re: Kernel oops in read()

From: Larry Sendlosky (larry@scrugs.lkg.dec.com)
Date: Fri Jun 02 2000 - 07:44:10 EST

Resend - I forgot to include kernel version on XP1000, and original
mail had bogus mail addr for axp-list..... larry

On a DP264 running 2.4-test1 (RedHat 6.1, or 6.2, I forget) libc 2.1.3.
Program loops and strace shows

read(3, 0, 1768849408) = -1 EFAULT (Bad address)
read(3, 0, 1768849408) = -1 EFAULT (Bad address)
....

On a XP1000 2.2.15 with RedHat 6.1, libc 2.1.2
The program segfaults..

> ./test
fd = 3
Segmentation fault
>

> This is kernel 2.2.15 or 2.2.16pre7 (same on both). The following
> test program, run as *ANY* user on the system (not just root), causes
> a segfault (expected) and a kernel oops every time it is run. (Note:
> this malloc is supposed to fail. If it gets that much RAM on your
> system, buy a slower box <g>)
>
> #include <stdio.h>
> #include <unistd.h>
> #include <sys/types.h>
> #include <fcntl.h>
>
> void main(void) {
> int fd;
> char *buf;
>
> fd = open("/bin/bash", O_RDONLY);
> lseek(fd, 98, SEEK_SET);
> buf = malloc(1768849408);
> printf("fd = %d\n", fd);
> while (1) {
> read(fd, buf, 1768849408);
> }
> }
>
> Strace gives:
>
> write(1, "fd = 3\n", 7fd = 3
> ) = 7
> read(3, <unfinished ...>
> +++ killed by SIGSEGV +++
>
> The platform is DEC Alpha, 21164a CPU, 256M RAM, Debian.
>
> The oops is:
>
> Unable to handle kernel paging request at virtual address 0000000000000000
> test(3515): Oops 1
> pc = [<fffffc0000468a74>] ra = [<fffffc0000335140>] ps = 0000
> v0 = 0000000000001f9e t0 = 0150000000000000 t1 = 0000000000000150
> t2 = 0000000000000000 t3 = 0000000000001f90 t4 = 0000000000000114
> t5 = 0000000000000000 t6 = fffffc000fb3c062 t7 = fffffc0008710000
> s0 = 0000000000001f9e s1 = fffffc0000793b28 s2 = fffffc00000309e0
> s3 = 0000000000000000 s4 = 0000000000000000 s5 = fffffc000029dd40
> s6 = 0000000000000000 a0 = fffffc0008713ec8 a1 = fffffc000fb3c062
> a2 = 0000000000001f9e a3 = fffffc0000335400 a4 = ffffffffffffffff
> a5 = 0000000000000007 t8 = 0000000000001f9e t9 = 00000000696e8000
> t10= 3000000000000000 t11= 000000000000000a pv = fffffc00004689e0
> at = fffffc000033542c gp = fffffc00004e3c78 sp = fffffc0008713e38
> Code:
> 2fe00000 ldq_u zero,0(v0)
> 2c470008 ldq_u t1,8(t6)
> 40811524 subq t3,8,t3
> 486706c3 extql t2,t6,t2
> 48470f41 ALU t1,t6,t0
> 44610401 or t2,t0,t0
> *b4260000 stq t0,0(t5)
> 40e11407 addq t6,8,t6
> Trace: 3354d8 335400 34238c 310e4c
>
> -

______________________________________________________________________
 Larry Sendlosky ATS
 larry@scrugs.lkg.dec.com (978) 506-6640 Compaq
----------------------------------------------------------------------

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

This archive was generated by hypermail 2b29 : Wed Jun 07 2000 - 21:00:15 EST