ci2 starts bisection 2023-10-23 20:29:19.244008658 +0000 UTC m=+31666.522654471 bisecting cause commit starting from 53771c1826da1344a90810469ad8e30ccaa0c00a building syzkaller on 361b23dca53619ee1dfd92dd6a74a7f3e58f270c ensuring issue is reproducible on original commit 53771c1826da1344a90810469ad8e30ccaa0c00a testing commit 53771c1826da1344a90810469ad8e30ccaa0c00a gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 6f4379cec65417538120328e65211f607e6d60802e28b7e60304b5b2d98abc23 all runs: crashed: general protection fault in vfs_rename representative crash: general protection fault in vfs_rename, types: [UNKNOWN] check whether we can drop unnecessary instrumentation disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN], they are not needed testing commit 53771c1826da1344a90810469ad8e30ccaa0c00a gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f94a000072afb3f7f242b72c11efb452a82b3c47237e16083d9a36ba3b6848d0 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in vfs_rename representative crash: BUG: unable to handle kernel NULL pointer dereference in vfs_rename, types: [UNKNOWN] the bug reproduces without the instrumentation disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN LOCKDEP], they are not needed kconfig minimization: base=5179 full=6485 leaves diff=250 split chunks (needed=false): <250> split chunk #0 of len 250 into 5 parts testing without sub-chunk 1/5 disabling configs for [LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN], they are not needed testing commit 53771c1826da1344a90810469ad8e30ccaa0c00a gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 61c09fc821bb207f597fbbe68120eb2c29a3c116acda06af3bfbf2429c6df673 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in vfs_rename representative crash: BUG: unable to handle kernel NULL pointer dereference in vfs_rename, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed testing commit 53771c1826da1344a90810469ad8e30ccaa0c00a gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 745651fa470d784c41ab534d401e857384bb5386b9f6017ad08477e4abb65b5f all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in vfs_rename representative crash: BUG: unable to handle kernel NULL pointer dereference in vfs_rename, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 3/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit 53771c1826da1344a90810469ad8e30ccaa0c00a gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 6686209df31e7bb5136863fe88130fdcc9ebb08ab7ebb8b4ad076cd450dd0af0 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in vfs_rename representative crash: BUG: unable to handle kernel NULL pointer dereference in vfs_rename, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed testing commit 53771c1826da1344a90810469ad8e30ccaa0c00a gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: cb50c61f690b06a262600e863e3c52754ba99863013c476159e2b6867263d9f4 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in vfs_rename representative crash: BUG: unable to handle kernel NULL pointer dereference in vfs_rename, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN LOCKDEP], they are not needed testing commit 53771c1826da1344a90810469ad8e30ccaa0c00a gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 failed building 53771c1826da1344a90810469ad8e30ccaa0c00a: net/socket.c:1225: undefined reference to `wext_handle_ioctl' net/socket.c:3420: undefined reference to `compat_wext_handle_ioctl' net/core/net-procfs.c:329: undefined reference to `wext_proc_init' net/core/net-procfs.c:345: undefined reference to `wext_proc_exit' minimized to 50 configs; suspects: [HID_ZEROPLUS USB_NET_CDC_MBIM USB_NET_CDC_SUBSET USB_NET_CDC_SUBSET_ENABLE USB_NET_DM9601 USB_NET_GL620A USB_NET_MCS7830 USB_NET_NET1080 USB_NET_PLUSB USB_NET_RNDIS_HOST USB_NET_SMSC75XX USB_NET_SMSC95XX USB_NET_SR9700 USB_NET_SR9800 USB_NET_ZAURUS USB_OHCI_HCD USB_OHCI_HCD_PCI USB_OHCI_HCD_PLATFORM USB_OTG USB_OTG_FSM USB_PRINTER USB_SERIAL_GENERIC USB_SERIAL_PL2303 USB_STORAGE_ALAUDA USB_STORAGE_CYPRESS_ATACB USB_STORAGE_DATAFAB USB_STORAGE_FREECOM USB_STORAGE_ISD200 USB_STORAGE_JUMPSHOT USB_STORAGE_KARMA USB_STORAGE_ONETOUCH USB_STORAGE_SDDR09 USB_STORAGE_SDDR55 USB_STORAGE_USBAT USB_TRANCEVIBRATOR USB_U_AUDIO USB_U_ETHER USB_U_SERIAL USB_WDM WLAN WLAN_VENDOR_ATH WLAN_VENDOR_ATMEL WLAN_VENDOR_BROADCOM WLAN_VENDOR_INTERSIL WLAN_VENDOR_MARVELL WLAN_VENDOR_MEDIATEK WLAN_VENDOR_MICROCHIP WLAN_VENDOR_PURELIFI WLAN_VENDOR_RALINK WLAN_VENDOR_REALTEK WLAN_VENDOR_RSI WLAN_VENDOR_SILABS WLAN_VENDOR_ZYDAS X86_X32_ABI ZEROPLUS_FF] disabling configs for [LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed picked [v6.1.25 v6.1.24 v6.1.13 v6.1 v6.0 v5.19 v5.17 v5.15 v5.13 v5.11 v5.9 v5.6 v5.3 v5.0 v4.19] out of 49 release tags testing release v6.1.25 testing commit f17b0ab65d17988d5e6d6fe22f708ef3721080bf gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: ca2065944ae1cb947ed4ad5937cf0b4a6b307e84290af99ead01f19ff27df625 all runs: OK false negative chance: 0.000 # git bisect start 53771c1826da1344a90810469ad8e30ccaa0c00a f17b0ab65d17988d5e6d6fe22f708ef3721080bf Bisecting: 3212 revisions left to test after this (roughly 12 steps) [cd0c00f9e23f66e9826218eff156ea47f3c31121] Merge 42a7b4ed45e7 ("Merge tag 'for-5.17/io_uring-2022-01-11' of git://git.kernel.dk/linux-block") into android-mainline testing commit cd0c00f9e23f66e9826218eff156ea47f3c31121 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: a7edd85b55ad2a2e7e0e903a7ea4380eb83cd3f103e8102144b55110aacad22d all runs: OK false negative chance: 0.000 # git bisect good cd0c00f9e23f66e9826218eff156ea47f3c31121 Bisecting: 1606 revisions left to test after this (roughly 11 steps) [6b1ddf700e56651d5c77756ca423cb5aeede99ba] UPSTREAM: scsi: ufs: ufs-mediatek: Guard power management functions with CONFIG_PM testing commit 6b1ddf700e56651d5c77756ca423cb5aeede99ba gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b6f39e4b3cfeb42ff5f22cad814fe53878c36c732c87df2cc10c10234292ee64 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in vfs_rename representative crash: BUG: unable to handle kernel NULL pointer dereference in vfs_rename, types: [UNKNOWN] # git bisect bad 6b1ddf700e56651d5c77756ca423cb5aeede99ba Bisecting: 802 revisions left to test after this (roughly 10 steps) [416a0f5d4f7095a5c92bc6aa985ca8dfebdf84d7] ANDROID: GKI: Convert USB ACM as GKI module testing commit 416a0f5d4f7095a5c92bc6aa985ca8dfebdf84d7 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 4a8a1bc5ee069851302b83ed8a8bb29953c45fe8927bc1e628aabf0089bdab99 all runs: OK false negative chance: 0.000 # git bisect good 416a0f5d4f7095a5c92bc6aa985ca8dfebdf84d7 Bisecting: 401 revisions left to test after this (roughly 9 steps) [49d7088c5fd459895e1b2780971460ab49a2fddb] ANDROID: GKI: Source GKI_BUILD_CONFIG_FRAGMENT after setting all variables testing commit 49d7088c5fd459895e1b2780971460ab49a2fddb gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 4b6c5e8674fce728e2d52eb64cea746ad89c3dae945f2f93e0138c9381295356 all runs: OK false negative chance: 0.000 # git bisect good 49d7088c5fd459895e1b2780971460ab49a2fddb Bisecting: 200 revisions left to test after this (roughly 8 steps) [f88336fa4a557bd0d010d0b2a1ce3ad97e8f1efb] ANDROID: KVM: arm64: Support missing pKVM module sections testing commit f88336fa4a557bd0d010d0b2a1ce3ad97e8f1efb gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 failed building f88336fa4a557bd0d010d0b2a1ce3ad97e8f1efb: cp: cannot create regular file '/protected_exports': Permission denied # git bisect skip f88336fa4a557bd0d010d0b2a1ce3ad97e8f1efb Bisecting: 200 revisions left to test after this (roughly 8 steps) [e4c0c0c443057cd004cba7381ca26c027f7ebc2c] ANDROID: firmware_loader: Emit empty string when no custom paths testing commit e4c0c0c443057cd004cba7381ca26c027f7ebc2c gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 failed building e4c0c0c443057cd004cba7381ca26c027f7ebc2c: cp: cannot create regular file '/protected_exports': Permission denied # git bisect skip e4c0c0c443057cd004cba7381ca26c027f7ebc2c Bisecting: 200 revisions left to test after this (roughly 8 steps) [9c6dd2c51d577b09905871849a140a9fd0e0525e] ANDROID: KVM: arm64: Rename nVHE hyp event ELF sections testing commit 9c6dd2c51d577b09905871849a140a9fd0e0525e gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 6bac8af975cfe1cce0147d4b6514a091ca983a2666acd7ec3e6af9d62acd3f51 all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in vfs_rename representative crash: BUG: unable to handle kernel NULL pointer dereference in vfs_rename, types: [UNKNOWN] # git bisect bad 9c6dd2c51d577b09905871849a140a9fd0e0525e Bisecting: 140 revisions left to test after this (roughly 7 steps) [5ecbcb61e172d82faf1bd8c00b17837d3c658c59] ANDROID: ring-buffer: Introducing external writer support testing commit 5ecbcb61e172d82faf1bd8c00b17837d3c658c59 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: da9a4fae612538d4637c608793bb9f70c2834bb06293040abc9ee8818987d17e all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in vfs_rename representative crash: BUG: unable to handle kernel NULL pointer dereference in vfs_rename, types: [UNKNOWN] # git bisect bad 5ecbcb61e172d82faf1bd8c00b17837d3c658c59 Bisecting: 69 revisions left to test after this (roughly 6 steps) [57f3ff9648991998d008ecf32f2f9e78a08bfb8b] ANDROID: fuse-bpf v1.1 testing commit 57f3ff9648991998d008ecf32f2f9e78a08bfb8b gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b67dddba39814ab1f1dbd1f1a1a2fecc3396b3fdcb81cb0003317161f69f90fa all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in vfs_rename representative crash: BUG: unable to handle kernel NULL pointer dereference in vfs_rename, types: [UNKNOWN] # git bisect bad 57f3ff9648991998d008ecf32f2f9e78a08bfb8b Bisecting: 35 revisions left to test after this (roughly 5 steps) [1072495f4a7cc8eaf1e699d4680879b38ab0a48f] ANDROID: rwsem: Add vendor hook to the rw-semaphore testing commit 1072495f4a7cc8eaf1e699d4680879b38ab0a48f gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 59657d4615ad67505238e7ed1a17cbaeae5bd4d43a72b81a91cc530cf3cfdc7b all runs: OK false negative chance: 0.000 # git bisect good 1072495f4a7cc8eaf1e699d4680879b38ab0a48f Bisecting: 17 revisions left to test after this (roughly 4 steps) [3a49c6f70d4fbda47610e85400e8bea89c70e8c7] ANDROID: kbuild: customize module linker script for fips140 module testing commit 3a49c6f70d4fbda47610e85400e8bea89c70e8c7 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: c06c0f1c9a979c9c7d9032b095eb7e95bc59b87141f80eb7efbd6cd6d12f0968 all runs: OK false negative chance: 0.000 # git bisect good 3a49c6f70d4fbda47610e85400e8bea89c70e8c7 Bisecting: 8 revisions left to test after this (roughly 3 steps) [41d708af25a9fff133a94d80a35f71f2f0d26a88] ANDROID: fips140: add fips140_lab_util program testing commit 41d708af25a9fff133a94d80a35f71f2f0d26a88 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b322d07b26317dcdd513aa38c4f6045dfb7ce0328ec2b74285c048471ecda4a3 all runs: OK false negative chance: 0.000 # git bisect good 41d708af25a9fff133a94d80a35f71f2f0d26a88 Bisecting: 3 revisions left to test after this (roughly 2 steps) [955a8699b86ac3576d26c1ad77cccb2f5199b5a9] ANDROID: KVM: arm64: Fix calculation for number of relocs in .hyp.reloc testing commit 955a8699b86ac3576d26c1ad77cccb2f5199b5a9 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: fbaf726be68c7e79e35e8231979f0bafa48d6162bb6c34f21663d558c0b3ea2a all runs: OK false negative chance: 0.000 # git bisect good 955a8699b86ac3576d26c1ad77cccb2f5199b5a9 Bisecting: 1 revision left to test after this (roughly 1 step) [53b3a7721b7aec74d8fa2ee55c2480044cc7c1b8] Merge 6.1.1 into android14-6.1 testing commit 53b3a7721b7aec74d8fa2ee55c2480044cc7c1b8 gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 5a1a4c6bf3bf466ce823e1bfaf892dd559e9405656c5d13b912fb40d40e0bce3 all runs: OK false negative chance: 0.000 # git bisect good 53b3a7721b7aec74d8fa2ee55c2480044cc7c1b8 Bisecting: 0 revisions left to test after this (roughly 0 steps) [fb5ea70e2e33932b5b35fedd7a30cf5d9170126c] ANDROID: KVM: arm64: Add helper for pKVM modules addr conversion testing commit fb5ea70e2e33932b5b35fedd7a30cf5d9170126c gcc compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 06b98688e15d8ffce764871ea6c39a816d8b48bbb920429fd9dd29036fcfd54a all runs: OK false negative chance: 0.000 # git bisect good fb5ea70e2e33932b5b35fedd7a30cf5d9170126c 57f3ff9648991998d008ecf32f2f9e78a08bfb8b is the first bad commit commit 57f3ff9648991998d008ecf32f2f9e78a08bfb8b Author: Daniel Rosenberg Date: Thu Dec 2 13:50:02 2021 -0800 ANDROID: fuse-bpf v1.1 This is a squash of these changes cherry-picked from common-android13-5.10 ANDROID: fuse-bpf: Make compile and pass test ANDROID: fuse-bpf: set error_in to ENOENT in negative lookup ANDROID: fuse-bpf: Add ability to run ranges of tests to fuse_test ANDROID: fuse-bpf: Add test for lookup postfilter ANDROID: fuse-bpf: readddir postfilter fixes ANDROID: fix kernelci error in fs/fuse/dir.c ANDROID: fuse-bpf: Fix RCU/reference issue ANDROID: fuse-bpf: Always call revalidate for backing ANDROID: fuse-bpf: Adjust backing handle funcs ANDROID: fuse-bpf: Fix revalidate error path and backing handling ANDROID: fuse-bpf: Fix use of get_fuse_inode ANDROID: fuse: Don't use readdirplus w/ nodeid 0 ANDROID: fuse-bpf: Introduce readdirplus test case for fuse bpf ANDROID: fuse-bpf: Make sure force_again flag is false by default ANDROID: fuse-bpf: Make inodes with backing_fd reachable for regular FUSE fuse_iget Revert "ANDROID: fuse-bpf: use target instead of parent inode to execute backing revalidate" ANDROID: fuse-bpf: use target instead of parent inode to execute backing revalidate ANDROID: fuse-bpf: Fix misuse of args.out_args ANDROID: fuse-bpf: Fix non-fusebpf build ANDROID: fuse-bpf: Use fuse_bpf_args in uapi ANDROID: fuse-bpf: Fix read_iter ANDROID: fuse-bpf: Use cache and refcount ANDROID: fuse-bpf: Rename iocb_fuse to iocb_orig ANDROID: fuse-bpf: Fix fixattr in rename ANDROID: fuse-bpf: Fix readdir ANDROID: fuse-bpf: Fix lseek return value for offset 0 ANDROID: fuse-bpf: fix read_iter and write_iter ANDROID: fuse-bpf: fix special devices ANDROID: fuse-bpf: support FUSE_LSEEK ANDROID: fuse-bpf: Add support for FUSE_COPY_FILE_RANGE ANDROID: fuse-bpf: Report errors to finalize ANDROID: fuse-bpf: Avoid reusing uint64_t for file ANDROID: fuse-bpf: Fix CONFIG_FUSE_BPF typo in FUSE_FSYNCDIR ANDROID: fuse-bpf: Move fd operations to be synchronous ANDROID: fuse-bpf: Invalidate if lower is unhashed ANDROID: fuse-bpf: Move bpf earlier in fuse_permission ANDROID: fuse-bpf: Update attributes on file write ANDROID: fuse: allow mounting with no userspace daemon ANDROID: fuse-bpf: Support FUSE_STATFS ANDROID: fuse-bpf: Fix filldir ANDROID: fuse-bpf: fix fuse_create_open_finalize ANDROID: fuse: add bpf support for removexattr ANDROID: fuse-bpf: Fix truncate ANDROID: fuse-bpf: Support inotify ANDROID: fuse-bpf: Make compile with CONFIG_FUSE but no CONFIG_FUSE_BPF ANDROID: fuse-bpf: Fix perms on readdir ANDROID: fuse: Fix umasking in backing ANDROID: fs/fuse: Backing move returns EXDEV if TO not backed ANDROID: bpf-fuse: Fix Setattr ANDROID: fuse-bpf: Check if mkdir dentry setup ANDROID: fuse-bpf: Close backing fds in fuse_dentry_revalidate ANDROID: fuse-bpf: Close backing-fd on both paths ANDROID: fuse-bpf: Partial fix for mmap'd files ANDROID: fuse-bpf: Restore a missing const ANDROID: Add fuse-bpf self tests ANDROID: Add FUSE_BPF to gki_defconfig ANDROID: fuse-bpf v1 ANDROID: fuse: Move functions in preparation for fuse-bpf Bug: 202785178 Bug: 265206112 Test: test_fuse passes on linux. On cuttlefish, atest android.scopedstorage.cts.host.ScopedStorageHostTest passes with fuse-bpf enabled and disabled Change-Id: Idb099c281f9b39ff2c46fa3ebc63e508758416ee Signed-off-by: Paul Lawrence Signed-off-by: Daniel Rosenberg arch/arm64/configs/gki_defconfig | 1 + arch/x86/configs/gki_defconfig | 1 + fs/fuse/Kconfig | 8 + fs/fuse/Makefile | 1 + fs/fuse/backing.c | 2468 ++++++++++++++++++++ fs/fuse/control.c | 2 +- fs/fuse/dev.c | 19 + fs/fuse/dir.c | 532 +++-- fs/fuse/file.c | 130 ++ fs/fuse/fuse_i.h | 720 +++++- fs/fuse/inode.c | 322 ++- fs/fuse/passthrough.c | 2 +- fs/fuse/readdir.c | 22 + fs/fuse/xattr.c | 40 + include/linux/bpf_types.h | 3 + include/uapi/linux/android_fuse.h | 95 + include/uapi/linux/bpf.h | 10 + kernel/bpf/Makefile | 3 + kernel/bpf/bpf_fuse.c | 128 + kernel/bpf/btf.c | 1 + .../testing/selftests/filesystems/fuse/.gitignore | 2 + tools/testing/selftests/filesystems/fuse/Makefile | 34 + tools/testing/selftests/filesystems/fuse/OWNERS | 2 + .../selftests/filesystems/fuse/bpf_loader.c | 791 +++++++ tools/testing/selftests/filesystems/fuse/fd.txt | 21 + tools/testing/selftests/filesystems/fuse/fd_bpf.c | 252 ++ .../selftests/filesystems/fuse/fuse_daemon.c | 294 +++ .../testing/selftests/filesystems/fuse/fuse_test.c | 2142 +++++++++++++++++ .../testing/selftests/filesystems/fuse/test_bpf.c | 507 ++++ .../selftests/filesystems/fuse/test_framework.h | 179 ++ .../testing/selftests/filesystems/fuse/test_fuse.h | 337 +++ .../selftests/filesystems/fuse/test_fuse_bpf.h | 65 + 32 files changed, 8929 insertions(+), 205 deletions(-) create mode 100644 fs/fuse/backing.c create mode 100644 include/uapi/linux/android_fuse.h create mode 100644 kernel/bpf/bpf_fuse.c create mode 100644 tools/testing/selftests/filesystems/fuse/.gitignore create mode 100644 tools/testing/selftests/filesystems/fuse/Makefile create mode 100644 tools/testing/selftests/filesystems/fuse/OWNERS create mode 100644 tools/testing/selftests/filesystems/fuse/bpf_loader.c create mode 100644 tools/testing/selftests/filesystems/fuse/fd.txt create mode 100644 tools/testing/selftests/filesystems/fuse/fd_bpf.c create mode 100644 tools/testing/selftests/filesystems/fuse/fuse_daemon.c create mode 100644 tools/testing/selftests/filesystems/fuse/fuse_test.c create mode 100644 tools/testing/selftests/filesystems/fuse/test_bpf.c create mode 100644 tools/testing/selftests/filesystems/fuse/test_framework.h create mode 100644 tools/testing/selftests/filesystems/fuse/test_fuse.h create mode 100644 tools/testing/selftests/filesystems/fuse/test_fuse_bpf.h accumulated error probability: 0.00 culprit signature: b67dddba39814ab1f1dbd1f1a1a2fecc3396b3fdcb81cb0003317161f69f90fa parent signature: 06b98688e15d8ffce764871ea6c39a816d8b48bbb920429fd9dd29036fcfd54a revisions tested: 20, total time: 3h49m8.202574969s (build: 1h15m31.811652114s, test: 2h26m6.649691544s) first bad commit: 57f3ff9648991998d008ecf32f2f9e78a08bfb8b ANDROID: fuse-bpf v1.1 recipients (to): ["drosen@google.com" "paullawrence@google.com"] recipients (cc): [] crash: BUG: unable to handle kernel NULL pointer dereference in vfs_rename BUG: kernel NULL pointer dereference, address: 0000000000000040 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 113c74067 P4D 113c74067 PUD 113c78067 PMD 0 Oops: 0000 [#1] PREEMPT SMP CPU: 1 PID: 349 Comm: syz-executor.0 Not tainted 6.1.1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 RIP: 0010:vfs_rename+0x48/0x5e0 fs/namei.c:4692 Code: 00 00 48 89 45 d0 4c 8b 47 08 4c 8b 7f 10 48 8b 4f 20 48 8b 77 28 4c 8b 4f 30 41 bd 00 00 60 00 45 23 2f 8b 57 38 49 8b 5f 30 <48> 8b 7e 30 48 8b 41 28 8b 80 08 04 00 00 48 c7 45 c8 00 00 00 00 RSP: 0018:ffffc90000727d30 EFLAGS: 00010206 RAX: a1de9ad0eaba3600 RBX: ffff88810bab0000 RCX: ffff88810bab3480 RDX: 0000000000000000 RSI: 0000000000000010 RDI: ffffc90000727e90 RBP: ffffc90000727dd8 R08: ffff88810bab3480 R09: ffffc90000727e40 R10: ffff8881123f4f00 R11: ffff888100041400 R12: ffffc90000727e90 R13: 0000000000400000 R14: 0000000020000101 R15: ffff888113419540 FS: 00007f5b92bba6c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000040 CR3: 0000000112230000 CR4: 00000000003506a0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: do_renameat2+0x404/0x600 fs/namei.c:4930 __do_sys_rename fs/namei.c:4976 [inline] __se_sys_rename fs/namei.c:4974 [inline] __x64_sys_rename+0x3f/0x50 fs/namei.c:4974 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f5b91e7cae9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f5b92bba0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 RAX: ffffffffffffffda RBX: 00007f5b91f9bf80 RCX: 00007f5b91e7cae9 RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000100 RBP: 00007f5b91ec847a R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000000b R14: 00007f5b91f9bf80 R15: 00007ffff5eea808 Modules linked in: CR2: 0000000000000040 ---[ end trace 0000000000000000 ]--- RIP: 0010:vfs_rename+0x48/0x5e0 fs/namei.c:4692 Code: 00 00 48 89 45 d0 4c 8b 47 08 4c 8b 7f 10 48 8b 4f 20 48 8b 77 28 4c 8b 4f 30 41 bd 00 00 60 00 45 23 2f 8b 57 38 49 8b 5f 30 <48> 8b 7e 30 48 8b 41 28 8b 80 08 04 00 00 48 c7 45 c8 00 00 00 00 RSP: 0018:ffffc90000727d30 EFLAGS: 00010206 RAX: a1de9ad0eaba3600 RBX: ffff88810bab0000 RCX: ffff88810bab3480 RDX: 0000000000000000 RSI: 0000000000000010 RDI: ffffc90000727e90 RBP: ffffc90000727dd8 R08: ffff88810bab3480 R09: ffffc90000727e40 R10: ffff8881123f4f00 R11: ffff888100041400 R12: ffffc90000727e90 R13: 0000000000400000 R14: 0000000020000101 R15: ffff888113419540 FS: 00007f5b92bba6c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000040 CR3: 0000000112230000 CR4: 00000000003506a0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 00 00 add %al,(%rax) 2: 48 89 45 d0 mov %rax,-0x30(%rbp) 6: 4c 8b 47 08 mov 0x8(%rdi),%r8 a: 4c 8b 7f 10 mov 0x10(%rdi),%r15 e: 48 8b 4f 20 mov 0x20(%rdi),%rcx 12: 48 8b 77 28 mov 0x28(%rdi),%rsi 16: 4c 8b 4f 30 mov 0x30(%rdi),%r9 1a: 41 bd 00 00 60 00 mov $0x600000,%r13d 20: 45 23 2f and (%r15),%r13d 23: 8b 57 38 mov 0x38(%rdi),%edx 26: 49 8b 5f 30 mov 0x30(%r15),%rbx * 2a: 48 8b 7e 30 mov 0x30(%rsi),%rdi <-- trapping instruction 2e: 48 8b 41 28 mov 0x28(%rcx),%rax 32: 8b 80 08 04 00 00 mov 0x408(%rax),%eax 38: 48 c7 45 c8 00 00 00 movq $0x0,-0x38(%rbp) 3f: 00