=Comment: #0================================================= Pavan Naregundi <pavan.naregundi.com> - Mounting a samba directory which has following options in smb.conf [SAMBA1] path = /SAMBA1 guest ok = yes only guest = yes writeable = yes printable =yes gives the following Call Trace with error no 2(No such file or directory) $ mount.cifs //9.124.111.125/SAMBA1 /SAMBA1 -o username=root Password: CIFS VFS: cifs_read_super: get root inode failed ============================================================================= BUG kmalloc-8 (Not tainted): Redzone overwritten ----------------------------------------------------------------------------- INFO: 0xc00000003a13fa08-0xc00000003a13fa0c. First byte 0x80 instead of 0xcc INFO: Allocated in .CIFSTCon+0x3fc/0x560 [cifs] age=64 cpu=1 pid=2418 INFO: Slab 0xf000000001798198 objects=51 used=33 fp=0xc00000003a13fa50 flags=0x00c3 INFO: Object 0xc00000003a13fa00 @offset=2560 fp=0xc00000003a13fa50 Bytes b4 0xc00000003a13f9f0: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ Object 0xc00000003a13fa00: e4 b8 80 e5 90 80 e4 98 ��.�..�. Redzone 0xc00000003a13fa08: 80 e5 8c 80 00 cc cc cc .�...��� Padding 0xc00000003a13fa48: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ Call Trace: [c000000035a6f490] [c0000000000117d8] .show_stack+0x6c/0x16c (unreliable) [c000000035a6f540] [c000000000149c18] .print_trailer+0x150/0x178 [c000000035a6f5e0] [c00000000014a424] .check_bytes_and_report+0x104/0x170 [c000000035a6f6a0] [c00000000014a508] .check_object+0x78/0x260 [c000000035a6f740] [c00000000014ca18] .__slab_free+0x298/0x3dc [c000000035a6f7f0] [c00000000014d608] .kfree+0x134/0x190 [c000000035a6f8a0] [d000000000a73e30] .tconInfoFree+0x60/0xc4 [cifs] [c000000035a6f930] [d000000000a62b18] .cifs_put_tcon+0x11c/0x148 [cifs] [c000000035a6f9d0] [d000000000a62b68] .cifs_umount+0x24/0x58 [cifs] [c000000035a6fa50] [d000000000a51c44] .cifs_get_sb+0x264/0x32c [cifs] [c000000035a6fb10] [c00000000015c7dc] .vfs_kern_mount+0xd4/0x1b0 [c000000035a6fbc0] [c00000000015c928] .do_kern_mount+0x60/0x138 [c000000035a6fc70] [c000000000179254] .do_mount+0x854/0x8d8 [c000000035a6fd60] [c0000000001a0054] .compat_sys_mount+0x20c/0x28c [c000000035a6fe30] [c0000000000085f0] syscall_exit+0x0/0x40 FIX kmalloc-8: Restoring 0xc00000003a13fa08-0xc00000003a13fa0c=0xcc mount error 2 = No such file or directory Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) ==================================== However, client is able to mount the directory if 'printable' option is set to 'no', i.e "printable =no" Server is started with following commands /usr/sbin/smbd -D /usr/sbin/nmbd -D =Comment: #5================================================= Shirish S. Pargaonkar <shirishp.com> - Looking at the problem =Comment: #6================================================= Shirish S. Pargaonkar <shirishp.com> - Not sure whether this is cifs vfs client bug, cifs sends the same requests. It is Samba server that reacts differently with printable = yes option in the stanza in the smb.conf file. With printable = yes option, this is the error that is logged by samba server [2009/02/27 04:00:48, 3] smbd/trans2.c:call_trans2qfilepathinfo(3939) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 512 [2009/02/27 04:00:48, 3] smbd/trans2.c:call_trans2qfilepathinfo(3984) call_trans2qfilepathinfo: SMB_VFS_LSTAT of failed (No such file or directory) [2009/02/27 04:00:48, 3] smbd/error.c:reply_unix_error(154) unix_error_packet: error string = No such file or directory [2009/02/27 04:00:48, 3] smbd/error.c:error_packet_set(61) error packet at smbd/trans2.c(3985) cmd=50 (SMBtrans2) NT_STATUS_OBJECT_NAME_NOT_FOUND Investigating by printable = yes option can cause this. =Comment: #7================================================= Shirish S. Pargaonkar <shirishp.com> - With the same staza sans printable = yes, generates this log by Samba server for a mount request by a client [2009/02/27 04:07:55, 3] smbd/trans2.c:call_trans2qfilepathinfo(3939) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 512 [2009/02/27 04:07:55, 5] smbd/filename.c:unix_convert(149) unix_convert called on file "" [2009/02/27 04:07:55, 5] smbd/filename.c:unix_convert(182) conversion finished "" -> . i.e. when mount does not fail. =Comment: #8================================================= Shirish S. Pargaonkar <shirishp.com> - It is the unix_convert function that returns different values for the same input and that causes difference of behaviour. unix_convert returns null fname in case of printable = yes and . in case of no printable = yes line in the stanza in the smb.conf file. lstat call on a null file fails and so does mount. Will have to look into what unix_convert in samba code does. =Comment: #9================================================= Shirish S. Pargaonkar <shirishp.com> - samba server responses are incorrect with printable = yes in a stanza in smb.conf Without -o prefixpath=<directory> during mount, a root is not identified, with -o prefixpath=<directory>, a share can be mounted but find first command returns error (i.e. ls returns empty). Investigating. =Comment: #10================================================= Shirish S. Pargaonkar <shirishp.com> - I do not think one uses printable = yes with file shares. With printers, it is used. For file shares, the default is printable = no =Comment: #11================================================= Shirish S. Pargaonkar <shirishp.com> - This is not a bug, it is incorrect usage of a samba option for a file share. The stanza option printable = yes is not used alongwith a file share. =Comment: #12================================================= Pavan Naregundi <pavan.naregundi.com> - Shirish, Error no 2(No such file or directory) seems ok for the the invalid option "printable = yes" for sharing of files. Can we avoid the call trace here? Thanks Pavan =Comment: #13================================================= Shirish S. Pargaonkar <shirishp.com> - (In reply to comment #12) > Shirish, > Error no 2(No such file or directory) seems ok for the the invalid option > "printable = yes" for sharing of files. Can we avoid the call trace here? > Thanks > Pavan OK, I missed that. I had not turned on CONFIG_DEBUG_SLAB in .config file. Let me turn it on, build the kernel and modules, and retry the mount to see whether I can see the stack trace during a mount error with printable = yes option in the stanza in smb.conf file on the server, I am using cifs vfs client on a SLES11 system but the source code is 2.6.29-rc7. =Comment: #14================================================= Shirish S. Pargaonkar <shirishp.com> - At least with 2.6.29-rc7, I do not see the stack trace mentioned when mount fails. mount.cifs //cifstest8.austin.ibm.com/smb88 /mnt/smb_a -o remount,nobrl,user=root,pass=password mount error 22 = Invalid argument Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) cifstest6:/usr/src/linux.ssp.030509/cifs-2.6 # dmesg syslog buffer is empty. [smb88] path = /tmp/cifstest88 browseable = Yes read only = No guest ok = Yes writable = yes printable = yes =Comment: #15================================================= Shirish S. Pargaonkar <shirishp.com> - Forgot to add these, CONFIG_SLAB=y CONFIG_SLABINFO=y CONFIG_DEBUG_SLAB=y # CONFIG_DEBUG_SLAB_LEAK is not set Are there any other config options that you think needed to see the stack trace you state? =Comment: #16================================================= Shirish S. Pargaonkar <shirishp.com> - Sorry, wrong command mount.cifs //cifstest8.austin.ibm.com/smb88 /mnt/smb_a -o user=root,pass=password mount error 2 = No such file or directory Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) I still do not see the stack trace, even with echo 7 > /proc/fs/cifs/cifsFYI turned on See this, but no stack trace fs/cifs/cifssmb.c: In QPathInfo (Unix) the path fs/cifs/transport.c: For smb_command 50 fs/cifs/transport.c: Sending smb: total_len 78 fs/cifs/connect.c: rfc1002 length 0x27 fs/cifs/connect.c: invalid transact2 word count Status code returned 0xc0000034 NT_STATUS_OBJECT_NAME_NOT_FOUND fs/cifs/netmisc.c: Mapping smb error code 2 to POSIX err -2 fs/cifs/cifssmb.c: Send error in QPathInfo = -2 CIFS VFS: cifs_read_super: get root inode failed fs/cifs/connect.c: CIFS VFS: in cifs_put_tcon as Xid: 15 with uid: 0 fs/cifs/cifssmb.c: In tree disconnect =Comment: #17================================================= Sridhar Vinay <vinaysridhar.com> - Shirish, Even without the debug options, I was at least able to see this in dmesg: "CIFS VFS: cifs_read_super: get root inode failed". Are you not seeing even this? In the system where we could see the trace I see CONFIG_SLUB_DEBUG=y # CONFIG_SLAB is not set CONFIG_SLUB=y =Comment: #18================================================= Shirish S. Pargaonkar <shirishp.com> - (In reply to comment #17) > Shirish, > Even without the debug options, I was at least able to see this in dmesg: "CIFS > VFS: cifs_read_super: get root inode failed". Are you not seeing even this? > In the system where we could see the trace I see > CONFIG_SLUB_DEBUG=y > # CONFIG_SLAB is not set > CONFIG_SLUB=y Yes, I do see that error messages CIFS VFS: cifs_read_super: get root inode failed But that is because of incorrect usage of printable = yes option on a file share which is usage error. =Comment: #19================================================= Sridhar Vinay <vinaysridhar.com> - (In reply to comment #18) > > Yes, I do see that error messages > > CIFS VFS: cifs_read_super: get root inode failed > > But that is because of incorrect usage of printable = yes option > on a file share which is usage error. > I guess the trace is triggered on calling kfree(cifs_sb) in the cifs_read_super() =Comment: #22================================================= Sridhar Vinay <vinaysridhar.com> - CIFSTCon fix Fix a kzalloc allocation size to avoid overwriting redzone. =Comment: #26================================================= Shirish S. Pargaonkar <shirishp.com> - This patch looks fine to me, it is correct to allocate twice the 16 bit characters bytes returned by UniStrnlen. Steve, if this looks correct to you, it can be committed. =Comment: #27================================================= Steven M. French <sfrench.com> - Merged into cifs-2.6.git Will merge into 2.6.30 soon as it opens up (and to the stable kernels). Recommend for backport to distros that are not based off stable kernel series.
Created attachment 336158 [details] CIFSTCon fix
------- Comment From vinaysridhar.com 2009-04-01 02:33 EDT------- Red Hat, Will this fix be considered for f11? btw, upstream commit: http://lkml.org/lkml/2009/3/31/490
The patch is already in 2.6.29 and has been proposed for stable. F11 will likely release with a 2.6.29 kernel so this should make it. I'll leave it open for now and we can close it once F10 has a kernel with this patch.
The fix is in 2.6.30 and is going into 2.6.29.1. F11 will have at least that kernel and possibly a later one. F10 will be getting that kernel too.
Fix is now upstream. Closing bug with resolution of RAWHIDE.
------- Comment From vinaysridhar.com 2009-04-05 23:20 EDT------- Closing on IBM side
------- Comment From pavan.naregundi.com 2009-04-09 03:27 EDT------- I still geting the call trace in F11beta # uname -a Linux mjs22lp1 2.6.29-0.258.2.3.rc8.git2.fc11.ppc64 #1 SMP Tue Mar 24 18:41:15 EDT 2009 ppc64 ppc64 ppc64 GNU/Linux # mount.cifs //9.126.89.222/SAMBA /SAMBA1/ -o username=root Password: mount error(2): No such file or directory Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) [root@mjs22lp1 /]# dmesg CIFS VFS: cifs_read_super: get root inode failed ============================================================================= BUG kmalloc-8 (Not tainted): Redzone overwritten ----------------------------------------------------------------------------- INFO: 0xc00000005aedf378-0xc00000005aedf37c. First byte 0x80 instead of 0xcc INFO: Allocated in .CIFSTCon+0x414/0x580 [cifs] age=3 cpu=5 pid=6792 INFO: Slab 0xf0000000024f0a98 objects=51 used=11 fp=0xc00000005aedf000 flags=0x00c3 INFO: Object 0xc00000005aedf370 @offset=880 fp=0xc00000005aedf3c0 Bytes b4 0xc00000005aedf360: 00 00 00 01 06 5f 29 b7 5a 5a 5a 5a 5a 5a 5a 5a ....._)???ZZZZZZZZ Object 0xc00000005aedf370: e4 b8 80 e5 90 80 e4 98 ??????.???..???. Redzone 0xc00000005aedf378: 80 e5 8c 80 00 cc cc cc .???...????????? Padding 0xc00000005aedf3b8: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ Call Trace: [c00000002903f380] [c000000000012530] .show_stack+0x98/0x188 (unreliable) [c00000002903f430] [c000000000611e94] .dump_stack+0x28/0x3c [c00000002903f4b0] [c000000000176230] .print_trailer+0x164/0x190 [c00000002903f550] [c000000000176b84] .check_bytes_and_report+0x11c/0x17c [c00000002903f620] [c000000000176c78] .check_object+0x94/0x28c [c00000002903f6d0] [c000000000179580] .__slab_free+0x254/0x3cc [c00000002903f790] [c00000000017a180] .kfree+0x144/0x1a0 [c00000002903f850] [d000000000c285a8] .tconInfoFree+0x74/0xdc [cifs] [c00000002903f8e0] [d000000000c16778] .cifs_put_tcon+0x10c/0x140 [cifs] [c00000002903f980] [d000000000c167e0] .cifs_umount+0x34/0x6c [cifs] [c00000002903fa10] [d000000000c04dbc] .cifs_get_sb+0x27c/0x34c [cifs] [c00000002903faf0] [c00000000018b0e0] .vfs_kern_mount+0xe4/0x1c4 [c00000002903fbb0] [c00000000018b280] .do_kern_mount+0x6c/0x140 [c00000002903fc70] [c0000000001aacc0] .do_mount+0x864/0x8ec [c00000002903fd60] [c0000000001d5824] .compat_sys_mount+0x21c/0x29c [c00000002903fe30] [c0000000000085f0] syscall_exit+0x0/0x40 FIX kmalloc-8: Restoring 0xc00000005aedf378-0xc00000005aedf37c=0xcc
That kernel predates the inclusion of the current upstream patch. I believe the latest F11 kernels have it.