Thanks for the update - it will be very helpful if we can make sure that when something like this is found that we add a simple (hopefully a test that adds less than 1 minute to execution time) xfstest or script that we can add to tests/cifs in xfstests that will ensure that we never regress that scenario in the future. We are trying to add more and more tests to the 'buildbot' (http://smb3-test-rhel-75.southcentralus.cloudapp.azure.com) to continue to improve automated functional test verification for cifs.ko (it has already been an enormous help just in the last few months) On Mon, Mar 18, 2019 at 1:21 AM Murphy Zhou <jencce.kernel@xxxxxxxxx> wrote: > > Hi, > > My mail account got stuck for a few days and I missed you guys' reply > about generic/013 hang. > > The commits Ronnie mentioned have been merged into Linus tress, and > tests passed. Thanks! > > The commit Pavel talked about is not merged yet. I'll test after it > hit Linus tree or any -for-next branch. > > The setup I'm using is: > ---------------------------------------------- > # cat /etc/samba/smb.conf > [test] > path = /export/cifstest > writeable = yes > [scratch] > path = /export/cifsscratch > writeable = yes > # cat xfstests-dev/local.config > TEST_DEV=//localhost/test > TEST_DIR=/cifsmnt > SCRATCH_DEV=//localhost/scratch > SCRATCH_MNT=/cifssch > FSTYP=cifs > MOUNT_OPTIONS="-o vers=3.0,username=root,password=redhat,sfu,mfsymlinks" > TEST_FS_MOUNT_OPTS="-o vers=3.0,username=root,password=redhat,sfu,mfsymlinks" > MKFS_OPTIONS="" > -------------------------------------------------------- > > > Now with kernel updated to 5.1-rc1, generic/446 starts to panic. It's > easy to reproduce. I'm going to bisect this issue, just sending this > email to give you guys a update and heads up. :) > > [ 4991.913298] detected buffer overflow in strcat > [ 4991.918273] ------------[ cut here ]------------ > [ 4991.923422] kernel BUG at lib/string.c:1053! > [ 4991.928190] invalid opcode: 0000 [#1] SMP PTI > [ 4991.933048] CPU: 0 PID: 860 Comm: kworker/0:1 Not tainted 5.0.0+ #1 > [ 4991.940037] Hardware name: IBM IBM System X3250 M4 > -[2583AC1]-/00D3729, BIOS -[JQE164AUS-1.07]- 12/09/2013 > [ 4991.950832] Workqueue: cifsoplockd cifs_oplock_break [cifs] > [ 4991.957049] RIP: 0010:fortify_panic+0xf/0x1a > [ 4991.961811] Code: 48 89 cf 48 0f 42 e8 48 89 ea e8 86 94 00 00 c6 > 04 28 00 48 89 d8 5b 5d c3 0f 0b 48 89 fe 48 c7 c7 d8 a6 b3 bc e8 09 > 46 8c ff <0f> 0b 90 90 90 90 90 90 90 90 90 55 48 89 fa 48 89 fd 31 c9 > 53 48 > [ 4991.982764] RSP: 0018:ffff98d689897e00 EFLAGS: 00010246 > [ 4991.988591] RAX: 0000000000000022 RBX: 0000000000000000 RCX: 0000000000000000 > [ 4991.996551] RDX: 0000000000000000 RSI: ffff8b53f7a15a98 RDI: ffff8b53f7a15a98 > [ 4992.004512] RBP: ffff8b53ee63bd08 R08: 0000000000000f89 R09: 0000000000000000 > [ 4992.012471] R10: 0000000000000000 R11: ffff98d689897cb0 R12: 0000000000000000 > [ 4992.020432] R13: 0000000000000003 R14: ffff8b53f5bb1800 R15: ffff8b53f5bb7000 > [ 4992.028393] FS: 0000000000000000(0000) GS:ffff8b53f7a00000(0000) > knlGS:0000000000000000 > [ 4992.037420] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [ 4992.043830] CR2: 000000000062aa28 CR3: 0000000102c0e002 CR4: 00000000001606f0 > [ 4992.051789] Call Trace: > [ 4992.054537] smb21_set_oplock_level.cold.39+0xc/0xc [cifs] > [ 4992.060673] smb3_set_oplock_level+0x1d/0x80 [cifs] > [ 4992.066125] cifs_oplock_break+0x89/0x400 [cifs] > [ 4992.071276] process_one_work+0x1a1/0x3a0 > [ 4992.075746] worker_thread+0x30/0x380 > [ 4992.079828] ? mod_delayed_work_on+0x90/0x90 > [ 4992.084588] kthread+0x112/0x130 > [ 4992.088185] ? __kthread_parkme+0x70/0x70 > [ 4992.092655] ret_from_fork+0x35/0x40 > [ 4992.096640] Modules linked in: loop dm_mod arc4 md4 sha512_ssse3 > sha512_generic cmac nls_utf8 cifs ccm dns_resolver sunrpc intel_rapl > x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass > crct10dif_pclmul crc32_pclmul ext4 iTCO_wdt cdc_ether > ghash_clmulni_intel usbnet ipmi_ssif iTCO_vendor_support mii > intel_cstate gpio_ich sg intel_uncore ipmi_devintf intel_rapl_perf > mbcache pcspkr i2c_i801 jbd2 ipmi_msghandler lpc_ich ie31200_edac xfs > libcrc32c sr_mod sd_mod cdrom ata_generic mgag200 i2c_algo_bit > drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm > ata_piix libata crc32c_intel e1000e wmi > [ 4992.158052] ---[ end trace 5d01c28800220e20 ]--- > [ 4992.163209] RIP: 0010:fortify_panic+0xf/0x1a > [ 4992.167973] Code: 48 89 cf 48 0f 42 e8 48 89 ea e8 86 94 00 00 c6 > 04 28 00 48 89 d8 5b 5d c3 0f 0b 48 89 fe 48 c7 c7 d8 a6 b3 bc e8 09 > 46 8c ff <0f> 0b 90 90 90 90 90 90 90 90 90 55 48 89 fa 48 89 fd 31 c9 > 53 48 > [ 4992.188930] RSP: 0018:ffff98d689897e00 EFLAGS: 00010246 > [ 4992.194761] RAX: 0000000000000022 RBX: 0000000000000000 RCX: 0000000000000000 > [ 4992.202725] RDX: 0000000000000000 RSI: ffff8b53f7a15a98 RDI: ffff8b53f7a15a98 > [ 4992.210686] RBP: ffff8b53ee63bd08 R08: 0000000000000f89 R09: 0000000000000000 > [ 4992.218650] R10: 0000000000000000 R11: ffff98d689897cb0 R12: 0000000000000000 > [ 4992.226613] R13: 0000000000000003 R14: ffff8b53f5bb1800 R15: ffff8b53f5bb7000 > [ 4992.234576] FS: 0000000000000000(0000) GS:ffff8b53f7a00000(0000) > knlGS:0000000000000000 > [ 4992.243606] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [ 4992.250017] CR2: 000000000062aa28 CR3: 0000000102c0e002 CR4: 00000000001606f0 > [ 4992.257979] Kernel panic - not syncing: Fatal exception > [ 4992.263838] Kernel Offset: 0x3aa00000 from 0xffffffff81000000 > (relocation range: 0xffffffff80000000-0xffffffffbfffffff) > [ 4992.275862] ---[ end Kernel panic - not syncing: Fatal exception ]--- > > Thanks, > M -- Thanks, Steve
