The system has now been up for 46 hours and is still going strong. I think we can reasonably be sure that this problem has been fixed - that one single "else" fixes it :) I'm going to stop the test and continue to do other things that I need to do.
Many thanks for helping me going through this. On Fri, 25 Jul 2014 08:51:56 +0900 sf...@users.sourceforge.net wrote: > > Digging into the aufs history, I've found the bug was born in aufs1 (CVS-age) > > On 2008-07-21 > - backpot from fs/aufs25. > + pin the hierarchy on lower branch and new ignore scheme for inotify, > do_rename(), au_hgdirs(), au_may_ren(), au_ren_pin_init(), > au_ren_fake_pin(), au_ren_pin4(), au_ren_pin3(), au_ren_pin(), > au_ren_unlock(), au_ren_lock() and aufs_rename(). > + reduce the stack usage. > + split do_rename() into several static functions. > + prefix 'au_' to nhash/vdir functions. > > Here "split do_rename() into several static functions" had a bug, and it > passes an error code to dput() instead of a pointer. In your case, a > function just before calling dput() returns -17 (which is EEXIST:File > exists), and aufs blidnly passed it to dput(). > dput() checks whether the given argument is NULL or not. It is good but > not helpful for this case. And tried accessing a member thought the > pointer by adding 0x50. Now -17(0xffffffef) + 0x50 produced 0x3f. I > think this is the story of this bug. Yes, that sounds like it. And when kernel tries to use 0x3f as the pointer we'll get NULL pointer exception since the kernel usually marks the first 4096 bytes (0x1000) as NULL pointer. > > It must be one of the most long lived bug. My only wonder is why it hasn't surfaced until now, well not in x86_64 and x86 area anyway. I've been an aufs user since 2007, and this has never come up. But in any case I'm glad this is fixed :) as a silent problem is worse as we don't know the kind of corruption it does until it's too late. > > Thank you very much for your report and repeted tests. No, I'm the one to thank you! I wouldn't be able to solve this problem without your kind and patient assistance. cheers! -- James B <jamesbond3...@gmail.com> ------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds
