[openib-general] Re: [PATCH] ipoib_mcast_restart_task
Eli Cohen
eli at mellanox.co.il
Wed Apr 5 23:37:00 PDT 2006
On Wednesday 05 April 2006 18:43, Roland Dreier wrote:
> Michael> Not sure I read you. It'd still be use after free, won't it?
>
> It's definitely a bug. But it doesn't explain the specific oops we
> saw. In other words, doing:
>
> kfree(mcast);
> dev = mcast->dev;
>
> shouldn't cause an oops, because mcast is still a valid kernel
> pointer, even if the memory it points to might be reused and
> corrupted. Following the dev pointer after that snippet might cause
> an oops, because it might be overwritten.
>
The reason for that is probably because I am using a custom kernel compiled
with 'Debug memory allocations' which poisons freed memory.
More information about the general
mailing list