Bug in test9's fs/open.c

• Next message: Dan Aloni: "Re: Weird combo: VIA vt82c586b+IBM djna-371800+Toshiba XM-5702b"
• Previous message: Steven N. Hirsch: "Can't E-Mail you.."
• In reply to: Gnea: "Weird combo: VIA vt82c586b+IBM djna-371800+Toshiba XM-5702b"
• Next in thread: Dan Aloni: "Re: Weird combo: VIA vt82c586b+IBM djna-371800+Toshiba XM-5702b"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

        Hi there,

I ran into this oops with test9. It appears on irregular base i.e.
it can be immediately after i run X or minutes later.

As far as i can see the problem is a wild pointer (the first
argument of filp_close - filp) in filp_close(), which is called
by sys_close().

Actually to filp is assigned value from files->fd pool.

Attached is the ksymoops output of the oops.

        Petkan

ksymoops 2.3.4 on i686 2.4.0-test9. Options used
     -V (default)
     -k /proc/ksyms (default)
     -l /proc/modules (default)
     -o /lib/modules/2.4.0-test9/ (default)
     -m /boot/System.map-2.4.0-test9 (default)

Warning: You did not tell me where to find symbol information. I will
assume that the log matches the kernel and modules that are running
right now and I'll use the default options above for symbol resolution.
If the current kernel and/or modules do not match the log, you can get
more accurate output by telling me the kernel version and where to find
map, modules, ksyms etc. ksymoops -h explains the options.

Unable to handle kernel paging request at virtual address 00040135
c0129f16
*pde = 00000000
Oops: 0000
CPU: 0
EIP: 0010:[<c0129f16>]
Using defaults from ksymoops -t elf32-i386 -a i386
EFLAGS: 00010297
eax: c7d9cc60 ebx: 00040121 ecx: 00000004 edx: c7d9cbc0
esi: bffff604 edi: 00000000 ebp: bffff60c esp: c76fbfa8
ds: 0018 es: 0018 ss: 0018
Process bash (pid: 1501, stackpage=c76fb000)
Stack: 00040121 bffff604 c0129fb7 00040121 c7d9cbc0 c76fa000 c0108d37 00000004
       00000000 000005de bffff604 00000000 bffff60c 00000006 0000002b 0000002b
       00000006 400e846d 00000023 00000287 bffff5d0 0000002b
Call Trace: [<c0129fb7>] [<c0108d37>]
Code: 8b 43 14 85 c0 75 13 68 e2 09 1b c0 e8 c5 af fe ff 31 c0 83

>>EIP; c0129f16 <filp_close+6/64> <=====
Trace; c0129fb7 <sys_close+43/54>
Trace; c0108d37 <system_call+33/38>
Code; c0129f16 <filp_close+6/64>
00000000 <_EIP>:
Code; c0129f16 <filp_close+6/64> <=====
   0: 8b 43 14 mov 0x14(%ebx),%eax <=====
Code; c0129f19 <filp_close+9/64>
   3: 85 c0 test %eax,%eax
Code; c0129f1b <filp_close+b/64>
   5: 75 13 jne 1a <_EIP+0x1a> c0129f30 <filp_close+20/64>
Code; c0129f1d <filp_close+d/64>
   7: 68 e2 09 1b c0 push $0xc01b09e2
Code; c0129f22 <filp_close+12/64>
   c: e8 c5 af fe ff call fffeafd6 <_EIP+0xfffeafd6> c0114eec <printk+0/15c>
Code; c0129f27 <filp_close+17/64>
  11: 31 c0 xor %eax,%eax
Code; c0129f29 <filp_close+19/64>
  13: 83 00 00 addl $0x0,(%eax)

1 warning issued. Results may not be reliable.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Dan Aloni: "Re: Weird combo: VIA vt82c586b+IBM djna-371800+Toshiba XM-5702b"
• Previous message: Steven N. Hirsch: "Can't E-Mail you.."
• In reply to: Gnea: "Weird combo: VIA vt82c586b+IBM djna-371800+Toshiba XM-5702b"
• Next in thread: Dan Aloni: "Re: Weird combo: VIA vt82c586b+IBM djna-371800+Toshiba XM-5702b"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sat Oct 07 2000 - 21:00:16 EST