From: Eric Paris <eparis@redhat.com>
To: Jiri Slaby <jirislaby@gmail.com>
Cc: Parag Warudkar <parag.warudkar@gmail.com>,
linux-kernel@vger.kernel.org, thomas@m3y3r.de, sds@tycho.nsa.gov,
jmorris@namei.org, eparis@parisplace.org
Subject: Re: 2.6.31-rc2: BUG: unable to handle kernel NULL pointer dereference
Date: Sun, 12 Jul 2009 17:56:10 -0400 [thread overview]
Message-ID: <1247435770.3068.7.camel@localhost> (raw)
In-Reply-To: <4A5A46ED.7010907@gmail.com>
On Sun, 2009-07-12 at 22:26 +0200, Jiri Slaby wrote:
> On 07/12/2009 07:30 PM, Parag Warudkar wrote:
> > static void selinux_write_opts(struct seq_file *m,
> > 1012 struct security_mnt_opts *opts)
> > 1013 {
> > 1014 int i;
> > 1015 char *prefix;
> > 1016
> > 1017 for (i = 0; i < opts->num_mnt_opts; i++) {
> > 1018 char *has_comma;
> > 1019
> > 1020 if (opts->mnt_opts[i])
> > 1021 has_comma = strchr(opts->mnt_opts[i], ',');
> > ^^^^^^^^^^^^^^^^^^^^^^^^^
> > And that is a NULL pointer dereference - but we just checked for
> > opts->mnt_opts[i] for not NULL.
>
> Note, that there is not a NULL dereference. It dereferences 0x40 which
> came in as %rdi. Looks like somebody assigned garbage in there.
>
> Or a single bit mem error. Is memtest OK with this machine?
>
> What warning tainted the kernel before this oops is still interesting...
I just looked over the selinux code where we build the
security_mnt_opts. We can do a 0 length kmalloc, but that should hurt
aything. I should probably not be doing any allocations and leaving the
opts->mnt_opts and opts->mnt_opts_flags == NULL, but 0x40 !=
ZERO_SIZE_PTR(0x10) nor is the security_mnt_opts structure anywhere near
large enough to hit an offset of 0x40.....
I really think I'd like to see any previous BUG/WARN messages you got
and like Jiri said, see if memtest86+ runs cleanly....
-Eric
next prev parent reply other threads:[~2009-07-12 21:57 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-07-12 14:47 2.6.31-rc2: BUG: unable to handle kernel NULL pointer dereference Thomas Meyer
2009-07-12 17:30 ` Parag Warudkar
2009-07-12 20:26 ` Jiri Slaby
2009-07-12 21:54 ` Parag Warudkar
2009-07-12 21:56 ` Eric Paris [this message]
2009-07-13 17:00 ` Thomas Meyer
2009-07-13 17:45 ` Jiri Slaby
2009-07-20 19:23 ` Thomas Meyer
2009-07-22 20:28 ` Rafael J. Wysocki
2009-07-24 11:03 ` Jiri Slaby
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1247435770.3068.7.camel@localhost \
--to=eparis@redhat.com \
--cc=eparis@parisplace.org \
--cc=jirislaby@gmail.com \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=parag.warudkar@gmail.com \
--cc=sds@tycho.nsa.gov \
--cc=thomas@m3y3r.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.