| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Apr 2015 08:01:23 -0400
From: Brian Gerst <brgerst@...il.com>
To: Denys Vlasenko <dvlasenk@...hat.com>
Cc: Steven Rostedt <rostedt@...dmis.org>,
Oleg Nesterov <oleg@...hat.com>,
Ingo Molnar <mingo@...nel.org>,
"H. Peter Anvin" <hpa@...or.com>, Borislav Petkov <bp@...en8.de>,
Andy Lutomirski <luto@...capital.net>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Andy Lutomirski <luto@...nel.org>,
Will Drewry <wad@...omium.org>,
Frédéric Weisbecker <fweisbec@...il.com>,
Alexei Starovoitov <ast@...mgrid.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Kees Cook <keescook@...omium.org>,
Thomas Gleixner <tglx@...utronix.de>,
linux-tip-commits@...r.kernel.org
Subject: Re: [tip:x86/vdso] x86/vdso32/syscall.S: Do not load __USER32_DS to %ss
On Thu, Apr 23, 2015 at 7:46 AM, Denys Vlasenko <dvlasenk@...hat.com> wrote:
> On 04/23/2015 01:28 PM, Brian Gerst wrote:
>>> Looking at the error message:
>>>
>>>> Unhandled exception: stack overflow in 32-bit code (0xf779bc07).
>>>> Register dump:
>>>> CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b
>>>> EIP:f779bc07 ESP:00aed60c EBP:00aed750 EFLAGS:00010216( R- -- I -A-P- )
>>>> EAX:00000040 EBX:00000010 ECX:00aed750 EDX:00000040
>>>> ESI:00000040 EDI:7ffd4000
>>>
>>> it is not coming from Wine itself, looks like it's from Windows code,
>>> and I'd guess it just tells us that they got exception 12,
>>> without further information on the cause.
>>
>> The backtrace shows the fault is in the VDSO, the first pop
>> instruction after returning from the kernel.
>
> Yes, I understand at which insn exception happens.
>
> I meant that *the message* is not generated by Wine or kernel.
> grep for "Unhandled exception:" comes up empty
> on their source trees.
>
> After much grepping, I see that I'm wrong.
> It does come from wine:
>
> void info_win32_exception(void)
> {
> const EXCEPTION_RECORD* rec;
> ADDRESS64 addr;
> char hexbuf[MAX_OFFSET_TO_STR_LEN];
>
> if (!dbg_curr_thread->in_exception)
> {
> dbg_printf("Thread isn't in an exception\n");
> return;
> }
> rec = &dbg_curr_thread->excpt_record;
> memory_get_current_pc(&addr);
>
> /* print some infos */
> dbg_printf("%s: ",
> dbg_curr_thread->first_chance ? "First chance exception" : "Unhandled exception");
> switch (rec->ExceptionCode)
> {
> case EXCEPTION_BREAKPOINT:
> dbg_printf("breakpoint");
> break;
> case EXCEPTION_SINGLE_STEP:
> dbg_printf("single step");
> break;
> case EXCEPTION_INT_DIVIDE_BY_ZERO:
> dbg_printf("divide by zero");
> break;
> case EXCEPTION_INT_OVERFLOW:
> dbg_printf("overflow");
> break;
> case EXCEPTION_ARRAY_BOUNDS_EXCEEDED:
> dbg_printf("array bounds");
> break;
> case EXCEPTION_ILLEGAL_INSTRUCTION:
> dbg_printf("illegal instruction");
> break;
> case EXCEPTION_STACK_OVERFLOW:
> dbg_printf("stack overflow");
> break;
> ...
>
> I hoped we can easily make Wine show exception's error code.
> Not that easy :/
>
I added some debug messages to an unpatched kernel:
[ 382.639763] traps: wine[14281] trap stack segment ip:f7716c07
sp:fff9a024 error:0
[ 382.639778] traps: wine[14281] trap stack segment ip:f7716c07
sp:fff9a024 error:0
The patch does appear to fix the crash.
--
Brian Gerst
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists