forcemerge 637436 639416 tags 637436 + upstream fixed-upstream quit Hi,
Simon Wunderlich wrote: > After booting (and logging in), the system works for some seconds and then i > see quite some oopses for around 5 to 10 seconds. Then the system hangs > completely. [...] > 2.6.39-2-686-pae works fine for me. linux-image-3.0.0-1-amd64 shows a similar > behaviour (hangs after a few seconds) [...] > [ 20.616754] CIFS: Unknown mount option codepage > [ 20.621903] CIFS VFS: default security mechanism requested. The default > security mechanism will be upgraded from ntlm to ntlmv2 in kernel release 3.1 > [ 29.507499] ------------[ cut here ]------------ > [ 29.507562] kernel BUG at [...]/mm/slab.c:3059! Hm, the same assertion as in <http://bugs.debian.org/637436>. Thanks for pointing out the regression range! I suspect this is fixed by the following patch, which is part of v3.1-rc3 and will probably be included in v3.0.4. Testing (of -rc kernels or of the patch below alone) welcome, of course. :) commit 13589c437daf Author: Steve French <sfre...@us.ibm.com> Date: Thu Aug 18 04:41:55 2011 +0000 [CIFS] possible memory corruption on mount CIFS cleanup_volume_info_contents() looks like having a memory corruption problem. When UNCip is set to "&vol->UNC[2]" in cifs_parse_mount_options(), it should not be kfree()-ed in cleanup_volume_info_contents(). Introduced in commit b946845a9dc523c759cae2b6a0f6827486c3221a Signed-off-by: J.R. Okajima <hooano...@yahoo.co.jp> Reviewed-by: Jeff Layton <jlay...@redhat.com> CC: Stable <sta...@kernel.org> Signed-off-by: Steve French <sfre...@us.ibm.com> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 80c2e3add3a2..633c246b6775 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -2878,7 +2878,8 @@ cleanup_volume_info_contents(struct smb_vol *volume_info) kfree(volume_info->username); kzfree(volume_info->password); kfree(volume_info->UNC); - kfree(volume_info->UNCip); + if (volume_info->UNCip != volume_info->UNC + 2) + kfree(volume_info->UNCip); kfree(volume_info->domainname); kfree(volume_info->iocharset); kfree(volume_info->prepath); -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org