On Thu, Oct 09, 2008 at 03:21:34PM +1100, Dave Chinner wrote: > Folks, > > The following patch fixes a use after free I just found. > It appears that switching between SLAB and SLUB seems to > turn off slab/slub memory poisoning, so i d??dn't realise > I'd be running for some time without poisoning turned on. > Once I turned poisoning back on I found this use-after-free > immediately on the first unmount trying to reclaim a clean > realtime bitmap inode. > > With this patch, the netire patchset that I posted yesterday > passes xfsqa with memory poisoning turned on. Looks good. > + XFS_STATS_INC(vn_reclaim); > + if (xfs_reclaim(ip)) > + panic("%s: cannot reclaim 0x%p\n", __func__, inode); Eventually we should kill the return value from xfs_reclaim and just put an assert directly into it. In fact given that xfs_reclaim is quite OS dependent we might just merge the content directly into destroy_inode. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html