical address) and the final kfree() crashes - changing the size in the kzalloc() call from PER_INFO_BYTE (= 8) to PAGE_SIZE works around that crash - disabling the meson-nand driver makes my board boot just fine - Liang has tested the unmodified code on a 64-bit Amlogic SoC (ARM Cortex-A53 cores) and he doesn't see the crash there in case the selected SLAB allocator is relevant: CONFIG_SLUB=y the following printk statement is used to print the addresses returned by the kzalloc() call in meson_nfc_read_buf(): printk("%s 0x%px 0x%08x\n", __func__, info, virt_to_phys(info)); my questions are: - why does kzalloc() return an unaligned address 0xee39a38b (virtual address) / 0x2e39a38b (physical address)? - how can further analyze this issue? - (I don't know where to start analyzing: in mm/, arch/arm/mm, the meson-nand driver seems to work fine on the 64-bit SoCs but that doesn't fully rule it out, ...) Regards Martin