[clug] Causing a kernel oops
Damien Elmes
clug at repose.cx
Tue Sep 2 13:31:51 EST 2003
Andrew Pollock <andrew-clug at andrew.net.au> writes:
> Hi,
>
> One of my colleagues was reading a security advisory about something that
> caused a kernel oops, and asked what a kernel oops was.
>
> I seem to recall reading somewhere in the past (Bugtraq) about a test
> kernel module you could insert into a kernel that would cause an oops. I
> believe there's actually a system call or something to do it, but I don't
> know the specifics, and I can't find a reference with Google (I drown in
> bug reports no matter how I word my query).
>
> Does anyone more in the know with kernel internals than I either know how
> to bang up a module that will cause a kernel oops, or know of the module
> source I'm referring to?
>
> Just want to demonstrate an oops on my PC.
Put this in a file:
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/slab.h>
int init_module(void)
{
kfree(1);
return 0;
}
Compile with:
gcc -D__KERNEL__ -Wall -Wstrict-prototypes -O2 -DMODULE -c hello.c
Insmod, and voila -
Unable to handle kernel paging request at virtual address 0053564f
printing eip:
c013010c
*pde = 00000000
Oops: 0000
CPU: 0
EIP: 0010:[<c013010c>] Tainted: PF
EFLAGS: 00010046
eax: c100001c ebx: 00535643 ecx: 00000001 edx: 00000000
esi: 0203000c edi: 00000000 ebp: cd96ff10 esp: cd96fedc
ds: 0018 es: 0018 ss: 0018
Process insmod.modutils (pid: 8113, stackpage=cd96f000)
Stack: 00000202 00000000 c012fa65 0203000c 00000001 ffffffea d094506d 00000001
ffffffff 000010c1 ffffffea 00000000 00000000 d0945000 c0118d48 d0945060
080739b8 00000090 00000000 080739c9 00145000 00000002 00000071 00000060
Call Trace: [<c012fa65>] [<d094506d>] [<c0118d48>] [<d0945060>] [<d0945060>]
[<c010740f>]
Code: 8b 43 0c 29 c1 89 c8 f7 76 18 89 c1 8b 43 14 89 44 8b 18 8b
Since I'm in X, I need to use dmesg to dump the output.
(ob. disclaimer about if your kernel explodes, etc ;-)
Cheers,
--
Damien Elmes
More information about the linux
mailing list