The slab debugging code is supposed to poison freshly-allocated obejcts with
0x5a and freed ones with 0x6b, so we can distinguish use-uninitialised from
use-after-free.

It wasn't working right for recycled objects.  Fix.


 25-akpm/mm/slab.c |    1 +
 1 files changed, 1 insertion(+)

diff -puN mm/slab.c~slab-poisoning-fix mm/slab.c
--- 25/mm/slab.c~slab-poisoning-fix	Mon Jun  2 14:34:17 2003
+++ 25-akpm/mm/slab.c	Mon Jun  2 14:34:17 2003
@@ -1824,6 +1824,7 @@ cache_alloc_debugcheck_after(kmem_cache_
 		poison_obj(cachep, objp, POISON_AFTER);
 #else
 		check_poison_obj(cachep, objp);
+		poison_obj(cachep, objp, POISON_BEFORE);
 #endif
 	}
 	if (cachep->flags & SLAB_STORE_USER) {

_