User-triggerable WARNING with fuse

From: Tero Roponen
Date: Fri Feb 01 2013 - 06:40:25 EST

Next message: Stephen Rothwell: "Re: Linux-Next releases this week?"
Previous message: Stanislav Kinsbursky: "[PATCH 1/2] per-cpu semaphores: export symbols to modules"
Next in thread: Miklos Szeredi: "Re: User-triggerable WARNING with fuse"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Using the attached program I can trigger the following WARNING
reliably as a normal user. This happens at least both in 3.8-rc6
and 3.7.5.

The kernel is tainted by proprietary NVIDIA module, but I don't
thinks it matters in this case.

[ 4390.882323] ------------[ cut here ]------------
[ 4390.882342] WARNING: at fs/inode.c:280 drop_nlink+0x41/0x50()
[ 4390.882345] Hardware name: M50Vm
[ 4390.882347] Modules linked in: fuse rfcomm bnep snd_hda_codec_hdmi
nvidia(PO) snd_hda_codec_realtek snd_hda_intel iwldvm snd_hda_codec
snd_hwdep uvcvideo btusb videobuf2_vmalloc videobuf2_memops videobuf2_core
mac80211 bluetooth snd_seq snd_seq_device snd_pcm asus_laptop iwlwifi
cfg80211 snd_page_alloc snd_timer videodev r8169 input_polldev
sparse_keymap snd soundcore kvm_intel kvm microcode rfkill i2c_core mii
pcspkr uinput hid_generic firewire_ohci sdhci_pci sdhci mmc_core
firewire_core crc_itu_t
[ 4390.882438] Pid: 6040, comm: rm Tainted: P W O 3.8.0-rc6 #1
[ 4390.882442] Call Trace:
[ 4390.882453] [<ffffffff81032eca>] warn_slowpath_common+0x7a/0xb0
[ 4390.882460] [<ffffffff81032f15>] warn_slowpath_null+0x15/0x20
[ 4390.882466] [<ffffffff81101dd1>] drop_nlink+0x41/0x50
[ 4390.882478] [<ffffffffa00d261f>] fuse_unlink+0xdf/0x130 [fuse]
[ 4390.882486] [<ffffffff810f6cfd>] vfs_unlink+0x8d/0x100
[ 4390.882493] [<ffffffff810f6f09>] do_unlinkat+0x199/0x220
[ 4390.882501] [<ffffffff81092e82>] ? call_rcu_sched+0x12/0x20
[ 4390.882508] [<ffffffff81057c2a>] ? __put_cred+0x3a/0x50
[ 4390.882516] [<ffffffff810e9977>] ? sys_faccessat+0x137/0x1e0
[ 4390.882524] [<ffffffff810f94b6>] sys_unlinkat+0x16/0x40
[ 4390.882532] [<ffffffff81490c16>] system_call_fastpath+0x1a/0x1f
[ 4390.882536] ---[ end trace 372eef394febff4c ]---/*
* $ gcc warn.c -o warn -D_FILE_OFFSET_BITS=64 -DFUSE_USE_VERSION=26 -lfuse
*
* $ mkdir mnt
* $ ./warn mnt
* $ rm mnt/foo
*/

#include <fuse/fuse.h>

static int readdir_op(const char *path, void *buf,
fuse_fill_dir_t filler, off_t offset,
struct fuse_file_info *fi)
{
struct stat st = {.st_mode = S_IFREG | 0666};
filler(buf, "foo", &st, 0);
return 0;
}

static int getattr_op(const char *path, struct stat *st)
{
if (strcmp(path, "/") == 0)
st->st_mode = S_IFDIR | 0777;
else
st->st_mode = S_IFREG | 0666;
return 0;
}

static int unlink_op(const char *path)
{
return 0;
}

static struct fuse_operations ops = {
.readdir = readdir_op,
.getattr = getattr_op,
.unlink = unlink_op,
};

int main(int argc, char *argv[])
{
return fuse_main(argc, argv, &ops, NULL);
}

Next message: Stephen Rothwell: "Re: Linux-Next releases this week?"
Previous message: Stanislav Kinsbursky: "[PATCH 1/2] per-cpu semaphores: export symbols to modules"
Next in thread: Miklos Szeredi: "Re: User-triggerable WARNING with fuse"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]