when oplocks is enable,kernel painc occurs when files are written.

[zztmy]

[ 283.298005] ksmbd: lock type is oplock release [ 283.299450] ksmbd: unexpected oplock state 0x0 [ 285.215094] Unable to handle kernel paging request at virtual address 000000000001ffdc [ 285.218074] Mem abort info: [ 285.218783] ESR = 0x96000006 [ 285.219544] EC = 0x25: DABT (current EL), IL = 32 bits [ 285.220862] SET = 0, FnV = 0 [ 285.221620] EA = 0, S1PTW = 0 [ 285.224234] ksmbd: lock type is oplock release [ 285.224427] Data abort info: [ 285.225798] ksmbd: unexpected oplock state 0x0 [ 285.226251] ISV = 0, ISS = 0x00000006 [ 285.230221] CM = 0, WnR = 0 [ 285.231388] user pgtable: 4k pages, 39-bit VAs, pgdp=000000000c88c000 [ 285.233516] [000000000001ffdc] pgd=000000000d191003, p4d=000000000d191003, pud=000000000d191003, pmd=0000000000000000 [ 285.237135] ATP_save_reboot_flag success, flag = 4 [ 285.238000] Unable to handle kernel paging request at virtual address 000000000001ffdc [ 285.238753] Internal error: Oops: 96000006 [#1] PREEMPT SMP [ 285.240884] Mem abort info: [ 285.241682] Modules linked in: rpcsec_gss_krb5 auth_rpcgss cifs usb_storage galcore r8152 [ 285.242379] ESR = 0x96000005 [ 285.242383] EC = 0x25: DABT (current EL), IL = 32 bits [ 285.244407] [ 285.245178] SET = 0, FnV = 0 [ 285.246484] CPU: 3 PID: 3434 Comm: kworker/3:4 Not tainted 5.10.107 #7 [ 285.246858] EA = 0, S1PTW = 0 [ 285.247624] Workqueue: ksmbd-io handle_ksmbd_work [ 285.249240] Data abort info: [ 285.250675] [ 285.250679] pstate: a0c00005 (NzCv daif +PAN +UAO -TCO BTYPE=--) [ 285.250682] pc : smb_break_all_levII_oplock+0x80/0x250 [ 285.250685] lr : smb_break_all_levII_oplock+0x58/0x250 [ 285.250687] sp : ffffffc014293c10 [ 285.250689] x29: ffffffc014293c10 x28: 000000000fb00000 [ 285.250695] x27: ffffff800e800074 [ 285.255142] ISV = 0, ISS = 0x00000005 [ 285.255209] x26: 000000000001ffa0 [ 285.255211] x25: ffffffc010ea3000 x24: ffffff803b340400 [ 285.255215] x23: ffffffc010ea3f90 x22: ffffffc011520a18 [ 285.255219] x21: 0000000000000001 x20: ffffff8038ed5c00 [ 285.255225] x19: ffffff80154e8a48 [ 285.256546] CM = 0, WnR = 0 [ 285.257771] x18: 0000000000000000 [ 285.257773] x17: 0000000000000000 x16: 0000000000000000 [ 285.257777] x15: 0000000000000000 x14: 0000000000000001 [ 285.257783] x13: 80fc7eeb15738ce6 [ 285.258614] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000069ad9000 [ 285.259920] x12: ffffffffffffffff [ 285.260824] [000000000001ffdc] pgd=0000000016715003 [ 285.261713] [ 285.262562] , p4d=0000000016715003 [ 285.263873] x11: 0000000000000040 [ 285.265190] , pud=0000000016715003 [ 285.266504] x10: ffffff800c6c4c08 [ 285.266507] x9 : ffffffc010436430 x8 : ffffff80c72826f0 [ 285.267353] , pmd=0000000000000000 [ 285.268089] [ 285.268944] [ 285.270247] x7 : 0000000000000000 x6 : ffffffc014293d40 [ 285.270251] x5 : 0000000000000000 x4 : 0000000000000002 [ 285.272414] [ 285.286884] x3 : 0000000000000001 x2 : 0000000000000000 [ 285.288205] x1 : ffffff8014de2880 x0 : 0000000000000001 [ 285.289532] Call trace: [ 285.290146] smb_break_all_levII_oplock+0x80/0x250 [ 285.291341] ksmbd_vfs_write+0xb4/0x2f8 [ 285.292300] smb2_write+0x1e4/0x498 [ 285.293173] handle_ksmbd_work+0x1cc/0x478 [ 285.294198] process_one_work+0x218/0x4c8 [ 285.295198] worker_thread+0x48/0x438 [ 285.296114] kthread+0x160/0x168 [ 285.296923] ret_from_fork+0x10/0x1c [ 285.297820] Code: 912862d6 913e42f7 b0005379 d503201f (b9403f42) [ 285.299337] ---[ end trace 7296983f231176c8 ]--- [ 285.304340] Kernel panic - not syncing: Oops: Fatal exception [ 285.305775] SMP: stopping secondary CPUs [ 286.353871] SMP: failed to stop secondary CPUs 2-3 [ 286.355060] iso_wa: force gpu sram on [ 286.355975] Kernel Offset: disabled [ 286.356842] CPU features: 0x0000006,2a00a218 [ 286.357902] Memory Limit: none [ 286.361319] rtkemmc_req_cleanup_pending No eMMC access currently... [ 286.363896] rtkemmc_req_completion_poll: wait interrupt done... [ 286.365378] rtkemmc_req_cleanup_pending No eMMC access currently... [ 286.367175] rtkemmc_req_completion_poll: wait interrupt done... [ 286.368658] Rebooting in 1 seconds.. [ 287.370871] SMP: stopping secondary CPUs [ 288.418963] SMP: failed to stop secondary CPUs 2-3

[namjaejeon]

Ah, What client do you use ? I have never seen this issue before. Let me know how to reproduce. when I checked the backtrace, This is not SMB1.

[zztmy]

I use a Windows 10 client.

[hclee]

@zztmy Could you elaborate how to reproduce it? Does this happen when copying files to ksmbd from Windows client? Please show your smb.conf and what version of ksmbd and kernel.

[namjaejeon]

I wonder if you enabled oplock on smb1. And I wonder if there are two clients connected to smb1 and smb2/3 respectively.

[zztmy]

@hclee Yes, it happens when you copy files from windows to ksmbd.

[global] workgroup = WORKGROUP netbios name = ZZTMY map to guest = bad user guest account = nobody max active sessions = 128 bind interfaces only = yes interfaces = br0 max open files = 1000 deadtime = 5 server min protocol = NT1 [zztmy] path = /mnt/disk0/ guest ok = yes writable = yes oplocks = yes force user = public_user

ksmbd version: 3.4.5 linux version: 5.10.107

@namjaejeon Yes， that's the scene you're talking about.

[namjaejeon]

@zztmy Can you reproduce this issue easily ? I think you accessed the file through smb1 and smb2 clients at the same time. It looks like it needs to fix SMB1 code. Actually we don't want to touch smb1 code anymore. If you can tell us how to reproduce this, we'll check it.