Hi ronnie, I've run xfstests against this version and I still hit oopses unfortunately :( Similar spot, generic/339 against samba master git, lots of mkdirs (so lots of compounding): fs/cifs/inode.c: CIFS VFS: in cifs_mkdir as Xid: 668528 with uid: 0 fs/cifs/inode.c: cifs_mkdir returned 0xfffffffe fs/cifs/inode.c: CIFS VFS: leaving cifs_mkdir (xid = 668528) rc = -2 fs/cifs/inode.c: In cifs_mkdir, mode = 0x1c0 inode = 0x00000000b0925e3a fs/cifs/inode.c: CIFS VFS: in cifs_mkdir as Xid: 668530 with uid: 0 fs/cifs/inode.c: cifs_mkdir returned 0xfffffffe fs/cifs/inode.c: CIFS VFS: leaving cifs_mkdir (xid = 668530) rc = -2 fs/cifs/dir.c: Invalid file name fs/cifs/dir.c: CIFS VFS: leaving cifs_lookup (xid = 668531) rc = -22 fs/cifs/inode.c: cifs_mkdir returned 0xfffffffe fs/cifs/smb2ops.c: disabling oplocks CIFS VFS: disabling echoes and oplocks fs/cifs/connect.c: Reconnecting tcp session fs/cifs/connect.c: cifs_reconnect: marking sessions and tcons for reconnect fs/cifs/connect.c: cifs_reconnect: tearing down socket fs/cifs/connect.c: State: 0x3 Flags: 0x0 fs/cifs/connect.c: Post shutdown state: 0x3 Flags: 0x0 fs/cifs/connect.c: cifs_reconnect: moving mids to private list fs/cifs/connect.c: cifs_reconnect: issuing mid callbacks ================================================================== BUG: KASAN: null-ptr-deref in _raw_spin_lock_irqsave+0x17/0x40 Write of size 4 at addr 0000000000000000 by task cifsd/19618 CPU: 3 PID: 19618 Comm: cifsd Not tainted 4.19.0-rc2+ #20 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 Call Trace: dump_stack+0x5b/0x8b kasan_report+0x253/0x2a0 ? _raw_spin_lock_irqsave+0x17/0x40 _raw_spin_lock_irqsave+0x17/0x40 remove_wait_queue+0x12/0x50 sk_wait_data+0xf6/0x110 ? autoremove_wake_function+0x30/0x30 tcp_recvmsg+0x434/0xb00 inet_recvmsg+0xa5/0xd0 cifs_readv_from_socket+0xfe/0x1e0 cifs_read_from_socket+0x3d/0x50 ? try_to_wake_up+0x413/0x430 ? allocate_buffers+0x85/0xf0 cifs_demultiplex_thread+0xe9/0xb30 kthread+0x126/0x130 ? cifs_handle_standard+0x180/0x180 ? kthread_destroy_worker+0x40/0x40 ret_from_fork+0x35/0x40 Full log here [1]. I'm not sure why it's reconnecting right before... malformed packet? 1: http://zbeul.ist/tmp/cifs-compounding-crash-2018-09-03.txt.bz2 -- Aurélien Aptel / SUSE Labs Samba Team GPG: 1839 CB5F 9F5B FB9B AA97 8C99 03C8 A49B 521B D5D3 SUSE Linux GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
