| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20080414195613.GA4772@martell.zuzino.mipt.ru> Date: Mon, 14 Apr 2008 23:56:13 +0400 From: Alexey Dobriyan <adobriyan@...il.com> To: Christoph Lameter <clameter@....com> Cc: Pekka Enberg <penberg@...helsinki.fi>, Andrew Morton <akpm@...ux-foundation.org>, linux-kernel@...r.kernel.org, netdev@...r.kernel.org Subject: 2.6.25-rc8-mm2: FIX kmalloc-2048 (was Re: 2.6.25-rc8-mm2: IP: [<ffffffff802868f9>] __kmalloc+0x69/0x110) I can reproduce semi-reliably (by kernel standards) corruption in kmalloc-2048. No idea if this can explain all "struct file" related oopses I saw, or SLUB free pointer corruption Pekka and Christoph are looking into. 8139too and atl1 drivers are in use. 8139too connects to outer world, atl1 -- to laptop collecting netconsole logs. However, I never managed to collect late oopses with netconsole even if init scripts which are shutting down interfaces are disabled. :-( Transcribed from photo: 8000 flags=0x8000000000002082 INFO: Object 0xffff81017ff9d2d0 @offset=21200 fp=0xffff81017ff9ca88 Bytes b4 0xffff81017ff9d2c0: 62 ea ff ff 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a Object 0xffff81017ff9d2d0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xffff81017ff9d2e0: 6b 6b 00 18 f3 a2 9f 90 00 1b 38 af 22 49 08 00 Object 0xffff81017ff9d2f0: 45 10 00 4c ff 59 40 00 40 11 86 ac c0 a8 00 2a Object 0xffff81017ff9d300: 50 fa a2 be 91 43 00 7b 00 38 54 d4 23 00 00 00 Object 0xffff81017ff9d310: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Object 0xffff81017ff9d320: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Object 0xffff81017ff9d330: 00 00 00 00 4c ff 10 44 74 7f 6f 9d e4 c8 a2 4f Object 0xffff81017ff9d340: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Redzone 0xffff81017ff9dad0: bb bb bb bb bb bb bb bb Padding 0xffff81017ff9db10: 5a 5a 5a 5a 5a 5a 5a 5a Pid: 6168, comm: reboot Not tainted 2.6.25-rc8-mm2 #28 Call Trace: print_trailer check_bytes_and_report check_object __free_slab discard_slab __slab_free ? skb_release_data kfree ? skb_release_data skb_release_all __kfre_skb kfree_skb atl1_clean_rx_ring atl1_down atl1_close dev_close dev_change_flags devinet_ioctl ? trace_hardirqs_on inet_ioctl sock_ioctl vfs_ioctl do_vfs_ioctl sys_ioctl system_call_after_swapgs FIX kmalloc-2048: Restoring 0xffff81017ff9d2e2-0xffff81017ff9d8d9=0x6b -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists