The slab debugging code is supposed to poison freshly-allocated obejcts with
0x5a and freed ones with 0x6b, so we can distinguish use-uninitialised from
use-after-free.

It wasn't working right for recycled objects.  Fix.


 mm/slab.c |    1 +
 1 files changed, 1 insertion(+)

diff -puN mm/slab.c~slab-poisoning-fix mm/slab.c
--- 25/mm/slab.c~slab-poisoning-fix	2003-06-06 22:10:33.000000000 -0700
+++ 25-akpm/mm/slab.c	2003-06-06 22:10:33.000000000 -0700
@@ -1825,6 +1825,7 @@ cache_alloc_debugcheck_after(kmem_cache_
 		poison_obj(cachep, objp, POISON_AFTER);
 #else
 		check_poison_obj(cachep, objp);
+		poison_obj(cachep, objp, POISON_BEFORE);
 #endif
 	}
 	if (cachep->flags & SLAB_STORE_USER) {

_