Re: docker crashes rcuos in __blkg_release_rcu

From: Christoph Lameter
Date: Tue Jun 10 2014 - 16:09:11 EST

Next message: Kamal Mostafa: "[PATCH 3.13 146/160] fsl-usb: do not test for PHY_CLK_VALID bit on controller version 1.6"
Previous message: Kamal Mostafa: "[PATCH 3.13 154/160] Input: elantech - fix touchpad initialization on Gigabyte U2442"
In reply to: Vivek Goyal: "Re: docker crashes rcuos in __blkg_release_rcu"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 8 Jun 2014, Joe Lawrence wrote:

>
> .tickets is offset 0 from arch_spinlock_t, so RDI should be the
> arch_spinlock_t lock:
> RDI: 6b6b6b6b6b6b6b6b

Slub has overwritten the object when it was freed with 0x6b.
So this is an access after free.

It works without debug because the object may still linger around (but
there is no guarantee that the memory has not been reused).

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Kamal Mostafa: "[PATCH 3.13 146/160] fsl-usb: do not test for PHY_CLK_VALID bit on controller version 1.6"
Previous message: Kamal Mostafa: "[PATCH 3.13 154/160] Input: elantech - fix touchpad initialization on Gigabyte U2442"
In reply to: Vivek Goyal: "Re: docker crashes rcuos in __blkg_release_rcu"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]