| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 5 Sep 2012 13:08:35 -0400 From: Dave Jones <davej@...hat.com> To: Yuchung Cheng <ycheng@...gle.com> Cc: Lin Ming <mlin@...pku.edu.cn>, netdev@...r.kernel.org Subject: Re: kernel BUG at kernel/timer.c:748! On Wed, Sep 05, 2012 at 09:37:12AM -0700, Yuchung Cheng wrote: > On Wed, Sep 5, 2012 at 9:04 AM, Lin Ming <mlin@...pku.edu.cn> wrote: > > On Wed, Sep 5, 2012 at 12:35 PM, Dave Jones <davej@...hat.com> wrote: > >> Just hit this bug on 3.6-rc4. > >> > >> The BUG is.. > >> > >> BUG_ON(!timer->function); > > > > TCP keepalive timer is setup when the socket is created. > > > > __sock_create > > inet_create > > tcp_v4_init_sock > > tcp_init_sock > > tcp_init_xmit_timers > > inet_csk_init_xmit_timers > > > > timer->function should not be NULL when set keepalive option. > > > > Strange...have bug somewhere. > > is this a passively opened socket or actively opened one? I have no idea. That fuzzer ran for around 10 hours before it triggered this. In that time, millions of syscalls were done. Even though I had logs of every syscall, the volume of data to sift through to try and map back to the socket that caused this is firmly in 'needle in haystick' territory. Dave -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists