Bug 177801 - unable to handle kernel NULL pointer dereference at fuse_setattr
Summary: unable to handle kernel NULL pointer dereference at fuse_setattr
Status: NEW
Alias: None
Product: File System
Classification: Unclassified
Component: Other (show other bugs)
Hardware: x86-64 Linux
: P1 high
Assignee: fs_other
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-10-17 07:04 UTC by Andreas Reis
Modified: 2016-11-06 19:06 UTC (History)
3 users (show)

See Also:
Kernel Version: 4.9-rc1
Tree: Mainline
Regression: No


Attachments
proposed patch (677 bytes, patch)
2016-10-18 09:31 UTC, Miklos Szeredi
Details | Diff
proposed patch (1.59 KB, patch)
2016-10-18 09:48 UTC, Miklos Szeredi
Details | Diff

Description Andreas Reis 2016-10-17 07:04:14 UTC
Getting this reliably when I plug in a NTF3(-3g) USB stick.

Linux version 4.9.0-1-ck (me@meme) (gcc version 6.2.1 20161006 (GCC) ) #1 SMP PREEMPT Sat Oct 15 23:41:18 CEST 2016

ntfs-3g[2487]: Version 2016.2.22 external FUSE 29
ntfs-3g[2487]: Mounted /dev/sde1 (Read-Write, label "usbusb", NTFS 3.1)
ntfs-3g[2487]: Cmdline options: rw,nosuid,noexec,nodev,noatime,fmask=0133,uid=1000,gid=1000,utf8
ntfs-3g[2487]: Mount options: rw,nosuid,noexec,nodev,utf8,allow_other,nonempty,noatime,default_permissions,fsname=/dev/sde1,blkdev,blksize=4096
ntfs-3g[2487]: Global ownership and permissions enforced, configuration type 7
kernel: BUG: unable to handle kernel NULL pointer dereference at           (null)
kernel: IP: [<ffffffff81415db3>] fuse_setattr+0x113/0x150
kernel: PGD 398e10067 
kernel: PUD 3a1728067 
kernel: PMD 0 
kernel: 
kernel: Oops: 0002 [#1] PREEMPT SMP
kernel: Modules linked in: vboxnetflt(O) vboxnetadp(O) vboxpci(O) vboxdrv(O)
kernel: CPU: 2 PID: 2472 Comm: udevil Tainted: G     U     O    4.9.0-1-ck #1
kernel: Hardware name: Gigabyte Technology Co., Ltd. G1.Sniper M5/G1.Sniper M5, BIOS T01 02/03/2015
kernel: task: ffff8803c08fc4c0 task.stack: ffffc90008cc8000
kernel: RIP: 0010:[<ffffffff81415db3>]  [<ffffffff81415db3>] fuse_setattr+0x113/0x150
kernel: RSP: 0018:ffffc90008ccbdd0  EFLAGS: 00010202
kernel: RAX: 0000000000000000 RBX: 0000000000000041 RCX: 0000000000000000
kernel: RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff88040d99d000
kernel: RBP: ffffc90008ccbe00 R08: 000000000001ffa0 R09: ffffffff81410350
kernel: R10: 0000000000000000 R11: 0000000000000001 R12: ffffc90008ccbe68
kernel: R13: ffff88040d99d000 R14: ffff88039c9999c0 R15: ffff8803f2e70c00
kernel: FS:  00007fd41f2bb800(0000) GS:ffff88042f280000(0000) knlGS:0000000000000000
kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
kernel: CR2: 0000000000000000 CR3: 000000037f206000 CR4: 00000000001406e0
kernel: Stack:
kernel:  ffff8803f2e70c00 0000000000000041 ffff88039c9999c0 ffffc90008ccbe68
kernel:  0000000000000000 ffff8803f2e70c00 ffffc90008ccbe48 ffffffff8128abb2
kernel:  0000000008ccbe18 ffffc90008ccbe60 ffff8803f2e70ca8 ffffc90008ccbef8
kernel: Call Trace:
kernel:  [<ffffffff8128abb2>] notify_change+0x2d2/0x430
kernel:  [<ffffffff8126a759>] chmod_common+0x169/0x180
kernel:  [<ffffffff8126b9fa>] SyS_fchmodat+0x5a/0xb0
kernel:  [<ffffffff8126ba69>] SyS_chmod+0x19/0x20
kernel:  [<ffffffff81b0e537>] entry_SYSCALL_64_fastpath+0x1a/0xa9
kernel: Code: 18 01 00 00 02 75 30 41 8b 16 81 e2 00 00 60 00 81 fa 00 00 20 00 0f 85 76 ff ff ff 41 f6 04 24 01 0f 84 6b ff ff ff 49 8b 56 78 <48> c7 02 00 00 00 00 e9 5d ff ff ff 4c 89 ff 89 45 d0 e8 46 77 
kernel: RIP  [<ffffffff81415db3>] fuse_setattr+0x113/0x150
kernel:  RSP <ffffc90008ccbdd0>
kernel: CR2: 0000000000000000
kernel: ---[ end trace 38e1e7ed84ac0879 ]---
Comment 1 Miklos Szeredi 2016-10-18 09:31:12 UTC
Created attachment 241931 [details]
proposed patch

Thanks for reporting!

The attached patch should fix the issue.
Comment 2 Miklos Szeredi 2016-10-18 09:33:50 UTC
And will result in a memory leak...  I'll do another patch.
Comment 3 Miklos Szeredi 2016-10-18 09:48:19 UTC
Created attachment 241941 [details]
proposed patch

This one should be better.
Comment 4 Andreas Reis 2016-10-18 13:26:15 UTC
Looks like all is well again. Thanks!
Comment 5 Miklos Szeredi 2016-10-18 13:42:25 UTC
Fix pushed to

git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git#for-linus
Comment 6 Thorsten Leemhuis 2016-11-06 13:36:45 UTC
FYI: This bug is in the list of regressions for 4.9.

(In reply to Miklos Szeredi from comment #5)
> Fix pushed to
> git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git#for-linus

But not sent upstream yet (or did I miss it?) -- is there a reason for that?

Note You need to log in before you can comment on or make changes to this bug.