got a reproducible oops with 2.4.0-test8 when trying to login via kdm as user with restricted quota on local fs - ssh/telnet do not trigger this issue. 2.4.0-test7 was fine too. The enclosed trace shows a NULL pointer dereference of an unchecked struct dquot * passed to check_idq() - called from dquot_transfer(). Looking at the diff's of test7 vs. test8, I believe the reason might be the new cnt=0..MAXQUOTAS-loop from which check_idq() is called. Located after the first loop of this kind it might happen that transfer_to[cnt] is initialized to NODQUOT from the first loop (due to several continue's e.g.) when entering the second loop. Unfortunately I do not feel familiar enough to the quota code to provide a patch for this problem. Martin PS: chown of a root-owned file (no quota for root) to some user with quota triggers the same problem. After several repetitions the chown ended up in 'D' state even prohibiting sync'ing the disks. output from ksymoops as follows: ------------------------------------------------------- ksymoops 2.3.3 on i586 2.4.0-test8. Options used -V (default) -k /proc/ksyms (default) -l /proc/modules (default) -o /lib/modules/2.4.0-test8/ (default) -m /boot/System.map-2.4.0-test8 (specified) Sep 11 00:36:47 srv kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000034 Sep 11 00:36:47 srv kernel: c015e131 Sep 11 00:36:47 srv kernel: *pde = 00000000 Sep 11 00:36:47 srv kernel: Oops: 0000 Sep 11 00:36:47 srv kernel: CPU: 0 Sep 11 00:36:47 srv kernel: EIP: 0010:[check_idq+13/304] Sep 11 00:36:47 srv kernel: EFLAGS: 00010202 Sep 11 00:36:47 srv kernel: eax: 00000000 ebx: 00000000 ecx: 00000001 edx: 00000001 Sep 11 00:36:47 srv kernel: esi: 00008180 edi: 00000004 ebp: c2f7df24 esp: c2f7dee8 Sep 11 00:36:47 srv kernel: ds: 0018 es: 0018 ss: 0018 Sep 11 00:36:47 srv kernel: Process kdm (pid: 889, stackpage=c2f7d000) Sep 11 00:36:47 srv kernel: Stack: 00000000 c015ee77 00000000 00000001 c2f7df54 00008180 c2fc71c0 bfffea6c Sep 11 00:36:47 srv kernel: 00000001 c2f7df2c 0000000b c01346a2 ffffff86 0000df58 c2fe27e0 00000000 Sep 11 00:36:47 srv kernel: 00000000 00000000 00000000 c012aba2 c2fc71c0 c2f7df54 c2fe27e0 ffffffff Sep 11 00:36:47 srv kernel: Call Trace: [dquot_transfer+615/1168] [cached_lookup+14/80] [chown_common+254/280] [__user_walk+75/84] [sys_chown+47/68] [sys_chown16+47/52] [system_call+51/64] Sep 11 00:36:47 srv kernel: Code: f6 43 34 40 74 09 31 c0 e9 11 01 00 00 89 f6 8b 53 48 85 d2 Using defaults from ksymoops -t elf32-i386 -a i386 Code; 00000000 Before first symbol 00000000 <_EIP>: Code; 00000000 Before first symbol 0: f6 43 34 40 testb $0x40,0x34(%ebx) Code; 00000004 Before first symbol 4: 74 09 je f <_EIP+0xf> 0000000f Before first symbol Code; 00000006 Before first symbol 6: 31 c0 xor %eax,%eax Code; 00000008 Before first symbol 8: e9 11 01 00 00 jmp 11e <_EIP+0x11e> 0000011e Before first symbol Code; 0000000d Before first symbol d: 89 f6 mov %esi,%esi Code; 0000000f Before first symbol f: 8b 53 48 mov 0x48(%ebx),%edx Code; 00000012 Before first symbol 12: 85 d2 test %edx,%edx - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] Please read the FAQ at http://www.tux.org/lkml/