linux-mips
[Top] [All Lists]

Strange bad accesses in compat_exit_robust_list (2.6.26, n32 ABI).

To: <linux-mips@linux-mips.org>
Subject: Strange bad accesses in compat_exit_robust_list (2.6.26, n32 ABI).
From: "Kaz Kylheku" <KKylheku@zeugmasystems.com>
Date: Fri, 25 Sep 2009 16:06:37 -0700
Original-recipient: rfc822;linux-mips@linux-mips.org
Sender: linux-mips-bounce@linux-mips.org
Thread-index: Aco+NNVJ+M75nEnzTBCs6uWEZaSwkw==
Thread-topic: Strange bad accesses in compat_exit_robust_list (2.6.26, n32 ABI).
Hi all,

We made a strange discovery some time ago. After adding some tracing
printk's
to the compat_exit_robust_list function for all the cases where fetching
the
robust entry fails, we discovered that, from time to time, it's being
reported
for processes that don't even use threads.

[16:20:13.406162] [futex] ("iptables")(pid=2543)
compat_exit_robust_list:unable to fetch robust entry.
uaddr=000000002aad37e0
[16:20:13.587506] device eth0 entered promiscuous mode
[16:20:13.883648] device eth1 entered promiscuous mode
[16:20:15.419965] [futex] ("ifconfig")(pid=2552)
compat_exit_robust_list:unable to fetch robust entry.
uaddr=00000000301d64f0
[16:20:15.497954] [futex] ("ifconfig")(pid=2574)
compat_exit_robust_list:unable to fetch robust entry.
uaddr=00000000301d64f0
[16:20:15.547260] [futex] ("iptables")(pid=2544)
compat_exit_robust_list:unable to fetch robust entry.
uaddr=000000002aad37e0
[16:20:16.002251] eth1: link available: 100base-FD
[00:32:56.240290] [futex] ("gzip")(pid=14397)
compat_exit_robust_list:unable to fetch the next robust entry.
uaddr=0000000000000000
[00:33:06.769279] [futex] ("gzip")(pid=14413)
compat_exit_robust_list:unable to fetch the next robust entry.
uaddr=0000000000000000
[00:33:11.964047] [futex] ("bzip2")(pid=14416)
compat_exit_robust_list:unable to fetch the next robust entry.
uaddr=0000000000000000
[16:41:50.024024] [futex] ("bzip2")(pid=32595)
compat_exit_robust_list:unable to fetch the next robust entry.
uaddr=0000000000000000

Sometimes the pointer to the robust list head is bad (``unable to fetch
robust
entry'').  Sometimes that pointer works, but walking the list is bad
(``unable
to fetch the next robust entry'').

These programs shouldn't even be invoking the compat_set_robust_list
system call, and don't even link to libpthread.so.


<Prev in Thread] Current Thread [Next in Thread>