At Fri, 15 Aug 2008 15:02:21 -0400, J. Bruce Fields wrote: > > On Fri, Aug 15, 2008 at 03:34:39PM +0200, Takashi Iwai wrote: > > The raparm was allocated in a wrong size in the commit > > > > ca80290ebda9009aedc4bd93ede5d397cb1853dc > > nfsd: permit unauthenticated stat of export root > > > > and thus it resulted in memory corruption, eventually Oopsing. > > This patch fixes the allocation size. > > Whoops, my fault, now fixed; thanks! > > (Out of curiosity--how did you find this?) Actually I hit the related Oops with the latest linux-next tree. Since this bug appears first on that tree and didn't occur on the previous tree, it was apparently a regression. So, I looked through changes over knfsd since the previous tree, found a suspicious one, and tried to fix. The linux-next tree is pretty helpful to catch a regression if one eats own dog foods everyday. BTW, I've been building linux-next SUSE kernel packages at every linux-next release. The packages are found in the following URL: http://ftp.suse.com/pub/people/tiwai/kernel-next/ If anyone has a SUSE system and would like to try linux-next kernel, just installs the package in addition. It won't conflict with existing standard kernel packages. thanks, Takashi > > --b. > > > > > Signed-off-by: Takashi Iwai <tiwai@xxxxxxx> > > > > --- > > diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c > > index bfa5453..30d606f 100644 > > --- a/fs/nfsd/vfs.c > > +++ b/fs/nfsd/vfs.c > > @@ -2093,7 +2093,7 @@ nfsd_racache_init(int cache_size) > > > > raparm = &raparm_hash[i].pb_head; > > for (j = 0; j < nperbucket; j++) { > > - *raparm = kzalloc(sizeof(*raparm), GFP_KERNEL); > > + *raparm = kzalloc(sizeof(**raparm), GFP_KERNEL); > > if (!*raparm) > > goto out_nomem; > > raparm = &(*raparm)->p_next; > -- To unsubscribe from this list: send the line "unsubscribe linux-next" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html