Jammy 22.04 linux-image-6.5.0-28-generic (6.5.0-28.29~22.04.1) is also affected by this error
Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945190] BUG: unable to handle page fault for address: fffffffffffffffe Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945207] #PF: supervisor read access in kernel mode Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945215] #PF: error_code(0x0000) - not-present page Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945222] PGD 25923f067 P4D 25923f067 PUD 259241067 PMD 0 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945240] Oops: 0000 [#1] PREEMPT SMP PTI Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945252] CPU: 1 PID: 39052 Comm: KIO::WorkerThre Tainted: P OE 6.5.0-28-generic #29~22.04.1-Ubuntu Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945264] Hardware name: Dell Inc. Precision 3630 Tower/0NNNCT, BIOS 2.15.0 07/04/2022 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945271] RIP: 0010:cifs_flush_folio+0x41/0xf0 [cifs] Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945504] Code: 49 89 cd 31 c9 41 54 49 89 f4 48 c1 ee 0c 53 48 83 ec 08 48 8b 7f 30 44 89 45 d4 e8 c9 d1 4f e9 48 89 c3 31 c0 48 85 db 74 77 <48> 8b 13 b8 00 10 00 00 f7 c2 00 00 01 00 74 10 0f b6 4b 51 48 d3 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945514] RSP: 0018:ffffadb0875e3cc8 EFLAGS: 00010282 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945524] RAX: 0000000000000000 RBX: fffffffffffffffe RCX: 0000000000000000 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945532] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945539] RBP: ffffadb0875e3cf8 R08: 0000000000000000 R09: 0000000000000000 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945545] R10: 000000000000d3b4 R11: 0000000000000000 R12: 000000000000d3b4 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945552] R13: ffffadb0875e3d40 R14: ffff937a81d2dda0 R15: ffffadb0875e3d38 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945559] FS: 00007b76137fe640(0000) GS:ffff937beba40000(0000) knlGS:0000000000000000 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945568] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945575] CR2: fffffffffffffffe CR3: 00000001683fa004 CR4: 00000000003706e0 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945583] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945589] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945596] Call Trace: Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945602] <TASK> Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945611] ? show_regs+0x6d/0x80 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945630] ? __die+0x24/0x80 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945645] ? page_fault_oops+0x99/0x1b0 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945662] ? kernelmode_fixup_or_oops+0xb2/0x140 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945679] ? __bad_area_nosemaphore+0x1a5/0x2c0 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945692] ? alloc_skb_with_frags+0x4a/0x280 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945714] ? bad_area_nosemaphore+0x16/0x30 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945723] ? do_kern_addr_fault+0x7b/0xa0 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945732] ? exc_page_fault+0x10d/0x1b0 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945743] ? asm_exc_page_fault+0x27/0x30 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945760] ? cifs_flush_folio+0x41/0xf0 [cifs] Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.945969] ? cifs_flush_folio+0x37/0xf0 [cifs] Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946174] cifs_remap_file_range+0x45d/0x670 [cifs] Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946381] do_clone_file_range+0x101/0x2d0 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946399] vfs_clone_file_range+0x3f/0x150 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946414] ioctl_file_clone+0x52/0xc0 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946428] do_vfs_ioctl+0x7e/0x910 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946439] ? ksys_write+0xe6/0x100 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946451] ? __fget_light+0xa5/0x120 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946466] __x64_sys_ioctl+0x7d/0xf0 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946479] do_syscall_64+0x58/0x90 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946494] ? do_syscall_64+0x67/0x90 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946505] ? exc_page_fault+0x94/0x1b0 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946515] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946524] RIP: 0033:0x7b7688f1a94f Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946594] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <41> 89 c0 3d 00 f0 ff ff 77 1f 48 8b 44 24 18 64 48 2b 04 25 28 00 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946602] RSP: 002b:00007b761377d430 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946614] RAX: ffffffffffffffda RBX: 00007b761377d5a0 RCX: 00007b7688f1a94f Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946620] RDX: 000000000000003a RSI: 0000000040049409 RDI: 0000000000000048 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946627] RBP: 00007b76000038a0 R08: 00007b76000017d0 R09: 0000000000000001 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946634] R10: 00007b7688e11df0 R11: 0000000000000246 R12: 00007b76137fd7f8 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946640] R13: 00007b761377d580 R14: 00007b761377d560 R15: 00007b761377d5c0 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946655] </TASK> Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946660] Modules linked in: ufs qnx4 hfsplus hfs minix ntfs msdos jfs xfs nls_utf8 cifs cifs_arc4 cifs_md4 fscache netfs ccm rfcomm cmac algif_hash algif_skcipher af_alg overlay bnep nvidia_uvm(POE) snd_sof_pci_intel_cnl snd_sof_intel_hda_common soundwire_intel snd_sof_intel_hda_mlink sunrpc soundwire_cadence snd_sof_intel_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof snd_sof_utils snd_soc_hdac_hda snd_hda_ext_core intel_rapl_msr snd_soc_acpi_intel_match intel_rapl_common nvidia_drm(POE) snd_soc_acpi intel_tcc_cooling soundwire_generic_allocation nvidia_modeset(POE) x86_pkg_temp_thermal intel_powerclamp binfmt_misc snd_hda_codec_realtek soundwire_bus snd_hda_codec_generic snd_soc_core snd_hda_codec_hdmi snd_compress ac97_bus snd_pcm_dmaengine snd_hda_intel nls_iso8859_1 snd_intel_dspcfg snd_intel_sdw_acpi coretemp snd_hda_codec snd_hda_core kvm_intel snd_hwdep snd_pcm kvm snd_seq_midi mt7601u btusb snd_seq_midi_event btrtl mei_hdcp mei_pxp nvidia (POE) irqbypass btbcm snd_rawmidi mac80211 btintel snd_seq btmtk dell_wmi Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.946896] rapl dell_smm_hwmon snd_seq_device intel_cstate cmdlinepart bluetooth dell_smbios snd_timer cfg80211 spi_nor dcdbas ecdh_generic dell_wmi_sysman ledtrig_audio dell_wmi_aio input_leds firmware_attributes_class libarc4 joydev dell_wmi_descriptor sparse_keymap intel_wmi_thunderbolt mtd wmi_bmof snd ecc ee1004 mei_me soundcore drm_kms_helper mei intel_pch_thermal ie31200_edac mac_hid acpi_pad sch_fq_codel msr parport_pc ppdev nf_tables lp nfnetlink parport drm efi_pstore ip_tables x_tables autofs4 hid_logitech_hidpp hid_logitech_dj hid_generic usbhid hid btrfs blake2b_generic raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear uas usb_storage crct10dif_pclmul crc32_pclmul polyval_clmulni polyval_generic ghash_clmulni_intel sha256_ssse3 sha1_ssse3 aesni_intel crypto_simd cryptd i2c_i801 spi_intel_pci e1000e r8169 intel_lpss_pci ahci spi_intel i2c_smbus xhci_pci inte l_lpss realtek libahci xhci_pci_renesas idma64 video wmi Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.947260] pinctrl_cannonlake Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.947275] CR2: fffffffffffffffe Apr 30 08:18:25 pzh-pc-sk3 kernel: [73202.947283] ---[ end trace 0000000000000000 ]--- Apr 30 08:18:25 pzh-pc-sk3 kernel: [73203.016560] RIP: 0010:cifs_flush_folio+0x41/0xf0 [cifs] Apr 30 08:18:25 pzh-pc-sk3 kernel: [73203.016731] Code: 49 89 cd 31 c9 41 54 49 89 f4 48 c1 ee 0c 53 48 83 ec 08 48 8b 7f 30 44 89 45 d4 e8 c9 d1 4f e9 48 89 c3 31 c0 48 85 db 74 77 <48> 8b 13 b8 00 10 00 00 f7 c2 00 00 01 00 74 10 0f b6 4b 51 48 d3 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73203.016734] RSP: 0018:ffffadb0875e3cc8 EFLAGS: 00010282 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73203.016736] RAX: 0000000000000000 RBX: fffffffffffffffe RCX: 0000000000000000 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73203.016738] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73203.016739] RBP: ffffadb0875e3cf8 R08: 0000000000000000 R09: 0000000000000000 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73203.016740] R10: 000000000000d3b4 R11: 0000000000000000 R12: 000000000000d3b4 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73203.016741] R13: ffffadb0875e3d40 R14: ffff937a81d2dda0 R15: ffffadb0875e3d38 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73203.016743] FS: 00007b76137fe640(0000) GS:ffff937beba40000(0000) knlGS:0000000000000000 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73203.016744] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Apr 30 08:18:25 pzh-pc-sk3 kernel: [73203.016746] CR2: fffffffffffffffe CR3: 00000001683fa004 CR4: 00000000003706e0 -- Bye Thorsten -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2060919 Title: cifs: Copying file to same directory results in page fault Status in linux package in Ubuntu: Invalid Status in linux source package in Mantic: Fix Committed Bug description: BugLink: https://bugs.launchpad.net/bugs/2060919 [Impact] Copying or modifying a file to the same directory within a cifs mount results in a page fault, and the process that initiated the copy being killed. This could be cp, nautilus, etc. This results in the following oops: BUG: unable to handle page fault for address: fffffffffffffffe #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD f45a3f067 P4D f45a3f067 PUD f45a41067 PMD 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 0 PID: 28103 Comm: Thread (pooled) Tainted: P OE 6.5.0-27-generic #28-Ubuntu RIP: 0010:cifs_flush_folio+0x41/0xf0 [cifs] Code: 49 89 cd 31 c9 41 54 49 89 f4 48 c1 ee 0c 53 48 83 ec 08 48 8b 7f 30 44 89 45 d4 e8 79 b3 23 f1 48 89 c3 31 c0 48 85 db 74 77 <48> 8b 13 b8 00 10 00 00 f7 c2 00 00 01 00 74 10 0f b6 4b 51 48 d3 RSP: 0018:ffffaab6865ffbf8 EFLAGS: 00010282 RAX: 0000000000000000 RBX: fffffffffffffffe RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffaab6865ffc28 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000023854 R11: 0000000000000000 R12: 0000000000000000 R13: ffffaab6865ffc78 R14: ffff906675d8aed0 R15: ffffaab6865ffc70 FS: 00007bd4d594b6c0(0000) GS:ffff90753f800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: fffffffffffffffe CR3: 000000017022a000 CR4: 0000000000750ef0 PKRU: 55555554 Call Trace: <TASK> ? show_regs+0x6d/0x80 ? __die+0x24/0x80 ? page_fault_oops+0x99/0x1b0 ? kernelmode_fixup_or_oops+0xb2/0x140 ? __bad_area_nosemaphore+0x1a5/0x2c0 ? bad_area_nosemaphore+0x16/0x30 ? do_kern_addr_fault+0x7b/0xa0 ? exc_page_fault+0x1a4/0x1b0 ? asm_exc_page_fault+0x27/0x30 ? cifs_flush_folio+0x41/0xf0 [cifs] ? cifs_flush_folio+0x37/0xf0 [cifs] cifs_remap_file_range+0x172/0x660 [cifs] do_clone_file_range+0x101/0x2d0 vfs_clone_file_range+0x3f/0x150 ioctl_file_clone+0x52/0xc0 do_vfs_ioctl+0x68f/0x910 ? __fget_light+0xa5/0x120 __x64_sys_ioctl+0x7d/0xf0 do_syscall_64+0x59/0x90 ? kmem_cache_free+0x22/0x3e0 ? putname+0x5b/0x80 ? exit_to_user_mode_prepare+0x30/0xb0 ? syscall_exit_to_user_mode+0x37/0x60 ? do_syscall_64+0x68/0x90 ? do_syscall_64+0x68/0x90 ? do_syscall_64+0x68/0x90 There is no known workaround. [Fix] The stacktrace is very similar to a regression reported to upstream 6.1.y: https://lore.kernel.org/linux- mm/a76b370f93cb928c049b94e1fde0d2da506dfcb2.ca...@amazon.com/T/ The thread mentions that: commit 7b2404a886f8b91250c31855d287e632123e1746 Author: David Howells <dhowe...@redhat.com> Date: Fri Dec 1 00:22:00 2023 +0000 Subject: cifs: Fix flushing, invalidation and file size with copy_file_range() Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7b2404a886f8b91250c31855d287e632123e1746 introduced the issue to Debian's 6.1 kernel. This got backported to Ubuntu in: commit 3adbe2ccd8b9b8fde93e03958d6176945794d288 Author: David Howells <dhowe...@redhat.com> Date: Fri Dec 1 00:22:00 2023 +0000 Subject: cifs: Fix flushing, invalidation and file size with copy_file_range() $ git describe --contains 3adbe2ccd8b9b8fde93e03958d6176945794d288 Ubuntu-6.5.0-20.20~107 Which we have been using for some time now, and is not the culprit. Reading the regression mailing list thread, they mention that things work differently in 6.1: > Yeah. __filemap_get_folio() works differently in v6.1.y. There it returns a > folio or NULL. In 6.7 it returns a folio or a negative error code. The error > check in cifs_flush_folio() needs to change to something like: > > folio = filemap_get_folio(inode->i_mapping, index); > if (!folio) > return -ENOMEM; > > David 6.1.y then got a specific patch to fix the issue in 6.1, which is: commit 21bb2ba4f1ac1e3a57594be62dd74e7b1401b2b1 Author: Steve French <stfre...@microsoft.com> Date: Fri Jan 12 23:08:51 2024 -0600 Subject: cifs: fix flushing folio regression for 6.1 backport Link: https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/mantic/commit/?id=21bb2ba4f1ac1e3a57594be62dd74e7b1401b2b1 $ git describe --contains 21bb2ba4f1ac1e3a57594be62dd74e7b1401b2b1 Ubuntu-6.5.0-27.28~162 Since the Ubuntu mantic kernel consumes both 6.1.y and 6.7.y / 6.8.y stable patches, this patch was applied to mantic's 6.5 kernel by mistake, and contains the wrong logic for how __filemap_get_folio() works in 6.5. The fix is to revert "cifs: fix flushing folio regression for 6.1 backport" as a SAUCE patch. [Testcase] Start two VMs. One is recommended to be Debian 12, which is what some users have had luck with in the past, as the server, and the client can be mantic. Server ------ $ sudo apt update $ sudo apt upgrade $ sudo apt install samba $ sudo vim /etc/samba/smb.conf server min protocol = NT1 [sambashare] comment = Samba on Ubuntu path = /home/ubuntu/sambashare read only = no browsable = yes $ mkdir ~/sambashare $ sudo smbpasswd -a ubuntu Client ------ $ sudo apt update $ sudo apt install cifs-utils $ mkdir ~/share $ sudo mount -t cifs -o username=ubuntu //192.168.122.185/sambashare ~/share Password for ubuntu@//192.168.122.185/sambashare: $ mount -l ... //192.168.122.185/sambashare on /home/ubuntu/share type cifs (rw,relatime,vers=3.1.1,cache=strict,username=ubuntu,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.122.185,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=4194304,wsize=4194304,bsize=1048576,echo_interval=60,actimeo=1,closetimeo=1) $ ls hallo.txt hello.txt sample.txt sample2.txt $ sudo cp hello.txt hello.txt.1 Killed If you install the test kernel available from the following ppa: https://launchpad.net/~mruffell/+archive/ubuntu/lp2060919-test The copy will work as expected. [Where problems could occur] Reverting the patch restores logic back to how it was between 6.5.0-20-generic through to 6.5.0-26-generic, which functions, and is well tested by the community. If a regression were to occur, it would impact all writes to cifs mounts, particularly to the same destination directory as the origin file. There is no known workarounds. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2060919/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
