Fuse Kernel Module Crashed when runltp script (LTP ) is executed in the FUSE Mount Point
(too old to reply)
Akil Raza
2017-06-28 15:09:00 UTC
While Executing the runltp script the System is rebooted. Below are the
Core Trace is Shared . The Script is executed on the fuse mount point path.
The Problem is consistently seen.

System configuration:
[***@labrh71 ~]# uname -a
Linux labrh71 3.10.0-229.1.2.el7.x86_64 #1 SMP Fri Mar 6 17:12:08 EST 2015
x86_64 x86_64 x86_64 GNU/Linux

Fuse lib Version :2.9.2

Command Executed:

./runltp -z -p -o /root/ltp-testing_with_z-option/output -l
/root/ltp-testing_with_z-option/logfile -f syscalls -d
/root/testing/mount/folder2 &> /root/ltp-testing_with_z-option/log &

Runltp script is attached

Core Dump Logs

# Please check this report. Lines starting with '#' will be ignored.
# Lines starting with '%----' separate fields, please do not delete them.

# Describe the circumstances of this crash below

# Backtrace
# Check that it does not contain any sensitive data (passwords, etc.)

Version: 3.10.0-229.1.2.el7.x86_64
kernel BUG at fs/fuse/file.c:1520!
invalid opcode: 0000 [#1] SMP
Modules linked in: sctp tun loop btrfs zlib_deflate raid6_pq xor vfat msdos
fat ext4 mbcache jbd2 binfmt_misc bridge stp llc fuse coretemp
crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel ppdev
aesni_intel lrw gf128mul glue_helper ablk_helper cryptd vmw_balloon pcspkr
serio_raw vmw_vmci shpchp parport_pc parport i2c_piix4 uinput xfs libcrc32c
sd_mod crc_t10dif crct10dif_common sr_mod cdrom ata_generic pata_acpi
vmwgfx mptsas drm_kms_helper scsi_transport_sas mptscsih ttm mptbase e1000
ata_piix drm i2c_core libata floppy dm_mirror dm_region_hash dm_log dm_mod
CPU: 1 PID: 22695 Comm: dirtyc0w Not tainted 3.10.0-229.1.2.el7.x86_64 #1
Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference
Platform, BIOS 6.00 04/14/2014
task: ffff88003d6dc440 ti: ffff88001c020000 task.ti: ffff88001c020000
RIP: 0010:[<ffffffffa037ae0c>] [<ffffffffa037ae0c>]
fuse_writepage_locked+0x2ac/0x2b0 [fuse]
RSP: 0018:ffff88001c023a60 EFLAGS: 00010246
RAX: ffff88007a802c80 RBX: ffff88007a802a00 RCX: 0000000000000000
RDX: ffff88007a802c80 RSI: 0000000000000000 RDI: ffff880079d19000
RBP: ffff88001c023a98 R08: ffffffff8183b350 R09: ffffea0001e9e280
R10: 0000000000003688 R11: 0000000000000000 R12: ffffea0001c6a4c0
R13: ffff88007bebddb0 R14: ffffea0001e9e240 R15: ffff88007a802b50
FS: 00007f4f51c9c740(0000) GS:ffff88007fd00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 00007f82fe58afb8 CR3: 0000000005984000 CR4: 00000000000407e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
0000000000000246 ffff880079d19000 ffffea0001c6a4c0 0000000000000000
ffff88007a802a00 ffffea0001c6a4c0 0000000000000000 ffff88001c023ac0
ffffffffa037ae4f 0000000000000000 ffff88007a802b50 ffffffffffffffff
Call Trace:
[<ffffffffa037ae4f>] fuse_launder_page+0x3f/0x60 [fuse]
[<ffffffff81165ad0>] invalidate_inode_pages2_range+0x350/0x430
[<ffffffffa036f26c>] ? wait_answer_interruptible+0xbc/0xe0 [fuse]
[<ffffffff81098220>] ? wake_up_bit+0x30/0x30
[<ffffffffa036fb1f>] ? __fuse_request_alloc+0x7f/0xe0 [fuse]
[<ffffffffa03710d0>] ? fuse_request_free+0x40/0x50 [fuse]
[<ffffffffa0371198>] ? fuse_put_request+0xb8/0x100 [fuse]
[<ffffffff81165bc7>] invalidate_inode_pages2+0x17/0x20
[<ffffffffa0378352>] fuse_finish_open+0xc2/0xd0 [fuse]
[<ffffffffa03783c8>] fuse_open_common+0x68/0x80 [fuse]
[<ffffffffa03783f0>] fuse_open+0x10/0x20 [fuse]
[<ffffffff811c423f>] do_dentry_open+0x18f/0x2b0
[<ffffffffa03783e0>] ? fuse_open_common+0x80/0x80 [fuse]
[<ffffffff811c43d9>] vfs_open+0x39/0x70
[<ffffffff811d54cd>] do_last+0x1ed/0x1270
[<ffffffff811ab86e>] ? kmem_cache_alloc_trace+0x1ce/0x1f0
[<ffffffff811d6612>] path_openat+0xc2/0x4c0
[<ffffffff81012609>] ? __switch_to+0x179/0x4a0
[<ffffffff811d7a4b>] do_filp_open+0x4b/0xb0
[<ffffffff811e4497>] ? __alloc_fd+0xa7/0x130
[<ffffffff811c58a3>] do_sys_open+0xf3/0x1f0
[<ffffffff811c59be>] SyS_open+0x1e/0x20
[<ffffffff81613da9>] system_call_fastpath+0x16/0x1b
Code: b8 dd e0 31 c0 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 4c 89 ef
e8 93 62 ff ff 4c 89 e7 e8 eb b7 dd e0 b8 f4 ff ff ff eb da <0f> 0b 66 90
66 66 66 66 90 55 48 89 e5 41 55 41 54 45 31 e4 53
RIP [<ffffffffa037ae0c>] fuse_writepage_locked+0x2ac/0x2b0 [fuse]
RSP <ffff88001c023a60>

# This field is read only
# Architecture
# This field is read only
# Component
# This field is read only
# Kernel version
# This field is read only
# os-release configuration file
# This field is read only
NAME="Red Hat Enterprise Linux Server"
VERSION="7.1 (Maipo)"
PRETTY_NAME="Red Hat Enterprise Linux Server 7.1 (Maipo)"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7"
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"

Potentially Secured from threat!!!