Bug#1060005: cifs-utils: Copy file with cp, hangs with a kernel NULL pointer dereference.
Hi A fix for this issue has been queued for the 6.1.y series: https://lore.kernel.org/stable/zajygki9o5j1u...@eldamar.lan/T/#m934ca5a14db8bcef8f24329c7edee8a3592465b2 If someone additionally might or want to test testbuilds please have a look at: https://people.debian.org/~carnil/tmp/linux/1060005/ The builds are signed with my key in the Debian keyring. Regards, Salvatore
Bug#1060005: cifs-utils: Copy file with cp, hangs with a kernel NULL pointer dereference.
Package: src:linux Version: 6.1.69-1 Followup-For: Bug #1060005 Dear Maintainer, I'm running Debian 12 6.1.0-17, having recently upgraded from 6.1.0-16. On my machine, running cp on a file on my NAS causes the computer to hang for a few seconds before reporting "Killed". The cifs share becomes non-responsive afterward, requiring a reboot. I can reproduce it every time by choosing specific files. The problem does not occur if I boot with kernel 6.1.0-16 or earlier. Changing the SMB version does not appear to make a difference. I tried SMB 2.1, 3.0, 3.1, and 3.1.1. Other command line file operations cause similar issues. Running rm on the NAS sometimes returns without error, but without removing the file. Other times, rm hangs and the NAS becomes non-responsive. Once the NAS is non-responsive, umount reports it as busy unless the -l flag is used. In a GUI file manager like Konquerer or Dolphin, attempting to copy causes the file manager to hang. Rebooting requires Debian to disconnect the non- responsive NAS and kill the still-pending cp or rm file process underlying the GUI command. Using a GUI application to perform "Save As" appears to be fine. -- Package-specific info: ** Kernel log: boot messages should be attached ** Model information sys_vendor: ASUS product_name: System Product Name product_version: System Version chassis_vendor: Default string chassis_version: Default string bios_vendor: American Megatrends Inc. bios_version: 1303 board_vendor: ASUSTeK COMPUTER INC. board_name: ROG MAXIMUS Z790 HERO board_version: Rev 1.xx ** Network interface configuration: *** /etc/network/interfaces: source /etc/network/interfaces.d/* auto lo iface lo inet loopback ** PCI devices: 00:00.0 Host bridge [0600]: Intel Corporation Device [8086:a700] (rev 01) Subsystem: ASUSTeK Computer Inc. Device [1043:8882] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:06.0 PCI bridge [0604]: Intel Corporation Raptor Lake PCIe 4.0 Graphics Port [8086:a74d] (rev 01) (prog-if 00 [Normal decode]) Subsystem: ASUSTeK Computer Inc. Raptor Lake PCIe 4.0 Graphics Port [1043:8882] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:0a.0 Signal processing controller [1180]: Intel Corporation Raptor Lake Crashlog and Telemetry [8086:a77d] (rev 01) Subsystem: ASUSTeK Computer Inc. Raptor Lake Crashlog and Telemetry [1043:8882] Control: I/O- Mem+ BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- Kernel driver in use: intel_vsec Kernel modules: intel_vsec 00:0e.0 RAID bus controller [0104]: Intel Corporation Volume Management Device NVMe RAID Controller Intel Corporation [8086:a77f] DeviceName: RAID Controller Subsystem: ASUSTeK Computer Inc. Volume Management Device NVMe RAID Controller Intel Corporation [1043:8882] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- Kernel driver in use: vmd Kernel modules: vmd 00:14.0 USB controller [0c03]: Intel Corporation Device [8086:7a60] (rev 11) (prog-if 30 [XHCI]) DeviceName: USB Controller Subsystem: ASUSTeK Computer Inc. Device [1043:8882] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- SERR- Kernel driver in use: xhci_hcd Kernel modules: mei_me, xhci_pci 00:14.2 RAM memory [0500]: Intel Corporation Device [8086:7a27] (rev 11) Subsystem: ASUSTeK Computer Inc. Device [1043:8882] Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 00:14.3 Network controller [0280]: Intel Corporation Device [8086:7a70] (rev 11) Subsystem: Intel Corporation Device [8086:0094] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- Kernel driver in use: iwlwifi Kernel modules: iwlwifi 00:15.0 Serial bus controller
Bug#1060005: cifs-utils: Copy file with cp, hangs with a kernel NULL pointer dereference.
Hi, On Fri, Jan 05, 2024 at 01:52:30PM +0300, Michael Tokarev wrote: > Control: reassign -1 src:linux 6.1.69+1 > > 04.01.2024 18:52, Eduardo Nunes: > > Package: cifs-utils > > Version: 2:7.0-2 > > Severity: normal > > X-Debbugs-Cc: eduardo.david.nu...@gmail.com > > > > Dear Maintainer, > > > > > > When copying a file between directories on same mount, the operation hangs > > with: > > BUG: kernel NULL pointer dereference, address: > > in RIP: 0010:cifs_flush_folio+0x3f/0x100 [cifs] > > > > Debian12 6.1.0-17-amd run as guest in VirtualBox 7.0.12 and the mounted > > share is on the host (Windows 10). > > Works as expected in the same configuration but with Debian11 > > 5.10.0-27-amd64 as guest. > > It looks like we've regression in 6.1.69 (6.1.0-17) kernel update. > > There's at least one more report like this: > https://forum.manjaro.org/t/manjaro-vmware-guest-copying-in-thunar-to-cifs-mounted-windows-locations-fails/153942/2 > which also mentions 6.1.69 (and an update to 6.6+ fixed the issue). > > 6.1.69 had at least 3 cifs-related changes, and two of them look > very interesting in this context: > > - cifs: Fix flushing, invalidation and file size with copy_file_range() > - cifs: Fix flushing, invalidation and file size with FICLONE > > That's copy operation which fails now. > > Reassigning to linux package for now.. It's https://lore.kernel.org/linux-cifs/afbccb0c466888faa0e4753094e8ba09ed16dc51.ca...@amazon.com/ But I fear that will be lost due to missing CC's to others. So have just replied with regressions list as wel in https://lore.kernel.org/regressions/zzhrpnj3zxmr8...@eldamar.lan/ As this does not happen with upper stable series, I guess some requisite commit is missing. The mentioned commit from 6.7-rc5 was backported to 6.6.7 and 6.1.68, but it does not happen in current 6.6.9-1 as in unstable. Regards, Salvatore
Bug#1060005: cifs-utils: Copy file with cp, hangs with a kernel NULL pointer dereference.
Control: reassign -1 src:linux 6.1.69+1 04.01.2024 18:52, Eduardo Nunes: Package: cifs-utils Version: 2:7.0-2 Severity: normal X-Debbugs-Cc: eduardo.david.nu...@gmail.com Dear Maintainer, When copying a file between directories on same mount, the operation hangs with: BUG: kernel NULL pointer dereference, address: in RIP: 0010:cifs_flush_folio+0x3f/0x100 [cifs] Debian12 6.1.0-17-amd run as guest in VirtualBox 7.0.12 and the mounted share is on the host (Windows 10). Works as expected in the same configuration but with Debian11 5.10.0-27-amd64 as guest. It looks like we've regression in 6.1.69 (6.1.0-17) kernel update. There's at least one more report like this: https://forum.manjaro.org/t/manjaro-vmware-guest-copying-in-thunar-to-cifs-mounted-windows-locations-fails/153942/2 which also mentions 6.1.69 (and an update to 6.6+ fixed the issue). 6.1.69 had at least 3 cifs-related changes, and two of them look very interesting in this context: - cifs: Fix flushing, invalidation and file size with copy_file_range() - cifs: Fix flushing, invalidation and file size with FICLONE That's copy operation which fails now. Reassigning to linux package for now.. /mjt
Bug#1060005: cifs-utils: Copy file with cp, hangs with a kernel NULL pointer dereference.
Package: cifs-utils Version: 2:7.0-2 Severity: normal X-Debbugs-Cc: eduardo.david.nu...@gmail.com Dear Maintainer, When copying a file between directories on same mount, the operation hangs with: BUG: kernel NULL pointer dereference, address: in RIP: 0010:cifs_flush_folio+0x3f/0x100 [cifs] Debian12 6.1.0-17-amd run as guest in VirtualBox 7.0.12 and the mounted share is on the host (Windows 10). Works as expected in the same configuration but with Debian11 5.10.0-27-amd64 as guest. -- System Information: Debian Release: 12.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-17-amd64 (SMP w/1 CPU thread; PREEMPT) Kernel taint flags: TAINT_DIE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages cifs-utils depends on: ii libc6 2.36-9+deb12u3 ii libcap-ng00.8.3-1+b3 ii libgssapi-krb5-2 1.20.1-2+deb12u1 ii libkeyutils1 1.6.3-2 ii libkrb5-3 1.20.1-2+deb12u1 ii libpam0g 1.5.2-6+deb12u1 ii libtalloc22.4.0-f2 ii libwbclient0 2:4.17.12+dfsg-0+deb12u1 ii python3 3.11.2-1+b1 Versions of packages cifs-utils recommends: ii keyutils 1.6.3-2 Versions of packages cifs-utils suggests: ii bash-completion 1:2.11-6 pn smbclient pn winbind -- no debconf information
