Re: [PATCH] fuse: fix kernel NULL pointer dereference in fuse_uring_add_to_pq()

Next message: Minda Chen: "Re: [PATCH v1 1/3] scsi: ufs: dt-bindings: starfive: Add UFS Host Controller for JHB100 soc"
Previous message: Dikshita Agarwal: "[PATCH 2/7] media: qcom: iris: fix state-change debug log printing stale value"
In reply to: Li Wang: "[PATCH] fuse: fix kernel NULL pointer dereference in fuse_uring_add_to_pq()"
Next in thread: Li Wang: "Re: [PATCH] fuse: fix kernel NULL pointer dereference in fuse_uring_add_to_pq()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jingbo Xu

Date: Wed Apr 22 2026 - 07:19:44 EST

On 4/22/26 6:36 PM, Li Wang wrote:
> A kernel NULL pointer dereference was triggered when testing the
> 'fuse over io_uring' feature with passthrough_ll. The call trace
> is as follows:
> BUG: kernel NULL pointer dereference, address: 0000000000000878
> RIP: 0010:fuse_uring_add_req_to_ring_ent+0x89/0xd0 [fuse]
> Call Trace:
> <TASK>
> fuse_uring_queue_fuse_req+0x82/0x100 [fuse]
> fuse_chan_send+0xe6/0x180 [fuse]

I don't see fuse_chan_send() in upstream kernel. I think you are
testing kernel with this patchset[1] applied?

[1] https://lore.kernel.org/all/20260416091658.462783-1-mszeredi@xxxxxxxxxx/

--
Thanks,
Jingbo