lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1319480464.3064.6.camel@edumazet-laptop>
Date:	Mon, 24 Oct 2011 20:21:04 +0200
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Luciano Ruete <lruete@...ure.com.ar>
Cc:	netdev@...r.kernel.org
Subject: Re: Kernel Panic every 2 weeks on ISP server (NULL pointer
 dereference)

Le lundi 24 octobre 2011 à 15:09 -0300, Luciano Ruete a écrit :

> Hi Eric!
> 
> Thanks for your answer...
> 
> > 
> > [694250.472081] Code: f6
> > 49 c1 e6 07          shl    $0x7,%r14
> > 66 89 93 ac 00 00 00 mov    %dx,0xac(%rbx)
> >[...]
> > This looks like a dev_pick_tx() bug, using an out of bound
> > queue_index number and returning a txq pointing after
> > the device allocated array.
> 
> Clear explanation, is there a tool to map the trace to kernel code, or you did 
> this by hand? 
> 

In kernek source, you can find scripts/decodecode

# cat CRASH | scripts/decodecode 
[694250.472081] Code: f6 49 c1 e6 07 66 89 93 ac 00 00 00 4d 03 b5 40 03 00 00 0f b7 83 a6 00 00 00 4d 8b 66 08 80 e4 cf 80 cc 20 66 89 83 a6 00 00 00 <49> 83 3c 24 00 0f 84 3b 02 00 00 49 8d 84 24 9c 00 00 00 48 89
All code
========
   0:	f6                   	(bad)  
   1:	49 c1 e6 07          	shl    $0x7,%r14
   5:	66 89 93 ac 00 00 00 	mov    %dx,0xac(%rbx)
   c:	4d 03 b5 40 03 00 00 	add    0x340(%r13),%r14
  13:	0f b7 83 a6 00 00 00 	movzwl 0xa6(%rbx),%eax
  1a:	4d 8b 66 08          	mov    0x8(%r14),%r12
  1e:	80 e4 cf             	and    $0xcf,%ah
  21:	80 cc 20             	or     $0x20,%ah
  24:	66 89 83 a6 00 00 00 	mov    %ax,0xa6(%rbx)
  2b:*	49 83 3c 24 00       	cmpq   $0x0,(%r12)     <-- trapping instruction
  30:	0f 84 3b 02 00 00    	je     0x271
  36:	49 8d 84 24 9c 00 00 	lea    0x9c(%r12),%rax
  3d:	00 
  3e:	48                   	rex.W
  3f:	89                   	.byte 0x89

Code starting with the faulting instruction
===========================================
   0:	49 83 3c 24 00       	cmpq   $0x0,(%r12)
   5:	0f 84 3b 02 00 00    	je     0x246
   b:	49 8d 84 24 9c 00 00 	lea    0x9c(%r12),%rax
  12:	00 
  13:	48                   	rex.W
  14:	89                   	.byte 0x89



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ