ci2 starts bisection 2023-05-15 16:19:04.598678594 +0000 UTC m=+24812.706306729 bisecting cause commit starting from 6f4553626dbd0b15d25da5a3b2e05ad2be4780d4 building syzkaller on 2b9ba477a18ed0cc53e6b29a9641292709a7ba24 ensuring issue is reproducible on original commit 6f4553626dbd0b15d25da5a3b2e05ad2be4780d4 testing commit 6f4553626dbd0b15d25da5a3b2e05ad2be4780d4 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 19314ca156c9b3163a80ffb97a479056a82306209485cd994ef2dcd8bf59320b all runs: crashed: general protection fault in step_into testing release v6.1.25 testing commit f17b0ab65d17988d5e6d6fe22f708ef3721080bf gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 588d37bafdfcc0aeab5328b25204c533357666cab92f7a0d897c56b73bc5bd65 all runs: OK # git bisect start 6f4553626dbd0b15d25da5a3b2e05ad2be4780d4 f17b0ab65d17988d5e6d6fe22f708ef3721080bf Bisecting: 2750 revisions left to test after this (roughly 12 steps) [48e9e09266fa31e26053e714b6b2b04e2c779c15] ANDROID: I3C: Enable I3C core framework testing commit 48e9e09266fa31e26053e714b6b2b04e2c779c15 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a600e5371f1f9c974b6e6c937eaf45c6f8a16eadd18864cedcd79c00898d233c all runs: basic kernel testing failed: UBSAN: object-size-mismatch in send4 # git bisect skip 48e9e09266fa31e26053e714b6b2b04e2c779c15 Bisecting: 2748 revisions left to test after this (roughly 12 steps) [5b57fee1aca6700e2833b2055d18c8966de815ec] ANDROID: GKI: Enable CONFIG_MEMCG testing commit 5b57fee1aca6700e2833b2055d18c8966de815ec gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: abba02c018c91a9dcbbc4829aac76088ebac1f2ba823eaa5d2c5d395c3631aed all runs: basic kernel testing failed: UBSAN: object-size-mismatch in send4 # git bisect skip 5b57fee1aca6700e2833b2055d18c8966de815ec Bisecting: 2748 revisions left to test after this (roughly 12 steps) [5ab47c085c07865813b1bf4e2ca09cbbc7629e5a] ANDROID: Revert "net: wireless: Add module_param(mac_prefix) to mac80211_hwsim" testing commit 5ab47c085c07865813b1bf4e2ca09cbbc7629e5a gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: e8b1e962b7418322ae8a693fbc55d439e09a184adbe126957041bacf9a9b5400 run #0: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #1: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #2: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #3: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #4: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #5: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #6: basic kernel testing failed: KASAN: use-after-free Read in attach_pid run #7: basic kernel testing failed: UBSAN: object-size-mismatch in ip_send_unicast_reply run #8: basic kernel testing failed: UBSAN: object-size-mismatch in send4 run #9: basic kernel testing failed: KASAN: use-after-free Read in attach_pid # git bisect skip 5ab47c085c07865813b1bf4e2ca09cbbc7629e5a Bisecting: 2748 revisions left to test after this (roughly 12 steps) [4f73cf46ab6f7040f4ace9ba581cf554b01fd6a4] ANDROID: KVM: arm64: Expose kvm_flush_dcache_to_poc() in module_ops testing commit 4f73cf46ab6f7040f4ace9ba581cf554b01fd6a4 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5440a47df285b5d1bc4d1e8abe3c8a64e6aa9b7cb114361f48b84100c011fc22 all runs: OK # git bisect good 4f73cf46ab6f7040f4ace9ba581cf554b01fd6a4 Bisecting: 573 revisions left to test after this (roughly 9 steps) [a0bdc392de06a51adf8ae0aeb4a358c1ed7c1b87] Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-6.1.y' into android14-6.1 testing commit a0bdc392de06a51adf8ae0aeb4a358c1ed7c1b87 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1046d8e1d2456aa72d2735c66c59ce26ca770faf7486d194eec46131667de15c all runs: crashed: general protection fault in step_into # git bisect bad a0bdc392de06a51adf8ae0aeb4a358c1ed7c1b87 Bisecting: 311 revisions left to test after this (roughly 8 steps) [116e1532b95d99cc54613885509e92f2ce2b6d8c] ANDROID: arm64/mm: Add command line option to make ZONE_DMA32 empty testing commit 116e1532b95d99cc54613885509e92f2ce2b6d8c gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 failed building 116e1532b95d99cc54613885509e92f2ce2b6d8c: cp: cannot create regular file '/protected_exports': Permission denied # git bisect skip 116e1532b95d99cc54613885509e92f2ce2b6d8c Bisecting: 311 revisions left to test after this (roughly 8 steps) [6c883e2e373401b3455b439a4678f3fe66e85b7a] f2fs: Revert "f2fs: truncate blocks in batch in __complete_revoke_list()" testing commit 6c883e2e373401b3455b439a4678f3fe66e85b7a gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5847f8fb39e454369aa73e2db31623cd7b8712e950bc25744029b110d070c942 all runs: OK # git bisect good 6c883e2e373401b3455b439a4678f3fe66e85b7a Bisecting: 231 revisions left to test after this (roughly 8 steps) [ac666c99ee952f10603c26a05a57b78e23eb123d] UPSTREAM: scsi: ufs: core: Rely on the block layer for setting RQF_PM testing commit ac666c99ee952f10603c26a05a57b78e23eb123d gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 28607e9adf0b913fe2569072fd3afd047edc0043687695e5201e42466a08a44e all runs: crashed: general protection fault in step_into # git bisect bad ac666c99ee952f10603c26a05a57b78e23eb123d Bisecting: 217 revisions left to test after this (roughly 8 steps) [cc50e0da70a3c9fbde40b29e0338432f7c0f5be0] ANDROID: sched: add vendor hook to PELT multiplier testing commit cc50e0da70a3c9fbde40b29e0338432f7c0f5be0 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: be4be1f88802b4dfa8588b423a9683e53b94de980cd628ff49b0246df31385c6 all runs: crashed: general protection fault in step_into # git bisect bad cc50e0da70a3c9fbde40b29e0338432f7c0f5be0 Bisecting: 108 revisions left to test after this (roughly 7 steps) [4dea3c22ab65899917b6e68a2277c19e5469f67d] ANDROID: fscrypt, blk-crypto: drop HW-wrapped key compatibility check testing commit 4dea3c22ab65899917b6e68a2277c19e5469f67d gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: ab339ec4e9816f6adc1acacd53fdb74b85b331863078c3ccedf2fb090f89c7e6 all runs: crashed: general protection fault in step_into # git bisect bad 4dea3c22ab65899917b6e68a2277c19e5469f67d Bisecting: 53 revisions left to test after this (roughly 6 steps) [66d68a50dbcdf62ab36dd977867685f7df7fcbd7] BACKPORT: blk-crypto: don't use struct request_queue for public interfaces testing commit 66d68a50dbcdf62ab36dd977867685f7df7fcbd7 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 failed building 66d68a50dbcdf62ab36dd977867685f7df7fcbd7: drivers/md/dm-default-key.c:71:30: error: incompatible pointer types passing 'struct request_queue *' to parameter of type 'struct block_device *' [-Werror,-Wincompatible-pointer-types] drivers/md/dm-default-key.c:248:35: error: incompatible pointer types passing 'struct blk_crypto_key *' to parameter of type 'struct block_device *' [-Werror,-Wincompatible-pointer-types] drivers/md/dm-default-key.c:249:7: error: incompatible pointer types passing 'struct request_queue *' to parameter of type 'const struct blk_crypto_key *' [-Werror,-Wincompatible-pointer-types] # git bisect skip 66d68a50dbcdf62ab36dd977867685f7df7fcbd7 Bisecting: 53 revisions left to test after this (roughly 6 steps) [9deaf617bd5b68ceb0df201f45d401588090c8ca] Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-6.1.y' into android14-6.1 testing commit 9deaf617bd5b68ceb0df201f45d401588090c8ca gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 9df5300dd7e2574855dc0322670ae44aec6e41aa1b8a8b069cefda0e291f5a24 all runs: OK # git bisect good 9deaf617bd5b68ceb0df201f45d401588090c8ca Bisecting: 36 revisions left to test after this (roughly 5 steps) [7d969932eec583efdec695b4ee5d57ba6a88a186] ANDROID: KVM: arm64: Introduce a hyp panic module notifier testing commit 7d969932eec583efdec695b4ee5d57ba6a88a186 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 9a067d2717cf7f5e7e32f121607f4ab0180dd4899974ecaf874d5f71869d1f5c all runs: OK # git bisect good 7d969932eec583efdec695b4ee5d57ba6a88a186 Bisecting: 17 revisions left to test after this (roughly 4 steps) [4dc1a5b9559230994affffca7c5ce45ea11406ad] ANDROID: arm64: disable LSE when building the FIPS140 module testing commit 4dc1a5b9559230994affffca7c5ce45ea11406ad gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 50f1bc8de96dcaff34546d9227ac6631a563334314ae12862f8d8a533d46b557 all runs: OK # git bisect good 4dc1a5b9559230994affffca7c5ce45ea11406ad Bisecting: 8 revisions left to test after this (roughly 3 steps) [1c28907d7396680dbbfcb341340369e69aa670f4] ANDROID: timer: Add vendor hook for timer calc index testing commit 1c28907d7396680dbbfcb341340369e69aa670f4 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8763f722dbc607b6d8c03f487345f715921858b0daeca19e4b42b9a87c1fe5eb all runs: OK # git bisect good 1c28907d7396680dbbfcb341340369e69aa670f4 Bisecting: 3 revisions left to test after this (roughly 2 steps) [ae696a5a231d6d9e5ae318b48179c96557412db0] ANDROID: fuse-bpf: Add /sys/fs flags for fuse-bpf version testing commit ae696a5a231d6d9e5ae318b48179c96557412db0 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: dc01d1e51e4eba082e51d781c2f5d30cdb69930a0fac610d0009bf872c9801c7 all runs: crashed: general protection fault in step_into # git bisect bad ae696a5a231d6d9e5ae318b48179c96557412db0 Bisecting: 1 revision left to test after this (roughly 1 step) [57f3ff9648991998d008ecf32f2f9e78a08bfb8b] ANDROID: fuse-bpf v1.1 testing commit 57f3ff9648991998d008ecf32f2f9e78a08bfb8b gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: be2234c9561037ed7c0eb0a601da6a80e1f4b135c4bd15392a18ec2cb12206e6 all runs: crashed: general protection fault in step_into # git bisect bad 57f3ff9648991998d008ecf32f2f9e78a08bfb8b Bisecting: 1 revision left to test after this (roughly 1 step) [53b3a7721b7aec74d8fa2ee55c2480044cc7c1b8] Merge 6.1.1 into android14-6.1 testing commit 53b3a7721b7aec74d8fa2ee55c2480044cc7c1b8 gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 244c2fc0f5bffd6cd8740f7a099b8e3235d43b05b3c09079df04439c5fbdc3fa all runs: OK # git bisect good 53b3a7721b7aec74d8fa2ee55c2480044cc7c1b8 Bisecting: 0 revisions left to test after this (roughly 0 steps) [fb5ea70e2e33932b5b35fedd7a30cf5d9170126c] ANDROID: KVM: arm64: Add helper for pKVM modules addr conversion testing commit fb5ea70e2e33932b5b35fedd7a30cf5d9170126c gcc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 21a7584316897c37b7f6011daccb2fb7882dec4f4b8053da7b525aaec8beb2fc all runs: OK # git bisect good fb5ea70e2e33932b5b35fedd7a30cf5d9170126c 57f3ff9648991998d008ecf32f2f9e78a08bfb8b is the first bad commit commit 57f3ff9648991998d008ecf32f2f9e78a08bfb8b Author: Daniel Rosenberg Date: Thu Dec 2 13:50:02 2021 -0800 ANDROID: fuse-bpf v1.1 This is a squash of these changes cherry-picked from common-android13-5.10 ANDROID: fuse-bpf: Make compile and pass test ANDROID: fuse-bpf: set error_in to ENOENT in negative lookup ANDROID: fuse-bpf: Add ability to run ranges of tests to fuse_test ANDROID: fuse-bpf: Add test for lookup postfilter ANDROID: fuse-bpf: readddir postfilter fixes ANDROID: fix kernelci error in fs/fuse/dir.c ANDROID: fuse-bpf: Fix RCU/reference issue ANDROID: fuse-bpf: Always call revalidate for backing ANDROID: fuse-bpf: Adjust backing handle funcs ANDROID: fuse-bpf: Fix revalidate error path and backing handling ANDROID: fuse-bpf: Fix use of get_fuse_inode ANDROID: fuse: Don't use readdirplus w/ nodeid 0 ANDROID: fuse-bpf: Introduce readdirplus test case for fuse bpf ANDROID: fuse-bpf: Make sure force_again flag is false by default ANDROID: fuse-bpf: Make inodes with backing_fd reachable for regular FUSE fuse_iget Revert "ANDROID: fuse-bpf: use target instead of parent inode to execute backing revalidate" ANDROID: fuse-bpf: use target instead of parent inode to execute backing revalidate ANDROID: fuse-bpf: Fix misuse of args.out_args ANDROID: fuse-bpf: Fix non-fusebpf build ANDROID: fuse-bpf: Use fuse_bpf_args in uapi ANDROID: fuse-bpf: Fix read_iter ANDROID: fuse-bpf: Use cache and refcount ANDROID: fuse-bpf: Rename iocb_fuse to iocb_orig ANDROID: fuse-bpf: Fix fixattr in rename ANDROID: fuse-bpf: Fix readdir ANDROID: fuse-bpf: Fix lseek return value for offset 0 ANDROID: fuse-bpf: fix read_iter and write_iter ANDROID: fuse-bpf: fix special devices ANDROID: fuse-bpf: support FUSE_LSEEK ANDROID: fuse-bpf: Add support for FUSE_COPY_FILE_RANGE ANDROID: fuse-bpf: Report errors to finalize ANDROID: fuse-bpf: Avoid reusing uint64_t for file ANDROID: fuse-bpf: Fix CONFIG_FUSE_BPF typo in FUSE_FSYNCDIR ANDROID: fuse-bpf: Move fd operations to be synchronous ANDROID: fuse-bpf: Invalidate if lower is unhashed ANDROID: fuse-bpf: Move bpf earlier in fuse_permission ANDROID: fuse-bpf: Update attributes on file write ANDROID: fuse: allow mounting with no userspace daemon ANDROID: fuse-bpf: Support FUSE_STATFS ANDROID: fuse-bpf: Fix filldir ANDROID: fuse-bpf: fix fuse_create_open_finalize ANDROID: fuse: add bpf support for removexattr ANDROID: fuse-bpf: Fix truncate ANDROID: fuse-bpf: Support inotify ANDROID: fuse-bpf: Make compile with CONFIG_FUSE but no CONFIG_FUSE_BPF ANDROID: fuse-bpf: Fix perms on readdir ANDROID: fuse: Fix umasking in backing ANDROID: fs/fuse: Backing move returns EXDEV if TO not backed ANDROID: bpf-fuse: Fix Setattr ANDROID: fuse-bpf: Check if mkdir dentry setup ANDROID: fuse-bpf: Close backing fds in fuse_dentry_revalidate ANDROID: fuse-bpf: Close backing-fd on both paths ANDROID: fuse-bpf: Partial fix for mmap'd files ANDROID: fuse-bpf: Restore a missing const ANDROID: Add fuse-bpf self tests ANDROID: Add FUSE_BPF to gki_defconfig ANDROID: fuse-bpf v1 ANDROID: fuse: Move functions in preparation for fuse-bpf Bug: 202785178 Bug: 265206112 Test: test_fuse passes on linux. On cuttlefish, atest android.scopedstorage.cts.host.ScopedStorageHostTest passes with fuse-bpf enabled and disabled Change-Id: Idb099c281f9b39ff2c46fa3ebc63e508758416ee Signed-off-by: Paul Lawrence Signed-off-by: Daniel Rosenberg arch/arm64/configs/gki_defconfig | 1 + arch/x86/configs/gki_defconfig | 1 + fs/fuse/Kconfig | 8 + fs/fuse/Makefile | 1 + fs/fuse/backing.c | 2468 ++++++++++++++++++++ fs/fuse/control.c | 2 +- fs/fuse/dev.c | 19 + fs/fuse/dir.c | 532 +++-- fs/fuse/file.c | 130 ++ fs/fuse/fuse_i.h | 720 +++++- fs/fuse/inode.c | 322 ++- fs/fuse/passthrough.c | 2 +- fs/fuse/readdir.c | 22 + fs/fuse/xattr.c | 40 + include/linux/bpf_types.h | 3 + include/uapi/linux/android_fuse.h | 95 + include/uapi/linux/bpf.h | 10 + kernel/bpf/Makefile | 3 + kernel/bpf/bpf_fuse.c | 128 + kernel/bpf/btf.c | 1 + .../testing/selftests/filesystems/fuse/.gitignore | 2 + tools/testing/selftests/filesystems/fuse/Makefile | 34 + tools/testing/selftests/filesystems/fuse/OWNERS | 2 + .../selftests/filesystems/fuse/bpf_loader.c | 791 +++++++ tools/testing/selftests/filesystems/fuse/fd.txt | 21 + tools/testing/selftests/filesystems/fuse/fd_bpf.c | 252 ++ .../selftests/filesystems/fuse/fuse_daemon.c | 294 +++ .../testing/selftests/filesystems/fuse/fuse_test.c | 2142 +++++++++++++++++ .../testing/selftests/filesystems/fuse/test_bpf.c | 507 ++++ .../selftests/filesystems/fuse/test_framework.h | 179 ++ .../testing/selftests/filesystems/fuse/test_fuse.h | 337 +++ .../selftests/filesystems/fuse/test_fuse_bpf.h | 65 + 32 files changed, 8929 insertions(+), 205 deletions(-) create mode 100644 fs/fuse/backing.c create mode 100644 include/uapi/linux/android_fuse.h create mode 100644 kernel/bpf/bpf_fuse.c create mode 100644 tools/testing/selftests/filesystems/fuse/.gitignore create mode 100644 tools/testing/selftests/filesystems/fuse/Makefile create mode 100644 tools/testing/selftests/filesystems/fuse/OWNERS create mode 100644 tools/testing/selftests/filesystems/fuse/bpf_loader.c create mode 100644 tools/testing/selftests/filesystems/fuse/fd.txt create mode 100644 tools/testing/selftests/filesystems/fuse/fd_bpf.c create mode 100644 tools/testing/selftests/filesystems/fuse/fuse_daemon.c create mode 100644 tools/testing/selftests/filesystems/fuse/fuse_test.c create mode 100644 tools/testing/selftests/filesystems/fuse/test_bpf.c create mode 100644 tools/testing/selftests/filesystems/fuse/test_framework.h create mode 100644 tools/testing/selftests/filesystems/fuse/test_fuse.h create mode 100644 tools/testing/selftests/filesystems/fuse/test_fuse_bpf.h culprit signature: be2234c9561037ed7c0eb0a601da6a80e1f4b135c4bd15392a18ec2cb12206e6 parent signature: 21a7584316897c37b7f6011daccb2fb7882dec4f4b8053da7b525aaec8beb2fc revisions tested: 19, total time: 8h41m42.008556448s (build: 6h36m34.562105251s, test: 1h58m37.730874136s) first bad commit: 57f3ff9648991998d008ecf32f2f9e78a08bfb8b ANDROID: fuse-bpf v1.1 recipients (to): ["drosen@google.com" "paullawrence@google.com"] recipients (cc): [] crash: general protection fault in step_into general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] CPU: 0 PID: 348 Comm: syz-executor.0 Not tainted 6.1.1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023 RIP: 0010:traverse_mounts fs/namei.c:1428 [inline] RIP: 0010:handle_mounts fs/namei.c:1540 [inline] RIP: 0010:step_into+0x1ae/0xe70 fs/namei.c:1831 Code: c0 0f 85 70 0a 00 00 44 8b 3b 43 80 3c 26 00 74 0a 48 8b 7c 24 60 e8 31 11 f5 ff 48 8b 9c 24 d8 00 00 00 48 89 d8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 5d 0a 00 00 8b 33 f7 c6 00 00 07 00 0f RSP: 0018:ffffc90000d278a0 EFLAGS: 00010202 RAX: 0000000000000002 RBX: 0000000000000010 RCX: dffffc0000000000 RDX: 0000000000000010 RSI: 0000000000000002 RDI: ffffc90000d27c20 RBP: ffffc90000d279f0 R08: dffffc0000000000 R09: ffffed1024462215 R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 R13: ffffc90000d27c20 R14: 1ffff920001a4f2f R15: 0000000000000011 FS: 00007f8bcc186700(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f8bcc165718 CR3: 000000011f41f000 CR4: 00000000003506b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: walk_component fs/namei.c:1999 [inline] link_path_walk+0x56b/0xce0 fs/namei.c:2320 path_lookupat+0xaf/0x340 fs/namei.c:2473 filename_lookup+0x242/0x560 fs/namei.c:2503 user_path_at_empty+0x38/0x150 fs/namei.c:2876 user_path_at include/linux/namei.h:57 [inline] do_mount fs/namespace.c:3380 [inline] __do_sys_mount fs/namespace.c:3591 [inline] __se_sys_mount+0x21f/0x2d0 fs/namespace.c:3568 __x64_sys_mount+0xba/0xd0 fs/namespace.c:3568 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f8bcb48c169 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f8bcc186168 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00007f8bcb5abf80 RCX: 00007f8bcb48c169 RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000000 RBP: 00007f8bcb4e7ca1 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe402a1b8f R14: 00007f8bcc186300 R15: 0000000000022000 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:traverse_mounts fs/namei.c:1428 [inline] RIP: 0010:handle_mounts fs/namei.c:1540 [inline] RIP: 0010:step_into+0x1ae/0xe70 fs/namei.c:1831 Code: c0 0f 85 70 0a 00 00 44 8b 3b 43 80 3c 26 00 74 0a 48 8b 7c 24 60 e8 31 11 f5 ff 48 8b 9c 24 d8 00 00 00 48 89 d8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 5d 0a 00 00 8b 33 f7 c6 00 00 07 00 0f RSP: 0018:ffffc90000d278a0 EFLAGS: 00010202 RAX: 0000000000000002 RBX: 0000000000000010 RCX: dffffc0000000000 RDX: 0000000000000010 RSI: 0000000000000002 RDI: ffffc90000d27c20 RBP: ffffc90000d279f0 R08: dffffc0000000000 R09: ffffed1024462215 R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 R13: ffffc90000d27c20 R14: 1ffff920001a4f2f R15: 0000000000000011 FS: 00007f8bcc186700(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f8bcb5ad988 CR3: 000000011f41f000 CR4: 00000000003506a0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: c0 0f 85 rorb $0x85,(%rdi) 3: 70 0a jo 0xf 5: 00 00 add %al,(%rax) 7: 44 8b 3b mov (%rbx),%r15d a: 43 80 3c 26 00 cmpb $0x0,(%r14,%r12,1) f: 74 0a je 0x1b 11: 48 8b 7c 24 60 mov 0x60(%rsp),%rdi 16: e8 31 11 f5 ff callq 0xfff5114c 1b: 48 8b 9c 24 d8 00 00 mov 0xd8(%rsp),%rbx 22: 00 23: 48 89 d8 mov %rbx,%rax 26: 48 c1 e8 03 shr $0x3,%rax * 2a: 42 0f b6 04 20 movzbl (%rax,%r12,1),%eax <-- trapping instruction 2f: 84 c0 test %al,%al 31: 0f 85 5d 0a 00 00 jne 0xa94 37: 8b 33 mov (%rbx),%esi 39: f7 c6 00 00 07 00 test $0x70000,%esi 3f: 0f .byte 0xf