I spotted the following code a while ago and I believe it's not safe:
d_free(dentry);
if (dentry == parent)
return;
(line 115). This is referencing freed memory -- since d_free frees
everyting.
Here's a tiny patch
-- Peter --
--- linux-2.1.78.orig/fs/dcache.c Sun Jan 4 03:54:04 1998
+++ linux/fs/dcache.c Tue Jan 6 14:55:26 1998
@@ -112,9 +112,11 @@
iput(inode);
}
parent = dentry->d_parent;
- d_free(dentry);
- if (dentry == parent)
+ if (dentry == parent) {
+ d_free(dentry);
return;
+ }
+ d_free(dentry);
dentry = parent;
goto repeat;
}