Hi, On Wed, Jan 18, 2023 at 02:42:24PM +0100, Laurent Bonnaud wrote: > > Package: src:linux > Version: 6.1.4-1 > Severity: important > > Dear Maintainer, > > this system is a Debian 11 system that is used as a NFS server with the > following packages: > > ii nfs-common 1:1.3.4-6 > amd64 NFS support files common to client and server > ii nfs-kernel-server 1:1.3.4-6 > amd64 support for NFS kernel server > > I am having trouble with 5.10.x kernels, so I am trying the kernel that will > be probably in Debian 12. > > Unfortunately I see the following warning message from the kernel: > > [16875.235769] svc: svc_tcp_read_marker lockd RPC fragment too large: > 612067950 > [17014.023164] svc: svc_tcp_read_marker nfsd RPC fragment too large: 612067950 > [18029.296553] ------------[ cut here ]------------ > [18029.296558] refcount_t: underflow; use-after-free. > [18029.296572] WARNING: CPU: 2 PID: 6051 at lib/refcount.c:28 > refcount_warn_saturate+0xba/0x110 > [18029.296587] Modules linked in: ipt_REJECT nf_reject_ipv4 xt_multiport > nft_compat nf_tables libcrc32c nfnetlink cts rpcsec_gss_krb5 ipmi_ssif > intel_rapl_msr intel_rapl_common quota_v2 quota_tree skx_edac nfit libnvdimm > x86_pkg_temp_thermal intel_powerclamp coretemp ghash_clmulni_intel > sha512_ssse3 sha512_generic nls_ascii nls_cp437 vfat aesni_intel mgag200 fat > crypto_simd cryptd drm_shmem_helper dell_smbios rapl dcdbas intel_cstate > drm_kms_helper iTCO_wdt intel_pmc_bxt dell_wmi_descriptor iTCO_vendor_support > pcspkr wmi_bmof intel_uncore efi_pstore joydev acpi_ipmi sg mei_me watchdog > i2c_algo_bit mei intel_pch_thermal ipmi_si ipmi_devintf evdev ipmi_msghandler > button nfsd nfs_acl lockd auth_rpcgss grace drm configfs sunrpc fuse efivarfs > ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 crc32c_generic hid_generic > usbhid hid sd_mod t10_pi crc64_rocksoft crc64 crc_t10dif crct10dif_generic > ahci crct10dif_pclmul crct10dif_common crc32_pclmul xhci_pci crc32c_intel > libahci i2c_i801 xhci_hcd > [18029.296738] ixgbe i2c_smbus megaraid_sas tg3 xfrm_algo dca mdio_devres > lpc_ich libata libphy ptp pps_core mdio usbcore scsi_mod wmi usb_common > scsi_common > [18029.296769] CPU: 2 PID: 6051 Comm: kworker/2:1 Not tainted 6.1.0-1-amd64 > #1 Debian 6.1.4-1 > [18029.296775] Hardware name: Dell Inc. PowerEdge R540/0NJK2F, BIOS 2.15.1 > 06/17/2022 > [18029.296779] Workqueue: nfsd_filecache nfsd_file_delayed_close [nfsd] > [18029.296850] RIP: 0010:refcount_warn_saturate+0xba/0x110 > [18029.296857] Code: 01 01 e8 5d 3d 4a 00 0f 0b c3 cc cc cc cc 80 3d 18 4c cd > 01 00 75 85 48 c7 c7 18 a0 14 87 c6 05 08 4c cd 01 01 e8 3a 3d 4a 00 <0f> 0b > c3 cc cc cc cc 80 3d f3 4b cd 01 00 0f 85 5e ff ff ff 48 c7 > [18029.296862] RSP: 0018:ffffaaa746f97e40 EFLAGS: 00010282 > [18029.296867] RAX: 0000000000000000 RBX: ffff9bc0d27158f8 RCX: > 0000000000000000 > [18029.296871] RDX: 0000000000000001 RSI: ffffffff8713289e RDI: > 00000000ffffffff > [18029.296874] RBP: ffffaaa746f97e68 R08: 0000000000000000 R09: > ffffaaa746f97cc8 > [18029.296878] R10: 0000000000000003 R11: ffffffff87ed23c8 R12: > ffff9bc0d27158f0 > [18029.296881] R13: 0000000000000000 R14: ffff9bc197cb06c0 R15: > ffff9bc040563b08 > [18029.296884] FS: 0000000000000000(0000) GS:ffff9bc6e0100000(0000) > knlGS:0000000000000000 > [18029.296889] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [18029.296892] CR2: 00007f627af751c0 CR3: 00000001c0744006 CR4: > 00000000007706e0 > [18029.296896] DR0: 0000000000000000 DR1: 0000000000000000 DR2: > 0000000000000000 > [18029.296899] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: > 0000000000000400 > [18029.296902] PKRU: 55555554 > [18029.296905] Call Trace: > [18029.296909] <TASK> > [18029.296912] nfsd_file_dispose_list+0x4d/0x70 [nfsd] > [18029.296975] nfsd_file_delayed_close+0x73/0xa0 [nfsd] > [18029.297034] process_one_work+0x1c4/0x380 > [18029.297045] worker_thread+0x4d/0x380 > [18029.297052] ? _raw_spin_lock_irqsave+0x23/0x50 > [18029.297061] ? rescuer_thread+0x3a0/0x3a0 > [18029.297068] kthread+0xe6/0x110 > [18029.297074] ? kthread_complete_and_exit+0x20/0x20 > [18029.297081] ret_from_fork+0x1f/0x30 > [18029.297095] </TASK> > [18029.297097] ---[ end trace 0000000000000000 ]---
Would it be possible to test 6.1.7, which contains related nfs changes with the nfsd filecache? Regards, Salvatore