lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 02 Aug 2007 17:30:30 +0200
From:	Christian Schäfer <schaefer@...tum.de>
To:	linux-kernel@...r.kernel.org
Subject: [BUG] timer.h

Hi,

today I got the following kernel bug while wpa_supplicant tried to 
connect to my AP. Kernel is a self-compiled 2.6.22 running under Ubuntu 
Feisty.
The wireless device is a r8187 USB, the driver is patched for injection 
capability taken from www.aircrack-ng.org.
Don't know if this bug is related to the driver or to the kernel, I'm no 
expert.

Attached is the full dmesg and .config. Please CC to me, I'm not on the 
list.

------------[ cut here ]------------
kernel BUG at include/linux/timer.h:153!
invalid opcode: 0000 [#1]
PREEMPT
Modules linked in: michael_mic ieee80211_crypt_tkip_rtl 
ieee80211_crypt_ccmp_rtl r8187 ieee80211_rtl ieee80211_crypt_rtl 
speedstep_ich speedstep_lib dm_crypt dm_mod fuse firewire_sbp2 ehci_hcd 
ohci_hcd pcmcia firmware_class usbhid firewire_ohci firewire_core 
nvidia(P) yenta_socket rsrc_nonstatic pcmcia_core crc_itu_t uhci_hcd 
floppy usbcore
CPU:    0
EIP:    0060:[<f8f25cf4>]    Tainted: P       VLI
EFLAGS: 00010286   (2.6.22 #3)
EIP is at ieee80211_associate_step1_rtl7+0x257/0x28d [ieee80211_rtl]
eax: f2be5ae8   ebx: c045be90   ecx: f2be5cf8   edx: ffffffff
esi: f2be53a0   edi: f741b380   ebp: 00000202   esp: f38a9f68
ds: 007b   es: 007b   fs: 0000  gs: 0000  ss: 0068
Process Ieee80211/0 (pid: 2635, ti=f38a8000 task=f38c8570 task.ti=f38a8000)
Stack: ffffffff f2e9c210 f2be5b88 f2be53a0 f1bc11c0 f8f2600c f8f2606e 
f2be5b8c
        f2be5b88 c01276a6 001e8480 00000000 0000001d c0456198 f1bc11c8 
f1bc11c0
        c0127c55 00000000 c0127cf2 00000000 f38c8570 c012a784 f38a9fc0 
f38a9fc0
Call Trace:
  [<f8f2600c>] ieee80211_associate_procedure_wq_rtl7+0x0/0x78 
[ieee80211_rtl]
  [<f8f2606e>] ieee80211_associate_procedure_wq_rtl7+0x62/0x78 
[ieee80211_rtl]
  [<c01276a6>] run_workqueue+0x84/0x135
  [<c0127c55>] worker_thread+0x0/0xfb
  [<c0127cf2>] worker_thread+0x9d/0xfb
  [<c012a784>] autoremove_wake_function+0x0/0x37
  [<c0127c55>] worker_thread+0x0/0xfb
  [<c012a4aa>] kthread+0x33/0x54
  [<c012a477>] kthread+0x0/0x54
  [<c010490f>] kernel_thread_helper+0x7/0x18
  =======================
Code: 43 c7 e9 5b ff ff ff 66 c7 86 c4 05 00 00 00 00 e9 2b ff ff ff 89 
fa 89 f0 e8 b8 c3 ff ff eb c5 66 c7 86 c4 05 00 00 00 00 eb 9d <0f> 0b eb
fe b9 fd 5c f2 f8 ba 1e 00 00 00 89 f8 e8 13 ca 3c c7
EIP: [<f8f25cf4>] ieee80211_associate_step1_rtl7+0x257/0x28d 
[ieee80211_rtl] SS:ESP 0068:f38a9f68







View attachment "config" of type "text/plain" (39203 bytes)

View attachment "dmesg" of type "text/plain" (15443 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ