[Filesystems-devel] Bug#777559: [aufs-tools] auplink crashes

Török Edwin edwin at skylable.com
Mon Feb 9 21:12:27 UTC 2015 

Package: aufs-tools
Version: 1:3.2+20130722-1.1
Severity: normal

--- Please enter the report below this line. ---

Using a standard Debian kernel I noticed these crashes in dmesg:

[Mon Feb  9 18:27:58 2015] docker0: port 1(vethd6af4f5) entered forwarding state
[Mon Feb  9 18:27:58 2015] docker0: port 1(vethd6af4f5) entered forwarding state
[Mon Feb  9 18:28:13 2015] docker0: port 1(vethd6af4f5) entered forwarding state
[Mon Feb  9 18:30:17 2015] auplink[26764]: segfault at 7fffd11217f8 ip 00000031eb6db479 sp 00007fffd1121800 error 6 in libc-2.19.so[31eb600000+19f000]
[Mon Feb  9 18:30:17 2015] docker0: port 1(vethd6af4f5) entered disabled state
[Mon Feb  9 18:30:17 2015] device vethd6af4f5 left promiscuous mode
[Mon Feb  9 18:30:17 2015] docker0: port 1(vethd6af4f5) entered disabled state
[Mon Feb  9 18:30:17 2015] aufs au_plink_put:454:docker[9960]: pseudo-link is not flushed
[Mon Feb  9 18:30:32 2015] device vethb483b2f entered promiscuous mode
[Mon Feb  9 18:30:32 2015] IPv6: ADDRCONF(NETDEV_UP): vethb483b2f: link is not ready
[Mon Feb  9 18:30:32 2015] IPv6: ADDRCONF(NETDEV_CHANGE): vethb483b2f: link becomes ready
[Mon Feb  9 18:30:32 2015] docker0: port 1(vethb483b2f) entered forwarding state
[Mon Feb  9 18:30:32 2015] docker0: port 1(vethb483b2f) entered forwarding state
[Mon Feb  9 18:30:48 2015] docker0: port 1(vethb483b2f) entered forwarding state
[Mon Feb  9 18:42:32 2015] auplink[28259]: segfault at 7fff86fb8078 ip 00000031eb6db479 sp 00007fff86fb8080 error 6 in libc-2.19.so[31eb600000+19f000]
[Mon Feb  9 18:42:32 2015] aufs au_plink_put:454:docker[2727]: pseudo-link is not flushed
[Mon Feb  9 18:42:32 2015] docker0: port 1(vethb483b2f) entered disabled state
[Mon Feb  9 18:42:32 2015] device vethb483b2f left promiscuous mode
[Mon Feb  9 18:42:32 2015] docker0: port 1(vethb483b2f) entered disabled state
[Mon Feb  9 19:12:38 2015] device vethe4f62d0 entered promiscuous mode

$ uname -a
Linux debian 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt2-1 (2014-12-08) x86_64 GNU/Linux

Similar crashes reported here with some more info:
https://github.com/docker/docker/issues/10595

The testcase from that report reproduces the issue for me:
# auplink / flush
auplink:plink.c:341: no aufs mount point
Segmentation fault

# gdb auplink
(gdb) r / flush
Starting program: /sbin/auplink / flush
/sbin/auplink:plink.c:341: no aufs mount point

Program received signal SIGSEGV, Segmentation fault.
__strncpy_ssse3 () at ../sysdeps/x86_64/multiarch/strcpy-ssse3.S:43
43	../sysdeps/x86_64/multiarch/strcpy-ssse3.S: No such file or directory.
(gdb) bt
#0  __strncpy_ssse3 () at ../sysdeps/x86_64/multiarch/strcpy-ssse3.S:43
#1  0x000000000040178c in strncpy (__len=20, __src=0x0, __dest=0x7fffffffe4f0 "") at /usr/include/x86_64-linux-gnu/bits/string3.h:120
#2  au_plink (cwd=cwd at entry=0x604010 "/", cmd=cmd at entry=0, flags=flags at entry=1, fd=fd at entry=0x0) at plink.c:342
#3  0x00000000004013ae in main (argc=<optimized out>, argv=<optimized out>) at auplink.c:64

I don't know why docker would call auplink on something that is not an aufs mountpoint (race condition?), but the crash when called on / reproduces everytime.

--- System information. ---
Architecture: amd64
Kernel:       Linux 3.16.0-4-amd64

Debian Release: 8.0
  500 testing-updates ftp.ro.debian.org 
  500 testing         security.debian.org 
  500 testing         ftp.ro.debian.org 
  100 jessie-backports ftp.ro.debian.org 
    1 experimental    ftp.ro.debian.org 

--- Package information. ---
Package's Depends field is empty.

Package's Recommends field is empty.

Package's Suggests field is empty.

More information about the Filesystems-devel mailing list