The while loop in pf_batch_read, and the code preceeding it, is really... quite a thing. I'd love to rewrite it, but I haven't yet found a particularly cleaner way. It cleverly hides the fact that we might increment "num" past the last index of bplist[] and then assign to it. This corrupts memory. Rather than major surgery for now, just go for the simple fix, and break out of the loop if we've increased "num" past the last index. Signed-off-by: Eric Sandeen <sandeen@xxxxxxxxxx> --- diff --git a/repair/prefetch.c b/repair/prefetch.c index 7529f5d..d3491da 100644 --- a/repair/prefetch.c +++ b/repair/prefetch.c @@ -429,6 +429,8 @@ pf_batch_read( if (which != PF_META_ONLY || !B_IS_INODE(XFS_BUF_PRIORITY(bplist[num]))) num++; + if (num == MAX_BUFS) + break; bplist[num] = btree_lookup_next(args->io_queue, &fsbno); } if (!num) _______________________________________________ xfs mailing list xfs@xxxxxxxxxxx http://oss.sgi.com/mailman/listinfo/xfs