This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
[Bug runtime/17862] Kernel crash on module insertion: kernel tried to execute NX-protected page - exploit attempt
- From: "jistone at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: systemtap at sourceware dot org
- Date: Wed, 21 Jan 2015 18:04:48 +0000
- Subject: [Bug runtime/17862] Kernel crash on module insertion: kernel tried to execute NX-protected page - exploit attempt
- Auto-submitted: auto-generated
- References: <bug-17862-6586 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=17862
Josh Stone <jistone at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jistone at redhat dot com
--- Comment #5 from Josh Stone <jistone at redhat dot com> ---
My first guess is that this is the XOL page, execute-out-of-line for the
instruction replaced by a breakpoint. If the kernel uprobes didn't set the
permissions on that page properly, it would obviously fail.
Or even if the XOL page is correct, it could be that uprobes wrongly tried to
step through some branching instruction, jmp/call/ret, sending the RIP off into
the weeds.
Can you try to reproduce the same probes with perf? Something like:
perf probe -x /usr/sbin/ntpd receive
perf probe -x /usr/sbin/ntpd receive%return
perf probe -x /usr/sbin/ntpd configure
[etc.]
perf trace -e 'probe_ntpd:*'
--
You are receiving this mail because:
You are the assignee for the bug.