On Fri, 2018-08-31 at 00:59 -0300, Ernesto A. Fernández wrote: > Creating, renaming or deleting a file may hit BUG_ON() if the first > record of both a leaf node and its parent are changed, and if this > forces the parent to be split. This bug is triggered by xfstests > generic/027, somewhat rarely; here is a more reliable reproducer: > > truncate -s 50M fs.iso > mkfs.hfsplus fs.iso > mount fs.iso /mnt > i=1000 > while [ $i -le 2400 ]; do > touch /mnt/$i &>/dev/null > ((++i)) > done > i=2400 > while [ $i -ge 1000 ]; do > mv /mnt/$i /mnt/$(perl -e "print $i x61") &>/dev/null > ((--i)) > done > > The issue is that a newly created bnode is being put twice. Reset > new_node to NULL in hfs_brec_update_parent() before reaching goto again. > > Signed-off-by: Ernesto A. Fernández <ernesto.mnd.fernandez@xxxxxxxxx> > --- > fs/hfsplus/brec.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/fs/hfsplus/brec.c b/fs/hfsplus/brec.c > index aa17a392b414..1918544a7871 100644 > --- a/fs/hfsplus/brec.c > +++ b/fs/hfsplus/brec.c > @@ -449,6 +449,7 @@ static int hfs_brec_update_parent(struct hfs_find_data *fd) > /* restore search_key */ > hfs_bnode_read_key(node, fd->search_key, 14); > } > + new_node = NULL; Sorry, I don't follow where the new_node is put twice. Could you explain in more details? Currently, it looks unclear. I like to assign the NULL value to the pointer. But are you sure that it's proper place? Maybe it makes sense to place this assignment in the beginning of the function? Thanks, Vyacheslav Dubeyko. > } > > if (!rec && node->parent)
