lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20120417203223.GA31699@redhat.com>
Date:	Tue, 17 Apr 2012 16:32:23 -0400
From:	Dave Jones <davej@...hat.com>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	Linux Kernel <linux-kernel@...r.kernel.org>
Subject: Re: [3.4-rc3] Thread overran stack, or stack corrupted

On Tue, Apr 17, 2012 at 01:20:51PM -0700, Linus Torvalds wrote:
 > On Tue, Apr 17, 2012 at 10:21 AM, Dave Jones <davej@...hat.com> wrote:
 > > My syscall fuzzer started showing up some cases where it we seem to be
 > > overrunning the stack.  I added a WARN_ON when the stack is really low,
 > > to see if there's a deep call trace, but it's not really telling me much ..
 > 
 > You seem to have added the WARN_ON() to check_stack_usage() itself.
 > 
 > That's not very useful, because it uses the *current* stack pointer.
 > Instead, how about just calling "show_trace()" with the actual lowest
 > stack pointer at that point? That should show you the stack as it was
 > when it was at its lowest, and that could actually be useful.
 > 
 > IOW, just something like
 > 
 >     show_trace(NULL, NULL, (void *)end_of_stack(p) + lowest_to_date, NULL);
 > 
 > Or something kind of like that. Yes?

Ok, this builds. I'll run with this for a while, and see what falls out.

thanks,

	Dave

--- linux/kernel/exit.c	2012-03-29 22:45:18.912241586 -0400
+++ linux/kernel/exit.c	2012-04-17 16:29:54.473445787 -0400
@@ -871,7 +871,7 @@
 }
 
 #ifdef CONFIG_DEBUG_STACK_USAGE
-static void check_stack_usage(void)
+static void check_stack_usage(struct task_struct *p)
 {
 	static DEFINE_SPINLOCK(low_water_lock);
 	static int lowest_to_date = THREAD_SIZE;
@@ -888,11 +888,13 @@
 				"left\n",
 				current->comm, free);
 		lowest_to_date = free;
+		if (lowest_to_date < 512)
+			show_trace(NULL, NULL, (long unsigned int *)end_of_stack(p) + lowest_to_date, 0);
 	}
 	spin_unlock(&low_water_lock);
 }
 #else
-static inline void check_stack_usage(void) {}
+static inline void check_stack_usage(struct task_struct *p) {}
 #endif
 
 void do_exit(long code)
@@ -987,7 +989,7 @@
 	exit_shm(tsk);
 	exit_files(tsk);
 	exit_fs(tsk);
-	check_stack_usage();
+	check_stack_usage(tsk);
 	exit_thread();
 
 	/*

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ