segv pri pristupu ke konkretnimu souboru

Vlada Macek tuttle na sandbox.cz
Úterý Květen 16 10:19:11 CEST 2006 

Narazil jsem na serveru (PC Intel, Debian Sarge, kernel 2.4 z baliku,
ext3, IDE disky) na zda se vaznejsi problem.

Jakykoli proces snazici se stat()nout nebo cist jeden konkretni malicky
obycejny soubor (ve kterem se nachazelo jen jedno cislo) dostane SEGV a
kernel vypise neco takoveho:

May 15 15:01:33 sandbox kernel: Unable to handle kernel paging request
at virtual address e0a8c548
May 15 15:01:33 sandbox kernel:  printing eip:
May 15 15:01:33 sandbox kernel: c014907a
May 15 15:01:33 sandbox kernel: *pde = 01617067
May 15 15:01:33 sandbox kernel: *pte = 00000000
May 15 15:01:33 sandbox kernel: Oops: 0000
May 15 15:01:33 sandbox kernel: CPU:    0
May 15 15:01:33 sandbox kernel: EIP:   
0010:[link_path_walk+1354/2224]    Tainted: P
May 15 15:01:33 sandbox kernel: EFLAGS: 00010282
May 15 15:01:33 sandbox kernel: eax: e0a8c520   ebx: d3835440   ecx:
cd310a40   edx: 00000000
May 15 15:01:33 sandbox kernel: esi: c1e60008   edi: 00000000   ebp:
d6743f84   esp: d6743ef8
May 15 15:01:33 sandbox kernel: ds: 0018   es: 0018   ss: 0018
May 15 15:01:33 sandbox kernel: Process cat (pid: 29969, stackpage=d6743000)
May 15 15:01:33 sandbox kernel: Stack: ccc78a20 d6743f10 00000001
00000001 cd310a40 d3835440 c1e60000 00000008
May 15 15:01:33 sandbox kernel:        6506b3e3 d6743f24 d6743f84
c1e60000 00000000 d6743f84 c01495a9 00008000
May 15 15:01:33 sandbox kernel:        00008001 4014c880 c0149a1e
00000009 00002190 00000001 000003e8 00000000
May 15 15:01:33 sandbox kernel: Call Trace:    [path_lookup+57/64]
[open_namei+110/1488] [filp_open+62/112] [sys_open+83/160] [tracesys+31/35]
May 15 15:01:33 sandbox kernel:
May 15 15:01:33 sandbox kernel: Code: 8b 40 28 85 c0 0f 84 fe 00 00 00
be 00 e0 ff ff 21 e6 8b 8e

Obavam se, ze je to hw problem. Jine soubory v tom adresari to nedelaji.
fsck jsem jeste nepoustel, bojim se, co by provedl. Smazat jsem to
nezkousel ze stejneho duvodu.

Nejdriv se ptam, jestli to nekdo z vas nezna. Treba se dozvim, co by
nasledovalo po rm/fsck. :-)

Zkuseni poradte, dik.

-- 

\//\/\
(Sometimes credited as 1494 F8DD 6379 4CD7 E7E3 1FC9 D750 4243 1F05 9424.)

 [ When you find a virus in mail from me, then I intended to infect you, ]
 [ since I use SW that is not distributing malware w/o my knowledge.     ]

Další informace o konferenci Linux