Re: Kernel crash in free_pipe_info()

Linus Torvalds writes: (Summary) That's the (bad) buf->ops pointer that was loaded from the somehow corrupted "buf".
loaded from the somehow corrupted "buf".
The values in all cases are
The values in all cases are

00000000fffffffa
00000000fffffffd
00000000fffffff1
00000000fffffff7
00000000fffffff4
00000000fffffffa
00000000fffffffd
00000000fffffffd
00000000fffffffa
00000000ffffffe8
00000000fffffff1
00000000fffffff7

which kind of looks like a 32-bit error value. So we have (n, val, (errno)):

      1 -24 (EMFILE)
      2 -15 (ENOTBLK)
      1 -12 (ENOMEM)
      2 -9 (EBADF)
      3 -6 (ENXIO)
      3 -3 (ESRCH)

none of which makes any sense to me, but it's an interesting pattern
nonetheless.