Re: 1.3.20: NULL deref and /proc fall down go boom

Craig Schlenter (cschle@paradigm.co.za)
Sun, 20 Aug 1995 10:34:14 +0200 (SAT)


On Sun, 20 Aug 1995, Michael Neuffer wrote:

> On Sat, 19 Aug 1995, Mike Shaver wrote:
> > I've been running 1.3.20 for a couple of days now (I'd check how many
> > exactly, but /proc/uptime is gone =) ), and I think I found a problem.
> > [...]
> > I'd wager it's something to do with /proc, because it's missing some
> > stuff. (On the other hand, what do I know?)
>
> Yes, that's correct. It seems to be caused by some interaction between the
> new proc-tree parts and the not yet updated /proc/scsi code.
>
> I will rewrite/update the /proc/scsi stuff as soon as I have some spare time
> in the next few days.
>
> Mike

Hi

I have reproduced the problems with the proc filesystem so if anyone
wants another oops to stare at, here it is ...

netrider:/proc/scsi# cat scsi
Attached devices:
Channel: 00 Id: 00 Lun: 00
Vendor: MEDIAVIS Model: CDR-H93MV Rev: 1.41
Type: CD-ROM ANSI SCSI revision: 02
netrider:/proc/scsi# cd seagate/
Oops: 0000
EIP: 0010:00149f3b
EFLAGS: 00010246
eax: 00000000 ebx: 001d7274 ecx: 00000000 edx: 00000000
esi: 00000001 edi: 0008a210 ebp: 00000001 esp: 013bff50
ds: 0018 es: 0018 fs: 002b gs: 002b ss: 0018
Process bash (pid: 55, process nr: 2, stackpage=013bf000)
Stack: 0008a210 00053c00 00000005 bffffc04 00149ff7 00094c40 0008a210 013bffb0
001293e0 0008a210 00053c00 00000005 bffffc04 00053000 00000001 0008a210
00053c00 001294d7 00094c40 0008a210 013bffb0 001293e0 013b3000 00052060
Call Trace: 00149ff7 001293e0 001294d7 001293e0 0010a579
Code: 0f b7 12 52 56 6a 02 68 ba 9e 14 00 ff 74 24 2c 8b 4c 24 34

After logging in again and saving the relevant stuff from /var/adm/messages
to /tmp/oops ...

netrider:/tmp# cat oops | ksymoops /usr/src/linux/System.map
Using `/usr/src/linux/System.map' to map addresses to symbols.

>>EIP: 149f3b <_proc_readdir+7b/10c>
Trace: 149ff7 <_proc_root_readdir+2b/100>
Trace: 1293e0 <_fillonedir>
Trace: 1294d7 <_old_readdir+7f/98>
Trace: 1293e0 <_fillonedir>
Trace: 10a579 <_system_call+59/a0>

Code: 149f3b <_proc_readdir+7b/10c> movzwl (%edx),%edx
Code: 149f3e <_proc_readdir+7e/10c> pushl %edx
Code: 149f3f <_proc_readdir+7f/10c> pushl %esi
Code: 149f40 <_proc_readdir+80/10c> pushl $0x2
Code: 149f42 <_proc_readdir+82/10c> pushl $0x149eba
Code: 149f47 <_proc_readdir+87/10c> pushl 0x2c(%esp,1)
Code: 149f4b <_proc_readdir+8b/10c> movl 0x34(%esp,1),%ecx
netrider:/tmp#

Hope this is of use to someone ... other info available on request. Also
does anyone else think it might be a good plan to include a pointer to
the location of ksymoops in the kernel README since it seems to do a
pretty good job ?

--Craig Schlenter (cschle@paradigm.co.za)