On Thu, Nov 10, 2011 at 11:31:45AM -0800, Adrian Chadd wrote: > .. are you sure it's a software use-after-free? I'm quite sure now this is not the problem here ... > What about "NIC DMA'ing stuff into completely incorrect space" after free? :-) > (Or a firmware/NIC bug where it scribbles to random memory at times..) Seems that is the reason of corruption, since CONFIG_DEBUG_PAGEALLOC doest not catch it. I'm not sure how to debug such issues, maybe enabling IOMMU will allow to debug? Other than trying iommu, would be good to check if problem also happens on 64bit kernels (CONFIG_IA32_EMULATION allow to use 64bit kernel with 32bit user-space), and configure CONFIG_DMA_API_DEBUG to see if there are any mistakes with programming DMA. Stanislaw -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
