2.0.35 oops (ipv4 networking bug?)

Jordan Mendelson (jordy@wserv.com)
Thu, 8 Oct 1998 17:09:01 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David Woodhouse: "Re: [patch] Oops fix for aha152x driver."
Previous message: Andrea Arcangeli: "Re: OOM Patches: Tests and Results"

Just got this while running a portscan (for IRC bots) on some host...
unfortunately I don't know what host, but:

>>EIP: 146b74 <tcp_v4_unhash+18/48>
Trace: 148552 <tcp_close+20e/218>
Trace: 152663 <inet_release+67/70>
Trace: 137c5c <sock_release+5c/9c>
Trace: 137e95 <sock_close+25/2c>
Trace: 122c4c <__fput+1c/40>
Trace: 122cbc <close_fp+4c/5c>
Trace: 122d10 <sys_close+44/50>
Trace: 10a5e5 <system_call+55/80>
Code: 146b74 <tcp_v4_unhash+18/48>
Code: 146b74 <tcp_v4_unhash+18/48> 89 50 68 movl
%edx,0x68(%eax)
Code: 146b77 <tcp_v4_unhash+1b/48> 8b 51 68 movl
0x68(%ecx),%edx
Code: 146b7a <tcp_v4_unhash+1e/48> 8b 41 64 movl
0x64(%ecx),%eax
Code: 146b7d <tcp_v4_unhash+21/48> 89 02 movl %eax,(%edx)
Code: 146b7f <tcp_v4_unhash+23/48> c7 41 68 00 00 movl
$0x0,0x68(%ecx)
Code: 146b86 <tcp_v4_unhash+2a/48> 8b 51 00 movl
0x0(%ecx),%edx
Code: 146b89 <tcp_v4_unhash+2d/48> 90 nop
Code: 146b8a <tcp_v4_unhash+2e/48> 90 nop
Code: 146b8b <tcp_v4_unhash+2f/48> 90 nop

Unable to handle kernel paging request at virtual address dae34c51
current->tss.cr3 = 00acf000, 8r3 = 00acf000
*pde = 00000000
Oops: 0002
CPU: 0
EIP: 0010:[<00146b74>]
EFLAGS: 00010202
eax: 1ae34be9 ebx: 05b19810 ecx: 05b19810 edx: 200061a5
esi: 05b198d0 edi: 00000000 ebp: 00000001 esp: 023f4f30
ds: 0018 es: 0018 fs: 002b gs: 002b ss: 0018
Process botscan.real (pid: 30013, process nr: 148, stackpage=023f4000)
Stack: 00148552 05b19810 05b19810 05632390 05632390 00152663 05b19810
00000000
05632300 00000000 00137c5c 05632390 00000000 05632300 05632300
05632300
bffff1fc 00137e95 05632390 006ed044 00122c4c 05632300 006ed044
00000000
Call Trace: [<00148552>] [<00152663>] [<00137c5c>] [<00137e95>] [<00122c4c>]
[<00122cbc>] [<00122d10>]
[<0010a5e5>]
Code: 89 50 68 8b 51 68 8b 41 64 89 02 c7 41 68 00 00 00 00 8b 51
Aiee, killing interrupt handler

The program in question simply opens a full TCP socket and then closes it,
no stealth scanning, nothing... just open() and close() and a read() in
between.

Linux snappy 2.0.35 #5 Sun Sep 13 17:16:18 EDT 1998 i586
P120 w/ Intel EEPro 100b Eth card, 128 megs of RAM, Approx 186 sockets open

No crash, it seems to have recovered..

Jordan

-- Jordan Mendelson : http://jordy.wserv.com Web Services, Inc. : http://www.wserv.com

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: David Woodhouse: "Re: [patch] Oops fix for aha152x driver."
Previous message: Andrea Arcangeli: "Re: OOM Patches: Tests and Results"