Hi Charles,
I met a yaffs panic after enable DEBUG_SLAB. Sorry for the huge log:
<5>[121610.714599] init: process 'akmd2' killing any children in process group
<1>[121614.305541] Unable to handle kernel paging request at virtual address 6b6b6b67
<3>[121614.314422] PC is at check_poison_obj
<3>[121614.318634] Slab corruption: size-32 start=d6f01780, len=32
<1>[121614.375976] pgd = d64ec000
<3>[121614.393096] Redzone: 0x9f911029d74e35b/0x9f911029d74e35b.
<1>[121614.416107] [6b6b6b67] *pgd=00000000
<0>[121614.453247] Internal error: Oops: 5 [#1] PREEMPT
<0>[121614.458679] last sysfs file: /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq
<4>[121614.467224] Modules linked in: sec modem_pm_driver netmux_linkdriver netmux
<4>[121614.476135] CPU: 0 Tainted: G W (2.6.32.9-00005-gdbc1a58 #1)
<4>[121614.483795] PC is at yaffs_RemoveObjectCallback+0x20/0x7c
<4>[121614.489837] LR is at yaffs_RemoveObjectFromDirectory+0x38/0x68
<4>[121614.496520] pc : [<c01424b4>] lr : [<c0146df0>] psr: 20000013
<4>[121614.496551] sp : d64e7e8c ip : 6b6b6b6b fp : 00000000
<4>[121614.509521] r10: 00000001 r9 : 00000001 r8 : 00000000
<4>[121614.515350] r7 : c04b10a6 r6 : dc1e4000 r5 : dc1e40c8 r4 : d7bb2f78
<4>[121614.522766] r3 : 6b6b6b6b r2 : d6f01780 r1 : 00000000 r0 : d7bb2f78
<4>[121614.529998] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user
<4>[121614.538085] Control: 10c5387d Table: 970ec019 DAC: 00000015
<4>[121614.544677]
<4>[121614.544677] PC: 0xc0142434:
<4>[121614.549835] 2434 e3550000 1afffff8 ea000002 e3140001 e1a040a4 12855001 e3540000 1afffffa
<4>[121614.561218] 2454 e0855001 ea000002 e3120001 e1a020a2 12844001 e3520000 1afffffa e0854004
<4>[121614.572387] 2474 e3540001 08930007 01a03004 088c0007 0a000000 e3e03000 e1a00003 e8bd80f0
<4>[121614.583801] 2494 e5903008 e3a01000 e92d4030 e28350c8 e59330c8 ea000015 e3530000 0a000012
<4>[121614.595184] 24b4 e513c004 e243200c e15c0000 1a00000e e3520000 0a00000c e3500000 0a000009
<4>[121614.606597] 24d4 e592c004 e28c4068 e59cc068 e15c0004 0a000004 e590c020 e15c0004 124cc020
<4>[121614.617767] 24f4 1582c008 1a000000 e5821008 e5933000 e1530005 1affffe7 e8bd8030 e59f302c
<4>[121614.629180] 2514 e92d4010 e1a04000 e5933000 e3130002 0a000002 e59f0018 e1a01004 eb0ab969
<4>[121614.640563]
<4>[121614.640594] LR: 0xc0146d70:
<4>[121614.645751] 6d70 e1510006 0a000004 e59f0034 eb0aa756 e3011aa8 e59f001c eb0aa753 e1a00007
<4>[121614.656921] 6d90 ebffffa2 e5944000 e1540005 e2447020 1affffef e8bd81f0 c04b0a4c c05581f8
<4>[121614.668304] 6db0 c04b11d6 c04b11f7 e92d4070 e1a04000 e5906008 ebffff95 e594501c e1a00005
<4>[121614.679473] 6dd0 ebffffcd e3560000 0a000004 e5963064 e3530000 0a000001 e1a00004 e12fff33
<4>[121614.690856] 6df0 e5942020 e2843020 e5941024 e1a00005 e5812000 e5821004 e3a02000 e5843020
<4>[121614.702239] 6e10 e584201c e5843024 e8bd4070 eaffffba e92d4070 e2505000 e1a04001 1a000005
<4>[121614.713623] 6e30 e59f00d0 eb0aa728 e59f00cc e3011ae0 e8bd4070 ea0aa724 e5953064 e3530003
<4>[121614.724792] 6e50 0a000004 e59f00b4 eb0aa71f e59f00a8 e3011ae8 eb0aa71c e5943024 e3530000
<4>[121614.736206]
<4>[121614.736206] SP: 0xd64e7e0c:
<4>[121614.741607] 7e0c d6c40cb0 d6eac180 d6c41e60 d602a1e0 c007fd54 00000000 00000002 d73ba000
<4>[121614.752777] 7e2c ffffffff d64e7e74 dc1e4000 c04b10a6 c0034a6c d7bb2f78 00000000 d6f01780
<4>[121614.764190] 7e4c 6b6b6b6b d7bb2f78 dc1e40c8 dc1e4000 c04b10a6 00000000 00000001 00000001
<4>[121614.775604] 7e6c 00000000 6b6b6b6b d64e7e8c c0146df0 c01424b4 20000013 ffffffff dc1e4000
<4>[121614.786804] 7e8c d7bb2f78 dd1c4000 c0146df0 d7bb2f78 dd1c407c 00000000 c0146e90 d7bb2f78
<4>[121614.798187] 7eac dd1c407c 00000000 c0148e6c d7bb2f78 dd1c407c d7bb2f78 00000001 dc1e4000
<4>[121614.809356] 7ecc 00000000 c00350c4 d64e6000 00000000 c0148f34 00000000 0000026c d7bb2f78
<4>[121614.820770] 7eec c014af3c d7bb2f78 00000000 c969d090 d7bb2f78 dc1e4000 c0143214 c969d090
<4>[121614.831939]
<4>[121614.831939] R0: 0xd7bb2ef8:
<4>[121614.837310] 2ef8 00000000 000100b0 00005a67 dc1e4000 dd40d6d0 dd1c555c d7bb2f10 d7bb2f10
<4>[121614.848724] 2f18 dd4086c8 d7bb1c38 d64dd01c 0000ca0c 00000001 000003da 00008180 00000000
<4>[121614.859924] 2f38 00000000 00000000 00000000 000003e8 000003e8 000273e2 000273e2 000273e2
<4>[121614.871337] 2f58 00000000 c4f4c470 00000001 0000001f 00000000 ffffffff 00000000 dc1e2144
<4>[121614.882507] 2f78 000200e4 00000b64 dc1e4000 dd1c58c0 dc1e4848 d7bb2f8c d7bb2f8c dd1c4000
<4>[121614.893676] 2f98 d736a208 dd1c4068 0000657c 00000000 00000692 000081b6 656c6564 00646574
<4>[121614.905090] 2fb8 00000000 00000000 00000000 00000000 000345ef 000345ef 000345ef 00000000
<4>[121614.916473] 2fd8 c969d090 00000001 00000000 00000000 ffffffff 00000000 00000000 000300b0
<4>[121614.927886]
<4>[121614.927886] R2: 0xd6f01700:
<4>[121614.933044] 1700 d282d900 d7972980 00000000 d68e1000 00000001 ffffffff 5a5a0000 fffffffe
<4>[121614.944427] 1720 00000000 00000000 00000000 00000000 635688c0 d84156c5 00000000 c00c3a5c
<4>[121614.955596] 1740 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
<4>[121614.966735] 1760 00000000 00000000 00000000 00000000 00000000 00000000 9d74e35b 09f91102
<4>[121614.978118] 1780 6b6b6b6b 6b6b6b6b 6b6b6b6b 6b6b6b6b dc1e40c8 6b6b6b6b 6b6b6b6b a56b6b6b
<4>[121614.989501] 17a0 00000000 00000000 00000000 00000000 9d74e35b 09f91102 00000000 c0142a10
<4>[121615.000701] 17c0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
<4>[121615.012084] 17e0 00000000 00000000 00000000 00000000 00000000 00000000 635688c0 d84156c5
<4>[121615.023437]
<4>[121615.023468] R4: 0xd7bb2ef8:
<4>[121615.028625] 2ef8 00000000 000100b0 00005a67 dc1e4000 dd40d6d0 dd1c555c d7bb2f10 d7bb2f10
<4>[121615.040008] 2f18 dd4086c8 d7bb1c38 d64dd01c 0000ca0c 00000001 000003da 00008180 00000000
<4>[121615.051422] 2f38 00000000 00000000 00000000 000003e8 000003e8 000273e2 000273e2 000273e2
<4>[121615.062591] 2f58 00000000 c4f4c470 00000001 0000001f 00000000 ffffffff 00000000 dc1e2144
<4>[121615.073760] 2f78 000200e4 00000b64 dc1e4000 dd1c58c0 dc1e4848 d7bb2f8c d7bb2f8c dd1c4000
<4>[121615.085144] 2f98 d736a208 dd1c4068 0000657c 00000000 00000692 000081b6 656c6564 00646574
<4>[121615.096527] 2fb8 00000000 00000000 00000000 00000000 000345ef 000345ef 000345ef 00000000
<4>[121615.107696] 2fd8 c969d090 00000001 00000000 00000000 ffffffff 00000000 00000000 000300b0
<4>[121615.119110]
<4>[121615.119110] R5: 0xdc1e4048:
<4>[121615.124481] 4048 c0150914 00000000 c01510e8 c0150d8c c0150d30 c0150fe8 00000001 c0142494
<4>[121615.135650] 4068 c0142510 00000000 00000000 00000000 00000001 00000012 0003ffff 0000000b
<4>[121615.147033] 4088 00000001 000007ff 00000000 00000800 00000001 00000000 dc1e40a0 dc1e40a0
<4>[121615.158416] 40a8 00000000 d73bbd40 dd5bdde8 00000000 00000000 00000000 dc1e3c40 c01432c0
<4>[121615.169555] 40c8 d6f0178c d6f0138c 00000001 00000000 00000001 00000473 00000001 00000040
<4>[121615.180938] 40e8 00000031 000186bc 00000000 00000000 00000001 00000000 00000031 00000061
<4>[121615.192352] 4108 00000062 00000000 00000049 006f3eae 00000028 00000000 dd7c4000 dd7f8000
<4>[121615.203765] 4128 00000000 00000008 0000000b 000001ef 00000028 000001ef 00000ed8 d73479fc
<4>[121615.214935]
<4>[121615.214935] R6: 0xdc1e3f80:
<4>[121615.220306] 3f80 40000000 04000800 00800008 08000406 00400000 40000002 01001000 01004000
<4>[121615.231719] 3fa0 04000000 00002000 20000006 00880180 635688c0 d84156c5 01000002 c00bf5bc
<4>[121615.242889] 3fc0 00201240 00000000 00000000 00200100 00400000 08920000 00000100 00000000
<4>[121615.254302] 3fe0 00000000 00000000 00000201 00000080 c0000800 00000100 00000000 20201400
<4>[121615.265655] 4000 dc7e2000 def02000 dee07ea7 00000800 00000040 00000000 00000000 00000472
<4>[121615.276855] 4020 00000005 0000000a 00000001 00000000 00000001 dee93840 dbde5d80 00000000
<4>[121615.288269] 4040 00000000 c0150890 c0150914 00000000 c01510e8 c0150d8c c0150d30 c0150fe8
<4>[121615.299682] 4060 00000001 c0142494 c0142510 00000000 00000000 00000000 00000001 00000012
<4>[121615.311065]
<4>[121615.311065] R7: 0xc04b1026:
<4>[121615.316223] 1024 3c000a64 624f3e34 7463656a 20642520 6e756863 2064496b 4e206425 20444e41
<4>[121615.327606] 1044 6d73696d 68637461 75686320 25206b6e 61742064 28207367 253a6425 000a2964
<4>[121615.339050] 1064 2a3e343c 203e3e2a 66666179 43203a73 6b6e7568 20644920 3a642528 20296425
<4>[121615.350219] 1084 61766e69 0a64696c 756f2c00 666f2074 6e617220 2c006567 6b72616d 61206465
<4>[121615.361633] 10a4 65642073 6574656c 343c0064 6a624f3e 20642520 20736168 6e756863 2064496b
<4>[121615.373016] 10c4 25206425 73252073 343c000a 6a624f3e 20642520 20736168 65726170 7020746e
<4>[121615.384185] 10e4 746e696f 25207265 68772070 20686369 73656f64 746f6e20 6f6f6c20 696c206b
<4>[121615.395599] 1104 6120656b 626f206e 7463656a 343c000a 6a624f3e 27642520 61702073 746e6572
<4>[121615.407012] 1124 20736920 20746f6e 69642061 74636572 2079726f 70797428 64252065 3c000a29
<0>[121615.418426] Process fsstress (pid: 19880, stack limit = 0xd64e62e8)
<0>[121615.425384] Stack: (0xd64e7e8c to 0xd64e8000)
<0>[121615.430541] 7e80: d7bb2f78 dd1c4000 c0146df0 d7bb2f78 dd1c407c
<0>[121615.439514] 7ea0: 00000000 c0146e90 d7bb2f78 dd1c407c 00000000 c0148e6c d7bb2f78 dd1c407c
<0>[121615.448669] 7ec0: d7bb2f78 00000001 dc1e4000 00000000 c00350c4 d64e6000 00000000 c0148f34
<0>[121615.457855] 7ee0: 00000000 0000026c d7bb2f78 c014af3c d7bb2f78 00000000 c969d090 d7bb2f78
<0>[121615.467041] 7f00: dc1e4000 c0143214 c969d090 c01431bc deb9c8e0 c00dbf6c c969d090 00000000
<0>[121615.476013] 7f20: deb9c8e0 c00dadc8 c969d090 c00d29ac deb9c8e0 dec0bbd8 deaff550 00034928
<0>[121615.485198] 7f40: 00000002 d72f7000 00000000 ffffffff 00000000 00000000 00000000 00000000
<0>[121615.494384] 7f60: 00000000 d66f02d0 dec0bbd8 c00df3c4 d66f02d0 00000000 d668b1b8 00000006
<0>[121615.503540] 7f80: c00350c4 c00c53f4 d668b1b8 d72f7000 00000000 000102c0 00000000 00000000
<0>[121615.512512] 7fa0: 0000000a c0034f40 000102c0 00000000 000154f8 00012100 00012100 000154f8
<0>[121615.521697] 7fc0: 000102c0 00000000 00000000 0000000a 00000000 00000000 00000000 00000000
<0>[121615.530853] 7fe0: 00012190 bea55610 0000cfcc afd0df1c 20000010 000154f8 81649021 81649421
<4>[121615.539855] [<c01424b4>] (yaffs_RemoveObjectCallback+0x20/0x7c) from [<c0146df0>] (yaffs_RemoveObjectFromDirectory+0x38/0x68)
<4>[121615.552337] [<c0146df0>] (yaffs_RemoveObjectFromDirectory+0x38/0x68) from [<c0146e90>] (yaffs_AddObjectToDirectory+0x70/0xf4)
<4>[121615.564819] [<c0146e90>] (yaffs_AddObjectToDirectory+0x70/0xf4) from [<c0148e6c>] (yaffs_ChangeObjectName+0xec/0x130)
<4>[121615.576599] [<c0148e6c>] (yaffs_ChangeObjectName+0xec/0x130) from [<c0148f34>] (yaffs_DoGenericObjectDeletion+0x84/0xbc)
<4>[121615.588623] [<c0148f34>] (yaffs_DoGenericObjectDeletion+0x84/0xbc) from [<c014af3c>] (yaffs_DeleteFile+0x128/0x170)
<4>[121615.600219] [<c014af3c>] (yaffs_DeleteFile+0x128/0x170) from [<c0143214>] (yaffs_delete_inode+0x58/0x8c)
<4>[121615.610778] [<c0143214>] (yaffs_delete_inode+0x58/0x8c) from [<c00dbf6c>] (generic_delete_inode+0x11c/0x1e0)
<4>[121615.621734] [<c00dbf6c>] (generic_delete_inode+0x11c/0x1e0) from [<c00dadc8>] (iput+0x64/0x70)
<4>[121615.631408] [<c00dadc8>] (iput+0x64/0x70) from [<c00d29ac>] (do_unlinkat+0xf4/0x14c)
<4>[121615.640167] [<c00d29ac>] (do_unlinkat+0xf4/0x14c) from [<c0034f40>] (ret_fast_syscall+0x0/0x2c)
<0>[121615.649688] Code: e59330c8 ea000015 e3530000 0a000012 (e513c004)
<5>[121615.663360] init: starting 'akmd2'
<3>[121615.673309] Last user: [<c0142a10>](yaffs_readdir+0x368/0x39c)
<3>[121615.760192] 010: c8 40 1e dc
<6>[121615.795806] init: waitpid returned pid 19909, status = 00000100
<4>[121615.808349] 6b
<5>[121615.827789] init: process 'akmd2', pid 19909 exited
<4>[121615.836700] 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5
<3>[121615.893829] Prev obj: start=d6f01700, len=32
<5>[121615.908416] init: process 'akmd2' killing any children in process group
<3>[121615.980651] Redzone: 0xd84156c5635688c0/0xd84156c5635688c0.
<3>[121616.034423] Last user: [<c00c3a5c>](cache_alloc_refill+0x490/0x788)
<3>[121616.100311] 000: 00 d9 82 d2 80 29 97 d7 00 00 00 00 00 10 8e d6
<3>[121616.160614] 010: 01 00 00 00 ff ff ff ff 00 00 5a 5a fe ff ff ff
<3>[121616.262939] Next obj: start=d6f01800, len=32
<3>[121616.319519] Redzone: 0xd84156c5635688c0/0xd84156c5635688c0.
<3>[121616.372558] Last user: [<c00c3a5c>](cache_alloc_refill+0x490/0x788)
<3>[121616.408721] 000: 80 a5 78 d6 80 5a de d6 00 00 00 00 00 50 2f d7
<3>[121616.513793] 010: 00 00 00 00 00 00 00 00 00 00 5a 5a ff ff ff ff
<3>[121616.582702] Backtrace:
<4>[121616.621582] [<c0039af4>] (unwind_backtrace+0x0/0xd8) from [<c00c1d4c>] (check_poison_obj+0x198/0x1cc)
<4>[121616.686309] [<c00c1d4c>] (check_poison_obj+0x198/0x1cc) from [<c00c4418>] (kmem_cache_alloc+0xec/0x29c)
<4>[121616.763214] [<c00c4418>] (kmem_cache_alloc+0xec/0x29c) from [<c0080428>] (pm_qos_add_requirement+0x20/0xf8)
<4>[121616.857269] [<c0080428>] (pm_qos_add_requirement+0x20/0xf8) from [<c0055044>] (update_resource_level+0xcc/0xf0)
<4>[121616.952758] [<c0055044>] (update_resource_level+0xcc/0xf0) from [<c026c8f0>] (omap_i2c_xfer+0x1f4/0x30c)
<4>[121617.034088] [<c026c8f0>] (omap_i2c_xfer+0x1f4/0x30c) from [<c0269b90>] (i2c_transfer+0xa0/0xf4)
<4>[121617.101226] [<c0269b90>] (i2c_transfer+0xa0/0xf4) from [<c026a4b0>] (i2c_master_send+0x38/0x48)
<4>[121617.166992] [<c026a4b0>] (i2c_master_send+0x38/0x48) from [<c0264948>] (adp5588_work_func+0x3c/0x17c)
<4>[121617.233734] [<c0264948>] (adp5588_work_func+0x3c/0x17c) from [<c00773c8>] (worker_thread+0x17c/0x228)
<4>[121617.304351] [<c00773c8>] (worker_thread+0x17c/0x228) from [<c007ad20>] (kthread+0x78/0x80)
<4>[121617.366333] [<c007ad20>] (kthread+0x78/0x80) from [<c003599c>] (kernel_thread_exit+0x0/0x8)
<3>[121617.428253] Code:
<0>[121617.440917] Kernel panic - not syncing: slab corruption
Panic occurs when call yaffs_RemoveObjectCallback at line: if(sc->nextReturn == obj), because referred the buffer has been freed by yaffs_readdir. Seems sc buffer(0xd6f01780) has been freed, but still in search context doubly linked list(the next pointer of "sc other(0xdc1e40c8)" is 0xd6f0178c, the prev pointer of "0xd6f0178c" is 0xdc1e40c8). Is it possible that the search context lock mechanism has some issue or other reason?
I only met this panic once, and can NOT reproduce it. Any suggestion about this? Thanks a lot.