I've hit a crash in the fuse module when doing a rsync to an ntfs volume
mounted with ntfs-3g.
The crash is the same as ones reported before, in


and there are other similar reports:


After digging it a bit, I found that the problem is in fuse_vnop_create().
At line 337, it checks if vap->va_type is VREG, and if it is not, it goes
to label bringup.
Then, feo is assigned with fdip->answ and used. But fdip which points to
fdi is initialized after the goto. As a result, when vap->va_type != VREG,
fdi is not initialized and feo is invalid.

I made the following patch and it works for me. In my case, the problematic
file is a socket.

Index: fuse_vnops.c
--- fuse_vnops.c        (版本 274059)
+++ fuse_vnops.c        (工作副本)
@@ -336,7 +336,8 @@
        /* XXX: Will we ever want devices ? */
        if ((vap->va_type != VREG)) {
                MPASS(vap->va_type != VFIFO);
-               goto bringup;
+               printf("unsupported vatype: %d\n", vap->va_type);
+               return EINVAL;
        debug_printf("parent nid = %ju, mode = %x\n", (uintmax_t)parentnid,
@@ -364,7 +365,7 @@
                debug_printf("create: got err=%d from daemon\n", err);
                goto out;
        feo = fdip->answ;

        if ((err = fuse_internal_checkentry(feo, VREG))) {

But I think that fuse filesystems may support file types other than VREG,
so maybe we should remove that check completely?

