Problem report #1

A null pointer dereference in the kernel, resulting in the dead of the calling program. The tcp port the calling program was listening on, was not freed.

The kernel nicely survived the NULL pointer dereference. In fact. I only noticed the 1st incident when people started to complain that NetStreamer was not working. I had to reboot because port 8888 was still considered in use.

Kernel version: 2.0.35 with the following configuration.
NetStreamer version: 0.17
CPU: Cyrix ???; ie. I'm not sure what version it is. I think it is a 166+

1st incident

All messages had the same time stamp. The prefix to all messages was:

Feb 25 13:41:58 flits102-126 kernel:

The messages themselves:

Unable to handle kernel NULL pointer dereference at virtual address c000000d
current->tss.cr3 = 02bd1000, Lr3 = 02bd1000
*pde = 00102067
*pte = 00000000
Oops: 0000
CPU:    0
EIP:    0010:[tcp_recvmsg+364/1032]
EFLAGS: 00010246
eax: 00000000   ebx: 03d619e0   ecx: 003ffc30   edx: 3fc8b20e
esi: 003ffccc   edi: 00000000   ebp: 003ffc0c   esp: 02bd3ef4
ds: 0018   es: 0018   fs: 002b   gs: 002b   ss: 0018
Process NrServer (pid: 140, process nr: 33, stackpage=02bd3000)
Stack: 003ffc0c 01d4af00 bffff544 01d4af90 00000000 0205f500 00000000 00000000 
       02bf8c0c 01d4af48 3fc8b20e 001514dd 003ffc0c 02bd3f78 00000800 00000800 
       00000000 02bd3f7c 00000800 00136ffa 01d4af90 02bd3f78 00000800 00000800 
Call Trace: [inet_recvmsg+97/112] [sock_read+170/192] [sys_read+190/228] [system_call+82/128] 
Code: 8a 40 0d a8 02 74 04 ff 4c 24 10 8b 7c 24 10 39 7b 30 0f 87

2nd incident

Again, all messages had the same time stamp. The prefix to all messages was:

Feb 28 18:55:28 flits102-126 kernel:

The messages themselves:

Unable to handle kernel NULL pointer dereference at virtual address c000000d
current->tss.cr3 = 02a27000, Lr3 = 02a27000
*pde = 00102067
*pte = 00000000
Oops: 0000
CPU:    0
EIP:    0010:[tcp_recvmsg+364/1032]
EFLAGS: 00010246
eax: 00000000   ebx: 00c781e8   ecx: 022a903c   edx: 84dde9db
esi: 022a90d8   edi: 00000000   ebp: 022a9018   esp: 02a29ef4
ds: 0018   es: 0018   fs: 002b   gs: 002b   ss: 0018
Process NrServer (pid: 137, process nr: 34, stackpage=02a29000)
Stack: 022a9018 02158a00 bffff544 02158a90 00000000 02000600 00000000 00000000 
       02a5e414 02158a48 84dde9db 001514dd 022a9018 02a29f78 00000800 00000800 
       00000000 02a29f7c 00000800 00136ffa 02158a90 02a29f78 00000800 00000800 
Call Trace: [inet_recvmsg+97/112] [sock_read+170/192] [sys_read+190/228] [system_call+82/128] 
Code: 8a 40 0d a8 02 74 04 ff 4c 24 10 8b 7c 24 10 39 7b 30 0f 87

3rd incident

Again, all messages had the same time stamp. The prefix to all messages was:

Mar  2 22:47:02 flits102-126 kernel:

Unable to handle kernel NULL pointer dereference at virtual address c000000d
current->tss.cr3 = 02bd1000, Lr3 = 02bd1000
*pde = 00102067
*pte = 00000000
Oops: 0000
CPU:    0
EIP:    0010:[tcp_recvmsg+364/1032]
EFLAGS: 00010246
eax: 00000000   ebx: 03d619e0   ecx: 003ffc30   edx: 3fc8b20e
esi: 003ffccc   edi: 00000000   ebp: 003ffc0c   esp: 02bd3ef4
ds: 0018   es: 0018   fs: 002b   gs: 002b   ss: 0018
Process NrServer (pid: 140, process nr: 33, stackpage=02bd3000)
Stack: 003ffc0c 01d4af00 bffff544 01d4af90 00000000 0205f500 00000000 00000000 
       02bf8c0c 01d4af48 3fc8b20e 001514dd 003ffc0c 02bd3f78 00000800 00000800 
       00000000 02bd3f7c 00000800 00136ffa 01d4af90 02bd3f78 00000800 00000800 
Call Trace: [inet_recvmsg+97/112] [sock_read+170/192] [sys_read+190/228] [system_call+82/128] 
Code: 8a 40 0d a8 02 74 04 ff 4c 24 10 8b 7c 24 10 39 7b 30 0f 87

Problem report #1.
Made February 28, 1999 by Erik.