| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180417195644.7d04aff0@xeon-e3>
Date: Tue, 17 Apr 2018 19:56:44 -0700
From: Stephen Hemminger <stephen@...workplumber.org>
To: Ursula Braun <ubraun@...ux.vnet.ibm.com>
Cc: netdev@...r.kernel.org
Subject: Fw: [Bug 199429] New: smc_shutdown(net/smc/af_smc.c) has a UAF
causing null pointer vulnerability.
This may already be fixed.
Begin forwarded message:
Date: Wed, 18 Apr 2018 01:52:59 +0000
From: bugzilla-daemon@...zilla.kernel.org
To: stephen@...workplumber.org
Subject: [Bug 199429] New: smc_shutdown(net/smc/af_smc.c) has a UAF causing null pointer vulnerability.
https://bugzilla.kernel.org/show_bug.cgi?id=199429
Bug ID: 199429
Summary: smc_shutdown(net/smc/af_smc.c) has a UAF causing null
pointer vulnerability.
Product: Networking
Version: 2.5
Kernel Version: 4.16.0-rc7
Hardware: All
OS: Linux
Tree: Mainline
Status: NEW
Severity: normal
Priority: P1
Component: Other
Assignee: stephen@...workplumber.org
Reporter: 1773876454@...com
Regression: No
Created attachment 275431
--> https://bugzilla.kernel.org/attachment.cgi?id=275431&action=edit
POC
Syzkaller hit 'general protection fault in kernel_sock_shutdown' bug.
NET: Registered protocol family 43
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] SMP KASAN PTI
Dumping ftrace buffer:
(ftrace buffer empty)
Modules linked in: smc ib_core binfmt_misc joydev hid_generic snd_pcm snd_timer
snd usbmouse usbhid soundcore psmouse e1000 hid pcspkr parport_pc input_leds
i2c_piix4 parport serio_raw floppy qemu_fw_cfg evbug mac_hid
CPU: 1 PID: 1751 Comm: syzkaller252340 Not tainted 4.16.0-rc7+ #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1
04/01/2014
RIP: 0010:kernel_sock_shutdown+0x29/0x70 net/socket.c:3255
RSP: 0018:ffff88000666fcf8 EFLAGS: 00010206
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff829206e4
RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000028
RBP: ffff88003b43a0d2 R08: 0000000000000003 R09: 000000000002b3c0
R10: 0000000000000ae7 R11: 00000000000000eb R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
FS: 000000000225b880(0000) GS:ffff88003fc00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f5b85800000 CR3: 000000003bcde004 CR4: 00000000001606e0
Call Trace:
smc_shutdown+0x431/0x4a0 [smc]
SYSC_shutdown net/socket.c:1901 [inline]
SyS_shutdown+0x140/0x250 net/socket.c:1892
do_syscall_64+0x2ee/0x580 arch/x86/entry/common.c:287
entry_SYSCALL_64_after_hwframe+0x3d/0xa2
RIP: 0033:0x4431a9
RSP: 002b:00007ffcccb77758 EFLAGS: 00000217 ORIG_RAX: 0000000000000030
RAX: ffffffffffffffda RBX: 00000000004003d0 RCX: 00000000004431a9
RDX: 00000000004431a9 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000401800 R08: 00000000004003d0 R09: 00000000004003d0
R10: 00000000004003d0 R11: 0000000000000217 R12: 0000000000401890
R13: 0000000000000000 R14: 00000000006b1018 R15: 0000000000000000
Code: 00 00 0f 1f 44 00 00 41 54 55 41 89 f4 53 48 89 fb e8 4c bd ad fe 48 8d
7b 28 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 74 05 e8
7c 62 e0 fe 48 8b 6b 28 48 b8 00 00 00 00
RIP: kernel_sock_shutdown+0x29/0x70 net/socket.c:3255 RSP: ffff88000666fcf8
---[ end trace ac1ba3c5e5bfa977 ]---
0xffffffffa02d1a82 1258 rc =
smc_close_active(smc);
Dump of assembler code from 0xffffffffa02d1a82 to 0xffffffffa02d1a8c:
=> 0xffffffffa02d1a82 <smc_shutdown+1010>: call 0xffffffffa02f3c50
<smc_close_active>
0xffffffffa02d1a87 <smc_shutdown+1015>: mov r13d,eax
0xffffffffa02d1a8a <smc_shutdown+1018>: call 0xffffffff813fc430
End of assembler dump.
rax 0xffff88005a6217c0 -131939878955072
rbx 0xffff88005be55b40 -131939853575360
rcx 0xffffffffa02d1a7f -1607656833
rdx 0x0 0
rsi 0xfffffe01 4294966785
rdi 0xffff88005be55b40 -131939853575360
rbp 0xffff88005be55b52 0xffff88005be55b52
rsp 0xffff88005e887d18 0xffff88005e887d18
r8 0xffff88005f9d0258 -131939791207848
r9 0xffff880060e2bc00 -131939769861120
r10 0xffff88005f9e7340 -131939791113408
r11 0xb9ed 47597
r12 0x0 0
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0xffffffffa02d1a82 0xffffffffa02d1a82 <smc_shutdown+1010>
eflags 0x293 [ CF AF SF IF ]
cs 0x10 16
ss 0x18 24
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
ni:3: Error in sourced command file:
Could not fetch register "fs_base"; remote failure reply 'E14'
(gdb) b *0xffffffffa02d1a87
Breakpoint 36 at 0xffffffffa02d1a87: file ../net/smc/af_smc.c, line 1258.
(gdb) c
Continuing.
[Switching to Thread 4]
Thread 4 hit Hardware watchpoint 34: ((struct smc_sock*)
0xffff88005be55b40)->clcsock
Old value = (struct socket *) 0xffff880058fa5100
New value = (struct socket *) 0x0
smc_tcp_listen_work (work=0xffff88005be55f90) at ../net/smc/af_smc.c:980
980 release_sock(lsk);
(gdb) bt
#0 smc_tcp_listen_work (work=0xffff88005be55f90) at ../net/smc/af_smc.c:980
#1 0xffffffff811dd957 in ?? ()
#2 0xffff880060faf300 in ?? ()
#3 0x000000000be15ecf in ?? ()
#4 0xffff88005f7f5990 in ?? ()
#5 0x1ffff1000be15ed7 in ?? ()
#6 0xffff88005f7f5998 in ?? ()
#7 0xffff88005f7f59a8 in ?? ()
#8 0xffffffff00000000 in ?? ()
#9 0xffff88005f7f59d0 in ?? ()
#10 0xffffffff83000194 in ?? ()
#11 0xffffffff830001a0 in ?? ()
#12 0xffffffff83000194 in ?? ()
#13 0x0000000041b58ab3 in ?? ()
#14 0xffffffff83a0dee0 in ?? ()
#15 0xffffffff811dce50 in ?? ()
#16 0xffffffff83000194 in ?? ()
#17 0xffffffff00000000 in ?? ()
#18 0xffffffff83000194 in ?? ()
#19 0xffffffff830001a0 in ?? ()
#20 0xffffffff83000194 in ?? ()
#21 0xffffffff830001a0 in ?? ()
#22 0xffffffff83000194 in ?? ()
#23 0xffffffff830001a0 in ?? ()
#24 0xcc8f7df19c7e2900 in ?? ()
#25 0xffff880060faf305 in ?? ()
#26 0xffff88005fb88040 in ?? ()
#27 0xffff880057c60040 in ?? ()
#28 0x0000000000000000 in ?? ()
(gdb) file vmlinux
A program is being debugged already.
Are you sure you want to change the file? (y or n) y
Load new symbol table from "vmlinux"? (y or n) y
Reading symbols from vmlinux...done.
warning: File "/home/sdk/linux/scripts/gdb/vmlinux-gdb.py" auto-loading has
been declined by your `auto-load safe-path' set to
"$debugdir:$datadir/auto-load".
(gdb) bt
#0 smc_tcp_listen_work (work=0xffff88005be55f90) at ../net/smc/af_smc.c:980
#1 0xffffffff811dd957 in process_one_work (worker=0xffff88005f7f5988,
work=0xffff88005be55f90) at ../kernel/workqueue.c:2113
#2 0xffffffff811def0d in worker_thread (__worker=0xffff88005f7f5988) at
../kernel/workqueue.c:2247
#3 0xffffffff811f4f5f in kthread (_create=<optimized out>) at
../kernel/kthread.c:238
#4 0xffffffff83000205 in ret_from_fork () at ../arch/x86/entry/entry_64.S:406
#5 0x0000000000000000 in ?? ()
(gdb) bt
#0 smc_tcp_listen_work (work=0xffff88005be55f90) at ../net/smc/af_smc.c:980
#1 0xffffffff811dd957 in process_one_work (worker=0xffff88005f7f5988,
work=0xffff88005be55f90) at ../kernel/workqueue.c:2113
#2 0xffffffff811def0d in worker_thread (__worker=0xffff88005f7f5988) at
../kernel/workqueue.c:2247
#3 0xffffffff811f4f5f in kthread (_create=<optimized out>) at
../kernel/kthread.c:238
#4 0xffffffff83000205 in ret_from_fork () at ../arch/x86/entry/entry_64.S:406
#5 0x0000000000000000 in ?? ()
(gdb) disas $rip,+0x10
Dump of assembler code from 0xffffffffa02d4304 to 0xffffffffa02d4314:
=> 0xffffffffa02d4304 <smc_tcp_listen_work+2724>: call
0xffffffff813fc430 <__sanitizer_cov_trace_pc>
0xffffffffa02d4309 <smc_tcp_listen_work+2729>: mov rdi,r12
0xffffffffa02d430c <smc_tcp_listen_work+2732>: call
0xffffffff82937820 <release_sock>
0xffffffffa02d4311 <smc_tcp_listen_work+2737>: lock dec DWORD PTR
[rbp-0x3d0]
End of assembler dump.
(gdb) c
Continuing.
[Switching to Thread 3]
Thread 3 hit Breakpoint 36, 0xffffffffa02d1a87 in smc_shutdown (sock=<optimized
out>, how=0) at ../net/smc/af_smc.c:1258
1258 rc = smc_close_active(smc);
(gdb) disas $rip,+0x10
Dump of assembler code from 0xffffffffa02d1a87 to 0xffffffffa02d1a97:
=> 0xffffffffa02d1a87 <smc_shutdown+1015>: mov r13d,eax
0xffffffffa02d1a8a <smc_shutdown+1018>: call 0xffffffff813fc430
<__sanitizer_cov_trace_pc>
0xffffffffa02d1a8f <smc_shutdown+1023>: lea rdi,[rbx+0x2c8]
0xffffffffa02d1a96 <smc_shutdown+1030>: movabs rax,0xdffffc0000000000
End of assembler dump.
(gdb) so ni
1264 rc1 = kernel_sock_shutdown(smc->clcsock, how);
Dump of assembler code from 0xffffffffa02d1a8a to 0xffffffffa02d1a94:
=> 0xffffffffa02d1a8a <smc_shutdown+1018>: call 0xffffffff813fc430
<__sanitizer_cov_trace_pc>
0xffffffffa02d1a8f <smc_shutdown+1023>: lea rdi,[rbx+0x2c8]
End of assembler dump.
rax 0x0 0
rbx 0xffff88005be55b40 -131939853575360
rcx 0xffffffffa02f482b -1607514069
rdx 0x0 0
rsi 0x0 0
rdi 0xffff88005be55c50 -131939853575088
rbp 0xffff88005be55b52 0xffff88005be55b52
rsp 0xffff88005e887d18 0xffff88005e887d18
r8 0x88 136
r9 0xffff880060f2bc00 -131939768812544
r10 0xffff88005e17f2f8 -131939816705288
r11 0xb839 47161
r12 0x0 0
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0xffffffffa02d1a8a 0xffffffffa02d1a8a <smc_shutdown+1018>
eflags 0x282 [ SF IF ]
cs 0x10 16
ss 0x18 24
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
ni:3: Error in sourced command file:
Could not fetch register "fs_base"; remote failure reply 'E14'
(gdb)
0xffffffffa02d1a8f 1264 rc1 =
kernel_sock_shutdown(smc->clcsock, how);
Dump of assembler code from 0xffffffffa02d1a8f to 0xffffffffa02d1a99:
=> 0xffffffffa02d1a8f <smc_shutdown+1023>: lea rdi,[rbx+0x2c8]
0xffffffffa02d1a96 <smc_shutdown+1030>: movabs rax,0xdffffc0000000000
End of assembler dump.
rax 0xffff88005a6217c0 -131939878955072
rbx 0xffff88005be55b40 -131939853575360
rcx 0xffffffffa02d1a8f -1607656817
rdx 0x0 0
rsi 0x0 0
rdi 0xffff88005be55c50 -131939853575088
rbp 0xffff88005be55b52 0xffff88005be55b52
rsp 0xffff88005e887d18 0xffff88005e887d18
r8 0x88 136
r9 0xffff880060f2bc00 -131939768812544
r10 0xffff88005e17f2f8 -131939816705288
r11 0xb839 47161
r12 0x0 0
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0xffffffffa02d1a8f 0xffffffffa02d1a8f <smc_shutdown+1023>
eflags 0x293 [ CF AF SF IF ]
cs 0x10 16
ss 0x18 24
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
ni:3: Error in sourced command file:
Could not fetch register "fs_base"; remote failure reply 'E14'
(gdb)
0xffffffffa02d1a96 1264 rc1 =
kernel_sock_shutdown(smc->clcsock, how);
Dump of assembler code from 0xffffffffa02d1a96 to 0xffffffffa02d1aa0:
=> 0xffffffffa02d1a96 <smc_shutdown+1030>: movabs rax,0xdffffc0000000000
End of assembler dump.
rax 0xffff88005a6217c0 -131939878955072
rbx 0xffff88005be55b40 -131939853575360
rcx 0xffffffffa02d1a8f -1607656817
rdx 0x0 0
rsi 0x0 0
rdi 0xffff88005be55e08 -131939853574648
rbp 0xffff88005be55b52 0xffff88005be55b52
rsp 0xffff88005e887d18 0xffff88005e887d18
r8 0x88 136
r9 0xffff880060f2bc00 -131939768812544
r10 0xffff88005e17f2f8 -131939816705288
r11 0xb839 47161
r12 0x0 0
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0xffffffffa02d1a96 0xffffffffa02d1a96 <smc_shutdown+1030>
eflags 0x293 [ CF AF SF IF ]
cs 0x10 16
ss 0x18 24
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
ni:3: Error in sourced command file:
Could not fetch register "fs_base"; remote failure reply 'E14'
(gdb)
0xffffffffa02d1aa0 1264 rc1 =
kernel_sock_shutdown(smc->clcsock, how);
Dump of assembler code from 0xffffffffa02d1aa0 to 0xffffffffa02d1aaa:
=> 0xffffffffa02d1aa0 <smc_shutdown+1040>: mov rdx,rdi
0xffffffffa02d1aa3 <smc_shutdown+1043>: shr rdx,0x3
0xffffffffa02d1aa7 <smc_shutdown+1047>: cmp BYTE PTR [rdx+rax*1],0x0
End of assembler dump.
rax 0xdffffc0000000000 -2305847407260205056
rbx 0xffff88005be55b40 -131939853575360
rcx 0xffffffffa02d1a8f -1607656817
rdx 0x0 0
rsi 0x0 0
rdi 0xffff88005be55e08 -131939853574648
rbp 0xffff88005be55b52 0xffff88005be55b52
rsp 0xffff88005e887d18 0xffff88005e887d18
r8 0x88 136
r9 0xffff880060f2bc00 -131939768812544
r10 0xffff88005e17f2f8 -131939816705288
r11 0xb839 47161
r12 0x0 0
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0xffffffffa02d1aa0 0xffffffffa02d1aa0 <smc_shutdown+1040>
eflags 0x293 [ CF AF SF IF ]
cs 0x10 16
ss 0x18 24
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
ni:3: Error in sourced command file:
Could not fetch register "fs_base"; remote failure reply 'E14'
(gdb)
0xffffffffa02d1aa3 1264 rc1 =
kernel_sock_shutdown(smc->clcsock, how);
Dump of assembler code from 0xffffffffa02d1aa3 to 0xffffffffa02d1aad:
=> 0xffffffffa02d1aa3 <smc_shutdown+1043>: shr rdx,0x3
0xffffffffa02d1aa7 <smc_shutdown+1047>: cmp BYTE PTR [rdx+rax*1],0x0
0xffffffffa02d1aab <smc_shutdown+1051>: je 0xffffffffa02d1ab2
<smc_shutdown+1058>
End of assembler dump.
rax 0xdffffc0000000000 -2305847407260205056
rbx 0xffff88005be55b40 -131939853575360
rcx 0xffffffffa02d1a8f -1607656817
rdx 0xffff88005be55e08 -131939853574648
rsi 0x0 0
rdi 0xffff88005be55e08 -131939853574648
rbp 0xffff88005be55b52 0xffff88005be55b52
rsp 0xffff88005e887d18 0xffff88005e887d18
r8 0x88 136
r9 0xffff880060f2bc00 -131939768812544
r10 0xffff88005e17f2f8 -131939816705288
r11 0xb839 47161
r12 0x0 0
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0xffffffffa02d1aa3 0xffffffffa02d1aa3 <smc_shutdown+1043>
eflags 0x293 [ CF AF SF IF ]
cs 0x10 16
ss 0x18 24
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
ni:3: Error in sourced command file:
Could not fetch register "fs_base"; remote failure reply 'E14'
(gdb)
0xffffffffa02d1aa7 1264 rc1 =
kernel_sock_shutdown(smc->clcsock, how);
Dump of assembler code from 0xffffffffa02d1aa7 to 0xffffffffa02d1ab1:
=> 0xffffffffa02d1aa7 <smc_shutdown+1047>: cmp BYTE PTR [rdx+rax*1],0x0
0xffffffffa02d1aab <smc_shutdown+1051>: je 0xffffffffa02d1ab2
<smc_shutdown+1058>
0xffffffffa02d1aad <smc_shutdown+1053>: call 0xffffffff81726980
<__asan_report_load8_noabort>
End of assembler dump.
rax 0xdffffc0000000000 -2305847407260205056
rbx 0xffff88005be55b40 -131939853575360
rcx 0xffffffffa02d1a8f -1607656817
rdx 0x1ffff1000b7cabc1 2305826516731997121
rsi 0x0 0
rdi 0xffff88005be55e08 -131939853574648
rbp 0xffff88005be55b52 0xffff88005be55b52
rsp 0xffff88005e887d18 0xffff88005e887d18
r8 0x88 136
r9 0xffff880060f2bc00 -131939768812544
r10 0xffff88005e17f2f8 -131939816705288
r11 0xb839 47161
r12 0x0 0
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0xffffffffa02d1aa7 0xffffffffa02d1aa7 <smc_shutdown+1047>
eflags 0x202 [ IF ]
cs 0x10 16
ss 0x18 24
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
ni:3: Error in sourced command file:
Could not fetch register "fs_base"; remote failure reply 'E14'
(gdb)
0xffffffffa02d1aab 1264 rc1 =
kernel_sock_shutdown(smc->clcsock, how);
Dump of assembler code from 0xffffffffa02d1aab to 0xffffffffa02d1ab5:
=> 0xffffffffa02d1aab <smc_shutdown+1051>: je 0xffffffffa02d1ab2
<smc_shutdown+1058>
0xffffffffa02d1aad <smc_shutdown+1053>: call 0xffffffff81726980
<__asan_report_load8_noabort>
0xffffffffa02d1ab2 <smc_shutdown+1058>: mov rdi,QWORD PTR
[rbx+0x2c8]
End of assembler dump.
rax 0xdffffc0000000000 -2305847407260205056
rbx 0xffff88005be55b40 -131939853575360
rcx 0xffffffffa02d1a8f -1607656817
rdx 0x1ffff1000b7cabc1 2305826516731997121
rsi 0x0 0
rdi 0xffff88005be55e08 -131939853574648
rbp 0xffff88005be55b52 0xffff88005be55b52
rsp 0xffff88005e887d18 0xffff88005e887d18
r8 0x88 136
r9 0xffff880060f2bc00 -131939768812544
r10 0xffff88005e17f2f8 -131939816705288
r11 0xb839 47161
r12 0x0 0
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0xffffffffa02d1aab 0xffffffffa02d1aab <smc_shutdown+1051>
eflags 0x246 [ PF ZF IF ]
cs 0x10 16
ss 0x18 24
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
ni:3: Error in sourced command file:
Could not fetch register "fs_base"; remote failure reply 'E14'
(gdb)
Thread 3 hit Breakpoint 32, 0xffffffffa02d1ab2 in smc_shutdown (sock=<optimized
out>, how=0) at ../net/smc/af_smc.c:1264
1264 rc1 = kernel_sock_shutdown(smc->clcsock, how);
Dump of assembler code from 0xffffffffa02d1ab2 to 0xffffffffa02d1abc:
=> 0xffffffffa02d1ab2 <smc_shutdown+1058>: mov rdi,QWORD PTR
[rbx+0x2c8]
0xffffffffa02d1ab9 <smc_shutdown+1065>: mov esi,r12d
End of assembler dump.
rax 0xdffffc0000000000 -2305847407260205056
rbx 0xffff88005be55b40 -131939853575360
rcx 0xffffffffa02d1a8f -1607656817
rdx 0x1ffff1000b7cabc1 2305826516731997121
rsi 0x0 0
rdi 0xffff88005be55e08 -131939853574648
rbp 0xffff88005be55b52 0xffff88005be55b52
rsp 0xffff88005e887d18 0xffff88005e887d18
r8 0x88 136
r9 0xffff880060f2bc00 -131939768812544
r10 0xffff88005e17f2f8 -131939816705288
r11 0xb839 47161
r12 0x0 0
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0xffffffffa02d1ab2 0xffffffffa02d1ab2 <smc_shutdown+1058>
eflags 0x246 [ PF ZF IF ]
cs 0x10 16
ss 0x18 24
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
ni:3: Error in sourced command file:
Could not fetch register "fs_base"; remote failure reply 'E14'
(gdb)
0xffffffffa02d1ab9 1264 rc1 =
kernel_sock_shutdown(smc->clcsock, how);
Dump of assembler code from 0xffffffffa02d1ab9 to 0xffffffffa02d1ac3:
=> 0xffffffffa02d1ab9 <smc_shutdown+1065>: mov esi,r12d
0xffffffffa02d1abc <smc_shutdown+1068>: call 0xffffffff829206d0
<kernel_sock_shutdown>
0xffffffffa02d1ac1 <smc_shutdown+1073>: lea rdi,[rbx+0x24a]
End of assembler dump.
rax 0xdffffc0000000000 -2305847407260205056
rbx 0xffff88005be55b40 -131939853575360
rcx 0xffffffffa02d1a8f -1607656817
rdx 0x1ffff1000b7cabc1 2305826516731997121
rsi 0x0 0
rdi 0x0 0
rbp 0xffff88005be55b52 0xffff88005be55b52
rsp 0xffff88005e887d18 0xffff88005e887d18
r8 0x88 136
r9 0xffff880060f2bc00 -131939768812544
r10 0xffff88005e17f2f8 -131939816705288
r11 0xb839 47161
r12 0x0 0
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0xffffffffa02d1ab9 0xffffffffa02d1ab9 <smc_shutdown+1065>
eflags 0x246 [ PF ZF IF ]
cs 0x10 16
ss 0x18 24
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
ni:3: Error in sourced command file:
Could not fetch register "fs_base"; remote failure reply 'E14'
(gdb)
--
You are receiving this mail because:
You are the assignee for the bug.
Powered by blists - more mailing lists