Hello Mel
On Tue, Sep 10, 2013 at 5:32 PM, Mel Gorman <mgorman@xxxxxxx> wrote:
>
> +void task_numa_free(struct task_struct *p)
> +{
> + struct numa_group *grp = p->numa_group;
> + int i;
> +
> + kfree(p->numa_faults);
> +
> + if (grp) {
> + for (i = 0; i < 2*nr_node_ids; i++)
> + atomic_long_sub(p->numa_faults[i], &grp->faults[i]);
> +
use after free :/
> + spin_lock(&grp->lock);
> + list_del(&p->numa_entry);
> + grp->nr_tasks--;
> + spin_unlock(&grp->lock);
> + rcu_assign_pointer(p->numa_group, NULL);
> + put_numa_group(grp);
> + }
> +}
> +
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>