Re: PROBLEM: task->tty->driver problem/oops in proc_pid_sta

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: "Petr Vandrovec" <VANDROVE@vc.cvut.cz>
To: Brice Figureau <brice@daysofwonder.com>
Cc: linux-kernel@vger.kernel.org, akpm@osdl.org, wli@holomorphy.com
Subject: Re: PROBLEM: task->tty->driver problem/oops in proc_pid_sta
Date: Wed, 10 Mar 2004 15:32:00 +0200	[thread overview]
Message-ID: <48F1C131BD@vcnet.vc.cvut.cz> (raw)

On 10 Mar 04 at 11:54, Brice Figureau wrote:

> I've digged a little deeper into the following oops that occurs every
> night on my servers (see my previous mail):

Or you could dig LKML archives - I reported it in jan & feb three times.

> Something interesting: the oops occurs always in a thread (either mysql
> or java), not in a principal process (verified by finding the only task
> that is locked by doing some cat in /proc/<pid>/task/).

wli has a patch, unfortunately for some reason it did not hit
main kernel yet. I've put it (without Wli's permission) at 
http://platan.vc.cvut.cz/ftp/pub/linux/pidstat.patch.
For unknown reason patch did not find its way to Linus's kernel yet,
although it renders 2.6.x unusable in any multiuser environment.

> Then I tried to reproduce it exactly and found the following:
> 1) log in with ssh on the server (this allocates a tty: /dev/pts/0)
> 2) launch a java application using some threads, the application in
> question uses /dev/pts/0 as tty
> 3) log-out, this releases /dev/pts/0
> 4) log in again (this session uses /dev/pts/1)
> 5) run chkrootkit or a 'ps mauxgww' -> the previous oops is reported.

I have simple C program which you run under normal account on any
2.6.x kernel and it will turn box into dead piece of metal if SMP
kernel is used, or at least all 'ps' services stop (on UP kernel).
Not useful as exploit, but quite sufficient as a DoS.
                                                            Petr Vandrovec

next             reply	other threads:[~2004-03-10 14:32 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-03-10 13:32 Petr Vandrovec [this message]
2004-03-10 14:44 ` PROBLEM: task->tty->driver problem/oops in proc_pid_sta William Lee Irwin III
2004-03-10 14:59   ` William Lee Irwin III

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=48F1C131BD@vcnet.vc.cvut.cz \
    --to=vandrove@vc.cvut.cz \
    --cc=akpm@osdl.org \
    --cc=brice@daysofwonder.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=wli@holomorphy.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox