This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
[Bug runtime/6524] New: user_long() on "bad" address makes system unstable
- From: "mwielaard at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: systemtap at sources dot redhat dot com
- Date: 16 May 2008 12:46:38 -0000
- Subject: [Bug runtime/6524] New: user_long() on "bad" address makes system unstable
- Reply-to: sourceware-bugzilla at sourceware dot org
kernel location: /usr/lib/debug/lib/modules/2.6.24.7-92.fc8/vmlinux
kernel version: 2.6.24.7-92.fc8
systemtap location: /home/mark/src/systemtap/stap
systemtap version: version 0.7/0.131 git branch master, commit c3799d72
Found while trying to clean up syscall2.stp for utime. There is no easy way to
get at __user struct fields so I am using hand calculated offsets into the
utimbuf for now.
Take the following stap script:
# long sys_utime(char __user * filename, struct utimbuf __user * times)
probe kernel.function("sys_utime") {
actime = user_long($times + 0)
utime = user_long($times + 8)
print("utime(" . ctime(actime) . ", " . ctime(utime) . ")\n")
}
And the following little c program:
#include <sys/types.h>
#include <utime.h>
int
main (int argc, char *argv)
{
struct utimbuf buf;
buf.actime = 123456789;
buf.modtime = 987654321;
utime("/tmp/testfile", &buf);
}
$ gcc -g -o utime utime.c
$ /usr/local/systemtap/bin/stap utime.stp &
[... wait ...]
$ ./utime
utime(Thu Nov 29 21:33:09 1973, Thu Apr 19 04:25:21 2001)
So that works pretty well.
Now however I made a mistake thinking longs were 4 bytes, but this is x86_64. So
change this line:
utime = user_long($times + 8)
to:
utime = user_long($times + 4)
Horrible things happen making the machine unusable.
--
Summary: user_long() on "bad" address makes system unstable
Product: systemtap
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: runtime
AssignedTo: systemtap at sources dot redhat dot com
ReportedBy: mwielaard at redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=6524
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.