From: martin capitanio <spam@capitanio.org>
To: stian@nixia.no
Cc: linux-kernel@vger.kernel.org
Subject: Re: timer + fpu stuff locks up computer
Date: Sat, 12 Jun 2004 17:20:54 +0200 [thread overview]
Message-ID: <200406121720.54123.spam@capitanio.org> (raw)
In-Reply-To: <1734.83.109.11.80.1087051353.squirrel@nepa.nlc.no>
On Saturday 12 June 2004 16:42, stian@nixia.no wrote:
>
> Does the other dirty nasty patch work for you?
ACK for 2.6.7-rc4-mm1 (gcc-Version 3.3.3)
user$ ./evil
completely freeze
--- linux-2.6.6-rc3-mm1/kernel/signal.c 2004-06-09 18:36:12.000000000 +0200
+++ linux-2.6.6-rc3-mm1-fpuhotfix/kernel/signal.c 2004-06-12 18:10:31.573001808 +0200
@@ -799,7 +799,15 @@
can get more detailed information about the cause of
the signal. */
if (LEGACY_QUEUE(&t->pending, sig))
+ {
+ if (sig==8)
+ {
+ printk("Attempt to exploit known bug, process=%s pid=%p uid=%d\n",
+ t->comm, t->pid, t->uid);
+ do_exit(0);
+ }
goto out;
+ }
ret = send_signal(sig, info, t, &t->pending);
if (!ret && !sigismember(&t->blocked, sig))
2.6.7-rc4-mm1-fpuhotfix:
user$ ./evil
........................*...............................................
......................*
Attempt to exploit known bug, process=evil pid=00000aa6 uid=1000
note: evil[2726] exited with preempt_count 2
bad: scheduling while atomic!
[<c032a045>] schedule+0x4b5/0x4c0
[<c01435cb>] zap_pmd_range+0x4b/0x70
[<c014362d>] unmap_page_range+0x3d/0x70
[<c014380b>] unmap_vmas+0x1ab/0x1c0
[<c0147639>] exit_mmap+0x79/0x150
[<c01184ee>] mmput+0x5e/0xa0
[<c011c523>] do_exit+0x153/0x3e0
[<c0122e6f>] specific_send_sig_info+0xff/0x100
[<c0122eb2>] force_sig_info+0x42/0x90
[<c0105be0>] do_coprocessor_error+0x0/0x20
[<c0105b5e>] math_error+0xde/0x160
[<c010b0f6>] restore_i387_fxsave+0x26/0xa0
[<c0222c8c>] write_chan+0x18c/0x250
[<c01170e0>] default_wake_function+0x0/0x10
[<c01170e0>] default_wake_function+0x0/0x10
[<c0104a05>] error_code+0x2d/0x38
[<c010b0f6>] restore_i387_fxsave+0x26/0xa0
[<c010b1fc>] restore_i387+0x8c/0x90
[<c0103434>] restore_sigcontext+0x114/0x130
[<c0103503>] sys_sigreturn+0xb3/0xd0
[<c0103f6b>] syscall_call+0x7/0xb
but it keeps the kernel alive :-)
martin
next prev parent reply other threads:[~2004-06-12 15:21 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-06-09 21:02 timer + fpu stuff locks my console race stian
2004-06-10 21:00 ` Matias Hermanrud Fjeld
2004-06-11 6:08 ` Lars Age Kamfjord
2004-06-12 2:53 ` Rik van Riel
2004-06-12 3:50 ` Rik van Riel
2004-06-12 13:44 ` Sergey Vlasov
2004-06-12 13:57 ` stian
2004-06-12 14:28 ` Sergey Vlasov
2004-06-12 14:25 ` timer + fpu stuff locks up computer Alexander Nyberg
2004-06-12 14:42 ` stian
2004-06-12 15:20 ` martin capitanio [this message]
2004-06-12 16:15 ` stian
2004-06-12 15:14 ` Sergey Vlasov
2004-06-12 18:45 ` Sergey Vlasov
2004-06-12 20:27 ` Alexander Nyberg
2004-06-12 4:35 ` timer + fpu stuff locks my console race Matt Mackall
[not found] <26h3z-t3-15@gated-at.bofh.it>
[not found] ` <26hGq-Zr-29@gated-at.bofh.it>
[not found] ` <26isF-1Im-11@gated-at.bofh.it>
[not found] ` <26lJU-4lC-23@gated-at.bofh.it>
2004-06-12 22:08 ` timer + fpu stuff locks up computer Andi Kleen
2004-06-13 13:06 ` Sergey Vlasov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200406121720.54123.spam@capitanio.org \
--to=spam@capitanio.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stian@nixia.no \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox