MS06-049 Causing Silent Data Corruption

Uncle Mike writes "It looks like there is a problem with the recently released MS06-049 / KB920958 patch. If you have compression activated on any folder, then the compressed data is at risk from corruption. New files that are close to a multiple of 4K in size will have their last 4,000 bytes or so overwritten with 0xDF. Although this problem has been reported to Microsoft, as yet there appears to have been no official announcement. "

interesting

[Intangion]

its interesting how when they make a patch that corrupts your data you dont hear anything from them.. but when someone makes a program to allow fair use by opening DRM on their movies they come up with a CRITICAL patch within ours to prevent it. i think that speaks to their priorities, protecting their drm IMPORTANT protecting your data hmm.. not so important

When you have a monopoly

[Colin Smith]

What're your customers going to do?

 

Re:

[HTH NE1]

When you have a monopoly what're your customers going to do?"

Well I believe I'll invest in a second-party operating system!

Re:

[Citizen of Earth]

Well I believe I'll invest in a second-party operating system!

I think most of them will just say "Please use more lubricant next time."

Re:When you have a monopoly

[Tackhead]

> When you have a monopoly
>
> What're your customers going to do?

The guy at the keyboard of a Windows Vista box, using Microsoft Office at work, and Windows Media Player at home is not the customer, he is the product. The customers are Dell, AOL, media licensing conglomerates, and so on.

Re:When you have a monopoly

[theCoder]

That may be accurate for televion broadcasts, but it isn't so for Microsoft. Customers are people who pay for services. AOL and the media companies aren't paying MS anything, other than licensing fees for the services they use from Microsoft (i.e., their Windows PCs). Microsoft is paid by the guy at the keyboard of the Windows box (or his employer).

Microsoft may be able to leverage all those customers into a product for another customer (such as advertising or licensing DRM solutions), just like the movie theater leverages their movie watching customers into a product for advertising. Until Windows is free (as in beer), the guy using Windows is a still a customer.

Or if you put down the tinfoil hat

[jbellis]

maybe one patch was just easier to write.

--
Carnage Blender [carnageblender.com]: Meet interesting people. Kill them.

Re:

[Alien Being]

Even if this is a tricky problem to fix, MS could at least warn their customers about the problem.

After 25 years of dirty tricks from Redmond, you have the gall to call their critics paranoid?

Re:interesting

[X0563511]

Well, if you look closely you find that this patch is for Windows 2000 SP4 only, and all other versions of windows are not affected.

That does make a big difference, win2k is not MS' top priority.

Not that I condone their delay or lack of forsight, however.

Re:

[mr_death]

Jesus H. Christ! Do these f'ing idiots test anything?

And doesn't this just give you warm fuzzies about the reliability of Vista and its 50 million lines of code?

Re:

[erroneus]

Have you read the EULA? Well, neither have I actually, but you don't have to be a partiualrly educated guesser to know that there is a provision in the EULA regarding the loss or corruption of data. You agree to endemnify Microsoft against any such loss. Further, they make no guarantee of suitability of the OS for any particular purpose and make no claim that the product is reliable in any way.

You know, if I were to create a series of advertisements, I would make it similar to the "Truth" campaign agains

Re:interesting

[deadlinegrunt]

"...Have you read the EULA? Well, neither have I actually..."

Are you this person [amazon.com] by chance?

Re:

[coolgeek]

I am absolutely astonished. That must be a gag. Jeez, I really hope it's a gag. Sadly though, it's probably not a gag.

Re:

[exclusive_lock]

As the late Steve Irwin would say: "CRIKEY!".
You're right, I should've known that venomous EULA would turn right back and bite me (and all Microsoft customers) in the rear.

"Satisfaction Guaranteed!"*



* The term "Satisfaction" and "Guaranteed" are used only for illustration purpouses in a figurative, subliminal manner.
Enlarged to show texture. Serving suggestion.
As a matter of fact, no satisfaction guaranteed whatsoever, by any means.
Reading the words "satisfaction" and "guaranteed" above certifies

They should force them to mention in advertising!

[LinuxDon]

The EU should force them to mention it in their advertising when they shout it out for having such a reliable OS.
Since the advertising is in great conflict with the EULA.
Just like the "Smoking can cause cancer":
"Using this or other Microsoft products can cause critical data loss, system instability and significant loss of profit for any reason, Microsoft accepts absolutely no responsibility."

three letters

[Morphine007]

DOD

A Paradox...

[__aaclcg7560]

If data is being silently corrupted, is there a problem if no one can hear it? That could explain Microsoft's silence.

Re:

[TheGratefulNet]

"if bits fall off the platter but there's no one there to notice, are they still lost?"

How to avoid

[neonprimetime]

assuming you're using Windows

It has been confirmed that either turning off the compression attribute (disk space permitting) OR uninstalling KB920958 will prevent further loss of data.

Re:How to avoid

[PFI_Optix]

"assuming you're using Windows " ...if you're using Linux, the process is far more complex. Got a Mac? You're screwed.

Re:

[SheeEttin]

Well, if you're installing Windows patches on Linux or a Mac, you're screwed already...

Re:How to avoid

[CosmeticLobotamy]

I wish I had one of those cute ASCII graphics of a circle going over a tiny guy's head handy. I'll try to make my own, but I'm probably gonna screw this up.

0
----
| <-You
/\

o <-Joke

... Crap.

Re:

[sm62704]

Well, if you're installing Windows patches on Linux or a Mac, you're screwed already...

Linux and OSX are Windows patches!

Not necessarily....

[King_TJ]

I just installed a *bunch* of Windows XP patches on my Mac Pro last night. Hey, just 'cuz it's a Mac doesn't mean I want the XP installation on a second hard drive in it to be unpatched!

But yeah, yeah... I got the joke.

RAID

[Karma Farmer]

As is often pointed out on slashdot, this is why it's so important to have a good backup plan. Like most slashdotters, I recommend RAID.

Re:

[phoenix.bam!]

RAID is not data backup. It is hardware backup. In this situation the RAID would just have multiple copies of the same file. Data backup is done with tape. Tape you can go back to and get an older version of the file, RAID offers no such solution.

Re:

[khang]

wrong, RAID would just mirror the data corruption

Re:

[Lehk228]

RAID will do absolutely nothing to protect data written incorrectly by the OS

RAID is not a backup

Welcome to the world of sarcasm

[Inominate]

nt

Re:

[Lehk228]

unfortunately people misunderstanding RAID is so common it's hard to tell sometimes

Heh

[3.5 stripes]

Good troll.

Re:

[TangoCharlie]

Yeah! Why have 1 copy of a corrupted file? Two corruted copies is much better!!

Re:

[isolationism]

I can't believe there were > 0 people who replied to Karma Farmer's comment thinking it was anything but an attempt at humour/troll, much less that any such poster would get their manties in a knot over it either.

Re:

[jonnythan]

That was classic. Just the right mix of replies.

Kudos to you, my friend.

Close?

[Aladrin]

"close to a multiple of 4K in size"

How close is close? Is 162k close to 164k? Sounds like it is to me. From the examples in the discussion cited, it seems that anything over 4k is at risk, not just things 'near' a 4k boundary.

I would even hazzard to guess that the size matters not at all, but rather the contents of the files. If the contents match a certain pattern, the compression goes awry and adds the garbage to the end. (Accidentally overwriting the real data.)

what i think

[robpoe]

Well, it's interesting that 0xDF0xDF0xDF0xDF0xDF0xDF0xDF0xDF0xDF0xDF0xDF0xDF0x DF0xDF0xDF0xDF0xDF0xDF0xDF

Re:

[HTH NE1]

I agree, some other people have meßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßß ß ßßßßßßßßßßßßßßßßßßßß

Oh, that explains it: it's a beta patch.

Re:

[Stavr0]

I agree, some other people have meßßßß . . .

Oh, that explains it: it's a beta patch.

ß / 0xDF is &szlig ; or Esset. So the article is incorrect, the last bytes are overwritten with random data in the form of white noise. "ßßßßßßßßßßßß" is pronounced "ssssssssssssssssssssssssss". OMFG!11! SNAKES ON A PLATTER!

Strange

[A beautiful mind]

I've never heard Windows called MS06-049 before...

Re:

[Duhavid]

Cause only THX1138 referes to it that way.

More background please...

[Chris Pimlott]

The summary blurb is rather cryptic. MS06-049 is a patch to... what? Just Windows 2000 or XP too? And this was a patch for some vulnerability, assumedly? Which?

After a bit of research, here's what should have been included: MS06-049 [microsoft.com] was an elevation of privledge issue discovered in the kernel of Windows 2000 SP4 only. The patch for the issue, KB920958 [microsoft.com], appears to have a bug resulting in corruption of compressed folder.

The title is misleading as well. MS06-649 is the issue and KB920958 is the patch; the patch is what's causing the corruption, not the original issue.

Why even bother with compression anymore?

[jonwil]

In the modern age where hard disk space can be had for so cheap, why would you even want to bother with disk based data compression?

Re:

[Quila]

Logs? If you have many servers all writing gigabytes of detailed logs, and they have to be kept for a long time, you can save a lot of $$$ worth of space by running compression.

Re:

[jZnat]

But logrotate will take care of that for you using a user-space program (gzip, or any program you specify). You don't just make /var/log a compressed filesystem...

Re:

[Lagged2Death]

You don't just make /var/log a compressed filesystem...

I'm no MS fanboy, but... suppose the OS in question had some sort of directory-compression scheme that had a seven-year track record of impressive stability and effectiveness? Why not use it?

Disk compression earned a terrible rep back in the 90s, when DOS/Windows and Windows 95 themselves were so unstable there was no chance that it could work properly. But MS finally got it right when they swiped tech from Stacker and included directory compression in

Re:

[241comp]

Because processing power is even cheaper. Especially when you are doing archival operations such as backups - write once, read once (maybe).

Re:

[tylernt]

Think bigger.

Hundreds of VMWare virtual disks is one place compression comes in handy. Without compression you'd need a multi-terabyte array. With compression, you only need half a terabyte.

Another use is for backup servers, where storing hundreds of GB of data is important but speed is not (and you hate tapes).

Another use is when your server fills up and you don't have a budget for new hardware until the next quarter.

It all adds up to big hardware savings, and indeed is the only reason some of my servers -

Re:

[tylernt]

I'm using snapshot-style rsync backups, so gzip is not an option.

http://www.mikerubel.org/computers/rsync_snapshots / [mikerubel.org]

We can combine rsync and cp -al to create what appear to be multiple full backups of a filesystem without taking multiple disks' worth of space. Here's how, in a nutshell:

rm -rf backup.3
mv backup.2 backup.3
mv backup.1 backup.2
cp -al backup.0 backup.1
rsync -a --delete source_directory/ backup.0/

If the above commands are run once every day, then backup.0, backup.1, backup.2, and backup.3 will

Re:

[coolgeek]

How can you calculate the cost of CPU cycles? If a $150/hr programmer is sitting there waiting whilst CPU cycles are being burned, those cycles cost much much more than when your $15/hr customer service rep is putting a customer on hold.

Those files were important.

[Anonymous Coward]

Those files were important! Sheißßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßß

Quick!

[jZnat]

Someone figure out how to apply this problem to Windows Media DRM and we'll get a fix in no time!

Forget it, it's a bug

[dtfinch]

As a matter of policy, Microsoft generally doesn't fix bugs in already released software, with the exceptions of publicly known security flaws (and then only once a monthg), service packs (notice WinME has had zero service packs), and $50 hotfixes. Since Microsoft now depends on returning customers more than new customers, and their customers have little chance of switching vendors, they have every motivation to make older versions as unpalatable as possible.

I personally haven't seen any files corrupted tho

Re:

[dtfinch]

After a bit of checking, we have a 2000 server with the patch, and it has a number of compressed files, but none of the compressed files that were updated since the patch are roughly a multiple of 4k and mostly uncompressible, the two other requirements for corruption.

Re:

[plague3106]

As a matter of policy, Microsoft generally doesn't fix bugs in already released software, with the exceptions of publicly known security flaws (and then only once a monthg)

Not true; updates are released every tuesday.

service packs (notice WinME has had zero service packs)

While Win2k and XP have at least two each. ME was a crumby OS which was meant to have a new OS for people that had to have a new OS every couple of years.

and $50 hotfixes

I've never had to pay for a hotfix, nor has anyone that has gotten th

Re:

[DragonWriter]

Most don't buy Windows; Windows comes with their new PC. Its 2006. Why is someone running a six year old operating system anyway?

Uh, well, WinXP was released in 2001, so its only about a year and a half newer than Win2K. I really don't see a huge difference between running a 6.5 year old OS and running a 5 year old OS.

Certainly they can if they want, but to expect support from the manufacter is silly. Hell, cars have warranties which expire sooner than that.

So? Cars aren't very much like computer oper

Re:

[plague3106]

Uh, well, WinXP was released in 2001, so its only about a year and a half newer than Win2K. I really don't see a huge difference between running a 6.5 year old OS and running a 5 year old OS.

I dunno perhaps because there are a lot of changes in XP; namely that SP2 adds a bunch of stuff and fixes a huge amount of features. At the very least because they actually still sell XP.

So? Cars aren't very much like computer operating systems.

Yes. For some reason computer users expect their computer to be supported

Compressed files, are you kidding me?!

[dave562]

This is a bit of a tangent, but a somewhat relevant one none the less. But first of all, bad Microsoft! You freaking imbilices (probably misspelled to show how dumb I am too.)

Is anyone out there seriously using disk compression in a production environment? Didn't anyone teach you guys that disk compression is a crutch and not a solution? For as long as I've been working with servers, all of my mentors have led me to believe that it is pretty much generally accepted practice not to use disk compression due to the potential for data corruption and the performance hit your servers take. If you need to compress files to save space, throw them onto some LTO or DLT media and pull them completely offline.

If you're working for a company that can't come up with more money for disk space, maybe you need to click on the Dice.com adds that are all over /. here.

Re:

[MrP-(at work)]

By default windows compresses all windowsupdate/service pack uninstall directories (i.e. c:\winnt\$NtUninstallKB123456$), it also compresses the dllcache directory (which keeps backups of system dlls and drivers)

Re:

[dave562]

In both instances, it makes sense to compress that data on a case by case basis. I'd draw the analogy to using .zip compression to compress a few files. The kind of compression that I'm saying is a bad idea to use is the compression that compresses EVERYTHING on the entire volume / partition. That's the kind of compression that will come back and bite you in the ass. I'm not sure if you remember the days of DOS 6.2 and DoubleSpace, but after experiencing that shoddy product first hand, I'm wary of trust

Re:

[ZorbaTHut]

I have some compressed files. They're sparse files generated by a program that doesn't actually handle sparse files well. Conveniently, the program is smart enough to write all 0's to them, so I just compress the directory and be done with it. As I write this, I'm saving about 80% of the disk space they would otherwise use.

They're not performance-critical, so in this case, Windows' compression is incredibly handy.

Similarly, I have a few disc images that I keep around solely so I don't have to put DVDs in th

Re:

[dave562]

Actually with sufficient processing power, it can be a performance win, since you're reading less from the disk.

I could believe that. But whether or not it's a performance hit, I'm still going to stick to the school of thought that says your asking for trouble if you're compressing your files. That might show that I'm stuck in the neolithic days of the mid-1990s, but so be it. =)

Re:

[mibus]

I'm still going to stick to the school of thought that says your asking for trouble if you're compressing your files.

Sure, you do that. In the meantime, I'll continue using JPEGs, MP3s, ODF, ... :)

The LAMER Exterminator !!!

[Schraegstrichpunkt]

This is completely unacceptaLAMER!LAMER!LAMER!LAMER!...

What kind of idiot ...

[Schraegstrichpunkt]

... makes such massive changes to the VM of a stable kernel that allows this sort of thing to happen in the first place?

Oh wait...

Re:

[cmowire]

Well, you assume that whoever made the MS06-049 patch actually took the time to understand the code he was patching and/or contacted the person who origionally wrote the code in question.

Re:How does something like this happen

[avalys]

If you really have been programming for a long time, you must only be writing very simple programs if you've never had something like this happen, and you think that being "extra careful" is all you need to do to avoid it. What type of programmer does this? Every type of programmer - it's unavoidable.

The programmer is not to blame here. The real question you should be asking is "What type of QA department fails to catch a bug like this?"

Re:

[theshowmecanuck]

I agree and disagree with you. As long as the programmer properly unit tested his/her work, then you can shift blame to QA. I have seen developers not properly unit test their code too many times, relying on the QA department to do their work for them. But yes, unless it happens in very rare circumstances (is this the case?) someone should have caught this in testing somewhere... but not necessarily just QA.

IANAQAT (I am not a QA tester).

Re:

[edmudama]

Baloney. Don't blame the testers if they can't find all the bugs written by a poor programmer. It's the [good] programmer's job to test their own code first, as they have the most intimate knowledge of all the ways it could fail.

Re:

[DragonWriter]

It's not the programmer's job if the programmer's employer has passed that job to someone else. Now, if the programmer is the best person to do that and the programmer's employer has directed that they not do it and that someone else do it, then its the employer's fault for adopting a flawed process.

Re:

[kalirion]

Some software bugs manifest in rare cases, and can only be found by code inspection or luck. Unless you work with languages that allow 100% guaranteed mathematical proofs of correctness.

Re:

[coolgeek]

BS it's not a QA issue. When you're writing a file system, you must develop a test program that serves as a proof that the file system works. At least that's what they taught me back in the CP/M days. Anyway, that's not QA's job, it's the developers job. Either they failed to develop such a program, they under-developed it, or the guy coding the patch failed to run it. PERIOD.

Re:

[aaronl]

Not in this case... the issue is that the last so much of a file is *overwritten* with 0xDF. Had the erroneous data been appended, padding it out to a 4kb boundary, then you would be correct.

Plus, why would you pad with 0xDF instead of null? (There might be a reason, but I don't know of it.)

Re:How does something like this happen

[Rob Kaper]

Plus, why would you pad with 0xDF instead of null? (There might be a reason, but I don't know of it.)

So this is how Microsoft claims support for ODF. Clever.

Re:

[something_wicked_thi]

Oh, please.

MS bashing is fun and all, but do you have any idea how a kernel works? Anything can step on anything else. An off-by-one error in a kernel can be catastrophic to any number of things. This one does sound suspicious, but keep in mind that the code that is failing is probably only peripherally related to the code that was patched. They say they patched a buffer overflow. Maybe the buffer was already being overflowed by the compression code and patching it caused the compression to break. That migh

Re:

[dhasenan]

If data compression is being handled in the kernel, there are serious design issues here.

And in this case, being 'extra careful' consists of writing sufficient tests.

Re:

[IllForgetMyNickSoonA]

Why?

File system is handled by a kernel. File system compresses files before writing them to the disk, respectively decompresses them during read operations. Therefore, the compression is handled in kernel. Where would you handle it?

Data compression is not like black magic. As the matter of fact, the most data compression algorithms out there are mind boggingly simple and very well understood.

Of course you could move the file system into the user space, but that would introduce some bad performance

Re:

[abigor]

No, that's exactly where it gets handled. Using Linux as an example, different filesystems, compressed or not, are kernel modules accessed via the VFS. cramfs is a (rather lame) compressed filesystem built right into the kernel. Same with squashfs. Linux also has strong encryption (the CryptoApi) built right into the kernel for use with encrypted file systems.

Also, you may remember the file corruption bug from an older version of the 2.6 kernel - was it 2.6.10? It was much worse than this one from MS, which

Re:How does something like this happen

[theshowmecanuck]

Made me think of Grannies Perls of Wisdom [javaranch.com] I read on Java Ranch (I first found it about 6 or 7 years ago...): "Testing can show the presence of bugs, but not their absence."

Re:How does something like this happen

[CosmeticLobotamy]

What type of programmer puts such possibilities or leaks in a program?

Every programmer that's ever worked on something longer than 6 or 7 lines of code? Except you, of course. I've been in the bathroom after you and am always impressed by the way it smells just like roses.

You can stop now

[rbarreira]

I have been programming for a long time and I never had stuff like this happening.

If other replies to you have accurately guessed the truth and, as they say, you've never worked on a complicated piece of code, I will save you from spending any more "long time" working on your programming. Here is the program you're trying to make:

#include <stdio.h>

int main (void)
{
printf ("Hello world!\n");
return 0;
}

Re:You can stop now

[0xABADC0DA]

I hate to burst your bubble, but you did not check the return code from printf. What if stdout is closed, as in "./a.out >&-"?

Original troll never writes any bugs, so his hello world is more like this:

int main(int czArgCount, LPSZ *lpszArgv[]) {
    if (-1 == printf("Hello world!\n")) {
        if (errno == EBADF) {
            if (-1 == fprintf(stderr, "Error stdout closed!\n")) {
                int fdTty = open("/dev/tty", O_WRONLY, 0666);
                if (fdTty != -1)
                    write(fdTty, "Hey dumbass dont close my streams\n", 34);
            }
        }
        exit(1);
    }
    exit(0);
}

Re:

[joe_bruin]

I hate to burst your bubble, but you did not check the return code from printf. What if stdout is closed ...

Your program fails to take into account the case that printf(), fprintf(), and write() printed less characters than those that you provided. It further does not handle getting an EINTR on write().

RETURN VALUE
              On success, the number of bytes written are returned

Re:

[Frank T. Lofaro Jr.]

You failed to check the return value of printf!

Possibly some weird M$-esque operator

[gatkinso]

...similar to their (in)famous debug version of the new operator (IIRC generates guard bytes set to 0xCDCDCDCD).

While they are doubtlessly not releasing images with debug info, they might be using an overriden new operator that does something similar (for a variety of reasons).

It is hard to say, but this type of error - while *not* acceptable, *is* understandable,

Re:

[Maxo-Texas]

I understand where you are coming from-- but I suspect if all your code was put in front of 1 million hackers, they would probably find more stuff than you would think possible.

I've been coding for 20 years and the IT-QA department catches bugs in my code (after I unit tested them- and another developer cross unit tested them) all the time. That's why they are IT-QA, it's what they do.

Re:How does something like this happen?

[140Mandak262Jamuna]

My pure guess based on /. comments: How can this happen? Loop counting error. Probably from integer division of the file size/ 4K chunks. Allocator did it right, loop missed the last chunk. Very common. Typically a novice error. But can blindside even experienced ones. QA should have nailed it.

Re:How does something like this happen

[Rashkae]

Maybe you should ask Linus... I seem to remember a released stable kernel that neglected to sync file systems before shutting down.....

I love Linux, hate Windows, but point it, sh!t happens.

Re:

[LinuxDon]

At least in the case of Linux it would have been patched before the article reached slashdot! ;)

Re:

[danpsmith]

You care about integrity? No wonder you don't work for MS.

Re:

[LearnToSpell]

if (len >= ELF_PRARGSZ)

It happens. The only interesting thing here is how long they'll take to deal with it.

Re:

[abigor]

"the same kind of programmer that lets buffers overflow."

You mean the authors of sendmail? Or maybe you were referring to the various Linux kernel root exploits? Oh wait, you meant the authors of PHP.

Re:

[godefroi]

Hopefully that's a joke. Pretty much nobody would put music on a compressed drive, as nearly ALL of the music formats in common use today are compressed. Rather heavily. Those music formats that aren't don't compress very well anyway.

Additionally, the thought that MS would release a patch that intentionally corrupts data is unthinkable, for ANY corporation. The civil (and possibly criminal, who knows) liabilities would be ENORMOUS.

Re:

[abigor]

And here, ladies and gentlemen, we have in the parent post the Stupidest Comment of the Year. Yes, the only thing compressed disks contain is music, so MS intentionally corrupts them to satisfy the whims of the music oligarchy.

How old are you?

Re:

[cheshire_cqx]

Especially since mp3s will not compress anyway.

2000 only.

[antdude]

It seems like the problem is only for 2000 according to this reply [slashdot.org].

Re:

[tttonyyy]

I use compression on folders in XP Pro. and Home SP2. I have not seen this problem on my systems at home and work. I always get the newest patches on their first release dates. I even defragged (PerfectDisk v6.0 with its patches) over the weekend. I haven't seen anything odd. I am usiDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFD FDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDFDF

You might want to double check. ;)

Re:

[antdude]

Ha ha, very funny. :P Maybe you should check yours because of tttonyyy. [grin]

Re:

[tttonyyy]

Ha ha, very funny. :P Maybe you should check yours because of tttonyyy. [grin]

A fair point. :D

Re:

[phasm42]

The patch only applies to Windows 2000 SP4. Also, it happens when you create files -- it does not proactively seek out and corrupt existing files.

Re:

[crawling_chaos]

Also, it happens when you create files -- it does not proactively seek out and corrupt existing files.

Yep. That one's still in QA.