[Unionfs] Kernel panic

Erez Zadok ezk at cs.sunysb.edu
Mon Oct 22 23:07:38 EDT 2007 

In message <200710221704.48530.fapg-unionfs at eurotux.com>, "Fernando A. P. Gomes" writes:
> Hi,
> 
> I've try'ed unionfs 2.1.7 with kernel 2.6.23.1 and sometimes kernel crashes:
> 
> [  122.048224] BUG: unable to handle kernel NULL pointer dereference at 
> virtual address 00000020
> [  122.065959]  printing eip:
> [  122.071566] c01feb2c
> [  122.076099] *pde = 00000000
> [  122.081880] Oops: 0000 [#1]
> [  122.087652] SMP
> [  122.091555] CPU:    0
> [  122.091556] EIP:    0060:[<c01feb2c>]    Not tainted VLI
> [  122.091558] EFLAGS: 00010202   (2.6.23.1etfw #1)
> [  122.116754] EIP is at unionfs_flush+0x8e/0x2b2
> [  122.125934] eax: 00000010   ebx: 00000010   ecx: dda9e258   edx: 00000000
> [  122.139956] esi: dd79e800   edi: db021240   ebp: 00000010   esp: d95adeb0
> [  122.153974] ds: 007b   es: 007b   fs: 00d8  gs: 0000  ss: 0068
> [  122.166020] Process bash (pid: 2279, ti=d95ad000 task=d94d1540 
> task.ti=d95ad000)
> [  122.180938] Stack: 00000000 db4ae900 db021240 db4ae900 00000000 00001812 
> c015d119 db4ae900
> [  122.198632]        db4ae900 00000003 db021240 c015d193 d9561540 00000000 
> b7fb17c0 c018479a
> [  122.216328]        00000003 00001812 d8f4a8f0 d9963800 d9561540 00000001 
> 00000000 080f3400
> [  122.234022] Call Trace:
> [  122.239463]  [<c015d119>] filp_close+0x32/0x54
> [  122.248701]  [<c015d193>] sys_close+0x58/0x8d
> [  122.257745]  [<c018479a>] load_elf_binary+0x936/0xbc3
> [  122.268214]  [<c0160c66>] copy_strings+0x175/0x17f
> [  122.278161]  [<c0161a91>] search_binary_handler+0x7f/0x117
> [  122.289546]  [<c0161c56>] do_execve+0x12d/0x194
> [  122.298956]  [<c010144b>] sys_execve+0x2d/0x74
> [  122.308177]  [<c01025ea>] syscall_call+0x7/0xb
> [  122.325854]  [<c0530000>] netlbl_secattr_catmap_walk_rng+0x6b/0xed
> [  122.347395]  =======================
> [  122.363562] Code: 0f 8f ad 00 00 00 31 d2 89 d8 85 ff 0f 94 c2 c1 e8 1f 09 
> c2 74 04 0f 0b eb fe 8b 47 70 8b 40 10 8b 04 98 85 c0 0f 84 82 00 00 00 <8b> 
> 5
> [  122.433577] EIP: [<c01feb2c>] unionfs_flush+0x8e/0x2b2 SS:ESP 0068:d95adeb0
> [  122.457965] Kernel panic - not syncing: Fatal exception
> [  122.478972] Rebooting in 15 seconds..
> 
> Can you fix the bug? You want more information? 

Yes, I need more info.  How are the mounts configured?  Any chroot or
pivot_root stuff?  What commands are running when this oops happens?  Is
this a live-cd?  Can I get an image of this livecd?  (I asked before if
you're using vmware and if so, can I get an image of your VM to reproduce
the bug here).

The hardest part is always reproducing a bug: fixing it is relatively easy
thereafter.

Can you try this small patch on top of 2.1.7 and let me know if you can
trigger any of these two BUG_ON's in this patch?

Thanks,
Erez.

diff --git a/fs/unionfs/commonfops.c b/fs/unionfs/commonfops.c
index 7654bcb..a66a6b6 100644
--- a/fs/unionfs/commonfops.c
+++ b/fs/unionfs/commonfops.c
@@ -803,6 +803,8 @@ int unionfs_flush(struct file *file, fl_owner_t id)
 		goto out;
 	unionfs_check_file(file);
 
+	BUG_ON(!dentry->d_inode);
+	BUG_ON(!UNIONFS_I(dentry->d_inode);
 	if (!atomic_dec_and_test(&UNIONFS_I(dentry->d_inode)->totalopens))
 		goto out;

More information about the unionfs mailing list