[Bug tapsets/19065] New: task_fd_lookup() can crash the s390x kernel when invoked with an invalid input

[Bug tapsets/19065] New: task_fd_lookup() can crash the s390x kernel when invoked with an invalid input

[mcermak at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=19065

            Bug ID: 19065
           Summary: task_fd_lookup() can crash the s390x kernel when
                    invoked with an invalid input
           Product: systemtap
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: tapsets
          Assignee: systemtap at sourceware dot org
          Reporter: mcermak at redhat dot com
                CC: dsmith at redhat dot com
  Target Milestone: ---

Following seems to panic the el[567] s390x kernel:

stap -ge 'probe oneshot{ println(task_fd_lookup(0,1)) }'

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug tapsets/19065] task_fd_lookup() can crash the s390x kernel when invoked with an invalid input

[dsmith at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=19065

David Smith <dsmith at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #1 from David Smith <dsmith at redhat dot com> ---
Fixed in commit d3be3bf (tested on s390x rhel7).

We were checking for read access to the task structure, but just because we can
safely read the task structure doesn't mean we can safely write to the task
structure. Fixed by no longer trying to lock the task structure.

-- 
You are receiving this mail because:
You are the assignee for the bug.