From nobody Wed Dec 18 17:58:04 2024 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YD1cY1qHXz5hfm5 for ; Wed, 18 Dec 2024 17:58:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YD1cX71zqz4jCH for ; Wed, 18 Dec 2024 17:58:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1734544685; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=esN+J/ze5g9lERqISPU5g1psXi26aQR4VZ2UZVdhfuI=; b=yx8TEm5E2aqcRYG5oxddjOnFbQsinjxEnCfvitdVQvPxtbHqF+WnFvCnivzvc3oojSeL+p g32HVoH8DcGRgZ5oYZM0bvfoNPvjSsT3PN3vWWwui4pymiGWy5WgjDYTGJTKNkQmssVqQ2 USHkwh9XvjGE5OmiYlIL9QzJj0z/zWr94RZiFeYHaO8Dx2gC50mAwX90/0rEz3idY6+kIt SE86zedGQweNIDLCCyN/LOtOmf5jsd4kiQNq/NRqZ4LJYI3LWHkdlppv7v7mz/spNffYlu msQRgSycdAtJiYCuryzbS0hYs3ZASPCW4yOdJISkndywJHrcvv5vPBhbaGnIIg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1734544685; a=rsa-sha256; cv=none; b=Gk2F5PkCoaSLI1it5JhbxFQTzgfrUlzbHGIA6ygwFW4oy1ItJbwEyOnWoH+f3/3O3f3y/V RbR4QkJV1VsShf8krEMh0BOrWbjLOzO+JgxopRsji5Rv7HbzjCPzmHjQ1w846d4FYT6f1/ uNCFwGVfRd8PqE0H+xWud6Lgce9pBkZ8NPwv5KW8Pec/5PowaVLrNUnCgoOiOUaKIhaw4b DGTxY/WlHQ57vWbIrDLnO6vJ0HIkuRgN8qed2dck4EtECDWUX/p+h6tIjAZ0vnfP6ffRow jKEaPavzZVyGI4FjZuKuPK/daH61KIb1+C8MEPX6oI6Ca/VdPJ5aCa1QDg4Qyg== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YD1cX6JszzHpb for ; Wed, 18 Dec 2024 17:58:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 4BIHw4he014429 for ; Wed, 18 Dec 2024 17:58:04 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 4BIHw4Ve014427 for bugs@FreeBSD.org; Wed, 18 Dec 2024 17:58:04 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 283402] [fusefs] page fault when removing a fuse-backed CTL LUN mounted with atime Date: Wed, 18 Dec 2024 17:58:04 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 15.0-CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: asomers@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D283402 Bug ID: 283402 Summary: [fusefs] page fault when removing a fuse-backed CTL LUN mounted with atime Product: Base System Version: 15.0-CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: asomers@FreeBSD.org If you create a fuse mount that has default_permissions enabled but NOT noatime, then it is possible to trigger a page fault panic when removing a = CTL LUN backed by a file on this mountpoint. The reason is that kernel consume= rs like CTL don't have a ucred object. The same problem might happen with the= NFS server. I am not able to reproduce it using mdconfig to create a file-back= ed md device on top of fusefs. Steps to Reproduce =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D $ pkg install -y fusefs-ext2 $ truncate -s 1g /tmp/ext2.img $ mkfs.ext2 /tmp/ext2.img # Note: atime MUST be enabled $ sudo fuse-ext2 -o default_permissions,allow_other,rw+ /tmp/ext2.img /tmp/= mnt $ sudo truncate -s 1m /tmp/mnt/file $ sudo ctladm create -b block -o file=3D/tmp/mnt/file LUN created successfully backend: block device type: 0 LUN size: 1048576 bytes blocksize 512 bytes LUN ID: 0 Serial Number: MYSERIAL0000 Device ID: MYDEVID0000 $ sudo ctladm port -o on -p 0 $ sudo md5 /dev/da0 $ sudo ctladm remove -b block -l 0 Stack Trace =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe00dc51d= 5e0 vpanic() at vpanic+0x136/frame 0xfffffe00dc51d710 panic() at panic+0x43/frame 0xfffffe00dc51d770 trap_fatal() at trap_fatal+0x40b/frame 0xfffffe00dc51d7d0 trap_pfault() at trap_pfault+0xa0/frame 0xfffffe00dc51d840 calltrap() at calltrap+0x8/frame 0xfffffe00dc51d840 --- trap 0xc, rip =3D 0xffffffff80c5db00, rsp =3D 0xfffffe00dc51d910, rbp = =3D 0xfffffe00dc51d940 --- vaccess() at vaccess+0x40/frame 0xfffffe00dc51d940 fuse_vnop_close() at fuse_vnop_close+0x1b3/frame 0xfffffe00dc51da40 VOP_CLOSE_APV() at VOP_CLOSE_APV+0x93/frame 0xfffffe00dc51da70 vn_close1() at vn_close1+0x139/frame 0xfffffe00dc51dae0 ctl_be_block_ioctl() at ctl_be_block_ioctl+0x84c/frame 0xfffffe00dc51db70 ctl_ioctl() at ctl_ioctl+0x15fc/frame 0xfffffe00dc51dbd0 devfs_ioctl() at devfs_ioctl+0xd1/frame 0xfffffe00dc51dc20 VOP_IOCTL_APV() at VOP_IOCTL_APV+0x96/frame 0xfffffe00dc51dc50 vn_ioctl() at vn_ioctl+0x160/frame 0xfffffe00dc51dcc0 devfs_ioctl_f() at devfs_ioctl_f+0x1e/frame 0xfffffe00dc51dce0 kern_ioctl() at kern_ioctl+0x286/frame 0xfffffe00dc51dd40 sys_ioctl() at sys_ioctl+0x12f/frame 0xfffffe00dc51de00 amd64_syscall() at amd64_syscall+0x1af/frame 0xfffffe00dc51df30 fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe00dc51df30 --- syscall (54, FreeBSD ELF64, ioctl), rip =3D 0x16fd98c1dc1a, rsp =3D 0x16fd93fc4768, rbp =3D 0x16fd93fc4930 --- KDB: enter: panic --=20 You are receiving this mail because: You are the assignee for the bug.=