Bug 187261

Summary: [fusefs] FUSE kernel panic when using socket / bind
Product: Base System Reporter: Kris Moore <kris>
Component: kernAssignee: freebsd-fs (Nobody) <fs>
Status: Closed DUPLICATE    
Severity: Affects Only Me CC: cem, henry.hu.sh
Priority: Normal    
Version: 10.0-RELEASE   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.shar none

Description Kris Moore 2014-03-04 18:10:00 UTC 
I've run across an interesting bug in our fuse implementation. It looks like whenever a program running on the FUSE layer tries to create a socket() and then use bind(), it will immediately trigger a kernel panic. 

This is very likely the source of a number of fuse related kernel panics.

Fix: The kernel panic messages refer to fuse_vnop_create() being the culprit, located in sys/fs/fuse/fuse_vnops.c



Patch attached with submission follows:
How-To-Repeat: I've attached an example to let you trigger this bug. Extract the archive and then compile "fusexmp.c" and socktest.c

% cc -Wall `pkg-config fuse --cflags --libs` fusexmp.c -o fusexmp
% cc socktest.c -o socktest

Now mount the fuse passthrough filesystem, chroot and run the socktest program. You should see an immediate kernel panic. 

# ./fusexmp /mnt
# chroot /mnt
# cd <pathtosock>
# ./socktest
Comment 1 Kris Moore 2014-03-04 18:35:37 UTC 
You can download the text-dump from the system below.

http://web.pcbsd.org/~kris/textdump-fusesocket.tar

-- 
Kris Moore
PC-BSD Software
iXsystems
Comment 2 Mark Linimon freebsd_committer freebsd_triage 2014-03-05 03:25:57 UTC 
Responsible Changed
From-To: freebsd-bugs->freebsd-fs

reclassify.
Comment 3 Henry Hu 2015-02-12 21:33:52 UTC 
I've submitted bug 195000 which seems to be closely related to this bug, and I've provided a temporary fix. Please try that patch and check if it works.
It's triggered through rsync, but it's also related to socket, and it also crashes in fuse_vnop_create.
Comment 4 Henry Hu 2017-12-04 00:42:15 UTC 
bug 195000 has been closed, and all the fixes are committed. I think that this bug should have been fixed.
Comment 5 Conrad Meyer freebsd_committer freebsd_triage 2017-12-04 01:03:25 UTC 

*** This bug has been marked as a duplicate of bug 195000 ***