From: Chenglong Tang <chenglongtang@google.com>
To: stable@vger.kernel.org
Cc: regressions@lists.linux.dev, pc@manguebit.com,
linkinjeon@kernel.org, dhowells@redhat.com,
linux-cifs@vger.kernel.org, samba-technical@lists.samba.org,
Oleksandr Tymoshenko <ovt@google.com>,
Robert Kolchmeyer <rkolchmeyer@google.com>
Subject: Re: kernel panic caused by recent changes in fs/cifs
Date: Tue, 9 Apr 2024 23:38:57 -0700 [thread overview]
Message-ID: <CAOdxtTZhsy4=Eo+HV80ZJorasg31aWgMFSRjxjoA582HAMfnzQ@mail.gmail.com> (raw)
In-Reply-To: <CAOdxtTa0S125Lx=ipe7t_sfrBCiTqftb2=OHQcZsiXkVxvi9ZA@mail.gmail.com>
[-- Attachment #1.1: Type: text/plain, Size: 1204 bytes --]
Here is the backtrace.
On Tue, Apr 9, 2024 at 11:37 PM Chenglong Tang <chenglongtang@google.com>
wrote:
> Hi, developers,
>
> This is Chenglong Tang from the Google Container Optimized OS team. We
> recently received a kernel panic bug from the customers regarding cifs.
>
> This happened since the backport of following changes in cifs(in our
> kernel COS-5.10.208 and COS-5.15.146):
>
> cifs: Fix non-availability of dedup breaking generic/304:
> https://lore.kernel.org/r/3876191.1701555260@warthog.procyon.org.uk/
> smb: client: fix potential NULL deref in parse_dfs_referrals(): Upstream
> commit 92414333eb375ed64f4ae92d34d579e826936480
> ksmbd: fix wrong name of SMB2_CREATE_ALLOCATION_SIZE: Upstream
> commit 13736654481198e519059d4a2e2e3b20fa9fdb3e
> smb: client: fix NULL deref in asn1_ber_decoder(): Upstream commit
> 90d025c2e953c11974e76637977c473200593a46
> smb: a few more smb changes...
>
> The line that crashed is line 197 in fs/cifs/dfs_cache.c
> ```
> if (unlikely(strcmp(cp->charset, cache_cp->charset))) {
> ```
> I attached the dmesg and backtrace for debugging purposes. Let me know if
> you need more information.
>
> Best,
>
> Chenglong
>
[-- Attachment #1.2: Type: text/html, Size: 4774 bytes --]
[-- Attachment #2: backtrace.txt --]
[-- Type: text/plain, Size: 4141 bytes --]
PID: 52596 TASK: ffff992c92edc300 CPU: 9 COMMAND: "mount.cifs"
#0 [ffffb3dbc34fb948] machine_kexec at ffffffff94075f75
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/arch/x86/kernel/machine_kexec_64
.c: 358
#1 [ffffb3dbc34fb9c8] crash_kexec at ffffffff94164be3
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/include/linux/atomic/atomic-arch
-fallback.h: 173
#2 [ffffb3dbc34fba98] oops_end at ffffffff94041b46
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/arch/x86/kernel/dumpstack.c: 364
#3 [ffffb3dbc34fbac0] page_fault_oops at ffffffff94088ca7
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/arch/x86/mm/fault.c: 708
#4 [ffffb3dbc34fbb50] exc_page_fault at ffffffff94b61e06
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/arch/x86/mm/fault.c: 1483
#5 [ffffb3dbc34fbb80] asm_exc_page_fault at ffffffff94c00ba2
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/arch/x86/include/asm/idtentry.h:
568
[exception RIP: dfs_cache_canonical_path+98]
RIP: ffffffffc069dde2 RSP: ffffb3dbc34fbc38 RFLAGS: 00010246
RAX: ffffffff00000000 RBX: ffff992ddd978941 RCX: 0000000000000001
RDX: 0000000000000001 RSI: ffffffffc0727100 RDI: ffffffffc0726000
RBP: ffffb3dbc34fbc70 R8: ffff992ddd978941 R9: 0000000000000000
R10: ffffb3dbc34fbce8 R11: ffffffffc0682cb0 R12: ffffffffc0727100
R13: 0000000000000032 R14: ffffffffffffffea R15: 0000000000000001
ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/fs/cifs/dfs_cache.c: 197
#6 [ffffb3dbc34fbc78] dfs_cache_find at ffffffffc069e32b [cifs]
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/fs/cifs/dfs_cache.c: 956
#7 [ffffb3dbc34fbcb8] cifs_mount at ffffffffc0653afc [cifs]
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/fs/cifs/connect.c: 3344
#8 [ffffb3dbc34fbda8] cifs_smb3_do_mount at ffffffffc06433ff [cifs]
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/fs/cifs/cifsfs.c: 894
#9 [ffffb3dbc34fbe00] smb3_get_tree at ffffffffc069b809 [cifs]
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/include/linux/err.h: 36
#10 [ffffb3dbc34fbe28] vfs_get_tree at ffffffff94323beb
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/fs/super.c: 1518
#11 [ffffb3dbc34fbe58] do_new_mount at ffffffff9434de37
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/fs/namespace.c: 2994
#12 [ffffb3dbc34fbec0] __se_sys_mount at ffffffff9434e9a9
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/fs/namespace.c: 3337
#13 [ffffb3dbc34fbf18] do_syscall_64 at ffffffff94b5e6d1
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/arch/x86/entry/common.c: 50
#14 [ffffb3dbc34fbf50] entry_SYSCALL_64_after_hwframe at ffffffff94c000da
/build/lakitu/tmp/portage/sys-kernel/lakitu-kernel-5_15-5.15.146-r181/work/lakitu-kernel-5_15-5.15.146/arch/x86/entry/entry_64.S: 118
RIP: 00007f570da5db7a RSP: 00007ffe92d16c58 RFLAGS: 00000202
RAX: ffffffffffffffda RBX: 00005574c76cceb0 RCX: 00007f570da5db7a
RDX: 00005574c5ed345b RSI: 00005574c5ed34fa RDI: 00007ffe92d178a2
RBP: 00005574c5ed3109 R8: 00005574c76cceb0 R9: 00007ffe92d15ff0
R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffe92d178a2
R13: 00005574c76cdf40 R14: 000000000000000a R15: 00007f570d94e000
ORIG_RAX: 00000000000000a5 CS: 0033 SS: 002b
next prev parent reply other threads:[~2024-04-10 6:39 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-10 6:37 kernel panic caused by recent changes in fs/cifs Chenglong Tang
2024-04-10 6:38 ` Chenglong Tang [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-04-10 6:41 Chenglong Tang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAOdxtTZhsy4=Eo+HV80ZJorasg31aWgMFSRjxjoA582HAMfnzQ@mail.gmail.com' \
--to=chenglongtang@google.com \
--cc=dhowells@redhat.com \
--cc=linkinjeon@kernel.org \
--cc=linux-cifs@vger.kernel.org \
--cc=ovt@google.com \
--cc=pc@manguebit.com \
--cc=regressions@lists.linux.dev \
--cc=rkolchmeyer@google.com \
--cc=samba-technical@lists.samba.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).