The following is a fix for a double free bug in fs/partitions/efi.c. --- linux/arch/ia64/kernel/efi.c Fri Mar 1 16:59:19 2002 +++ linux/arch/ia64/kernel/efi.c.fixed Mon Mar 11 16:34:29 2002 @@ -546,8 +547,8 @@ *gpt = pgpt; *ptes = pptes; - if (agpt) kfree(agpt); - if (aptes) kfree(aptes); + if (agpt) { kfree(agpt); agpt=NULL; } + if (aptes) { kfree(aptes); aptes=NULL; } } /* if primary is valid */ else { /* Primary GPT is bad, check the Alternate GPT */ @@ -595,6 +596,8 @@ if (agpt) {kfree(agpt); agpt = NULL;} if (pptes) {kfree(pptes); pptes = NULL;} if (aptes) {kfree(aptes); aptes = NULL;} + *gpt = NULL; + *ptes = NULL; return 0; } This patch is against redhat 2.4.9 kernel and has already been reported to redhat Bugzilla. I suppose why such a serious bug has remained for a long time is that the current debug code in slab.c fails to detect double free in case the object holded by cpucaches is doubly freed. I think the current debug code should be improved to detect this case. --- Takanori Kawano Hitachi Ltd, Internet Systems Platform Division t-kawano@ebina.hitachi.co.jp To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/