* [uml-devel] trinity fuzzying gave : BUG anon_vma (Not tainted): Redzone overwritten
@ 2013-05-14 16:15 Toralf Förster
0 siblings, 0 replies; only message in thread
From: Toralf Förster @ 2013-05-14 16:15 UTC (permalink / raw)
To: user-mode-linux-devel@lists.sourceforge.net
Although it just happens for the first time I'd like to share this.
Got by fuzzyinga 32bit stable Gentoo guest with trinity,
guest kernel is linux-v3.10-rc1-36 (strnlen + stub4 patch included) :
2013-05-14T18:06:15.405+02:00 trinity kernel: =============================================================================
2013-05-14T18:06:15.405+02:00 trinity kernel: BUG anon_vma (Not tainted): Redzone overwritten
2013-05-14T18:06:15.405+02:00 trinity kernel: -----------------------------------------------------------------------------
2013-05-14T18:06:15.405+02:00 trinity kernel:
2013-05-14T18:06:15.405+02:00 trinity kernel: Disabling lock debugging due to kernel taint
2013-05-14T18:06:15.405+02:00 trinity kernel: INFO: 0x405084f8-0x405084fb. First byte 0xe8 instead of 0xcc
2013-05-14T18:06:15.405+02:00 trinity kernel: INFO: Allocated in anon_vma_prepare+0x6a/0x160 age=1631 cpu=0 pid=856
2013-05-14T18:06:15.405+02:00 trinity kernel: INFO: Freed in __put_anon_vma+0x93/0xa0 age=1651 cpu=0 pid=854
2013-05-14T18:06:15.405+02:00 trinity kernel: INFO: Slab 0x0ae47800 objects=46 used=7 fp=0x40508108 flags=0x0081
2013-05-14T18:06:15.405+02:00 trinity kernel: INFO: Object 0x405084d0 @offset=1232 fp=0x405084e8
2013-05-14T18:06:15.410+02:00 trinity kernel:
2013-05-14T18:06:15.410+02:00 trinity kernel: Bytes b4 405084c0: 59 03 00 00 00 99 ff ff 5a 5a 5a 5a 5a 5a 5a 5a Y.......ZZZZZZZZ
2013-05-14T18:06:15.410+02:00 trinity kernel: Object 405084d0: d0 84 50 40 00 00 00 00 01 00 00 00 ad 4e ad de ..P@.........N..
2013-05-14T18:06:15.410+02:00 trinity kernel: Object 405084e0: ff ff ff ff ff ff ff ff e8 84 50 40 e8 84 50 40 ..........P@..P@
2013-05-14T18:06:15.410+02:00 trinity kernel: Object 405084f0: 00 00 00 00 00 00 00 00 ........
2013-05-14T18:06:15.410+02:00 trinity kernel: Redzone 405084f8: e8 84 50 40 ..P@
2013-05-14T18:06:15.410+02:00 trinity kernel: Padding 40508520: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
2013-05-14T18:06:15.410+02:00 trinity kernel: CPU: 0 PID: 856 Comm: rc Tainted: G B 3.10.0-rc1-00036-g05d129d #9
2013-05-14T18:06:15.410+02:00 trinity kernel: 416a7c1c 416a7c48 080f9da0 083db92c 405084d0 000004d0 405084e8 0ae47800
2013-05-14T18:06:15.410+02:00 trinity kernel: 405084f8 00000004 405084fb 416a7c80 080fa378 083dba0c 405084f8 405084fb
2013-05-14T18:06:15.411+02:00 trinity kernel: 000000e8 000000cc 0000005a 405084d0 0ae47800 414496c0 414496c0 405084d0 416a7bf0: [<08060cff>] show_stack+0xcf/0x100
2013-05-14T18:06:15.411+02:00 trinity kernel: 416a7c14: [<0835ed79>] dump_stack+0x26/0x28
2013-05-14T18:06:15.411+02:00 trinity kernel: 416a7c24: [<080f9da0>] print_trailer+0xe0/0xf0
2013-05-14T18:06:15.411+02:00 trinity kernel: 416a7c4c: [<080fa378>] check_bytes_and_report+0xa8/0x100
2013-05-14T18:06:15.411+02:00 trinity kernel: 416a7c84: [<080fa41f>] check_object+0x4f/0x210
2013-05-14T18:06:15.411+02:00 trinity kernel: 416a7cc0: [<0835d4c9>] free_debug_processing+0xd0/0x216
2013-05-14T18:06:15.411+02:00 trinity kernel: 416a7cec: [<0835d6fd>] __slab_free+0x2d/0x282
2013-05-14T18:06:15.411+02:00 trinity kernel: 416a7d50: [<080fba79>] kmem_cache_free+0xe9/0x100
2013-05-14T18:06:15.411+02:00 trinity kernel: 416a7d74: [<080ee373>] __put_anon_vma+0x93/0xa0
2013-05-14T18:06:15.411+02:00 trinity kernel: 416a7d8c: [<080ee61c>] unlink_anon_vmas+0x13c/0x1a0
2013-05-14T18:06:15.413+02:00 trinity kernel: 416a7db4: [<080e4355>] free_pgtables+0x55/0xe0
2013-05-14T18:06:15.413+02:00 trinity kernel: 416a7ddc: [<080eb84e>] exit_mmap+0xbe/0x170
2013-05-14T18:06:15.413+02:00 trinity kernel: 416a7e14: [<0807991d>] mmput+0x3d/0xb0
2013-05-14T18:06:15.413+02:00 trinity kernel: 416a7e28: [<08081086>] do_exit+0x2f6/0x880
2013-05-14T18:06:15.413+02:00 trinity kernel: 416a7e78: [<080816f9>] do_group_exit+0xa9/0xf0
2013-05-14T18:06:15.413+02:00 trinity kernel: 416a7ea0: [<08081759>] SyS_exit_group+0x19/0x20
2013-05-14T18:06:15.413+02:00 trinity kernel: 416a7eac: [<08062ac2>] handle_syscall+0x82/0xb0
2013-05-14T18:06:15.413+02:00 trinity kernel: 416a7ef4: [<0807519d>] userspace+0x46d/0x590
2013-05-14T18:06:15.413+02:00 trinity kernel: 416a7fec: [<0805f7fc>] fork_handler+0x6c/0x70
2013-05-14T18:06:15.413+02:00 trinity kernel: 416a7ffc: [<00000000>] 0x0
2013-05-14T18:06:15.414+02:00 trinity kernel:
2013-05-14T18:06:15.414+02:00 trinity kernel: FIX anon_vma: Restoring 0x405084f8-0x405084fb=0xcc
2013-05-14T18:06:15.414+02:00 trinity kernel:
2013-05-14T18:06:22.639+02:00 trinity kernel: INFO: 0x405084f8-0x405084fb. First byte 0xcc instead of 0xbb
2013-05-14T18:06:22.639+02:00 trinity kernel: INFO: Allocated in anon_vma_prepare+0x6a/0x160 age=2360 cpu=0 pid=856
2013-05-14T18:06:22.639+02:00 trinity kernel: INFO: Freed in __put_anon_vma+0x93/0xa0 age=2380 cpu=0 pid=854
2013-05-14T18:06:22.639+02:00 trinity kernel: INFO: Slab 0x0ae47800 objects=46 used=46 fp=0x (null) flags=0x0080
2013-05-14T18:06:22.639+02:00 trinity kernel: INFO: Object 0x405084d0 @offset=1232 fp=0x40508108
2013-05-14T18:06:22.639+02:00 trinity kernel:
2013-05-14T18:06:22.644+02:00 trinity kernel: Bytes b4 405084c0: 59 03 00 00 00 99 ff ff 5a 5a 5a 5a 5a 5a 5a 5a Y.......ZZZZZZZZ
2013-05-14T18:06:22.644+02:00 trinity kernel: Object 405084d0: d0 84 50 40 00 00 00 00 01 00 00 00 ad 4e ad de ..P@.........N..
2013-05-14T18:06:22.644+02:00 trinity kernel: Object 405084e0: ff ff ff ff ff ff ff ff e8 84 50 40 e8 84 50 40 ..........P@..P@
2013-05-14T18:06:22.644+02:00 trinity kernel: Object 405084f0: 00 00 00 00 00 00 00 00 ........
2013-05-14T18:06:22.644+02:00 trinity kernel: Redzone 405084f8: cc cc cc cc ....
2013-05-14T18:06:22.644+02:00 trinity kernel: Padding 40508520: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ
2013-05-14T18:06:22.644+02:00 trinity kernel: CPU: 0 PID: 964 Comm: sshd Tainted: G B 3.10.0-rc1-00036-g05d129d #9
2013-05-14T18:06:22.644+02:00 trinity kernel: 41837c0c 41837c38 080f9da0 083db92c 405084d0 000004d0 40508108 0ae47800
2013-05-14T18:06:22.644+02:00 trinity kernel: 405084f8 00000004 405084fb 41837c70 080fa378 083dba0c 405084f8 405084fb
2013-05-14T18:06:22.644+02:00 trinity kernel: 000000cc 000000bb 0000005a 405084d0 0ae47800 414496c0 414496c0 405084d0 41837be0: [<08060cff>] show_stack+0xcf/0x100
2013-05-14T18:06:22.653+02:00 trinity kernel: 41837c04: [<0835ed79>] dump_stack+0x26/0x28
2013-05-14T18:06:22.653+02:00 trinity kernel: 41837c14: [<080f9da0>] print_trailer+0xe0/0xf0
2013-05-14T18:06:22.653+02:00 trinity kernel: 41837c3c: [<080fa378>] check_bytes_and_report+0xa8/0x100
2013-05-14T18:06:22.653+02:00 trinity kernel: 41837c74: [<080fa41f>] check_object+0x4f/0x210
2013-05-14T18:06:22.653+02:00 trinity kernel: 41837cb0: [<0835d368>] alloc_debug_processing+0x7d/0x10e
2013-05-14T18:06:22.653+02:00 trinity kernel: 41837cd4: [<0835ddd9>] __slab_alloc.constprop.66+0x3ca/0x41c
2013-05-14T18:06:22.653+02:00 trinity kernel: 41837d68: [<080fb833>] kmem_cache_alloc+0x33/0xf0
2013-05-14T18:06:22.653+02:00 trinity kernel: 41837d94: [<080ee85a>] anon_vma_fork+0x4a/0x110
2013-05-14T18:06:22.653+02:00 trinity kernel: 41837db4: [<08079e61>] dup_mm+0x261/0x490
2013-05-14T18:06:22.653+02:00 trinity kernel: 41837e04: [<0807aa7a>] copy_process+0x9aa/0x11c0
2013-05-14T18:06:22.658+02:00 trinity kernel: 41837e4c: [<0807b375>] do_fork+0x95/0x250
2013-05-14T18:06:22.658+02:00 trinity kernel: 41837e90: [<0807b61e>] SyS_clone+0x2e/0x30
2013-05-14T18:06:22.658+02:00 trinity kernel: 41837eac: [<08062ac2>] handle_syscall+0x82/0xb0
2013-05-14T18:06:22.658+02:00 trinity kernel: 41837ef4: [<0807519d>] userspace+0x46d/0x590
2013-05-14T18:06:22.658+02:00 trinity kernel: 41837fec: [<0805f7fc>] fork_handler+0x6c/0x70
2013-05-14T18:06:22.658+02:00 trinity kernel: 41837ffc: [<00000000>] 0x0
2013-05-14T18:06:22.658+02:00 trinity kernel:
2013-05-14T18:06:22.658+02:00 trinity kernel: FIX anon_vma: Restoring 0x405084f8-0x405084fb=0xbb
2013-05-14T18:06:22.658+02:00 trinity kernel:
2013-05-14T18:06:22.658+02:00 trinity kernel: FIX anon_vma: Marking all objects used
--
MfG/Sincerely
Toralf Förster
pgp finger print: 7B1A 07F4 EC82 0F90 D4C2 8936 872A E508 7DB6 9DA3
------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2013-05-14 16:15 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-05-14 16:15 [uml-devel] trinity fuzzying gave : BUG anon_vma (Not tainted): Redzone overwritten Toralf Förster
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.