lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <81b0412b0805181323i5348b7fandaee5c3db001fa37@mail.gmail.com>
Date:	Sun, 18 May 2008 22:23:14 +0200
From:	"Alex Riesen" <raa.lkml@...il.com>
To:	"Linux Kernel Mailing List" <linux-kernel@...r.kernel.org>,
	ipw3945-devel@...ts.sourceforge.net
Subject: ieee80211: unable to handle kernel NULL pointer dereference

My laptop (Dell XPS m1330, Core 2 Duo, 64bit, IWL3945) failed to
associate today (the AP was *very* busy with a big long transfer).
After looking in the logs I found this (full dmesg and the relevant part
of syslog attached):

May 18 18:59:24 blimp kernel: wlan0: RX deauthentication from
00:16:b6:ed:e7:98 (reason=7)
May 18 18:59:24 blimp kernel: wlan0: deauthenticated
May 18 18:59:24 blimp kernel: wlan0: RX deauthentication from
00:16:b6:ed:e7:98 (reason=7)
May 18 18:59:24 blimp last message repeated 34 times
May 18 18:59:24 blimp kernel: wlan0: authenticate with AP 00:16:b6:ed:e7:98
May 18 18:59:24 blimp kernel: wlan0: RX authentication from
00:16:b6:ed:e7:98 (alg=0 transaction=2 status=0)
May 18 18:59:24 blimp kernel: wlan0: authenticated
May 18 18:59:24 blimp kernel: wlan0: associate with AP 00:16:b6:ed:e7:98
May 18 18:59:24 blimp kernel: BUG: unable to handle kernel NULL
pointer dereference at 00000000000000c0
May 18 18:59:24 blimp kernel: IP: [ieee80211_associate+0x2a0/0x536]
ieee80211_associate+0x2a0/0x536
May 18 18:59:24 blimp kernel: PGD 0
May 18 18:59:24 blimp kernel: Oops: 0000 [1] PREEMPT SMP
May 18 18:59:24 blimp kernel: CPU 0
May 18 18:59:24 blimp kernel: Modules linked in: af_packet binfmt_misc
cpufreq_stats cpufreq_powersave cpufreq_conservative cpufreq_userspace
sbs sbshc iptable_filter ip_tables x_tables aes_x86_64 dm_crypt dm_mod
sbp2 fuse snd_hda_intel snd_pcm_oss snd_mixer_oss snd_pcm
snd_page_alloc snd_hwdep snd_seq_dummy snd_seq_oss snd_seq_midi
snd_rawmidi snd_seq_midi_event uvcvideo snd_seq snd_timer
snd_seq_device compat_ioctl32 sdhci videodev ohci1394 ieee1394
mmc_core snd v4l1_compat ricoh_mmc serio_raw iTCO_wdt sg shpchp
pci_hotplug ata_generic iTCO_vendor_support soundcore evdev dcdbas
May 18 18:59:24 blimp kernel: Pid: 398, comm: iwl3945 Not tainted
2.6.26-rc2-t #17
May 18 18:59:24 blimp kernel: RIP:
0010:[ieee80211_associate+0x2a0/0x536]
[ieee80211_associate+0x2a0/0x536] ieee80211_associate+0x2a0/0x536
May 18 18:59:24 blimp kernel: RSP: 0018:ffff81007f261b20  EFLAGS: 00010246
May 18 18:59:24 blimp kernel: RAX: 0000000000000000 RBX:
ffff810077130010 RCX: 0000000000000000
May 18 18:59:24 blimp kernel: RDX: ffff81007f0d6000 RSI:
0000000000000000 RDI: ffff81007713002e
May 18 18:59:24 blimp kernel: RBP: ffff81007f261ba0 R08:
ffffffff8066fcc0 R09: ffff810053c97f00
May 18 18:59:24 blimp kernel: R10: 0000000000000010 R11:
ffff81007f261aa0 R12: 0000000000000000
May 18 18:59:24 blimp kernel: R13: ffff81007f0d6850 R14:
ffff810053c97f00 R15: ffff81007713002c
May 18 18:59:24 blimp kernel: FS:  0000000000000000(0000)
GS:ffffffff80665000(0000) knlGS:0000000000000000
May 18 18:59:24 blimp kernel: CS:  0010 DS: 0018 ES: 0018 CR0: 000000008005003b
May 18 18:59:24 blimp kernel: CR2: 00000000000000c0 CR3:
0000000000201000 CR4: 00000000000006e0
May 18 18:59:24 blimp kernel: DR0: 0000000000000000 DR1:
0000000000000000 DR2: 0000000000000000
May 18 18:59:24 blimp kernel: DR3: 0000000000000000 DR6:
00000000ffff0ff0 DR7: 0000000000000400
May 18 18:59:24 blimp kernel: Process iwl3945 (pid: 398, threadinfo
ffff81007f260000, task ffff81007f239e00)
May 18 18:59:24 blimp kernel: Stack:  ffff81007f0d6000
0000000000000000 0000000000000002 ffff81007f0d68cc
May 18 18:59:24 blimp kernel:  ffff81007e402598 0000000000000000
36623a36313a3030 393a37653a64653a
May 18 18:59:24 blimp kernel:  ffff81007f260038 ffffffff80432e80
000000067f261c60 ffff81007f0d6850
May 18 18:59:24 blimp kernel: Call Trace:
May 18 18:59:24 blimp kernel:  [_format_mac_addr+0x4d/0x8e] ?
_format_mac_addr+0x4d/0x8e
May 18 18:59:24 blimp kernel:  [ieee80211_auth_completed+0x30/0x35]
ieee80211_auth_completed+0x30/0x35
May 18 18:59:24 blimp kernel:
[ieee80211_sta_rx_queued_mgmt+0x5a2/0xf5f]
ieee80211_sta_rx_queued_mgmt+0x5a2/0xf5f
May 18 18:59:24 blimp kernel:  [dev_hard_start_xmit+0x1d5/0x25d] ?
dev_hard_start_xmit+0x1d5/0x25d
May 18 18:59:24 blimp kernel:  [dm_mod:_spin_lock+0x16/0x108] ?
_spin_lock+0x16/0x2e
May 18 18:59:24 blimp kernel:  [local_bh_disable+0xe/0x10] ?
local_bh_disable+0xe/0x10
May 18 18:59:24 blimp kernel:  [local_bh_enable_ip+0x40/0x59] ?
local_bh_enable_ip+0x40/0x59
May 18 18:59:24 blimp kernel:  [snd_pcm:getnstimeofday+0x3a/0x8f72] ?
getnstimeofday+0x3a/0x88
May 18 18:59:24 blimp kernel:  [snd_pcm:ktime_get_ts+0x49/0x3fc] ?
ktime_get_ts+0x49/0x4e
May 18 18:59:24 blimp kernel:  [snd_pcm:getnstimeofday+0x3a/0x8f72] ?
getnstimeofday+0x3a/0x88
May 18 18:59:24 blimp kernel:
[snd_hda_intel:_spin_unlock_irqrestore+0x12/0x2b] ?
_spin_unlock_irqrestore+0x12/0x2b
May 18 18:59:24 blimp kernel:  [ieee80211_sta_work+0xc1/0x750]
ieee80211_sta_work+0xc1/0x750
May 18 18:59:24 blimp kernel:
[snd_hda_intel:_spin_lock_irqsave+0x18/0x34] ?
_spin_lock_irqsave+0x18/0x34
May 18 18:59:24 blimp kernel:  [hrtick_set+0xde/0xe7] ? hrtick_set+0xde/0xe7
May 18 18:59:24 blimp kernel:  [thread_return+0x9e/0xc6] ?
thread_return+0x9e/0xc6
May 18 18:59:24 blimp kernel:  [ieee80211_sta_work+0x0/0x750] ?
ieee80211_sta_work+0x0/0x750
May 18 18:59:24 blimp kernel:  [run_workqueue+0x94/0x13e]
run_workqueue+0x94/0x13e
May 18 18:59:24 blimp kernel:  [worker_thread+0xe2/0xf3] worker_thread+0xe2/0xf3
May 18 18:59:24 blimp kernel:  [<ffffffff8024411e>] ?
autoremove_wake_function+0x0/0x38
May 18 18:59:24 blimp kernel:  [worker_thread+0x0/0xf3] ? worker_thread+0x0/0xf3
May 18 18:59:24 blimp kernel:  [kthread+0x49/0x77] kthread+0x49/0x77
May 18 18:59:24 blimp kernel:  [child_rip+0xa/0x12] child_rip+0xa/0x12
May 18 18:59:24 blimp kernel:  [kthread+0x0/0x77] ? kthread+0x0/0x77
May 18 18:59:24 blimp kernel:  [child_rip+0x0/0x12] ? child_rip+0x0/0x12
May 18 18:59:24 blimp kernel:
May 18 18:59:24 blimp kernel:
May 18 18:59:24 blimp kernel: Code: f6 ff c6 00 00 49 89 c7 49 8b 85
a0 00 00 00 49 8d 7f 02 fc 41 88 47 01 49 8b 8d a0 00 00 00 48 8b 75
98 f3 a4 31 f6 48 8b 4d a8 <4c> 8b 89 c0 00 00 00 48 c7 45 88 00 00 00
00 eb 50 48 8b 5d a8
May 18 18:59:24 blimp kernel: RIP  [ieee80211_associate+0x2a0/0x536]
ieee80211_associate+0x2a0/0x536
May 18 18:59:24 blimp kernel:  RSP <ffff81007f261b20>
May 18 18:59:24 blimp kernel: CR2: 00000000000000c0
May 18 18:59:24 blimp kernel: ---[ end trace 0fbf8adf45e059dd ]---

Download attachment "syslog" of type "application/octet-stream" (22710 bytes)

Download attachment "wlan-timeout" of type "application/octet-stream" (31602 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ