Bug 5316 - CIFS error crash system
Summary: CIFS error crash system
Status: RESOLVED PATCH_ALREADY_AVAILABLE
Alias: None
Product: File System
Classification: Unclassified
Component: Samba/SMB (show other bugs)
Hardware: i386 Linux
: P2 normal
Assignee: Steve French
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-09-27 02:41 UTC by G
Modified: 2005-10-12 09:21 UTC (History)
0 users

See Also:
Kernel Version: 2.6.8 to 2.6.11
Subsystem:
Regression: ---
Bisected commit-id:


Attachments

Description G 2005-09-27 02:41:02 UTC
Most recent kernel where this bug did not occur: 2.4.27

Distribution: debian sarge with 2.6.11-1-686-smp

Hardware Environment:
Supermicro Board X6DAL-TG with 2 x XEON 3GHz and 1GB RAM
3Ware-9500s-8 SATA Controller

Software Environment:
Debian Sarge default installation
SAMBA 3.0.14a-3
StoreBackup 1.19-1

Problem Description:
If I mount a windows-share with mount -t cifs ... and copy files from windows to
linux I get several errors like this:

Sep 21 00:01:33 localhost kernel:  CIFS VFS: Send error in FindClose = -9

After a while the kernel crashs:

Sep 23 08:55:18 localhost kernel: Unable to handle kernel paging request at
virtual address 4d0427b6
Sep 23 08:55:18 localhost kernel:  printing eip:
Sep 23 08:55:18 localhost kernel: f8ce0d88
Sep 23 08:55:18 localhost kernel: *pde = 00000000
Sep 23 08:55:18 localhost kernel: Oops: 0000 [#2]
Sep 23 08:55:18 localhost kernel: SMP 
Sep 23 08:55:18 localhost kernel: Modules linked in: nls_cp437 nls_iso8859_1
cifs ipv6 tsdev mousedev snd_intel8x0 snd_ac97
_codec snd_pcm snd_timer snd snd_page_alloc i810_audio ac97_codec soundcore
i2c_i801 i2c_core ext2 mbcache capability commo
ncap xfs exportfs parport_pc parport evdev pcspkr 8139cp shpchp pci_hotplug
psmouse genrtc sd_mod 3w_9xxx e1000 8139too mii
 yenta_socket rsrc_nonstatic pcmcia_core ide_cd cdrom ide_disk ide_generic
pdc202xx_new aec62xx alim15x3 amd74xx atiixp cmd
64x cs5520 cs5530 cy82c693 generic hpt34x ns87415 opti621 pdc202xx_old rz1000
sc1200 serverworks siimage sis5513 slc90e66 t
riflex trm290 via82cxxx floppy usb_storage scsi_mod piix ide_core vga16fb
vgastate usbserial usbhid usbkbd ehci_hcd uhci_hc
d usbcore thermal processor fan unix fbcon font bitblit vesafb cfbcopyarea
cfbimgblt cfbfillrect
Sep 23 08:55:18 localhost kernel: CPU:    2
Sep 23 08:55:18 localhost kernel: EIP:    0060:[pg0+949050760/1069757440]    Not
tainted VLI
Sep 23 08:55:18 localhost kernel: EFLAGS: 00010217   (2.6.11-1-686-smp) 
Sep 23 08:55:18 localhost kernel: EIP is at mark_open_files_invalid+0x28/0x40 [cifs]
Sep 23 08:55:18 localhost kernel: eax: 4d0427b6   ebx: d9185580   ecx: d9185588
  edx: 4d0427b6
Sep 23 08:55:18 localhost kernel: esi: 0559fd6d   edi: e7c73ef4   ebp: d9185580
  esp: e7c73db0
Sep 23 08:55:18 localhost kernel: ds: 007b   es: 007b   ss: 0068
Sep 23 08:55:18 localhost kernel: Process df (pid: 19154, threadinfo=e7c72000
task=c9622020)
Sep 23 08:55:18 localhost kernel: Stack: f8c054a0 f8ce123e d9185580 f7e93180
f8c054a0 00020001 000006af c0206885 
Sep 23 08:55:18 localhost kernel:        00000000 0000001d 0000094f 00000001
c035ff68 c55a2c1c 00000003 00000951 
Sep 23 08:55:18 localhost kernel:        0035ff68 0000000a 00000046 e7c73ea8
dff7ad00 f7832dfc 00000046 e7c73ea8 
Sep 23 08:55:18 localhost kernel: Call Trace:
Sep 23 08:55:18 localhost kernel:  [pg0+949051966/1069757440]
smb_init+0x1ee/0x2b0 [cifs]
Sep 23 08:55:18 localhost kernel:  [n_tty_receive_buf+405/4224]
n_tty_receive_buf+0x195/0x1080
Sep 23 08:55:18 localhost kernel:  [apic_timer_interrupt+28/36]
apic_timer_interrupt+0x1c/0x24
Sep 23 08:55:18 localhost kernel:  [pg0+949068781/1069757440]
CIFSSMBQFSInfo+0x5d/0x280 [cifs]
Sep 23 08:55:18 localhost kernel:  [pg0+949047945/1069757440]
cifs_statfs+0x69/0xe0 [cifs]
Sep 23 08:55:18 localhost kernel:  [vfs_statfs+100/128] vfs_statfs+0x64/0x80
Sep 23 08:55:18 localhost kernel:  [vfs_statfs64+27/80] vfs_statfs64+0x1b/0x50
Sep 23 08:55:18 localhost kernel:  [sys_statfs64+129/208] sys_statfs64+0x81/0xd0
Sep 23 08:55:18 localhost kernel:  [tty_ldisc_deref+99/128]
tty_ldisc_deref+0x63/0x80
Sep 23 08:55:18 localhost kernel:  [tty_write+529/640] tty_write+0x211/0x280
Sep 23 08:55:18 localhost kernel:  [write_chan+0/544] write_chan+0x0/0x220
Sep 23 08:55:18 localhost kernel:  [dnotify_parent+58/176] dnotify_parent+0x3a/0xb0
Sep 23 08:55:18 localhost kernel:  [sys_write+81/128] sys_write+0x51/0x80
Sep 23 08:55:18 localhost kernel:  [syscall_call+7/11] syscall_call+0x7/0xb
Sep 23 08:55:18 localhost kernel: Code: 90 90 90 53 b8 d8 2d d1 f8 8b 5c 24 08
e8 c1 c1 5c c7 8b 43 08 8d 4b 08 39 c8 8b 10
 74 11 90 8d 74 26 00 80 48 24 02 89 d0 39 c8 <8b> 12 75 f4 5b b8 d8 2d d1 f8 e9
b9 c1 5c c7 89 f6 8d bc 27 00


Steps to reproduce:
Mount a windos share with mount -t cifs //<servername>/share /mnt
Copy a lot of files parallel, i.e. with storeBackup, a programm to backup files
to a harddisk. If I change the storeBackup-Parameter to noCopy=4 (copy parallel
4 files) and noCompress=12 (compress parallel 12 files with gzip) the error occurs.
The error isn't in storebackup because I can backup a nfs-mount without problems.
After several minutes the systems crash.
This error occurs on two identical servers.
Comment 1 Steve French 2005-09-27 14:53:12 UTC
Any data on whether this also fails with current mainline kernel?
Comment 2 G 2005-09-27 23:32:29 UTC
No, I don't try it with a mainline kernel. 
Comment 3 G 2005-10-11 03:08:58 UTC
I build a mainline kernel 2.6.13-2 and the system doesn't crash again. But I
still have some errors like

Sep 28 01:06:38 localhost kernel:  CIFS VFS: Send error in FindClose = -9

I will write a bug report to the debian mailing list.

Thanks a lot!
Comment 4 Steve French 2005-10-11 10:47:19 UTC
Let me know if you see a scenario in which you can recreate the FindClose
warning which you mention is sometimes logged to dmesg.

If the search (readdir, ie cifs FindFirst) is marked as closed in the case when
all entries have been returned, then sending the SMB/CIFS FindClose request (on
close of the directory) is not needed and sending one would be redundant and
return bad file handle (as you see).

Although this is harmless, it should not normally happen and is worth looking
into  a little.
Comment 5 G 2005-10-12 00:07:00 UTC
Thank you for the help.

There is only a FindClose-error in this case you descripe.

You can close the bug. I have to inform the debian-people, that the bug is only
in the debian-kernel.

Thanks a lot to all people here! They do a great job!

    G

Note You need to log in before you can comment on or make changes to this bug.