lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20070414094215.GA5840@martell.zuzino.mipt.ru>
Date:	Sat, 14 Apr 2007 13:42:15 +0400
From:	Alexey Dobriyan <adobriyan@...il.com>
To:	Jesper Juhl <jesper.juhl@...il.com>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: 2.6.13.4 kernel Oops - proc related

On Thu, Apr 12, 2007 at 10:01:07AM +0200, Jesper Juhl wrote:
> Yesterday one of my servers Oops'ed on me :-(
> The server was running an old 2.6.13.4 kernel.
> I got a screenshot of the Oops which is available here :
> http://www.kernel.org/pub/linux/kernel/people/juhl/images/2.6.13.4-crash.png
>
> Even though this is a rather old kernel, I wanted to report the crash
> just in case it's not a known bug. If it is already known and fixed,
> then just ignore this mail.

It seems task->signal->tty->driver pointer got borken. It's 0x03200005!

c0181920 <do_task_stat>:

c0181ad8:	call   c011d440 <next_thread>
c0181add:	cmp    %esi,%eax			# } while (t != task)
c0181adf:	jne    c0181ab0 <do_task_stat+0x190>
c0181ae1:	mov    0x460(%esi),%eax
c0181ae7:	add    $0x504,%eax
c0181aec:	call   c036f160 <_spin_unlock_irq>	# spin_unlock_irq(&task->sighand->siglock);
c0181af1:	mov    0x45c(%esi),%ecx
c0181af7:	test   %ecx,%ecx			# if (task->signal)
c0181af9:	je     c0181bc3 <do_task_stat+0x2a3>
c0181aff:	mov    0x88(%ecx),%ebx			# ebx = task->signal->tty
c0181b05:	test   %ebx,%ebx			# if (task->signal->tty)
c0181b07:	je     c0181b46 <do_task_stat+0x226>
c0181b09:	mov    0xb4(%ebx),%eax
c0181b0f:	mov    %eax,0x50(%esp,1)		# tty_pgrp = task->signal->tty->pgrp
c0181b13:	mov    0x4(%ebx),%eax			# eax = task->signal->tty->driver
c0181b16: ===>	mov    0x64(%eax),%edx			# task->signal->tty->driver->major
c0181b19:	mov    0x68(%eax),%ebp			# task->signal->tty->driver->minor_start
c0181b1c:	mov    0x8(%ebx),%eax			# task->signel->tty->index

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ