I'm pretty sure this is yet another use-after-free bug. I finally got around to turning on CONFIG_DEBUG_SLAB as I promised, and that results in an instant crash in ib_uverbs_event_release() derefencing a pointer value of 0x6b6b6b6b6b6b6b6b (the slab use-after-free poison value).
I think I understand the bug, I just need to figure out the right way to fix it. - R. _______________________________________________ openib-general mailing list [email protected] http://openib.org/mailman/listinfo/openib-general To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
